last executing test programs:

3.619109856s ago: executing program 2 (id=3855):
syz_emit_ethernet(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r0 = io_uring_setup(0x734a, &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mlockall(0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x1b, &(0x7f0000000a40)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}}, @printk], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$hwrng(0xffffffffffffff9c, &(0x7f00000004c0), 0x500, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x9)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

3.213571903s ago: executing program 2 (id=3859):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000020000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r0}, 0x18)
r1 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x29)
r2 = syz_open_procfs(0x0, &(0x7f00000007c0)='map_files\x00')
getdents64(r2, &(0x7f0000001fc0)=""/4086, 0xff6)

3.141017829s ago: executing program 2 (id=3862):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB="0000b308150c865c396b34e6000000005490ca7f9fcd62b2000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa220000000000000000000000000ffb703000008000000b7040000000000008500000058b2c8c67ec0895f530f43e82e97f21517ca613abaa75cb0126bf96d7735854ae19b6b94b264413d08d50ece7c2dadd40d57fa279ad613872e571e8206656850ffa8a841ef00f51961d191689edd6d9e4e836900000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b00000007000000050000000800000005000000", @ANYRESOCT=r2, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRESDEC=r0, @ANYRES64], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
close(r2)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0x0, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_aout(r6, &(0x7f00000003c0)=ANY=[@ANYRESHEX, @ANYRES64=r6], 0xfffffda8)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000005, 0x12, r6, 0x0)
write$bt_hci(r5, &(0x7f00000002c0)=ANY=[], 0x6)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r6, 0xc0605345, &(0x7f00000002c0)={0x3, 0x2, {0x0, 0x3, 0x9, 0x3, 0x500}, 0x4a})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = open$dir(&(0x7f0000000040)='./file0\x00', 0x4000, 0x12)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x22140, 0x10)
move_mount(r7, &(0x7f0000000080)='./file0\x00', r8, &(0x7f0000000200)='./file0\x00', 0x54)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00', r9}, 0x10)

2.868499875s ago: executing program 4 (id=3864):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000044700000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/54, 0x328000, 0x800, 0x0, 0x2}, 0x20)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

2.758761605s ago: executing program 4 (id=3866):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = syz_open_procfs(0x0, &(0x7f0000000400)='ns\x00')
readlinkat(r0, &(0x7f0000000100)='./mnt\x00', &(0x7f0000000440)=""/163, 0xa3) (fail_nth: 11)

2.468447992s ago: executing program 4 (id=3868):
open(&(0x7f0000000080)='./bus\x00', 0x143c62, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setresgid(0xee00, 0x0, 0x0)
setresgid(0x0, 0xee01, 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRES32], 0x5c}}, 0x0)
r3 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3804402, &(0x7f0000000600)={[{@user_xattr}, {@data_err_abort}, {@resuid}, {@errors_remount}, {@norecovery}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@stripe={'stripe', 0x3d, 0x5}}, {@noinit_itable}, {@nomblk_io_submit}, {@grpquota}, {@nogrpid}]}, 0x1, 0x54f, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
r4 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x80044940, &(0x7f00000030c0)={0x0, ""/256, <r5=>0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, <r6=>0x0, <r7=>0x0, <r8=>0x0})
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4203c, &(0x7f00000003c0)=ANY=[@ANYRES64=r5, @ANYRES8, @ANYRESHEX=r6, @ANYRESDEC, @ANYRES32=r3, @ANYRESDEC=r5, @ANYRESDEC=r8, @ANYRES8=0x0, @ANYRES8, @ANYRES64=r7], 0x0, 0x0, &(0x7f0000000000))
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r9}, 0x10)
r10 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r10, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x2172, 0xffffffffffffffff, 0x0)
sendmsg$rds(r10, &(0x7f0000001600)={&(0x7f0000000040)={0x2, 0x2, @private=0xa010101}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000000140)=[{&(0x7f0000002640)=""/102387, 0x18ff3}], 0x1, 0x7b, 0x3}}], 0x48}, 0x0)
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000740)={{r1}, r7, 0x8, @inherit={0x50, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000700000000000000000000050000000000000000010000800000000024000000000000000400000000000000fe00ed85be1f520744dd00000000000007000000000000000800000000000000"]}, @subvolid=0x8000000000000001})
r11 = msgget$private(0x0, 0x8d)
msgrcv(r11, 0x0, 0x0, 0x3, 0x3000)
msgsnd(r11, &(0x7f0000000240)={0x3}, 0x8, 0x800)
mount(&(0x7f0000000000)=@md0, &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x800000)

2.456206953s ago: executing program 2 (id=3871):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000480)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getitimer(0xe, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
statx(0xffffffffffffffff, 0x0, 0x6000, 0x153146e58b5e3128, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYRES32], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/exec\x00')
writev(r2, &(0x7f0000000300)=[{&(0x7f00000002c0)='O', 0x1}], 0x1)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$nl_rdma(0x10, 0x3, 0x14)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x58, '\x00', 0x0, 0x25, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat(r4, &(0x7f0000000300)='./file0\x00', 0x6a1c2, 0x170)
fcntl$lock(r3, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r3, 0x26, &(0x7f00000031c0))

1.831914651s ago: executing program 1 (id=3888):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="76919fdf8451734904000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r5, 0x2000000, 0xe, 0x0, &(0x7f0000000500)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYRESOCT=r0], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r6}, &(0x7f0000000280), &(0x7f00000002c0)=r7}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='module_request\x00'}, 0x10)
socketpair(0x0, 0x0, 0x0, &(0x7f00000006c0))
openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sync()
sync()
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000b80000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x90)

1.773365206s ago: executing program 1 (id=3890):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae091f75cd9701ffa62891f686bfbb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003875c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x2, 0x7b7f, 0x0, 0x1030, 0xffffffffffffffff, 0xb75, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4, 0x4, 0xd, @void, @value, @void, @value}, 0x48)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
syz_clone3(&(0x7f0000000980)={0x10009c00, 0x0, 0x0, 0x0, {}, 0x0, 0x9, 0x0, 0x0}, 0xa2)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000080), 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83c6e613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038d0100a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b17680100969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06de269e97fbb0776bf56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105cfdf8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f01000080000000004febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60133641a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2e9a20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1015ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846899c6b23c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33694f40000000000005d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b95bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca86f750189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc681b6c9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8504611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c01446234437b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c64cd14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e87973d574ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7430100bf3825a1996c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb150963b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b16500"/4081], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000002c0)='kfree\x00', r2}, 0x10)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0xfe6f)
socket$packet(0x11, 0x3, 0x300)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000280)={&(0x7f0000001480)={0x550, r4, 0x4, 0x70bd28, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_TID_CONFIG={0x4e0, 0x11d, 0x0, 0x1, [{0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}, {0x4b0, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xda}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x268, 0xd, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x40, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x0, 0x2a, 0x3ff, 0x1, 0x81, 0x7, 0x1, 0x4]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_LTF={0x5}]}, @NL80211_BAND_60GHZ={0x74, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x42, 0x2, [{0x2, 0x5}, {0x4}, {0x6, 0x8}, {0x7, 0x8}, {0x2, 0x6}, {0x5, 0x2}, {0x5, 0x6}, {0x5, 0x9}, {0x5, 0x4}, {0x4, 0x2}, {0x0, 0x4}, {0x2, 0xa}, {0x1, 0x1}, {0x3}, {0x5, 0x9}, {0x4, 0x9}, {0x0, 0x7}, {0x0, 0x4}, {0x7, 0x8}, {0x0, 0x9}, {0x5, 0x1}, {0x6, 0x4}, {0x1, 0xa}, {0x0, 0xa}, {0x2, 0x4}, {0x3, 0xa}, {0x1, 0x8}, {0x6, 0x3}, {0x0, 0x6}, {0x7}, {0x2, 0x9}, {0x1, 0x6}, {0x1, 0x2}, {0x2, 0x4}, {0x4, 0x9}, {0x6, 0x5}, {0x6, 0x2}, {0x5, 0x9}, {0x0, 0x9}, {0x3, 0x4}, {0x5, 0x4}, {0x6, 0x5}, {0x3, 0x4}, {0x6, 0x1}, {0x0, 0x9}, {0x6, 0x4}, {0x0, 0x9}, {0x4, 0xa}, {0x3, 0x5}, {0x5, 0x3}, {0x7, 0x7}, {0x6, 0x5}, {0x0, 0x8}, {0x5, 0x2}, {0x7, 0xa}, {0x5, 0x6}, {0x2, 0x8}, {0x6, 0x9}, {0x6, 0x3}, {0x5, 0x3}, {0x3, 0x9}, {0x3, 0x7}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x800, 0x4, 0xfffa, 0x0, 0x7, 0xffff, 0x6, 0x9]}}]}, @NL80211_BAND_2GHZ={0x68, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x4000, 0x4, 0x8, 0x800, 0x3, 0x0, 0x1]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3c, 0x3ff, 0x8632, 0x6, 0x401, 0x4, 0x9, 0xc46]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x10, 0x9, 0x8, 0x3, 0x1, 0x9, 0x8, 0x8001]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8000, 0x8000, 0xef, 0x400, 0x9, 0x1, 0x2, 0x7fff]}}, @NL80211_TXRATE_HT={0xa, 0x2, [{0x1, 0x6}, {0x1, 0x3}, {0x6, 0x8}, {0x7, 0xa}, {0x5, 0x6}, {0x5, 0x6}]}]}, @NL80211_BAND_6GHZ={0x10c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xa, 0x1, [0x9, 0x60, 0x60, 0x24, 0x6, 0x0]}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x47e9, 0xf6, 0x9, 0x40, 0x10, 0x4, 0x6, 0x6]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x1, 0xfe, 0x401, 0x6, 0x95d, 0x9, 0x6]}}, @NL80211_TXRATE_HT={0x3d, 0x2, [{0x1, 0x4}, {0x0, 0x1}, {0x0, 0x2}, {0x2, 0x1}, {0x3}, {0x0, 0x5}, {0x2, 0x2}, {0x7}, {0x1, 0x8}, {0x6, 0x9}, {0x4}, {0x5, 0x6}, {0x4, 0x3}, {0x6, 0xa}, {0x2, 0x6}, {0x5, 0x2}, {0x4, 0x5}, {0x5, 0x7}, {0x2, 0x1}, {0x3}, {0x2, 0x6}, {0x4, 0x8}, {0x1, 0x6}, {0x1, 0x6}, {0x1, 0x5}, {0x0, 0xa}, {0x1, 0xa}, {0x6, 0x8}, {0x5, 0x9}, {0x0, 0x7}, {0x3, 0x5}, {0x1, 0x1}, {0x7, 0x8}, {0x3, 0x9}, {0x2, 0x3}, {}, {0x2, 0x2}, {0x2, 0x8}, {0x0, 0x5}, {0x4, 0x5}, {0x3, 0x4}, {0x0, 0x2}, {0x0, 0x6}, {0x3, 0x5}, {0x4, 0x6}, {0x5, 0x4}, {0x0, 0x6}, {0x5, 0x3}, {0x4, 0xa}, {0x7, 0x3}, {0x4, 0x8}, {0x6, 0x8}, {0x7, 0x9}, {0x0, 0x8}, {0x4, 0x5}, {0x1, 0x6}, {0x3, 0x7}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x2e40, 0xa9, 0x7, 0x5, 0x1ff, 0x7, 0x3a75]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x10, 0x3, 0x0, 0x81, 0x8, 0x8, 0x2]}}, @NL80211_TXRATE_HT={0x4f, 0x2, [{0x6, 0x8}, {0x5, 0x9}, {0x3, 0x5}, {0x1, 0xa}, {0x0, 0x5}, {0x5}, {}, {0x1, 0x5}, {0x2, 0x4}, {0x7, 0x3}, {0x5, 0x8}, {0x3, 0x5}, {0x1, 0x1}, {0x4, 0x4}, {0x6, 0x9}, {0x3, 0x2}, {0x0, 0x8}, {}, {0x4, 0xa}, {0x3, 0x6}, {0x3, 0x8}, {0x2, 0x8}, {0x0, 0x2}, {0x6, 0xa}, {0x1, 0x5}, {0x1, 0x9}, {0x2, 0x4}, {0x3, 0x3}, {0x5, 0x8}, {0x3, 0xa}, {0x3, 0x4}, {0x2, 0x3}, {0x0, 0x1}, {0x3, 0x4}, {0x6}, {0x4, 0x8}, {0x1, 0x7}, {0x2, 0x7}, {0x3, 0x1}, {0x3, 0x2}, {0x1, 0x2}, {0x1, 0x9}, {0x3, 0x9}, {0x7, 0x1}, {0x0, 0x3}, {0x0, 0xa}, {0x5, 0x8}, {0x5, 0x6}, {0x0, 0x8}, {0x3, 0xa}, {0x1, 0x4}, {0x3, 0x7}, {0x4, 0x2}, {0x5, 0x9}, {0x6, 0x6}, {0x0, 0x1}, {0x2}, {0x7, 0x1}, {0x0, 0x6}, {0x0, 0x2}, {0x1, 0xa}, {0x7, 0x2}, {0x0, 0x1}, {0x2, 0x3}, {0x7, 0x4}, {0x5, 0x6}, {0x5, 0x4}, {0x6, 0x7}, {0x2, 0x7}, {0x3, 0xa}, {0x3, 0x6}, {0x1, 0x1}, {0x4, 0x9}, {0x4, 0x8}, {0x1}]}, @NL80211_TXRATE_HT={0x13, 0x2, [{0x5, 0x3}, {0x6, 0x9}, {0x6}, {0x2, 0x9}, {0x0, 0x6}, {0x7, 0x3}, {0x6, 0x5}, {0x4, 0xa}, {0x7, 0x4}, {0x3, 0x5}, {0x2, 0x1}, {0x1, 0x1}, {0x7, 0x3}, {0x5, 0xa}, {0x0, 0x5}]}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_5GHZ={0x30, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x22, 0x1, [0x0, 0x5, 0x12, 0x1b, 0x4, 0x9, 0x2, 0x14, 0x16, 0x5, 0x3, 0x1, 0x9, 0x30, 0x460d29f9008c47e0, 0x30, 0x6, 0x6c, 0xdd76b73c4441eb44, 0x4, 0x36, 0x5, 0x30, 0x1, 0x2, 0x4, 0x12, 0x48, 0x9, 0x9]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}]}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x214, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x60, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0xffff, 0x9, 0x7, 0x1000, 0x1, 0xfff8, 0x9]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xe5, 0x6, 0x7ff, 0x7fff, 0x10, 0x2, 0xb35, 0x1]}}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x48, 0x12, 0x36, 0x0, 0x5, 0xb, 0x5, 0x1, 0x18, 0x16, 0x3, 0xc, 0x58, 0x2, 0x75]}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_6GHZ={0xc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_5GHZ={0x18, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x6, 0x8, 0x6, 0x1, 0x9, 0x1, 0xa]}}]}, @NL80211_BAND_60GHZ={0xb0, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4c, 0x2, [{0x3, 0x4}, {0x2}, {0x2, 0x1}, {0x1, 0x2}, {0x5}, {0x1, 0x9}, {0x2}, {0x7, 0x3}, {0x6, 0x9}, {0x4, 0x9}, {0x6, 0x5}, {0x0, 0x4}, {0x0, 0x9}, {0x0, 0x9}, {0x5, 0x7}, {0x7, 0xa}, {0x0, 0x8}, {0x2, 0x1}, {0x6, 0x2}, {0x0, 0x5}, {0x0, 0x8}, {0x5, 0x9}, {0x4}, {0x0, 0x5}, {0x0, 0x4}, {0x0, 0x1}, {0x3, 0x2}, {0x0, 0x1}, {0x1, 0xa}, {0x4, 0x6}, {0x4, 0x8}, {0x0, 0x7}, {0x5}, {0x1, 0x5}, {0x2, 0x8}, {0x4, 0x9}, {0x2, 0x7}, {0x7, 0x4}, {0x0, 0xa}, {0x6}, {0x6, 0x7}, {0x4, 0x4}, {0x4, 0x5}, {0x3, 0x2}, {0x4, 0x8}, {0x0, 0x2}, {0x1, 0x5}, {0x7, 0x1}, {0x2, 0xa}, {0x2, 0x4}, {0x4, 0x9}, {0x4, 0x3}, {0x7, 0x4}, {0x3, 0x2}, {0x1, 0x1}, {0x7, 0xa}, {0x5, 0x6}, {0x0, 0x7}, {0x4, 0x2}, {0x5, 0x5}, {0x0, 0x3}, {0x2, 0x3}, {0x7, 0x5}, {0x0, 0x3}, {0x0, 0x7}, {0x2, 0x3}, {0x1, 0x2}, {0x5, 0x5}, {0x2, 0xa}, {0x7, 0x5}, {0x5, 0x6}, {0x0, 0x2}]}, @NL80211_TXRATE_LEGACY={0xc, 0x1, [0x0, 0x6, 0x60, 0x24, 0x3, 0x24, 0x18, 0x6]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HT={0x4b, 0x2, [{0x0, 0x3}, {0x5, 0x4}, {0x2, 0x9}, {0x7, 0x3}, {0x3, 0x8}, {0x6, 0x8}, {0x5, 0x4}, {0x4, 0x6}, {0x5, 0x7}, {0x1, 0x8}, {0x2, 0x4}, {0x0, 0x3}, {0x0, 0x9}, {0x6, 0x4}, {0x6, 0x7}, {0x5, 0xa}, {0x1, 0x5}, {0x3, 0x8}, {0x6, 0x8}, {0x3, 0x6}, {0x4, 0x1}, {0x4, 0x2}, {0x5, 0x2}, {0x4, 0x8}, {0x1, 0x4}, {}, {0x0, 0x8}, {0x5, 0x1}, {0x2}, {0x1, 0x2}, {0x1, 0x2}, {0x5, 0x7}, {0x3, 0x3}, {0x2, 0x4}, {}, {0x5, 0x1}, {0x0, 0x1}, {0x0, 0x3}, {0x3, 0x4}, {0x6, 0x3}, {0x7, 0x1}, {0x1, 0x4}, {0x0, 0x4}, {0x4, 0x8}, {0x7, 0x9}, {0x1, 0xa}, {0x3, 0x4}, {0x0, 0x5}, {0x2, 0x6}, {0x0, 0x5}, {0x3, 0x6}, {0x2, 0x5}, {0x7, 0x9}, {0x0, 0xa}, {0x0, 0x5}, {0x6, 0x6}, {0x2, 0x9}, {0x3, 0x3}, {0x1, 0x1d}, {0x7, 0x8}, {0x3, 0x8}, {}, {0x3, 0x3}, {0x3}, {0x5, 0x6}, {0x1}, {0x7, 0x2}, {0x3, 0x3}, {0x2, 0x7}, {0x7, 0x6}, {0x5}]}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_60GHZ={0x48, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x81, 0xfffc, 0xff, 0x6, 0x1ff, 0x8, 0x78f]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x8, 0x1000, 0xfffe, 0x8000, 0x6, 0x4, 0x9]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x0, 0xb82, 0x9, 0x9, 0x3, 0x8000, 0x2, 0xe]}}]}, @NL80211_BAND_2GHZ={0x18, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x12, 0x1, [0x7f, 0x30, 0x48, 0x7a, 0x0, 0x4, 0x30, 0x30, 0x4, 0x36, 0x5, 0x6, 0x24, 0x2]}]}, @NL80211_BAND_60GHZ={0x18, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xd475, 0x4, 0x86bf, 0x8, 0x1, 0x0, 0x0, 0xa]}}]}, @NL80211_BAND_60GHZ={0x58, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x6, 0xb, 0x8, 0x8, 0x3, 0x800, 0x4]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x3}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x4, 0x93a, 0x81, 0xc1, 0x7, 0x417f, 0x1000]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x91, 0x101, 0x6, 0x7, 0x3, 0x1, 0x2]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x11}]}]}, @NL80211_ATTR_TID_CONFIG={0x58, 0x11d, 0x0, 0x1, [{0x34, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x1b}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x4}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}]}, {0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x25}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x3}]}]}, @NL80211_ATTR_TID_CONFIG={0x4}]}, 0x550}, 0x1, 0x0, 0x0, 0x80}, 0x40000)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000080), 0x2, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000100), 0x2, 0x8}}, 0x20)
close(r6)
sendto$inet6(r3, 0x0, 0x0, 0x20010004, 0x0, 0x0)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_REMOVE(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x14, r8, 0x1, 0x0, 0x0, {0x4}}, 0x14}, 0x1, 0xfcffffff00000000}, 0x0)

