last executing test programs:

26.658179021s ago: executing program 2 (id=1905):
socket$netlink(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r4, r1, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x2e, &(0x7f0000000a80)=ANY=[], 0x0)

26.633332802s ago: executing program 2 (id=1906):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000040000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xd, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='mm_page_alloc\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x40008, 0x590, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x2}, 0x4c58, 0x0, 0x0, 0x0, 0x8, 0xffffffff, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd27, 0x300, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8, 0x5, 0x0, 0xfffffffc, 0x5}, {}, {0x9, 0x0, 0x0, 0x0, 0x6}, {0x0, 0xc3, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x5}, {0x5, 0xfffffffe}, {}, {0x0, 0x10}, {0x0, 0x4, 0x0, 0x8000000}, {0x0, 0xffffffff, 0x0, 0x0, 0xfffffffd}, {0x2, 0x0, 0x400000, 0x0, 0x6}, {}, {}, {0xfffffffe}, {0x0, 0x0, 0x0, 0x8000000}, {0x40}, {0x0, 0x0, 0x0, 0x0, 0x20}, {}, {0x40}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x3}, {0xd, 0x0, 0x8, 0x0, 0x5}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff}, {}, {}, {}, {0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x1}, {0x80}, {0x0, 0x0, 0x0, 0x7}, {0x0, 0x1000000}, {0x0, 0x0, 0x8, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x200}, {}, {0x0, 0x15, 0x0, 0x48510}, {}, {}, {0x0, 0x7}, {0x0, 0x0, 0x0, 0x0, 0xc}, {0x0, 0x0, 0x0, 0x0, 0xd, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x6}, {0xfffffffc, 0xfffefffd}, {0x0, 0x0, 0x0, 0x1}, {0xfffffffd}, {0x5}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, {0x0, 0x0, 0x200}, {}, {}, {0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfb4}, {}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x2000, 0x0, 0x0, 0x1}, {0xfffffffc, 0x0, 0x0, 0x4, 0x9}, {0xfffffffe, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x2}, {}, {}, {}, {0x800000, 0x0, 0x0, 0x0, 0x0, 0x56}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x6, 0x0, 0x4}, {}, {}, {0x0, 0xfffffffd}, {0x6}, {0x7f}, {}, {}, {0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {0x2, 0x0, 0x20000000}, {0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x2, 0x1}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0xd, 0x0, 0x0, 0xfffffffc}, {0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {0xfffffffe, 0x0, 0x0, 0x0, 0x7ffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {0x0, 0x8000}, {0x0, 0x0, 0x10000}, {0x0, 0x80000000, 0x0, 0x7dff800}], [{}, {}, {0x3}, {}, {0x1}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {0x2}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x1}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {0x0, 0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {0x5, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {0x5}, {}, {}, {0x0, 0x1}, {}, {0x0, 0xa11b5f369cf453a6}, {}, {0x2}, {}, {}, {0x4}, {0x3}, {}, {0x2}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)

26.599254832s ago: executing program 2 (id=1907):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
syz_mount_image$iso9660(&(0x7f0000000a80), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000b00)=ANY=[@ANYRES8=0x0, @ANYRES16, @ANYBLOB="0c9a99a31522f509df8947553737480dfacb31640a68f6654dd749314a63329879b5989b491d79215c2fa063601f05d0e892a3033109b8abad463695501e1058b6d089dd423e734f5208781a59ad32bd8f19ca9f9fcea5e5886cc434d12fe40f2d0e4481650498c129a97fcdfed3c240411acb468d9a39dc30dfb4eb160d200ce7eb828454a45452c34d7a60a83705494cc4cd05541a95e585131e0d5b4b9ad667b03218fbe4162b2bc1fff68ccdae6255e78e9fd7fd08d64fa5f6958f422d371b29d38eb7d3492aea369144c78f8495786d78ecdc3230a568"], 0xfe, 0x5db, &(0x7f0000000380)="$eJzs3F1v29YZAODDxK4FF8sGFGvSNEDZtBfZRVxJXh0Y3UU0mrbZSqJA0oVzNRSL0xmzu2HZgDU3Q266Fduwq91u6O1+wf5Uf4MG6sPxV618OPE2PA+QnEPxJc97aIIvRIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECIkrVmsxWFbtbf2o6/W7JW5L0z1k/39+8jzRHzIYS5g3FDiOp/odEI18YfXXvjSewP6/9uhqvjpauhUTeN8Oj1N3/w0Rtzl+oN56MonJHQK/Hwy0e//Gxvb+c3F53IORhGz77NRtrPyjzrdTbSOCvzeHVlpfnB5noZr2fdtLxXVmkvToq0U+VFfCu5G0JYXY7TpXv5Vn9jrdNN41vJj+LW6uqd2+1mcyX+eGmQdooy73/w8VKZbGbdbtbfGMXUq2+33wl36hPxk6yKq7TTi+MHu3s7y7OSrINaTxPUnhXUbrbbrVa73Vr5cPXDO81mY3K2Hnww1zwmHN9k7uJPWl6510Ljz/WJMlqYXuNeO9cLOTyHYfK359tw7rwzAQAAAF6WaHSPPRrdnb826q1n3bR5JGYYXVh6AAAAwDkYfbW/OrkBEMK1EJ38/g8AAAD8b/vTmc/YhSgK5WAhmj6qMth+P9rv1L3O/uXxR5eP77Favx5dmexk1KzMTZaS9Eb01jjorWn0t5Pmwaw8oqKYjx6/WALhL+H6OOb6/XF7f7pmPMrietZNl5K8+1ErdDpXLlXpdvW7L3Z/H0JRDC9/3e9dicKD3b2dpZ//au/+KJfH9V4e709+IXHihxJHc1kIh3L57cFzj5MZ3z064/nRjZh61l/3e4vjcZuD7tzB/C+Nth6e+JOeMf+vwtvjmLcXx+3i0fk36jFbS6fM/nAWrcH2+wuTwSYzn3+2LG6MY27ceq9u3rs1WTN/KIv2rCzah4//+FiES+eRxeFjsXxGFsOwu7ez/IJZAFyUB8er0Ljuhif1/0TdnVze4uO7OuMqd2p1XxhfKqNxCZ9Z3X8xc5SvwrvjmHevzz2pxceu6M1ZdaX5lHU9hNOz+Fe4+c+/h7AVbk6Dv6vG1uP+9UhVjfa/qTf4ZjruP4ZjYfqkedltR/XC5YX9X4c3H3756Pbu/mef73y+80W7vbzS/HFz+P0Q5kfTmDRqDwCnSItvo8Xqj1FRZIOftVZXW51qM42LPPkkLrK1jTTO+lVaJJud/kYaD4q8ypO8W3c+zdbSMi63BoO8qOL1vIgHeZltj978Ek9e/VKmvU6/ypJy0E07ZRoneb/qJFW8lpVJPNh6UoGKuBykSbaeJZ0qy/txmW8VSboUx2WaxoOtn3azcjMt4mwt7VfZelZ3+/GgyHqd4l78ad7d6qXxWlomRTao8mKUzXSsrL+eF73Rbpcu9EgDwH+Ph2HyBruDV9k9cyc0ZsScNu6Je6QAwCtzvEovnB3eeCVJAQAAAAAAAAAAAAAARxx+XO8nk4fyXviJwDM7jXDQCeFg1XA4/MPxfJ6zc/f101a985Km8xSdRji5KoQw91IHnb446WKm/H/XadSdS+Gi05i+Z/F59xOFEGYHf6+OuaALEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACc4T8BAAD//2tektI=")
creat(&(0x7f0000000080)='./file0/file1\x00', 0x90)

26.561586352s ago: executing program 2 (id=1908):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='mm_page_free\x00', r0, 0x0, 0x4}, 0x18)
syz_mount_image$iso9660(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x204019, &(0x7f0000000240)=ANY=[@ANYBLOB="757466382c63727566742c6d6f64653d3078303030303030303030303030303037642c686964652c636865636b3d72656c617865642c757466382c757466382c007850bebd8d7d036618c1146a34cfd146c5861d8bd4466228f0bc2de3f77e11157c389fc315c06b7ba5db6a0be20cefe83f41117225bf80377cd9f3f8ce47ac8bf58ed6e8a5f46c37d64ff6e2fb871053a53f8747dada0e0a13c5a2c79eb2bada5d986d2d2899a7"], 0xfd, 0x564, &(0x7f0000001f80)="$eJzs3d1uE80ZwPFn8wGRK6GqrRCKAgzQg0QKZm2DkcUBbNdjZ8DetXbXKDlCEXFQhAMVoVKTE8QJbaX2IjjtRfS4N4PeS/Cr/TD5tB3Ih/NG/58FO96dnXl2be2TsbxjAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYrlV2y5Y0jBee1kN5lYDv7n7NNv70ApZ2LcY0q+IFf+TmRm5ka668afdzdfj/+7KXPpsTmbixYzs/O7675/8cWqiv/+QgM/F1vbO29Vut/Nh3IGcoZtXB2+ra8+Evmk6da1M6KtKuWw/WKqFqmYaOpSZSDeVG2gn8gM1P7GgCpVKSen8it/26lWnodW8m6x8fL9o22X1PN/SThD63oPn+dBdMo2G8epJnXhzXOdx/EZ8YSIVaaep1PpGt1MadQBxpcJxKhVHVSraxWKhUCwWyo8qjx7b9tShFfYBcqjG+N+0GK9TvHoDJzOR5X9piBFP2rIs6siHK1UJxJfmgO2ZhadZ4YEe2u/e/N/P8jd2N89Kkv9vpc9uDcr/A2I5v8eWbMuOvJVV6UpXOvJh7BH98GPyR2pbsv+c10WLJ0bCr8/ESFOcZI2K14gvSipSlrLY8kqWpCahKKmJkYZoCXufste6mby7AtHiSCS+BKJkXlxZECUFqUhFSqJES15WxJe2eFKXqjhJK+uykZz30pCYv1cqDKyS67/vOlIc0tIR+f9qtiP5H8d0Gpdt4FT0+vl/iCvnFg0AAAAAADgLVvLpezz+n5abSalmGtoed1gAAAAAAOAU9Xq9nsyJFY//ReSmWIz/AQAAAAC4bKzkHjtLRHJyOy2ti5XcLsWHAAAAAAAAXBLJnf+34kUyB8ptsb5Pl8L4HwAAAACAS+Kfg+fYn8mqtK5a//tFgmDa+txa/rO16cQrnc3JdOvkwRaj2qx1LWskWZSnsmeunrOy2S93J8FMe/m2PmqufysLwEo/svipAOTfcietc2ctXa71t6S95GqmofOu33hSEMe5NhHp5ehv7zb+Lsnh/8trXrNkfaPbyb9+311LTsbnuJXPm9kEiofmURwSy8dkvoXknosjj3g6uREj6zeX9mv3X4Bn4mxOpLtnC5ka2edT+SJ399YUye0//pm4z0J+0NFnURROeORf5F5a5978vXRxRBTFUVEU90Zx4FycWhSlUVGUThgFAIzL+ogsZB1O/D9xlTt2dj/JnxfyRebTOvOzyYV1avaIK7o96opunzC7/ffQbyANyrFxv/85kFW/xjt8Hdhv2Cha8Smc/Lj5V7m+tb1zf2Nz9U3nTeddsVgq2w9t+1FRppPDyBbkHgDAEUb/xs7IGtbDEaPqP3z/SkFeXst76cqaLCZ3GyTfODiy1dyeryEsJqPWONjsd1oOjFpzSZpMf+Flccio7kpyl0O/3eLQuvtjKJ39CwEAwDm6OyIPHyf/L44Yd+/P5cNHx7k9v9YGAADOhg6+WbnoH1YQmNarQqVScKIlrQLffaECU61rZbxIB+6S49W1agV+5Lt+Iy68NFUdqrDdavlBpGp+oFp+aJaVJZaocCWMdFOFuul4kXHDVkM7oVau70WOG6mqCV3Vav+lYcIlHSQ7hy3tmppxncj4ngr9duDqvFKh1mozJ5JWNFXtRaZm4qKnWoFpOsGKeuk32k2tqjp0A9OK/LTBfl/Gq/lBM2k2P+6TDQDABbG1vfN2tdvtfDjDwriPEQAA7EeWBgAAAAAAAAAAAAAAAAAAAADg4juP+/8ufUFk3GEs/7/XuyhnY/yFK3IhwvhtF0ZeOj6dywUKwJn5NQAA///IIVDl")
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, 0x1, 0x2, 0x401, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10000800}, 0x10)
lsetxattr$system_posix_acl(&(0x7f0000000280)='./file1\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000000)=ANY=[], 0x1c, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000000)=@newqdisc={0x40, 0x24, 0x100, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0x5, 0xc}, {0x5}}, [@TCA_STAB={0x4}, @qdisc_kind_options=@q_plug={{0x9}, {0xc}}]}, 0x40}}, 0x0)
r5 = socket(0x10, 0x803, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfc, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r8}, 0x10)
io_setup(0x2, &(0x7f0000002400)=<r9=>0x0)
io_submit(r9, 0x1, &(0x7f0000000040)=[&(0x7f00000010c0)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}])
ptrace(0x10, r6)
ptrace$setregs(0xd, r6, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
mq_notify(0xffffffffffffffff, 0x0)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x6c, 0x2, 0x6, 0x201, 0x0, 0x0, {0x7, 0x0, 0xa}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x7}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x6c}}, 0x20040000)

26.505334503s ago: executing program 2 (id=1909):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32=r1, @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
r3 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2a, &(0x7f0000000200)={0x2, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
r4 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x9}}, {{0xa, 0x0, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}, 0x108)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, 0x108)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = socket$netlink(0x10, 0x3, 0xe)
sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0)

25.875400853s ago: executing program 2 (id=1925):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=0x0, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f00"], 0x6c}}, 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000002a40)={0xa, 0x0, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x8, 0x2}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
write$nci(0xffffffffffffffff, 0x0, 0xfffffeea)
setsockopt$PNPIPE_ENCAP(0xffffffffffffffff, 0x113, 0x1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000005c0)={[{@nolazytime}, {@jqfmt_vfsold}, {@journal_path={'journal_path', 0x3d, './file0/../file0'}}, {@noquota}, {@nodioread_nolock}, {@journal_checksum}, {@data_err_abort}], [{@seclabel}]}, 0x3, 0x473, &(0x7f0000000640)="$eJzs3M1vG0UbAPBn7Tht+pW8Vd9CP4AgQJQCSZOW0gMXEEgcQEKCQzmGJK1K0wY1QSJVBQGhckSVOHFBHJH4CzjBBcENiQsHuKNKFeqlhZPRZncT2zhpmjpepf79pHVndtedeTwz9uxO7AB61nD6kETsiojfI2IwyzafMJz9c/vmlcm/b16ZTKJef/OvpC89fOvmlcXi1OJ5O4tMX0Tl0yQOtSl3buHy+YmZmelLeX50/sJ7o3MLl589d2Hi7PTZ6Yvjp06dOD72/Mnx5zoSZxrXrYMfzh4+8Orb116fPH3tnZ+/TYr4szgmO1LQiuG1Dj5Rr3e4uHLtbkhnPYOtoJoN06gtjf/BqMZK4w3GK5+UWjlgU9Xr9fr+5Vyt9fBiHbiPJVF2DYByFB/06fVvsXVx+lG6Gy9mF0Bp3LfzLTvSF5X8nFrL9W0nDUfE6cV/vkq32Jz7EAAATb5P5z/PtJv/VWJ/w3l78jWUoYj4X0TsjYiTEbEvIv4fsXTuAxHx4F2W37pIkpU/0LCncn2jsa1HOv97IV/bap7/FbO/GKrmud1L8deSM+dmpo/lr8mRqG1L82NrlPHDy79+vtqxxvlfuqXlF3PBvB7X+7Y1P2dqYn7iXmJudOPjiIN97eJPllcCkog4EBEHN1jGuaPfHF7t2J3jX0MH1pnqX0c8mbX/YrTEX0jWXp8c3R4z08dGi17Rxi9X31it/HuKvwPS9t/Rtv8vxz+UNK7Xzt3N//7lU+nj1T8+W/WaZqP9vz95q2nfBxPz85fGIvqT17JKN+4fbzlvfOX8NP4jj7Uf/3tj5ZU4FBFpJ34oIh6OiEfyuj/62547vgo/vfT4uy27qivxD5Te/lPrb//6YETRERb6I08s72mfqJ7/8bumQodWko3tv2fV9j+xlDqS71nP+9966nW3vRkAAAC2qkpE7IqkMrKcrlRGRrK/4d8XOyozs3PzT5+Zff/iVPYdgaGoVYo7XYMN90PH8sv6Ij/ekj+e3zf+ojqwlB+ZnJ2ZKjt46HE7Vxn/qT+zu5Tbyq0hsKl8Xwt6l/EPvcv4h9713/G/vTlb6V5dgO5q8/k/UEY9gO5rHv/Zj4B8tJ4n7tqc+gDd0/L5Xy2rHkD3uf8HvWsj4997Btwf+tb6yeb+rlYF6J65gbjzl+QltlKiWK3djCJqaW85GhELl6NSeqQSm5go+50JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgM/4NAAD//55o4Oc=")
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r3, 0x0)

