last executing test programs:

6m1.573670494s ago: executing program 3 (id=135):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc7152a74922abe14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18)
add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="0100000002fe00000000006bb57ae0fffc5a2a630b00c145", 0x18, 0xffffffffffffffff)

6m1.468727606s ago: executing program 3 (id=137):
ioprio_set$uid(0x3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000040)=""/46, 0x2e}], 0x1, 0x0, 0x0)

6m1.256172129s ago: executing program 3 (id=138):
r0 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="09000000030000000800000004"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000000000000000000fcffff0318110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f00000005c0)='\x00H\xeb', 0x0, r2)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='syzkaller\x00', &(0x7f0000001140)='\xf1\x95\xb3>-\x8c\xd4\r\x01\xfa\xe2{eED\x0e\xaaPV\x11\xff\xb6j\xd4~6\x82^\x9b b', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='\xa3\xc5\a', &(0x7f00000003c0)="b8", 0x1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000c"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="180000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0xfffffffffffff001}, 0x18)
close(r0)

6m1.113719831s ago: executing program 3 (id=139):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, r1, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x6, 0x2}}}}]}, 0x44}}, 0x800)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001540)=@newtfilter={0x70, 0x28, 0xd27, 0x1004001, 0x25dfdc00, {0x0, 0x0, 0x0, r1, {0xd, 0x9}, {}, {0x2, 0xb}}, [@TCA_RATE={0x6, 0x5, {0x12, 0x3}}, @filter_kind_options=@f_cgroup={{0xb}, {0x38, 0x2, [@TCA_CGROUP_ACT={0x34, 0x1, [@m_sample={0x30, 0x15, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x810}, 0x404c0c0)

6m1.074864242s ago: executing program 3 (id=140):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f00000000c0)={[{@grpid}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@quota}, {@grpjquota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="2c00000019000109000000000000000002200000fe00fe0300000000080005"], 0x2c}, 0x1, 0x0, 0x0, 0x2004000}, 0x40)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x4, 0x8001, 0x0, 0x5, 0x10, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4117639c2eb4b78c66ee677df701905b9aafab4afaaf755a3f6a004", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300c6d6ae9ef30bea2a00400000000000001000000000000000000400", [0x5, 0x2]})
write$hidraw(r0, &(0x7f00000002c0)="85", 0x1)

6m0.42502119s ago: executing program 3 (id=146):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000280)={[{@jqfmt_vfsv1}, {}, {@quota}, {@noauto_da_alloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x5}}, {@orlov}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs2/custom0\x00', 0x0, 0x0)
ioctl$BINDER_THREAD_EXIT(r3, 0x40046208, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x6}, 0x18)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
fallocate(r5, 0x20, 0x0, 0x8000)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6, 0x0, 0x8000000000}, 0x18)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
sendmsg$NFT_BATCH(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB="14000000100001000000001e000000000000000a68000000060a0b040000000000000000020000003c00048014000180090001006c6173740000000004000280240001800a0001807265646972000000140002800800034000000028080001400000001d0900010073797a30000000000900020073797a32"], 0x90}}, 0x4000)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
r9 = getpid()
r10 = socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000580)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
write$binfmt_misc(r11, &(0x7f0000000000), 0xfffffecc)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000200)={'tunl0\x00', &(0x7f0000000680)={'tunl0\x00', <r12=>0x0, 0x8000, 0x8000, 0x9, 0xd, {{0x36, 0x4, 0x1, 0x0, 0xd8, 0x68, 0x0, 0xd8, 0x29, 0x0, @rand_addr=0x64010102, @loopback, {[@timestamp_prespec={0x44, 0x44, 0x15, 0x3, 0x6, [{@multicast2, 0x8}, {@private=0xa010102, 0x9}, {@empty, 0x91}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, {@broadcast, 0x1}, {@multicast2, 0xffffffff}, {@dev={0xac, 0x14, 0x14, 0x20}, 0x4}, {@local, 0x3}]}, @cipso={0x86, 0xf, 0x2, [{0x2, 0x9, "5c9d0744f2ec72"}]}, @timestamp_addr={0x44, 0x24, 0xe8, 0x1, 0xd, [{@multicast1, 0x6}, {@loopback, 0x3}, {@broadcast, 0xba9e}, {@multicast2, 0xfff}]}, @lsrr={0x83, 0x7, 0x4e, [@empty]}, @noop, @ssrr={0x89, 0xf, 0x6c, [@private=0xa010101, @multicast1, @multicast1]}, @ra={0x94, 0x4}, @rr={0x7, 0xb, 0xb2, [@private=0xa010100, @rand_addr=0x64010100]}, @lsrr={0x83, 0x27, 0xd1, [@multicast1, @rand_addr=0x64010102, @rand_addr=0x64010102, @broadcast, @local, @empty, @loopback, @multicast2, @loopback]}]}}}}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x11, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@alu={0x7, 0x1, 0xd, 0xb, 0x3, 0x0, 0xffffffffffffffff}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x1}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r11}}]}, &(0x7f00000001c0)='syzkaller\x00', 0x10001, 0xb1, &(0x7f00000004c0)=""/177, 0x41000, 0x10, '\x00', r12, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000400)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x25a, 0x6}, 0x10, 0x0, 0x0, 0x1, &(0x7f00000005c0)=[r2, r2, r1, r2, r1, r5, r5, r5], &(0x7f0000000600)=[{0x4, 0x1, 0xd, 0x9}], 0x10, 0x8, @void, @value}, 0x94)
r13 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r0)
sendmsg$DEVLINK_CMD_RELOAD(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r13, 0x1, 0x70bd26, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r9}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)

5m45.39420676s ago: executing program 32 (id=146):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000280)={[{@jqfmt_vfsv1}, {}, {@quota}, {@noauto_da_alloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x5}}, {@orlov}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs2/custom0\x00', 0x0, 0x0)
ioctl$BINDER_THREAD_EXIT(r3, 0x40046208, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x6}, 0x18)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
fallocate(r5, 0x20, 0x0, 0x8000)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6, 0x0, 0x8000000000}, 0x18)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
sendmsg$NFT_BATCH(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB="14000000100001000000001e000000000000000a68000000060a0b040000000000000000020000003c00048014000180090001006c6173740000000004000280240001800a0001807265646972000000140002800800034000000028080001400000001d0900010073797a30000000000900020073797a32"], 0x90}}, 0x4000)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
r9 = getpid()
r10 = socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000580)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
write$binfmt_misc(r11, &(0x7f0000000000), 0xfffffecc)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000200)={'tunl0\x00', &(0x7f0000000680)={'tunl0\x00', <r12=>0x0, 0x8000, 0x8000, 0x9, 0xd, {{0x36, 0x4, 0x1, 0x0, 0xd8, 0x68, 0x0, 0xd8, 0x29, 0x0, @rand_addr=0x64010102, @loopback, {[@timestamp_prespec={0x44, 0x44, 0x15, 0x3, 0x6, [{@multicast2, 0x8}, {@private=0xa010102, 0x9}, {@empty, 0x91}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, {@broadcast, 0x1}, {@multicast2, 0xffffffff}, {@dev={0xac, 0x14, 0x14, 0x20}, 0x4}, {@local, 0x3}]}, @cipso={0x86, 0xf, 0x2, [{0x2, 0x9, "5c9d0744f2ec72"}]}, @timestamp_addr={0x44, 0x24, 0xe8, 0x1, 0xd, [{@multicast1, 0x6}, {@loopback, 0x3}, {@broadcast, 0xba9e}, {@multicast2, 0xfff}]}, @lsrr={0x83, 0x7, 0x4e, [@empty]}, @noop, @ssrr={0x89, 0xf, 0x6c, [@private=0xa010101, @multicast1, @multicast1]}, @ra={0x94, 0x4}, @rr={0x7, 0xb, 0xb2, [@private=0xa010100, @rand_addr=0x64010100]}, @lsrr={0x83, 0x27, 0xd1, [@multicast1, @rand_addr=0x64010102, @rand_addr=0x64010102, @broadcast, @local, @empty, @loopback, @multicast2, @loopback]}]}}}}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x11, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@alu={0x7, 0x1, 0xd, 0xb, 0x3, 0x0, 0xffffffffffffffff}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x1}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r11}}]}, &(0x7f00000001c0)='syzkaller\x00', 0x10001, 0xb1, &(0x7f00000004c0)=""/177, 0x41000, 0x10, '\x00', r12, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000400)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x25a, 0x6}, 0x10, 0x0, 0x0, 0x1, &(0x7f00000005c0)=[r2, r2, r1, r2, r1, r5, r5, r5], &(0x7f0000000600)=[{0x4, 0x1, 0xd, 0x9}], 0x10, 0x8, @void, @value}, 0x94)
r13 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r0)
sendmsg$DEVLINK_CMD_RELOAD(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r13, 0x1, 0x70bd26, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r9}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)

1.768967905s ago: executing program 1 (id=5823):
creat(&(0x7f0000000100)='./file0\x00', 0x158)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x8200, &(0x7f0000000000)=ANY=[@ANYBLOB='mpol=bind:N-'])

1.762986015s ago: executing program 1 (id=5825):
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140), 0x3200841, &(0x7f0000000c80)=ANY=[@ANYBLOB="6e725f626c6f636b733d742cf113ca417654e31de9bff58a0077d41be55f208478671570c7bfa4cae0a01324c58916344f88c1f1897eef558ce37727451cb86e4386df4ea5fd89ca883f593bcefc18693090973f7920a93eb318df082fad8cc2d693bb52891c1904bcfba1403104c32993d16ab02fddccef84a4c143f1225f10bd7db6e2554d61f642acad1f507be8"])
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_config_ext={0x100000000}, 0x2, 0xffffffff, 0x2, 0x9, 0x4, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x9)
capset(&(0x7f0000000000)={0x20071026, 0xffffffffffffffff}, &(0x7f0000000280)={0x0, 0x0, 0x400, 0x7e, 0xffffffff})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b000000050010000e0f2ae9a79fe9", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x8, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000fd0000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket(0x400000000010, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00\f\x00'], 0x48)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200)=0xffffffffffffffff, 0x4)
setsockopt$MRT6_FLUSH(r1, 0x29, 0xd4, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x103843, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000700), 0x0, 0xff}, 0x38)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000001c0)=@filter={'filter\x00', 0x42, 0x4, 0x278, 0xffffffff, 0xf8, 0xf8, 0x1b8, 0xffffffff, 0xffffffff, 0x2d8, 0x2d8, 0x2d8, 0xffffffff, 0x4, 0x0, {[{{@ip={@empty, @loopback, 0x0, 0x0, 'veth0_to_batadv\x00', 'wlan0\x00', {}, {}, 0x11}, 0x0, 0x70, 0x98, 0x0, {0x100000000000000}}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x8}}}, {{@ip={@multicast2, @private=0xa010102, 0x0, 0x0, 'veth1_virt_wifi\x00', '\x00', {}, {}, 0x0, 0x1}, 0x0, 0x70, 0xb0}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2d8)
flock(r2, 0x5)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x13, 0x8, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x85}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000440)='GPL\x00', 0x5, 0xc2, &(0x7f0000000480)=""/194, 0x41100, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000000600)={0x0, 0xe, 0xc, 0x800}, 0x10, 0x0, 0xffffffffffffffff, 0x6, &(0x7f0000000b80)=[r2], &(0x7f0000000f00)=[{0x0, 0x1, 0xb, 0x9}, {0x2, 0x4, 0xf, 0x7}, {0x3, 0x4, 0xc, 0x5}, {0x5, 0x2, 0x7, 0x7}, {0x0, 0x2, 0xa}, {0x5, 0x1, 0x10, 0x7}], 0x10, 0x7, @void, @value}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000380)='sys_enter\x00', r3}, 0x18)
ioperm(0x0, 0x2, 0x2)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TIOCL_BLANKSCREEN(r4, 0x4b67, &(0x7f0000000180))
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000340)="d8000000240081064e81f782db44b9040a0208000300000000000100f1ffffff020014260360160cac08da30399d11540e120800280024000000a80009001100014003000000036010fab94dcf5c0461c1ff7f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bba", 0x6c}], 0x1}, 0x4004000)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ///+864GIw8IlpAdcIJ0Yrq6u+//pzLASAS5d6/5/vwN5nCzASCn2NQIQGGX/9/3/c6XpQyUEAAAM3HRrSgql7Ou96SgUSqWIm62fBSgmaxvVynxEPBERv50pXmvWF1pbJn2MEQAAAAAAAAAAAAAAAAAAAAAAAAAAovVU7iRSAAAAYKRFFP6U/LL9LP+5meenu78fmEj+1fpJ4ImIeOuHb3z/7nKjsbvQXP63o+WNH2TLXxzGNxgAAABAt851emv+z2FnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCoee/B2yudqY+XTw0q7l++EBGzefHHY7I1n4xiRFz/exLjJ7ZLImJsAPEP70XER/PiJ820jkLmxR/Em3BO/JjN3oW8+DcGEB+usvvN489ref2vEM+25vn9bzzif+ofVO/jXxwd/8Z69P+bfcZ46p2flXvGvxfx1Hj+8acTP+kR/7k+43/9awcHvdalP4qY63z+tI54JyMcl8qNrZ1yff/g9sbW8nplvbK9uLjw8tIrSy8tzZfXNqqV7N/cGN95+ufvn9X+67mff0mWTe/2P5+zv7zPpP+8c/fBhzuVw9Pxbz2XE/9XP85ecTp+IYvzqazcXD/XKR+2yyc989PfPHNW+1eP2198mP//W7122u1UR3m63z8dAOAC1PcPNper1cruyBaaV+mPQBoKj2DhWwPdYZqmabNP5ay6HxH97CeJAbe0kJ/PcaHnEWDYRyYAAGDQjk/6h50JAAAAAAAAAAAAAAAAAAAAXF2X8ZS17pjHj0BOBvEIbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfhvAAAA//89e9P5")

1.706321076s ago: executing program 1 (id=5826):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1\x00', 0x200080, &(0x7f0000000040)={[{@errors_remount}, {@dax_always}, {@nogrpid}]}, 0x3, 0x574, &(0x7f0000000380)="$eJzs3c9vG1kdAPDvTH7Y/bGbFvYAq4WWnwVVdRp3d7Xay7YXEFqthFhxQBy6IXGjULsutbNsQqXN/g0ggeAEfwIHJA5Ie+LAjSMSB4S0HJAKVKAGAZLRjCeJ0zhap3bsbfL5SNN5M2/efN+TO37PY2deACfWxYjYjIjZiHgrIuaK/UmxxPXukh336OH9pa2H95eS6HTe/HuS52f7oqdM5kxxznJEfOOrEd9J9sdtrW/cXqzXa/eK7fl24+58a33jympjcaW2UrtTrb688PLVV669VB1ZWy80fvngK6uvf/M3v/7UB7/f/PIPsmqdLfJ62zFK3abP7MTJTEfE60cRbAKmivXsvpwX+he4frT14XDSiPhYRHw2v/7nYir/3wkAHGedzk+jM9e7DQAcd9nn/7PlJK1ERJoWg4BK9x7ec3E6rTdb7cu3mmt3lrv3ys7FTHprtV67er70x+/lB88k2fZCnpfn59vVx7avRcT5iPhR6VS+XVlq1pcnM+QBgBPvTP4dWNH/R8S/SmlaqQxUtM+3egDAU6M8gZIAwGT19uKlCdYDABgfn+IB4OQZoP8vvuzfPPK6AADj4fM/AJw8+n8AOHkO2//7jSAAPNW+/sYb2dLZKp5/vfz2+tpM8+0ry7XW7Upjbamy1Lx3t7LSbK7kz+xp7Cl8qiddjAnqzebdhRdj7Z35dq3Vnm+tb9xsNNfutG/mz/W+WZsZa+sAgH7OX3j/D0lEbL56Kl+iZy4HfTUcb+mkKwBMzNRusnbmsIUNEOCpdojZvt7dTf7nSOoCjNdAXXg+SPjdkdcFmIy+D/Mu903u9ZNDBPE7Y/hIufTJwe//75/jGXiauf8PJ9fUE5V6beT1AMbvEPf/gWOm00ken/N/dicLADiWhvgJX+fdUQ1CgIn6sMm8D//9v+nBAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOP7ORsR3I0kr+VzgafZvWqlEPBMR52ImubVar12NiGfjQkTMlLLthUlXGgAYUvrXpJit69Jcevbx3Nnk36V8HRHf/9mbP35nsd2+t5Dt/8fO/tL2ZF/V3XJDzCsIAAymUxrwwLz/rhbrng/yjx7eX9pejqqS/Ty4Ef8rpiJe2np4P1+6OdOR7Ywo52OJ0/9MYrooU46I5yNiagTxN9+LiE/0a3+S3xs5V8x82hs/itjPjDV+uid+mud119ng6+MjqAucNO/fiIjr/a6/NC7m6/7Xfzl/hxregxvdk22/9231xJ8uIk3tjX8qimv+4qAxXvzt1/bt7Mx1896LeH66X/xkJ37Sp/3Zvs8PGP9PL3z6h68dkNf5ecSl6B+/N9Z8u3F3vrW+cWW1sbhSWylHtZp1C69ce6k6n9+jnt++U73f3169/OxBdcvaf/qA+OW+7Z/dKfuFAdv/i/++9e3P7G6WHo//pc/1f/2f6xu/K2v8F/eG6RwUf/H0rw6cvjuLv3xA+z/s9b88SOMj4oO/bCwPeCgAMAat9Y3bi/V67d5QiTS2OqM4z75EVsXBDt4eLg4X9M9xFK14wsTM0M2ZVGJ6Z6w42jN/KzvjmJuTjrwVQyUejSvW5N6TgPHYvegnXRMAAAAAAAAAAAAAAOAg4/jTpUm3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOPr/wEAAP//XwvR0A==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020660b, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x47fb, 0x2e8a, 0x6, 0x0, 0x0)
readv(r1, &(0x7f0000000840)=[{&(0x7f0000000080)=""/41, 0x29}], 0x1)

1.131208814s ago: executing program 4 (id=5833):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r0 = io_uring_setup(0x1d48, &(0x7f0000000340)={0x0, 0x0, 0x1000, 0x2, 0x3bd})
r1 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r1, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r1, 0x4)
recvmmsg(r1, 0x0, 0x0, 0x40000100, 0x0)
close_range(r0, r1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r3, 0x0, 0x2}, 0x18)

1.110117974s ago: executing program 4 (id=5834):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="400000000001010400000000000000000a000000240002801400018008"], 0x40}}, 0x0) (fail_nth: 1)

1.093243894s ago: executing program 2 (id=5835):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)