1.751035888s ago: executing program 1 (id=3891):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20)
unshare(0x22020600)
pwritev2(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)

1.655780247s ago: executing program 1 (id=3892):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="76919fdf8451734904000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r4, 0x2000000, 0xe, 0x0, &(0x7f0000000500)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r5}, &(0x7f0000000280), &(0x7f00000002c0)=r6}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='module_request\x00'}, 0x10)
socketpair(0x0, 0x0, 0x0, &(0x7f00000006c0))
openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sync()
sync()
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000b80000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x90)

1.537797928s ago: executing program 2 (id=3893):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
set_mempolicy(0x3, &(0x7f0000000400)=0x3bf000000, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
r2 = socket$inet(0x2, 0x200000002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000900], 0x2, 0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000001000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000"]}, 0x108)
r3 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r6=>0x0})
connect$can_bcm(r5, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r5, &(0x7f0000000180)={&(0x7f0000000000)={0x1d, r6}, 0x10, &(0x7f0000000140)={&(0x7f0000000040)={0x1, 0x922, 0x0, {0x0, 0x2710}, {0x0, 0x2710}, {}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "5c91440132bb112240fcbcc3fa9d0431575f8614d3538ce09c50eecd6ac579e8e83b944b666113f3afed71231e6653a13532f17b33515bdd7e1be14f53b9fc9b"}}, 0x80}}, 0x0)
sendmsg$can_bcm(r5, &(0x7f0000000440)={&(0x7f0000000300)={0x1d, r6}, 0x10, &(0x7f0000000340)={&(0x7f00000004c0)=ANY=[@ANYRES8=r4, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x77359400, @ANYRESDEC=r0, @ANYBLOB="0000000501"], 0x48}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = getuid()
setresuid(0xee00, r8, 0x0)

1.537395578s ago: executing program 4 (id=3894):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0))
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000056, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@noblock_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
truncate(&(0x7f00000005c0)='./file1\x00', 0x2ba4)
pwritev2(r0, &(0x7f0000000500)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0xa00, 0x80000001, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x2006, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0xffffffff, <r4=>0x0}, 0x8)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000600)={0xd8, 0x1403, 0x30, 0x70bd2b, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'netpci0\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'bridge0\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'veth0_to_bridge\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'nicvf0\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth1_to_batadv\x00'}}]}, 0xd8}, 0x1, 0x0, 0x0, 0x40000}, 0x4001)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000001000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008180000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r6}, 0x10)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x201, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="180100001700ae0900001c00000000008500000075faffff94"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000000c0)='signal_generate\x00', r7}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000200)='sys_enter\x00', r7}, 0x2b)
move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x6b, 0x11, 0x32}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x88}, @exit={0x95, 0x0, 0x33}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xb8000000, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r8, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000380)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x80}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x2000, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0xc2, 0x0, 0x0, 0x0, {[@mptcp=@capable={0x1e, 0xc, 0x8, 0x8, 0x0, 0xffffffffffffffff}]}}}}}}}, 0x0)
r9 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[], 0x0)
syz_usb_control_io$hid(r9, 0x0, 0x0)
syz_usb_disconnect(r9)

1.479876763s ago: executing program 1 (id=3895):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000080)=[{{0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x1}}, {{}, {0x0, 0x0, 0x1, 0x1}}], 0x10)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0xa)

1.461850735s ago: executing program 2 (id=3897):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000020001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_WOL_GET(r0, &(0x7f0000000480)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000200)={&(0x7f0000000400)={0x5c, 0x0, 0x20, 0x70bd28, 0x25dfdbfd, {}, [@HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000800}, 0x20000000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000100)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)

1.461645365s ago: executing program 1 (id=3898):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000020001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_WOL_GET(r0, &(0x7f0000000480)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000200)={&(0x7f0000000400)={0x5c, 0x0, 0x20, 0x70bd28, 0x25dfdbfd, {}, [@HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000800}, 0x20000000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000100)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)

1.310226869s ago: executing program 0 (id=3899):
timer_create(0x9, 0x0, &(0x7f0000000540)=<r0=>0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0000cf1e0000000019000000c766008000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000140000ebb7030000000000008500000005000000bf09000000000000b50901000000001826000000f9ffffff180100002020702500000000802020207b9a00fe00000000bda9f9ff0000000037010000f8ffffffb702000008000000b70300000000000004000000060000002da0000000000000b5030000000000008500000076000000b70000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
timer_settime(0x0, 0x1, &(0x7f00000007c0)={{0x0, 0x3938700}, {0x77359400}}, 0x0)
timer_settime(r0, 0x0, &(0x7f0000000f80), &(0x7f0000000600))

1.268129603s ago: executing program 0 (id=3900):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000340)={[{@abort}, {@minixdf}, {@grpjquota}]}, 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
pwritev2(r2, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
sendfile(r2, r2, 0x0, 0x7a680000)

995.420308ms ago: executing program 0 (id=3902):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000044700000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/54, 0x328000, 0x800, 0x0, 0x2}, 0x20)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

881.726129ms ago: executing program 0 (id=3903):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000480)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getitimer(0xe, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
statx(0xffffffffffffffff, 0x0, 0x6000, 0x153146e58b5e3128, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYRES32], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/exec\x00')
writev(r2, &(0x7f0000000300)=[{&(0x7f00000002c0)='O', 0x1}], 0x1)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x6a1c2, 0x170)
fcntl$lock(r3, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r3, 0x26, &(0x7f00000031c0))

568.052298ms ago: executing program 4 (id=3906):
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file1\x00', 0x3014490, &(0x7f0000000100)={[{@nombcache}, {@usrjquota}, {@errors_remount}, {@norecovery}, {@abort}, {@mblk_io_submit}, {@nouid32}, {@barrier_val}, {@grpjquota}, {}]}, 0x45, 0x7ce, &(0x7f0000000500)="$eJzs3c9rHNcdAPDvrFY/7VYqlLYuFBYKrcF4Vbmq3UKhKj2UQg2G5JRDbLFaC0crrdGujCVEYhMCuQSSkFty8Tk/LyHX/IDkkvwfwcZJZBOHHILC7A9pJe/aK0faje3PB8Z6b+fNvPfdN/P2STOeDeCxlUv/yUQciYiXk4jxxutJRAzWUtmImXq5OxvrhXRJYnPzia+TWpnbG+uFaNkmdaiR+V1EfPxCxLHM3fVWVtcWZkul4vKObVfXjl9YnJ0vzheXTk5NT5849bdTJ/cv1m+/WDt845X//vmdme+f/+27L32SxEwcTuOr2Y5jv+Qi14hrMH0Ld/jPflfWN+8/20WhTMTmZj2ZPegGsQfpqTnQ6JUjMR4D9+qf0V62DAA4KM9FOjPrYKDjGgDgoZbUP///1e92AAC90vw7wO2N9UJz6e9fJHrr5r8jYqQef/P6Zn1NtnHNbqR2HXTsdrLjykgSERP7UH8uIt744Om30iV2XU8FOEhXrkbEuYncjvF/IGoj3O57FvbqL+1fnm/N5HatNP5B73yYzn/+3m7+l9ma/0Sb+c9wm3P3Qdz//M9c34dqOkrnf/9subftTkv8DRMDjdwvanO+weT8hVIxHdt+GRFHY3A4zU/Vy7a9Q+borR9udaq/df73zavPvJnWn/7cLpG5nh3euc3cbHX2p8bddPNqxO+z7eJPx//hWv8nHea/Z7qs43//ePH1TuvS+NN4m8vd8R+szWsRf2rb/8lWmTQ1WV28OFlpd3/iZO1wmGweFG28NxNjnerPZbf7P13S+pu/C/RC2v9j945/Imm9X7PS9a63zoXPr41/1KlQ6/HfPv72x/9Q8mQtPdR47fJstbo8FTGU/P/u109sb9vMN8un8R/9Y/vzvzn+tTn+n0r3f67LNyJ746u3Hzz+g5XGP7en/t9zIkbuLAx0qr+7/p/esU0341+3DXzQ9w0AAAAAAAAAAAAAAAAAAAAAAAAA9iITEYcjyeS30plMPl//Du9fx1imVK5Uj50vryzNpetqzz/NNB91Od7yPNSpxvPwm/kTu/J/jYhfRcRrw6O1fL5QLs31O3gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaDjU4fv/U18O7yo80I8WAgAHYsQHOwA8bpJstt9NAAB6baTrkrmIGD3QtgAAvdH95z8A8Kjo/PnvwgAAPKru8/v/7v8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHt15vTpdNn8bmO9kObnLq2uLJQvHZ8rVhbyiyuFfKG8fDE/Xy7Pl4r5Qnkxsh12dKX+o1QuX5yOpZXLk9VipTpZWV07u1heWaqevbA4O188WxzsYWwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0K3K6trC5nipuJwmZksSPU4sfFbvh59LeyT2logr9f7b1z1/evIPv0l32tcAY2h7lBjty9gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DD4MQAA//+KvR+l")
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff000000000000", @ANYRES32=0x1, @ANYBLOB="00000000bc6c35", @ANYRES32=0x0], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000765420febc1f1c0c1ca5ba32ff0f0000000000006a06e9adbf35d1143c6e1ac9be6fe9d530e95085779d66cb22819c2ef6dee5850e6cd7546f86405ab7117d268cac354700"/88, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
syz_clone3(&(0x7f0000001240)={0x22204400, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

442.450619ms ago: executing program 3 (id=3908):
fspick(0xffffffffffffffff, &(0x7f0000000180)='./cgroup\x00', 0x0)

364.542596ms ago: executing program 3 (id=3909):
bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1e0000000000000004000000", @ANYRES32=0x1, @ANYRES32=0x0], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000140)={<r1=>0xffffffffffffffff}, 0x0)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r3 = dup(r2)
mount$9p_fd(0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000680)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[], [], 0x6b}})

346.228598ms ago: executing program 3 (id=3910):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000340)={[{@abort}, {@minixdf}, {@grpjquota}]}, 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
pwritev2(r2, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
sendfile(r2, r2, 0x0, 0x7a680000)

227.312469ms ago: executing program 4 (id=3911):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8)
r1 = memfd_secret(0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a6538b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b863d2b1cd06a39702bd547f5ebaa6954f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831d64759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91f0eb18e21dfdab3c84ec11377fbbfd1e00"/773], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000340)={r2, r1, 0x2f, 0x4608, @void}, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4000, 0x121)
pwritev2(r3, 0x0, 0x0, 0x0, 0x0, 0x4c)
syz_emit_ethernet(0x34e, 0x0, 0x0)
r4 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
connect$pppoe(r4, &(0x7f0000000000)={0x18, 0x0, {0x2, @link_local, 'gre0\x00'}}, 0x1e)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
munmap(&(0x7f0000002000/0x800000)=nil, 0x800000)
r6 = io_uring_setup(0x7af2, &(0x7f00000003c0))
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f0000001880)=[{&(0x7f0000002e00)=""/4096, 0x1000}], 0x1)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
write$binfmt_aout(r4, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000000c0)={@ifindex, r0, 0x11, 0x0, 0x0, @void, @value=r0}, 0x20)

143.725737ms ago: executing program 3 (id=3912):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000000100))
ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x0, 0x0, 0x0, 0x400}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYRES16=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r4, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="15b26f226e2966667482d50703b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5dffd691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6be", 0xc3}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0ff46983f8765af4add3532de2b91f2436df028", 0x9fd}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="c9", 0x1}], 0x300}}], 0x3, 0x240080e4)

123.342338ms ago: executing program 3 (id=3913):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000480)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getitimer(0xe, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYRES32], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/exec\x00')
writev(r1, &(0x7f0000000300)=[{&(0x7f00000002c0)='O', 0x1}], 0x1)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x6a1c2, 0x170)
fcntl$lock(r2, 0x26, &(0x7f00000031c0))

104.80458ms ago: executing program 3 (id=3914):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB="0000b308150c865c396b34e6000000005490ca7f9fcd62b2000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa220000000000000000000000000ffb703000008000000b7040000000000008500000058b2c8c67ec0895f530f43e82e97f21517ca613abaa75cb0126bf96d7735854ae19b6b94b264413d08d50ece7c2dadd40d57fa279ad613872e571e8206656850ffa8a841ef00f51961d191689edd6d9e4e836900000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b00000007000000050000000800000005000000", @ANYRESOCT=r2, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRESDEC=r0, @ANYRES64], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
close(r2)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r1, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0x0, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_aout(r6, &(0x7f00000003c0)=ANY=[@ANYRESHEX, @ANYRES64=r6], 0xfffffda8)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000005, 0x12, r6, 0x0)
write$bt_hci(r5, &(0x7f00000002c0)=ANY=[], 0x6)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r6, 0xc0605345, &(0x7f00000002c0)={0x3, 0x2, {0x0, 0x3, 0x9, 0x3, 0x500}, 0x4a})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = open$dir(&(0x7f0000000040)='./file0\x00', 0x4000, 0x12)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x22140, 0x10)
move_mount(r7, &(0x7f0000000080)='./file0\x00', r8, &(0x7f0000000200)='./file0\x00', 0x54)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00', r9}, 0x10)

25.909858ms ago: executing program 0 (id=3915):
syz_io_uring_submit(0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0xffffffff, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_256={{0x304}, "76f7bc3e4ae1c84c", "af193cff4810ba5ac120d096eb00b40752095b4285514ca312c52e3a08756735", "5d362ced", "bc3a20b10f4ad11e"}, 0x38)
close(r2)

0s ago: executing program 0 (id=3916):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
write$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000400)='FROZEN\x00', 0x7)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
getsockopt$nfc_llcp(r1, 0x118, 0x0, &(0x7f0000000140)=""/192, 0x20000057)
r2 = socket$packet(0x11, 0x2, 0x300)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r4}, 0x10)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
setsockopt$packet_int(r2, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab000e271f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1ff032aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f757036303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e0800000092e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9be7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa5200002fe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb0972d39e4b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e501ddddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b605908000000f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c332c34812382e57c0e0d83f3f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217b6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2a434b9048ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b4783d66661a92f174f2b88cd544b2a8e1b05ea7cf51578169fff7765f9978883b4b5983b42a35a05dabfc325ec2a2ec2f9b0882fdcf5d6f72272d2ff0d8eea60f5494ba42b4d40f144f0ab680a6f40f9094d3afb58a1efd6109894b8605c6b3b3f020c222f6446195b2274f634fbb737948a1f36ea729467e132385e9da614e4625175f4443b97a675934db90010e4b884200c3546c4d86d712c3939e11be3343f693846f509ad4c445ade5cd6d126d5694462ac5d3b527c3bd51c0a715a28d65fe94b255d02cdc1fab99b5b9c352f1b284115e4046285a824d22b6f0afbed8d6096a72fef72ebd6aae78b02fa1993e8fe2020ae93aae2bcfffa40b98549f1fb9fcefa74329909a207336d07f6f59da423ac5fa47852055d5ce6d2c56bdbbcdbf3458ba478c669f39d5272e65c90908ea2cb86d38f8ebf80a8cb85d8399b42403c94b8662af5cf1411526f177b4d476169a5d5a8c37d0d8893a77d0bd47b8a0bba60b3e26094209c889585f997ff556bcd2cc223f9c0c44de9d0fe1b5a8a815f652e79747d3e1f413fa0575d51f652d22883e143065c5ad74bdc864754ba3dad5a8fc8fc2c807d1a51dfb29884adee415c13f2ce14d307bd6165ec6ba68a766adfcbe444ea72d586bb47dd98a225467aab538a77667d19bae2e51727ba6d190e6d7"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r5, 0x18000000000002a0, 0x21, 0x0, &(0x7f0000000400)="b9f70b078059268cb89e14f088a82dafb1ddaade0300a99c3f76db01127c42acb2", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
socket$key(0xf, 0x3, 0x2)
futimesat(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
write$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000400)='FROZEN\x00', 0x7) (async)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) (async)
getsockopt$nfc_llcp(r1, 0x118, 0x0, &(0x7f0000000140)=""/192, 0x20000057) (async)
socket$packet(0x11, 0x2, 0x300) (async)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r4}, 0x10) (async)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0) (async)
setsockopt$packet_int(r2, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) (async)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab000e271f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1ff032aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f757036303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e0800000092e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9be7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa5200002fe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb0972d39e4b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e501ddddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b605908000000f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c332c34812382e57c0e0d83f3f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217b6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2a434b9048ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b4783d66661a92f174f2b88cd544b2a8e1b05ea7cf51578169fff7765f9978883b4b5983b42a35a05dabfc325ec2a2ec2f9b0882fdcf5d6f72272d2ff0d8eea60f5494ba42b4d40f144f0ab680a6f40f9094d3afb58a1efd6109894b8605c6b3b3f020c222f6446195b2274f634fbb737948a1f36ea729467e132385e9da614e4625175f4443b97a675934db90010e4b884200c3546c4d86d712c3939e11be3343f693846f509ad4c445ade5cd6d126d5694462ac5d3b527c3bd51c0a715a28d65fe94b255d02cdc1fab99b5b9c352f1b284115e4046285a824d22b6f0afbed8d6096a72fef72ebd6aae78b02fa1993e8fe2020ae93aae2bcfffa40b98549f1fb9fcefa74329909a207336d07f6f59da423ac5fa47852055d5ce6d2c56bdbbcdbf3458ba478c669f39d5272e65c90908ea2cb86d38f8ebf80a8cb85d8399b42403c94b8662af5cf1411526f177b4d476169a5d5a8c37d0d8893a77d0bd47b8a0bba60b3e26094209c889585f997ff556bcd2cc223f9c0c44de9d0fe1b5a8a815f652e79747d3e1f413fa0575d51f652d22883e143065c5ad74bdc864754ba3dad5a8fc8fc2c807d1a51dfb29884adee415c13f2ce14d307bd6165ec6ba68a766adfcbe444ea72d586bb47dd98a225467aab538a77667d19bae2e51727ba6d190e6d7"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r5, 0x18000000000002a0, 0x21, 0x0, &(0x7f0000000400)="b9f70b078059268cb89e14f088a82dafb1ddaade0300a99c3f76db01127c42acb2", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) (async)
socket$key(0xf, 0x3, 0x2) (async)
futimesat(0xffffffffffffffff, 0x0, 0x0) (async)

kernel console output (not intermixed with test programs):