25.875043073s ago: executing program 32 (id=1925):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=0x0, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f00"], 0x6c}}, 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000002a40)={0xa, 0x0, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x8, 0x2}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
write$nci(0xffffffffffffffff, 0x0, 0xfffffeea)
setsockopt$PNPIPE_ENCAP(0xffffffffffffffff, 0x113, 0x1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000005c0)={[{@nolazytime}, {@jqfmt_vfsold}, {@journal_path={'journal_path', 0x3d, './file0/../file0'}}, {@noquota}, {@nodioread_nolock}, {@journal_checksum}, {@data_err_abort}], [{@seclabel}]}, 0x3, 0x473, &(0x7f0000000640)="$eJzs3M1vG0UbAPBn7Tht+pW8Vd9CP4AgQJQCSZOW0gMXEEgcQEKCQzmGJK1K0wY1QSJVBQGhckSVOHFBHJH4CzjBBcENiQsHuKNKFeqlhZPRZncT2zhpmjpepf79pHVndtedeTwz9uxO7AB61nD6kETsiojfI2IwyzafMJz9c/vmlcm/b16ZTKJef/OvpC89fOvmlcXi1OJ5O4tMX0Tl0yQOtSl3buHy+YmZmelLeX50/sJ7o3MLl589d2Hi7PTZ6Yvjp06dOD72/Mnx5zoSZxrXrYMfzh4+8Orb116fPH3tnZ+/TYr4szgmO1LQiuG1Dj5Rr3e4uHLtbkhnPYOtoJoN06gtjf/BqMZK4w3GK5+UWjlgU9Xr9fr+5Vyt9fBiHbiPJVF2DYByFB/06fVvsXVx+lG6Gy9mF0Bp3LfzLTvSF5X8nFrL9W0nDUfE6cV/vkq32Jz7EAAATb5P5z/PtJv/VWJ/w3l78jWUoYj4X0TsjYiTEbEvIv4fsXTuAxHx4F2W37pIkpU/0LCncn2jsa1HOv97IV/bap7/FbO/GKrmud1L8deSM+dmpo/lr8mRqG1L82NrlPHDy79+vtqxxvlfuqXlF3PBvB7X+7Y1P2dqYn7iXmJudOPjiIN97eJPllcCkog4EBEHN1jGuaPfHF7t2J3jX0MH1pnqX0c8mbX/YrTEX0jWXp8c3R4z08dGi17Rxi9X31it/HuKvwPS9t/Rtv8vxz+UNK7Xzt3N//7lU+nj1T8+W/WaZqP9vz95q2nfBxPz85fGIvqT17JKN+4fbzlvfOX8NP4jj7Uf/3tj5ZU4FBFpJ34oIh6OiEfyuj/62547vgo/vfT4uy27qivxD5Te/lPrb//6YETRERb6I08s72mfqJ7/8bumQodWko3tv2fV9j+xlDqS71nP+9966nW3vRkAAAC2qkpE7IqkMrKcrlRGRrK/4d8XOyozs3PzT5+Zff/iVPYdgaGoVYo7XYMN90PH8sv6Ij/ekj+e3zf+ojqwlB+ZnJ2ZKjt46HE7Vxn/qT+zu5Tbyq0hsKl8Xwt6l/EPvcv4h9713/G/vTlb6V5dgO5q8/k/UEY9gO5rHv/Zj4B8tJ4n7tqc+gDd0/L5Xy2rHkD3uf8HvWsj4997Btwf+tb6yeb+rlYF6J65gbjzl+QltlKiWK3djCJqaW85GhELl6NSeqQSm5go+50JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgM/4NAAD//55o4Oc=")
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r3, 0x0)

2.644589388s ago: executing program 4 (id=2417):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRES64, @ANYRES16], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=") (async)
socket(0x10, 0x3, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0) (async, rerun: 32)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18) (async)
open(&(0x7f00000000c0)='./file1\x00', 0x1f3c63, 0x0) (async, rerun: 32)
write$binfmt_script(r0, &(0x7f0000001400), 0x208e24b) (rerun: 32)

2.597940219s ago: executing program 1 (id=2418):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x8, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket(0x2b, 0x1, 0x1)
syz_io_uring_setup(0xab1, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
sendmmsg$sock(r0, 0x0, 0x0, 0x20000001)
connect$netlink(r0, &(0x7f0000000000)=@unspec, 0xc)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r1, 0x9361, 0x7)
syz_clone(0x20100000, 0x0, 0x0, 0x0, 0x0, 0x0)

2.591704449s ago: executing program 3 (id=2419):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = creat(&(0x7f0000000600)='./file0\x00', 0xe5)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
write$qrtrtun(r1, &(0x7f0000001880)="9d8d645e53b6183d874f9e93a18dd009a09560ff682bd07dc3d28385a8f3f9e18418950d4dfe49f13a19e24320444a7d6c121741ba3dc510dba4f980bbd9a315544fa0a1622d949faba79788908354e467989e84b928ecb96e0e4e781bfca4c928c956321dd51400000000000020011584a8bd051f13bad882bea021ffb5ce918a1f87f1d439ec93772d6ecaaf8891f7678f2037ccced78ea5c1aa805f1b9f5a2c3974c5124cac5e163d9b6f5b998c1c7263fa2331d1241523986dccbd4e1f32b2f521380a2ea4732132264de6d26cfbb2eb91e40177a780df98cbf94b96d900a2dfc5c877db675ebb1d7cbc398ca422ddbadc24ee6f3bf036f62cdb056502a63d070000930ea668649ad0003afe9a912179ce61631b3dab94642d2768f1f22299dea6c08073dd0c47b9eddb917fc0076b74406149024514d07417c6007e8cd4dc4e2295be71f412044b52b1ce32aac048cad9c413a8c19528dc1b432fe7f9fda7182a47243af427a76ede78aa5c6ef75ea1f48e2e9e9d203d4760a1ff6a0119b39a2458a050f9519d4bbd821684ef8303985e8f5b8d86346f428788fc374e7eaa0c2a2ef8478a13b4a56d0821201c37a0066fb9f5cc583005b9f71b67daa300311066bacbf43630a8388aff734a568a123a48ba1344a5500e5c6f8cef539617cd3970ffb873579a3b76bd529f1626d1f90543b2a0190df38bb1e8b6fc9bfc5c42693814665679e78ed8adce4d23b8725436101ae4113fee000cb92b32c6a74851a6c4af4625f28810ec16834a1589063af1bf0b29aa57e06dddc0fddf408fab63c536d5afd9ba5a71f9e534f99e5ea9c1eaaaad710ef30a37df0f87978894333850f4feac3740a3b010da7c250d060c8046cab40d0527234d4b4b28366bc7d5899948ddbfac66c848ef0f842eab95248e9d064c0ec4247483f0aa0cad7ca970365e474fe73cf79cf8c70fc7a015caa273ce41723453632cf5b809584d227f7e98e8ec41494518b0b8a8adbaf5ead6529451b116fab06529b653bffdd6d98f8322265305bdc0ff69f4a70dea414fcc63d149c564c834f24b8f7495cd9ccafa1e3f652cd3270935800ee0d5598afcaa41c150dac263408d77a61b5c77e2c3644dda1b8c333a36c30ce893140ce133827dde34d896d35cfe7d498bf6dda965a27cc77e2872fcedaf9dcb89614c758cf62ad769ac05a4fb9e27b421b82c17d15f7d2ffb6ed63c639cee97d9eea8f3934045e60b15eca5c13ebe002467c09815712165cee2af784f9e5db9f7227701ca9a3de588503c84c490f4986aa26e7b63d4c5a30157cdf82e433a1b64496392a1990b2a46b910d9a16429736308f71d8e78824a26f25f21829546b973c0905b20c2ef751eb0064eaf831874f0b58ef8779cafd02bcf075a212e79e07c73c49fc240d6845877fda649d1ab59ea06b907ec5031299a0e1fa2f8cbc241a8531ad241302b569d4581dcc944f27799f25593b97ea7681ba74d6cde9c8f58840ac4c4be3aa90e6273a64e549c47c7232f423406604c9c210eabe3d6a2343bd6c2ae72ab013ce2af32467bcfa8cbf0769f91", 0x45c)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
r5 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x40)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r5, 0x0, 0x0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r6)
sendmsg$NL80211_CMD_START_AP(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000180)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="a18329bd70000000000005"], 0x28}}, 0x0)

2.552598669s ago: executing program 1 (id=2420):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$GIO_UNIMAP(r0, 0x4b66, &(0x7f0000000540)={0x1, &(0x7f00000004c0)=[{}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="065b8b00fffe0dff0007000000"], 0x39)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
readv(r2, &(0x7f00000002c0)=[{&(0x7f0000001400)=""/227, 0xe3}, {&(0x7f0000000280)=""/29, 0x1d}], 0x2)
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @link_local})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYRES8=r6], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x18)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
unshare(0x2040400)
r10 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000003c0), 0xc0041, 0x0)
r11 = dup(r10)
ioctl$PTP_EXTTS_REQUEST2(r11, 0x40603d10, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000002280)={&(0x7f0000001e40)={0xa, 0x4e24, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="b005000000000000290000003600000000b2"], 0x5b0}, 0x20008001)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)=[{0x0}], 0x1}, 0x20000044)
socket$netlink(0x10, 0x3, 0x6)
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f00001d8000/0x2000)=nil, 0x2000, 0x0, 0x12, r12, 0x0)
write$cgroup_subtree(r12, &(0x7f0000000140)=ANY=[], 0x7)

2.49116037s ago: executing program 3 (id=2422):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r1=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r1, 0x0, 0xfdef)
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRESHEX=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000280)=0x6, &(0x7f0000000380)=0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getresuid(&(0x7f0000000080), &(0x7f00000001c0), &(0x7f0000000200))
inotify_init1(0x800)
bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f0000000540)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
sync()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="180000060000000000000000000000009500000000000000"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYRES64], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x4}, 0x8}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_DEL(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0c01000002090102000000000000000003000000b00002002c000175fd5dccf71109d0ac15775c775a0843ded48ce8d85c9a6fe12c2e0dc722aef3bf03"], 0x10c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000640)='btrfs_inode_mod_outstanding_extents\x00', r2, 0x0, 0x2}, 0x18)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000828745f9c013e2af00afeecd660900cf6a4066fb6c155b2736a5afcfe419afe7b0f30f6a5e8e207333e175d08057a601000000f05d01009d327bf174c4cbb45cf163e4e6c359e743d124305fdc07a410b5ba47ac6fd2818725346ffce641a31914", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r5}, 0x18)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
socket$inet(0x2, 0x2, 0x1)

2.434763381s ago: executing program 1 (id=2425):
syz_io_uring_setup(0xe46, &(0x7f0000000380)={0x0, 0x5f39, 0x0, 0x4001, 0x2b7}, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$kcm(0x10, 0x2, 0x0)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x7, &(0x7f00000190c0)=ANY=[@ANYBLOB="180000000000000000000000fcffffff181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000100850000008600000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="00000000000057b6b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffec5, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000000714010000000000000000000800", @ANYRES32=r4], 0x30}}, 0x94)

2.301308833s ago: executing program 1 (id=2427):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r1=>0xffffffffffffffff]}}], 0x18}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRESHEX=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000280)=0x6, &(0x7f0000000380)=0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getresuid(&(0x7f0000000080), &(0x7f00000001c0), &(0x7f0000000200))
inotify_init1(0x800)
bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f0000000540)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
sync()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="180000060000000000000000000000009500000000000000"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r3}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_procfs(0x0, &(0x7f0000000680)='net/icmp\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYRES64=r4], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x4}, 0x8}, 0x94)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_DEL(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0c01000002090102000000000000000003000000b00002002c000175fd5dccf71109d0ac15775c775a0843ded48ce8d85c9a6fe12c2e0dc722aef3bf03"], 0x10c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000640)='btrfs_inode_mod_outstanding_extents\x00', r2, 0x0, 0x2}, 0x18)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000828745f9c013e2af00afeecd660900cf6a4066fb6c155b2736a5afcfe419afe7b0f30f6a5e8e207333e175d08057a601000000f05d01009d327bf174c4cbb45cf163e4e6c359e743d124305fdc07a410b5ba47ac6fd2818725346ffce641a31914", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r7}, 0x18)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
socket$inet(0x2, 0x2, 0x1)

2.286203024s ago: executing program 0 (id=2428):
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98<\xc8\x18E/\x8c\x1a\xe3\xbd')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000005640)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa87ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09002100000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf4ece4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000acc4d4ba52084d9b997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c7f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f921860c6e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61fe2010000294800323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e824f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5cd628ab84875f2deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c49a0189da9173c62f0ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d8935a9c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e46d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f700400fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc87746e1785a8214454d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b036e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e010000005a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb3985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe307d5bc72183a4c2d35732ab9100781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958c906321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b863af34bac64c247672a8f1ef60407d39a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f27080ece2a94c360b002c77f82662675a7713c7067081cac1599a998c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e90000000000000000008faf2cddffbfa66bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353026bdc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5435bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de286553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c03f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c872a4882d21db2046a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340103fc6265441d513a1294b8439276394945d94a589708e32a1cb30a8b07b391201385e0b92ecbb7b13d7a87284164018ace6ce58a82c5de321452461089cdd69259f5390f5f508646a524490583c30630bedb47e158ad41c0a653e86a4f4f255cd2a6e95f33b586823aef5564d9de1f5bdd8c80e193f0597b8003860302cd243c00bc5a82c52afb115d16258d507937966bb89409d6d7346b652d0761d7c72875ae1efb9bc7c6807c2d783e31fd9cd7e84d3d50d8fc44ab8ac9ccd2c0d42e3bd4c029241320446bbf47e23d1320de30fbdf7ed13f80c28fb5c13fccc2e3f73509bdcddad8a2fe48cdd61f2f43611704af64eed8b0cbbd08754f93b8f3d6347aad5cde1ccc5cbd5eaa87e52cea257c856a4af5243eeb5e89f0000000000000000f420df5e4c6d856b3d55e455c08110b2ef4255a38f81555e8e1f22d59c0bc3c9013e66a1f5bda1b695e1602c0afb5c35b2f68f3b151b1e869f40ff4d1bef5e926e1ff95f6321131e4cb797f53455a093a95e67605222d6acc29c46e5db1ef3b8b07e2169fb24ced4b3ae87ebeca06df93212e465bbd1a7e41df2e1a0d508f86cfc7a469ac682685c44692877d03c34c23a65d2677acc73b5d276fdebd685c9b7a079eae228d8426188cb19b083548f5f29e493ab079f33d1965dcbb165015c46998ad410d60cc65fcfa73bd65a43fc024455c4bf530d663976cf71490577251780ab6b1cf8d397444b5be575229f687a3d95ea6b2aa62fce8acb3d4a6a130b4fefa55d0c1d6f3fa448ee24e588e2965c9a442f0baf90923dda91a6850fb3b9c7f432b63001423fedcf053fa28024cc9a178a07042dabc07176fc524032c2edb340c9c18a83565c431aeb0c869683507255254430f90f61e4eca9c8fa98c000b35fec357ee1ebd08439bd95c1ab0753dfd2603d1608bd8c589a1e160000a6ee0ad13346e08738c2d7b00b5d121d918f1dc8bceded939fa8605b54b37cdfcea0bf2bc63e655dc04a2e50212ff89d6587d49896ce18916cf3adc12839c345ca91bb232b891fae2fdd68aaa38281c0feb2c107af3e080d6cdd1c6646ec6804d7e9960c02aa0db9eda24bbcb287fd2a890fa7f9d6ae0c0b1f8dd1603c9ea2f66b572276f96a28b5b6dd9f9bf6ad4bdaa2139b90faf1f40b0f141258578bd825daaaf718d21b7ac05fe5d1b699e5422ca341fe1c944f68fe3a6d783dcf30b0e09d7688f696883b61cb64464b04d351a0a69b0733c348049b0430ed40e200f4050000000000000000000000996bcc1b721b152c892fab887e7d20466d90c049c0fdf51dcc16d226a2619c6f47bc25b7f5df5c09fed638922ed127ab36aa7b0c58a2ce5894b1b0f5375d340d96b69b966b05daaf585121a9c7605ed8e9964eef1f14b74cbb2ccdadc6d0b77cf0492b75e1cd11bfdcfddde91b20366715ba0cbe1041be2a65c25d7ca15ef8b71bd2ab9a4294899a1964b0152518fc2ac15a728bcb9e2bc4b551dfdf9011a2a607bc39ad2c4d7c64dcf967724e9b63c397d5265ad3f1da4395a5a800d8845257dcbf210d4f00fe0bd3deed05e506736e6bb6d40ee6cb960bcdb33633ee87f82beb665a9a4c2d4d2b06479ade3a4cd6bba765c9f52b52a0bdd0849ab92baae3775570accb5a57ee9f0035fc6d3df4eebec2e7eb4ff863d3979a2002e5f2f7f4428ddca471037b49d4fd130743a97faa02c293b721e52bf53d64c6585e138162331ef98792e1e9b21a6a084fb7b42c64062ef1323a8a65a8ed6038f274f28ff4f78123a1ef108efbe8c4f4e347d50dcdbc33bf3ade4c3a39d316061930d7dd39b8acdecc3f27830e3eda40e648328d95a9aee65a9dd09fd4e96d5b852025dc53ec3f30cc753e6a796084b4e34f521dbb230ae0f3b79142073d437e1fd22d3b7503ffa95b1d5c7740b0ecbfd35dc0f8af895583dfcc2689f6e02c2dd4b57f3dcac54f40da013eb221fa3d65de76057603105cc25a96ed4b20230b36d46d3d3fd6bb1d77cc8a48a6b10fa0149e55ccde4a2b26cca2d1ca9191c74ab006a602543fc24d1283e353cfb917620000000024bf3eed258c02a591ec4cd295212d9a98d38745f6f6c4537b2ccc5f9602da15f184f239098bf32551c7cf454e2faa2b9e17965b71104f8e311e1e936ce0cf783eb978fcd56f225f782d00e7008c664e34a3cc563e5fc4fa6aeced4bf805f71fc74472c0386aee070339af9fee8b32efad7fd0a0c7b3045d74bcb568a888fc9aa4599b71adad2135acbb600000fd2fd1755764ebfdf13f8633fe6358c8e05a792f0b9f133687041254cdf6cadeadcaa557de5fd2d3da5a75168fc36847cfa9b7c1a51f05bdb9bd36e9b17a75000000000000000000060000000000000074f3f5c25cb1d09b"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r0}, 0x18)
r1 = socket$netlink(0x10, 0x3, 0xa)
r2 = syz_create_resource$binfmt(&(0x7f0000000000)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r2, 0x41, 0x1ff)
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4)
r3 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r3, 0x0, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/consoles\x00', 0x0, 0x0)
r5 = syz_io_uring_setup(0x49d, &(0x7f00000003c0)={0x0, 0x79ac, 0x400, 0x7ffd, 0x32c, 0x0, r4}, &(0x7f00000001c0)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000080)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd=r4, 0x7, &(0x7f00000000c0)=""/207, 0xcf, 0x10, 0x1})
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x18)
io_uring_enter(r5, 0xfd0, 0x4c1, 0x43, 0x0, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r10, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r11}, 0x18)
r12 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r12, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x7, 0x40, 0x6, 0x0, 0x38159f4e, 0xd21f, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x4}, 0x100882, 0x7ff, 0x5, 0x0, 0xb, 0x2, 0x3ff, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x1, 0x7fffffff}, 0x0, 0x0)
sendmsg(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000fd41fd01020400000a00120002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x6d}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)