887.768807ms ago: executing program 2 (id=5836):
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140), 0x3200841, &(0x7f0000000c80)=ANY=[@ANYBLOB="6e725f626c6f636b733d742cf113ca417654e31de9bff58a0077d41be55f208478671570c7bfa4cae0a01324c58916344f88c1f1897eef558ce37727451cb86e4386df4ea5fd89ca883f593bcefc18693090973f7920a93eb318df082fad8cc2d693bb52891c1904bcfba1403104c32993d16ab02fddccef84a4c143f1225f10bd7db6e2554d61f642acad1f507be8"])
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_config_ext={0x100000000}, 0x2, 0xffffffff, 0x2, 0x9, 0x4, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x9)
capset(&(0x7f0000000000)={0x20071026, 0xffffffffffffffff}, &(0x7f0000000280)={0x0, 0x0, 0x400, 0x7e, 0xffffffff})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b000000050010000e0f2ae9a79fe9", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x8, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000fd0000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket(0x400000000010, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00\f\x00'], 0x48)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200)=0xffffffffffffffff, 0x4)
setsockopt$MRT6_FLUSH(r1, 0x29, 0xd4, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x103843, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000700), 0x0, 0xff}, 0x38)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000001c0)=@filter={'filter\x00', 0x42, 0x4, 0x278, 0xffffffff, 0xf8, 0xf8, 0x1b8, 0xffffffff, 0xffffffff, 0x2d8, 0x2d8, 0x2d8, 0xffffffff, 0x4, 0x0, {[{{@ip={@empty, @loopback, 0x0, 0x0, 'veth0_to_batadv\x00', 'wlan0\x00', {}, {}, 0x11}, 0x0, 0x70, 0x98, 0x0, {0x100000000000000}}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x8}}}, {{@ip={@multicast2, @private=0xa010102, 0x0, 0x0, 'veth1_virt_wifi\x00', '\x00', {}, {}, 0x0, 0x1}, 0x0, 0x70, 0xb0}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2d8)
flock(r2, 0x5)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x13, 0x8, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x85}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000440)='GPL\x00', 0x5, 0xc2, &(0x7f0000000480)=""/194, 0x41100, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000000600)={0x0, 0xe, 0xc, 0x800}, 0x10, 0x0, 0xffffffffffffffff, 0x6, &(0x7f0000000b80)=[r2], &(0x7f0000000f00)=[{0x0, 0x1, 0xb, 0x9}, {0x2, 0x4, 0xf, 0x7}, {0x3, 0x4, 0xc, 0x5}, {0x5, 0x2, 0x7, 0x7}, {0x0, 0x2, 0xa}, {0x5, 0x1, 0x10, 0x7}], 0x10, 0x7, @void, @value}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000380)='sys_enter\x00', r3}, 0x18)
ioperm(0x0, 0x2, 0x2)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TIOCL_BLANKSCREEN(r4, 0x4b67, &(0x7f0000000180))
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000340)="d8000000240081064e81f782db44b9040a0208000300000000000100f1ffffff020014260360160cac08da30399d11540e120800280024000000a80009001100014003000000036010fab94dcf5c0461c1ff7f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca", 0xa2}], 0x1}, 0x4004000)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ///+864GIw8IlpAdcIJ0Yrq6u+//pzLASAS5d6/5/vwN5nCzASCn2NQIQGGX/9/3/c6XpQyUEAAAM3HRrSgql7Ou96SgUSqWIm62fBSgmaxvVynxEPBERv50pXmvWF1pbJn2MEQAAAAAAAAAAAAAAAAAAAAAAAAAAovVU7iRSAAAAYKRFFP6U/LL9LP+5meenu78fmEj+1fpJ4ImIeOuHb3z/7nKjsbvQXP63o+WNH2TLXxzGNxgAAABAt851emv+z2FnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCoee/B2yudqY+XTw0q7l++EBGzefHHY7I1n4xiRFz/exLjJ7ZLImJsAPEP70XER/PiJ820jkLmxR/Em3BO/JjN3oW8+DcGEB+usvvN489ref2vEM+25vn9bzzif+ofVO/jXxwd/8Z69P+bfcZ46p2flXvGvxfx1Hj+8acTP+kR/7k+43/9awcHvdalP4qY63z+tI54JyMcl8qNrZ1yff/g9sbW8nplvbK9uLjw8tIrSy8tzZfXNqqV7N/cGN95+ufvn9X+67mff0mWTe/2P5+zv7zPpP+8c/fBhzuVw9Pxbz2XE/9XP85ecTp+IYvzqazcXD/XKR+2yyc989PfPHNW+1eP2198mP//W7122u1UR3m63z8dAOAC1PcPNper1cruyBaaV+mPQBoKj2DhWwPdYZqmabNP5ay6HxH97CeJAbe0kJ/PcaHnEWDYRyYAAGDQjk/6h50JAAAAAAAAAAAAAAAAAAAAXF2X8ZS17pjHj0BOBvEIbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfhvAAAA//89e9P5")

887.544887ms ago: executing program 4 (id=5837):
creat(&(0x7f0000000100)='./file0\x00', 0x158)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x8200, &(0x7f0000000000)=ANY=[@ANYBLOB='mpol=bind:N-'])

852.873937ms ago: executing program 1 (id=5838):
pselect6(0x40, &(0x7f0000000600)={0x6, 0x6301, 0x6, 0x6, 0x9, 0x8, 0x4, 0x6}, &(0x7f0000000640)={0x4, 0x1, 0x2, 0x10, 0xe0000000000, 0x2, 0x401, 0x4}, &(0x7f0000000680)={0x1, 0x0, 0xffffffffffff0000, 0x0, 0x4, 0x7ff, 0x7, 0x345a}, &(0x7f00000006c0), &(0x7f0000000740)={&(0x7f0000000700)={[0x1ff]}, 0x8})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/24], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000010a85000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r1, 0x0, 0x1034}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
personality(0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
r3 = syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x4010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16], 0x1, 0x11ee, &(0x7f0000002480)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x5, 0x8, 0x0, 0xb}, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
syz_emit_ethernet(0x5a, &(0x7f0000000000)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0xe, 0x4, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa210104, @local, {[@timestamp_addr={0x44, 0x14, 0xa, 0x1, 0x0, [{@multicast1}, {@loopback}]}, @generic={0x7, 0x10, "0990ec742f779f8fcaa6a306fc78"}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
removexattr(&(0x7f00000002c0)='./cgroup.cpu/cgroup.procs\x00', &(0x7f00000004c0)=@known='user.incfs.metadata\x00')
listen(r5, 0x3)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c2000001080045000028006500000f06907864010101ac1414aa00004e22", @ANYRES32=r3, @ANYRES32=0x41424344, @ANYBLOB="5c02ff47e2780000"], 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x2, 0x0, 0x0, 0x1000, {[@timestamp={0x8, 0xa, 0x3, 0x20000009}]}}}}}}}, 0x0)
write$cgroup_int(r4, &(0x7f0000000000), 0xffffff6a)
fcntl$notify(r0, 0x402, 0x80000004)
syz_read_part_table(0x5f4, &(0x7f0000000000)="$eJzs28FL22cYB/An0SSsZfPSU09tD2WMXlp6bBhtMWlLGZLWyyijQkspzSmFQsoCGe1hDaPFHMTdvDghMJw7GXPwpOg/MMSDQ/DgZWNeBC/LiP48zOlhooPB5wPh4X1+z+/9vm8gxwT/a+n4vdvtfhQR9WO8PZwdLNy9MHSz9DAbqXgUEV99/+kPvSepZKKb26uXkvVasp6cONN5t3Un01p9sH358UIjvb9lfe8kZ6faw4clZo9xSk7PdH5x4M3bSvF9Nf98pVjb+PaX7sBPfwyW2vcbzZl7mdtPkrmlpPYn9WVU43W8iJHoj2/iaVSO2P+7I/rZI/LHW+tXM+eLrdlnN3YKnQ/z13an+k7svgf18vd/Or38VxdHv2zWbl35+dzY9erccmmzL9IRP35Rzh18c+TUzgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPFlYnHgzdtK8X01/3ylWEtFRO9Tat9vNGfuZW4/SeaWktqf1JdRjdfxIkaiHOV4GpVe85PDEj6OiOz+Infw6XT+b/kb4631q3+eL7Zmn93YKXQ+zF9L5oZO+N6H5Hd7+a8ujn7erN26kjs3dr06t1za7NubK//j5LH77QEAAAAAAAAAAAAAAAAAAMBJGCzcvTB0s/QwIhWPIuKz375O9/rd5P/uqWTuUlLXkv7kxJnOu607mdbqg+3Ljxcavyb9eqSiHhFnp9rD//ll+Nf+CgAA//8d1Yu+")

844.407608ms ago: executing program 2 (id=5839):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x101180, 0x5dd9, 0x0, 0x5, 0x3, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2000000, 0x300)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x6, 0x8, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x3, &(0x7f0000000000)=[{0x15}, {0x2d}, {0x6, 0x0, 0x0, 0x7fff7ffc}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
fchmod(r2, 0x28)
r3 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r3, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @empty, 0xfffffffc}, 0x1c)
listen(r3, 0x20000005)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0xd4, r5, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_PEERS={0xac, 0x8, 0x0, 0x1, [{0x48, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e24, 0x4, @rand_addr=' \x01\x00', 0x1}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}, {0x30, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}]}, {0x30, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8, 0x3, 0x5}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}]}]}]}, 0xd4}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
eventfd2(0x0, 0x0)

834.554378ms ago: executing program 4 (id=5840):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="400000000001010400000000000000000a000000240002801400018008"], 0x40}}, 0x0)

696.70953ms ago: executing program 2 (id=5841):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x20200403, &(0x7f0000000180)={[{@dioread_lock}, {@noblock_validity}, {@jqfmt_vfsold}, {@init_itable}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@nomblk_io_submit}, {@errors_remount}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4}}, {@grpid}], [], 0x2c}, 0x84, 0x4c1, &(0x7f0000000980)="$eJzs3MtvG9UaAPBvJo++m7S39176gJqXiCgkTVqgCxaAQOoGCQkWZRnSUJWmLWqCRKuKpgiVJYJ/AFgiIbFiwwokhIAViC3sEVKFumlhgYzGnmns+BHHeUH9+0l2zpk5x2e+mTnj4zmxA+hZpewpidgeET9HxFBE9C0uUKr+uXXj8tQfNy5PJVEuv/h7klWLmzcuTxVFk/zvtjwzkkak7ySxv0m7sxcvnZmcmZm+kOfH5s6+PjZ78dKjp89Onpo+NX1u4tixo0fGn3h84rGO4riyxPosrpv73jp/YO/xl99/fqocr3z3aba92/P1tXFUDXfUbjulKEU5t7B0sPL84Ipf/Z9lR0066d/ADWFZsr6eHa6BSv8fir5YOHhD8dzbtzNfN9b9YL02ElgT2XvTroal+QigPy8A3KESXRx6VPGOn33+LR7rOgDZYNefzp6nK/Hfyh/VNf2RZp9lh6uf2Pta1P9f+5cvDy3R/vaIODH/54fZI5rehwAAWF1fZuOfR5qN/9K6sc3OfA5lOCIORcTuiPhPROyJiP/m46D/R8Rdy2y/tCjfOP75cUtXgXVoa0Q8mc9t1Y//0rxEcju3oxL/QPLq6Znpw/k+GYmBTVl+vE0bXz3703ut1pVqxn/ZI2u/GAvm2/Fb/6b6Oicn5yZXEHKd61cj9vU3iz+5PROQ7YG9EbGvi9fP9tnphz85kKV3bmtcv3T8bazCPFP544iHqsd/PhbFX0iqLbWanxzbHDPTh8eKs6LR9z9ce6E2P1CTrot/c2cxbe422Cay47+16fmfx190g2K+dnb5bVz75d2Wn2kaj38SJ+ZrS+Tnf81VIDv/B5OXKunBfNmbk3NzF8YjBvMFdcsnFuoW+aJ8Fv/I/c37/+6Ivz7K6+2PiOwkvjsi7omIg/m23xsR9y1xRL595oHX2u+hLs//uNpZsTay+E+2O/4Rw0ntfH0Xib4z33zRqv3Orn9HK6mRfEkn179ON3Al+w4AAAD+LdLKHHSSjhbpmptTe2JrOnN+du5QKd44d7I6Vz0cA2lxp2uo5n7oeH5vuMhPLMofiYhdlf802lLJj06dn9mxkYEDle/q1PX/SNPR0eq6X1v90wtw51jWPFpSk/7s89XfGGBd+b4m9C79H3qX/g+9S/+H3tWs/1+JuLUBmwKsM+//0Lv0f+hd+j/0Lv0felLjV+KLH1ro5pv+C4ndx1dUfc0T5aE1eeX55dfqW6NIo/ZHO1omkojorolI25cZ7KD1DUukS5Z5aqndMrCi38TIEgfzxKaI6LTWlXXbq8UVIkk27OIEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwCv4OAAD//0L53Gc=")

696.03955ms ago: executing program 4 (id=5842):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f00000002c0)={0x0, 0x1, 0x1, "cd"}, 0x9)
sendto$inet6(r0, &(0x7f0000000100)="b8", 0x1, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @remote, 0xfffffffc}, 0x1c)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0xfffffffb, 0x0, 0x2, 0x3, 0x5, 0x7}, 0x20)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000044}, 0x840)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000000)="b9ff03076844268cb89e14f00800", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

625.717531ms ago: executing program 4 (id=5843):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de85000000040000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
r4 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f00000003c0)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
fgetxattr(r5, &(0x7f0000000000)=ANY=[], 0x0, 0x0)

597.841681ms ago: executing program 2 (id=5844):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r0 = io_uring_setup(0x1d48, &(0x7f0000000340)={0x0, 0x0, 0x1000, 0x2, 0x3bd})
r1 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r1, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r1, 0x4)
recvmmsg(r1, 0x0, 0x0, 0x40000100, 0x0)
close_range(r0, r1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r3, 0x0, 0x2}, 0x18)

561.024632ms ago: executing program 2 (id=5845):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="300000001114010227bd7000044000000800030001040200080001000000000008003e000500000008004b"], 0x30}}, 0x8040)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, 0xffffffffffffffff, 0x0, 0x80000000000}, 0x18)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x127081)

450.470243ms ago: executing program 0 (id=5846):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)

449.645163ms ago: executing program 1 (id=5847):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', 0xffffffffffffffff, 0x0, 0x3}, 0x18)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x298)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xaf}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x2, &(0x7f0000000140)=ANY=[@ANYBLOB="91105100000000009500003624662afd"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)=@nat={'nat\x00', 0x19, 0x2, 0x2bc, [0x200000000e00, 0x0, 0x0, 0x20000000102c, 0x20000000105c], 0x0, &(0x7f00000002c0), &(0x7f0000000e00)=[{0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{0x11, 0x2, 0x1b, 'hsr0\x00', 'dvmrp0\x00', 'team_slave_0\x00', 'bond_slave_0\x00', @broadcast, [0xff, 0x0, 0xff, 0x0, 0xceb19f9118f19c0c, 0xff], @link_local, [0xff, 0xff, 0x0, 0x0, 0x0, 0xff], 0x6e, 0xde, 0x116, [], [@snat={'snat\x00', 0x10, {{@local, 0xfffffffffffffffe}}}, @snat={'snat\x00', 0x10, {{@dev={'\xaa\xaa\xaa\xaa\xaa', 0x38}, 0xfffffffffffffffd}}}], @arpreply={'arpreply\x00', 0x10, {{@remote, 0xfffffffffffffffe}}}}, {0x11, 0x68, 0x18, 'erspan0\x00', 'syz_tun\x00', 'rose0\x00', 'pimreg0\x00', @multicast, [0xff, 0x0, 0x0, 0x0, 0x0, 0xff], @local, [0x0, 0xff, 0x0, 0xff], 0xae, 0xae, 0xe6, [@time={{'time\x00', 0x0, 0x18}, {{0xfffeffff, 0x0, 0xc9ec, 0xd268, 0xff, 0x2, 0x1}}}], [], @arpreply={'arpreply\x00', 0x10, {{@local, 0xffffffffffffffff}}}}]}, {0x0, '\x00', 0x2, 0xffffffffffffffff}, {0x0, '\x00', 0x2, 0xffffffffffffffff}, {0x0, '\x00', 0x2, 0xfffffffffffffffc}]}, 0x334)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x401, 0x0)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000340), 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r1}, &(0x7f00000003c0), &(0x7f0000000300)=r3}, 0x20)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000cc0)=ANY=[@ANYBLOB="180000000000ab94c1e3df1ca0535326159f4c0e6da08f7a80fd92506ef460a412f23282b50bfc9c3b40b6841eae273823bd0bd83d95cfbd6ab176835dfa247fe3bce191bd345fb43ff0f8afd40068119916aa7e285fcfb14efedbe25e9898be00a7a1b44823cb6125ef26615b130ef48bd5a49b4ab3c919e29e9d9578c966a5942e702d2ac0f600d0fca1a10f06202196b4aa70331eefad2024f461636ad578cff84bf06f3fccd8025c165bbc8352b9441aed31c9513ef10804f464da08cc123acee0142f10208f59", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000007c0)='btrfs_convert_extent_bit\x00', r4, 0x0, 0x400}, 0x6)
signalfd(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000000680)=@newtaction={0x180, 0x30, 0x216822a75a8bdd29, 0xffe4, 0x0, {}, [{0x16c, 0x1, [@m_connmark={0x50, 0x2, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0xd, 0x5, 0x0, 0x3}, 0x8}}]}, {0xfffffdd6}, {0xc}, {0xc}}}, @m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0xd4, 0x3, 0x0, 0x0, {{0x9}, {0x58, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0x0, 0x3, {0x2, 0xea3, 0x7}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x1d28}}, @TCA_GACT_PARMS={0x18, 0x2, {0xb66, 0xb3, 0x10000000, 0x34e, 0xffff}}, @TCA_GACT_PARMS={0x18, 0x2, {0x7ff, 0xd8, 0x0, 0x9, 0x100000e0}}]}, {0x52, 0x6, "a06b1d1931f3579c6d7c5159238a286074602c3726c701f3c0d5382de62a6e8c4fb714fcd674c66cd306a4f78d3d05530609c9b04b7483bd084d70df8e77e6fbd503917aa0a6c737cef0ed021b60"}, {0xc}, {0x1, 0x8, {0x2, 0x2}}}}]}]}, 0x180}}, 0x0)

442.365304ms ago: executing program 0 (id=5848):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', 0xffffffffffffffff, 0x0, 0x3}, 0x18)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x298)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xaf}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x2, &(0x7f0000000140)=ANY=[@ANYBLOB="91105100000000009500003624662afd"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)=@nat={'nat\x00', 0x19, 0x2, 0x2bc, [0x200000000e00, 0x0, 0x0, 0x20000000102c, 0x20000000105c], 0x0, &(0x7f00000002c0), &(0x7f0000000e00)=[{0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{0x11, 0x2, 0x1b, 'hsr0\x00', 'dvmrp0\x00', 'team_slave_0\x00', 'bond_slave_0\x00', @broadcast, [0xff, 0x0, 0xff, 0x0, 0xceb19f9118f19c0c, 0xff], @link_local, [0xff, 0xff, 0x0, 0x0, 0x0, 0xff], 0x6e, 0xde, 0x116, [], [@snat={'snat\x00', 0x10, {{@local, 0xfffffffffffffffe}}}, @snat={'snat\x00', 0x10, {{@dev={'\xaa\xaa\xaa\xaa\xaa', 0x38}, 0xfffffffffffffffd}}}], @arpreply={'arpreply\x00', 0x10, {{@remote, 0xfffffffffffffffe}}}}, {0x11, 0x68, 0x18, 'erspan0\x00', 'syz_tun\x00', 'rose0\x00', 'pimreg0\x00', @multicast, [0xff, 0x0, 0x0, 0x0, 0x0, 0xff], @local, [0x0, 0xff, 0x0, 0xff], 0xae, 0xae, 0xe6, [@time={{'time\x00', 0x0, 0x18}, {{0xfffeffff, 0x0, 0xc9ec, 0xd268, 0xff, 0x2, 0x1}}}], [], @arpreply={'arpreply\x00', 0x10, {{@local, 0xffffffffffffffff}}}}]}, {0x0, '\x00', 0x2, 0xffffffffffffffff}, {0x0, '\x00', 0x2, 0xffffffffffffffff}, {0x0, '\x00', 0x2, 0xfffffffffffffffc}]}, 0x334)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x401, 0x0)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000340), 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r1}, &(0x7f00000003c0), &(0x7f0000000300)=r3}, 0x20)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000cc0)=ANY=[@ANYBLOB="180000000000ab94c1e3df1ca0535326159f4c0e6da08f7a80fd92506ef460a412f23282b50bfc9c3b40b6841eae273823bd0bd83d95cfbd6ab176835dfa247fe3bce191bd345fb43ff0f8afd40068119916aa7e285fcfb14efedbe25e9898be00a7a1b44823cb6125ef26615b130ef48bd5a49b4ab3c919e29e9d9578c966a5942e702d2ac0f600d0fca1a10f06202196b4aa70331eefad2024f461636ad578cff84bf06f3fccd8025c165bbc8352b9441aed31c9513ef10804f464da08cc123acee0142f10208f59", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000007c0)='btrfs_convert_extent_bit\x00', r4, 0x0, 0x400}, 0x6)
signalfd(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000000680)=@newtaction={0x180, 0x30, 0x216822a75a8bdd29, 0xffe4, 0x0, {}, [{0x16c, 0x1, [@m_connmark={0x50, 0x2, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0xd, 0x5, 0x0, 0x3}, 0x8}}]}, {0xfffffdd6}, {0xc}, {0xc}}}, @m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0xd4, 0x3, 0x0, 0x0, {{0x9}, {0x58, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0x0, 0x3, {0x2, 0xea3, 0x7}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x1d28}}, @TCA_GACT_PARMS={0x18, 0x2, {0xb66, 0xb3, 0x10000000, 0x34e, 0xffff}}, @TCA_GACT_PARMS={0x18, 0x2, {0x7ff, 0xd8, 0x0, 0x9, 0x100000e0}}]}, {0x52, 0x6, "a06b1d1931f3579c6d7c5159238a286074602c3726c701f3c0d5382de62a6e8c4fb714fcd674c66cd306a4f78d3d05530609c9b04b7483bd084d70df8e77e6fbd503917aa0a6c737cef0ed021b60"}, {0xc}, {0x1, 0x8, {0x2, 0x2}}}}]}]}, 0x180}}, 0x0)