=1
[  163.847887][T12403] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  163.880686][T12405] syzkaller0: entered promiscuous mode
[  163.886304][T12405] syzkaller0: entered allmulticast mode
[  163.903348][T12405] loop3: detected capacity change from 0 to 512
[  163.911269][T12405] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.3344: casefold flag without casefold feature
[  163.924601][T12405] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.3344: couldn't read orphan inode 15 (err -117)
[  163.937190][T12405] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.063121][T11867] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.089428][   T24] IPVS: starting estimator thread 0...
[  164.176921][T12427] FAULT_INJECTION: forcing a failure.
[  164.176921][T12427] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.190028][T12427] CPU: 1 UID: 0 PID: 12427 Comm: syz.4.3353 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  164.200512][T12427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  164.210654][T12427] Call Trace:
[  164.213923][T12427]  <TASK>
[  164.216844][T12427]  dump_stack_lvl+0xf2/0x150
[  164.221555][T12427]  dump_stack+0x15/0x20
[  164.225762][T12427]  should_fail_ex+0x229/0x230
[  164.230438][T12427]  should_fail+0xb/0x10
[  164.234593][T12427]  should_fail_usercopy+0x1a/0x20
[  164.239701][T12427]  strncpy_from_user+0x25/0x270
[  164.244549][T12427]  ? kmem_cache_alloc_noprof+0x10c/0x290
[  164.250238][T12427]  getname_flags+0xb0/0x3b0
[  164.254732][T12427]  user_path_at+0x26/0x110
[  164.259140][T12427]  __se_sys_mount+0x248/0x2d0
[  164.263815][T12427]  __x64_sys_mount+0x67/0x80
[  164.268449][T12427]  x64_sys_call+0x203e/0x2d60
[  164.273120][T12427]  do_syscall_64+0xc9/0x1c0
[  164.277610][T12427]  ? clear_bhb_loop+0x55/0xb0
[  164.282485][T12427]  ? clear_bhb_loop+0x55/0xb0
[  164.287168][T12427]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.293135][T12427] RIP: 0033:0x7f843ff2def9
[  164.297533][T12427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.317157][T12427] RSP: 002b:00007f843eba7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  164.325574][T12427] RAX: ffffffffffffffda RBX: 00007f84400e5f80 RCX: 00007f843ff2def9
[  164.333547][T12427] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000000000000
[  164.341531][T12427] RBP: 00007f843eba7090 R08: 0000000020000200 R09: 0000000000000000
[  164.349489][T12427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.357510][T12427] R13: 0000000000000000 R14: 00007f84400e5f80 R15: 00007ffe2db89e08
[  164.365477][T12427]  </TASK>
[  164.368819][T12414] IPVS: using max 3024 ests per chain, 151200 per kthread
[  164.379446][T12429] loop0: detected capacity change from 0 to 512
[  164.385973][ T3317] net_ratelimit: 5 callbacks suppressed
[  164.385984][ T3317] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  164.402332][T12429] x_tables: duplicate underflow at hook 2
[  164.437074][T12435] loop4: detected capacity change from 0 to 2048
[  164.478566][T12437] loop0: detected capacity change from 0 to 2048
[  164.485483][T12435]  loop4: p1 < > p4
[  164.490248][T12435] loop4: p4 size 8388608 extends beyond EOD, truncated
[  164.501765][T12437] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.523593][T12437] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  164.539155][T12437] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  164.551711][T12437] EXT4-fs (loop0): This should not happen!! Data will be lost
[  164.551711][T12437] 
[  164.561431][T12437] EXT4-fs (loop0): Total free blocks count 0
[  164.567550][T12437] EXT4-fs (loop0): Free/Dirty block details
[  164.573465][T12437] EXT4-fs (loop0): free_blocks=2415919104
[  164.579298][T12437] EXT4-fs (loop0): dirty_blocks=16
[  164.584483][T12437] EXT4-fs (loop0): Block reservation details
[  164.590511][T12437] EXT4-fs (loop0): i_reserved_data_blocks=1
[  164.598328][T12452] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  164.656391][T12460] syz.3.3366[12460] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  164.656460][T12460] syz.3.3366[12460] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  164.678984][T12460] random: crng reseeded on system resumption
[  164.701222][T12465] syz.0.3367[12465] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  164.701361][T12465] syz.0.3367[12465] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  164.736441][T12467] loop0: detected capacity change from 0 to 128
[  164.770857][T12467] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  164.780491][T12467] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  164.789053][T12467] batadv_slave_0: entered allmulticast mode
[  164.827590][T12472] loop4: detected capacity change from 0 to 4096
[  164.836985][T12472] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.850596][T12472] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.946080][T12472] syz.4.3371[12472] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  164.946138][T12472] syz.4.3371[12472] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  165.061831][T12491] netlink: 5128 bytes leftover after parsing attributes in process `syz.2.3376'.
[  165.083586][T12491] netlink: 5128 bytes leftover after parsing attributes in process `syz.2.3376'.
[  165.092806][T12491] netlink: 332 bytes leftover after parsing attributes in process `syz.2.3376'.
[  165.179523][T12498] loop0: detected capacity change from 0 to 2048
[  165.196747][T12498] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.211253][T12498] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  165.227501][T12498] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  165.239870][T12498] EXT4-fs (loop0): This should not happen!! Data will be lost
[  165.239870][T12498] 
[  165.249530][T12498] EXT4-fs (loop0): Total free blocks count 0
[  165.255515][T12498] EXT4-fs (loop0): Free/Dirty block details
[  165.261452][T12498] EXT4-fs (loop0): free_blocks=2415919104
[  165.267192][T12498] EXT4-fs (loop0): dirty_blocks=16
[  165.272321][T12498] EXT4-fs (loop0): Block reservation details
[  165.278317][T12498] EXT4-fs (loop0): i_reserved_data_blocks=1
[  165.285134][T12501] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  165.369330][T12504] FAULT_INJECTION: forcing a failure.
[  165.369330][T12504] name failslab, interval 1, probability 0, space 0, times 0
[  165.382002][T12504] CPU: 0 UID: 0 PID: 12504 Comm: syz.0.3381 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  165.392426][T12504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  165.402475][T12504] Call Trace:
[  165.405749][T12504]  <TASK>
[  165.408712][T12504]  dump_stack_lvl+0xf2/0x150
[  165.413303][T12504]  dump_stack+0x15/0x20
[  165.417459][T12504]  should_fail_ex+0x229/0x230
[  165.422144][T12504]  ? tty_open+0x80/0xb00
[  165.426391][T12504]  should_failslab+0x8f/0xb0
[  165.430974][T12504]  __kmalloc_cache_noprof+0x4b/0x2a0
[  165.436326][T12504]  tty_open+0x80/0xb00
[  165.440456][T12504]  chrdev_open+0x2f9/0x370
[  165.444858][T12504]  ? __pfx_chrdev_open+0x10/0x10
[  165.449835][T12504]  do_dentry_open+0x621/0xa20
[  165.454571][T12504]  vfs_open+0x38/0x1f0
[  165.458635][T12504]  path_openat+0x1ac2/0x1fa0
[  165.463223][T12504]  ? _parse_integer+0x27/0x30
[  165.467949][T12504]  do_filp_open+0xf7/0x200
[  165.472451][T12504]  do_sys_openat2+0xab/0x120
[  165.477051][T12504]  __x64_sys_openat+0xf3/0x120
[  165.481965][T12504]  x64_sys_call+0x1025/0x2d60
[  165.486650][T12504]  do_syscall_64+0xc9/0x1c0
[  165.491154][T12504]  ? clear_bhb_loop+0x55/0xb0
[  165.495893][T12504]  ? clear_bhb_loop+0x55/0xb0
[  165.500567][T12504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.506495][T12504] RIP: 0033:0x7fcddc98def9
[  165.510899][T12504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.530497][T12504] RSP: 002b:00007fcddb5e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  165.538962][T12504] RAX: ffffffffffffffda RBX: 00007fcddcb46058 RCX: 00007fcddc98def9
[  165.546922][T12504] RDX: 0000000000004880 RSI: 0000000020000000 RDI: ffffffffffffff9c
[  165.554953][T12504] RBP: 00007fcddb5e6090 R08: 0000000000000000 R09: 0000000000000000
[  165.562915][T12504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.570915][T12504] R13: 0000000000000000 R14: 00007fcddcb46058 R15: 00007ffdf77f5298
[  165.578927][T12504]  </TASK>
[  165.585505][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.706113][   T29] kauditd_printk_skb: 1351 callbacks suppressed
[  165.706128][   T29] audit: type=1326 audit(1726634608.530:23541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12490 comm="syz.4.3377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f843ff24ea7 code=0x7ffc0000
[  165.759139][   T29] audit: type=1326 audit(1726634608.560:23542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12495 comm="syz.2.3379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6f18d24ea7 code=0x7ffc0000
[  165.782700][   T29] audit: type=1326 audit(1726634608.560:23543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12495 comm="syz.2.3379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6f18cc9869 code=0x7ffc0000
[  165.806468][   T29] audit: type=1326 audit(1726634608.560:23544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12495 comm="syz.2.3379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f6f18d2def9 code=0x7ffc0000
[  165.830025][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.830107][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.830165][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.830247][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.830314][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.830379][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.830438][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.830497][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.900442][   T29] audit: type=1326 audit(1726634608.560:23545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12490 comm="syz.4.3377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f843fec9869 code=0x7ffc0000
[  165.923902][   T29] audit: type=1326 audit(1726634608.560:23546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12490 comm="syz.4.3377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f843ff24ea7 code=0x7ffc0000
[  165.947457][   T29] audit: type=1326 audit(1726634608.560:23547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12490 comm="syz.4.3377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f843fec9869 code=0x7ffc0000
[  165.970942][   T29] audit: type=1326 audit(1726634608.560:23548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12490 comm="syz.4.3377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f843ff2def9 code=0x7ffc0000
[  165.994556][   T29] audit: type=1326 audit(1726634608.560:23549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12495 comm="syz.2.3379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6f18d24ea7 code=0x7ffc0000
[  166.018084][   T29] audit: type=1326 audit(1726634608.560:23550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12495 comm="syz.2.3379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6f18cc9869 code=0x7ffc0000
[  166.129121][T12529] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=12529 comm=syz.2.3392
[  166.163172][T12527] netlink: '+}[@': attribute type 10 has an invalid length.
[  166.168366][T12523] loop4: detected capacity change from 0 to 1024
[  166.182256][T12534] loop0: detected capacity change from 0 to 128
[  166.188889][T12523] EXT4-fs: Ignoring removed nobh option
[  166.197018][T12535] FAULT_INJECTION: forcing a failure.
[  166.197018][T12535] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  166.205405][T12532] FAULT_INJECTION: forcing a failure.
[  166.205405][T12532] name failslab, interval 1, probability 0, space 0, times 0
[  166.210106][T12535] CPU: 0 UID: 0 PID: 12535 Comm: syz.2.3392 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  166.232995][T12535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  166.243079][T12535] Call Trace:
[  166.246359][T12535]  <TASK>
[  166.249456][T12535]  dump_stack_lvl+0xf2/0x150
[  166.254043][T12535]  dump_stack+0x15/0x20
[  166.258186][T12535]  should_fail_ex+0x229/0x230
[  166.262856][T12535]  should_fail+0xb/0x10
[  166.267045][T12535]  should_fail_usercopy+0x1a/0x20
[  166.272138][T12535]  _copy_from_user+0x1e/0xd0
[  166.276715][T12535]  do_ipv6_setsockopt+0x1ef/0x2250
[  166.281872][T12535]  ? __rcu_read_unlock+0x4e/0x70
[  166.286859][T12535]  ? avc_has_perm_noaudit+0x1cc/0x210
[  166.292240][T12535]  ? selinux_netlbl_socket_setsockopt+0xe5/0x2d0
[  166.298631][T12535]  ipv6_setsockopt+0x57/0x130
[  166.303298][T12535]  udpv6_setsockopt+0x95/0xb0
[  166.307976][T12535]  sock_common_setsockopt+0x64/0x80
[  166.313216][T12535]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  166.319183][T12535]  __sys_setsockopt+0x1cc/0x240
[  166.324032][T12535]  __x64_sys_setsockopt+0x66/0x80
[  166.329114][T12535]  x64_sys_call+0x278d/0x2d60
[  166.333856][T12535]  do_syscall_64+0xc9/0x1c0
[  166.338349][T12535]  ? clear_bhb_loop+0x55/0xb0
[  166.343024][T12535]  ? clear_bhb_loop+0x55/0xb0
[  166.347760][T12535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.353734][T12535] RIP: 0033:0x7f6f18d2def9
[  166.358134][T12535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.377752][T12535] RSP: 002b:00007f6f17986038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  166.386215][T12535] RAX: ffffffffffffffda RBX: 00007f6f18ee6058 RCX: 00007f6f18d2def9
[  166.394172][T12535] RDX: 0000000000000030 RSI: 0000000000000029 RDI: 000000000000000b
[  166.402161][T12535] RBP: 00007f6f17986090 R08: 0000000000000190 R09: 0000000000000000
[  166.410120][T12535] R10: 0000000020000b00 R11: 0000000000000246 R12: 0000000000000001
[  166.418123][T12535] R13: 0000000000000000 R14: 00007f6f18ee6058 R15: 00007ffe18e55258
[  166.426163][T12535]  </TASK>
[  166.429169][T12532] CPU: 1 UID: 0 PID: 12532 Comm: syz.3.3393 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  166.430752][T12534] EXT4-fs: Ignoring removed nobh option
[  166.439585][T12532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  166.439601][T12532] Call Trace:
[  166.439608][T12532]  <TASK>
[  166.439632][T12532]  dump_stack_lvl+0xf2/0x150
[  166.446811][T12523] EXT4-fs (loop4): can't mount with journal_checksum, fs mounted w/o journal
[  166.455186][T12532]  dump_stack+0x15/0x20
[  166.455213][T12532]  should_fail_ex+0x229/0x230
[  166.483561][T12532]  ? audit_log_start+0x34c/0x6b0
[  166.488495][T12532]  should_failslab+0x8f/0xb0
[  166.493144][T12532]  kmem_cache_alloc_noprof+0x4c/0x290
[  166.498574][T12532]  audit_log_start+0x34c/0x6b0
[  166.503337][T12532]  audit_seccomp+0x4b/0x130
[  166.507834][T12532]  __seccomp_filter+0x6fa/0x1180
[  166.512760][T12532]  ? proc_fail_nth_write+0x12a/0x150
[  166.518113][T12532]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  166.523737][T12532]  ? vfs_write+0x580/0x910
[  166.528146][T12532]  ? __traceiter_kmem_cache_free+0x33/0x50
[  166.534050][T12532]  ? __fget_files+0x1d4/0x210
[  166.538724][T12532]  __secure_computing+0x9f/0x1c0
[  166.543655][T12532]  syscall_trace_enter+0xd1/0x1f0
[  166.548749][T12532]  ? fpregs_assert_state_consistent+0x83/0xa0
[  166.554817][T12532]  do_syscall_64+0xaa/0x1c0
[  166.559434][T12532]  ? clear_bhb_loop+0x55/0xb0
[  166.564256][T12532]  ? clear_bhb_loop+0x55/0xb0
[  166.569044][T12532]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.575000][T12532] RIP: 0033:0x7fcd8e7edef9
[  166.579401][T12532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.598998][T12532] RSP: 002b:00007fcd8d467038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
[  166.607419][T12532] RAX: ffffffffffffffda RBX: 00007fcd8e9a5f80 RCX: 00007fcd8e7edef9
[  166.615427][T12532] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  166.623384][T12532] RBP: 00007fcd8d467090 R08: 0000000000000000 R09: 0000000000000000
[  166.631341][T12532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.639330][T12532] R13: 0000000000000000 R14: 00007fcd8e9a5f80 R15: 00007fff58b90b48
[  166.647357][T12532]  </TASK>
[  166.658632][T12534] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  166.671740][T12534] ext4 filesystem being mounted at /147/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  166.732293][T12544] loop3: detected capacity change from 0 to 1024
[  166.739449][T12544] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  166.751512][T12544] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.769015][T12544] atomic_op ffff8881247d5128 conn xmit_atomic 0000000000000000
[  166.863124][T10675] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  166.998483][T12550] loop0: detected capacity change from 0 to 1024
[  167.009292][T12550] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  167.026438][T12550] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.153731][T12553] netlink: 'syz.0.3400': attribute type 10 has an invalid length.
[  167.170859][T12553] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  167.571625][T12560] syz.1.3403[12560] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  167.571688][T12560] syz.1.3403[12560] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  167.584691][T12560] FAULT_INJECTION: forcing a failure.
[  167.584691][T12560] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.609296][T12560] CPU: 1 UID: 0 PID: 12560 Comm: syz.1.3403 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  167.619729][T12560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  167.629877][T12560] Call Trace:
[  167.633147][T12560]  <TASK>
[  167.636166][T12560]  dump_stack_lvl+0xf2/0x150
[  167.640795][T12560]  dump_stack+0x15/0x20
[  167.644942][T12560]  should_fail_ex+0x229/0x230
[  167.649650][T12560]  should_fail+0xb/0x10
[  167.653878][T12560]  should_fail_usercopy+0x1a/0x20
[  167.658960][T12560]  _copy_from_user+0x1e/0xd0
[  167.663537][T12560]  copy_msghdr_from_user+0x54/0x2a0
[  167.668780][T12560]  __sys_sendmmsg+0x21e/0x500
[  167.673460][T12560]  __x64_sys_sendmmsg+0x57/0x70
[  167.678301][T12560]  x64_sys_call+0xa49/0x2d60
[  167.682906][T12560]  do_syscall_64+0xc9/0x1c0
[  167.687402][T12560]  ? clear_bhb_loop+0x55/0xb0
[  167.692087][T12560]  ? clear_bhb_loop+0x55/0xb0
[  167.696784][T12560]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.702673][T12560] RIP: 0033:0x7fa03be0def9
[  167.707075][T12560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.726745][T12560] RSP: 002b:00007fa03aa87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  167.735297][T12560] RAX: ffffffffffffffda RBX: 00007fa03bfc5f80 RCX: 00007fa03be0def9
[  167.743256][T12560] RDX: 0000000000000003 RSI: 0000000020004540 RDI: 0000000000000003
[  167.751215][T12560] RBP: 00007fa03aa87090 R08: 0000000000000000 R09: 0000000000000000
[  167.759298][T12560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.767264][T12560] R13: 0000000000000000 R14: 00007fa03bfc5f80 R15: 00007ffdd6973068
[  167.775297][T12560]  </TASK>
[  167.793923][T11867] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.805143][T10675] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.861292][T12566] loop3: detected capacity change from 0 to 1024
[  167.868402][T12566] EXT4-fs: Ignoring removed orlov option