1.795137191s ago: executing program 4 (id=2429):
r0 = syz_io_uring_setup(0x5c5, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4, 0xfffffffd}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
r3 = eventfd(0x1)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x7, &(0x7f00000010c0)=r3, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x3, 0x0, 0x0, 0x4, &(0x7f0000000280), 0x1, 0x40, 0x1})
io_uring_enter(r0, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)

1.675686823s ago: executing program 3 (id=2430):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0xffffffff}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', 0x0})

1.624562384s ago: executing program 3 (id=2431):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108) (async)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000)
execveat(r1, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000700)={[&(0x7f0000000380)='pagemap\x00', &(0x7f00000004c0)='pagemap\x00', &(0x7f0000000500)='9p\x00', &(0x7f0000000540)='\'\x00', &(0x7f0000000580)='9p\x00', &(0x7f00000005c0)='$\xed/)%,-\x00', &(0x7f0000000600)='&\\:}&\x00', &(0x7f0000000640)='pagemap\x00', &(0x7f0000000680)='trans=fd,']}, &(0x7f0000000900)={[&(0x7f0000000780)='wfdno', &(0x7f00000007c0)='\xd3]/$({*,-&\x00', &(0x7f0000000800)=':\x00', &(0x7f0000000840)='rfdno', &(0x7f0000000880)='-!\x00']}, 0x400) (async)
execveat(r1, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000700)={[&(0x7f0000000380)='pagemap\x00', &(0x7f00000004c0)='pagemap\x00', &(0x7f0000000500)='9p\x00', &(0x7f0000000540)='\'\x00', &(0x7f0000000580)='9p\x00', &(0x7f00000005c0)='$\xed/)%,-\x00', &(0x7f0000000600)='&\\:}&\x00', &(0x7f0000000640)='pagemap\x00', &(0x7f0000000680)='trans=fd,']}, &(0x7f0000000900)={[&(0x7f0000000780)='wfdno', &(0x7f00000007c0)='\xd3]/$({*,-&\x00', &(0x7f0000000800)=':\x00', &(0x7f0000000840)='rfdno', &(0x7f0000000880)='-!\x00']}, 0x400)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000002, 0x13, r0, 0x0) (async)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000002, 0x13, r0, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
r3 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r3, &(0x7f0000000400)={&(0x7f00000008c0)=@nameseq={0x1e, 0x1, 0x1, {0x40}}, 0x10, 0x0, 0xa, 0x0, 0x0, 0x1}, 0x4024)
sendmsg$tipc(r2, &(0x7f00000003c0)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x2, {{0x1, 0x3}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4004001}, 0x20000050) (async)
sendmsg$tipc(r2, &(0x7f00000003c0)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x2, {{0x1, 0x3}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4004001}, 0x20000050)
r4 = syz_open_procfs(0x0, &(0x7f00000006c0)='pagemap\x00')
lseek(r4, 0xfffffffffffffffe, 0x0) (async)
lseek(r4, 0xfffffffffffffffe, 0x0)
r5 = openat(r4, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r5)
r6 = getpid()
pselect6(0x40, &(0x7f0000000080)={0x7, 0x4, 0x1, 0x6, 0x7fffffff, 0x6, 0x8000, 0xfffffffffffffff0}, &(0x7f0000000140)={0x1, 0x7, 0x10, 0x7, 0x2, 0x8, 0x5, 0x2}, &(0x7f0000000180)={0x800, 0x1, 0x0, 0x0, 0x4, 0x4f79, 0xc011, 0x89}, &(0x7f00000001c0)={0x0, 0x3938700}, &(0x7f0000000280)={&(0x7f0000000200)={[0x1]}, 0x8}) (async)
pselect6(0x40, &(0x7f0000000080)={0x7, 0x4, 0x1, 0x6, 0x7fffffff, 0x6, 0x8000, 0xfffffffffffffff0}, &(0x7f0000000140)={0x1, 0x7, 0x10, 0x7, 0x2, 0x8, 0x5, 0x2}, &(0x7f0000000180)={0x800, 0x1, 0x0, 0x0, 0x4, 0x4f79, 0xc011, 0x89}, &(0x7f00000001c0)={0x0, 0x3938700}, &(0x7f0000000280)={&(0x7f0000000200)={[0x1]}, 0x8})
r7 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r7, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@sndrcv={0x30, 0x84, 0x1, {0x0, 0x0, 0xc}}], 0x30}], 0x1, 0x0) (async)
sendmmsg$inet_sctp(r7, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@sndrcv={0x30, 0x84, 0x1, {0x0, 0x0, 0xc}}], 0x30}], 0x1, 0x0)
r8 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
syz_pidfd_open(r8, 0x0)
syz_pidfd_open(r6, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x3c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x3c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r9, 0x0, 0xffffffffffffffff}, 0x13)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)

1.424225027s ago: executing program 1 (id=2434):
socket$packet(0x11, 0x2, 0x300)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x400000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'ip6gretap0\x00', <r4=>0x0})
sendto$packet(r0, &(0x7f0000000080)="3303e5fd81fd140000007ef52f555f2a0c09000000fd810000f786dd3baa4b1f0f85114632f47042195e", 0xfdef, 0x40008c1, &(0x7f00000000c0)={0x11, 0x0, r4, 0x1, 0x62, 0x6, @broadcast}, 0x14)

1.422751997s ago: executing program 0 (id=2435):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000c5000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000140000fbb703000000e31f008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000c00)='sys_enter\x00', r3}, 0x10)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r5}, &(0x7f0000000000), &(0x7f00000005c0)=r6}, 0x20)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x1800700, &(0x7f0000000100)={[{@bsdgroups}, {@abort}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@block_validity}, {@oldalloc}, {@journal_dev={'journal_dev', 0x3d, 0x77}}]}, 0x2, 0x44a, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c")
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7, 0x0, 0x20000}, 0x18)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r8 = creat(&(0x7f00000000c0)='./file0\x00', 0xf4)
r9 = dup2(r8, r8)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
ioctl$BLKTRACESETUP(r9, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1, 0x8})
ioctl$BLKTRACESETUP(r9, 0x1276, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000020000000100000000000001"], 0x0, 0x42}, 0x28)

1.351176568s ago: executing program 1 (id=2436):
r0 = socket(0x2, 0x80805, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={<r3=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x4e24, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000f80)={0x0, 0x4, 0x4, 0x0, 0xfffffffc}, &(0x7f0000000fc0)=0x14)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x11, &(0x7f0000000080)={0x1, &(0x7f0000000680)=[{0x6, 0x0, 0x0, 0x7ff00000}]})
socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet_sctp(r0, &(0x7f0000005140)=[{&(0x7f0000000280)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000340)="14", 0x1}], 0x1, &(0x7f00000008c0)=ANY=[@ANYBLOB="20000000000000008400000002000000ff03040001000000e5330000", @ANYRES32=0x0, @ANYBLOB="18000000000000008400000005000000200020000800000000000000008400000007000000ac1e00010000000020000000000000008400000002000000880000000300000061000000", @ANYRES32=0x0], 0x70, 0x24040000}], 0x1, 0x240000c0)

1.350838528s ago: executing program 5 (id=2437):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x18)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x1bf)
r3 = perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x6, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x4400, 0x65e4}, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0xfffffffd, 0x0, 0x8}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0xa)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000007c0)=ANY=[@ANYRES16=r3, @ANYRES8=r3, @ANYRES8=r2, @ANYRES64=r3, @ANYRESHEX, @ANYRESDEC=0x0, @ANYRES64=r0, @ANYBLOB="068e9e2ba7751ec09a28bf9c96ae7caa2f88d0ce6d69685caae33510431bcbbf402b714476d28d275edc33fe930ce63851a40779224b37a4f303a863eb923908c8a81f6523c0ad4c57fffa314bf14a59c50b736662a1dcd82521fd8f81aea5e221db1643082be958daab35ec59c85892bf4f1028a1c63c2249b22aba2d165364e83f3504999d978063a75b42c566ca0e9060859fc7e78b4bda3f4eb0c14b9b8446d5d0235ea46654463e7246d5dda981ff24cc328ddc2c7a75fce25c073680fbf47b45764efdaf54", @ANYRES16, @ANYRES32=r1], 0xfffffffffffffef2)
pipe2$9p(&(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r5, &(0x7f0000000300)=ANY=[], 0x15)
r6 = dup(r5)
r7 = syz_open_dev$usbfs(&(0x7f0000000200), 0x76, 0x103901)
r8 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x20182)
ioctl$USBDEVFS_ALLOW_SUSPEND(r8, 0x5522)
ioctl$USBDEVFS_BULK(r8, 0x5523, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r7, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
ioctl$USBDEVFS_ALLOW_SUSPEND(r7, 0x5522)
ioctl$USBDEVFS_SETINTERFACE(r7, 0x80045510, &(0x7f0000000000))
write$P9_RLERRORu(r6, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r6, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r6, &(0x7f0000000340)=ANY=[], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])
open(&(0x7f0000000300)='./file0\x00', 0x145142, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r9}, 0x20)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r10}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fsopen(&(0x7f00000003c0)='cgroup\x00', 0x0)
r11 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x84002, 0x0)
r12 = geteuid()
getresgid(&(0x7f0000000180)=<r13=>0x0, &(0x7f00000001c0), &(0x7f0000000280))
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r11, 0xc018937b, &(0x7f00000004c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r12, r13}}, './file0/file0\x00'})

1.23866829s ago: executing program 4 (id=2438):
syz_io_uring_setup(0xe46, &(0x7f0000000380)={0x0, 0x5f39, 0x0, 0x4001, 0x2b7}, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$kcm(0x10, 0x2, 0x0)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x7, &(0x7f00000190c0)=ANY=[@ANYBLOB="180000000000000000000000fcffffff181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000100850000008600000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="00000000000057b6b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffec5, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000000714010000000000000000000800", @ANYRES32=r4], 0x30}}, 0x94)

1.170844561s ago: executing program 5 (id=2439):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x5, 0x5, 0x0, 0x0, 0x4}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000d00), 0x4)
ioctl$FIONCLEX(r0, 0x5450)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
copy_file_range(r1, 0x0, r1, 0x0, 0x863, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0xc0406618, &(0x7f0000000000)={@desc={0x1, 0x0, @desc2}})
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r5, 0xffffffffffffffff, 0x5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r5}, &(0x7f00000006c0), &(0x7f0000000700)=r4}, 0x20)
sendmsg$inet(r3, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

1.103653872s ago: executing program 5 (id=2440):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000180)=@gettclass={0x24, 0x2a, 0x20, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x7ff8, 0xe}, {0xd, 0xb}, {0xb, 0x10}}}, 0x24}, 0x1, 0x0, 0x0, 0x810}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x5, [@enum64={0x0, 0x1, 0x0, 0x13, 0x0, 0x4, [{0x2, 0xf7b, 0x6}]}]}, {0x0, [0x2e, 0x2e, 0x4b3195e6d278fd83]}}, 0x0, 0x35, 0x0, 0x1}, 0x28)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000003140)=ANY=[@ANYBLOB="c01800002000010a00000000000000000a0000002c01018028014880ed00a90013466820cd76bb221fbb4acd690c6a8b9c760a61eeec7793b579aefdb936d00f403d3f04637cdb9ac70e28c5dd66ddedde2d0930650e6821f9a26a4a193c1d06a3e75523f901e44fe087ae32c836c6d6ddba3af8e9a2beae8936168f9fa38c395f5cf7408df69c60bf584bee86a6312e9ce866e456c3eda6f2924082d78a2f385bdbd0c9afb54758c102bf13094645fb6aa34d424ec776691fee3d25307f61fed2752babf7c686e8a3d9b59a8343bcf4121bf5cf400a0c1070855fac565cad8968a97ce0a12a1161054d82d0a240b7dedf9ba3cc63e9d1c3b9a8402f7d5b4cafcd48928a3d4a76498900000014007c00ff01000000000000000000000000000108003d00", @ANYRES32=0x0, @ANYBLOB="08001a"], 0x18c0}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000180)='wg1\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x14)
mount$9p_rdma(&(0x7f00000013c0), &(0x7f0000001400)='.\x00', &(0x7f0000001440), 0x800, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=rdma'])
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
unshare(0x2040400)
r3 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.103214372s ago: executing program 5 (id=2441):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r1=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r1, 0x0, 0xfdef)
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRESHEX=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000280)=0x6, &(0x7f0000000380)=0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getresuid(&(0x7f0000000080), &(0x7f00000001c0), &(0x7f0000000200))
inotify_init1(0x800)
bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f0000000540)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
sync()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="180000060000000000000000000000009500000000000000"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYRES64], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x4}, 0x8}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_DEL(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0c01000002090102000000000000000003000000b00002002c000175fd5dccf71109d0ac15775c775a0843ded48ce8d85c9a6fe12c2e0dc722aef3bf03"], 0x10c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000640)='btrfs_inode_mod_outstanding_extents\x00', r2, 0x0, 0x2}, 0x18)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000828745f9c013e2af00afeecd660900cf6a4066fb6c155b2736a5afcfe419afe7b0f30f6a5e8e207333e175d08057a601000000f05d01009d327bf174c4cbb45cf163e4e6c359e743d124305fdc07a410b5ba47ac6fd2818725346ffce641a31914", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r5}, 0x18)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
socket$inet(0x2, 0x2, 0x1)

1.102829772s ago: executing program 0 (id=2442):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000d00)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071105400000000001d400500000000004704000001ed00000f030000000000001d440000000000006b0a00fe000000007313000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff31a8fd3c0fd8b7ff831028e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda82fc9c4d7ecc7a803bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ff616236fd8f2477184bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a83469620c6e74e1f46132559c4f8700a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88f15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a920099c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40fc5d2f55ff07c53147de202ce517b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661061173f359e9052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff26b61aac8aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3ba18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e26534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336dfaa6d5d164301190bc2d4c04087729033342045804a28082abc3b4762302a271722fb515f31e0dd115a292f1e68481a62c49d15ea5460a29c60b1058fb7aa9bf4ee3cbe11b03711a15d730646b72d074dab1e8c429339f3460d324c17a4a8bfc7d7eab45bef00664d6dc82300000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = syz_open_dev$vcsu(&(0x7f0000000140), 0x4, 0x400c00)
sendmsg$NFT_MSG_GETGEN(r0, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000400)={&(0x7f0000000240)={0x14, 0x10, 0xa, 0x201, 0x0, 0x0, {0x3, 0x0, 0xa}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x50}, 0x4000801)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0a00000004000000fd0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000e7ffffff000000000000000039209816d5895534b7bb6b8d94e1e29d9c7a7e18183875dfe4c1ba9b7dc4a899724a72604a4875a781eadfa18bd682d3eba38f48790b1327e7b2500554fc457c02a40000d272dc808cb1062c67dd8d33fa626bb6b3b40798a521d0291faaaab25ad76c0ae49b0e16daf097d0039ef2277065dec3ed0e9239994a93b7b421eb22b44e75a473d416b0185141056730bd60edde0a6b4c229ef2c4988c7faf3ca0bf8595989ffea11761f05c0300606c89df726f4fc667f28114a5e0f125976c138ee8def764060af0bc8593eb648c8080cb6200"/241], 0x48)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x10)
r2 = syz_io_uring_setup(0x3e, &(0x7f0000000640)={0x0, 0xadda, 0x10100, 0x1, 0x1ff}, &(0x7f0000000380)=<r3=>0x0, &(0x7f0000000980)=<r4=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
syz_io_uring_submit(r3, r4, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r5, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0xc0012021, 0x0, {0x1}})
io_uring_enter(r2, 0xd81, 0x0, 0x0, 0x0, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCMIWAIT(r7, 0x545c, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), r6)