290.470936ms ago: executing program 1 (id=5850):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1\x00', 0x200080, &(0x7f0000000040)={[{@errors_remount}, {@dax_always}, {@nogrpid}]}, 0x3, 0x574, &(0x7f0000000380)="$eJzs3c9vG1kdAPDvTH7Y/bGbFvYAq4WWnwVVdRp3d7Xay7YXEFqthFhxQBy6IXGjULsutbNsQqXN/g0ggeAEfwIHJA5Ie+LAjSMSB4S0HJAKVKAGAZLRjCeJ0zhap3bsbfL5SNN5M2/efN+TO37PY2deACfWxYjYjIjZiHgrIuaK/UmxxPXukh336OH9pa2H95eS6HTe/HuS52f7oqdM5kxxznJEfOOrEd9J9sdtrW/cXqzXa/eK7fl24+58a33jympjcaW2UrtTrb688PLVV669VB1ZWy80fvngK6uvf/M3v/7UB7/f/PIPsmqdLfJ62zFK3abP7MTJTEfE60cRbAKmivXsvpwX+he4frT14XDSiPhYRHw2v/7nYir/3wkAHGedzk+jM9e7DQAcd9nn/7PlJK1ERJoWg4BK9x7ec3E6rTdb7cu3mmt3lrv3ys7FTHprtV67er70x+/lB88k2fZCnpfn59vVx7avRcT5iPhR6VS+XVlq1pcnM+QBgBPvTP4dWNH/R8S/SmlaqQxUtM+3egDAU6M8gZIAwGT19uKlCdYDABgfn+IB4OQZoP8vvuzfPPK6AADj4fM/AJw8+n8AOHkO2//7jSAAPNW+/sYb2dLZKp5/vfz2+tpM8+0ry7XW7Upjbamy1Lx3t7LSbK7kz+xp7Cl8qiddjAnqzebdhRdj7Z35dq3Vnm+tb9xsNNfutG/mz/W+WZsZa+sAgH7OX3j/D0lEbL56Kl+iZy4HfTUcb+mkKwBMzNRusnbmsIUNEOCpdojZvt7dTf7nSOoCjNdAXXg+SPjdkdcFmIy+D/Mu903u9ZNDBPE7Y/hIufTJwe//75/jGXiauf8PJ9fUE5V6beT1AMbvEPf/gWOm00ken/N/dicLADiWhvgJX+fdUQ1CgIn6sMm8D//9v+nBAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOP7ORsR3I0kr+VzgafZvWqlEPBMR52ImubVar12NiGfjQkTMlLLthUlXGgAYUvrXpJit69Jcevbx3Nnk36V8HRHf/9mbP35nsd2+t5Dt/8fO/tL2ZF/V3XJDzCsIAAymUxrwwLz/rhbrng/yjx7eX9pejqqS/Ty4Ef8rpiJe2np4P1+6OdOR7Ywo52OJ0/9MYrooU46I5yNiagTxN9+LiE/0a3+S3xs5V8x82hs/itjPjDV+uid+mud119ng6+MjqAucNO/fiIjr/a6/NC7m6/7Xfzl/hxregxvdk22/9231xJ8uIk3tjX8qimv+4qAxXvzt1/bt7Mx1896LeH66X/xkJ37Sp/3Zvs8PGP9PL3z6h68dkNf5ecSl6B+/N9Z8u3F3vrW+cWW1sbhSWylHtZp1C69ce6k6n9+jnt++U73f3169/OxBdcvaf/qA+OW+7Z/dKfuFAdv/i/++9e3P7G6WHo//pc/1f/2f6xu/K2v8F/eG6RwUf/H0rw6cvjuLv3xA+z/s9b88SOMj4oO/bCwPeCgAMAat9Y3bi/V67d5QiTS2OqM4z75EVsXBDt4eLg4X9M9xFK14wsTM0M2ZVGJ6Z6w42jN/KzvjmJuTjrwVQyUejSvW5N6TgPHYvegnXRMAAAAAAAAAAAAAAOAg4/jTpUm3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOPr/wEAAP//XwvR0A==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020660b, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x47fb, 0x2e8a, 0x6, 0x0, 0x0)
readv(r1, &(0x7f0000000840)=[{&(0x7f0000000080)=""/41, 0x29}], 0x1)

267.388686ms ago: executing program 0 (id=5851):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x101180, 0x5dd9, 0x0, 0x5, 0x3, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2000000, 0x300)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x6, 0x8, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x3, &(0x7f0000000000)=[{0x15}, {0x2d}, {0x6, 0x0, 0x0, 0x7fff7ffc}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
fchmod(r2, 0x28)
r3 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r3, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @empty, 0xfffffffc}, 0x1c)
listen(r3, 0x20000005)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0xd4, r5, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_PEERS={0xac, 0x8, 0x0, 0x1, [{0x48, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e24, 0x4, @rand_addr=' \x01\x00', 0x1}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}, {0x30, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}]}, {0x30, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8, 0x3, 0x5}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}]}]}]}, 0xd4}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
eventfd2(0x0, 0x0)

264.733356ms ago: executing program 5 (id=5852):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001480)={&(0x7f00000014c0)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
syz_emit_ethernet(0x3e, &(0x7f00000002c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd60f4adf700082c00fe800000000000000000000000000000ff0200000000000000000000000000018100807800000003"], 0x0)

248.963226ms ago: executing program 5 (id=5853):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r4}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x70bd2b, 0x10000, {0x0, 0x0, 0x0, r3, {0xc, 0xffff}, {0x0, 0x4}, {0xfff3, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x8014}, 0x0)

142.235128ms ago: executing program 0 (id=5854):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x4000054)

141.846848ms ago: executing program 0 (id=5855):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r0 = io_uring_setup(0x1d48, &(0x7f0000000340)={0x0, 0x0, 0x1000, 0x2, 0x3bd})
r1 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r1, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r1, 0x4)
recvmmsg(r1, 0x0, 0x0, 0x40000100, 0x0)
close_range(r0, r1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r3, 0x0, 0x2}, 0x18)

141.149548ms ago: executing program 5 (id=5856):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[], 0xc8}, 0x1, 0x0, 0x0, 0xc0c1}, 0x20050880)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x200000, 0x3}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10)
sendmsg$tipc(r2, &(0x7f0000000140)={0x0, 0x20d302, 0x0}, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000000), 0x4)
r3 = dup3(r1, r2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r3, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r3, 0x10f, 0x88)
sched_setscheduler(0x0, 0x370f375482444d57, &(0x7f0000001700)=0xf1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300))
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1600000000000000040000005009000000000000", @ANYRES32=0x1, @ANYRES16, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000baca301efd747652c59dcfb400"/40], 0x50)

89.281658ms ago: executing program 0 (id=5857):
pselect6(0x40, &(0x7f0000000600)={0x6, 0x6301, 0x6, 0x6, 0x9, 0x8, 0x4, 0x6}, &(0x7f0000000640)={0x4, 0x1, 0x2, 0x10, 0xe0000000000, 0x2, 0x401, 0x4}, &(0x7f0000000680)={0x1, 0x0, 0xffffffffffff0000, 0x0, 0x4, 0x7ff, 0x7, 0x345a}, &(0x7f00000006c0), &(0x7f0000000740)={&(0x7f0000000700)={[0x1ff]}, 0x8})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/24], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000010a85000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r1, 0x0, 0x1034}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
personality(0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
r3 = syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x4010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16], 0x1, 0x11ee, &(0x7f0000002480)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x5, 0x8, 0x0, 0xb}, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
syz_emit_ethernet(0x5a, &(0x7f0000000000)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0xe, 0x4, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa210104, @local, {[@timestamp_addr={0x44, 0x14, 0xa, 0x1, 0x0, [{@multicast1}, {@loopback}]}, @generic={0x7, 0x10, "0990ec742f779f8fcaa6a306fc78"}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
removexattr(&(0x7f00000002c0)='./cgroup.cpu/cgroup.procs\x00', &(0x7f00000004c0)=@known='user.incfs.metadata\x00')
listen(r5, 0x3)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c2000001080045000028006500000f06907864010101ac1414aa00004e22", @ANYRES32=r3, @ANYRES32=0x41424344, @ANYBLOB="5c02ff47e2780000"], 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x2, 0x0, 0x0, 0x1000, {[@timestamp={0x8, 0xa, 0x3, 0x20000009}]}}}}}}}, 0x0)
write$cgroup_int(r4, &(0x7f0000000000), 0xffffff6a)
fcntl$notify(r0, 0x402, 0x80000004)
syz_read_part_table(0x5f4, &(0x7f0000000000)="$eJzs28FL22cYB/An0SSsZfPSU09tD2WMXlp6bBhtMWlLGZLWyyijQkspzSmFQsoCGe1hDaPFHMTdvDghMJw7GXPwpOg/MMSDQ/DgZWNeBC/LiP48zOlhooPB5wPh4X1+z+/9vm8gxwT/a+n4vdvtfhQR9WO8PZwdLNy9MHSz9DAbqXgUEV99/+kPvSepZKKb26uXkvVasp6cONN5t3Un01p9sH358UIjvb9lfe8kZ6faw4clZo9xSk7PdH5x4M3bSvF9Nf98pVjb+PaX7sBPfwyW2vcbzZl7mdtPkrmlpPYn9WVU43W8iJHoj2/iaVSO2P+7I/rZI/LHW+tXM+eLrdlnN3YKnQ/z13an+k7svgf18vd/Or38VxdHv2zWbl35+dzY9erccmmzL9IRP35Rzh18c+TUzgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPFlYnHgzdtK8X01/3ylWEtFRO9Tat9vNGfuZW4/SeaWktqf1JdRjdfxIkaiHOV4GpVe85PDEj6OiOz+Infw6XT+b/kb4631q3+eL7Zmn93YKXQ+zF9L5oZO+N6H5Hd7+a8ujn7erN26kjs3dr06t1za7NubK//j5LH77QEAAAAAAAAAAAAAAAAAAMBJGCzcvTB0s/QwIhWPIuKz375O9/rd5P/uqWTuUlLXkv7kxJnOu607mdbqg+3Ljxcavyb9eqSiHhFnp9rD//ll+Nf+CgAA//8d1Yu+")

69.851139ms ago: executing program 5 (id=5858):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, 0x0, &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)

35.399789ms ago: executing program 5 (id=5859):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x7}, 0x18)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={@fallback, 0xffffffffffffffff, 0x2b, 0x2000, 0x0, @value}, 0x20)
r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189373, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x8, &(0x7f0000000080)=[{0x0}], 0x1, 0x0, 0x0, 0x5}, 0x2004c000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x2800, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r3, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)

0s ago: executing program 5 (id=5860):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)

kernel console output (not intermixed with test programs):