[  167.874395][T12566] EXT4-fs: Ignoring removed nomblk_io_submit option
[  167.876275][T12574] syz.1.3408[12574] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  167.883978][T12574] syz.1.3408[12574] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  167.909873][T12566] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.921708][T12581] netlink: 140 bytes leftover after parsing attributes in process `syz.4.3410'.
[  167.936269][T12566] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2792: inode #14: comm syz.3.3405: corrupted in-inode xattr: bad magic number in in-inode xattr
[  167.959351][T12566] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #14: comm syz.3.3405: attempt to clear invalid blocks 1634560256 len 1
[  167.963319][T12574] loop1: detected capacity change from 0 to 512
[  167.989291][T12574] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  168.009076][T11867] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.019474][T12574] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #3: comm syz.1.3408: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  168.037963][T12574] EXT4-fs error (device loop1): ext4_quota_enable:7025: comm syz.1.3408: Bad quota inode: 3, type: 0
[  168.057438][T12574] EXT4-fs warning (device loop1): ext4_enable_quotas:7066: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  168.072398][T12574] EXT4-fs (loop1): mount failed
[  168.116261][T12590] loop0: detected capacity change from 0 to 2048
[  168.128158][T12590] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.144249][T12590] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  168.159416][T12590] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  168.171843][T12590] EXT4-fs (loop0): This should not happen!! Data will be lost
[  168.171843][T12590] 
[  168.181606][T12590] EXT4-fs (loop0): Total free blocks count 0
[  168.187607][T12590] EXT4-fs (loop0): Free/Dirty block details
[  168.193512][T12590] EXT4-fs (loop0): free_blocks=2415919104
[  168.199251][T12590] EXT4-fs (loop0): dirty_blocks=16
[  168.204364][T12590] EXT4-fs (loop0): Block reservation details
[  168.210398][T12590] EXT4-fs (loop0): i_reserved_data_blocks=1
[  168.219882][T12602] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  168.255382][T12605] loop0: detected capacity change from 0 to 512
[  168.263764][T12605] x_tables: duplicate underflow at hook 2
[  168.297131][T12609] loop0: detected capacity change from 0 to 512
[  168.306364][T12609] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.318956][T12609] ext4 filesystem being mounted at /153/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  168.337234][T10675] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.351997][T12614] FAULT_INJECTION: forcing a failure.
[  168.351997][T12614] name failslab, interval 1, probability 0, space 0, times 0
[  168.364677][T12614] CPU: 0 UID: 0 PID: 12614 Comm: syz.0.3419 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  168.375120][T12614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  168.385166][T12614] Call Trace:
[  168.388434][T12614]  <TASK>
[  168.391369][T12614]  dump_stack_lvl+0xf2/0x150
[  168.396130][T12614]  dump_stack+0x15/0x20
[  168.400265][T12614]  should_fail_ex+0x229/0x230
[  168.404927][T12614]  ? skb_clone+0x154/0x1f0
[  168.409407][T12614]  should_failslab+0x8f/0xb0
[  168.414068][T12614]  kmem_cache_alloc_noprof+0x4c/0x290
[  168.419503][T12614]  skb_clone+0x154/0x1f0
[  168.423744][T12614]  __netlink_deliver_tap+0x2bd/0x4c0
[  168.429034][T12614]  netlink_unicast+0x64a/0x670
[  168.433982][T12614]  netlink_sendmsg+0x5cc/0x6e0
[  168.438817][T12614]  ? __pfx_netlink_sendmsg+0x10/0x10
[  168.444108][T12614]  __sock_sendmsg+0x140/0x180
[  168.448772][T12614]  ____sys_sendmsg+0x312/0x410
[  168.453517][T12614]  __sys_sendmsg+0x1dd/0x270
[  168.458166][T12614]  __x64_sys_sendmsg+0x46/0x50
[  168.462930][T12614]  x64_sys_call+0x2689/0x2d60
[  168.467699][T12614]  do_syscall_64+0xc9/0x1c0
[  168.472183][T12614]  ? clear_bhb_loop+0x55/0xb0
[  168.476881][T12614]  ? clear_bhb_loop+0x55/0xb0
[  168.481631][T12614]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.487628][T12614] RIP: 0033:0x7fcddc98def9
[  168.492032][T12614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.511626][T12614] RSP: 002b:00007fcddb607038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  168.520131][T12614] RAX: ffffffffffffffda RBX: 00007fcddcb45f80 RCX: 00007fcddc98def9
[  168.528117][T12614] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[  168.536070][T12614] RBP: 00007fcddb607090 R08: 0000000000000000 R09: 0000000000000000
[  168.544032][T12614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  168.552158][T12614] R13: 0000000000000000 R14: 00007fcddcb45f80 R15: 00007ffdf77f5298
[  168.560164][T12614]  </TASK>
[  168.564114][T12614] netlink: 'syz.0.3419': attribute type 10 has an invalid length.
[  168.572028][T12614] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  168.866190][T12631] FAULT_INJECTION: forcing a failure.
[  168.866190][T12631] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  168.879323][T12631] CPU: 0 UID: 0 PID: 12631 Comm: syz.4.3426 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  168.889826][T12631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  168.900059][T12631] Call Trace:
[  168.903327][T12631]  <TASK>
[  168.906310][T12631]  dump_stack_lvl+0xf2/0x150
[  168.910895][T12631]  dump_stack+0x15/0x20
[  168.915038][T12631]  should_fail_ex+0x229/0x230
[  168.919716][T12631]  should_fail+0xb/0x10
[  168.923862][T12631]  should_fail_usercopy+0x1a/0x20
[  168.928882][T12631]  _copy_from_user+0x1e/0xd0
[  168.933460][T12631]  vmemdup_user+0x12e/0x1b0
[  168.937957][T12631]  __se_sys_fsetxattr+0x1af/0x360
[  168.943114][T12631]  ? proc_fail_nth_write+0x12a/0x150
[  168.948398][T12631]  __x64_sys_fsetxattr+0x67/0x80
[  168.953380][T12631]  x64_sys_call+0x16a5/0x2d60
[  168.958050][T12631]  do_syscall_64+0xc9/0x1c0
[  168.962583][T12631]  ? clear_bhb_loop+0x55/0xb0
[  168.967337][T12631]  ? clear_bhb_loop+0x55/0xb0
[  168.972050][T12631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.978020][T12631] RIP: 0033:0x7f843ff2def9
[  168.982422][T12631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.002040][T12631] RSP: 002b:00007f843eba7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[  169.010507][T12631] RAX: ffffffffffffffda RBX: 00007f84400e5f80 RCX: 00007f843ff2def9
[  169.018469][T12631] RDX: 00000000200004c0 RSI: 0000000020000480 RDI: 0000000000000005
[  169.026429][T12631] RBP: 00007f843eba7090 R08: 0000000000000000 R09: 0000000000000000
[  169.034390][T12631] R10: 000000000000001a R11: 0000000000000246 R12: 0000000000000001
[  169.042426][T12631] R13: 0000000000000000 R14: 00007f84400e5f80 R15: 00007ffe2db89e08
[  169.050390][T12631]  </TASK>
[  169.093601][T12639] loop4: detected capacity change from 0 to 1024
[  169.114250][T12647] netlink: 140 bytes leftover after parsing attributes in process `syz.3.3433'.
[  169.126146][T12639] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.151706][T12654] loop3: detected capacity change from 0 to 2048
[  169.168018][T10670] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.177044][T12654] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.190496][T12654] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  169.247233][T12668] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3439'.
[  169.256427][T12668] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3439'.
[  169.265730][T12668] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3439'.
[  169.457184][T12685] FAULT_INJECTION: forcing a failure.
[  169.457184][T12685] name failslab, interval 1, probability 0, space 0, times 0
[  169.469904][T12685] CPU: 1 UID: 0 PID: 12685 Comm: syz.1.3444 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  169.480322][T12685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  169.490464][T12685] Call Trace:
[  169.493782][T12685]  <TASK>
[  169.496767][T12685]  dump_stack_lvl+0xf2/0x150
[  169.501343][T12685]  dump_stack+0x15/0x20
[  169.505484][T12685]  should_fail_ex+0x229/0x230
[  169.510216][T12685]  ? audit_log_start+0x34c/0x6b0
[  169.515253][T12685]  should_failslab+0x8f/0xb0
[  169.519841][T12685]  kmem_cache_alloc_noprof+0x4c/0x290
[  169.525216][T12685]  audit_log_start+0x34c/0x6b0
[  169.530058][T12685]  ? __alloc_pages_noprof+0x194/0x360
[  169.535438][T12685]  audit_seccomp+0x4b/0x130
[  169.539984][T12685]  ? cgroup_rstat_updated+0x99/0x550
[  169.545320][T12685]  __seccomp_filter+0x6fa/0x1180
[  169.550241][T12685]  ? __rcu_read_unlock+0x4e/0x70
[  169.555335][T12685]  ? handle_mm_fault+0x175e/0x2a20
[  169.560473][T12685]  __secure_computing+0x9f/0x1c0
[  169.565393][T12685]  syscall_trace_enter+0xd1/0x1f0
[  169.570416][T12685]  ? __rcu_read_unlock+0x4e/0x70
[  169.575497][T12685]  do_syscall_64+0xaa/0x1c0
[  169.579992][T12685]  ? clear_bhb_loop+0x55/0xb0
[  169.584658][T12685]  ? clear_bhb_loop+0x55/0xb0
[  169.589397][T12685]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.595346][T12685] RIP: 0033:0x7fa03be0fd8c
[  169.599743][T12685] Code: 2a 5a 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5a 02 00 48 8b
[  169.619414][T12685] RSP: 002b:00007fa03aa85ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  169.627810][T12685] RAX: ffffffffffffffda RBX: 00007fa03aa85fc0 RCX: 00007fa03be0fd8c
[  169.635783][T12685] RDX: 0000000000000024 RSI: 00007fa03aa86010 RDI: 0000000000000005
[  169.643863][T12685] RBP: 0000000000000000 R08: 00007fa03aa85f14 R09: 000000000000000c
[  169.651815][T12685] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000005
[  169.659856][T12685] R13: 00007fa03aa85f68 R14: 00007fa03aa86010 R15: 0000000000000000
[  169.667832][T12685]  </TASK>
[  169.671890][   T24] net_ratelimit: 85 callbacks suppressed
[  169.671901][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  169.726696][T12687] loop1: detected capacity change from 0 to 512
[  169.733458][T12687] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  169.747999][T12687] EXT4-fs (loop1): 1 truncate cleaned up
[  169.753924][T12687] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.776494][T11415] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.835439][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  169.977134][T11867] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.069941][T12700] loop0: detected capacity change from 0 to 128
[  170.078184][T12700] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  170.091041][T12700] ext4 filesystem being mounted at /163/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  170.117432][T10675] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  170.151433][T12711] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  170.159833][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  170.182227][T12714] loop0: detected capacity change from 0 to 128
[  170.190267][T12714] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  170.202501][T12714] ext4 filesystem being mounted at /166/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  170.216060][T12714] FAULT_INJECTION: forcing a failure.
[  170.216060][T12714] name failslab, interval 1, probability 0, space 0, times 0
[  170.228826][T12714] CPU: 0 UID: 0 PID: 12714 Comm: syz.0.3455 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  170.239361][T12714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  170.249429][T12714] Call Trace:
[  170.252695][T12714]  <TASK>
[  170.255614][T12714]  dump_stack_lvl+0xf2/0x150
[  170.260253][T12714]  dump_stack+0x15/0x20
[  170.264399][T12714]  should_fail_ex+0x229/0x230
[  170.269073][T12714]  ? alloc_vfsmnt+0x2b/0x300
[  170.273671][T12714]  should_failslab+0x8f/0xb0
[  170.278251][T12714]  kmem_cache_alloc_noprof+0x4c/0x290
[  170.283699][T12714]  alloc_vfsmnt+0x2b/0x300
[  170.288453][T12714]  clone_mnt+0x45/0x7a0
[  170.292688][T12714]  ? is_subdir+0x79/0x170
[  170.297069][T12714]  copy_tree+0x2df/0x7f0
[  170.301307][T12714]  copy_mnt_ns+0x11e/0x5c0
[  170.305717][T12714]  ? create_new_namespaces+0x3c/0x430
[  170.311164][T12714]  ? kmem_cache_alloc_noprof+0x1a6/0x290
[  170.316917][T12714]  create_new_namespaces+0x89/0x430
[  170.322114][T12714]  ? security_capable+0x81/0x90
[  170.326960][T12714]  unshare_nsproxy_namespaces+0xe6/0x120
[  170.332659][T12714]  ksys_unshare+0x3da/0x720
[  170.337158][T12714]  __x64_sys_unshare+0x1f/0x30
[  170.341943][T12714]  x64_sys_call+0x2c8d/0x2d60
[  170.346712][T12714]  do_syscall_64+0xc9/0x1c0
[  170.351246][T12714]  ? clear_bhb_loop+0x55/0xb0
[  170.355959][T12714]  ? clear_bhb_loop+0x55/0xb0
[  170.360645][T12714]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.366596][T12714] RIP: 0033:0x7fcddc98def9
[  170.371097][T12714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.390713][T12714] RSP: 002b:00007fcddb607038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  170.399237][T12714] RAX: ffffffffffffffda RBX: 00007fcddcb45f80 RCX: 00007fcddc98def9
[  170.407198][T12714] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000022020400
[  170.415161][T12714] RBP: 00007fcddb607090 R08: 0000000000000000 R09: 0000000000000000
[  170.423119][T12714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.431110][T12714] R13: 0000000000000000 R14: 00007fcddcb45f80 R15: 00007ffdf77f5298
[  170.439078][T12714]  </TASK>
[  170.461612][T10675] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  170.472780][T12716] wireguard0: entered promiscuous mode
[  170.478317][T12716] wireguard0: entered allmulticast mode
[  170.500703][T12723] loop0: detected capacity change from 0 to 164
[  170.508933][T12723] bio_check_eod: 7 callbacks suppressed
[  170.508943][T12723] syz.0.3458: attempt to access beyond end of device
[  170.508943][T12723] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  170.529501][T12723] syz.0.3458: attempt to access beyond end of device
[  170.529501][T12723] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164
[  170.546278][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  170.621862][T12730] loop0: detected capacity change from 0 to 2048
[  170.646995][T12730] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.661431][T12730] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  170.703620][T12736] netlink: 84 bytes leftover after parsing attributes in process `syz.1.3463'.
[  170.713068][T12736] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  170.865194][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  171.030291][   T29] kauditd_printk_skb: 789 callbacks suppressed
[  171.030305][   T29] audit: type=1326 audit(1726634613.850:24336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12741 comm="syz.3.3465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd8e7edef9 code=0x7ffc0000
[  171.063441][   T29] audit: type=1326 audit(1726634613.850:24337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12741 comm="syz.3.3465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd8e7edef9 code=0x7ffc0000
[  171.114267][   T29] audit: type=1326 audit(1726634613.930:24338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12741 comm="syz.3.3465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcd8e7ec890 code=0x7ffc0000
[  171.114425][T12743] FAULT_INJECTION: forcing a failure.
[  171.114425][T12743] name failslab, interval 1, probability 0, space 0, times 0
[  171.137951][   T29] audit: type=1326 audit(1726634613.930:24339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12741 comm="syz.3.3465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fcd8e7ec9df code=0x7ffc0000
[  171.150531][T12743] CPU: 1 UID: 0 PID: 12743 Comm: syz.3.3465 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  171.184354][T12743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  171.194411][T12743] Call Trace:
[  171.197671][T12743]  <TASK>
[  171.200584][T12743]  dump_stack_lvl+0xf2/0x150
[  171.205191][T12743]  dump_stack+0x15/0x20
[  171.209364][T12743]  should_fail_ex+0x229/0x230
[  171.214105][T12743]  ? audit_log_d_path+0x96/0x250
[  171.219034][T12743]  should_failslab+0x8f/0xb0
[  171.223686][T12743]  __kmalloc_cache_noprof+0x4b/0x2a0
[  171.228957][T12743]  audit_log_d_path+0x96/0x250
[  171.233709][T12743]  ? get_file_rcu+0xeb/0x100
[  171.238429][T12743]  ? __rcu_read_unlock+0x4e/0x70
[  171.243500][T12743]  audit_log_d_path_exe+0x42/0x70
[  171.248516][T12743]  audit_log_task+0x155/0x180
[  171.253245][T12743]  audit_seccomp+0x68/0x130
[  171.257780][T12743]  __seccomp_filter+0x6fa/0x1180
[  171.262696][T12743]  ? proc_fail_nth_write+0x12a/0x150
[  171.267996][T12743]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  171.273622][T12743]  ? vfs_write+0x580/0x910
[  171.278046][T12743]  ? __fget_files+0x1d4/0x210
[  171.282716][T12743]  __secure_computing+0x9f/0x1c0
[  171.287703][T12743]  syscall_trace_enter+0xd1/0x1f0
[  171.292720][T12743]  ? fpregs_assert_state_consistent+0x83/0xa0
[  171.298860][T12743]  do_syscall_64+0xaa/0x1c0
[  171.303438][T12743]  ? clear_bhb_loop+0x55/0xb0
[  171.308196][T12743]  ? clear_bhb_loop+0x55/0xb0
[  171.312880][T12743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.318812][T12743] RIP: 0033:0x7fcd8e7edef9
[  171.323216][T12743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.342969][T12743] RSP: 002b:00007fcd8d446038 EFLAGS: 00000246 ORIG_RAX: 000000000000000a
[  171.351371][T12743] RAX: ffffffffffffffda RBX: 00007fcd8e9a6058 RCX: 00007fcd8e7edef9
[  171.359367][T12743] RDX: 0000000000000004 RSI: 0000000000800000 RDI: 0000000020000000
[  171.367419][T12743] RBP: 00007fcd8d446090 R08: 0000000000000000 R09: 0000000000000000
[  171.375379][T12743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.383750][T12743] R13: 0000000000000000 R14: 00007fcd8e9a6058 R15: 00007fff58b90b48
[  171.391721][T12743]  </TASK>
[  171.395916][   T29] audit: type=1326 audit(1726634613.930:24340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12741 comm="syz.3.3465" exe="<no_memory>" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fcd8e7edef9 code=0x7ffc0000
[  171.429559][   T29] audit: type=1326 audit(1726634614.250:24341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12741 comm="syz.3.3465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fcd8e7ec93c code=0x7ffc0000
[  171.461047][T10675] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.470912][   T29] audit: type=1326 audit(1726634614.280:24342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12741 comm="syz.3.3465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fcd8e7ec9df code=0x7ffc0000
[  171.494522][   T29] audit: type=1326 audit(1726634614.280:24343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12741 comm="syz.3.3465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fcd8e7ecb8a code=0x7ffc0000
[  171.517974][   T29] audit: type=1326 audit(1726634614.280:24344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12741 comm="syz.3.3465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd8e7edef9 code=0x7ffc0000
[  171.541643][   T29] audit: type=1326 audit(1726634614.280:24345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12741 comm="syz.3.3465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd8e7edef9 code=0x7ffc0000
[  171.573973][T12749] loop1: detected capacity change from 0 to 1024