1.088409552s ago: executing program 4 (id=2443):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a000000ff"], 0x48)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000600)=0x9)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb7e, &(0x7f0000000c40)="$eJzs3M1rVFcbAPDn3nwYNb6JL/LyWkoNtGChOBrFSl2py9ZFof0DDHEiIdcPkhRMcBHbhXRVC910UWgXpX9AoetstNBV6aaVFrqXShHdp9zJnWQwM0mqMx4/fj84c8/HZM7z5JK555C5E8BLa6x8yCP2R8S5LGKk6s8jYrBRG4pYWn3eg/vXJh/evzaZxcrKB39nkVV9zdfKquPuqjEUEb+cyeK/n2ycd25hcWaiKOqzVfvw/MUrh+cWFg9NX5y4UL9QvzR+YvzY8RPHjr99pGu5vrv35tmvxk/t+f7Mrauv3fj9yyxOxXA11ppHt4zFWKxUWvv7I2Ki25Ml0lflk7X0Zf0JAwIAYFN5yxrufzESfbG+eBuJW78mDQ4AAADoipW+WPsfFQAAAPCiyuz/AQAA4AXX/BzAg/vXJpsl7ScSnq57pyNitF3+/bHUOA7FQETsepBF622t2eqPPbGxiNj30+iPZYke3Ye8maXrEfH/dvlnjfxHG3dxb8w/j4hu3Jk99kj7ecr/VBfmT50/AC+n5dOrF7KN1798bf0Tba5//W2uXY8j9fWv8/pvPf++Duu/97c5R/3Ap593Gmtd/xXfvnq7nL88PlFS/8K96xGv9Hde/5T5Zx3yP7fNOQb++PmHTmNl/mW+zfK081/5JuJg2/3P+jfaZJt/P9HhqemiXj22nePG7e/2dZq/9fyXpZy/uRd4Gsrzv6tD/lud/yvbnGP5r4N/dhrbOv/87mD2YaM2WPVcnZifnx2PGMzObuw/unkszec0X6PM/83XN//7b5d/+Z6wVP0eyr3A9epYtj9+ZM5D773zxuPn31tl/ucf8/zf3OYcX382e7fTWOr8AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+5BExHFleW6vnea0WsTsi9sWuvLg8N//W1OWPLp0vxyJGYyCfmi7qRyJiZLWdle3xRn29ffSR9rGI2BsRX4zsbLRrk5eL86mTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYM3uiBiOLK9FRB4RD0fyvFZLHRUAAADQdaOpAwAAAAB6zv4fAAAAXnz2/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPTY3gPLd7KIWDq5s1FKg9XYQNLIgF7LUwcAJNOXOgAgmf7UAQDJ2OMD2RbjQx1HdnQ9FgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeXQf3L9/JImLp5M5GKQ1WYwNJIwN6LU8dAJBMX+oAgGT6UwcAJGOPD2RbjA91HNnR9VgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHYNN0qW1yIib9TzvFaL2BMRozGQTU0X9SMR8Z+I+G1kYEfZHk8dNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF03t7A4M1EU9VkVFRWVtUrqdyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFKYW1icmSiK+uxc6kgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA1OYWFmcmiqI+28NK6hwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEjnnwAAAP///JMJmQ==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000400)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
splice(r2, 0x0, r4, 0x0, 0x88000cc, 0x0)
fcntl$setpipe(r3, 0x407, 0x100004)
socket$nl_audit(0x10, 0x3, 0x9)
write$eventfd(r3, &(0x7f0000000240), 0xffffff14)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fcntl$lock(r1, 0x26, 0x0)
fcntl$lock(r1, 0x25, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x8000000000000001})
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x89a1, &(0x7f0000000900)={'bridge0\x00', @broadcast})

818.865636ms ago: executing program 3 (id=2444):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r1=>0xffffffffffffffff]}}], 0x18}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRESHEX=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000280)=0x6, &(0x7f0000000380)=0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getresuid(&(0x7f0000000080), &(0x7f00000001c0), &(0x7f0000000200))
inotify_init1(0x800)
bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f0000000540)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
sync()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="180000060000000000000000000000009500000000000000"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r3}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_procfs(0x0, &(0x7f0000000680)='net/icmp\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYRES64=r4], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x4}, 0x8}, 0x94)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_DEL(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0c01000002090102000000000000000003000000b00002002c000175fd5dccf71109d0ac15775c775a0843ded48ce8d85c9a6fe12c2e0dc722aef3bf03"], 0x10c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000640)='btrfs_inode_mod_outstanding_extents\x00', r2, 0x0, 0x2}, 0x18)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000828745f9c013e2af00afeecd660900cf6a4066fb6c155b2736a5afcfe419afe7b0f30f6a5e8e207333e175d08057a601000000f05d01009d327bf174c4cbb45cf163e4e6c359e743d124305fdc07a410b5ba47ac6fd2818725346ffce641a31914", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r7}, 0x18)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
socket$inet(0x2, 0x2, 0x1)

245.103816ms ago: executing program 5 (id=2445):
r0 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000980)=""/129, 0x81}, {&(0x7f00000047c0)=""/4060, 0xfdc}, {&(0x7f0000001040)=""/4070, 0xfe6}, {&(0x7f00000003c0)=""/138, 0x8a}, {&(0x7f0000000680)=""/103, 0x67}, {&(0x7f00000004c0)=""/38, 0x26}, {&(0x7f00000001c0)=""/9, 0x9}], 0x7}, 0x40010123)
sendmsg$inet(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x8811)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000020079100000000000006300e0ff0000000095"], &(0x7f00000008c0)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@minixdf}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
listxattr(&(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x0)

229.184956ms ago: executing program 0 (id=2446):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x5, 0x6, 0x8, 0xae, 0x0, 0x1, 0x20727ff}, 0x50)
bpf$MAP_CREATE(0x1000000, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4006, 0x5, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x8000000}, 0x50)

174.743777ms ago: executing program 4 (id=2447):
setregid(0xee00, 0xee00) (async)
setregid(0xee00, 0xee00)
syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r0 = syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
ioctl$F2FS_IOC_GET_FEATURES(r1, 0xff06, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='kfree\x00', r2}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='kfree\x00', r2}, 0x18)
mount$9p_rdma(0x0, &(0x7f0000001400)='.\x00', &(0x7f0000001440), 0x800, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=r'])
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000b"], 0x48)
r4 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r3}, 0x8)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/mem_sleep', 0x101a02, 0x0)
copy_file_range(r5, &(0x7f0000000000)=0x5, r5, 0x0, 0x4, 0x0) (async)
copy_file_range(r5, &(0x7f0000000000)=0x5, r5, 0x0, 0x4, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0), 0x4) (async)
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0), 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x14, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002300000018110000", @ANYRES32=r3, @ANYRES64=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newtaction={0x64, 0x30, 0x1, 0x0, 0x25dfdbfe, {}, [{0x50, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x0, 0xffffffff, 0x30000001}, 0x4}}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x15}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000004c0)='kfree\x00', r7}, 0x18)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000080000000000000000000850000007d00000095"], &(0x7f0000000040)='syzkaller\x00', 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r9}, 0x10)
syz_clone3(&(0x7f0000000900)={0x0, &(0x7f0000000640), &(0x7f0000000680), &(0x7f00000006c0)=<r10=>0x0, {0x4}, &(0x7f0000000700)=""/143, 0x8f, &(0x7f00000007c0)=""/231, &(0x7f00000008c0)=[0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x6}, 0x58)
process_vm_readv(r10, &(0x7f0000000480)=[{&(0x7f0000000500)=""/190, 0xbe}, {&(0x7f00000005c0)=""/72, 0x48}], 0x2, &(0x7f0000000bc0), 0x0, 0x0) (async)
process_vm_readv(r10, &(0x7f0000000480)=[{&(0x7f0000000500)=""/190, 0xbe}, {&(0x7f00000005c0)=""/72, 0x48}], 0x2, &(0x7f0000000bc0), 0x0, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

174.130537ms ago: executing program 0 (id=2448):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000200), 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$fou(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000880)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0902000000000000000001000000050002000a00000014000700ff00000000000000000000000000000108000b00"], 0x38}}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0xa, 0x300)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x3, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x18)
write$P9_RXATTRCREATE(r4, &(0x7f00000000c0)={0x7, 0x21, 0x2}, 0x7)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r8}, 0x10)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000080)='D', 0x1)

135.913847ms ago: executing program 4 (id=2449):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0b00000005000000020000000600000005"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001a0000000c00018008000100", @ANYRES32=r5], 0x20}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wg1\x00', <r6=>0x0})
getpeername$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, <r7=>0x0}, &(0x7f0000000140)=0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000500)=ANY=[@ANYBLOB="c800acf00000", @ANYRES16=r3, @ANYBLOB="340329bd7000fedbdf25130000003000018008000100", @ANYRES32=r6, @ANYBLOB="0800030002000000140002006261746164765f736c6176655f30000008000300020000001400018008000100", @ANYRES32=r7, @ANYBLOB="080003000100000070000180140002006970365f76746930000000000000000014000200736974300000000000000000000000001400020076657468305f746f5f7465616d0000000800030000000000140002006970766c616e31000000000000000000140002006d616376746170300000000000000000"], 0xc8}, 0x1, 0x0, 0x0, 0x4004000}, 0x40000)
r8 = syz_io_uring_setup(0x5c5, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4, 0xfffffffd}, &(0x7f00000001c0)=<r9=>0x0, &(0x7f0000000580)=<r10=>0x0)
r11 = eventfd(0x1)
r12 = openat$zero(0xffffffffffffff9c, &(0x7f00000002c0), 0x42040, 0x0)
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), r2)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r12, &(0x7f0000000740)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0x20, r13, 0x1, 0x70bd29, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x7, 0x3b}}}}, ["", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x20004000}, 0x48c0)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r8, 0x7, &(0x7f00000010c0)=r11, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x3, 0x0, 0x0, 0x4, &(0x7f0000000280), 0x1, 0x40, 0x1})
io_uring_enter(r8, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)

119.248498ms ago: executing program 0 (id=2450):
r0 = syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$getregset(0x4204, r0, 0x201, &(0x7f0000000440)={0x0})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x11)
socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@remote, @in=@broadcast, 0xfffc, 0x0, 0x0, 0x0, 0xa, 0x0, 0x100}, {0x0, 0x0, 0x0, 0x0, 0x800000000, 0x0, 0x0, 0x5}}, {{@in6=@mcast2, 0x0, 0x2b}, 0x0, @in=@empty}}, 0xe8)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000020000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000353de54824e5a65f1d3a3f19e458f4ee8561ee7182c918297d3bf4dcd67c0e0b11eab98b498a7c09820147f6786c690b95b03416cbb5b806155ad131e92c8eb494171d72e7842157fc2d84252b78b633acecbd83fdaadabcd901173197989859543d47bed6938e9b855262b01d7ba4af5478bde25c483c96c8f6ade4fe02ec734f21614e5ef9059543f0d947908af2e3f5c1ee4a00d621a24f3b65475fdd6ffc5adef1276cb8bef1925578884a361b8d81beadcdd3c749ffa4738b7c01f59bf5cc991c111e1cb5c6863c392693636a9438f02f84cf291a76"], 0x48)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x20040, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r3, 0xc0189374, &(0x7f0000000040)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x1}}, './file0\x00'})

11.058999ms ago: executing program 5 (id=2451):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
r0 = open(0x0, 0x53f802, 0x0)
r1 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x2}, 0x0, 0x0, 0x0)
request_key(&(0x7f0000000380)='.dead\x00', &(0x7f00000003c0)={'syz', 0x3}, &(0x7f0000000400)='tmpfs\x00', r1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000008085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r2}, 0x10)
mq_open(&(0x7f0000000240)='kmem_cache_free\x00', 0x40, 0x1, &(0x7f0000000340)={0x5, 0x1, 0xfffffffffffffff9, 0x1})
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000180)=ANY=[@ANYRES16=r0, @ANYBLOB="e4cbbc1f5a70194dd695dc9c98a35a3ed6a021513e6f55c724176cf24eabd28b073f5b78e9765a53c9313d0354a17d15a27aa69bedd4d44c49e8a3f03d6777d58b3ea39c742299b005abf6886eb6b0b89226050cc65f789afd563a7be53f502f2e1f1e5e038358ed5fe001ca87c5b2a9792877b8c99445bb64df2fe53ad32d9a5359dbc47941fd0272cdb599b89d73498bbd5c1631966b1a8db7d130c825622742b0aa"])
r3 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x101000, 0x0, 0x22}, 0x18)
socket$inet_tcp(0x2, 0x1, 0x0)
mknodat$null(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x103)

0s ago: executing program 3 (id=2452):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x64}}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x200, 0xac)
ioctl$TIOCSWINSZ(r2, 0x5414, &(0x7f00000005c0)={0x6, 0x0, 0x4, 0x8})
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x510, 0x288, 0x288, 0xd0, 0x1b8, 0x358, 0x440, 0x440, 0x440, 0x440, 0x440, 0x6, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @empty, [0xffffffff, 0xff000000, 0xffffff00, 0xff000000], [0xffffff00, 0xff, 0xff, 0x7fffffff], 'hsr0\x00', 'xfrm0\x00', {0xff}, {0xff}, 0x29, 0x7, 0x2, 0x1}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x11}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@MARK={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x12}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x570)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x6}, 0x18)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)

kernel console output (not intermixed with test programs):