28
[  360.720970][T17971] tmpfs: Bad value for 'mpol'
[  360.727331][T17971] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=17971 comm=syz.4.5252
[  360.778500][T17979] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=17979 comm=syz.4.5252
[  360.791133][T17979] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=17979 comm=syz.4.5252
[  360.859872][T17981] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5254'.
[  361.383640][T18005] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  361.406864][T18001] loop2: detected capacity change from 0 to 8192
[  361.652360][T18010] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5265'.
[  361.670132][T18013] netlink: 96 bytes leftover after parsing attributes in process `syz.4.5266'.
[  362.015300][T18026] tmpfs: Bad value for 'mpol'
[  362.097547][T18028] tipc: New replicast peer: 10.1.1.2
[  362.103282][T18028] tipc: Enabled bearer <udp:syz0>, priority 10
[  362.381039][T18044] loop2: detected capacity change from 0 to 1024
[  362.387913][T18044] EXT4-fs: Ignoring removed orlov option
[  362.406783][T18044] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  362.999251][T18060] loop4: detected capacity change from 0 to 512
[  363.127927][   T29] kauditd_printk_skb: 174 callbacks suppressed
[  363.127945][   T29] audit: type=1326 audit(1747411018.684:20665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18061 comm="syz.0.5286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f00350ce9f7 code=0x7ffc0000
[  363.134580][T18062] loop0: detected capacity change from 0 to 8192
[  363.174894][   T29] audit: type=1326 audit(1747411018.684:20666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18061 comm="syz.0.5286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f00350cd2d0 code=0x7ffc0000
[  363.198626][   T29] audit: type=1326 audit(1747411018.684:20667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18061 comm="syz.0.5286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f00350ce56b code=0x7ffc0000
[  363.223717][   T29] audit: type=1326 audit(1747411018.734:20668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18061 comm="syz.0.5286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f00350cd5ca code=0x7ffc0000
[  363.247246][   T29] audit: type=1326 audit(1747411018.734:20669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18061 comm="syz.0.5286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f00350cd5ca code=0x7ffc0000
[  363.270682][   T29] audit: type=1326 audit(1747411018.734:20670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18061 comm="syz.0.5286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f00350cd1d7 code=0x7ffc0000
[  363.294357][   T29] audit: type=1326 audit(1747411018.734:20671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18061 comm="syz.0.5286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f00350d010a code=0x7ffc0000
[  363.318045][   T29] audit: type=1326 audit(1747411018.784:20672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18061 comm="syz.0.5286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f00350cd2d0 code=0x7ffc0000
[  363.341811][   T29] audit: type=1326 audit(1747411018.784:20673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18061 comm="syz.0.5286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f00350cd6b7 code=0x7ffc0000
[  363.365401][   T29] audit: type=1326 audit(1747411018.784:20674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18061 comm="syz.0.5286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f00350cd2d0 code=0x7ffc0000
[  363.544029][T12464] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.594840][T18072] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5289'.
[  364.362471][T18105] FAULT_INJECTION: forcing a failure.
[  364.362471][T18105] name failslab, interval 1, probability 0, space 0, times 0
[  364.375243][T18105] CPU: 0 UID: 0 PID: 18105 Comm: syz.0.5301 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  364.375277][T18105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  364.375291][T18105] Call Trace:
[  364.375299][T18105]  <TASK>
[  364.375307][T18105]  __dump_stack+0x1d/0x30
[  364.375410][T18105]  dump_stack_lvl+0xe8/0x140
[  364.375436][T18105]  dump_stack+0x15/0x1b
[  364.375458][T18105]  should_fail_ex+0x265/0x280
[  364.375515][T18105]  should_failslab+0x8c/0xb0
[  364.375558][T18105]  __kmalloc_node_noprof+0xa9/0x410
[  364.375579][T18105]  ? qdisc_alloc+0x65/0x440
[  364.375618][T18105]  qdisc_alloc+0x65/0x440
[  364.375718][T18105]  qdisc_create_dflt+0x4b/0x260
[  364.375784][T18105]  dev_activate+0x209/0x9e0
[  364.375822][T18105]  __dev_open+0x472/0x530
[  364.375849][T18105]  __dev_change_flags+0x163/0x400
[  364.375946][T18105]  ? selinux_capable+0x1f9/0x270
[  364.375969][T18105]  netif_change_flags+0x5a/0xd0
[  364.376042][T18105]  dev_change_flags+0xce/0x180
[  364.376076][T18105]  ? netdev_name_node_lookup+0xa4/0xd0
[  364.376106][T18105]  devinet_ioctl+0x946/0xe40
[  364.376143][T18105]  inet_ioctl+0x2f8/0x3a0
[  364.376255][T18105]  sock_do_ioctl+0x73/0x220
[  364.376293][T18105]  sock_ioctl+0x41b/0x610
[  364.376322][T18105]  ? xfd_validate_state+0x45/0xf0
[  364.376435][T18105]  ? __pfx_sock_ioctl+0x10/0x10
[  364.376459][T18105]  __se_sys_ioctl+0xcb/0x140
[  364.376481][T18105]  __x64_sys_ioctl+0x43/0x50
[  364.376544][T18105]  x64_sys_call+0x19a8/0x2fb0
[  364.376565][T18105]  do_syscall_64+0xd0/0x1a0
[  364.376589][T18105]  ? clear_bhb_loop+0x40/0x90
[  364.376609][T18105]  ? clear_bhb_loop+0x40/0x90
[  364.376683][T18105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.376712][T18105] RIP: 0033:0x7f00350ce969
[  364.376732][T18105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  364.376756][T18105] RSP: 002b:00007f0033716038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  364.376798][T18105] RAX: ffffffffffffffda RBX: 00007f00352f6080 RCX: 00007f00350ce969
[  364.376816][T18105] RDX: 0000200000000040 RSI: 0000000000008914 RDI: 0000000000000004
[  364.376903][T18105] RBP: 00007f0033716090 R08: 0000000000000000 R09: 0000000000000000
[  364.376918][T18105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  364.376933][T18105] R13: 0000000000000000 R14: 00007f00352f6080 R15: 00007ffe7411e808
[  364.377005][T18105]  </TASK>
[  364.377016][T18105] syzkaller1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  364.627354][T18105] syzkaller1: entered promiscuous mode
[  364.632847][T18105] syzkaller1: entered allmulticast mode
[  364.759815][T18116] loop4: detected capacity change from 0 to 1024
[  364.782542][T18116] EXT4-fs: Ignoring removed orlov option
[  364.798704][T18116] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  364.815993][T18114] loop2: detected capacity change from 0 to 8192
[  365.533875][T18132] netlink: 'syz.5.5310': attribute type 4 has an invalid length.
[  365.541826][T18132] netlink: 135452 bytes leftover after parsing attributes in process `syz.5.5310'.
[  365.588064][T18132] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5310'.
[  365.625614][T12073] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.738506][T18145] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5316'.
[  365.748164][T18145] veth1_macvtap: left promiscuous mode
[  366.293953][T18178] batman_adv: batadv0: Adding interface: dummy0
[  366.300371][T18178] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  366.325787][T18178] batman_adv: batadv0: Interface activated: dummy0
[  366.560966][T18182] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5328'.
[  366.596761][T18182] netlink: 96 bytes leftover after parsing attributes in process `syz.1.5328'.
[  366.815899][T18188] random: crng reseeded on system resumption
[  366.955573][T18192] tmpfs: Bad value for 'mpol'
[  366.960756][T18190] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5331'.
[  366.969882][T18190] netlink: 108 bytes leftover after parsing attributes in process `syz.4.5331'.
[  366.978728][T18192] selinux_netlink_send: 4 callbacks suppressed
[  366.978747][T18192] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18192 comm=syz.2.5332
[  366.983273][T18190] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5331'.
[  367.007953][T18190] netlink: 108 bytes leftover after parsing attributes in process `syz.4.5331'.
[  367.017097][T18190] netlink: 84 bytes leftover after parsing attributes in process `syz.4.5331'.
[  367.029414][T18193] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18193 comm=syz.2.5332
[  367.042000][T18193] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=18193 comm=syz.2.5332
[  367.292160][T18198] loop4: detected capacity change from 0 to 8192
[  367.484522][T18212] vlan2: entered promiscuous mode
[  367.865417][T18225] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=18225 comm=syz.2.5343
[  367.985621][T18230] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  368.029913][T18232] vlan2: entered promiscuous mode
[  368.135997][T18244] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5349'.
[  368.155988][T18246] vlan0: entered promiscuous mode
[  368.255238][   T29] kauditd_printk_skb: 288 callbacks suppressed
[  368.255257][   T29] audit: type=1326 audit(1747411023.814:20963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18255 comm="syz.1.5353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d90fe969 code=0x7ffc0000
[  368.303238][   T29] audit: type=1326 audit(1747411023.844:20964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18255 comm="syz.1.5353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f24d90fe969 code=0x7ffc0000
[  368.326974][   T29] audit: type=1326 audit(1747411023.844:20965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18255 comm="syz.1.5353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d90fe969 code=0x7ffc0000
[  368.350648][   T29] audit: type=1326 audit(1747411023.844:20966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18255 comm="syz.1.5353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d90fe969 code=0x7ffc0000
[  368.374397][   T29] audit: type=1326 audit(1747411023.844:20967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18255 comm="syz.1.5353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f24d90fd2d0 code=0x7ffc0000
[  368.398101][   T29] audit: type=1326 audit(1747411023.844:20968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18255 comm="syz.1.5353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d90fe969 code=0x7ffc0000
[  368.421907][   T29] audit: type=1326 audit(1747411023.844:20969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18255 comm="syz.1.5353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f24d90fe969 code=0x7ffc0000
[  368.445502][   T29] audit: type=1326 audit(1747411023.844:20970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18255 comm="syz.1.5353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d90fe969 code=0x7ffc0000
[  368.469216][   T29] audit: type=1326 audit(1747411023.844:20971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18255 comm="syz.1.5353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f24d90fd41f code=0x7ffc0000
[  368.492733][   T29] audit: type=1326 audit(1747411023.844:20972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18255 comm="syz.1.5353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d90fe969 code=0x7ffc0000
[  368.563293][T18264] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  368.678491][T18279] tmpfs: Bad value for 'mpol'
[  368.684026][T18279] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18279 comm=syz.1.5362
[  368.696529][T18268] loop5: detected capacity change from 0 to 8192
[  368.735298][T18283] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18283 comm=syz.1.5362
[  368.748077][T18283] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=18283 comm=syz.1.5362
[  369.462594][T18297] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  369.473086][T18298] loop0: detected capacity change from 0 to 512
[  369.546386][T18310] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5374'.
[  369.559420][T18310] vlan0: entered promiscuous mode
[  369.564555][T18310] team0: entered promiscuous mode
[  369.569800][T18310] team_slave_0: entered promiscuous mode
[  369.575635][T18310] team_slave_1: entered promiscuous mode
[  369.654334][T18318] tmpfs: Bad value for 'mpol'
[  369.663071][T18318] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18318 comm=syz.0.5386
[  369.665825][T18316] loop4: detected capacity change from 0 to 2048
[  369.685174][T18320] random: crng reseeded on system resumption
[  369.687020][T18316] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  369.716783][T18324] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18324 comm=syz.0.5386
[  369.729466][T18324] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=18324 comm=syz.0.5386
[  369.772566][T18327] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5375'.
[  369.787516][T18328] loop2: detected capacity change from 0 to 1024
[  369.801925][T18328] EXT4-fs: Ignoring removed orlov option
[  369.848982][T18328] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  370.048632][T18325] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  370.065277][T18325] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  370.077668][T18325] EXT4-fs (loop4): This should not happen!! Data will be lost
[  370.077668][T18325] 
[  370.087374][T18325] EXT4-fs (loop4): Total free blocks count 0
[  370.093379][T18325] EXT4-fs (loop4): Free/Dirty block details
[  370.099353][T18325] EXT4-fs (loop4): free_blocks=2415919104
[  370.105248][T18325] EXT4-fs (loop4): dirty_blocks=8224
[  370.110606][T18325] EXT4-fs (loop4): Block reservation details
[  370.116641][T18325] EXT4-fs (loop4): i_reserved_data_blocks=514
[  370.306664][T11732] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 28
[  370.506291][T18347] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  370.507515][T18348] loop4: detected capacity change from 0 to 512
[  370.620546][T18357] vlan2: entered promiscuous mode
[  370.733616][T12464] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.928962][T18380] tmpfs: Bad value for 'mpol'
[  371.214593][T18383] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  371.223127][T18341] syz.1.5383 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  371.237332][T18341] CPU: 1 UID: 0 PID: 18341 Comm: syz.1.5383 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  371.237366][T18341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  371.237384][T18341] Call Trace:
[  371.237393][T18341]  <TASK>
[  371.237416][T18341]  __dump_stack+0x1d/0x30
[  371.237496][T18341]  dump_stack_lvl+0xe8/0x140
[  371.237515][T18341]  dump_stack+0x15/0x1b
[  371.237553][T18341]  dump_header+0x81/0x220
[  371.237597][T18341]  oom_kill_process+0x334/0x3f0
[  371.237633][T18341]  out_of_memory+0x979/0xb80
[  371.237662][T18341]  ? css_next_descendant_pre+0x138/0x160
[  371.237750][T18341]  mem_cgroup_out_of_memory+0x13d/0x190
[  371.237790][T18341]  try_charge_memcg+0x5e2/0x870
[  371.237822][T18341]  obj_cgroup_charge_pages+0xb7/0x1a0
[  371.237847][T18341]  __memcg_kmem_charge_page+0x9f/0x170
[  371.237934][T18341]  __alloc_frozen_pages_noprof+0x188/0x360
[  371.237963][T18341]  alloc_pages_mpol+0xb3/0x250
[  371.238046][T18341]  alloc_pages_noprof+0x90/0x130
[  371.238077][T18341]  __vmalloc_node_range_noprof+0x6a4/0xdf0
[  371.238134][T18341]  __kvmalloc_node_noprof+0x2f3/0x4d0
[  371.238227][T18341]  ? ip_set_alloc+0x1f/0x30
[  371.238256][T18341]  ? ip_set_alloc+0x1f/0x30
[  371.238356][T18341]  ? __kmalloc_cache_noprof+0x189/0x320
[  371.238385][T18341]  ip_set_alloc+0x1f/0x30
[  371.238415][T18341]  hash_netiface_create+0x282/0x740
[  371.238455][T18341]  ? __pfx_hash_netiface_create+0x10/0x10
[  371.238552][T18341]  ip_set_create+0x3cc/0x960
[  371.238605][T18341]  ? __nla_parse+0x40/0x60
[  371.238683][T18341]  nfnetlink_rcv_msg+0x4c6/0x590
[  371.238731][T18341]  netlink_rcv_skb+0x120/0x220
[  371.238767][T18341]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  371.238801][T18341]  nfnetlink_rcv+0x16b/0x1690
[  371.238824][T18341]  ? __kfree_skb+0x109/0x150
[  371.238891][T18341]  ? nlmon_xmit+0x4f/0x60
[  371.238916][T18341]  ? consume_skb+0x49/0x150
[  371.238955][T18341]  ? nlmon_xmit+0x4f/0x60
[  371.238992][T18341]  ? dev_hard_start_xmit+0x39e/0x3d0
[  371.239052][T18341]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  371.239078][T18341]  ? __dev_queue_xmit+0x182/0x1fb0
[  371.239117][T18341]  ? skb_clone+0x151/0x1f0
[  371.239185][T18341]  ? ref_tracker_free+0x37d/0x3e0
[  371.239229][T18341]  ? __netlink_deliver_tap+0x4dc/0x500
[  371.239256][T18341]  netlink_unicast+0x5a1/0x670
[  371.239299][T18341]  netlink_sendmsg+0x58b/0x6b0
[  371.239349][T18341]  ? __pfx_netlink_sendmsg+0x10/0x10
[  371.239372][T18341]  __sock_sendmsg+0x145/0x180
[  371.239398][T18341]  ____sys_sendmsg+0x31e/0x4e0
[  371.239497][T18341]  ___sys_sendmsg+0x17b/0x1d0
[  371.239538][T18341]  __x64_sys_sendmsg+0xd4/0x160
[  371.239571][T18341]  x64_sys_call+0x2999/0x2fb0
[  371.239599][T18341]  do_syscall_64+0xd0/0x1a0
[  371.239703][T18341]  ? clear_bhb_loop+0x40/0x90
[  371.239777][T18341]  ? clear_bhb_loop+0x40/0x90
[  371.239803][T18341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.239824][T18341] RIP: 0033:0x7f24d90fe969
[  371.239839][T18341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  371.239856][T18341] RSP: 002b:00007f24d7767038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  371.239881][T18341] RAX: ffffffffffffffda RBX: 00007f24d9325fa0 RCX: 00007f24d90fe969
[  371.239904][T18341] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000009
[  371.239922][T18341] RBP: 00007f24d9180ab1 R08: 0000000000000000 R09: 0000000000000000
[  371.239933][T18341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  371.239945][T18341] R13: 0000000000000000 R14: 00007f24d9325fa0 R15: 00007ffe0a74b348
[  371.240043][T18341]  </TASK>
[  371.240062][T18341] memory: usage 307200kB, limit 307200kB, failcnt 1901
[  371.289418][T18385] loop2: detected capacity change from 0 to 512
[  371.292079][T18341] memory+swap: usage 307400kB, limit 9007199254740988kB, failcnt 0
[  371.622578][T18341] kmem: usage 307112kB, limit 9007199254740988kB, failcnt 0
[  371.629926][T18341] Memory cgroup stats for /syz1:
[  371.631378][T18341] cache 0
[  371.637013][T18387] __nla_validate_parse: 10 callbacks suppressed
[  371.637032][T18387] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5401'.
[  371.639429][T18341] rss 0
[  371.648517][T18387] vlan2: entered promiscuous mode
[  371.654869][T18341] shmem 0
[  371.665879][T18341] mapped_file 0
[  371.669520][T18341] dirty 0
[  371.672475][T18341] writeback 0
[  371.675803][T18341] workingset_refault_anon 1194
[  371.680694][T18341] workingset_refault_file 1417
[  371.685480][T18341] swap 204800
[  371.688807][T18341] swapcached 0
[  371.692175][T18341] pgpgin 511030
[  371.695647][T18341] pgpgout 511008
[  371.699185][T18341] pgfault 476751
[  371.702723][T18341] pgmajfault 230
[  371.706303][T18341] inactive_anon 0
[  371.709950][T18341] active_anon 0
[  371.713436][T18341] inactive_file 90112
[  371.717515][T18341] active_file 0
[  371.721085][T18341] unevictable 0
[  371.724538][T18341] hierarchical_memory_limit 314572800
[  371.730072][T18341] hierarchical_memsw_limit 9223372036854771712
[  371.736252][T18341] total_cache 0
[  371.739774][T18341] total_rss 0
[  371.743087][T18341] total_shmem 0
[  371.746551][T18341] total_mapped_file 0
[  371.750529][T18341] total_dirty 0
[  371.753979][T18341] total_writeback 0
[  371.757818][T18341] total_workingset_refault_anon 1194
[  371.763105][T18341] total_workingset_refault_file 1417
[  371.768433][T18341] total_swap 204800
[  371.772240][T18341] total_swapcached 0
[  371.776148][T18341] total_pgpgin 511030
[  371.780139][T18341] total_pgpgout 511008
[  371.784255][T18341] total_pgfault 476751
[  371.788327][T18341] total_pgmajfault 230
[  371.792429][T18341] total_inactive_anon 0
[  371.796699][T18341] total_active_anon 0
[  371.800682][T18341] total_inactive_file 90112
[  371.805237][T18341] total_active_file 0
[  371.809265][T18341] total_unevictable 0
[  371.813260][T18341] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.5383,pid=18340,uid=0
[  371.828061][T18341] Memory cgroup out of memory: Killed process 18340 (syz.1.5383) total-vm:95796kB, anon-rss:936kB, file-rss:22316kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000
[  371.917924][T18393] loop4: detected capacity change from 0 to 1024
[  371.924767][T18393] EXT4-fs: Ignoring removed orlov option
[  371.934092][T18393] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  372.219309][T18409] netlink: 'syz.0.5409': attribute type 1 has an invalid length.
[  372.248277][T18409] 8021q: adding VLAN 0 to HW filter on device bond1
[  372.278175][T18415] loop5: detected capacity change from 0 to 1024
[  372.285484][T18415] EXT4-fs: Ignoring removed orlov option
[  372.296785][T18409] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5409'.
[  372.297936][T18415] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  372.320615][T18409] bond1 (unregistering): Released all slaves
[  372.349897][T18420] tmpfs: Bad value for 'mpol'
[  372.355796][T18420] selinux_netlink_send: 4 callbacks suppressed
[  372.355811][T18420] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18420 comm=syz.2.5412
[  372.406273][T18425] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18425 comm=syz.2.5412
[  372.418888][T18425] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=18425 comm=syz.2.5412
[  372.545712][T18427] loop0: detected capacity change from 0 to 8192
[  372.605355][T18427]  loop0: p1 p2[DM] p4
[  372.610009][T18427] loop0: p1 size 196608 extends beyond EOD, truncated
[  372.618720][T18427] loop0: p2 start 4292936063 is beyond EOD, truncated
[  372.625564][T18427] loop0: p4 size 50331648 extends beyond EOD, truncated
[  372.771018][T12073] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.958017][T18437] serio: Serial port ptm1
[  373.148745][T18440] loop4: detected capacity change from 0 to 512
[  373.233248][T18446] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5422'.
[  373.242343][T18446] netlink: 108 bytes leftover after parsing attributes in process `syz.1.5422'.
[  373.251864][T18446] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5422'.
[  373.251938][T18446] netlink: 108 bytes leftover after parsing attributes in process `syz.1.5422'.
[  373.251952][T18446] netlink: 84 bytes leftover after parsing attributes in process `syz.1.5422'.
[  373.252360][T13448] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.323975][   T29] kauditd_printk_skb: 175 callbacks suppressed