[  171.582995][T12749] EXT4-fs: Ignoring removed orlov option
[  171.588768][T12749] EXT4-fs: Ignoring removed nomblk_io_submit option
[  171.598087][T12752] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0
[  171.607931][T12751] IPVS: stopping master sync thread 12752 ...
[  171.614625][T12751] netlink: 'syz.0.3467': attribute type 10 has an invalid length.
[  171.615269][T12749] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.634528][T12751] veth0_macvtap: left promiscuous mode
[  171.654860][T12751] veth0_macvtap: entered promiscuous mode
[  171.662054][T12751] team0: Device macvtap0 failed to register rx_handler
[  171.676852][T12759] loop0: detected capacity change from 0 to 1024
[  171.683438][T12751] veth0_macvtap: left promiscuous mode
[  171.686772][T12759] EXT4-fs: Ignoring removed orlov option
[  171.694580][T12759] EXT4-fs: Ignoring removed nomblk_io_submit option
[  171.719899][T11415] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.722108][T12759] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[  171.738288][T12759] System zones: 0-1, 3-36
[  171.743785][T12759] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.761614][T12766] loop1: detected capacity change from 0 to 512
[  171.775334][T10675] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.837691][T12777] netlink: '+}[@': attribute type 10 has an invalid length.
[  171.862483][T12781] syzkaller0: entered promiscuous mode
[  171.868207][T12781] syzkaller0: entered allmulticast mode
[  171.879489][T12781] loop0: detected capacity change from 0 to 512
[  171.905699][ T3317] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  171.931078][T12781] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.3479: casefold flag without casefold feature
[  171.944789][T12781] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.3479: couldn't read orphan inode 15 (err -117)
[  171.958055][T12781] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.010668][T12785] bpf_get_probe_write_proto: 2 callbacks suppressed
[  172.010688][T12785] syz.2.3480[12785] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  172.019402][T12785] syz.2.3480[12785] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  172.132928][T10675] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.172134][T12800] ip6gretap0: entered promiscuous mode
[  172.178594][T12800] batadv_slave_1: entered promiscuous mode
[  172.234686][T12808] loop0: detected capacity change from 0 to 512
[  172.267691][T12812] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.276081][T12812] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.296266][T12816] loop4: detected capacity change from 0 to 512
[  172.302930][T12816] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  172.313988][T12816] EXT4-fs (loop4): 1 truncate cleaned up
[  172.319924][T12816] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.340466][T10670] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.943751][T12834] loop1: detected capacity change from 0 to 512
[  172.954080][T12834] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  172.967286][T12834] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 248: padding at end of block bitmap is not set
[  172.981530][T12834] EXT4-fs (loop1): Remounting filesystem read-only
[  172.988372][T12834] EXT4-fs (loop1): 1 truncate cleaned up
[  172.994537][T12834] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.007306][T12834] SELinux: (dev loop1, type ext4) getxattr errno 5
[  173.014596][T12834] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.045164][T12834] +}[@ (12834) used greatest stack depth: 9264 bytes left
[  173.062258][T12840] tipc: Started in network mode
[  173.067278][T12840] tipc: Node identity caa4ad351964, cluster identity 4711
[  173.074424][T12840] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  173.081857][T12840] ÿÿÿÿÿÿ: renamed from syzkaller0
[  173.087816][T12840] tipc: Disabling bearer <eth:syzkaller0>
[  173.112082][T12842] syz.0.3497[12842] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  173.112125][T12842] syz.0.3497[12842] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  173.126299][T12842] loop0: detected capacity change from 0 to 512
[  173.144276][T12842] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  173.154794][T12842] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c019, mo2=0002]
[  173.163610][T12842] System zones: 1-12
[  173.168224][T12842] EXT4-fs (loop0): 1 truncate cleaned up
[  173.174315][T12842] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.191704][T12847] loop1: detected capacity change from 0 to 512
[  173.221781][T12851] loop1: detected capacity change from 0 to 512
[  173.225114][T12842] loop0: detected capacity change from 512 to 64
[  173.228709][T12851] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  173.237317][T12842] syz.0.3497: attempt to access beyond end of device
[  173.237317][T12842] loop0: rw=34817, sector=510, nr_sectors = 2 limit=64
[  173.245539][T12851] EXT4-fs (loop1): 1 truncate cleaned up
[  173.260753][T12842] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  173.264553][T12851] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.291803][T11415] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.323531][T12856] netlink: 9 bytes leftover after parsing attributes in process `syz.0.3497'.
[  173.332500][T12856] 0·: renamed from hsr_slave_1 (while UP)
[  173.339647][T12856] 0·: entered allmulticast mode
[  173.435187][T12842] vhci_hcd: default hub control req: 4750 v004c i0000 l0
[  173.452531][T10675] EXT4-fs warning (device loop0): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block
[  173.466184][T10675] EXT4-fs warning (device loop0): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block
[  173.480408][T10675] EXT4-fs warning (device loop0): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block
[  173.508079][T10675] EXT4-fs warning (device loop0): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block
[  173.525020][T10675] EXT4-fs warning (device loop0): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block
[  173.540219][T10675] EXT4-fs warning (device loop0): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block
[  173.553625][T12871] loop3: detected capacity change from 0 to 2048
[  173.554006][T12871] EXT4-fs: Ignoring removed mblk_io_submit option
[  173.568473][T10675] EXT4-fs warning (device loop0): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block
[  173.582504][T10675] EXT4-fs warning (device loop0): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block
[  173.596163][T10675] EXT4-fs warning (device loop0): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block
[  173.611015][T10675] EXT4-fs warning (device loop0): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block
[  173.611586][T12871] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.833669][T11867] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.866122][T10675] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.878667][   T40] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.938918][   T40] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.999240][   T40] team0: Port device netdevsim1 removed
[  174.007649][   T40] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.051563][   T40] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.096440][T12901] chnl_net:caif_netlink_parms(): no params data found
[  174.136563][T12901] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.143725][T12901] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.152390][T12901] bridge_slave_0: entered allmulticast mode
[  174.159401][T12901] bridge_slave_0: entered promiscuous mode
[  174.170198][T12901] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.178015][T12901] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.187727][T12901] bridge_slave_1: entered allmulticast mode
[  174.194236][T12901] bridge_slave_1: entered promiscuous mode
[  174.243883][   T40] ip6gretap0 (unregistering): left promiscuous mode
[  174.268543][   T40] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  174.278931][   T40] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  174.289895][   T40] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  174.299369][   T40] bond0 (unregistering): Released all slaves
[  174.308415][T12901] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  174.320367][T12901] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  174.334095][   T40] batadv_slave_1: left promiscuous mode
[  174.341301][   T40] hsr_slave_0: left promiscuous mode
[  174.347267][   T40] 0·: left promiscuous mode
[  174.352088][   T40] batman_adv: batadv0: Removing interface: batadv_slave_0
[  174.359741][   T40] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  174.367193][   T40] batman_adv: batadv0: Removing interface: batadv_slave_1
[  174.383955][   T40] veth1_macvtap: left promiscuous mode
[  174.390118][   T40] veth1_vlan: left promiscuous mode
[  174.395376][   T40] veth0_vlan: left promiscuous mode
[  174.461936][   T40] team0 (unregistering): Port device team_slave_1 removed
[  174.471541][   T40] team0 (unregistering): Port device team_slave_0 removed
[  174.510149][T12901] team0: Port device team_slave_0 added
[  174.516560][T12901] team0: Port device team_slave_1 added
[  174.532122][T12901] batman_adv: batadv0: Adding interface: batadv_slave_0
[  174.539098][T12901] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  174.565088][T12901] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  174.576716][T12901] batman_adv: batadv0: Adding interface: batadv_slave_1
[  174.583680][T12901] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  174.609650][T12901] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  174.654949][T12926] netlink: '+}[@': attribute type 10 has an invalid length.
[  174.666445][T12901] hsr_slave_0: entered promiscuous mode
[  174.681687][T12901] hsr_slave_1: entered promiscuous mode
[  174.689842][T12901] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  174.699097][T12901] Cannot create hsr debugfs directory
[  174.722631][T12928] loop4: detected capacity change from 0 to 512
[  174.743156][T12924] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3524'.
[  174.751548][T12928] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  174.763869][T12928] EXT4-fs (loop4): 1 truncate cleaned up
[  174.768950][T12924] loop1: detected capacity change from 0 to 128
[  174.770097][T12928] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.789340][T12924] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  174.809684][T10670] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.809786][   T40] IPVS: stop unused estimator thread 0...
[  174.832314][T12934] FAULT_INJECTION: forcing a failure.
[  174.832314][T12934] name failslab, interval 1, probability 0, space 0, times 0
[  174.845090][T12934] CPU: 1 UID: 0 PID: 12934 Comm: +}[@ Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  174.854994][T12934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  174.865036][T12934] Call Trace:
[  174.868301][T12934]  <TASK>
[  174.871213][T12934]  dump_stack_lvl+0xf2/0x150
[  174.875857][T12934]  dump_stack+0x15/0x20
[  174.879996][T12934]  should_fail_ex+0x229/0x230
[  174.884712][T12934]  ? audit_log_d_path+0x96/0x250
[  174.889657][T12934]  should_failslab+0x8f/0xb0
[  174.894308][T12934]  __kmalloc_cache_noprof+0x4b/0x2a0
[  174.899702][T12934]  audit_log_d_path+0x96/0x250
[  174.904443][T12936] loop2: detected capacity change from 0 to 1024
[  174.904863][T12936] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  174.910782][T12934]  ? get_file_rcu+0xeb/0x100
[  174.910814][T12934]  ? __rcu_read_unlock+0x4e/0x70
[  174.928850][T12934]  audit_log_d_path_exe+0x42/0x70
[  174.933891][T12934]  audit_log_task+0x155/0x180
[  174.938650][T12934]  audit_seccomp+0x68/0x130
[  174.943165][T12934]  __seccomp_filter+0x6fa/0x1180
[  174.948092][T12934]  ? proc_fail_nth_write+0x12a/0x150
[  174.953407][T12934]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  174.959097][T12934]  ? vfs_write+0x580/0x910
[  174.963516][T12934]  __secure_computing+0x9f/0x1c0
[  174.968568][T12934]  syscall_trace_enter+0xd1/0x1f0
[  174.973583][T12934]  do_syscall_64+0xaa/0x1c0
[  174.978173][T12934]  ? clear_bhb_loop+0x55/0xb0
[  174.982848][T12934]  ? clear_bhb_loop+0x55/0xb0
[  174.987544][T12934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.993442][T12934] RIP: 0033:0x7f843ff2def9
[  174.997845][T12934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.017462][T12934] RSP: 002b:00007f843eba7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b5
[  175.025890][T12934] RAX: ffffffffffffffda RBX: 00007f84400e5f80 RCX: 00007f843ff2def9
[  175.033894][T12934] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffff9c
[  175.041852][T12934] RBP: 00007f843eba7090 R08: 0000000000000000 R09: 0000000000000000
[  175.049812][T12934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  175.057786][T12934] R13: 0000000000000000 R14: 00007f84400e5f80 R15: 00007ffe2db89e08
[  175.065788][T12934]  </TASK>
[  175.079003][T12924] ext4 filesystem being mounted at /118/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  175.087410][T12938] syz.4.3529[12938] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  175.111872][T12938] syz.4.3529[12938] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  175.133803][T12936] loop2: detected capacity change from 0 to 4096
[  175.156754][T12936] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.170033][T12936] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.193021][T12945] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  175.201173][T12945] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  175.323313][T12901] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  175.331246][T12953] loop2: detected capacity change from 0 to 128
[  175.332219][T12901] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  175.346966][T12901] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  175.356052][T12901] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  175.364849][T12943] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3531'.
[  175.373833][T12943] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3531'.
[  175.410768][T12901] 8021q: adding VLAN 0 to HW filter on device bond0
[  175.423642][T12901] 8021q: adding VLAN 0 to HW filter on device team0
[  175.440589][ T3629] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.447687][ T3629] bridge0: port 1(bridge_slave_0) entered forwarding state
[  175.462325][ T3629] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.469455][ T3629] bridge0: port 2(bridge_slave_1) entered forwarding state
[  175.526411][T11415] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  175.549930][T12962] loop2: detected capacity change from 0 to 512
[  175.575473][T12962] EXT4-fs: Ignoring removed nobh option
[  175.581136][T12962] EXT4-fs: Ignoring removed nobh option
[  175.584435][T12901] 8021q: adding VLAN 0 to HW filter on device batadv0
[  175.593792][T12965] loop1: detected capacity change from 0 to 2048
[  175.600590][T12965] EXT4-fs: Ignoring removed mblk_io_submit option
[  175.607874][T12962] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  175.617293][T12962] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #13: comm syz.2.3537: casefold flag without casefold feature
[  175.631469][T12965] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.643903][T12962] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.3537: couldn't read orphan inode 13 (err -117)
[  175.672894][T12962] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.706173][T11558] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.730903][T12901] veth0_vlan: entered promiscuous mode
[  175.739602][T12983] loop3: detected capacity change from 0 to 2048
[  175.740177][T12901] veth1_vlan: entered promiscuous mode
[  175.760168][T12901] veth0_macvtap: entered promiscuous mode
[  175.766748][T12983] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.767819][T12901] veth1_macvtap: entered promiscuous mode
[  175.790202][T12901] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  175.800733][T12901] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.810692][T12901] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  175.821168][T12901] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.831096][T12901] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  175.831504][T12983] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, 
[  175.841533][T12901] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.841551][T12901] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  175.841565][T12901] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.842906][T12901] batman_adv: batadv0: Interface activated: batadv_slave_0
[  175.849916][T12983] block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  175.855836][T12983] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  175.860979][T12901] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  175.870282][T12983] EXT4-fs (loop3): This should not happen!! Data will be lost
[  175.870282][T12983] 
[  175.880072][T12901] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.880083][T12901] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  175.887275][T12983] EXT4-fs (loop3): Total free blocks count 0
[  175.887289][T12983] EXT4-fs (loop3): Free/Dirty block details
[  175.887299][T12983] EXT4-fs (loop3): free_blocks=2415919104
[  175.887311][T12983] EXT4-fs (loop3): dirty_blocks=16
[  175.887321][T12983] EXT4-fs (loop3): Block reservation details
[  175.896142][T12901] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.908446][T12983] EXT4-fs (loop3): i_reserved_data_blocks=1
[  175.993769][T12901] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  176.004193][T12901] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  176.014058][T12901] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  176.024472][T12901] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  176.034108][T12989] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  176.048058][T11415] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.050634][T12901] batman_adv: batadv0: Interface activated: batadv_slave_1
[  176.068987][T12901] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  176.077731][T12901] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  176.086489][T12901] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  176.095551][T12901] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  176.096661][T12991] 9pnet_fd: Insufficient options for proto=fd
[  176.155797][   T29] kauditd_printk_skb: 721 callbacks suppressed
[  176.155812][   T29] audit: type=1326 audit(1726634618.980:25063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12997 comm="syz.0.3519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc16ddef9 code=0x7ffc0000
[  176.208159][   T29] audit: type=1326 audit(1726634618.980:25064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12997 comm="syz.0.3519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc16ddef9 code=0x7ffc0000
[  176.231988][   T29] audit: type=1326 audit(1726634618.980:25065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12997 comm="syz.0.3519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f2fc16ddef9 code=0x7ffc0000