bitmap:441: comm syz.3.1392: bg 0: block 248: padding at end of block bitmap is not set
[  106.895310][ T7473] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1392: Failed to acquire dquot type 1
[  106.907500][ T7473] EXT4-fs (loop3): 1 truncate cleaned up
[  106.913861][ T7473] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  106.929740][ T7473] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  106.942073][ T7473] EXT4-fs warning (device loop3): read_mmp_block:115: Error -117 while reading MMP block 0
[  106.963068][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.017535][ T7478] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1394'.
[  107.052566][ T7480] netlink: 'syz.3.1395': attribute type 12 has an invalid length.
[  107.359385][ T7497] FAULT_INJECTION: forcing a failure.
[  107.359385][ T7497] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  107.374132][ T7497] CPU: 0 UID: 0 PID: 7497 Comm: syz.1.1403 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  107.374157][ T7497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  107.374169][ T7497] Call Trace:
[  107.374175][ T7497]  <TASK>
[  107.374183][ T7497]  __dump_stack+0x1d/0x30
[  107.374220][ T7497]  dump_stack_lvl+0xe8/0x140
[  107.374237][ T7497]  dump_stack+0x15/0x1b
[  107.374251][ T7497]  should_fail_ex+0x265/0x280
[  107.374335][ T7497]  should_fail+0xb/0x20
[  107.374404][ T7497]  should_fail_usercopy+0x1a/0x20
[  107.374433][ T7497]  _copy_to_user+0x20/0xa0
[  107.374470][ T7497]  simple_read_from_buffer+0xb5/0x130
[  107.374498][ T7497]  proc_fail_nth_read+0x100/0x140
[  107.374549][ T7497]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  107.374577][ T7497]  vfs_read+0x19d/0x6f0
[  107.374632][ T7497]  ? __rcu_read_unlock+0x4f/0x70
[  107.374651][ T7497]  ? __fget_files+0x184/0x1c0
[  107.374669][ T7497]  ksys_read+0xda/0x1a0
[  107.374729][ T7497]  __x64_sys_read+0x40/0x50
[  107.374755][ T7497]  x64_sys_call+0x2d77/0x2fb0
[  107.374773][ T7497]  do_syscall_64+0xd2/0x200
[  107.374789][ T7497]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  107.374883][ T7497]  ? clear_bhb_loop+0x40/0x90
[  107.374901][ T7497]  ? clear_bhb_loop+0x40/0x90
[  107.374919][ T7497]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.374937][ T7497] RIP: 0033:0x7f5fa281d3bc
[  107.374950][ T7497] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  107.375035][ T7497] RSP: 002b:00007f5fa0e7f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  107.375059][ T7497] RAX: ffffffffffffffda RBX: 00007f5fa2a45fa0 RCX: 00007f5fa281d3bc
[  107.375073][ T7497] RDX: 000000000000000f RSI: 00007f5fa0e7f0a0 RDI: 0000000000000006
[  107.375084][ T7497] RBP: 00007f5fa0e7f090 R08: 0000000000000000 R09: 0000000000000000
[  107.375117][ T7497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.375132][ T7497] R13: 0000000000000000 R14: 00007f5fa2a45fa0 R15: 00007ffd599acee8
[  107.375151][ T7497]  </TASK>
[  107.702776][ T7509] loop1: detected capacity change from 0 to 512
[  107.711028][ T7509] journal_path: Lookup failure for './file0/../file0'
[  107.717951][ T7509] EXT4-fs: error: could not find journal device path
[  107.800082][ T7518] loop1: detected capacity change from 0 to 128
[  107.807072][ T7518] EXT4-fs: Ignoring removed nobh option
[  107.818616][ T7518] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  107.837426][ T7518] ext4 filesystem being mounted at /286/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  107.931487][ T7531] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  107.950722][ T7531] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  107.960314][ T3314] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  107.977858][   T29] kauditd_printk_skb: 418 callbacks suppressed
[  107.977874][   T29] audit: type=1400 audit(1753277196.754:6683): avc:  denied  { bind } for  pid=7525 comm="syz.3.1412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  108.004914][   T29] audit: type=1400 audit(1753277196.754:6684): avc:  denied  { write } for  pid=7525 comm="syz.3.1412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  108.029871][   T29] audit: type=1326 audit(1753277196.804:6685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7532 comm="syz.0.1415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd15040e9a9 code=0x7ffc0000
[  108.030066][ T7531] netlink: 'syz.3.1412': attribute type 1 has an invalid length.
[  108.054795][   T29] audit: type=1326 audit(1753277196.804:6686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7532 comm="syz.0.1415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7fd15040e9a9 code=0x7ffc0000
[  108.145795][   T29] audit: type=1326 audit(1753277196.914:6687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7537 comm="syz.1.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa281e9a9 code=0x7ffc0000
[  108.171224][   T29] audit: type=1326 audit(1753277196.914:6688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7537 comm="syz.1.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa281e9a9 code=0x7ffc0000
[  108.195981][   T29] audit: type=1326 audit(1753277196.914:6689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7537 comm="syz.1.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7f5fa281e9a9 code=0x7ffc0000
[  108.220680][   T29] audit: type=1326 audit(1753277196.914:6690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7537 comm="syz.1.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa281e9a9 code=0x7ffc0000
[  108.245562][   T29] audit: type=1326 audit(1753277196.914:6691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7537 comm="syz.1.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f5fa281e9a9 code=0x7ffc0000
[  108.270420][   T29] audit: type=1326 audit(1753277196.914:6692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7537 comm="syz.1.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa281e9a9 code=0x7ffc0000
[  108.315092][ T7548] netlink: 'syz.2.1419': attribute type 12 has an invalid length.
[  108.356992][ T7554] loop4: detected capacity change from 0 to 512
[  108.365097][ T7554] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  108.373281][ T7554] System zones: 1-12
[  108.378024][ T7554] EXT4-fs error (device loop4): ext4_xattr_inode_iget:442: comm syz.4.1422: error while reading EA inode 32 err=-116
[  108.390726][ T7554] EXT4-fs (loop4): Remounting filesystem read-only
[  108.397559][ T7554] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  108.408430][ T7554] EXT4-fs (loop4): 1 orphan inode deleted
[  108.414558][ T7554] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.440233][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.505712][ T7571] loop3: detected capacity change from 0 to 1024
[  108.519000][ T7571] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.524122][ T7575] loop2: detected capacity change from 0 to 512
[  108.539632][ T7571] ext4 filesystem being mounted at /316/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.552328][ T7575] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  108.588384][ T7575] EXT4-fs (loop2): 1 truncate cleaned up
[  108.606167][ T7575] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.672551][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.674408][   T37] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 393: padding at end of block bitmap is not set
[  108.698067][   T37] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2035 with error 117
[  108.711495][   T37] EXT4-fs (loop3): This should not happen!! Data will be lost
[  108.711495][   T37] 
[  108.719160][ T7583] loop2: detected capacity change from 0 to 512
[  108.730067][ T7583] EXT4-fs (loop2): orphan cleanup on readonly fs
[  108.737919][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.738405][ T7583] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1433: bg 0: block 248: padding at end of block bitmap is not set
[  108.762962][ T7583] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1433: Failed to acquire dquot type 1
[  108.775333][ T7583] EXT4-fs (loop2): 1 truncate cleaned up
[  108.781823][ T7583] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  108.799632][ T7583] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  108.810023][ T7583] EXT4-fs warning (device loop2): read_mmp_block:115: Error -117 while reading MMP block 0
[  108.830416][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.938652][ T7596] FAULT_INJECTION: forcing a failure.
[  108.938652][ T7596] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  108.953513][ T7596] CPU: 1 UID: 0 PID: 7596 Comm: syz.2.1437 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  108.953547][ T7596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  108.953562][ T7596] Call Trace:
[  108.953602][ T7596]  <TASK>
[  108.953611][ T7596]  __dump_stack+0x1d/0x30
[  108.953635][ T7596]  dump_stack_lvl+0xe8/0x140
[  108.953659][ T7596]  dump_stack+0x15/0x1b
[  108.953680][ T7596]  should_fail_ex+0x265/0x280
[  108.953719][ T7596]  should_fail+0xb/0x20
[  108.953772][ T7596]  should_fail_usercopy+0x1a/0x20
[  108.953869][ T7596]  _copy_from_user+0x1c/0xb0
[  108.953890][ T7596]  __se_sys_add_key+0x209/0x350
[  108.953919][ T7596]  __x64_sys_add_key+0x67/0x80
[  108.953949][ T7596]  x64_sys_call+0x1d0d/0x2fb0
[  108.953970][ T7596]  do_syscall_64+0xd2/0x200
[  108.954058][ T7596]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  108.954157][ T7596]  ? clear_bhb_loop+0x40/0x90
[  108.954183][ T7596]  ? clear_bhb_loop+0x40/0x90
[  108.954270][ T7596]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.954291][ T7596] RIP: 0033:0x7fc648b0e9a9
[  108.954307][ T7596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.954335][ T7596] RSP: 002b:00007fc647177038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  108.954378][ T7596] RAX: ffffffffffffffda RBX: 00007fc648d35fa0 RCX: 00007fc648b0e9a9
[  108.954395][ T7596] RDX: 0000200000000840 RSI: 0000000000000000 RDI: 00002000000001c0
[  108.954411][ T7596] RBP: 00007fc647177090 R08: ffffffffffffffff R09: 0000000000000000
[  108.954424][ T7596] R10: 000000000000000c R11: 0000000000000246 R12: 0000000000000001
[  108.954436][ T7596] R13: 0000000000000001 R14: 00007fc648d35fa0 R15: 00007ffd6dd12898
[  108.954458][ T7596]  </TASK>
[  109.160315][ T7598] __nla_validate_parse: 7 callbacks suppressed
[  109.160333][ T7598] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1438'.
[  109.388811][ T7612] loop2: detected capacity change from 0 to 512
[  109.436323][ T7612] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  109.468724][ T7614] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1441'.
[  109.487727][ T7612] EXT4-fs (loop2): 1 truncate cleaned up
[  109.498603][ T7612] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.574786][ T7625] loop4: detected capacity change from 0 to 256
[  109.583687][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.620535][ T7625] FAT-fs (loop4): bogus logical sector size 133
[  109.626967][ T7625] FAT-fs (loop4): Can't find a valid FAT filesystem
[  109.635049][ T7627] netlink: 'syz.0.1451': attribute type 12 has an invalid length.
[  109.706154][ T7640] loop1: detected capacity change from 0 to 512
[  109.716286][ T7640] EXT4-fs (loop1): orphan cleanup on readonly fs
[  109.724036][ T7640] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1455: bg 0: block 248: padding at end of block bitmap is not set
[  109.727195][ T7644] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1452'.
[  109.740943][ T7640] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1455: Failed to acquire dquot type 1
[  109.761484][ T7644] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1452'.
[  109.773639][ T7640] EXT4-fs (loop1): 1 truncate cleaned up
[  109.790790][ T7640] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  109.791390][ T7643] lo speed is unknown, defaulting to 1000
[  109.807721][ T7648] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1458'.
[  109.851330][ T7640] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  109.866764][ T7640] EXT4-fs warning (device loop1): read_mmp_block:115: Error -117 while reading MMP block 0
[  109.900980][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.945012][ T7657] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1463'.
[  109.954156][ T7657] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1463'.
[  110.006315][ T7664] loop2: detected capacity change from 0 to 512
[  110.014863][ T7664] journal_path: Lookup failure for './file0/../file0'
[  110.022167][ T7664] EXT4-fs: error: could not find journal device path
[  110.038279][ T7667] loop1: detected capacity change from 0 to 128
[  110.050413][ T7667] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  110.066583][ T7667] ext4 filesystem being mounted at /293/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  110.102979][ T7667] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1466'.
[  110.117840][ T7667] team1: entered promiscuous mode
[  110.133636][ T7667] team1: entered allmulticast mode
[  110.197546][ T3314] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  110.221256][ T7673] FAULT_INJECTION: forcing a failure.
[  110.221256][ T7673] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  110.234778][ T7673] CPU: 0 UID: 0 PID: 7673 Comm: syz.2.1467 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  110.234806][ T7673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  110.234818][ T7673] Call Trace:
[  110.234825][ T7673]  <TASK>
[  110.234833][ T7673]  __dump_stack+0x1d/0x30
[  110.234932][ T7673]  dump_stack_lvl+0xe8/0x140
[  110.235017][ T7673]  dump_stack+0x15/0x1b
[  110.235038][ T7673]  should_fail_ex+0x265/0x280
[  110.235080][ T7673]  should_fail+0xb/0x20
[  110.235152][ T7673]  should_fail_usercopy+0x1a/0x20
[  110.235193][ T7673]  _copy_to_user+0x20/0xa0
[  110.235220][ T7673]  copy_siginfo_to_user+0x22/0xb0
[  110.235293][ T7673]  x64_setup_rt_frame+0x2b5/0x580
[  110.235320][ T7673]  arch_do_signal_or_restart+0x27c/0x480
[  110.235351][ T7673]  exit_to_user_mode_loop+0x7a/0x100
[  110.235384][ T7673]  do_syscall_64+0x1d6/0x200
[  110.235442][ T7673]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  110.235468][ T7673]  ? clear_bhb_loop+0x40/0x90
[  110.235494][ T7673]  ? clear_bhb_loop+0x40/0x90
[  110.235562][ T7673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.235645][ T7673] RIP: 0033:0x7fc648b0e9a9
[  110.235664][ T7673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.235687][ T7673] RSP: 002b:00007fc647177038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  110.235705][ T7673] RAX: fffffffffffffffc RBX: 00007fc648d35fa0 RCX: 00007fc648b0e9a9
[  110.235717][ T7673] RDX: 0000000000000003 RSI: 0000000000005607 RDI: 0000000000000006
[  110.235732][ T7673] RBP: 00007fc647177090 R08: 0000000000000000 R09: 0000000000000000
[  110.235777][ T7673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.235792][ T7673] R13: 0000000000000000 R14: 00007fc648d35fa0 R15: 00007ffd6dd12898
[  110.235816][ T7673]  </TASK>
[  110.453857][ T7680] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1470'.
[  110.532989][ T7683] loop2: detected capacity change from 0 to 4096
[  110.554052][ T7683] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  110.574634][ T7683] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.609349][ T7693] loop3: detected capacity change from 0 to 512
[  110.679169][ T7693] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.703342][ T7693] ext4 filesystem being mounted at /324/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  110.732978][ T7693] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.804256][ T7715] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1481'.
[  110.873531][ T7718] loop1: detected capacity change from 0 to 512
[  110.882544][ T7718] journal_path: Lookup failure for './file0/../file0'
[  110.889536][ T7718] EXT4-fs: error: could not find journal device path
[  110.901711][ T7717] lo: entered promiscuous mode
[  110.908356][   T36] lo speed is unknown, defaulting to 1000
[  111.029500][ T7732] loop1: detected capacity change from 0 to 256
[  111.042524][ T7732] FAT-fs (loop1): bogus logical sector size 133
[  111.049523][ T7732] FAT-fs (loop1): Can't find a valid FAT filesystem
[  111.065211][ T7735] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  111.103191][ T7732] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[  111.353993][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.513300][ T7757] loop3: detected capacity change from 0 to 512
[  111.703307][ T7761] netlink: 'syz.1.1497': attribute type 10 has an invalid length.
[  111.717197][ T7761] 8021q: adding VLAN 0 to HW filter on device batadv0
[  111.727961][ T7761] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  111.793402][ T7765] loop3: detected capacity change from 0 to 256
[  111.830855][ T7765] FAT-fs (loop3): bogus logical sector size 133
[  111.837394][ T7765] FAT-fs (loop3): Can't find a valid FAT filesystem
[  112.138816][ T7772] TCP: TCP_TX_DELAY enabled
[  112.302800][ T7784] netlink: 'syz.2.1508': attribute type 12 has an invalid length.
[  112.405586][ T7792] loop1: detected capacity change from 0 to 128
[  112.431763][ T7799] loop3: detected capacity change from 0 to 256
[  112.447684][ T7799] FAT-fs (loop3): bogus logical sector size 133
[  112.454218][ T7799] FAT-fs (loop3): Can't find a valid FAT filesystem
[  112.800481][ T7825] netlink: 'syz.3.1525': attribute type 12 has an invalid length.
[  112.970915][ T7839] loop3: detected capacity change from 0 to 4096
[  112.978308][ T7839] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  112.998319][ T7839] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.108529][   T29] kauditd_printk_skb: 704 callbacks suppressed
[  113.108560][   T29] audit: type=1326 audit(1753277201.884:7393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7843 comm="syz.0.1532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd15040e9a9 code=0x7ffc0000
[  113.143887][   T29] audit: type=1326 audit(1753277201.884:7394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7843 comm="syz.0.1532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7fd15040e9a9 code=0x7ffc0000
[  113.169020][   T29] audit: type=1326 audit(1753277201.884:7395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7843 comm="syz.0.1532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd15040e9a9 code=0x7ffc0000
[  113.193519][   T29] audit: type=1326 audit(1753277201.884:7396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7843 comm="syz.0.1532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd15040e9a9 code=0x7ffc0000
[  113.220553][   T29] audit: type=1326 audit(1753277201.884:7397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7843 comm="syz.0.1532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7fd15040e9a9 code=0x7ffc0000
[  113.246100][   T29] audit: type=1326 audit(1753277201.884:7398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7843 comm="syz.0.1532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd15040e9a9 code=0x7ffc0000
[  113.271022][   T29] audit: type=1326 audit(1753277201.884:7399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7843 comm="syz.0.1532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd15040e9a9 code=0x7ffc0000
[  113.295798][   T29] audit: type=1326 audit(1753277201.884:7400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7843 comm="syz.0.1532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd15040e9a9 code=0x7ffc0000
[  113.319925][   T29] audit: type=1326 audit(1753277201.894:7401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7843 comm="syz.0.1532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd15040e9a9 code=0x7ffc0000
[  113.344105][   T29] audit: type=1326 audit(1753277201.894:7402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7843 comm="syz.0.1532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd15040e9a9 code=0x7ffc0000
[  113.433358][ T7862] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.479986][ T7862] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.519993][ T7862] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.603830][ T7862] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.653092][ T7862] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.664861][ T7862] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.677350][ T7862] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  113.680900][ T7862] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.696552][ T7864] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.748120][ T7864] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.800627][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.818720][ T7864] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.900049][ T7864] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.920735][ T7883] loop3: detected capacity change from 0 to 256
[  113.928045][ T7881] 
: renamed from bond0
[  113.928590][ T7883] FAT-fs (loop3): bogus logical sector size 133
[  113.939406][ T7883] FAT-fs (loop3): Can't find a valid FAT filesystem
[  114.012273][ T7891] loop3: detected capacity change from 0 to 736
[  114.251128][ T7897] loop2: detected capacity change from 0 to 512
[  114.260183][ T7897] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  114.268428][ T7897] System zones: 1-12
[  114.273103][ T7897] EXT4-fs error (device loop2): ext4_xattr_inode_iget:442: comm syz.2.1550: error while reading EA inode 32 err=-116
[  114.285728][ T7897] EXT4-fs (loop2): Remounting filesystem read-only
[  114.292334][ T7897] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  114.302536][ T7897] EXT4-fs (loop2): 1 orphan inode deleted