[  373.323994][   T29] audit: type=1326 audit(1747411028.874:21148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18449 comm="syz.1.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d90fe969 code=0x7ffc0000
[  373.324057][   T29] audit: type=1326 audit(1747411028.874:21149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18449 comm="syz.1.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d90fe969 code=0x7ffc0000
[  373.324350][   T29] audit: type=1326 audit(1747411028.874:21150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18449 comm="syz.1.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f24d90fe969 code=0x7ffc0000
[  373.324387][   T29] audit: type=1326 audit(1747411028.874:21151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18449 comm="syz.1.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d90fe969 code=0x7ffc0000
[  373.324448][   T29] audit: type=1326 audit(1747411028.874:21152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18449 comm="syz.1.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d90fe969 code=0x7ffc0000
[  373.324708][   T29] audit: type=1326 audit(1747411028.874:21153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18449 comm="syz.1.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f24d90fd2d0 code=0x7ffc0000
[  373.482063][   T29] audit: type=1326 audit(1747411029.044:21154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18449 comm="syz.1.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d90fe969 code=0x7ffc0000
[  373.507653][   T29] audit: type=1326 audit(1747411029.044:21155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18449 comm="syz.1.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d90fe969 code=0x7ffc0000
[  373.607923][T18461] netlink: 'syz.1.5429': attribute type 1 has an invalid length.
[  373.623485][T18461] 8021q: adding VLAN 0 to HW filter on device bond1
[  373.639528][T18467] tmpfs: Bad value for 'mpol'
[  373.640761][T18461] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5429'.
[  373.645430][T18467] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18467 comm=syz.5.5431
[  373.669278][T18461] bond1 (unregistering): Released all slaves
[  373.705113][T18468] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18468 comm=syz.5.5431
[  373.717752][T18468] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=18468 comm=syz.5.5431
[  373.757326][T18471] netlink: 'syz.1.5432': attribute type 1 has an invalid length.
[  373.772636][T18471] 8021q: adding VLAN 0 to HW filter on device bond1
[  373.788766][T18471] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5432'.
[  373.800602][T18471] bond1 (unregistering): Released all slaves
[  374.187040][T18481] loop4: detected capacity change from 0 to 8192
[  374.201033][T18484] random: crng reseeded on system resumption
[  374.279939][T18484] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5436'.
[  374.289320][T18481]  loop4: p1 p2[DM] p4
[  374.293685][T18481] loop4: p1 size 196608 extends beyond EOD, truncated
[  374.300998][T18481] loop4: p2 start 4292936063 is beyond EOD, truncated
[  374.307884][T18481] loop4: p4 size 50331648 extends beyond EOD, truncated
[  374.471976][T18493] loop2: detected capacity change from 0 to 1024
[  374.479660][T18493] EXT4-fs: Ignoring removed orlov option
[  374.516545][   T29] audit: type=1326 audit(1747411030.054:21156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18494 comm="syz.0.5441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00350ce969 code=0x7ffc0000
[  374.540561][   T29] audit: type=1326 audit(1747411030.054:21157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18494 comm="syz.0.5441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00350ce969 code=0x7ffc0000
[  374.590684][T18493] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  374.691092][T18512] loop0: detected capacity change from 0 to 512
[  374.942006][T18515] loop4: detected capacity change from 0 to 1024
[  374.950538][T18515] EXT4-fs: Ignoring removed orlov option
[  374.959448][T18515] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  375.104731][T18522] random: crng reseeded on system resumption
[  375.453956][T12464] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.483472][T18532] tmpfs: Bad value for 'mpol'
[  375.489121][T18532] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18532 comm=syz.5.5453
[  375.541074][T18539] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18539 comm=syz.5.5453
[  375.553716][T18539] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=18539 comm=syz.5.5453
[  375.575306][T18538] loop0: detected capacity change from 0 to 1764
[  375.611632][T18542] loop0: detected capacity change from 0 to 1024
[  375.618387][T18542] EXT4-fs: Ignoring removed orlov option
[  375.627110][T18542] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  375.887790][T12073] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.148653][T18553] FAULT_INJECTION: forcing a failure.
[  376.148653][T18553] name failslab, interval 1, probability 0, space 0, times 0
[  376.161543][T18553] CPU: 1 UID: 0 PID: 18553 Comm: syz.1.5459 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  376.161580][T18553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  376.161596][T18553] Call Trace:
[  376.161604][T18553]  <TASK>
[  376.161614][T18553]  __dump_stack+0x1d/0x30
[  376.161698][T18553]  dump_stack_lvl+0xe8/0x140
[  376.161723][T18553]  dump_stack+0x15/0x1b
[  376.161745][T18553]  should_fail_ex+0x265/0x280
[  376.161840][T18553]  should_failslab+0x8c/0xb0
[  376.161880][T18553]  kmem_cache_alloc_node_noprof+0x57/0x320
[  376.161902][T18553]  ? __alloc_skb+0x101/0x320
[  376.161936][T18553]  ? xas_load+0x413/0x430
[  376.162069][T18553]  __alloc_skb+0x101/0x320
[  376.162108][T18553]  alloc_skb_with_frags+0x7d/0x470
[  376.162132][T18553]  ? __rcu_read_unlock+0x4f/0x70
[  376.162160][T18553]  ? avc_has_perm_noaudit+0x1b1/0x200
[  376.162186][T18553]  sock_alloc_send_pskb+0x43a/0x4f0
[  376.162235][T18553]  dccp_sendmsg+0x198/0x4d0
[  376.162260][T18553]  ? __pfx_dccp_sendmsg+0x10/0x10
[  376.162419][T18553]  inet_sendmsg+0xc5/0xd0
[  376.162455][T18553]  __sock_sendmsg+0x102/0x180
[  376.162489][T18553]  ____sys_sendmsg+0x345/0x4e0
[  376.162513][T18553]  ___sys_sendmsg+0x17b/0x1d0
[  376.162557][T18553]  __sys_sendmmsg+0x178/0x300
[  376.162598][T18553]  __x64_sys_sendmmsg+0x57/0x70
[  376.162668][T18553]  x64_sys_call+0x2f2f/0x2fb0
[  376.162746][T18553]  do_syscall_64+0xd0/0x1a0
[  376.162771][T18553]  ? clear_bhb_loop+0x40/0x90
[  376.162792][T18553]  ? clear_bhb_loop+0x40/0x90
[  376.162855][T18553]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.162907][T18553] RIP: 0033:0x7f24d90fe969
[  376.162922][T18553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  376.163012][T18553] RSP: 002b:00007f24d7767038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  376.163031][T18553] RAX: ffffffffffffffda RBX: 00007f24d9325fa0 RCX: 00007f24d90fe969
[  376.163044][T18553] RDX: 0000000000000588 RSI: 0000200000001500 RDI: 000000000000000a
[  376.163056][T18553] RBP: 00007f24d7767090 R08: 0000000000000000 R09: 0000000000000000
[  376.163067][T18553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  376.163083][T18553] R13: 0000000000000000 R14: 00007f24d9325fa0 R15: 00007ffe0a74b348
[  376.163106][T18553]  </TASK>
[  376.467374][T11839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.522377][T18564] loop2: detected capacity change from 0 to 512
[  376.547754][T18569] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  376.697889][T18581] loop5: detected capacity change from 0 to 764
[  376.732351][T18585] tmpfs: Bad value for 'mpol'
[  376.738466][T18585] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18585 comm=syz.5.5472
[  377.602915][T18612] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  377.670801][T18617] netlink: 'syz.2.5485': attribute type 21 has an invalid length.
[  377.691567][T18617] netlink: 'syz.2.5485': attribute type 1 has an invalid length.
[  377.739767][T18622] FAULT_INJECTION: forcing a failure.
[  377.739767][T18622] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  377.753104][T18622] CPU: 1 UID: 0 PID: 18622 Comm: syz.5.5487 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  377.753133][T18622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  377.753147][T18622] Call Trace:
[  377.753154][T18622]  <TASK>
[  377.753162][T18622]  __dump_stack+0x1d/0x30
[  377.753242][T18622]  dump_stack_lvl+0xe8/0x140
[  377.753267][T18622]  dump_stack+0x15/0x1b
[  377.753346][T18622]  should_fail_ex+0x265/0x280
[  377.753397][T18622]  should_fail_alloc_page+0xf2/0x100
[  377.753439][T18622]  __alloc_frozen_pages_noprof+0xff/0x360
[  377.753557][T18622]  alloc_pages_mpol+0xb3/0x250
[  377.753581][T18622]  alloc_pages_noprof+0x90/0x130
[  377.753604][T18622]  __pud_alloc+0x47/0x450
[  377.753638][T18622]  handle_mm_fault+0x19c7/0x2ae0
[  377.753746][T18622]  ? __rcu_read_unlock+0x4f/0x70
[  377.753801][T18622]  do_user_addr_fault+0x3fe/0x1090
[  377.753834][T18622]  ? terminate_walk+0x27f/0x2a0
[  377.753876][T18622]  exc_page_fault+0x54/0xc0
[  377.753952][T18622]  asm_exc_page_fault+0x26/0x30
[  377.753979][T18622] RIP: 0010:rep_movs_alternative+0xf/0x90
[  377.754012][T18622] Code: c4 10 e9 04 ec 01 00 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 cd eb 01 00 66 2e
[  377.754029][T18622] RSP: 0018:ffffc90003dcfcf8 EFLAGS: 00050202
[  377.754045][T18622] RAX: ffff888119f24c98 RBX: 0000000000000004 RCX: 0000000000000004
[  377.754106][T18622] RDX: 0000000000000001 RSI: 00002000000002c0 RDI: ffffc90003dcfd5c
[  377.754120][T18622] RBP: ffffc90003dcfdc0 R08: 000000000000088d R09: 0000000000000000
[  377.754135][T18622] R10: 0001c90003dcfd5c R11: 0001c90003dcfd5f R12: 0000000000000010
[  377.754148][T18622] R13: ffff888101651300 R14: ffffc90003dcfd5c R15: 00002000000002c0
[  377.754167][T18622]  _copy_from_user+0x6f/0xb0
[  377.754192][T18622]  sk_setsockopt+0x1f5/0x1eb0
[  377.754313][T18622]  udp_lib_setsockopt+0x93/0x780
[  377.754349][T18622]  udp_setsockopt+0x77/0xb0
[  377.754379][T18622]  ? __pfx_udp_push_pending_frames+0x10/0x10
[  377.754444][T18622]  sock_common_setsockopt+0x69/0x80
[  377.754471][T18622]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  377.754536][T18622]  __sys_setsockopt+0x184/0x200
[  377.754563][T18622]  __x64_sys_setsockopt+0x64/0x80
[  377.754611][T18622]  x64_sys_call+0x2bd5/0x2fb0
[  377.754635][T18622]  do_syscall_64+0xd0/0x1a0
[  377.754666][T18622]  ? clear_bhb_loop+0x40/0x90
[  377.754693][T18622]  ? clear_bhb_loop+0x40/0x90
[  377.754721][T18622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.754849][T18622] RIP: 0033:0x7fa1a5cbe969
[  377.754863][T18622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  377.754880][T18622] RSP: 002b:00007fa1a4327038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  377.754899][T18622] RAX: ffffffffffffffda RBX: 00007fa1a5ee5fa0 RCX: 00007fa1a5cbe969
[  377.754920][T18622] RDX: 0000000000000010 RSI: 0000000000000001 RDI: 0000000000000003
[  377.754936][T18622] RBP: 00007fa1a4327090 R08: 0000000000000034 R09: 0000000000000000
[  377.754982][T18622] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  377.754998][T18622] R13: 0000000000000000 R14: 00007fa1a5ee5fa0 R15: 00007fffac28b7a8
[  377.755023][T18622]  </TASK>
[  378.077387][T18624] loop2: detected capacity change from 0 to 512
[  378.125638][T18628] loop5: detected capacity change from 0 to 1024
[  378.133957][T18628] EXT4-fs: Ignoring removed orlov option
[  378.142684][T18628] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  379.003605][   T29] kauditd_printk_skb: 68 callbacks suppressed
[  379.003623][   T29] audit: type=1400 audit(1747411034.554:21226): avc:  denied  { ioctl } for  pid=18635 comm="syz.4.5492" path="socket:[60214]" dev="sockfs" ino=60214 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  379.075974][T18638] tmpfs: Bad value for 'mpol'
[  379.082047][T18638] selinux_netlink_send: 2 callbacks suppressed
[  379.082062][T18638] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18638 comm=syz.4.5494
[  379.144710][   T29] audit: type=1400 audit(1747411034.684:21227): avc:  denied  { getopt } for  pid=18639 comm="syz.2.5493" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  379.148533][T18641] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18641 comm=syz.4.5494
[  379.178678][T18641] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=18641 comm=syz.4.5494
[  379.210149][T13448] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.215066][   T29] audit: type=1326 audit(1747411034.774:21228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18642 comm="syz.2.5495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  379.243188][   T29] audit: type=1326 audit(1747411034.774:21229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18642 comm="syz.2.5495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  379.243234][   T29] audit: type=1326 audit(1747411034.774:21230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18642 comm="syz.2.5495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  379.243384][   T29] audit: type=1326 audit(1747411034.774:21231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18642 comm="syz.2.5495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7e23bfd2d0 code=0x7ffc0000
[  379.297619][T18645] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  379.330143][   T29] audit: type=1326 audit(1747411034.884:21232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18642 comm="syz.2.5495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  379.353870][   T29] audit: type=1326 audit(1747411034.884:21233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18642 comm="syz.2.5495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  379.364203][T18648] loop5: detected capacity change from 0 to 1024
[  379.384415][T18648] EXT4-fs: Ignoring removed orlov option
[  379.393120][T18648] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  379.451073][   T29] audit: type=1326 audit(1747411034.994:21234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18651 comm="syz.0.5498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00350ce969 code=0x7ffc0000
[  379.474760][   T29] audit: type=1326 audit(1747411035.004:21235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18651 comm="syz.0.5498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f00350ce969 code=0x7ffc0000
[  379.650527][T18658] syzkaller0: entered promiscuous mode
[  379.658040][T18658] syzkaller0 (unregistering): left promiscuous mode
[  380.073454][T18670] loop4: detected capacity change from 0 to 1024
[  380.089117][T18670] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  380.099053][T18670] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  380.125802][T18670] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  380.143515][T18670] EXT4-fs error (device loop4): ext4_get_journal_inode:5798: inode #5: comm syz.4.5505: unexpected bad inode w/o EXT4_IGET_BAD
[  380.159240][T18670] EXT4-fs (loop4): no journal found
[  380.164484][T18670] EXT4-fs (loop4): can't get journal size
[  380.191144][T18670] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  380.248508][T12073] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.261175][T13448] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.290675][T18673] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  380.293092][T18675] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  380.395368][T18673] loop4: detected capacity change from 0 to 164
[  380.500316][T18683] __nla_validate_parse: 10 callbacks suppressed
[  380.500336][T18683] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5511'.
[  380.535716][T18690] tmpfs: Bad value for 'mpol'
[  380.540875][T18689] netlink: 'syz.1.5512': attribute type 10 has an invalid length.
[  380.541937][T18690] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18690 comm=syz.4.5513
[  380.550157][T18689] batman_adv: batadv0: Interface deactivated: dummy0
[  380.568258][T18689] batman_adv: batadv0: Removing interface: dummy0
[  380.575502][T18689] team0: Device dummy0 is up. Set it down before adding it as a team port
[  380.592361][T18691] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18691 comm=syz.4.5513
[  380.605044][T18691] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=18691 comm=syz.4.5513
[  380.665368][T18701] loop0: detected capacity change from 0 to 1024
[  380.672105][T18701] EXT4-fs: Ignoring removed orlov option
[  380.701245][T18701] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  380.921015][T18710] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  381.037205][T18712] loop2: detected capacity change from 0 to 512
[  381.419868][ T2970] hid (null): global environment stack underflow
[  381.426344][ T2970] hid (null): global environment stack underflow
[  381.431242][T18720] netlink: 248 bytes leftover after parsing attributes in process `syz.4.5525'.
[  381.437694][ T2970] hid-generic 0008:0006:0001.0001: global environment stack underflow
[  381.449966][ T2970] hid-generic 0008:0006:0001.0001: item 0 2 1 11 parsing failed
[  381.462624][ T2970] hid-generic 0008:0006:0001.0001: probe with driver hid-generic failed with error -22
[  381.518515][T11839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.674815][T18733] loop5: detected capacity change from 0 to 1764
[  381.716161][T18739] tmpfs: Bad value for 'mpol'
[  381.722622][T18739] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18739 comm=syz.0.5533
[  381.773363][T18742] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18742 comm=syz.0.5533
[  381.786031][T18742] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=18742 comm=syz.0.5533
[  381.991757][T18744] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5535'.
[  382.204179][T18750] tmpfs: Bad value for 'mpol'
[  382.210452][T18750] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18750 comm=syz.4.5536
[  382.416764][T18756] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  382.638179][T18769] FAULT_INJECTION: forcing a failure.
[  382.638179][T18769] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  382.651403][T18769] CPU: 0 UID: 0 PID: 18769 Comm: syz.5.5544 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  382.651440][T18769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  382.651453][T18769] Call Trace:
[  382.651459][T18769]  <TASK>
[  382.651539][T18769]  __dump_stack+0x1d/0x30
[  382.651566][T18769]  dump_stack_lvl+0xe8/0x140
[  382.651592][T18769]  dump_stack+0x15/0x1b
[  382.651613][T18769]  should_fail_ex+0x265/0x280
[  382.651699][T18769]  should_fail+0xb/0x20
[  382.651729][T18769]  should_fail_usercopy+0x1a/0x20
[  382.651861][T18769]  _copy_from_iter+0xcf/0xdd0
[  382.651890][T18769]  ? alloc_pages_mpol+0x202/0x250
[  382.651924][T18769]  copy_page_from_iter+0x15a/0x290
[  382.651952][T18769]  tun_get_user+0x5c7/0x24d0
[  382.652024][T18769]  ? ref_tracker_alloc+0x1f2/0x2f0
[  382.652171][T18769]  tun_chr_write_iter+0x15e/0x210
[  382.652201][T18769]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  382.652231][T18769]  vfs_write+0x49d/0x8d0
[  382.652269][T18769]  ksys_write+0xda/0x1a0
[  382.652374][T18769]  __x64_sys_write+0x40/0x50
[  382.652487][T18769]  x64_sys_call+0x2cdd/0x2fb0
[  382.652508][T18769]  do_syscall_64+0xd0/0x1a0
[  382.652572][T18769]  ? clear_bhb_loop+0x40/0x90
[  382.652600][T18769]  ? clear_bhb_loop+0x40/0x90
[  382.652702][T18769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.652725][T18769] RIP: 0033:0x7fa1a5cbd41f
[  382.652742][T18769] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  382.652776][T18769] RSP: 002b:00007fa1a4327000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  382.652801][T18769] RAX: ffffffffffffffda RBX: 00007fa1a5ee5fa0 RCX: 00007fa1a5cbd41f
[  382.652836][T18769] RDX: 0000000000000083 RSI: 0000200000000240 RDI: 00000000000000c8
[  382.652847][T18769] RBP: 00007fa1a4327090 R08: 0000000000000000 R09: 0000000000000000
[  382.652859][T18769] R10: 0000000000000083 R11: 0000000000000293 R12: 0000000000000001
[  382.652871][T18769] R13: 0000000000000000 R14: 00007fa1a5ee5fa0 R15: 00007fffac28b7a8
[  382.652892][T18769]  </TASK>
[  382.877450][T18772] loop5: detected capacity change from 0 to 512
[  383.111404][T18779] loop4: detected capacity change from 0 to 8192
[  383.290871][T18782] FAULT_INJECTION: forcing a failure.
[  383.290871][T18782] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  383.304021][T18782] CPU: 0 UID: 0 PID: 18782 Comm: syz.1.5549 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  383.304058][T18782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  383.304086][T18782] Call Trace:
[  383.304094][T18782]  <TASK>
[  383.304104][T18782]  __dump_stack+0x1d/0x30
[  383.304144][T18782]  dump_stack_lvl+0xe8/0x140
[  383.304162][T18782]  dump_stack+0x15/0x1b
[  383.304178][T18782]  should_fail_ex+0x265/0x280
[  383.304288][T18782]  should_fail+0xb/0x20
[  383.304321][T18782]  should_fail_usercopy+0x1a/0x20
[  383.304426][T18782]  _copy_to_user+0x20/0xa0
[  383.304457][T18782]  simple_read_from_buffer+0xb5/0x130
[  383.304491][T18782]  proc_fail_nth_read+0x100/0x140
[  383.304518][T18782]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  383.304550][T18782]  vfs_read+0x19d/0x6f0
[  383.304591][T18782]  ? __rcu_read_unlock+0x4f/0x70
[  383.304615][T18782]  ? __fget_files+0x184/0x1c0
[  383.304649][T18782]  ksys_read+0xda/0x1a0
[  383.304748][T18782]  __x64_sys_read+0x40/0x50
[  383.304816][T18782]  x64_sys_call+0x2d77/0x2fb0
[  383.304845][T18782]  do_syscall_64+0xd0/0x1a0
[  383.304876][T18782]  ? clear_bhb_loop+0x40/0x90
[  383.304910][T18782]  ? clear_bhb_loop+0x40/0x90
[  383.305001][T18782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.305040][T18782] RIP: 0033:0x7f24d90fd37c
[  383.305082][T18782] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  383.305105][T18782] RSP: 002b:00007f24d7767030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  383.305129][T18782] RAX: ffffffffffffffda RBX: 00007f24d9325fa0 RCX: 00007f24d90fd37c
[  383.305142][T18782] RDX: 000000000000000f RSI: 00007f24d77670a0 RDI: 0000000000000007
[  383.305157][T18782] RBP: 00007f24d7767090 R08: 0000000000000000 R09: 0000000000000000
[  383.305173][T18782] R10: 0000000000002000 R11: 0000000000000246 R12: 0000000000000001
[  383.305187][T18782] R13: 0000000000000000 R14: 00007f24d9325fa0 R15: 00007ffe0a74b348
[  383.305223][T18782]  </TASK>
[  383.518408][T18784] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  383.681513][T18792] tmpfs: Bad value for 'mpol'
[  383.784577][T18802] tmpfs: Bad value for 'mpol'
[  383.798866][T18804] FAULT_INJECTION: forcing a failure.
[  383.798866][T18804] name failslab, interval 1, probability 0, space 0, times 0