[  176.255491][   T29] audit: type=1326 audit(1726634618.980:25066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12997 comm="syz.0.3519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc16ddef9 code=0x7ffc0000
[  176.279141][   T29] audit: type=1326 audit(1726634618.980:25067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12997 comm="syz.0.3519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2fc16ddef9 code=0x7ffc0000
[  176.302732][   T29] audit: type=1326 audit(1726634618.980:25068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12997 comm="syz.0.3519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc16ddef9 code=0x7ffc0000
[  176.326376][   T29] audit: type=1326 audit(1726634618.980:25069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12997 comm="syz.0.3519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=332 compat=0 ip=0x7f2fc16ddef9 code=0x7ffc0000
[  176.349990][   T29] audit: type=1326 audit(1726634618.980:25070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12997 comm="syz.0.3519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc16ddef9 code=0x7ffc0000
[  176.373540][   T29] audit: type=1326 audit(1726634618.980:25071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12997 comm="syz.0.3519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2fc16ddef9 code=0x7ffc0000
[  176.397173][   T29] audit: type=1326 audit(1726634618.980:25072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12997 comm="syz.0.3519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc16ddef9 code=0x7ffc0000
[  176.512364][T13013] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=18578 sclass=netlink_route_socket pid=13013 comm=syz.4.3549
[  176.579964][T13015] loop2: detected capacity change from 0 to 2048
[  176.586568][T13015] EXT4-fs: Ignoring removed mblk_io_submit option
[  176.666566][T13022] 9pnet_fd: Insufficient options for proto=fd
[  176.793547][T13031] FAULT_INJECTION: forcing a failure.
[  176.793547][T13031] name failslab, interval 1, probability 0, space 0, times 0
[  176.806297][T13031] CPU: 1 UID: 0 PID: 13031 Comm: syz.4.3555 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  176.816852][T13031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  176.826895][T13031] Call Trace:
[  176.830200][T13031]  <TASK>
[  176.833158][T13031]  dump_stack_lvl+0xf2/0x150
[  176.837735][T13031]  dump_stack+0x15/0x20
[  176.841881][T13031]  should_fail_ex+0x229/0x230
[  176.846579][T13031]  ? flock_lock_inode+0x236/0xf50
[  176.851593][T13031]  should_failslab+0x8f/0xb0
[  176.856266][T13031]  kmem_cache_alloc_noprof+0x4c/0x290
[  176.861720][T13031]  flock_lock_inode+0x236/0xf50
[  176.866566][T13031]  ? file_has_perm+0x329/0x370
[  176.871336][T13031]  locks_lock_inode_wait+0x6e/0x2c0
[  176.876520][T13031]  __se_sys_flock+0x2f0/0x3a0
[  176.881181][T13031]  __x64_sys_flock+0x31/0x40
[  176.885847][T13031]  x64_sys_call+0x289b/0x2d60
[  176.890509][T13031]  do_syscall_64+0xc9/0x1c0
[  176.895047][T13031]  ? clear_bhb_loop+0x55/0xb0
[  176.899762][T13031]  ? clear_bhb_loop+0x55/0xb0
[  176.904484][T13031]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.910386][T13031] RIP: 0033:0x7f843ff2def9
[  176.914781][T13031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.934405][T13031] RSP: 002b:00007f843eba7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000049
[  176.942833][T13031] RAX: ffffffffffffffda RBX: 00007f84400e5f80 RCX: 00007f843ff2def9
[  176.950830][T13031] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000006
[  176.958782][T13031] RBP: 00007f843eba7090 R08: 0000000000000000 R09: 0000000000000000
[  176.966740][T13031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  176.974704][T13031] R13: 0000000000000000 R14: 00007f84400e5f80 R15: 00007ffe2db89e08
[  176.982750][T13031]  </TASK>
[  177.026863][T13037] syz.4.3557: attempt to access beyond end of device
[  177.026863][T13037] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  177.052367][T13037] loop4: detected capacity change from 0 to 512
[  177.066677][T13037] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.3557: corrupted in-inode xattr: invalid ea_ino
[  177.090198][T13037] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.3557: couldn't read orphan inode 15 (err -117)
[  177.153250][T13053] 9pnet_fd: Insufficient options for proto=fd
[  177.274207][T13081] loop2: detected capacity change from 0 to 1024
[  177.281124][T13081] EXT4-fs: Ignoring removed orlov option
[  177.286867][T13081] EXT4-fs: Ignoring removed nomblk_io_submit option
[  177.335426][T13088] loop2: detected capacity change from 0 to 2048
[  177.342043][T13088] EXT4-fs: Ignoring removed mblk_io_submit option
[  177.554328][T13095] loop2: detected capacity change from 0 to 2048
[  177.569966][T13095] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  178.000844][T13114] loop3: detected capacity change from 0 to 256
[  178.008429][T13114] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  178.032857][T13119] FAULT_INJECTION: forcing a failure.
[  178.032857][T13119] name failslab, interval 1, probability 0, space 0, times 0
[  178.045611][T13119] CPU: 1 UID: 0 PID: 13119 Comm: syz.3.3588 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  178.056148][T13119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  178.066193][T13119] Call Trace:
[  178.069473][T13119]  <TASK>
[  178.072391][T13119]  dump_stack_lvl+0xf2/0x150
[  178.076976][T13119]  dump_stack+0x15/0x20
[  178.081152][T13119]  should_fail_ex+0x229/0x230
[  178.085924][T13119]  ? audit_log_start+0x34c/0x6b0
[  178.090953][T13119]  should_failslab+0x8f/0xb0
[  178.095533][T13119]  kmem_cache_alloc_noprof+0x4c/0x290
[  178.100903][T13119]  audit_log_start+0x34c/0x6b0
[  178.105741][T13119]  ? __alloc_pages_noprof+0x194/0x360
[  178.111108][T13119]  audit_seccomp+0x4b/0x130
[  178.115681][T13119]  ? cgroup_rstat_updated+0x99/0x550
[  178.120964][T13119]  __seccomp_filter+0x6fa/0x1180
[  178.125942][T13119]  ? __rcu_read_unlock+0x4e/0x70
[  178.130929][T13119]  ? handle_mm_fault+0x175e/0x2a20
[  178.136123][T13119]  __secure_computing+0x9f/0x1c0
[  178.141056][T13119]  syscall_trace_enter+0xd1/0x1f0
[  178.146159][T13119]  ? __rcu_read_unlock+0x4e/0x70
[  178.151113][T13119]  do_syscall_64+0xaa/0x1c0
[  178.155613][T13119]  ? clear_bhb_loop+0x55/0xb0
[  178.160351][T13119]  ? clear_bhb_loop+0x55/0xb0
[  178.165053][T13119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.170944][T13119] RIP: 0033:0x7fcd8e7efe17
[  178.175470][T13119] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.195158][T13119] RSP: 002b:00007fcd8d465fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  178.203562][T13119] RAX: ffffffffffffffda RBX: 00007fcd8e9a5f80 RCX: 00007fcd8e7efe17
[  178.211547][T13119] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  178.219520][T13119] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  178.227555][T13119] R10: 0000000020000080 R11: 0000000000000286 R12: 0000000000000001
[  178.235739][T13119] R13: 0000000000000000 R14: 00007fcd8e9a5f80 R15: 00007fff58b90b48
[  178.243705][T13119]  </TASK>
[  178.270691][T13121] atomic_op ffff888123f91928 conn xmit_atomic 0000000000000000
[  178.348933][T13139] loop3: detected capacity change from 0 to 2048
[  178.378992][T13139] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  178.551310][T13153] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3602'.
[  178.563945][T13153] loop1: detected capacity change from 0 to 1024
[  178.570559][T13153] EXT4-fs: Ignoring removed orlov option
[  178.576274][T13153] EXT4-fs: Ignoring removed nomblk_io_submit option
[  178.603234][T13158] FAULT_INJECTION: forcing a failure.
[  178.603234][T13158] name failslab, interval 1, probability 0, space 0, times 0
[  178.615885][T13158] CPU: 1 UID: 0 PID: 13158 Comm: +}[@ Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  178.625894][T13158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  178.636010][T13158] Call Trace:
[  178.639279][T13158]  <TASK>
[  178.642193][T13158]  dump_stack_lvl+0xf2/0x150
[  178.646836][T13158]  dump_stack+0x15/0x20
[  178.651003][T13158]  should_fail_ex+0x229/0x230
[  178.655720][T13158]  ? getname_flags+0x81/0x3b0
[  178.660458][T13158]  should_failslab+0x8f/0xb0
[  178.665107][T13158]  kmem_cache_alloc_noprof+0x4c/0x290
[  178.670581][T13158]  getname_flags+0x81/0x3b0
[  178.675075][T13158]  user_path_at+0x26/0x110
[  178.679493][T13158]  __se_sys_move_mount+0xfd/0x730
[  178.684507][T13158]  __x64_sys_move_mount+0x67/0x80
[  178.689593][T13158]  x64_sys_call+0x1b80/0x2d60
[  178.694310][T13158]  do_syscall_64+0xc9/0x1c0
[  178.698793][T13158]  ? clear_bhb_loop+0x55/0xb0
[  178.703537][T13158]  ? clear_bhb_loop+0x55/0xb0
[  178.708223][T13158]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.714104][T13158] RIP: 0033:0x7fa03be0def9
[  178.718502][T13158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.738165][T13158] RSP: 002b:00007fa03aa87038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ad
[  178.746658][T13158] RAX: ffffffffffffffda RBX: 00007fa03bfc5f80 RCX: 00007fa03be0def9
[  178.754698][T13158] RDX: ffffffffffffff9c RSI: 0000000020000140 RDI: 0000000000000005
[  178.762660][T13158] RBP: 00007fa03aa87090 R08: 0000000000000000 R09: 0000000000000000
[  178.770622][T13158] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[  178.778701][T13158] R13: 0000000000000000 R14: 00007fa03bfc5f80 R15: 00007ffdd6973068
[  178.786668][T13158]  </TASK>
[  179.191524][T13175] loop3: detected capacity change from 0 to 512
[  179.198228][T13175] EXT4-fs: Ignoring removed nomblk_io_submit option
[  179.209691][T13175] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  179.217749][T13175] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=1842c01c, mo2=0002]
[  179.226823][T13175] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (80)
[  179.226927][T13177] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.236322][T13175] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features
[  179.252262][T13177] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.267049][T13182] bridge_slave_1: left allmulticast mode
[  179.272828][T13182] bridge_slave_1: left promiscuous mode
[  179.278551][T13182] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.284796][T13181] loop4: detected capacity change from 0 to 512
[  179.300191][T13181] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  179.310527][T13182] bridge_slave_0: left allmulticast mode
[  179.316366][T13182] bridge_slave_0: left promiscuous mode
[  179.322051][T13182] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.338533][T13181] EXT4-fs (loop4): 1 truncate cleaned up
[  179.399645][T13196] infiniband ÿÿÿÿ: RDMA CMA: cma_listen_on_dev, error -98
[  179.412036][T13203] loop4: detected capacity change from 0 to 2048
[  179.434624][T13203] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  179.503186][T13215] loop2: detected capacity change from 0 to 2048
[  179.527178][T13215] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  179.542899][T13215] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  179.555369][T13215] EXT4-fs (loop2): This should not happen!! Data will be lost
[  179.555369][T13215] 
[  179.565093][T13215] EXT4-fs (loop2): Total free blocks count 0
[  179.571090][T13215] EXT4-fs (loop2): Free/Dirty block details
[  179.577027][T13215] EXT4-fs (loop2): free_blocks=2415919104
[  179.582819][T13215] EXT4-fs (loop2): dirty_blocks=16
[  179.588031][T13215] EXT4-fs (loop2): Block reservation details
[  179.593998][T13215] EXT4-fs (loop2): i_reserved_data_blocks=1
[  179.601051][T13221] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  179.613584][T13221] EXT4-fs (loop2): This should not happen!! Data will be lost
[  179.613584][T13221] 
[  179.678774][T13227] loop3: detected capacity change from 0 to 512
[  179.685974][T13227] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  179.697238][T13227] EXT4-fs (loop3): 1 truncate cleaned up
[  179.754071][T13236] syz.1.3635[13236] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  179.754110][T13236] syz.1.3635[13236] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  179.778470][T13238] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  179.798489][T13238] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.256708][T13240] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.266895][T13240] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.421871][T13242] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3638'.
[  180.746805][T13258] loop3: detected capacity change from 0 to 2048
[  180.796166][T13258]  loop3: p1 < > p4
[  180.807527][T13258] loop3: p4 size 8388608 extends beyond EOD, truncated
[  180.906135][T13265] netlink: '+}[@': attribute type 10 has an invalid length.
[  180.965329][T13271] netlink: '+}[@': attribute type 10 has an invalid length.
[  181.006839][T13276] loop3: detected capacity change from 0 to 2048
[  181.055257][T13276] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  181.070365][T13276] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  181.082786][T13276] EXT4-fs (loop3): This should not happen!! Data will be lost
[  181.082786][T13276] 
[  181.092450][T13276] EXT4-fs (loop3): Total free blocks count 0
[  181.098472][T13276] EXT4-fs (loop3): Free/Dirty block details
[  181.104370][T13276] EXT4-fs (loop3): free_blocks=2415919104
[  181.110366][T13276] EXT4-fs (loop3): dirty_blocks=16
[  181.115642][T13276] EXT4-fs (loop3): Block reservation details
[  181.121703][T13276] EXT4-fs (loop3): i_reserved_data_blocks=1
[  181.129036][T13286] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  181.141575][T13286] EXT4-fs (loop3): This should not happen!! Data will be lost
[  181.141575][T13286] 
[  181.170458][   T29] kauditd_printk_skb: 2773 callbacks suppressed
[  181.170472][   T29] audit: type=1326 audit(1726634623.990:27844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13284 comm="syz.0.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2fc16d4ea7 code=0x7ffc0000
[  181.241998][   T29] audit: type=1326 audit(1726634624.040:27845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13284 comm="syz.0.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2fc1679869 code=0x7ffc0000
[  181.265692][   T29] audit: type=1326 audit(1726634624.040:27846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13284 comm="syz.0.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2fc16d4ea7 code=0x7ffc0000
[  181.289432][   T29] audit: type=1326 audit(1726634624.040:27847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13284 comm="syz.0.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2fc1679869 code=0x7ffc0000
[  181.313042][   T29] audit: type=1326 audit(1726634624.040:27848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13284 comm="syz.0.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f2fc16ddef9 code=0x7ffc0000
[  181.321256][T13292] loop1: detected capacity change from 0 to 256
[  181.336605][   T29] audit: type=1326 audit(1726634624.040:27849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13284 comm="syz.0.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2fc16d4ea7 code=0x7ffc0000
[  181.366551][   T29] audit: type=1326 audit(1726634624.040:27850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13284 comm="syz.0.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2fc1679869 code=0x7ffc0000
[  181.390208][   T29] audit: type=1326 audit(1726634624.040:27851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13284 comm="syz.0.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f2fc16ddef9 code=0x7ffc0000
[  181.407985][T13293] netlink: 'syz.2.3653': attribute type 10 has an invalid length.
[  181.413730][   T29] audit: type=1326 audit(1726634624.050:27852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13284 comm="syz.0.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2fc16d4ea7 code=0x7ffc0000
[  181.445379][   T29] audit: type=1326 audit(1726634624.050:27853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13284 comm="syz.0.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2fc1679869 code=0x7ffc0000
[  181.471842][T13295] netlink: 'syz.3.3652': attribute type 10 has an invalid length.
[  181.509462][T13295] team0: Port device netdevsim1 added
[  181.518088][T13297] syz.1.3655[13297] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  181.518210][T13297] syz.1.3655[13297] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  181.566508][T13301] netlink: 144 bytes leftover after parsing attributes in process `syz.3.3657'.
[  181.589789][T13297] loop1: detected capacity change from 0 to 1764
[  181.677757][T13309] loop3: detected capacity change from 0 to 512
[  181.694540][T13313] loop2: detected capacity change from 0 to 512
[  181.701682][T13309] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.3661: casefold flag without casefold feature
[  181.701855][T13313] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  181.715806][T13309] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.3661: couldn't read orphan inode 15 (err -117)
[  181.726436][T13313] EXT4-fs (loop2): 1 truncate cleaned up
[  181.957381][T13331] loop3: detected capacity change from 0 to 512
[  181.964014][T13331] EXT4-fs: Ignoring removed nobh option
[  181.969624][T13331] EXT4-fs: Ignoring removed nobh option
[  181.976373][T13331] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[  181.984611][T13331] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #13: comm syz.3.3668: casefold flag without casefold feature
[  181.998092][T13331] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.3668: couldn't read orphan inode 13 (err -117)
[  182.355457][T13360] loop4: detected capacity change from 0 to 512
[  182.362091][T13360] EXT4-fs: Ignoring removed nobh option
[  182.367735][T13360] EXT4-fs: Ignoring removed nobh option
[  182.374674][T13360] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  182.382914][T13360] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #13: comm syz.4.3680: casefold flag without casefold feature
[  182.395771][T13360] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.3680: couldn't read orphan inode 13 (err -117)
[  182.539703][T13378] syzkaller0: entered promiscuous mode
[  182.545266][T13378] syzkaller0: entered allmulticast mode
[  182.564628][T13378] loop1: detected capacity change from 0 to 512
[  182.572327][T13378] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.3686: casefold flag without casefold feature
[  182.585731][T13378] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.3686: couldn't read orphan inode 15 (err -117)
[  182.807751][T13395] loop2: detected capacity change from 0 to 512
[  182.814693][T13395] EXT4-fs: Ignoring removed nobh option
[  182.820364][T13395] EXT4-fs: Ignoring removed nobh option
[  182.821047][T13397] loop1: detected capacity change from 0 to 2048
[  182.828141][T13395] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  182.840467][T13395] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #13: comm syz.2.3693: casefold flag without casefold feature
[  182.853950][T13395] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.3693: couldn't read orphan inode 13 (err -117)