[  114.308770][ T7897] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.331079][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.541708][ T7910] loop1: detected capacity change from 0 to 2048
[  114.586941][ T7910]  loop1: p1 < > p4
[  114.596493][ T7910] loop1: p4 size 8388608 extends beyond EOD, truncated
[  114.652174][ T7920] __nla_validate_parse: 15 callbacks suppressed
[  114.652194][ T7920] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1561'.
[  114.692911][ T7925] netlink: 'syz.2.1563': attribute type 12 has an invalid length.
[  114.806039][ T7931] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1562'.
[  114.815418][ T7931] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1562'.
[  114.982283][ T7944] lo speed is unknown, defaulting to 1000
[  115.651158][ T7985] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1586'.
[  115.660610][ T7985] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1586'.
[  115.704822][ T7986] loop2: detected capacity change from 0 to 512
[  115.711602][ T7986] journal_path: Lookup failure for './file0/../file0'
[  115.718466][ T7986] EXT4-fs: error: could not find journal device path
[  116.090284][ T8000] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1590'.
[  116.101731][ T8000] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1590'.
[  116.567680][ T8022] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1599'.
[  116.577773][ T8022] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1599'.
[  116.755326][ T8034] loop2: detected capacity change from 0 to 736
[  116.962862][ T8114] loop3: detected capacity change from 0 to 512
[  116.972212][ T8114] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  116.980592][ T8114] System zones: 1-12
[  116.985807][ T8114] EXT4-fs error (device loop3): ext4_xattr_inode_iget:442: comm syz.3.1611: error while reading EA inode 32 err=-116
[  116.999203][ T8114] EXT4-fs (loop3): Remounting filesystem read-only
[  117.005876][ T8114] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  117.018031][ T8114] EXT4-fs (loop3): 1 orphan inode deleted
[  117.215005][ T8125] loop3: detected capacity change from 0 to 1764
[  117.424678][ T8125] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  117.433747][ T8125] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  117.561964][ T7864] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  117.574691][ T7864] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  117.586287][ T7864] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  117.598530][ T7864] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  117.689267][ T8138] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1620'.
[  117.719606][ T8141] netlink: 'syz.2.1621': attribute type 13 has an invalid length.
[  117.946044][ T8159] x_tables: duplicate underflow at hook 1
[  118.047601][ T8182] netlink: 'syz.3.1637': attribute type 13 has an invalid length.
[  118.179528][   T29] kauditd_printk_skb: 465 callbacks suppressed
[  118.179543][   T29] audit: type=1400 audit(1753277206.954:7868): avc:  denied  { mount } for  pid=8193 comm="syz.3.1642" name="/" dev="hugetlbfs" ino=19979 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  118.223759][   T29] audit: type=1400 audit(1753277206.994:7869): avc:  denied  { unmount } for  pid=3317 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  118.285930][ T8200] loop3: detected capacity change from 0 to 736
[  118.307018][ T8204] FAULT_INJECTION: forcing a failure.
[  118.307018][ T8204] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  118.320950][ T8204] CPU: 1 UID: 0 PID: 8204 Comm: syz.1.1645 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  118.321013][ T8204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  118.321030][ T8204] Call Trace:
[  118.321038][ T8204]  <TASK>
[  118.321099][ T8204]  __dump_stack+0x1d/0x30
[  118.321154][ T8204]  dump_stack_lvl+0xe8/0x140
[  118.321177][ T8204]  dump_stack+0x15/0x1b
[  118.321198][ T8204]  should_fail_ex+0x265/0x280
[  118.321236][ T8204]  should_fail+0xb/0x20
[  118.321287][ T8204]  should_fail_usercopy+0x1a/0x20
[  118.321354][ T8204]  _copy_from_user+0x1c/0xb0
[  118.321393][ T8204]  vti6_siocdevprivate+0x132/0x8e0
[  118.321437][ T8204]  dev_ifsioc+0x8f5/0xaa0
[  118.321464][ T8204]  dev_ioctl+0x78d/0x960
[  118.321487][ T8204]  sock_ioctl+0x593/0x610
[  118.321527][ T8204]  ? __pfx_sock_ioctl+0x10/0x10
[  118.321550][ T8204]  __se_sys_ioctl+0xcb/0x140
[  118.321593][ T8204]  __x64_sys_ioctl+0x43/0x50
[  118.321635][ T8204]  x64_sys_call+0x19a8/0x2fb0
[  118.321657][ T8204]  do_syscall_64+0xd2/0x200
[  118.321676][ T8204]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  118.321708][ T8204]  ? clear_bhb_loop+0x40/0x90
[  118.321772][ T8204]  ? clear_bhb_loop+0x40/0x90
[  118.321798][ T8204]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.321858][ T8204] RIP: 0033:0x7f5fa281e9a9
[  118.321877][ T8204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.321899][ T8204] RSP: 002b:00007f5fa0e7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  118.321922][ T8204] RAX: ffffffffffffffda RBX: 00007f5fa2a45fa0 RCX: 00007f5fa281e9a9
[  118.321938][ T8204] RDX: 0000200000000080 RSI: 00000000000089f1 RDI: 0000000000000009
[  118.322020][ T8204] RBP: 00007f5fa0e7f090 R08: 0000000000000000 R09: 0000000000000000
[  118.322035][ T8204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.322050][ T8204] R13: 0000000000000000 R14: 00007f5fa2a45fa0 R15: 00007ffd599acee8
[  118.322073][ T8204]  </TASK>
[  118.611420][   T29] audit: type=1400 audit(1753277207.384:7870): avc:  denied  { ioctl } for  pid=8212 comm="syz.3.1649" path="socket:[19344]" dev="sockfs" ino=19344 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  118.639200][   T29] audit: type=1400 audit(1753277207.384:7871): avc:  denied  { mount } for  pid=8212 comm="syz.3.1649" name="/" dev="ramfs" ino=19346 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  118.671230][   T29] audit: type=1400 audit(1753277207.444:7872): avc:  denied  { write } for  pid=8212 comm="syz.3.1649" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  118.730146][ T8216] loop2: detected capacity change from 0 to 256
[  118.760175][ T8222] loop3: detected capacity change from 0 to 512
[  118.767230][ T8222] journal_path: Lookup failure for './file0/../file0'
[  118.767568][ T8216] FAT-fs (loop2): bogus logical sector size 133
[  118.774033][ T8222] EXT4-fs: error: could not find journal device path
[  118.780363][ T8216] FAT-fs (loop2): Can't find a valid FAT filesystem
[  118.807912][   T29] audit: type=1326 audit(1753277207.584:7873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz.2.1651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc648b0e9a9 code=0x7ffc0000
[  118.811988][ T8216] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2
[  118.837325][   T29] audit: type=1326 audit(1753277207.584:7874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz.2.1651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc648b0e9a9 code=0x7ffc0000
[  118.864210][   T29] audit: type=1326 audit(1753277207.584:7875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz.2.1651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc648b0e9a9 code=0x7ffc0000
[  118.887980][   T29] audit: type=1326 audit(1753277207.584:7876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz.2.1651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc648b0e9a9 code=0x7ffc0000
[  118.929231][   T29] audit: type=1326 audit(1753277207.694:7877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz.2.1651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc648b0e9a9 code=0x7ffc0000
[  119.007529][ T8240] loop2: detected capacity change from 0 to 736
[  119.113225][ T8252] loop1: detected capacity change from 0 to 512
[  119.129428][ T8252] journal_path: Lookup failure for './file0/../file0'
[  119.136636][ T8252] EXT4-fs: error: could not find journal device path
[  119.225121][ T8264] loop1: detected capacity change from 0 to 256
[  119.250101][ T8264] FAT-fs (loop1): bogus logical sector size 133
[  119.256936][ T8264] FAT-fs (loop1): Can't find a valid FAT filesystem
[  119.273512][ T8264] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[  119.494394][ T8279] netlink: 'syz.3.1674': attribute type 4 has an invalid length.
[  119.539812][ T8279] loop3: detected capacity change from 0 to 512
[  119.564329][ T8279] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  119.592599][ T8279] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.1674: invalid block
[  119.606170][ T8279] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1674: invalid indirect mapped block 4294967295 (level 1)
[  119.623130][ T8279] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1674: invalid indirect mapped block 4294967295 (level 1)
[  119.639147][ T8279] EXT4-fs (loop3): 2 truncates cleaned up
[  119.650868][ T8279] EXT4-fs (loop3): shut down requested (2)
[  119.666713][ T8279] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  119.675722][ T8279] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  119.685155][ T8279] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  119.697722][ T8292] __nla_validate_parse: 6 callbacks suppressed
[  119.697744][ T8292] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1679'.
[  119.714796][ T8294] loop1: detected capacity change from 0 to 2048
[  119.787622][ T8304] loop3: detected capacity change from 0 to 256
[  119.814141][ T8304] FAT-fs (loop3): bogus logical sector size 133
[  119.820687][ T8304] FAT-fs (loop3): Can't find a valid FAT filesystem
[  120.029324][ T8318] loop2: detected capacity change from 0 to 2048
[  120.040551][ T8321] loop3: detected capacity change from 0 to 512
[  120.068315][ T8321] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  120.127117][ T8321] System zones: 1-12
[  120.149813][ T8327] SELinux: syz.2.1688 (8327) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  120.168534][ T8321] EXT4-fs error (device loop3): ext4_xattr_inode_iget:442: comm syz.3.1689: error while reading EA inode 32 err=-116
[  120.214930][ T8329] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1691'.
[  120.240215][ T8321] EXT4-fs (loop3): Remounting filesystem read-only
[  120.246928][ T8321] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  120.272503][ T8321] EXT4-fs (loop3): 1 orphan inode deleted
[  120.397228][ T8343] loop1: detected capacity change from 0 to 1024
[  120.424167][ T8343] ext4: Unknown parameter 'uid<00000000000000000000'
[  120.480794][ T8347] x_tables: duplicate underflow at hook 1
[  120.488616][ T8350] loop2: detected capacity change from 0 to 256
[  120.495988][ T8350] FAT-fs (loop2): bogus logical sector size 133
[  120.502726][ T8350] FAT-fs (loop2): Can't find a valid FAT filesystem
[  120.522524][ T8350] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2
[  120.828422][ T8373] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1710'.
[  120.837667][ T8373] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1710'.
[  120.873460][ T8377] loop1: detected capacity change from 0 to 736
[  120.944013][ T8381] loop2: detected capacity change from 0 to 4096
[  120.952088][ T8381] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  121.036938][ T8399] netlink: 'syz.1.1719': attribute type 3 has an invalid length.
[  121.045254][ T8399] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1719'.
[  121.056466][ T8399] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1719'.
[  121.090111][ T8403] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1718'.
[  121.100856][ T8403] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1718'.
[  121.214607][ T8411] xt_TPROXY: Can be used only with -p tcp or -p udp
[  121.409076][ T8427] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1726'.
[  121.418266][ T8427] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1726'.
[  121.456078][ T8430] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[  121.790663][ T8442] loop2: detected capacity change from 0 to 2048
[  121.797454][ T8442] ext3: Unknown parameter 'hash'
[  121.913506][ T8449] netlink: 'syz.4.1737': attribute type 4 has an invalid length.
[  121.924577][   T36] lo speed is unknown, defaulting to 1000
[  121.930693][   T36] syz0: Port: 1 Link DOWN
[  122.230801][ T8479] netlink: 'syz.4.1748': attribute type 12 has an invalid length.
[  122.241537][ T8481] FAULT_INJECTION: forcing a failure.
[  122.241537][ T8481] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  122.254935][ T8481] CPU: 1 UID: 0 PID: 8481 Comm: syz.0.1749 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  122.254968][ T8481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  122.254985][ T8481] Call Trace:
[  122.254993][ T8481]  <TASK>
[  122.255036][ T8481]  __dump_stack+0x1d/0x30
[  122.255062][ T8481]  dump_stack_lvl+0xe8/0x140
[  122.255086][ T8481]  dump_stack+0x15/0x1b
[  122.255174][ T8481]  should_fail_ex+0x265/0x280
[  122.255288][ T8481]  should_fail+0xb/0x20
[  122.255330][ T8481]  should_fail_usercopy+0x1a/0x20
[  122.255370][ T8481]  _copy_from_user+0x1c/0xb0
[  122.255409][ T8481]  __sys_sendto+0x19e/0x330
[  122.255479][ T8481]  __x64_sys_sendto+0x76/0x90
[  122.255516][ T8481]  x64_sys_call+0x2eb6/0x2fb0
[  122.255540][ T8481]  do_syscall_64+0xd2/0x200
[  122.255563][ T8481]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  122.255624][ T8481]  ? clear_bhb_loop+0x40/0x90
[  122.255645][ T8481]  ? clear_bhb_loop+0x40/0x90
[  122.255668][ T8481]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.255774][ T8481] RIP: 0033:0x7fd15040e9a9
[  122.255791][ T8481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.255810][ T8481] RSP: 002b:00007fd14ea6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  122.255829][ T8481] RAX: ffffffffffffffda RBX: 00007fd150635fa0 RCX: 00007fd15040e9a9
[  122.255841][ T8481] RDX: 000000000000ffe0 RSI: 0000200000000100 RDI: 0000000000000003
[  122.255853][ T8481] RBP: 00007fd14ea6f090 R08: 0000200000000140 R09: 000000000000001c
[  122.255868][ T8481] R10: 000000002000c851 R11: 0000000000000246 R12: 0000000000000001
[  122.256035][ T8481] R13: 0000000000000000 R14: 00007fd150635fa0 R15: 00007ffd5880bb68
[  122.256066][ T8481]  </TASK>
[  122.741944][ T8514] 9pnet_fd: Insufficient options for proto=fd
[  122.791813][ T8518] netlink: 'syz.2.1765': attribute type 13 has an invalid length.
[  122.926685][ T8529] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on
[  122.954632][ T8527] lo speed is unknown, defaulting to 1000
[  123.135626][ T8546] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  123.202757][ T8552] loop3: detected capacity change from 0 to 736
[  123.241474][ T8554] netlink: 'syz.3.1779': attribute type 13 has an invalid length.
[  123.474500][   T29] kauditd_printk_skb: 914 callbacks suppressed
[  123.474517][   T29] audit: type=1326 audit(1753801500.153:8792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8571 comm="syz.0.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd15040e9a9 code=0x7ffc0000
[  123.511206][   T29] audit: type=1326 audit(1753801500.153:8793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8571 comm="syz.0.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd15040e9a9 code=0x7ffc0000
[  123.538166][   T29] audit: type=1326 audit(1753801500.153:8794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8571 comm="syz.0.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fd15040e9a9 code=0x7ffc0000
[  123.562034][   T29] audit: type=1326 audit(1753801500.153:8795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8571 comm="syz.0.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd15040e9e3 code=0x7ffc0000
[  123.586827][   T29] audit: type=1326 audit(1753801500.153:8796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8571 comm="syz.0.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd15040d45f code=0x7ffc0000
[  123.610524][   T29] audit: type=1326 audit(1753801500.153:8797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8571 comm="syz.0.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fd15040ea37 code=0x7ffc0000
[  123.634870][   T29] audit: type=1326 audit(1753801500.192:8798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8571 comm="syz.0.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd15040d310 code=0x7ffc0000
[  123.659127][   T29] audit: type=1326 audit(1753801500.192:8799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8571 comm="syz.0.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd15040d60a code=0x7ffc0000
[  123.686911][   T29] audit: type=1326 audit(1753801500.192:8800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8571 comm="syz.0.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd15040e9a9 code=0x7ffc0000
[  123.710523][   T29] audit: type=1326 audit(1753801500.192:8801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8571 comm="syz.0.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd15040e9a9 code=0x7ffc0000
[  123.801222][ T8583] netlink: 'syz.3.1790': attribute type 13 has an invalid length.
[  123.964476][ T8601] loop3: detected capacity change from 0 to 512
[  123.993649][ T8601] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  124.025465][ T8601] EXT4-fs (loop3): 1 truncate cleaned up
[  124.097553][ T8613] loop3: detected capacity change from 0 to 1024
[  124.112085][ T8613] ext4: Unknown parameter 'uid<00000000000000000000'
[  124.322774][ T8636] loop2: detected capacity change from 0 to 512
[  124.345255][ T8636] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  124.360658][ T8636] EXT4-fs (loop2): 1 truncate cleaned up
[  124.403750][ T8642] loop2: detected capacity change from 0 to 256
[  124.414957][ T8642] FAT-fs (loop2): bogus logical sector size 133
[  124.421449][ T8642] FAT-fs (loop2): Can't find a valid FAT filesystem
[  124.443971][ T8642] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2
[  124.503975][ T8652] loop3: detected capacity change from 0 to 1024
[  124.512899][ T8652] ext4: Unknown parameter 'uid<00000000000000000000'
[  124.807358][ T8669] loop2: detected capacity change from 0 to 4096
[  124.814870][ T8669] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  125.037347][ T8678] __nla_validate_parse: 19 callbacks suppressed
[  125.037369][ T8678] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1825'.
[  125.055868][ T8678] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1825'.
[  125.140412][ T8682] netlink: 'syz.3.1826': attribute type 13 has an invalid length.
[  125.230514][ T8687] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1827'.
[  125.245115][ T8687] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1827'.
[  125.256592][ T8693] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1831'.
[  125.470177][ T8701] loop3: detected capacity change from 0 to 1764
[  125.477116][ T8701] iso9660: Bad value for 'check'
[  125.693257][ T8722] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1843'.
[  125.724866][ T8726] loop2: detected capacity change from 0 to 512
[  125.732792][ T8726] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  125.741270][ T8726] System zones: 1-12
[  125.746151][ T8726] EXT4-fs error (device loop2): ext4_xattr_inode_iget:442: comm syz.2.1846: error while reading EA inode 32 err=-116
[  125.759634][ T8726] EXT4-fs (loop2): Remounting filesystem read-only
[  125.766411][ T8726] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  125.776788][ T8726] EXT4-fs (loop2): 1 orphan inode deleted
[  125.855927][ T8736] FAULT_INJECTION: forcing a failure.
[  125.855927][ T8736] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  125.869374][ T8736] CPU: 1 UID: 0 PID: 8736 Comm: syz.1.1849 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  125.869403][ T8736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  125.869418][ T8736] Call Trace:
[  125.869426][ T8736]  <TASK>
[  125.869436][ T8736]  __dump_stack+0x1d/0x30
[  125.869462][ T8736]  dump_stack_lvl+0xe8/0x140
[  125.869529][ T8736]  dump_stack+0x15/0x1b
[  125.869551][ T8736]  should_fail_ex+0x265/0x280
[  125.869589][ T8736]  should_fail+0xb/0x20
[  125.869626][ T8736]  should_fail_usercopy+0x1a/0x20
[  125.869680][ T8736]  strncpy_from_user+0x25/0x230
[  125.869745][ T8736]  ? kmem_cache_alloc_noprof+0x186/0x310
[  125.869773][ T8736]  ? getname_flags+0x80/0x3b0
[  125.869827][ T8736]  getname_flags+0xae/0x3b0
[  125.869856][ T8736]  user_path_at+0x28/0x130
[  125.869889][ T8736]  vfs_open_tree+0xef/0x540
[  125.869913][ T8736]  __x64_sys_open_tree+0x45/0xc0
[  125.869958][ T8736]  x64_sys_call+0x28d3/0x2fb0
[  125.870006][ T8736]  do_syscall_64+0xd2/0x200
[  125.870065][ T8736]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  125.870097][ T8736]  ? clear_bhb_loop+0x40/0x90
[  125.870174][ T8736]  ? clear_bhb_loop+0x40/0x90
[  125.870202][ T8736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.870222][ T8736] RIP: 0033:0x7f5fa281e9a9
[  125.870237][ T8736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.870258][ T8736] RSP: 002b:00007f5fa0e7f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ac
[  125.870278][ T8736] RAX: ffffffffffffffda RBX: 00007f5fa2a45fa0 RCX: 00007f5fa281e9a9
[  125.870340][ T8736] RDX: 0000000000001000 RSI: 0000200000000480 RDI: ffffffffffffffff
[  125.870356][ T8736] RBP: 00007f5fa0e7f090 R08: 0000000000000000 R09: 0000000000000000
[  125.870369][ T8736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.870380][ T8736] R13: 0000000000000000 R14: 00007f5fa2a45fa0 R15: 00007ffd599acee8
[  125.870400][ T8736]  </TASK>
[  126.084202][ T8739] lo speed is unknown, defaulting to 1000
[  126.438262][ T8767] loop3: detected capacity change from 0 to 736