[  383.811539][T18804] CPU: 0 UID: 0 PID: 18804 Comm: syz.1.5559 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  383.811588][T18804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  383.811606][T18804] Call Trace:
[  383.811614][T18804]  <TASK>
[  383.811624][T18804]  __dump_stack+0x1d/0x30
[  383.811651][T18804]  dump_stack_lvl+0xe8/0x140
[  383.811677][T18804]  dump_stack+0x15/0x1b
[  383.811734][T18804]  should_fail_ex+0x265/0x280
[  383.811774][T18804]  should_failslab+0x8c/0xb0
[  383.811832][T18804]  kmem_cache_alloc_node_noprof+0x57/0x320
[  383.811861][T18804]  ? __alloc_skb+0x101/0x320
[  383.811949][T18804]  __alloc_skb+0x101/0x320
[  383.811980][T18804]  netlink_alloc_large_skb+0xba/0xf0
[  383.812019][T18804]  netlink_sendmsg+0x3cf/0x6b0
[  383.812052][T18804]  ? __pfx_netlink_sendmsg+0x10/0x10
[  383.812077][T18804]  __sock_sendmsg+0x145/0x180
[  383.812132][T18804]  ____sys_sendmsg+0x31e/0x4e0
[  383.812163][T18804]  ___sys_sendmsg+0x17b/0x1d0
[  383.812208][T18804]  __x64_sys_sendmsg+0xd4/0x160
[  383.812243][T18804]  x64_sys_call+0x2999/0x2fb0
[  383.812271][T18804]  do_syscall_64+0xd0/0x1a0
[  383.812299][T18804]  ? clear_bhb_loop+0x40/0x90
[  383.812324][T18804]  ? clear_bhb_loop+0x40/0x90
[  383.812353][T18804]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.812419][T18804] RIP: 0033:0x7f24d90fe969
[  383.812433][T18804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  383.812454][T18804] RSP: 002b:00007f24d7767038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  383.812479][T18804] RAX: ffffffffffffffda RBX: 00007f24d9325fa0 RCX: 00007f24d90fe969
[  383.812521][T18804] RDX: 0000000020050800 RSI: 00002000000000c0 RDI: 0000000000000003
[  383.812533][T18804] RBP: 00007f24d7767090 R08: 0000000000000000 R09: 0000000000000000
[  383.812549][T18804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  383.812565][T18804] R13: 0000000000000000 R14: 00007f24d9325fa0 R15: 00007ffe0a74b348
[  383.812589][T18804]  </TASK>
[  384.062644][T18813] loop5: detected capacity change from 0 to 1024
[  384.069729][T18813] EXT4-fs: Ignoring removed orlov option
[  384.077999][T18813] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  384.503392][T18821] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  384.661418][   T29] kauditd_printk_skb: 220 callbacks suppressed
[  384.661441][   T29] audit: type=1326 audit(1747411040.214:21456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18826 comm="syz.0.5566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00350ce969 code=0x7ffc0000
[  384.691453][   T29] audit: type=1326 audit(1747411040.214:21457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18826 comm="syz.0.5566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00350ce969 code=0x7ffc0000
[  384.715195][   T29] audit: type=1326 audit(1747411040.214:21458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18826 comm="syz.0.5566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f00350ce969 code=0x7ffc0000
[  384.731409][T18831] loop4: detected capacity change from 0 to 512
[  384.738971][   T29] audit: type=1326 audit(1747411040.214:21459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18826 comm="syz.0.5566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00350ce969 code=0x7ffc0000
[  384.758050][T18831] EXT4-fs: Ignoring removed mblk_io_submit option
[  384.768640][   T29] audit: type=1326 audit(1747411040.214:21460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18826 comm="syz.0.5566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00350ce969 code=0x7ffc0000
[  384.798756][   T29] audit: type=1326 audit(1747411040.224:21461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18826 comm="syz.0.5566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00350ce969 code=0x7ffc0000
[  384.822435][   T29] audit: type=1326 audit(1747411040.224:21462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18826 comm="syz.0.5566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00350ce969 code=0x7ffc0000
[  384.846185][   T29] audit: type=1326 audit(1747411040.224:21463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18826 comm="syz.0.5566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00350ce969 code=0x7ffc0000
[  384.888563][T18827] loop0: detected capacity change from 0 to 8192
[  384.889124][   T29] audit: type=1326 audit(1747411040.384:21464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18828 comm="syz.2.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  384.889166][   T29] audit: type=1326 audit(1747411040.384:21465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18828 comm="syz.2.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  385.031303][T18831] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[  385.042129][T18831] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.5568: attempt to clear invalid blocks 2 len 1
[  385.056255][T18831] EXT4-fs (loop4): Remounting filesystem read-only
[  385.068061][T13448] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.077582][T18831] EXT4-fs (loop4): 1 truncate cleaned up
[  385.083687][T18831] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  385.118730][T18839] FAULT_INJECTION: forcing a failure.
[  385.118730][T18839] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  385.131901][T18839] CPU: 1 UID: 0 PID: 18839 Comm: syz.2.5571 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  385.131929][T18839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  385.131941][T18839] Call Trace:
[  385.131965][T18839]  <TASK>
[  385.131975][T18839]  __dump_stack+0x1d/0x30
[  385.132002][T18839]  dump_stack_lvl+0xe8/0x140
[  385.132102][T18839]  dump_stack+0x15/0x1b
[  385.132124][T18839]  should_fail_ex+0x265/0x280
[  385.132167][T18839]  should_fail+0xb/0x20
[  385.132259][T18839]  should_fail_usercopy+0x1a/0x20
[  385.132283][T18839]  _copy_from_iter+0xcf/0xdd0
[  385.132350][T18839]  ? alloc_pages_mpol+0x202/0x250
[  385.132384][T18839]  copy_page_from_iter+0x15a/0x290
[  385.132413][T18839]  tun_get_user+0x5c7/0x24d0
[  385.132507][T18839]  ? ref_tracker_alloc+0x1f2/0x2f0
[  385.132554][T18839]  tun_chr_write_iter+0x15e/0x210
[  385.132585][T18839]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  385.132641][T18839]  vfs_write+0x49d/0x8d0
[  385.132682][T18839]  ksys_write+0xda/0x1a0
[  385.132713][T18839]  __x64_sys_write+0x40/0x50
[  385.132764][T18839]  x64_sys_call+0x2cdd/0x2fb0
[  385.132792][T18839]  do_syscall_64+0xd0/0x1a0
[  385.132823][T18839]  ? clear_bhb_loop+0x40/0x90
[  385.132846][T18839]  ? clear_bhb_loop+0x40/0x90
[  385.132944][T18839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.132972][T18839] RIP: 0033:0x7f7e23bfd41f
[  385.132992][T18839] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  385.133013][T18839] RSP: 002b:00007f7e22267000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  385.133065][T18839] RAX: ffffffffffffffda RBX: 00007f7e23e25fa0 RCX: 00007f7e23bfd41f
[  385.133082][T18839] RDX: 0000000000000036 RSI: 00002000000002c0 RDI: 00000000000000c8
[  385.133098][T18839] RBP: 00007f7e22267090 R08: 0000000000000000 R09: 0000000000000000
[  385.133120][T18839] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001
[  385.133134][T18839] R13: 0000000000000000 R14: 00007f7e23e25fa0 R15: 00007ffd7ecca318
[  385.133154][T18839]  </TASK>
[  385.356379][T18843] tmpfs: Bad value for 'mpol'
[  385.401533][T18851] tmpfs: Bad value for 'mpol'
[  385.408357][T18851] selinux_netlink_send: 8 callbacks suppressed
[  385.408376][T18851] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18851 comm=syz.1.5574
[  385.459871][T18853] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18853 comm=syz.1.5574
[  385.472524][T18853] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=18853 comm=syz.1.5574
[  385.492684][T18831] EXT4-fs (loop4): Quota file not on filesystem root. Journaled quota will not work
[  385.520647][T12073] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.544143][T18858] tmpfs: Bad value for 'mpol'
[  385.550739][T18858] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18858 comm=syz.0.5576
[  385.568452][T18859] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  385.594145][T18862] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  385.603236][T18864] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18864 comm=syz.0.5576
[  385.616161][T18864] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=18864 comm=syz.0.5576
[  385.630376][T18862] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  385.640442][T18862] loop2: detected capacity change from 0 to 256
[  385.658894][T18862] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5579'.
[  385.670938][T18862] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5579'.
[  385.717317][T18868] loop4: detected capacity change from 0 to 256
[  385.923147][T18875] FAULT_INJECTION: forcing a failure.
[  385.923147][T18875] name failslab, interval 1, probability 0, space 0, times 0
[  385.935881][T18875] CPU: 1 UID: 0 PID: 18875 Comm: syz.5.5585 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  385.935923][T18875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  385.935937][T18875] Call Trace:
[  385.935946][T18875]  <TASK>
[  385.935956][T18875]  __dump_stack+0x1d/0x30
[  385.936011][T18875]  dump_stack_lvl+0xe8/0x140
[  385.936035][T18875]  dump_stack+0x15/0x1b
[  385.936111][T18875]  should_fail_ex+0x265/0x280
[  385.936152][T18875]  should_failslab+0x8c/0xb0
[  385.936245][T18875]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  385.936268][T18875]  ? shmem_alloc_inode+0x34/0x50
[  385.936305][T18875]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  385.936395][T18875]  shmem_alloc_inode+0x34/0x50
[  385.936478][T18875]  alloc_inode+0x40/0x170
[  385.936508][T18875]  new_inode+0x1d/0xe0
[  385.936542][T18875]  shmem_get_inode+0x244/0x750
[  385.936658][T18875]  __shmem_file_setup+0x122/0x1f0
[  385.936691][T18875]  shmem_file_setup+0x3b/0x50
[  385.936721][T18875]  __se_sys_memfd_create+0x2c3/0x590
[  385.936767][T18875]  __x64_sys_memfd_create+0x31/0x40
[  385.936835][T18875]  x64_sys_call+0x122f/0x2fb0
[  385.936934][T18875]  do_syscall_64+0xd0/0x1a0
[  385.936962][T18875]  ? clear_bhb_loop+0x40/0x90
[  385.937025][T18875]  ? clear_bhb_loop+0x40/0x90
[  385.937051][T18875]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.937075][T18875] RIP: 0033:0x7fa1a5cbe969
[  385.937094][T18875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  385.937128][T18875] RSP: 002b:00007fa1a4326e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  385.937150][T18875] RAX: ffffffffffffffda RBX: 000000000000058a RCX: 00007fa1a5cbe969
[  385.937165][T18875] RDX: 00007fa1a4326ef0 RSI: 0000000000000000 RDI: 00007fa1a5d41444
[  385.937247][T18875] RBP: 0000200000000b40 R08: 00007fa1a4326bb7 R09: 00007fa1a4326e40
[  385.937261][T18875] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000005c0
[  385.937275][T18875] R13: 00007fa1a4326ef0 R14: 00007fa1a4326eb0 R15: 0000200000000280
[  385.937297][T18875]  </TASK>
[  385.969519][T18877] loop4: detected capacity change from 0 to 8192
[  386.015503][T18882] netlink: 32 bytes leftover after parsing attributes in process `syz.5.5588'.
[  386.176198][T18882] netlink: 3 bytes leftover after parsing attributes in process `syz.5.5588'.
[  386.188488][T18882] batadv1: entered promiscuous mode
[  386.193740][T18882] batadv1: entered allmulticast mode
[  386.267432][T18890] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  386.397195][T18906] netlink: 'syz.0.5596': attribute type 10 has an invalid length.
[  386.415404][T18906] batman_adv: batadv0: Interface deactivated: dummy0
[  386.422153][T18906] batman_adv: batadv0: Removing interface: dummy0
[  386.439774][T18906] team0: Device dummy0 is up. Set it down before adding it as a team port
[  386.570409][T18913] loop2: detected capacity change from 0 to 128
[  386.576580][T18902] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  386.577320][T18913] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  386.585424][T18902] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  386.598905][T18913] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  386.657540][T18914] loop0: detected capacity change from 0 to 8192
[  386.676703][T18914]  loop0: p1 p2[DM] p4
[  386.680971][T18914] loop0: p1 size 196608 extends beyond EOD, truncated
[  386.689900][T18914] loop0: p2 start 4292936063 is beyond EOD, truncated
[  386.696761][T18914] loop0: p4 size 50331648 extends beyond EOD, truncated
[  386.766013][T18917] loop2: detected capacity change from 0 to 2048
[  386.787223][T18917] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  386.799394][T18917] ext4 filesystem being mounted at /461/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  386.822560][T18921] tmpfs: Bad value for 'mpol'
[  386.828492][T18921] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18921 comm=syz.4.5601
[  386.851034][T12464] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.879233][T18924] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18924 comm=syz.4.5601
[  386.891820][T18924] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=18924 comm=syz.4.5601
[  386.926717][T18926] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  386.963721][T18930] loop2: detected capacity change from 0 to 164
[  386.971537][T18930] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  386.984464][T18934] serio: Serial port ttyS3
[  386.985065][T18930] tmpfs: Unsupported parameter 'huge'
[  387.189214][T18949] loop5: detected capacity change from 0 to 8192
[  387.413783][T18954] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  387.675440][T18963] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  387.675440][T18963]    program syz.4.5618 not setting count and/or reply_len properly
[  387.719767][T18965] loop4: detected capacity change from 0 to 1024
[  387.726596][T18965] EXT4-fs: Ignoring removed orlov option
[  387.736179][T18965] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  388.079356][T18984] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  388.144830][T18991] tmpfs: Bad value for 'mpol'
[  388.164456][T18991] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18991 comm=syz.5.5629
[  388.179615][T18988] bridge0: entered promiscuous mode
[  388.186379][T18988] bridge0: port 3(macsec1) entered blocking state
[  388.192857][T18988] bridge0: port 3(macsec1) entered disabled state
[  388.205373][T18988] macsec1: entered allmulticast mode
[  388.210754][T18988] bridge0: entered allmulticast mode
[  388.221323][T18988] macsec1: left allmulticast mode
[  388.226455][T18988] bridge0: left allmulticast mode
[  388.232057][T18988] bridge0: left promiscuous mode
[  388.460553][T19008] netlink: zone id is out of range
[  388.465760][T19008] netlink: zone id is out of range
[  388.470955][T19008] netlink: zone id is out of range
[  388.476145][T19008] netlink: zone id is out of range
[  388.481266][T19008] netlink: zone id is out of range
[  388.486469][T19008] netlink: zone id is out of range
[  388.491607][T19008] netlink: zone id is out of range
[  388.496780][T19008] netlink: zone id is out of range
[  388.501899][T19008] netlink: zone id is out of range
[  388.507120][T19008] netlink: zone id is out of range
[  388.541367][T19010] loop2: detected capacity change from 0 to 2048
[  388.566948][T19010] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  388.620310][T19017] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  388.699559][T12073] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  388.758672][T19023] FAULT_INJECTION: forcing a failure.
[  388.758672][T19023] name failslab, interval 1, probability 0, space 0, times 0
[  388.771361][T19023] CPU: 0 UID: 0 PID: 19023 Comm: syz.1.5642 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  388.771389][T19023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  388.771403][T19023] Call Trace:
[  388.771410][T19023]  <TASK>
[  388.771417][T19023]  __dump_stack+0x1d/0x30
[  388.771553][T19023]  dump_stack_lvl+0xe8/0x140
[  388.771572][T19023]  dump_stack+0x15/0x1b
[  388.771593][T19023]  should_fail_ex+0x265/0x280
[  388.771724][T19023]  should_failslab+0x8c/0xb0
[  388.771793][T19023]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  388.771816][T19023]  ? __d_alloc+0x3d/0x350
[  388.771837][T19023]  ? avc_has_perm+0xd3/0x150
[  388.771861][T19023]  __d_alloc+0x3d/0x350
[  388.771877][T19023]  ? __rcu_read_unlock+0x34/0x70
[  388.771980][T19023]  d_alloc_parallel+0x53/0xc40
[  388.772000][T19023]  ? selinux_inode_permission+0x32a/0x400
[  388.772037][T19023]  ? lockref_get_not_dead+0x120/0x1c0
[  388.772068][T19023]  ? __rcu_read_unlock+0x4f/0x70
[  388.772096][T19023]  __lookup_slow+0x8c/0x250
[  388.772186][T19023]  lookup_slow+0x3c/0x60
[  388.772211][T19023]  walk_component+0x1ec/0x220
[  388.772328][T19023]  path_lookupat+0xfe/0x2a0
[  388.772355][T19023]  filename_lookup+0x147/0x340
[  388.772415][T19023]  user_path_at+0x3e/0x130
[  388.772435][T19023]  __se_sys_mount+0x25b/0x2e0
[  388.772468][T19023]  __x64_sys_mount+0x67/0x80
[  388.772501][T19023]  x64_sys_call+0xd36/0x2fb0
[  388.772547][T19023]  do_syscall_64+0xd0/0x1a0
[  388.772579][T19023]  ? clear_bhb_loop+0x40/0x90
[  388.772654][T19023]  ? clear_bhb_loop+0x40/0x90
[  388.772680][T19023]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.772700][T19023] RIP: 0033:0x7f24d90fe969
[  388.772714][T19023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  388.772732][T19023] RSP: 002b:00007f24d7767038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  388.772755][T19023] RAX: ffffffffffffffda RBX: 00007f24d9325fa0 RCX: 00007f24d90fe969
[  388.772770][T19023] RDX: 0000200000000180 RSI: 00002000000003c0 RDI: 0000000000000000
[  388.772817][T19023] RBP: 00007f24d7767090 R08: 00002000000001c0 R09: 0000000000000000
[  388.772828][T19023] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  388.772841][T19023] R13: 0000000000000000 R14: 00007f24d9325fa0 R15: 00007ffe0a74b348
[  388.772863][T19023]  </TASK>
[  389.051373][T19029] loop5: detected capacity change from 0 to 1024
[  389.058931][T19024] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(14)
[  389.065546][T19024] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  389.073039][T19024] vhci_hcd vhci_hcd.0: Device attached
[  389.082936][T19029] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  389.085226][T19025] vhci_hcd: connection closed
[  389.110227][T11751] vhci_hcd: stop threads
[  389.119389][T11751] vhci_hcd: release socket
[  389.123814][T11751] vhci_hcd: disconnect device
[  389.141072][T13448] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.151784][T12464] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.182424][T19043] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5648'.
[  389.234160][T19048] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  389.267321][T19050] loop2: detected capacity change from 0 to 1024
[  389.274164][T19050] EXT4-fs: Ignoring removed orlov option
[  389.283118][T19050] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  389.695246][   T29] kauditd_printk_skb: 1032 callbacks suppressed
[  389.695267][   T29] audit: type=1326 audit(1747411045.224:22498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19068 comm="syz.5.5657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1a5cbe969 code=0x7ffc0000
[  389.725202][   T29] audit: type=1326 audit(1747411045.224:22499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19068 comm="syz.5.5657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1a5cbe969 code=0x7ffc0000
[  389.870870][   T29] audit: type=1400 audit(1747411045.424:22500): avc:  denied  { create } for  pid=19073 comm="syz.5.5659" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[  389.931746][T19084] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  389.974714][T19083] loop0: detected capacity change from 0 to 256
[  389.984264][T19088] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5665'.
[  389.997530][   T29] audit: type=1326 audit(1747411045.544:22501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19086 comm="syz.1.5664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d90fe969 code=0x7ffc0000
[  390.021235][   T29] audit: type=1326 audit(1747411045.544:22502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19086 comm="syz.1.5664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d90fe969 code=0x7ffc0000
[  390.025556][T19083] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  390.044898][   T29] audit: type=1326 audit(1747411045.544:22503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19086 comm="syz.1.5664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f24d90fe969 code=0x7ffc0000
[  390.080173][   T29] audit: type=1326 audit(1747411045.544:22504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19086 comm="syz.1.5664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d90fe969 code=0x7ffc0000
[  390.100622][T19090] loop5: detected capacity change from 0 to 256
[  390.103786][   T29] audit: type=1326 audit(1747411045.544:22505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19086 comm="syz.1.5664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d90fe969 code=0x7ffc0000
[  390.140818][T19092] tmpfs: Bad value for 'mpol'
[  390.183344][T19083] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  390.228819][T19094] smc: net device bond0 applied user defined pnetid SYZ2
[  390.258564][T19096] audit: audit_backlog=65 > audit_backlog_limit=64
[  390.265264][T19096] audit: audit_lost=9 audit_rate_limit=0 audit_backlog_limit=64
[  390.284524][T19096] IPVS: set_ctl: invalid protocol: 134 10.1.1.0:20004
[  390.303633][T12464] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  390.570296][T19118] tmpfs: Bad value for 'mpol'
[  390.577418][T19118] selinux_netlink_send: 5 callbacks suppressed
[  390.577435][T19118] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=19118 comm=syz.5.5677
[  390.596265][T19118] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=19118 comm=syz.5.5677
[  390.641646][T19123] loop5: detected capacity change from 0 to 256
[  390.649101][T19123] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  390.662737][T19123] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  390.666005][T19125] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5680'.
[  390.758840][T19123] coredump: 1136(syz.5.5679): Core dump to core aborted: cannot preserve file permissions
[  390.929109][T19136] loop5: detected capacity change from 0 to 1024
[  390.935931][T19136] EXT4-fs: Ignoring removed orlov option
[  390.944207][T19136] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  391.109442][T19142] loop4: detected capacity change from 0 to 1024
[  391.116308][T19142] EXT4-fs: Ignoring removed orlov option