[  182.872816][T13397] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  183.321738][T13425] netlink: 144 bytes leftover after parsing attributes in process `syz.4.3703'.
[  183.356072][T13429] netlink: 'syz.4.3705': attribute type 6 has an invalid length.
[  183.519146][T13442] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3709'.
[  183.712783][T13451] netlink: 'syz.0.3713': attribute type 10 has an invalid length.
[  183.720780][T13451] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3713'.
[  183.729898][T13451] team0: entered promiscuous mode
[  183.734974][T13451] team_slave_0: entered promiscuous mode
[  183.740759][T13451] team_slave_1: entered promiscuous mode
[  183.746479][T13451] team0: entered allmulticast mode
[  183.751658][T13451] team_slave_0: entered allmulticast mode
[  183.757463][T13451] team_slave_1: entered allmulticast mode
[  183.767774][T13451] net_ratelimit: 75 callbacks suppressed
[  183.767789][T13451] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  183.793932][T13453] loop0: detected capacity change from 0 to 512
[  183.801033][T13453] EXT4-fs: Ignoring removed i_version option
[  183.807233][T13453] EXT4-fs: Ignoring removed nobh option
[  183.813354][T13453] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  183.824212][T13453] EXT4-fs (loop0): 1 truncate cleaned up
[  184.048013][T13477] loop2: detected capacity change from 0 to 2048
[  184.054709][T13477] EXT4-fs: Ignoring removed mblk_io_submit option
[  184.238421][T13482] loop2: detected capacity change from 0 to 512
[  184.245371][T13482] EXT4-fs (loop2): inodes count not valid: 13 vs 32
[  184.275689][T13486] loop2: detected capacity change from 0 to 512
[  184.282297][T13486] EXT4-fs: Ignoring removed nobh option
[  184.288004][T13486] EXT4-fs: Ignoring removed nobh option
[  184.294718][T13486] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  184.303319][T13486] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #13: comm syz.2.3725: casefold flag without casefold feature
[  184.316372][T13486] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.3725: couldn't read orphan inode 13 (err -117)
[  184.403187][T13499] loop4: detected capacity change from 0 to 2048
[  184.409945][T13499] EXT4-fs: Ignoring removed mblk_io_submit option
[  184.631418][T13521] loop1: detected capacity change from 0 to 512
[  184.638969][T13521] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  184.639319][T13523] netlink: 144 bytes leftover after parsing attributes in process `syz.4.3739'.
[  184.651489][T13521] EXT4-fs (loop1): 1 truncate cleaned up
[  184.830204][T13547] FAULT_INJECTION: forcing a failure.
[  184.830204][T13547] name failslab, interval 1, probability 0, space 0, times 0
[  184.842985][T13547] CPU: 0 UID: 0 PID: 13547 Comm: +}[@ Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  184.852928][T13547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  184.862986][T13547] Call Trace:
[  184.866336][T13547]  <TASK>
[  184.869368][T13547]  dump_stack_lvl+0xf2/0x150
[  184.874003][T13547]  dump_stack+0x15/0x20
[  184.878167][T13547]  should_fail_ex+0x229/0x230
[  184.882852][T13547]  ? getname_flags+0x81/0x3b0
[  184.887543][T13547]  should_failslab+0x8f/0xb0
[  184.892209][T13547]  kmem_cache_alloc_noprof+0x4c/0x290
[  184.897778][T13547]  getname_flags+0x81/0x3b0
[  184.902295][T13547]  __x64_sys_mkdirat+0x41/0x60
[  184.907072][T13547]  x64_sys_call+0x2cd3/0x2d60
[  184.911831][T13547]  do_syscall_64+0xc9/0x1c0
[  184.916410][T13547]  ? clear_bhb_loop+0x55/0xb0
[  184.921140][T13547]  ? clear_bhb_loop+0x55/0xb0
[  184.925865][T13547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.931757][T13547] RIP: 0033:0x7f2fc16ddef9
[  184.936160][T13547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.955817][T13547] RSP: 002b:00007f2fc0357038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  184.964220][T13547] RAX: ffffffffffffffda RBX: 00007f2fc1895f80 RCX: 00007f2fc16ddef9
[  184.972180][T13547] RDX: 00000000000001ff RSI: 0000000000000000 RDI: ffffffffffffff9c
[  184.980182][T13547] RBP: 00007f2fc0357090 R08: 0000000000000000 R09: 0000000000000000
[  184.988140][T13547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.996162][T13547] R13: 0000000000000000 R14: 00007f2fc1895f80 R15: 00007fffa42e4d78
[  185.004189][T13547]  </TASK>
[  185.022476][T13549] netlink: 'syz.1.3749': attribute type 10 has an invalid length.
[  185.026133][T13552] FAULT_INJECTION: forcing a failure.
[  185.026133][T13552] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  185.043486][T13552] CPU: 0 UID: 0 PID: 13552 Comm: syz.3.3748 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  185.053952][T13552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  185.064142][T13552] Call Trace:
[  185.067453][T13552]  <TASK>
[  185.070375][T13552]  dump_stack_lvl+0xf2/0x150
[  185.075035][T13552]  dump_stack+0x15/0x20
[  185.079181][T13552]  should_fail_ex+0x229/0x230
[  185.083855][T13552]  should_fail+0xb/0x10
[  185.088080][T13552]  should_fail_usercopy+0x1a/0x20
[  185.093123][T13552]  strncpy_from_user+0x25/0x270
[  185.097966][T13552]  strncpy_from_user_nofault+0x66/0xe0
[  185.103419][T13552]  bpf_probe_read_user_str+0x2a/0x70
[  185.108762][T13552]  bpf_prog_b1bc9f7c1f89903c+0x40/0x42
[  185.114207][T13552]  bpf_trace_run3+0x10c/0x1d0
[  185.118942][T13552]  ? user_path_at+0xf5/0x110
[  185.123637][T13552]  ? user_path_at+0xf5/0x110
[  185.128325][T13552]  __traceiter_kmem_cache_free+0x33/0x50
[  185.133949][T13552]  ? user_path_at+0xf5/0x110
[  185.138532][T13552]  kmem_cache_free+0x1fe/0x280
[  185.143313][T13552]  user_path_at+0xf5/0x110
[  185.147765][T13552]  __x64_sys_fchmodat+0x75/0x120
[  185.152696][T13552]  x64_sys_call+0x2a3f/0x2d60
[  185.157488][T13552]  do_syscall_64+0xc9/0x1c0
[  185.162037][T13552]  ? clear_bhb_loop+0x55/0xb0
[  185.166777][T13552]  ? clear_bhb_loop+0x55/0xb0
[  185.171495][T13552]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.177387][T13552] RIP: 0033:0x7fcd8e7edef9
[  185.181818][T13552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.201504][T13552] RSP: 002b:00007fcd8d467038 EFLAGS: 00000246 ORIG_RAX: 000000000000010c
[  185.209913][T13552] RAX: ffffffffffffffda RBX: 00007fcd8e9a5f80 RCX: 00007fcd8e7edef9
[  185.217916][T13552] RDX: 00000000fffffed3 RSI: 0000000020000000 RDI: ffffffffffffff9c
[  185.225875][T13552] RBP: 00007fcd8d467090 R08: 0000000000000000 R09: 0000000000000000
[  185.233889][T13552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  185.241855][T13552] R13: 0000000000000000 R14: 00007fcd8e9a5f80 R15: 00007fff58b90b48
[  185.249926][T13552]  </TASK>
[  185.289720][T13554] loop2: detected capacity change from 0 to 2048
[  185.307815][T13559] netlink: 144 bytes leftover after parsing attributes in process `syz.3.3751'.
[  185.318506][T13557] SELinux:  Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped).
[  185.321362][T13554] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  185.343113][T13554] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  185.355497][T13554] EXT4-fs (loop2): This should not happen!! Data will be lost
[  185.355497][T13554] 
[  185.365210][T13554] EXT4-fs (loop2): Total free blocks count 0
[  185.371224][T13554] EXT4-fs (loop2): Free/Dirty block details
[  185.377135][T13554] EXT4-fs (loop2): free_blocks=2415919104
[  185.382921][T13554] EXT4-fs (loop2): dirty_blocks=16
[  185.388063][T13554] EXT4-fs (loop2): Block reservation details
[  185.394266][T13554] EXT4-fs (loop2): i_reserved_data_blocks=1
[  185.401801][T13566] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  185.414205][T13566] EXT4-fs (loop2): This should not happen!! Data will be lost
[  185.414205][T13566] 
[  185.536924][T13591] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3763'.
[  185.566793][T13595] netlink: 144 bytes leftover after parsing attributes in process `syz.1.3765'.
[  185.622711][T13604] netlink: '+}[@': attribute type 10 has an invalid length.
[  186.319492][T13645] loop0: detected capacity change from 0 to 2048
[  186.340980][T13645] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  186.355953][T13645] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  186.368422][T13645] EXT4-fs (loop0): This should not happen!! Data will be lost
[  186.368422][T13645] 
[  186.378595][T13645] EXT4-fs (loop0): Total free blocks count 0
[  186.384578][T13645] EXT4-fs (loop0): Free/Dirty block details
[  186.390571][T13645] EXT4-fs (loop0): free_blocks=2415919104
[  186.396349][T13645] EXT4-fs (loop0): dirty_blocks=16
[  186.401455][T13645] EXT4-fs (loop0): Block reservation details
[  186.407478][T13645] EXT4-fs (loop0): i_reserved_data_blocks=1
[  186.415084][T13650] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  186.427487][T13650] EXT4-fs (loop0): This should not happen!! Data will be lost
[  186.427487][T13650] 
[  186.440221][   T29] kauditd_printk_skb: 2472 callbacks suppressed
[  186.440235][   T29] audit: type=1326 audit(1726634629.260:30326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13651 comm="syz.4.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843ff2def9 code=0x7ffc0000
[  186.450678][T13654] loop2: detected capacity change from 0 to 512
[  186.477792][   T29] audit: type=1326 audit(1726634629.300:30327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13651 comm="syz.4.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843ff2def9 code=0x7ffc0000
[  186.489946][T13654] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  186.506328][   T29] audit: type=1326 audit(1726634629.300:30328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13651 comm="syz.4.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f843ff2def9 code=0x7ffc0000
[  186.534831][   T29] audit: type=1326 audit(1726634629.300:30329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13651 comm="syz.4.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843ff2def9 code=0x7ffc0000
[  186.558465][   T29] audit: type=1326 audit(1726634629.300:30330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13651 comm="syz.4.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f843ff2def9 code=0x7ffc0000
[  186.561404][T13654] EXT4-fs (loop2): 1 orphan inode deleted
[  186.582268][   T29] audit: type=1326 audit(1726634629.300:30331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13651 comm="syz.4.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843ff2def9 code=0x7ffc0000
[  186.587939][T13654] EXT4-fs (loop2): 1 truncate cleaned up
[  186.595705][T13654] EXT4-fs error (device loop2): empty_inline_dir:1834: inode #12: block 7: comm syz.2.3786: bad entry in directory: directory entry overrun - offset=4, inode=13, rec_len=784, size=60 fake=0
[  186.611551][   T29] audit: type=1326 audit(1726634629.300:30332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13651 comm="syz.4.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843ff2def9 code=0x7ffc0000
[  186.618382][T13654] EXT4-fs (loop2): Remounting filesystem read-only
[  186.635959][   T29] audit: type=1326 audit(1726634629.300:30333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13651 comm="syz.4.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f843ff2def9 code=0x7ffc0000
[  186.659465][T13654] EXT4-fs warning (device loop2): empty_inline_dir:1841: bad inline directory (dir #12) - inode 13, rec_len 784, name_len 5inline size 60
[  186.665918][   T29] audit: type=1326 audit(1726634629.300:30334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13651 comm="syz.4.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843ff2def9 code=0x7ffc0000
[  186.703778][T13661] FAULT_INJECTION: forcing a failure.
[  186.703778][T13661] name failslab, interval 1, probability 0, space 0, times 0
[  186.739718][T13661] CPU: 0 UID: 0 PID: 13661 Comm: syz.3.3790 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  186.750168][T13661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  186.760232][T13661] Call Trace:
[  186.763586][T13661]  <TASK>
[  186.766550][T13661]  dump_stack_lvl+0xf2/0x150
[  186.771161][T13661]  dump_stack+0x15/0x20
[  186.775309][T13661]  should_fail_ex+0x229/0x230
[  186.780041][T13661]  ? posix_lock_inode+0x211/0x2470
[  186.785220][T13661]  should_failslab+0x8f/0xb0
[  186.789805][T13661]  kmem_cache_alloc_noprof+0x4c/0x290
[  186.795180][T13661]  posix_lock_inode+0x211/0x2470
[  186.800159][T13661]  ? file_has_perm+0x329/0x370
[  186.804932][T13661]  fcntl_setlk+0x686/0x980
[  186.809344][T13661]  do_fcntl+0x535/0xd70
[  186.813497][T13661]  __se_sys_fcntl+0xbf/0x1b0
[  186.818080][T13661]  __x64_sys_fcntl+0x43/0x50
[  186.822700][T13661]  x64_sys_call+0x209e/0x2d60
[  186.827404][T13661]  do_syscall_64+0xc9/0x1c0
[  186.831898][T13661]  ? clear_bhb_loop+0x55/0xb0
[  186.836578][T13661]  ? clear_bhb_loop+0x55/0xb0
[  186.841320][T13661]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.847218][T13661] RIP: 0033:0x7fcd8e7edef9
[  186.851623][T13661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.871272][T13661] RSP: 002b:00007fcd8d467038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  186.879675][T13661] RAX: ffffffffffffffda RBX: 00007fcd8e9a5f80 RCX: 00007fcd8e7edef9
[  186.887678][T13661] RDX: 0000000020000000 RSI: 0000000000000026 RDI: 0000000000000006
[  186.895676][T13661] RBP: 00007fcd8d467090 R08: 0000000000000000 R09: 0000000000000000
[  186.903637][T13661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  186.911596][T13661] R13: 0000000000000000 R14: 00007fcd8e9a5f80 R15: 00007fff58b90b48
[  186.919612][T13661]  </TASK>
[  186.948639][T13669] loop3: detected capacity change from 0 to 1024
[  186.955557][T13669] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  186.979642][T13654] sctp: [Deprecated]: syz.2.3786 (pid 13654) Use of int in max_burst socket option.
[  186.979642][T13654] Use struct sctp_assoc_value instead
[  186.994760][T13673] 9pnet_fd: Insufficient options for proto=fd
[  186.995378][   T29] audit: type=1400 audit(1726634629.820:30335): avc:  denied  { accept } for  pid=13652 comm="syz.2.3786" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  187.069778][T13654] IPv6: Can't replace route, no match found
[  187.186408][T13696] loop2: detected capacity change from 0 to 512
[  187.193318][T13696] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  187.214138][T13696] EXT4-fs (loop2): 1 truncate cleaned up
[  187.772413][T13719] loop1: detected capacity change from 0 to 512
[  187.787616][T13719] ext4 filesystem being mounted at /182/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  187.798781][T13724] FAULT_INJECTION: forcing a failure.
[  187.798781][T13724] name failslab, interval 1, probability 0, space 0, times 0
[  187.811448][T13724] CPU: 0 UID: 0 PID: 13724 Comm: syz.3.3811 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  187.821971][T13724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  187.832017][T13724] Call Trace:
[  187.835284][T13724]  <TASK>
[  187.838203][T13724]  dump_stack_lvl+0xf2/0x150
[  187.842790][T13724]  dump_stack+0x15/0x20
[  187.846963][T13724]  should_fail_ex+0x229/0x230
[  187.851667][T13724]  ? __alloc_skb+0x10b/0x310
[  187.856310][T13724]  should_failslab+0x8f/0xb0
[  187.860901][T13724]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  187.866752][T13724]  __alloc_skb+0x10b/0x310
[  187.871309][T13724]  audit_log_start+0x368/0x6b0
[  187.876102][T13724]  ? kmem_cache_free+0xd8/0x280
[  187.880950][T13724]  audit_seccomp+0x4b/0x130
[  187.885450][T13724]  __seccomp_filter+0x6fa/0x1180
[  187.890391][T13724]  ? __rcu_read_unlock+0x4e/0x70
[  187.895324][T13724]  ? avc_has_perm_noaudit+0x1cc/0x210
[  187.900704][T13724]  __secure_computing+0x9f/0x1c0
[  187.905631][T13724]  syscall_trace_enter+0xd1/0x1f0
[  187.910692][T13724]  ? fpregs_assert_state_consistent+0x83/0xa0
[  187.916759][T13724]  do_syscall_64+0xaa/0x1c0
[  187.921281][T13724]  ? clear_bhb_loop+0x55/0xb0
[  187.926037][T13724]  ? clear_bhb_loop+0x55/0xb0
[  187.930791][T13724]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.936753][T13724] RIP: 0033:0x7fcd8e7ec93c
[  187.941215][T13724] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  187.960866][T13724] RSP: 002b:00007fcd8d467030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  187.969269][T13724] RAX: ffffffffffffffda RBX: 00007fcd8e9a5f80 RCX: 00007fcd8e7ec93c
[  187.977234][T13724] RDX: 000000000000000f RSI: 00007fcd8d4670a0 RDI: 0000000000000005
[  187.985194][T13724] RBP: 00007fcd8d467090 R08: 0000000000000000 R09: 0000000000000000
[  187.993154][T13724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  188.001125][T13724] R13: 0000000000000000 R14: 00007fcd8e9a5f80 R15: 00007fff58b90b48
[  188.009108][T13724]  </TASK>
[  188.096796][T13734] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3816'.
[  188.133379][T13734] netlink: 'syz.0.3816': attribute type 1 has an invalid length.
[  188.141338][T13734] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3816'.
[  188.234714][T13755] FAULT_INJECTION: forcing a failure.
[  188.234714][T13755] name failslab, interval 1, probability 0, space 0, times 0
[  188.247519][T13755] CPU: 0 UID: 0 PID: 13755 Comm: syz.3.3824 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  188.258090][T13755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  188.268165][T13755] Call Trace:
[  188.271453][T13755]  <TASK>
[  188.274412][T13755]  dump_stack_lvl+0xf2/0x150
[  188.279085][T13755]  dump_stack+0x15/0x20
[  188.283308][T13755]  should_fail_ex+0x229/0x230
[  188.288060][T13755]  ? audit_log_start+0x34c/0x6b0
[  188.293007][T13755]  should_failslab+0x8f/0xb0
[  188.297581][T13755]  kmem_cache_alloc_noprof+0x4c/0x290
[  188.302940][T13755]  audit_log_start+0x34c/0x6b0
[  188.307844][T13755]  audit_seccomp+0x4b/0x130
[  188.312452][T13755]  __seccomp_filter+0x6fa/0x1180
[  188.317375][T13755]  ? proc_fail_nth_write+0x12a/0x150
[  188.322698][T13755]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  188.328379][T13755]  ? vfs_write+0x580/0x910
[  188.332841][T13755]  ? __fget_files+0x1d4/0x210
[  188.337682][T13755]  __secure_computing+0x9f/0x1c0
[  188.342661][T13755]  syscall_trace_enter+0xd1/0x1f0
[  188.347740][T13755]  ? fpregs_assert_state_consistent+0x83/0xa0
[  188.353827][T13755]  do_syscall_64+0xaa/0x1c0
[  188.358342][T13755]  ? clear_bhb_loop+0x55/0xb0
[  188.363007][T13755]  ? clear_bhb_loop+0x55/0xb0
[  188.367677][T13755]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.373625][T13755] RIP: 0033:0x7fcd8e7edef9
[  188.378026][T13755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.397787][T13755] RSP: 002b:00007fcd8d467038 EFLAGS: 00000246 ORIG_RAX: 0000000000000072
[  188.406197][T13755] RAX: ffffffffffffffda RBX: 00007fcd8e9a5f80 RCX: 00007fcd8e7edef9
[  188.414234][T13755] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  188.422227][T13755] RBP: 00007fcd8d467090 R08: 0000000000000000 R09: 0000000000000000
[  188.430204][T13755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  188.438156][T13755] R13: 0000000000000000 R14: 00007fcd8e9a5f80 R15: 00007fff58b90b48
[  188.446188][T13755]  </TASK>
[  188.669436][T13770] loop3: detected capacity change from 0 to 512
[  188.730874][T13770] ext4 filesystem being mounted at /124/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  188.769916][T13784] loop1: detected capacity change from 0 to 512