[  126.494185][ T8771] loop3: detected capacity change from 0 to 512
[  126.529828][ T8771] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.1862: corrupted inode contents
[  126.546570][ T8771] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #16: comm syz.3.1862: mark_inode_dirty error
[  126.567800][ T8771] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.1862: corrupted inode contents
[  126.597140][ T8771] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.1862: mark_inode_dirty error
[  126.613209][ T8771] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.1862: corrupted inode contents
[  126.656177][ T8771] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  126.709848][ T8771] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.1862: corrupted inode contents
[  126.724274][ T8771] EXT4-fs error (device loop3): ext4_truncate:4597: inode #16: comm syz.3.1862: mark_inode_dirty error
[  126.737320][ T8771] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  126.747042][ T8771] EXT4-fs (loop3): 1 truncate cleaned up
[  126.754833][ T8771] ext4 filesystem being mounted at /412/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.766303][ T8112] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:63: Failed to release dquot type 1
[  126.788946][ T8785] loop2: detected capacity change from 0 to 1024
[  126.791121][ T8771] netlink: 'syz.3.1862': attribute type 1 has an invalid length.
[  126.800936][ T8785] ext4: Unknown parameter 'uid<00000000000000000000'
[  126.810641][ T8771] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1862'.
[  126.822456][ T8771] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1862'.
[  126.823803][ T8789] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1868'.
[  126.841824][ T8789] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1868'.
[  127.009220][ T8797] loop2: detected capacity change from 0 to 512
[  127.023697][ T8797] journal_path: Lookup failure for './file0/../file0'
[  127.031145][ T8797] EXT4-fs: error: could not find journal device path
[  127.176320][ T8819] veth0_to_bond: entered allmulticast mode
[  127.263459][ T8824] loop3: detected capacity change from 0 to 4096
[  127.270862][ T8824] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  127.313421][ T8829] loop2: detected capacity change from 0 to 1024
[  127.326513][ T8829] ext4: Unknown parameter 'uid<00000000000000000000'
[  127.432426][ T8833] loop2: detected capacity change from 0 to 4096
[  127.441088][ T8833] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  127.561918][ T8833] bridge0: entered allmulticast mode
[  127.657555][ T8856] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[  128.340837][ T8894] loop2: detected capacity change from 0 to 736
[  128.377353][ T8896] loop2: detected capacity change from 0 to 164
[  128.397908][ T8896] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1538 sclass=netlink_route_socket pid=8896 comm=syz.2.1908
[  128.578314][ T8909] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  128.736639][   T29] kauditd_printk_skb: 1195 callbacks suppressed
[  128.736655][   T29] audit: type=1326 audit(1753801505.295:9996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8923 comm="syz.4.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68bfbe9a9 code=0x7ffc0000
[  128.768379][   T29] audit: type=1326 audit(1753801505.325:9997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8923 comm="syz.4.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68bfbe9a9 code=0x7ffc0000
[  128.793528][   T29] audit: type=1326 audit(1753801505.325:9998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8923 comm="syz.4.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff68bfbe9a9 code=0x7ffc0000
[  128.817637][   T29] audit: type=1326 audit(1753801505.325:9999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8923 comm="syz.4.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68bfbe9a9 code=0x7ffc0000
[  128.841770][   T29] audit: type=1326 audit(1753801505.325:10000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8923 comm="syz.4.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7ff68bfbe9a9 code=0x7ffc0000
[  128.867727][   T29] audit: type=1326 audit(1753801505.325:10001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8923 comm="syz.4.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68bfbe9a9 code=0x7ffc0000
[  128.892693][   T29] audit: type=1326 audit(1753801505.325:10002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8923 comm="syz.4.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff68bfbe9a9 code=0x7ffc0000
[  128.917420][   T29] audit: type=1326 audit(1753801505.325:10003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8923 comm="syz.4.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68bfbe9a9 code=0x7ffc0000
[  128.941506][   T29] audit: type=1326 audit(1753801505.325:10004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8923 comm="syz.4.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff68bfbe9a9 code=0x7ffc0000
[  128.965470][   T29] audit: type=1326 audit(1753801505.325:10005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8923 comm="syz.4.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68bfbe9a9 code=0x7ffc0000
[  129.059498][ T8112] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.109915][ T8112] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.181490][ T8112] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.253836][ T8947] lo speed is unknown, defaulting to 1000
[  129.279163][ T8112] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.328907][ T8947] chnl_net:caif_netlink_parms(): no params data found
[  129.372216][ T8977] loop3: detected capacity change from 0 to 736
[  129.393034][ T8947] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.400455][ T8947] bridge0: port 1(bridge_slave_0) entered disabled state
[  129.409334][ T8947] bridge_slave_0: entered allmulticast mode
[  129.426445][ T8947] bridge_slave_0: entered promiscuous mode
[  129.489909][ T8112] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  129.501881][ T8112] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  129.512734][ T8112] bond0 (unregistering): Released all slaves
[  129.522308][ T8112] bond1 (unregistering): Released all slaves
[  129.531637][ T8947] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.538823][ T8947] bridge0: port 2(bridge_slave_1) entered disabled state
[  129.546154][ T8947] bridge_slave_1: entered allmulticast mode
[  129.552795][ T8947] bridge_slave_1: entered promiscuous mode
[  129.581040][ T8112] hsr_slave_1: left promiscuous mode
[  129.588483][ T8112] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  129.596348][ T8112] batman_adv: batadv0: Removing interface: batadv_slave_0
[  129.604010][ T8112] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  129.612322][ T8112] batman_adv: batadv0: Removing interface: batadv_slave_1
[  129.623172][ T8112] veth1_macvtap: left promiscuous mode
[  129.628739][ T8112] veth0_macvtap: left promiscuous mode
[  129.634384][ T8112] veth1_vlan: left promiscuous mode
[  129.636460][ T8990] loop3: detected capacity change from 0 to 128
[  129.639878][ T8112] veth0_vlan: left promiscuous mode
[  129.650757][ T8990] FAULT_INJECTION: forcing a failure.
[  129.650757][ T8990] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  129.664985][ T8990] CPU: 0 UID: 0 PID: 8990 Comm: syz.3.1941 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  129.665017][ T8990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  129.665032][ T8990] Call Trace:
[  129.665041][ T8990]  <TASK>
[  129.665069][ T8990]  __dump_stack+0x1d/0x30
[  129.665095][ T8990]  dump_stack_lvl+0xe8/0x140
[  129.665115][ T8990]  dump_stack+0x15/0x1b
[  129.665131][ T8990]  should_fail_ex+0x265/0x280
[  129.665163][ T8990]  should_fail_alloc_page+0xf2/0x100
[  129.665192][ T8990]  __alloc_frozen_pages_noprof+0xff/0x360
[  129.665368][ T8990]  alloc_pages_mpol+0xb3/0x250
[  129.665399][ T8990]  folio_alloc_noprof+0x97/0x150
[  129.665462][ T8990]  filemap_alloc_folio_noprof+0x66/0x210
[  129.665491][ T8990]  __filemap_get_folio+0x28f/0x6b0
[  129.665517][ T8990]  ? should_fail_ex+0x30/0x280
[  129.665573][ T8990]  cont_write_begin+0x5c8/0x970
[  129.665644][ T8990]  ? strcmp+0x22/0x50
[  129.665665][ T8990]  fat_write_begin+0x4f/0xe0
[  129.665695][ T8990]  ? __pfx_fat_get_block+0x10/0x10
[  129.665718][ T8990]  generic_perform_write+0x181/0x490
[  129.665739][ T8990]  __generic_file_write_iter+0xec/0x120
[  129.665757][ T8990]  ? __pfx_generic_file_write_iter+0x10/0x10
[  129.665827][ T8990]  generic_file_write_iter+0x8d/0x2f0
[  129.665942][ T8990]  ? _parse_integer_limit+0x170/0x190
[  129.665970][ T8990]  ? _parse_integer+0x27/0x40
[  129.665993][ T8990]  ? kstrtoull+0x111/0x140
[  129.666030][ T8990]  ? kstrtouint+0x76/0xc0
[  129.666080][ T8990]  ? kstrtouint_from_user+0x9f/0xf0
[  129.666209][ T8990]  ? avc_policy_seqno+0x15/0x30
[  129.666240][ T8990]  ? selinux_file_permission+0x1e4/0x320
[  129.666299][ T8990]  ? __pfx_generic_file_write_iter+0x10/0x10
[  129.666327][ T8990]  vfs_write+0x49d/0x8e0
[  129.666373][ T8990]  ksys_write+0xda/0x1a0
[  129.666466][ T8990]  __x64_sys_write+0x40/0x50
[  129.666500][ T8990]  x64_sys_call+0x2cdd/0x2fb0
[  129.666528][ T8990]  do_syscall_64+0xd2/0x200
[  129.666600][ T8990]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  129.666682][ T8990]  ? clear_bhb_loop+0x40/0x90
[  129.666701][ T8990]  ? clear_bhb_loop+0x40/0x90
[  129.666738][ T8990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.666756][ T8990] RIP: 0033:0x7faa0a2ce9a9
[  129.666770][ T8990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.666785][ T8990] RSP: 002b:00007faa08937038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  129.666801][ T8990] RAX: ffffffffffffffda RBX: 00007faa0a4f5fa0 RCX: 00007faa0a2ce9a9
[  129.666812][ T8990] RDX: 000000007395a0d2 RSI: 00002000000004c0 RDI: 0000000000000007
[  129.666870][ T8990] RBP: 00007faa08937090 R08: 0000000000000000 R09: 0000000000000000
[  129.666880][ T8990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.666891][ T8990] R13: 0000000000000000 R14: 00007faa0a4f5fa0 R15: 00007ffd0d940358
[  129.666908][ T8990]  </TASK>
[  130.039355][ T8997] loop3: detected capacity change from 0 to 512
[  130.047166][ T8997] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  130.066716][ T8112] team0 (unregistering): Port device team_slave_1 removed
[  130.068384][ T8997] EXT4-fs (loop3): 1 truncate cleaned up
[  130.081132][ T8112] team0 (unregistering): Port device team_slave_0 removed
[  130.122756][ T8947] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  130.133986][ T8947] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  130.150340][ T9002] netlink: 'syz.1.1945': attribute type 13 has an invalid length.
[  130.168071][ T8947] team0: Port device team_slave_0 added
[  130.175848][ T8947] team0: Port device team_slave_1 added
[  130.198903][ T8947] batman_adv: batadv0: Adding interface: batadv_slave_0
[  130.206398][ T8947] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.232550][ T8947] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  130.244203][ T8947] batman_adv: batadv0: Adding interface: batadv_slave_1
[  130.251436][ T8947] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.278267][ T8947] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  130.327160][ T8947] hsr_slave_0: entered promiscuous mode
[  130.335378][ T8947] hsr_slave_1: entered promiscuous mode
[  130.344209][ T9008] loop3: detected capacity change from 0 to 4096
[  130.351205][ T8947] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  130.358854][ T8947] Cannot create hsr debugfs directory
[  130.359596][ T9008] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  130.468044][ T8947] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  130.477899][ T8947] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  130.488113][ T8947] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  130.498029][ T8947] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  130.545190][ T9021] __nla_validate_parse: 16 callbacks suppressed
[  130.545209][ T9021] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1951'.
[  130.556841][ T8947] 8021q: adding VLAN 0 to HW filter on device bond0
[  130.578582][ T8947] 8021q: adding VLAN 0 to HW filter on device team0
[  130.580540][ T9021] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1951'.
[  130.599996][ T8111] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.608655][ T8111] bridge0: port 1(bridge_slave_0) entered forwarding state
[  130.622246][ T8112] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.629529][ T8112] bridge0: port 2(bridge_slave_1) entered forwarding state
[  130.650655][ T8947] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  130.661301][ T8947] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  130.733230][ T8947] 8021q: adding VLAN 0 to HW filter on device batadv0
[  130.863604][ T8947] veth0_vlan: entered promiscuous mode
[  130.884037][ T8947] veth1_vlan: entered promiscuous mode
[  130.922546][ T8947] veth0_macvtap: entered promiscuous mode
[  130.939706][ T8947] veth1_macvtap: entered promiscuous mode
[  130.958719][ T8947] batman_adv: batadv0: Interface activated: batadv_slave_0
[  130.971461][ T8947] batman_adv: batadv0: Interface activated: batadv_slave_1
[  130.982662][ T8947] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  130.991591][ T8947] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  131.000594][ T8947] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  131.009703][ T8947] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  131.083109][ T9079] loop5: detected capacity change from 0 to 1024
[  131.090968][ T9079] ext4: Unknown parameter 'uid<00000000000000000000'
[  131.144282][ T9082] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1538 sclass=netlink_route_socket pid=9082 comm=syz.1.1967
[  131.176621][ T3317] EXT4-fs unmount: 29 callbacks suppressed
[  131.176684][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.254662][ T9095] loop3: detected capacity change from 0 to 512
[  131.262314][ T9095] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  131.285687][ T9095] EXT4-fs (loop3): 1 truncate cleaned up
[  131.306271][ T9095] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.342287][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.411036][ T9110] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1978'.
[  131.435133][ T9110] hsr_slave_0 (unregistering): left promiscuous mode
[  131.512966][ T9116] loop3: detected capacity change from 0 to 1024
[  131.520286][ T9116] ext4: Unknown parameter 'uid<00000000000000000000'
[  131.609676][ T9112] bridge0: entered allmulticast mode
[  131.629175][ T9121] loop3: detected capacity change from 0 to 2048
[  131.680942][ T9121]  loop3: p1 < > p4
[  131.691989][ T9121] loop3: p4 size 722688 extends beyond EOD, truncated
[  131.761860][ T9121] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  131.770414][ T9121] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  132.033686][ T9135] lo speed is unknown, defaulting to 1000
[  132.096502][ T9139] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1985'.
[  132.119684][ T9139] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1985'.
[  132.132303][ T9141] pim6reg: entered allmulticast mode
[  132.158770][ T9141] pim6reg: left allmulticast mode
[  132.341254][ T9147] netlink: 'syz.4.1990': attribute type 12 has an invalid length.
[  132.535273][ T9159] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1996'.
[  132.544659][ T9159] FAULT_INJECTION: forcing a failure.
[  132.544659][ T9159] name failslab, interval 1, probability 0, space 0, times 0
[  132.557439][ T9159] CPU: 0 UID: 0 PID: 9159 Comm: syz.1.1996 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  132.557550][ T9159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  132.557565][ T9159] Call Trace:
[  132.557573][ T9159]  <TASK>
[  132.557581][ T9159]  __dump_stack+0x1d/0x30
[  132.557602][ T9159]  dump_stack_lvl+0xe8/0x140
[  132.557622][ T9159]  dump_stack+0x15/0x1b
[  132.557642][ T9159]  should_fail_ex+0x265/0x280
[  132.557729][ T9159]  ? alloc_netdev_mqs+0x86a/0xab0
[  132.557764][ T9159]  should_failslab+0x8c/0xb0
[  132.557791][ T9159]  __kmalloc_cache_noprof+0x4c/0x320
[  132.557911][ T9159]  alloc_netdev_mqs+0x86a/0xab0
[  132.557947][ T9159]  rtnl_create_link+0x239/0x710
[  132.557992][ T9159]  rtnl_newlink_create+0x14c/0x620
[  132.558024][ T9159]  ? __schedule+0x6a8/0xb30
[  132.558052][ T9159]  rtnl_newlink+0xf29/0x12d0
[  132.558082][ T9159]  ? css_rstat_updated+0xcd/0x5b0
[  132.558185][ T9159]  ? __rcu_read_unlock+0x4f/0x70
[  132.558215][ T9159]  ? __account_obj_stock+0x211/0x350
[  132.558243][ T9159]  ? __rcu_read_unlock+0x4f/0x70
[  132.558269][ T9159]  ? avc_has_perm_noaudit+0x1b1/0x200
[  132.558315][ T9159]  ? selinux_capable+0x1f9/0x270
[  132.558371][ T9159]  ? security_capable+0x83/0x90
[  132.558397][ T9159]  ? ns_capable+0x7d/0xb0
[  132.558417][ T9159]  ? __pfx_rtnl_newlink+0x10/0x10
[  132.558445][ T9159]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  132.558607][ T9159]  ? avc_has_perm_noaudit+0x1b1/0x200
[  132.558699][ T9159]  netlink_rcv_skb+0x120/0x220
[  132.558735][ T9159]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  132.558821][ T9159]  rtnetlink_rcv+0x1c/0x30
[  132.558846][ T9159]  netlink_unicast+0x5a8/0x680
[  132.558887][ T9159]  netlink_sendmsg+0x58b/0x6b0
[  132.558910][ T9159]  ? __pfx_netlink_sendmsg+0x10/0x10
[  132.558929][ T9159]  __sock_sendmsg+0x145/0x180
[  132.558960][ T9159]  ____sys_sendmsg+0x31e/0x4e0
[  132.559005][ T9159]  ___sys_sendmsg+0x17b/0x1d0
[  132.559133][ T9159]  __x64_sys_sendmsg+0xd4/0x160
[  132.559181][ T9159]  x64_sys_call+0x2999/0x2fb0
[  132.559209][ T9159]  do_syscall_64+0xd2/0x200
[  132.559283][ T9159]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  132.559389][ T9159]  ? clear_bhb_loop+0x40/0x90
[  132.559416][ T9159]  ? clear_bhb_loop+0x40/0x90
[  132.559444][ T9159]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.559466][ T9159] RIP: 0033:0x7f5fa281e9a9
[  132.559482][ T9159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.559499][ T9159] RSP: 002b:00007f5fa0e7f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  132.559517][ T9159] RAX: ffffffffffffffda RBX: 00007f5fa2a45fa0 RCX: 00007f5fa281e9a9
[  132.559532][ T9159] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  132.559547][ T9159] RBP: 00007f5fa0e7f090 R08: 0000000000000000 R09: 0000000000000000
[  132.559585][ T9159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  132.559600][ T9159] R13: 0000000000000000 R14: 00007f5fa2a45fa0 R15: 00007ffd599acee8
[  132.559621][ T9159]  </TASK>
[  132.560264][ T9157] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1994'.
[  133.000849][ T9184] loop3: detected capacity change from 0 to 128
[  133.020447][ T9186] netlink: 2 bytes leftover after parsing attributes in process `syz.4.2002'.
[  133.040540][ T9184] netlink: 232 bytes leftover after parsing attributes in process `syz.3.2001'.
[  133.049888][ T9184] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2001'.
[  133.263915][ T9202] netlink: 'syz.4.2005': attribute type 12 has an invalid length.
[  133.336996][ T9205] loop3: detected capacity change from 0 to 512
[  133.470132][ T9205] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  133.478592][ T9205] EXT4-fs (loop3): orphan cleanup on readonly fs
[  133.490147][ T9205] EXT4-fs (loop3): 1 orphan inode deleted
[  133.725282][ T9211] loop5: detected capacity change from 0 to 1024
[  133.794136][ T8098] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:53: Failed to release dquot type 1
[  133.817225][ T9205] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  133.848118][ T9211] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.869056][ T9211] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.956945][   T29] kauditd_printk_skb: 856 callbacks suppressed
[  133.956965][   T29] audit: type=1326 audit(1753801510.421:10861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9210 comm="syz.5.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f984579e9a9 code=0x7ffc0000
[  133.987136][   T29] audit: type=1326 audit(1753801510.421:10862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9210 comm="syz.5.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f984579e9a9 code=0x7ffc0000
[  134.013034][   T29] audit: type=1326 audit(1753801510.421:10863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9210 comm="syz.5.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f984579e9a9 code=0x7ffc0000
[  134.037602][   T29] audit: type=1326 audit(1753801510.421:10864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9210 comm="syz.5.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f984579e9e3 code=0x7ffc0000
[  134.061759][   T29] audit: type=1326 audit(1753801510.431:10865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9210 comm="syz.5.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f984579d45f code=0x7ffc0000
[  134.085704][   T29] audit: type=1326 audit(1753801510.431:10866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9210 comm="syz.5.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f984579ea37 code=0x7ffc0000
[  134.109519][   T29] audit: type=1326 audit(1753801510.431:10867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9210 comm="syz.5.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f984579d310 code=0x7ffc0000
[  134.133815][   T29] audit: type=1326 audit(1753801510.431:10868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9210 comm="syz.5.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f984579d60a code=0x7ffc0000