[  391.125060][T19142] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  391.425310][T19155] tmpfs: Bad value for 'mpol'
[  391.437343][T19155] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=19155 comm=syz.0.5689
[  391.450032][T19155] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=19155 comm=syz.0.5689
[  391.532994][T19128] FAULT_INJECTION: forcing a failure.
[  391.532994][T19128] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  391.546129][T19128] CPU: 0 UID: 0 PID: 19128 Comm: syz.2.5681 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  391.546210][T19128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  391.546225][T19128] Call Trace:
[  391.546244][T19128]  <TASK>
[  391.546251][T19128]  __dump_stack+0x1d/0x30
[  391.546274][T19128]  dump_stack_lvl+0xe8/0x140
[  391.546298][T19128]  dump_stack+0x15/0x1b
[  391.546319][T19128]  should_fail_ex+0x265/0x280
[  391.546361][T19128]  should_fail+0xb/0x20
[  391.546388][T19128]  should_fail_usercopy+0x1a/0x20
[  391.546407][T19128]  set_fd_set+0x29/0xa0
[  391.546437][T19128]  core_sys_select+0x451/0x600
[  391.546572][T19128]  ? _parse_integer+0x27/0x40
[  391.546626][T19128]  ? set_user_sigmask+0x84/0x190
[  391.546680][T19128]  __se_sys_pselect6+0x216/0x280
[  391.546768][T19128]  __x64_sys_pselect6+0x78/0x90
[  391.546802][T19128]  x64_sys_call+0x1caa/0x2fb0
[  391.546824][T19128]  do_syscall_64+0xd0/0x1a0
[  391.546853][T19128]  ? clear_bhb_loop+0x40/0x90
[  391.546906][T19128]  ? clear_bhb_loop+0x40/0x90
[  391.546943][T19128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.546966][T19128] RIP: 0033:0x7f7e23bfe969
[  391.546985][T19128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  391.547009][T19128] RSP: 002b:00007f7e22267038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  391.547032][T19128] RAX: ffffffffffffffda RBX: 00007f7e23e25fa0 RCX: 00007f7e23bfe969
[  391.547046][T19128] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000073
[  391.547066][T19128] RBP: 00007f7e22267090 R08: 0000000000000000 R09: 0000000000000000
[  391.547082][T19128] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  391.547098][T19128] R13: 0000000000000000 R14: 00007f7e23e25fa0 R15: 00007ffd7ecca318
[  391.547121][T19128]  </TASK>
[  391.802739][T19161] loop0: detected capacity change from 0 to 8192
[  391.855787][T19161]  loop0: p1 p2[DM] p4
[  391.859917][T19161] loop0: p1 size 196608 extends beyond EOD, truncated
[  391.885410][T19161] loop0: p2 start 4292936063 is beyond EOD, truncated
[  391.892247][T19161] loop0: p4 size 50331648 extends beyond EOD, truncated
[  391.949649][T13448] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  391.989010][T19165] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.007768][T19167] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.050435][T19165] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.054546][T19169] FAULT_INJECTION: forcing a failure.
[  392.054546][T19169] name failslab, interval 1, probability 0, space 0, times 0
[  392.073448][T19169] CPU: 0 UID: 0 PID: 19169 Comm: syz.5.5693 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  392.073504][T19169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  392.073593][T19169] Call Trace:
[  392.073602][T19169]  <TASK>
[  392.073613][T19169]  __dump_stack+0x1d/0x30
[  392.073642][T19169]  dump_stack_lvl+0xe8/0x140
[  392.073671][T19169]  dump_stack+0x15/0x1b
[  392.073695][T19169]  should_fail_ex+0x265/0x280
[  392.073741][T19169]  should_failslab+0x8c/0xb0
[  392.073865][T19169]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  392.073894][T19169]  ? sock_alloc_inode+0x34/0xa0
[  392.073997][T19169]  ? __pfx_sock_alloc_inode+0x10/0x10
[  392.074034][T19169]  sock_alloc_inode+0x34/0xa0
[  392.074068][T19169]  alloc_inode+0x40/0x170
[  392.074174][T19169]  __sock_create+0x122/0x5b0
[  392.074292][T19169]  sock_create_kern+0x38/0x50
[  392.074330][T19169]  mptcp_subflow_create_socket+0x84/0x630
[  392.074358][T19169]  ? avc_has_perm_noaudit+0x1b1/0x200
[  392.074389][T19169]  __mptcp_nmpc_sk+0xb3/0x3b0
[  392.074488][T19169]  mptcp_connect+0x58/0x7e0
[  392.074569][T19169]  __inet_stream_connect+0x169/0x7e0
[  392.074610][T19169]  ? _raw_spin_unlock_bh+0x36/0x40
[  392.074649][T19169]  ? release_sock+0x116/0x150
[  392.074686][T19169]  ? _raw_spin_unlock_bh+0x36/0x40
[  392.074786][T19169]  ? lock_sock_nested+0x112/0x140
[  392.074847][T19169]  ? selinux_netlbl_socket_connect+0x115/0x130
[  392.074888][T19169]  inet_stream_connect+0x44/0x70
[  392.074929][T19169]  ? __pfx_inet_stream_connect+0x10/0x10
[  392.075037][T19169]  __sys_connect+0x1ef/0x2b0
[  392.075085][T19169]  __x64_sys_connect+0x3f/0x50
[  392.075126][T19169]  x64_sys_call+0x1daa/0x2fb0
[  392.075183][T19169]  do_syscall_64+0xd0/0x1a0
[  392.075214][T19169]  ? clear_bhb_loop+0x40/0x90
[  392.075242][T19169]  ? clear_bhb_loop+0x40/0x90
[  392.075270][T19169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.075297][T19169] RIP: 0033:0x7fa1a5cbe969
[  392.075368][T19169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  392.075436][T19169] RSP: 002b:00007fa1a4306038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  392.075529][T19169] RAX: ffffffffffffffda RBX: 00007fa1a5ee6080 RCX: 00007fa1a5cbe969
[  392.075547][T19169] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 0000000000000005
[  392.075564][T19169] RBP: 00007fa1a4306090 R08: 0000000000000000 R09: 0000000000000000
[  392.075608][T19169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  392.075624][T19169] R13: 0000000000000000 R14: 00007fa1a5ee6080 R15: 00007fffac28b7a8
[  392.075650][T19169]  </TASK>
[  392.355243][T19167] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.394689][T12073] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  392.418756][T19165] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.439151][T19167] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.502654][T19165] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.523595][T19167] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.552437][T19165] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  392.587216][T19165] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  392.605470][T19167] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  392.618020][T19165] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  392.629931][T19167] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  392.641564][T19167] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  392.652308][T19165] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  392.670615][T19167] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  392.704732][T11709] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.724500][T19188] FAULT_INJECTION: forcing a failure.
[  392.724500][T19188] name failslab, interval 1, probability 0, space 0, times 0
[  392.737306][T19188] CPU: 0 UID: 0 PID: 19188 Comm: syz.4.5698 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  392.737334][T19188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  392.737348][T19188] Call Trace:
[  392.737356][T19188]  <TASK>
[  392.737366][T19188]  __dump_stack+0x1d/0x30
[  392.737391][T19188]  dump_stack_lvl+0xe8/0x140
[  392.737414][T19188]  dump_stack+0x15/0x1b
[  392.737430][T19188]  should_fail_ex+0x265/0x280
[  392.737463][T19188]  ? legacy_init_fs_context+0x31/0x80
[  392.737524][T19188]  should_failslab+0x8c/0xb0
[  392.737553][T19188]  __kmalloc_cache_noprof+0x4c/0x320
[  392.737577][T19188]  legacy_init_fs_context+0x31/0x80
[  392.737617][T19188]  alloc_fs_context+0x3ef/0x4e0
[  392.737642][T19188]  fs_context_for_mount+0x22/0x30
[  392.737667][T19188]  do_new_mount+0xe9/0x680
[  392.737755][T19188]  path_mount+0x4a4/0xb20
[  392.737788][T19188]  ? user_path_at+0x109/0x130
[  392.737889][T19188]  __se_sys_mount+0x28f/0x2e0
[  392.737914][T19188]  ? fput+0x8f/0xc0
[  392.737942][T19188]  __x64_sys_mount+0x67/0x80
[  392.737995][T19188]  x64_sys_call+0xd36/0x2fb0
[  392.738015][T19188]  do_syscall_64+0xd0/0x1a0
[  392.738046][T19188]  ? clear_bhb_loop+0x40/0x90
[  392.738072][T19188]  ? clear_bhb_loop+0x40/0x90
[  392.738135][T19188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.738163][T19188] RIP: 0033:0x7f8bf8b5e969
[  392.738180][T19188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  392.738198][T19188] RSP: 002b:00007f8bf71c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  392.738222][T19188] RAX: ffffffffffffffda RBX: 00007f8bf8d85fa0 RCX: 00007f8bf8b5e969
[  392.738319][T19188] RDX: 0000200000000040 RSI: 0000200000000000 RDI: 0000000000000000
[  392.738333][T19188] RBP: 00007f8bf71c7090 R08: 0000200000000140 R09: 0000000000000000
[  392.738349][T19188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  392.738365][T19188] R13: 0000000000000000 R14: 00007f8bf8d85fa0 R15: 00007ffd5e969298
[  392.738389][T19188]  </TASK>
[  392.776992][T19175] chnl_net:caif_netlink_parms(): no params data found
[  392.805776][T19188] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(15)
[  392.961568][T19188] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  392.969406][T19188] vhci_hcd vhci_hcd.0: Device attached
[  392.970170][T11709] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.980369][T19190] loop5: detected capacity change from 0 to 8192
[  393.009694][T19191] vhci_hcd: connection closed
[  393.010705][T11751] vhci_hcd: stop threads
[  393.019848][T11751] vhci_hcd: release socket
[  393.024315][T11751] vhci_hcd: disconnect device
[  393.036670][T11709] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.047577][T19175] bridge0: port 1(bridge_slave_0) entered blocking state
[  393.054657][T19175] bridge0: port 1(bridge_slave_0) entered disabled state
[  393.062121][T19175] bridge_slave_0: entered allmulticast mode
[  393.068827][T19175] bridge_slave_0: entered promiscuous mode
[  393.076058][T19175] bridge0: port 2(bridge_slave_1) entered blocking state
[  393.083146][T19175] bridge0: port 2(bridge_slave_1) entered disabled state
[  393.090535][T19175] bridge_slave_1: entered allmulticast mode
[  393.097681][T19175] bridge_slave_1: entered promiscuous mode
[  393.105171][T11709] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.128849][T19175] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  393.139828][T19175] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  393.162493][T19175] team0: Port device team_slave_0 added
[  393.169993][T19175] team0: Port device team_slave_1 added
[  393.187342][T19175] batman_adv: batadv0: Adding interface: batadv_slave_0
[  393.194479][T19175] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  393.220497][T19175] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  393.234473][T19175] batman_adv: batadv0: Adding interface: batadv_slave_1
[  393.241510][T19175] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  393.267526][T19175] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  393.307459][T11709] bridge_slave_1: left allmulticast mode
[  393.313137][T11709] bridge_slave_1: left promiscuous mode
[  393.318846][T11709] bridge0: port 2(bridge_slave_1) entered disabled state
[  393.329293][T11709] bridge_slave_0: left allmulticast mode
[  393.335059][T11709] bridge_slave_0: left promiscuous mode
[  393.340740][T11709] bridge0: port 1(bridge_slave_0) entered disabled state
[  393.457884][T11709] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  393.467011][T11709] bond_slave_0: left promiscuous mode
[  393.474342][T11709] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  393.483814][T11709] bond_slave_1: left promiscuous mode
[  393.490835][T11709] bond0 (unregistering): Released all slaves
[  393.499816][T11709] bond1 (unregistering): Released all slaves
[  393.510559][T19175] hsr_slave_0: entered promiscuous mode
[  393.516963][T19175] hsr_slave_1: entered promiscuous mode
[  393.522952][T19175] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  393.530587][T19175] Cannot create hsr debugfs directory
[  393.556962][T19204] netlink: 52 bytes leftover after parsing attributes in process `syz.1.5701'.
[  393.561320][T19207] loop2: detected capacity change from 0 to 1024
[  393.573052][T19207] EXT4-fs: Ignoring removed orlov option
[  393.602905][T11709] tipc: Disabling bearer <udp:syz2>
[  393.608402][T11709] tipc: Left network mode
[  393.614613][T19207] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  393.628954][T11709] hsr_slave_0: left promiscuous mode
[  393.636106][T11709] hsr_slave_1: left promiscuous mode
[  393.646933][T11709] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  393.654368][T11709] batman_adv: batadv0: Removing interface: batadv_slave_0
[  393.742458][T19221] loop4: detected capacity change from 0 to 512
[  393.759158][T11709] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  393.766726][T11709] batman_adv: batadv0: Removing interface: batadv_slave_1
[  393.784225][T11709] veth0_macvtap: left promiscuous mode
[  393.796963][T11709] veth1_vlan: left promiscuous mode
[  393.815135][T11709] veth0_vlan: left promiscuous mode
[  393.929393][T11709] team_slave_1 (unregistering): left promiscuous mode
[  393.962029][T11709] team0 (unregistering): Port device team_slave_1 removed
[  393.972482][T11709] team_slave_0 (unregistering): left promiscuous mode
[  393.992272][T11709] team0 (unregistering): Port device team_slave_0 removed
[  394.329084][T19175] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  394.340752][T19175] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  394.351122][T19175] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  394.360574][T19175] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  394.404186][T19175] 8021q: adding VLAN 0 to HW filter on device bond0
[  394.419806][T19175] 8021q: adding VLAN 0 to HW filter on device team0
[  394.430214][T12464] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  394.442176][T11744] bridge0: port 1(bridge_slave_0) entered blocking state
[  394.449351][T11744] bridge0: port 1(bridge_slave_0) entered forwarding state
[  394.472524][T19237] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  394.506217][T19175] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  394.516689][T19175] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  394.540616][T11744] bridge0: port 2(bridge_slave_1) entered blocking state
[  394.547841][T11744] bridge0: port 2(bridge_slave_1) entered forwarding state
[  394.647017][T19175] 8021q: adding VLAN 0 to HW filter on device batadv0
[  394.706994][   T29] kauditd_printk_skb: 269 callbacks suppressed
[  394.707012][   T29] audit: type=1326 audit(1747411050.264:22771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19241 comm="syz.4.5714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8bf8b5d2d0 code=0x7ffc0000
[  394.738623][T19243] loop4: detected capacity change from 0 to 8192
[  394.764997][   T29] audit: type=1326 audit(1747411050.304:22772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19241 comm="syz.4.5714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8bf8b5e56b code=0x7ffc0000
[  394.788605][   T29] audit: type=1326 audit(1747411050.314:22773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19241 comm="syz.4.5714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f8bf8b5d5ca code=0x7ffc0000
[  394.812385][   T29] audit: type=1326 audit(1747411050.314:22774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19241 comm="syz.4.5714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f8bf8b5d5ca code=0x7ffc0000
[  394.835839][   T29] audit: type=1326 audit(1747411050.314:22775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19241 comm="syz.4.5714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f8bf8b5d1d7 code=0x7ffc0000
[  394.859731][   T29] audit: type=1326 audit(1747411050.314:22776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19241 comm="syz.4.5714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f8bf8b6010a code=0x7ffc0000
[  394.930112][T19175] veth0_vlan: entered promiscuous mode
[  394.936094][   T29] audit: type=1326 audit(1747411050.374:22777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19241 comm="syz.4.5714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8bf8b5d2d0 code=0x7ffc0000
[  394.954654][T19175] veth1_vlan: entered promiscuous mode
[  394.959805][   T29] audit: type=1326 audit(1747411050.374:22778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19241 comm="syz.4.5714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f8bf8b5d6b7 code=0x7ffc0000
[  394.988933][   T29] audit: type=1326 audit(1747411050.374:22779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19241 comm="syz.4.5714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8bf8b5d2d0 code=0x7ffc0000
[  395.010860][T19175] veth0_macvtap: entered promiscuous mode
[  395.012579][   T29] audit: type=1326 audit(1747411050.374:22780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19241 comm="syz.4.5714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bf8b5e969 code=0x7ffc0000
[  395.059661][T19175] veth1_macvtap: entered promiscuous mode
[  395.109029][T19175] batman_adv: batadv0: Interface activated: batadv_slave_0
[  395.154575][T19175] batman_adv: batadv0: Interface activated: batadv_slave_1
[  395.186680][T19175] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  395.195588][T19175] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  395.204351][T19175] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  395.213202][T19175] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  395.422235][T19272] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5719'.
[  395.486047][T19278] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  395.518427][T19283] loop4: detected capacity change from 0 to 512
[  395.800432][T19287] loop5: detected capacity change from 0 to 8192
[  395.845280][T19287]  loop5: p1 p2[DM] p4
[  395.849486][T19287] loop5: p1 size 196608 extends beyond EOD, truncated
[  395.857202][T19287] loop5: p2 start 4292936063 is beyond EOD, truncated
[  395.864155][T19287] loop5: p4 size 50331648 extends beyond EOD, truncated
[  396.338153][T19300] tmpfs: Bad value for 'mpol'
[  396.345936][T19300] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=19300 comm=syz.1.5726
[  396.346209][T19298] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.5727' sets config #0
[  396.397320][T19303] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=19303 comm=syz.1.5726
[  396.410136][T19303] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=19303 comm=syz.1.5726
[  396.875375][T19324] loop2: detected capacity change from 0 to 1024
[  396.882000][T19324] EXT4-fs: Ignoring removed orlov option
[  396.890345][T19324] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  397.423872][T19338] loop4: detected capacity change from 0 to 512
[  397.629092][T19343] loop5: detected capacity change from 0 to 8192
[  397.685314][T19343]  loop5: p1 p2[DM] p4
[  397.689718][T19343] loop5: p1 size 196608 extends beyond EOD, truncated
[  397.708382][T19343] loop5: p2 start 4292936063 is beyond EOD, truncated
[  397.715258][T19343] loop5: p4 size 50331648 extends beyond EOD, truncated
[  397.775671][T12464] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  397.846042][T19353] netlink: 'syz.2.5744': attribute type 1 has an invalid length.
[  397.862250][T19353] 8021q: adding VLAN 0 to HW filter on device bond1
[  397.874854][T19353] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5744'.
[  397.896407][T19353] bond1 (unregistering): Released all slaves
[  397.928023][T19356] netlink: 'syz.0.5745': attribute type 1 has an invalid length.
[  397.936391][T19356] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5745'.
[  397.971545][T19360] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5747'.
[  398.027180][T19360] loop2: detected capacity change from 0 to 1024
[  398.044540][T19360] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  398.054364][T19360] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  398.104641][T19360] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  398.127383][T19360] EXT4-fs error (device loop2): ext4_get_journal_inode:5798: inode #5: comm syz.2.5747: unexpected bad inode w/o EXT4_IGET_BAD
[  398.171269][T19360] EXT4-fs (loop2): no journal found
[  398.176618][T19360] EXT4-fs (loop2): can't get journal size
[  398.203192][T19360] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  398.261123][T12464] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  398.297618][T19366] tmpfs: Bad value for 'mpol'
[  398.333117][T19366] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=19366 comm=syz.2.5749
[  398.375238][T19368] tmpfs: Bad value for 'mpol'
[  398.381654][T19368] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=19368 comm=syz.5.5750
[  398.411257][T19369] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=19369 comm=syz.2.5749
[  398.423907][T19369] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=19369 comm=syz.2.5749
[  398.437861][T19370] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=19370 comm=syz.5.5750
[  398.450516][T19370] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=19370 comm=syz.5.5750
[  399.232947][T19393] loop5: detected capacity change from 0 to 512
[  399.247476][T19391] loop2: detected capacity change from 0 to 8192
[  399.480284][T19398] loop4: detected capacity change from 0 to 512
[  399.584479][T19409] tmpfs: Bad value for 'mpol'
[  399.613029][T19409] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=19409 comm=syz.4.5766
[  399.641435][T19413] 8021q: adding VLAN 0 to HW filter on device bond1
[  399.649124][T19413] team0: Port device bond1 added
[  399.680496][T19413] veth1_to_team: entered promiscuous mode
[  399.693261][T19413] team0: Port device team_slave_1 removed
[  399.765523][   T29] kauditd_printk_skb: 291 callbacks suppressed
[  399.765542][   T29] audit: type=1400 audit(1747411055.324:23068): avc:  denied  { wake_alarm } for  pid=19416 comm="syz.0.5769" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  399.815350][T19422] loop0: detected capacity change from 0 to 1024
[  399.822060][T19422] EXT4-fs: Ignoring removed orlov option
[  399.840820][T19422] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  400.104290][T19429] random: crng reseeded on system resumption
[  400.180501][T19434] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5774'.
[  400.189590][T19434] netlink: 108 bytes leftover after parsing attributes in process `syz.2.5774'.
[  400.198974][T19434] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5774'.
[  400.208179][T19434] netlink: 108 bytes leftover after parsing attributes in process `syz.2.5774'.
[  400.217290][T19434] netlink: 84 bytes leftover after parsing attributes in process `syz.2.5774'.