[  188.778426][T13784] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  188.799206][T13791] syz.3.3836[13791] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  188.799264][T13791] syz.3.3836[13791] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  188.811683][T13784] EXT4-fs (loop1): 1 truncate cleaned up
[  188.860166][T13790] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  189.041069][T13813] FAULT_INJECTION: forcing a failure.
[  189.041069][T13813] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  189.054264][T13813] CPU: 0 UID: 0 PID: 13813 Comm: syz.0.3843 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  189.064790][T13813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  189.074861][T13813] Call Trace:
[  189.078140][T13813]  <TASK>
[  189.081076][T13813]  dump_stack_lvl+0xf2/0x150
[  189.085699][T13813]  dump_stack+0x15/0x20
[  189.089890][T13813]  should_fail_ex+0x229/0x230
[  189.094621][T13813]  should_fail+0xb/0x10
[  189.098798][T13813]  should_fail_usercopy+0x1a/0x20
[  189.103876][T13813]  _copy_to_user+0x1e/0xa0
[  189.108298][T13813]  put_itimerspec64+0x69/0x120
[  189.113082][T13813]  __x64_sys_timer_settime+0x10c/0x160
[  189.117054][T13821] IPVS: length: 69 != 8
[  189.118689][T13813]  x64_sys_call+0x20c0/0x2d60
[  189.118717][T13813]  do_syscall_64+0xc9/0x1c0
[  189.118751][T13813]  ? clear_bhb_loop+0x55/0xb0
[  189.136821][T13813]  ? clear_bhb_loop+0x55/0xb0
[  189.141574][T13813]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.147485][T13813] RIP: 0033:0x7f2fc16ddef9
[  189.151907][T13813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.171519][T13813] RSP: 002b:00007f2fc0357038 EFLAGS: 00000246 ORIG_RAX: 00000000000000df
[  189.179975][T13813] RAX: ffffffffffffffda RBX: 00007f2fc1895f80 RCX: 00007f2fc16ddef9
[  189.187957][T13813] RDX: 0000000020000f80 RSI: 0000000000000000 RDI: 0000000000000000
[  189.195910][T13813] RBP: 00007f2fc0357090 R08: 0000000000000000 R09: 0000000000000000
[  189.203863][T13813] R10: 0000000020000600 R11: 0000000000000246 R12: 0000000000000001
[  189.211834][T13813] R13: 0000000000000000 R14: 00007f2fc1895f80 R15: 00007fffa42e4d78
[  189.219973][T13813]  </TASK>
[  189.244339][T13831] FAULT_INJECTION: forcing a failure.
[  189.244339][T13831] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  189.257546][T13831] CPU: 0 UID: 0 PID: 13831 Comm: +}[@ Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  189.266842][T13833] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  189.267434][T13831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  189.285919][T13831] Call Trace:
[  189.289249][T13831]  <TASK>
[  189.292167][T13831]  dump_stack_lvl+0xf2/0x150
[  189.296781][T13831]  dump_stack+0x15/0x20
[  189.300992][T13831]  should_fail_ex+0x229/0x230
[  189.305728][T13831]  should_fail+0xb/0x10
[  189.309928][T13831]  should_fail_usercopy+0x1a/0x20
[  189.314985][T13831]  _copy_to_user+0x1e/0xa0
[  189.319409][T13831]  simple_read_from_buffer+0xa0/0x110
[  189.324858][T13831]  proc_fail_nth_read+0xf9/0x140
[  189.329847][T13831]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  189.335379][T13831]  vfs_read+0x195/0x720
[  189.339523][T13831]  ? __rcu_read_unlock+0x4e/0x70
[  189.344571][T13831]  ? __fget_files+0x1d4/0x210
[  189.349246][T13831]  ksys_read+0xeb/0x1b0
[  189.353389][T13831]  __x64_sys_read+0x42/0x50
[  189.357947][T13831]  x64_sys_call+0x27d3/0x2d60
[  189.362660][T13831]  do_syscall_64+0xc9/0x1c0
[  189.367151][T13831]  ? clear_bhb_loop+0x55/0xb0
[  189.371832][T13831]  ? clear_bhb_loop+0x55/0xb0
[  189.376503][T13831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.382471][T13831] RIP: 0033:0x7f6f18d2c93c
[  189.386868][T13831] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  189.406662][T13831] RSP: 002b:00007f6f179a7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  189.415108][T13831] RAX: ffffffffffffffda RBX: 00007f6f18ee5f80 RCX: 00007f6f18d2c93c
[  189.423138][T13831] RDX: 000000000000000f RSI: 00007f6f179a70a0 RDI: 0000000000000006
[  189.431170][T13831] RBP: 00007f6f179a7090 R08: 0000000000000000 R09: 0000000000000000
[  189.439235][T13831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  189.447230][T13831] R13: 0000000000000000 R14: 00007f6f18ee5f80 R15: 00007ffe18e55258
[  189.455238][T13831]  </TASK>
[  189.458305][T13833] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  189.551926][T13841] 9pnet_fd: Insufficient options for proto=fd
[  189.764180][T13850] loop3: detected capacity change from 0 to 512
[  189.782190][T13850] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.3858: casefold flag without casefold feature
[  189.806244][T13850] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.3858: couldn't read orphan inode 15 (err -117)
[  190.102366][T13863] syzkaller0: entered promiscuous mode
[  190.107909][T13863] syzkaller0: entered allmulticast mode
[  190.132709][T13865] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3863'.
[  190.134259][T13863] loop2: detected capacity change from 0 to 512
[  190.145289][T13865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.158420][T13865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.168253][T13865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.178694][T13865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.188510][T13865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.199036][T13865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.208854][T13865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.219293][T13865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.230718][T13863] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.3862: casefold flag without casefold feature
[  190.242478][T13869] loop4: detected capacity change from 0 to 764
[  190.251123][T13863] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.3862: couldn't read orphan inode 15 (err -117)
[  190.387560][T13876] 9pnet_fd: Insufficient options for proto=fd
[  190.449298][T13879] FAULT_INJECTION: forcing a failure.
[  190.449298][T13879] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  190.462470][T13879] CPU: 0 UID: 0 PID: 13879 Comm: syz.4.3866 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  190.472947][T13879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  190.483042][T13879] Call Trace:
[  190.486312][T13879]  <TASK>
[  190.489364][T13879]  dump_stack_lvl+0xf2/0x150
[  190.493960][T13879]  dump_stack+0x15/0x20
[  190.498253][T13879]  should_fail_ex+0x229/0x230
[  190.502949][T13879]  should_fail+0xb/0x10
[  190.507153][T13879]  should_fail_usercopy+0x1a/0x20
[  190.512241][T13879]  _copy_to_user+0x1e/0xa0
[  190.516831][T13879]  readlink_copy+0x67/0xa0
[  190.521240][T13879]  proc_ns_readlink+0xc8/0x170
[  190.526074][T13879]  ? __pfx_proc_ns_readlink+0x10/0x10
[  190.531463][T13879]  vfs_readlink+0x1dc/0x1f0
[  190.535955][T13879]  do_readlinkat+0x13d/0x210
[  190.540579][T13879]  __x64_sys_readlinkat+0x53/0x60
[  190.545646][T13879]  x64_sys_call+0x2a35/0x2d60
[  190.550353][T13879]  do_syscall_64+0xc9/0x1c0
[  190.554845][T13879]  ? clear_bhb_loop+0x55/0xb0
[  190.559698][T13879]  ? clear_bhb_loop+0x55/0xb0
[  190.564371][T13879]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.570272][T13879] RIP: 0033:0x7f843ff2def9
[  190.574673][T13879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.594402][T13879] RSP: 002b:00007f843eba7038 EFLAGS: 00000246 ORIG_RAX: 000000000000010b
[  190.602843][T13879] RAX: ffffffffffffffda RBX: 00007f84400e5f80 RCX: 00007f843ff2def9
[  190.610802][T13879] RDX: 0000000020000440 RSI: 0000000020000100 RDI: 0000000000000003
[  190.618759][T13879] RBP: 00007f843eba7090 R08: 0000000000000000 R09: 0000000000000000
[  190.626758][T13879] R10: 00000000000000a3 R11: 0000000000000246 R12: 0000000000000002
[  190.634718][T13879] R13: 0000000000000000 R14: 00007f84400e5f80 R15: 00007ffe2db89e08
[  190.642696][T13879]  </TASK>
[  190.692652][T13884] loop3: detected capacity change from 0 to 512
[  190.702923][T13884] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  190.713807][T13884] EXT4-fs (loop3): 1 truncate cleaned up
[  190.763153][T13890] loop4: detected capacity change from 0 to 1024
[  190.768713][T13892] loop3: detected capacity change from 0 to 2048
[  190.772291][T13890] EXT4-fs: Ignoring removed nomblk_io_submit option
[  190.782816][T13892] EXT4-fs: Ignoring removed mblk_io_submit option
[  190.783154][T13890] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  190.811119][T13882] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  191.087027][T13922] loop3: detected capacity change from 0 to 512
[  191.093788][T13922] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  191.105104][T13922] EXT4-fs (loop3): 1 truncate cleaned up
[  191.262994][T13930] loop0: detected capacity change from 0 to 2048
[  191.297514][T13930] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  191.313543][T13930] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  191.326028][T13930] EXT4-fs (loop0): This should not happen!! Data will be lost
[  191.326028][T13930] 
[  191.335735][T13930] EXT4-fs (loop0): Total free blocks count 0
[  191.341699][T13930] EXT4-fs (loop0): Free/Dirty block details
[  191.347608][T13930] EXT4-fs (loop0): free_blocks=2415919104
[  191.353446][T13930] EXT4-fs (loop0): dirty_blocks=16
[  191.358604][T13930] EXT4-fs (loop0): Block reservation details
[  191.364567][T13930] EXT4-fs (loop0): i_reserved_data_blocks=1
[  191.371243][   T40] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 18 with max blocks 14 with error 28
[  191.383675][   T40] EXT4-fs (loop0): This should not happen!! Data will be lost
[  191.383675][   T40] 
[  191.452467][   T29] kauditd_printk_skb: 993 callbacks suppressed
[  191.452483][   T29] audit: type=1326 audit(1726634634.270:31325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13888 comm="syz.2.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6f18d24ea7 code=0x7ffc0000
[  191.482259][   T29] audit: type=1326 audit(1726634634.270:31326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13888 comm="syz.2.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6f18cc9869 code=0x7ffc0000
[  191.505897][   T29] audit: type=1326 audit(1726634634.270:31327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13888 comm="syz.2.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f6f18d2def9 code=0x7ffc0000
[  191.529564][   T29] audit: type=1326 audit(1726634634.290:31328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13888 comm="syz.2.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6f18d24ea7 code=0x7ffc0000
[  191.553061][   T29] audit: type=1326 audit(1726634634.290:31329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13888 comm="syz.2.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6f18cc9869 code=0x7ffc0000
[  191.576773][   T29] audit: type=1326 audit(1726634634.290:31330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13888 comm="syz.2.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f6f18d2def9 code=0x7ffc0000
[  191.600381][   T29] audit: type=1326 audit(1726634634.290:31331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13888 comm="syz.2.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6f18d24ea7 code=0x7ffc0000
[  191.623908][   T29] audit: type=1326 audit(1726634634.290:31332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13888 comm="syz.2.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6f18cc9869 code=0x7ffc0000
[  191.647602][   T29] audit: type=1326 audit(1726634634.290:31333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13888 comm="syz.2.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f6f18d2def9 code=0x7ffc0000
[  191.671574][   T29] audit: type=1326 audit(1726634634.340:31334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13888 comm="syz.2.3871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6f18d24ea7 code=0x7ffc0000
[  191.729253][T13969] loop4: detected capacity change from 0 to 1024
[  191.736402][T13969] EXT4-fs: Ignoring removed bh option
[  191.741196][T13973] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  191.752534][T13974] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  191.756032][T13970] netlink: '+}[@': attribute type 10 has an invalid length.
[  191.768759][T13973] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  191.769450][T13974] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  191.787466][T13970] netdevsim netdevsim0 netdevsim1: entered promiscuous mode
[  191.794950][T13970] netdevsim netdevsim0 netdevsim1: entered allmulticast mode
[  191.804995][T13970] team0: Port device netdevsim1 added
[  191.816075][T13969] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  191.838587][T13969] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  191.954186][T13980] loop0: detected capacity change from 0 to 2048
[  192.002565][T13980] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  192.049045][T13980] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  192.061451][T13980] EXT4-fs (loop0): This should not happen!! Data will be lost
[  192.061451][T13980] 
[  192.071147][T13980] EXT4-fs (loop0): Total free blocks count 0
[  192.077188][T13980] EXT4-fs (loop0): Free/Dirty block details
[  192.083099][T13980] EXT4-fs (loop0): free_blocks=2415919104
[  192.088922][T13980] EXT4-fs (loop0): dirty_blocks=16
[  192.094026][T13980] EXT4-fs (loop0): Block reservation details
[  192.100043][T13980] EXT4-fs (loop0): i_reserved_data_blocks=1
[  192.111725][T13988] loop3: detected capacity change from 0 to 512
[  192.127490][T13990] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  192.139919][T13990] EXT4-fs (loop0): This should not happen!! Data will be lost
[  192.139919][T13990] 
[  192.162804][T13988] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.3901: casefold flag without casefold feature
[  192.202294][T13988] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.3901: couldn't read orphan inode 15 (err -117)
[  192.685440][T14004] loop4: detected capacity change from 0 to 2048
[  192.708564][T14004] EXT4-fs: Ignoring removed mblk_io_submit option
[  192.870353][T14017] loop3: detected capacity change from 0 to 2048
[  192.900689][T14017] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  192.935170][T14017] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  192.948134][T14017] EXT4-fs (loop3): This should not happen!! Data will be lost
[  192.948134][T14017] 
[  192.958000][T14017] EXT4-fs (loop3): Total free blocks count 0
[  192.964101][T14017] EXT4-fs (loop3): Free/Dirty block details
[  192.970039][T14017] EXT4-fs (loop3): free_blocks=2415919104
[  192.975853][T14017] EXT4-fs (loop3): dirty_blocks=16
[  192.980964][T14017] EXT4-fs (loop3): Block reservation details
[  192.986978][T14017] EXT4-fs (loop3): i_reserved_data_blocks=1
[  192.993554][T14020] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  193.005973][T14020] EXT4-fs (loop3): This should not happen!! Data will be lost
[  193.005973][T14020] 
[  193.119117][T14028] loop3: detected capacity change from 0 to 512
[  193.126900][T14028] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.3914: casefold flag without casefold feature
[  193.140365][T14028] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.3914: couldn't read orphan inode 15 (err -117)
[  193.203479][T14041] ==================================================================
[  193.211602][T14041] BUG: KCSAN: data-race in mas_walk / mas_wmb_replace
[  193.218380][T14041] 
[  193.220700][T14041] write to 0xffff8881044fa100 of 8 bytes by task 14037 on cpu 1:
[  193.228410][T14041]  mas_wmb_replace+0x20f/0x14f0
[  193.233270][T14041]  mas_wr_modify+0x183d/0x3c90
[  193.238046][T14041]  mas_wr_store_entry+0x250/0x390
[  193.243076][T14041]  mas_store_prealloc+0x151/0x2b0
[  193.248110][T14041]  vma_complete+0x3a7/0x760
[  193.252634][T14041]  __split_vma+0x61d/0x690
[  193.257051][T14041]  vma_modify+0x198/0x1f0
[  193.261396][T14041]  mprotect_fixup+0x335/0x610
[  193.266071][T14041]  do_mprotect_pkey+0x673/0x9a0
[  193.270905][T14041]  __x64_sys_mprotect+0x48/0x60
[  193.275741][T14041]  x64_sys_call+0x26cf/0x2d60
[  193.280400][T14041]  do_syscall_64+0xc9/0x1c0
[  193.284883][T14041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.290760][T14041] 
[  193.293082][T14041] read to 0xffff8881044fa100 of 8 bytes by task 14041 on cpu 0:
[  193.300713][T14041]  mas_walk+0x123/0x320
[  193.304847][T14041]  lock_vma_under_rcu+0x84/0x260
[  193.309770][T14041]  exc_page_fault+0x150/0x650
[  193.314429][T14041]  asm_exc_page_fault+0x26/0x30
[  193.319285][T14041] 
[  193.321587][T14041] value changed: 0xffff88810dc20581 -> 0xffff8881044fa100
[  193.328668][T14041] 
[  193.330975][T14041] Reported by Kernel Concurrency Sanitizer on:
[  193.337099][T14041] CPU: 0 UID: 0 PID: 14041 Comm: syz.0.3916 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  193.347503][T14041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  193.357536][T14041] ==================================================================
[  193.395440][T14044] FAULT_INJECTION: forcing a failure.
[  193.395440][T14044] name failslab, interval 1, probability 0, space 0, times 0
[  193.408159][T14044] CPU: 0 UID: 0 PID: 14044 Comm: syz.3.3917 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
[  193.418630][T14044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  193.428677][T14044] Call Trace:
[  193.431937][T14044]  <TASK>
[  193.434849][T14044]  dump_stack_lvl+0xf2/0x150
[  193.439437][T14044]  dump_stack+0x15/0x20
[  193.443578][T14044]  should_fail_ex+0x229/0x230
[  193.448300][T14044]  ? audit_log_start+0x34c/0x6b0
[  193.453275][T14044]  should_failslab+0x8f/0xb0
[  193.457893][T14044]  kmem_cache_alloc_noprof+0x4c/0x290
[  193.463297][T14044]  audit_log_start+0x34c/0x6b0
[  193.468070][T14044]  audit_seccomp+0x4b/0x130
[  193.472562][T14044]  __seccomp_filter+0x6fa/0x1180
[  193.477486][T14044]  ? proc_fail_nth_write+0x12a/0x150
[  193.482832][T14044]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  193.488470][T14044]  ? vfs_write+0x580/0x910
[  193.492988][T14044]  ? __fget_files+0x1d4/0x210
[  193.497698][T14044]  __secure_computing+0x9f/0x1c0
[  193.502616][T14044]  syscall_trace_enter+0xd1/0x1f0
[  193.507761][T14044]  ? fpregs_assert_state_consistent+0x83/0xa0
[  193.513852][T14044]  do_syscall_64+0xaa/0x1c0
[  193.518338][T14044]  ? clear_bhb_loop+0x55/0xb0
[  193.523047][T14044]  ? clear_bhb_loop+0x55/0xb0
[  193.527817][T14044]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.533700][T14044] RIP: 0033:0x7fcd8e7edef9
[  193.538095][T14044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.557779][T14044] RSP: 002b:00007fcd8d467038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  193.566188][T14044] RAX: ffffffffffffffda RBX: 00007fcd8e9a5f80 RCX: 00007fcd8e7edef9
[  193.574233][T14044] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c040400
[  193.582186][T14044] RBP: 00007fcd8d467090 R08: 0000000000000000 R09: 0000000000000000
[  193.590303][T14044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  193.598267][T14044] R13: 0000000000000000 R14: 00007fcd8e9a5f80 R15: 00007fff58b90b48
[  193.606250][T14044]  </TASK>