[  400.227991][T19435] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5772'.
[  400.237081][T19435] netlink: 108 bytes leftover after parsing attributes in process `syz.5.5772'.
[  400.371607][T19445] FAULT_INJECTION: forcing a failure.
[  400.371607][T19445] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  400.385269][T19445] CPU: 1 UID: 0 PID: 19445 Comm: syz.5.5779 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  400.385346][T19445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  400.385360][T19445] Call Trace:
[  400.385367][T19445]  <TASK>
[  400.385374][T19445]  __dump_stack+0x1d/0x30
[  400.385405][T19445]  dump_stack_lvl+0xe8/0x140
[  400.385476][T19445]  dump_stack+0x15/0x1b
[  400.385499][T19445]  should_fail_ex+0x265/0x280
[  400.385533][T19445]  should_fail+0xb/0x20
[  400.385569][T19445]  should_fail_usercopy+0x1a/0x20
[  400.385661][T19445]  _copy_from_user+0x1c/0xb0
[  400.385691][T19445]  ___sys_sendmsg+0xc1/0x1d0
[  400.385734][T19445]  __x64_sys_sendmsg+0xd4/0x160
[  400.385765][T19445]  x64_sys_call+0x2999/0x2fb0
[  400.385803][T19445]  do_syscall_64+0xd0/0x1a0
[  400.385883][T19445]  ? clear_bhb_loop+0x40/0x90
[  400.385911][T19445]  ? clear_bhb_loop+0x40/0x90
[  400.385987][T19445]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.386013][T19445] RIP: 0033:0x7fa1a5cbe969
[  400.386032][T19445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.386055][T19445] RSP: 002b:00007fa1a4327038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  400.386079][T19445] RAX: ffffffffffffffda RBX: 00007fa1a5ee5fa0 RCX: 00007fa1a5cbe969
[  400.386095][T19445] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  400.386150][T19445] RBP: 00007fa1a4327090 R08: 0000000000000000 R09: 0000000000000000
[  400.386162][T19445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  400.386177][T19445] R13: 0000000000000000 R14: 00007fa1a5ee5fa0 R15: 00007fffac28b7a8
[  400.386201][T19445]  </TASK>
[  400.389750][T19444] netlink: 'syz.2.5778': attribute type 1 has an invalid length.
[  400.469559][T19449] 8021q: adding VLAN 0 to HW filter on device bond1
[  400.576101][T19449] bond1: entered promiscuous mode
[  400.581695][T19449] team0: Port device bond1 added
[  400.587540][T19451] veth1_to_team: entered promiscuous mode
[  400.615330][T19444] 8021q: adding VLAN 0 to HW filter on device bond1
[  400.635498][T19448] bond1 (unregistering): Released all slaves
[  400.651771][T19445] team_slave_1 (unregistering): left promiscuous mode
[  400.659203][T19445] team0: Port device team_slave_1 removed
[  400.667138][T19447] veth1_to_team: entered promiscuous mode
[  400.680055][T19449] team_slave_1 (unregistering): left promiscuous mode
[  400.692126][T19449] team0: Port device team_slave_1 removed
[  400.718642][T19175] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  400.729213][   T29] audit: type=1326 audit(1747411056.274:23069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19457 comm="syz.2.5782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  400.752897][   T29] audit: type=1326 audit(1747411056.274:23070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19457 comm="syz.2.5782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  400.776651][   T29] audit: type=1326 audit(1747411056.274:23071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19457 comm="syz.2.5782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  400.781406][T19458] loop2: detected capacity change from 0 to 8192
[  400.800298][   T29] audit: type=1326 audit(1747411056.274:23072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19457 comm="syz.2.5782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  400.830406][   T29] audit: type=1326 audit(1747411056.274:23073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19457 comm="syz.2.5782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  400.854014][   T29] audit: type=1326 audit(1747411056.274:23074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19457 comm="syz.2.5782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  400.877665][   T29] audit: type=1326 audit(1747411056.274:23075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19457 comm="syz.2.5782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  400.901408][   T29] audit: type=1326 audit(1747411056.274:23076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19457 comm="syz.2.5782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  400.925160][   T29] audit: type=1326 audit(1747411056.274:23077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19457 comm="syz.2.5782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  401.002866][T19470] random: crng reseeded on system resumption
[  401.142537][T19475] loop5: detected capacity change from 0 to 8192
[  401.185613][T19475]  loop5: p1 p2[DM] p4
[  401.189833][T19475] loop5: p1 size 196608 extends beyond EOD, truncated
[  401.216592][T19475] loop5: p2 start 4292936063 is beyond EOD, truncated
[  401.223434][T19475] loop5: p4 size 50331648 extends beyond EOD, truncated
[  401.292031][T19486] tmpfs: Bad value for 'mpol'
[  401.594707][T19489] netlink: 'syz.2.5793': attribute type 1 has an invalid length.
[  401.608569][T19489] 8021q: adding VLAN 0 to HW filter on device bond1
[  401.621440][T19489] bond1 (unregistering): Released all slaves
[  401.695715][T19492] loop2: detected capacity change from 0 to 1024
[  401.702457][T19492] EXT4-fs: Ignoring removed orlov option
[  401.720669][T19492] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  401.816334][T19497] tmpfs: Bad value for 'mpol'
[  401.823893][T19497] selinux_netlink_send: 5 callbacks suppressed
[  401.823910][T19497] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=19497 comm=syz.5.5795
[  401.886381][T19499] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=19499 comm=syz.5.5795
[  401.898993][T19499] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=19499 comm=syz.5.5795
[  401.990138][T19506] FAULT_INJECTION: forcing a failure.
[  401.990138][T19506] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  402.003332][T19506] CPU: 1 UID: 0 PID: 19506 Comm: syz.0.5798 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  402.003368][T19506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  402.003427][T19506] Call Trace:
[  402.003432][T19506]  <TASK>
[  402.003441][T19506]  __dump_stack+0x1d/0x30
[  402.003468][T19506]  dump_stack_lvl+0xe8/0x140
[  402.003567][T19506]  dump_stack+0x15/0x1b
[  402.003589][T19506]  should_fail_ex+0x265/0x280
[  402.003623][T19506]  should_fail+0xb/0x20
[  402.003718][T19506]  should_fail_usercopy+0x1a/0x20
[  402.003745][T19506]  _copy_from_user+0x1c/0xb0
[  402.003775][T19506]  proc_disconnect_claim+0x50/0x370
[  402.003824][T19506]  usbdev_ioctl+0xe30/0x1710
[  402.003937][T19506]  ? __pfx_usbdev_ioctl+0x10/0x10
[  402.003971][T19506]  __se_sys_ioctl+0xcb/0x140
[  402.004002][T19506]  __x64_sys_ioctl+0x43/0x50
[  402.004032][T19506]  x64_sys_call+0x19a8/0x2fb0
[  402.004190][T19506]  do_syscall_64+0xd0/0x1a0
[  402.004219][T19506]  ? clear_bhb_loop+0x40/0x90
[  402.004241][T19506]  ? clear_bhb_loop+0x40/0x90
[  402.004263][T19506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.004358][T19506] RIP: 0033:0x7f8d1b7ae969
[  402.004378][T19506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  402.004402][T19506] RSP: 002b:00007f8d19e17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  402.004427][T19506] RAX: ffffffffffffffda RBX: 00007f8d1b9d5fa0 RCX: 00007f8d1b7ae969
[  402.004443][T19506] RDX: 0000200000002a40 RSI: 000000008108551b RDI: 0000000000000003
[  402.004497][T19506] RBP: 00007f8d19e17090 R08: 0000000000000000 R09: 0000000000000000
[  402.004509][T19506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  402.004521][T19506] R13: 0000000000000000 R14: 00007f8d1b9d5fa0 R15: 00007ffc6019c538
[  402.004542][T19506]  </TASK>
[  402.263869][T19512] random: crng reseeded on system resumption
[  402.392500][T11729] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  402.484667][T19524] loop0: detected capacity change from 0 to 8192
[  402.499307][T11729] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  402.577739][T11729] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  402.630940][T11729] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  402.643309][T12464] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  402.654796][T19503] chnl_net:caif_netlink_parms(): no params data found
[  402.744377][T19532] loop4: detected capacity change from 0 to 8192
[  402.764001][T19545] loop5: detected capacity change from 0 to 512
[  402.777902][T11729] bridge_slave_1: left allmulticast mode
[  402.783686][T11729] bridge_slave_1: left promiscuous mode
[  402.785370][T19532]  loop4: p1 p2[DM] p4
[  402.789485][T11729] bridge0: port 2(bridge_slave_1) entered disabled state
[  402.793879][T19532] loop4: p1 size 196608 extends beyond EOD, truncated
[  402.807982][T19532] loop4: p2 start 4292936063 is beyond EOD, truncated
[  402.814810][T19532] loop4: p4 size 50331648 extends beyond EOD, truncated
[  402.822123][T11729] bridge_slave_0: left promiscuous mode
[  402.827966][T11729] bridge0: port 1(bridge_slave_0) entered disabled state
[  402.939042][T11729] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  402.948043][T11729] bond_slave_0: left promiscuous mode
[  402.954817][T11729] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  402.964051][T11729] bond_slave_1: left promiscuous mode
[  402.970381][T11729] bond0 (unregistering): Released all slaves
[  402.979489][T11729] bond1 (unregistering): left promiscuous mode
[  402.986505][T11729] team0: Port device bond1 removed
[  402.993215][T11729] bond1 (unregistering): Released all slaves
[  403.004165][T19503] bridge0: port 1(bridge_slave_0) entered blocking state
[  403.011365][T19503] bridge0: port 1(bridge_slave_0) entered disabled state
[  403.018751][T19503] bridge_slave_0: entered allmulticast mode
[  403.025582][T19503] bridge_slave_0: entered promiscuous mode
[  403.033482][T11729] tipc: Disabling bearer <udp:syz2>
[  403.038852][T11729] tipc: Left network mode
[  403.045309][T11729] hsr_slave_0: left promiscuous mode
[  403.051024][T11729] hsr_slave_1: left promiscuous mode
[  403.056950][T11729] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  403.064464][T11729] batman_adv: batadv0: Removing interface: batadv_slave_0
[  403.072262][T11729] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  403.079873][T11729] batman_adv: batadv0: Removing interface: batadv_slave_1
[  403.090028][T11729] veth1_macvtap: left promiscuous mode
[  403.137971][T11729] team_slave_0 (unregistering): left promiscuous mode
[  403.145810][T11729] team0 (unregistering): Port device team_slave_0 removed
[  403.187385][T19503] bridge0: port 2(bridge_slave_1) entered blocking state
[  403.194493][T19503] bridge0: port 2(bridge_slave_1) entered disabled state
[  403.201709][T19503] bridge_slave_1: entered allmulticast mode
[  403.208910][T19503] bridge_slave_1: entered promiscuous mode
[  403.228160][T19503] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  403.239369][T19503] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  403.261007][T19503] team0: Port device team_slave_0 added
[  403.269288][T19503] team0: Port device team_slave_1 added
[  403.286671][T19503] batman_adv: batadv0: Adding interface: batadv_slave_0
[  403.293648][T19503] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  403.319646][T19503] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  403.331669][T19503] batman_adv: batadv0: Adding interface: batadv_slave_1
[  403.338698][T19503] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  403.364687][T19503] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  403.390381][T19503] hsr_slave_0: entered promiscuous mode
[  403.397103][T19503] hsr_slave_1: entered promiscuous mode
[  403.632148][T19561] loop2: detected capacity change from 0 to 1024
[  403.648645][T19561] EXT4-fs: Ignoring removed orlov option
[  403.659111][T19564] __nla_validate_parse: 5 callbacks suppressed
[  403.659136][T19564] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5817'.
[  403.669684][T19561] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  403.678734][T19564] vlan0: entered promiscuous mode
[  403.712818][T19503] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  403.724591][T19503] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  403.734236][T19503] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  403.757004][T19503] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  403.930684][T19575] loop5: detected capacity change from 0 to 8192
[  403.951182][T19503] 8021q: adding VLAN 0 to HW filter on device bond0
[  403.989766][T19503] 8021q: adding VLAN 0 to HW filter on device team0
[  404.035919][T11729] bridge0: port 1(bridge_slave_0) entered blocking state
[  404.043029][T11729] bridge0: port 1(bridge_slave_0) entered forwarding state
[  404.098201][T11729] bridge0: port 2(bridge_slave_1) entered blocking state
[  404.105408][T11729] bridge0: port 2(bridge_slave_1) entered forwarding state
[  404.123626][T19579] loop0: detected capacity change from 0 to 8192
[  404.176144][T19579]  loop0: p1 p2[DM] p4
[  404.180316][T19579] loop0: p1 size 196608 extends beyond EOD, truncated
[  404.188499][T19579] loop0: p2 start 4292936063 is beyond EOD, truncated
[  404.195472][T19579] loop0: p4 size 50331648 extends beyond EOD, truncated
[  404.235287][T19503] 8021q: adding VLAN 0 to HW filter on device batadv0
[  404.335830][T19503] veth0_vlan: entered promiscuous mode
[  404.346430][T19503] veth1_vlan: entered promiscuous mode
[  404.367664][T19503] veth0_macvtap: entered promiscuous mode
[  404.378102][T19503] veth1_macvtap: entered promiscuous mode
[  404.402416][T19503] batman_adv: batadv0: Interface activated: batadv_slave_0
[  404.414289][T19503] batman_adv: batadv0: Interface activated: batadv_slave_1
[  404.424269][T19503] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  404.433156][T19503] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  404.442174][T19503] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  404.451007][T19503] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  404.503066][T12464] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  404.806647][   T29] kauditd_printk_skb: 200 callbacks suppressed
[  404.806701][   T29] audit: type=1326 audit(1747411060.364:23278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19612 comm="syz.2.5829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  404.840731][   T29] audit: type=1326 audit(1747411060.364:23279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19612 comm="syz.2.5829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  404.864456][   T29] audit: type=1326 audit(1747411060.364:23280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19612 comm="syz.2.5829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  404.891260][   T29] audit: type=1326 audit(1747411060.454:23281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19612 comm="syz.2.5829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  404.914985][   T29] audit: type=1326 audit(1747411060.454:23282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19612 comm="syz.2.5829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  404.945447][   T29] audit: type=1326 audit(1747411060.504:23283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19612 comm="syz.2.5829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  404.969137][   T29] audit: type=1326 audit(1747411060.504:23284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19612 comm="syz.2.5829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  404.998599][   T29] audit: type=1326 audit(1747411060.534:23285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19612 comm="syz.2.5829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  405.022396][   T29] audit: type=1326 audit(1747411060.534:23286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19612 comm="syz.2.5829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  405.042750][T19624] loop5: detected capacity change from 0 to 1024
[  405.046032][   T29] audit: type=1326 audit(1747411060.534:23287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19612 comm="syz.2.5829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e23bfe969 code=0x7ffc0000
[  405.052717][T19624] EXT4-fs: Ignoring removed orlov option
[  405.085796][T19624] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  405.232957][T19635] FAULT_INJECTION: forcing a failure.
[  405.232957][T19635] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  405.246239][T19635] CPU: 1 UID: 0 PID: 19635 Comm: syz.4.5834 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  405.246275][T19635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  405.246293][T19635] Call Trace:
[  405.246300][T19635]  <TASK>
[  405.246309][T19635]  __dump_stack+0x1d/0x30
[  405.246337][T19635]  dump_stack_lvl+0xe8/0x140
[  405.246379][T19635]  dump_stack+0x15/0x1b
[  405.246398][T19635]  should_fail_ex+0x265/0x280
[  405.246436][T19635]  should_fail+0xb/0x20
[  405.246472][T19635]  should_fail_usercopy+0x1a/0x20
[  405.246553][T19635]  _copy_from_user+0x1c/0xb0
[  405.246582][T19635]  ___sys_sendmsg+0xc1/0x1d0
[  405.246629][T19635]  __x64_sys_sendmsg+0xd4/0x160
[  405.246660][T19635]  x64_sys_call+0x2999/0x2fb0
[  405.246700][T19635]  do_syscall_64+0xd0/0x1a0
[  405.246778][T19635]  ? clear_bhb_loop+0x40/0x90
[  405.246804][T19635]  ? clear_bhb_loop+0x40/0x90
[  405.246832][T19635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.246858][T19635] RIP: 0033:0x7f8bf8b5e969
[  405.246934][T19635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  405.247037][T19635] RSP: 002b:00007f8bf71c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  405.247061][T19635] RAX: ffffffffffffffda RBX: 00007f8bf8d85fa0 RCX: 00007f8bf8b5e969
[  405.247078][T19635] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  405.247094][T19635] RBP: 00007f8bf71c7090 R08: 0000000000000000 R09: 0000000000000000
[  405.247179][T19635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  405.247194][T19635] R13: 0000000000000000 R14: 00007f8bf8d85fa0 R15: 00007ffd5e969298
[  405.247219][T19635]  </TASK>
[  405.520624][T19645] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5840'.
[  405.545995][T19645] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5840'.
[  405.555066][T19645] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5840'.
[  405.620787][T19648] loop2: detected capacity change from 0 to 512
[  405.664100][T19648] EXT4-fs error (device loop2): __ext4_iget:5025: inode #2: block 3: comm syz.2.5841: invalid block
[  405.676779][T19648] EXT4-fs (loop2): Remounting filesystem read-only
[  405.683335][T19648] EXT4-fs (loop2): get root inode failed
[  405.689058][T19648] EXT4-fs (loop2): mount failed
[  405.888495][T19664] random: crng reseeded on system resumption
[  405.911628][T13448] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.954575][T19665] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5848'.
[  405.963673][T19665] netlink: 108 bytes leftover after parsing attributes in process `syz.0.5848'.
[  405.973467][T19665] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5848'.
[  405.982589][T19665] netlink: 108 bytes leftover after parsing attributes in process `syz.0.5848'.
[  405.991819][T19665] netlink: 84 bytes leftover after parsing attributes in process `syz.0.5848'.
[  406.001922][T19667] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5847'.
[  406.079722][T19677] netlink: 'syz.5.5853': attribute type 1 has an invalid length.
[  406.093430][T19677] 8021q: adding VLAN 0 to HW filter on device bond1
[  406.105464][T19677] bond1 (unregistering): Released all slaves
[  406.225300][T19688] loop0: detected capacity change from 0 to 8192
[  406.300615][T19694] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  406.332690][T19696] loop5: detected capacity change from 0 to 1024
[  406.339558][T19696] EXT4-fs: Ignoring removed orlov option
[  406.348052][T19696] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  406.449472][T19698] ==================================================================
[  406.457627][T19698] BUG: KCSAN: data-race in __mark_inode_dirty / writeback_single_inode
[  406.465932][T19698] 
[  406.468284][T19698] write to 0xffff8881117b4a98 of 4 bytes by task 19696 on cpu 1:
[  406.476026][T19698]  writeback_single_inode+0x14a/0x3e0
[  406.481451][T19698]  sync_inode_metadata+0x5b/0x90
[  406.486432][T19698]  generic_buffers_fsync_noflush+0xd9/0x120
[  406.492360][T19698]  ext4_sync_file+0x1ab/0x690
[  406.497077][T19698]  vfs_fsync_range+0x10d/0x130
[  406.501878][T19698]  ext4_buffered_write_iter+0x34f/0x3c0
[  406.507459][T19698]  ext4_file_write_iter+0x383/0xf00
[  406.512701][T19698]  iter_file_splice_write+0x5ef/0x970
[  406.518101][T19698]  direct_splice_actor+0x156/0x2a0
[  406.523247][T19698]  splice_direct_to_actor+0x312/0x680
[  406.528652][T19698]  do_splice_direct+0xda/0x150
[  406.533449][T19698]  do_sendfile+0x380/0x640
[  406.537899][T19698]  __x64_sys_sendfile64+0x105/0x150
[  406.543144][T19698]  x64_sys_call+0xb39/0x2fb0
[  406.547844][T19698]  do_syscall_64+0xd0/0x1a0
[  406.552389][T19698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.558307][T19698] 
[  406.560641][T19698] read to 0xffff8881117b4a98 of 4 bytes by task 19698 on cpu 0:
[  406.568292][T19698]  __mark_inode_dirty+0x52/0x760
[  406.573266][T19698]  ext4_write_inline_data_end+0x3c9/0x5d0
[  406.579018][T19698]  ext4_write_end+0x4cd/0x730
[  406.583745][T19698]  generic_perform_write+0x30f/0x490
[  406.589070][T19698]  ext4_buffered_write_iter+0x1ee/0x3c0
[  406.594650][T19698]  ext4_file_write_iter+0x383/0xf00
[  406.599899][T19698]  iter_file_splice_write+0x5ef/0x970
[  406.605376][T19698]  direct_splice_actor+0x156/0x2a0
[  406.610530][T19698]  splice_direct_to_actor+0x312/0x680
[  406.615933][T19698]  do_splice_direct+0xda/0x150
[  406.620714][T19698]  do_sendfile+0x380/0x640
[  406.625140][T19698]  __x64_sys_sendfile64+0x105/0x150
[  406.630361][T19698]  x64_sys_call+0xb39/0x2fb0
[  406.634985][T19698]  do_syscall_64+0xd0/0x1a0
[  406.639504][T19698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.645406][T19698] 
[  406.647732][T19698] value changed: 0x00000038 -> 0x00000002
[  406.653450][T19698] 
[  406.655776][T19698] Reported by Kernel Concurrency Sanitizer on:
[  406.661929][T19698] CPU: 0 UID: 0 PID: 19698 Comm: syz.5.5860 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  406.674452][T19698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  406.684528][T19698] ==================================================================
[  407.183547][T13448] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.