[  134.157949][   T29] audit: type=1326 audit(1753801510.431:10869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9210 comm="syz.5.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f984579e9a9 code=0x7ffc0000
[  134.181644][   T29] audit: type=1326 audit(1753801510.431:10870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9210 comm="syz.5.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f984579e9a9 code=0x7ffc0000
[  134.257887][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.278570][ T9236] bridge0: port 1(batadv1) entered blocking state
[  134.286557][ T9236] bridge0: port 1(batadv1) entered disabled state
[  134.293846][ T9236] batadv1: entered allmulticast mode
[  134.301715][ T9236] batadv1: entered promiscuous mode
[  134.316540][ T9236] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  134.324349][ T9236] batman_adv: batadv0: Removing interface: batadv_slave_0
[  134.332484][ T9236] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  134.340111][ T9236] batman_adv: batadv0: Removing interface: batadv_slave_1
[  134.389686][ T9242] loop3: detected capacity change from 0 to 512
[  134.397708][ T9242] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2014: bg 0: block 131: padding at end of block bitmap is not set
[  134.413122][ T9242] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  134.422393][ T9242] EXT4-fs (loop3): 1 truncate cleaned up
[  134.428890][ T9242] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.600464][ T8947] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.602365][ T9250] lo speed is unknown, defaulting to 1000
[  134.648101][ T9256] loop5: detected capacity change from 0 to 1024
[  134.655375][ T9256] ext4: Unknown parameter 'uid<00000000000000000000'
[  134.727255][ T9267] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  134.785478][ T8112] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  134.794849][ T8112] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  135.249423][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.296542][ T9334] loop3: detected capacity change from 0 to 1024
[  135.303904][ T9334] EXT4-fs: Ignoring removed orlov option
[  135.312204][ T9334] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.520970][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.705607][ T9346] __nla_validate_parse: 14 callbacks suppressed
[  135.705629][ T9346] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2050'.
[  135.725234][ T9346] loop5: detected capacity change from 0 to 512
[  136.122962][ T9379] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2061'.
[  136.135946][ T9379] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2061'.
[  136.217609][ T9385] netlink: 'syz.4.2065': attribute type 12 has an invalid length.
[  136.319713][ T9388] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2066'.
[  136.328917][ T9388] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2066'.
[  136.478830][ T9391] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2067'.
[  136.488969][ T9391] netlink: 128 bytes leftover after parsing attributes in process `syz.4.2067'.
[  136.530745][ T9393] loop5: detected capacity change from 0 to 512
[  136.546205][ T9393] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  136.559542][ T9393] EXT4-fs (loop5): 1 truncate cleaned up
[  136.567084][ T9393] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.601557][ T8947] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.021480][ T9414] netlink: 'syz.3.2076': attribute type 13 has an invalid length.
[  137.040692][ T9420] netlink: 'syz.0.2079': attribute type 39 has an invalid length.
[  137.060764][ T9421] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2078'.
[  137.070536][ T9421] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2078'.
[  137.258062][ T9432] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[  137.267706][ T9436] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2084'.
[  137.379480][ T9445] loop3: detected capacity change from 0 to 1024
[  137.412632][ T9445] ext4: Unknown parameter 'uid<00000000000000000000'
[  137.522391][ T9458] netlink: 'syz.1.2096': attribute type 13 has an invalid length.
[  137.706532][ T9478] 9pnet_fd: Insufficient options for proto=fd
[  138.112356][ T9493] pim6reg1: entered promiscuous mode
[  138.118235][ T9493] pim6reg1: entered allmulticast mode
[  138.188908][ T9490] netlink: 'syz.0.2105': attribute type 4 has an invalid length.
[  138.293835][ T9497] loop3: detected capacity change from 0 to 2048
[  138.304237][ T9490] netlink: 'syz.0.2105': attribute type 4 has an invalid length.
[  138.410284][ T9504] netlink: 'syz.5.2113': attribute type 13 has an invalid length.
[  138.427096][ T9497]  loop3: p1 < > p4
[  138.435270][ T9497] loop3: p4 size 8388608 extends beyond EOD, truncated
[  138.524229][ T9497] lo speed is unknown, defaulting to 1000
[  138.568969][ T9513] veth0_macvtap: left promiscuous mode
[  138.810693][ T9537] 9pnet: Could not find request transport: t
[  138.968469][ T9554] netlink: 'syz.5.2130': attribute type 13 has an invalid length.
[  138.997025][ T9556] loop3: detected capacity change from 0 to 1024
[  139.006091][ T9556] ext4: Unknown parameter 'uid<00000000000000000000'
[  139.080443][   T29] kauditd_printk_skb: 1382 callbacks suppressed
[  139.080459][   T29] audit: type=1326 audit(1753801515.492:12253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9561 comm="syz.4.2134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68bfbe9a9 code=0x7ffc0000
[  139.111930][   T29] audit: type=1326 audit(1753801515.492:12254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9561 comm="syz.4.2134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68bfbe9a9 code=0x7ffc0000
[  139.135748][   T29] audit: type=1326 audit(1753801515.492:12255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9561 comm="syz.4.2134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7ff68bfbe9a9 code=0x7ffc0000
[  139.159466][   T29] audit: type=1326 audit(1753801515.492:12256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9561 comm="syz.4.2134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68bfbe9a9 code=0x7ffc0000
[  139.210881][   T29] audit: type=1400 audit(1753801515.631:12257): avc:  denied  { getopt } for  pid=9571 comm="syz.4.2138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  139.296321][   T29] audit: type=1400 audit(1753801515.720:12258): avc:  denied  { setopt } for  pid=9571 comm="syz.4.2138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  139.339812][   T29] audit: type=1400 audit(1753801515.759:12259): avc:  denied  { map_create } for  pid=9574 comm="syz.5.2139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  139.372640][   T29] audit: type=1400 audit(1753801515.759:12260): avc:  denied  { perfmon } for  pid=9574 comm="syz.5.2139" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  139.394226][   T29] audit: type=1400 audit(1753801515.759:12261): avc:  denied  { map_read map_write } for  pid=9574 comm="syz.5.2139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  139.414709][   T29] audit: type=1400 audit(1753801515.759:12262): avc:  denied  { prog_load } for  pid=9574 comm="syz.5.2139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  139.459858][ T9583] loop5: detected capacity change from 0 to 512
[  139.469465][ T9583] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  139.478424][ T9583] System zones: 1-12
[  139.483377][ T9583] EXT4-fs error (device loop5): ext4_xattr_inode_iget:442: comm syz.5.2143: error while reading EA inode 32 err=-116
[  139.496789][ T9583] EXT4-fs (loop5): Remounting filesystem read-only
[  139.503433][ T9583] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  139.513784][ T9583] EXT4-fs (loop5): 1 orphan inode deleted
[  139.520873][ T9583] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.533886][ T9590] netlink: 'syz.4.2145': attribute type 13 has an invalid length.
[  139.554941][ T8947] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.595278][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.603115][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.610625][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.618579][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.626106][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.633808][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.641638][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.649365][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.657348][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.665349][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.672997][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.680599][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.688150][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.695973][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.703575][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.711219][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.719181][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.726608][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.734079][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.741654][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.749540][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.756983][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.764707][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.772256][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.775869][ T9598] openvswitch: netlink: Message has 6 unknown bytes.
[  139.780026][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.780057][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.801888][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.809575][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.817136][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.824780][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.832593][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.840257][ T3387] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  139.850380][ T3387] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  139.925176][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.932913][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.940522][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.941321][ T9608] tipc: Started in network mode
[  139.948241][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.948274][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.953445][ T9608] tipc: Node identity a618fd86e863, cluster identity 4711
[  139.960979][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.961010][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.961108][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.968901][ T9608] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  139.975808][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.989092][ T9608] syzkaller0: entered promiscuous mode
[  139.990674][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  139.998077][ T9608] syzkaller0: entered allmulticast mode
[  140.004737][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.004769][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.004793][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.004844][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.064214][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.072121][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.079611][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.087177][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.095349][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.104009][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.112103][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.119714][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.127534][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.135078][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.143490][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.151018][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.159465][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.167011][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.174772][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.182320][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.190194][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.197823][ T3387] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  140.206533][ T9615] tipc: Resetting bearer <eth:syzkaller0>
[  140.207032][ T3387] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  140.250901][ T9619] loop3: detected capacity change from 0 to 512
[  140.259122][ T9619] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  140.282161][ T9607] tipc: Resetting bearer <eth:syzkaller0>
[  140.282224][ T9619] EXT4-fs (loop3): warning: maximal mount count reached, running e2fsck is recommended
[  140.300717][ T9607] tipc: Disabling bearer <eth:syzkaller0>
[  140.336079][ T9619] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.2154: inode #15: comm syz.3.2154: iget: illegal inode #
[  140.354081][ T9624] IPVS: Error joining to the multicast group
[  140.370712][ T9619] EXT4-fs (loop3): Remounting filesystem read-only
[  140.385667][ T9619] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.726547][ T9650] netlink: 'wÞ£ÿ': attribute type 10 has an invalid length.
[  140.741846][ T9650] team0: Port device dummy0 added
[  140.757445][ T9650] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  140.770154][ T9650] team0: Failed to send options change via netlink (err -105)
[  140.778149][ T9650] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  140.787345][ T9650] team0: Port device dummy0 removed
[  140.815734][ T9650] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  140.923265][ T9659] __nla_validate_parse: 20 callbacks suppressed
[  140.923283][ T9659] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2170'.
[  140.940194][ T9659] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2170'.
[  141.054549][ T9670] lo speed is unknown, defaulting to 1000
[  141.093531][ T9672] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2173'.
[  141.180746][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.205223][ T9684] loop3: detected capacity change from 0 to 736
[  141.276504][ T9687] loop3: detected capacity change from 0 to 512
[  141.297438][ T9687] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  141.321364][ T9687] EXT4-fs (loop3): 1 truncate cleaned up
[  141.328841][ T9687] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.346431][ T9690] Unsupported ieee802154 address type: 0
[  141.355540][ T9690] SELinux:  Context Ü is not valid (left unmapped).
[  141.413358][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.464931][ T9696] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2183'.
[  141.474087][ T9696] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2183'.
[  141.534204][ T9703] Invalid ELF header magic: != ELF
[  141.653362][ T9717] FAULT_INJECTION: forcing a failure.
[  141.653362][ T9717] name failslab, interval 1, probability 0, space 0, times 0
[  141.666428][ T9717] CPU: 1 UID: 0 PID: 9717 Comm: syz.1.2190 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  141.666458][ T9717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  141.666484][ T9717] Call Trace:
[  141.666492][ T9717]  <TASK>
[  141.666502][ T9717]  __dump_stack+0x1d/0x30
[  141.666582][ T9717]  dump_stack_lvl+0xe8/0x140
[  141.666611][ T9717]  dump_stack+0x15/0x1b
[  141.666632][ T9717]  should_fail_ex+0x265/0x280
[  141.666670][ T9717]  should_failslab+0x8c/0xb0
[  141.666703][ T9717]  kmem_cache_alloc_node_noprof+0x57/0x320
[  141.666736][ T9717]  ? __alloc_skb+0x101/0x320
[  141.666765][ T9717]  __alloc_skb+0x101/0x320
[  141.666797][ T9717]  netlink_alloc_large_skb+0xba/0xf0
[  141.666870][ T9717]  netlink_sendmsg+0x3cf/0x6b0
[  141.666910][ T9717]  ? __pfx_netlink_sendmsg+0x10/0x10
[  141.666929][ T9717]  __sock_sendmsg+0x145/0x180
[  141.666973][ T9717]  ____sys_sendmsg+0x31e/0x4e0
[  141.667019][ T9717]  ___sys_sendmsg+0x17b/0x1d0
[  141.667105][ T9717]  __x64_sys_sendmsg+0xd4/0x160
[  141.667201][ T9717]  x64_sys_call+0x2999/0x2fb0
[  141.667225][ T9717]  do_syscall_64+0xd2/0x200
[  141.667242][ T9717]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  141.667273][ T9717]  ? clear_bhb_loop+0x40/0x90
[  141.667344][ T9717]  ? clear_bhb_loop+0x40/0x90
[  141.667365][ T9717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.667408][ T9717] RIP: 0033:0x7f5fa281e9a9
[  141.667423][ T9717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.667441][ T9717] RSP: 002b:00007f5fa0e7f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  141.667529][ T9717] RAX: ffffffffffffffda RBX: 00007f5fa2a45fa0 RCX: 00007f5fa281e9a9
[  141.667545][ T9717] RDX: 0000000000000040 RSI: 0000200000009b40 RDI: 0000000000000005
[  141.667561][ T9717] RBP: 00007f5fa0e7f090 R08: 0000000000000000 R09: 0000000000000000
[  141.667572][ T9717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.667584][ T9717] R13: 0000000000000000 R14: 00007f5fa2a45fa0 R15: 00007ffd599acee8
[  141.667603][ T9717]  </TASK>
[  141.903399][ T9720] smc: net device bond0 applied user defined pnetid SYZ0
[  141.931225][ T9724] loop5: detected capacity change from 0 to 512
[  141.933734][ T9720] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2184'.
[  141.949116][ T9719] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2189'.
[  141.959956][ T9719] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2189'.
[  141.971070][ T9724] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  141.985266][ T9724] EXT4-fs (loop5): 1 truncate cleaned up
[  141.996712][ T9724] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.009026][ T9728] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2184'.
[  142.060784][ T8947] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.086529][ T9735] loop5: detected capacity change from 0 to 1024
[  142.094493][ T9735] ext4: Unknown parameter 'uid<00000000000000000000'
[  142.114274][ T9736] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2193'.
[  142.731410][ T9763] loop3: detected capacity change from 0 to 512
[  142.738741][ T9763] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  142.750834][ T9763] EXT4-fs (loop3): 1 truncate cleaned up
[  142.757434][ T9763] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.791067][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.812367][ T9766] validate_nla: 1 callbacks suppressed
[  142.812384][ T9766] netlink: 'syz.3.2206': attribute type 13 has an invalid length.
[  143.037178][ T9790] netlink: 'syz.4.2218': attribute type 12 has an invalid length.
[  143.077924][ T9793] loop5: detected capacity change from 0 to 736
[  143.212822][ T9803] lo speed is unknown, defaulting to 1000
[  144.086422][ T9829] netlink: 'syz.3.2231': attribute type 13 has an invalid length.
[  144.247084][   T29] kauditd_printk_skb: 782 callbacks suppressed
[  144.247102][   T29] audit: type=1400 audit(1753801520.629:13045): avc:  denied  { read } for  pid=9840 comm="syz.0.2236" name="msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  144.278962][   T29] audit: type=1400 audit(1753801520.629:13046): avc:  denied  { open } for  pid=9840 comm="syz.0.2236" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  144.404046][ T9850] loop3: detected capacity change from 0 to 512
[  144.424019][   T29] audit: type=1326 audit(1753801520.718:13047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9843 comm="syz.4.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68bfbe9a9 code=0x7ffc0000
[  144.447672][   T29] audit: type=1326 audit(1753801520.718:13048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9843 comm="syz.4.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ff68bfbe9a9 code=0x7ffc0000
[  144.471786][   T29] audit: type=1326 audit(1753801520.718:13049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9843 comm="syz.4.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff68bfbe9e3 code=0x7ffc0000
[  144.495768][   T29] audit: type=1326 audit(1753801520.718:13050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9843 comm="syz.4.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff68bfbd45f code=0x7ffc0000
[  144.520495][   T29] audit: type=1326 audit(1753801520.728:13051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9843 comm="syz.4.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7ff68bfbea37 code=0x7ffc0000
[  144.544180][   T29] audit: type=1326 audit(1753801520.728:13052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9843 comm="syz.4.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff68bfbd310 code=0x7ffc0000
[  144.567923][   T29] audit: type=1326 audit(1753801520.728:13053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9843 comm="syz.4.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff68bfbd60a code=0x7ffc0000
[  144.591700][   T29] audit: type=1326 audit(1753801520.728:13054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9843 comm="syz.4.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68bfbe9a9 code=0x7ffc0000
[  144.627345][ T9850] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  144.636544][ T9850] System zones: 1-12
[  144.642758][ T9850] EXT4-fs error (device loop3): ext4_xattr_inode_iget:442: comm syz.3.2239: error while reading EA inode 32 err=-116
[  144.657095][ T9850] EXT4-fs (loop3): Remounting filesystem read-only
[  144.664407][ T9850] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  144.675636][ T9850] EXT4-fs (loop3): 1 orphan inode deleted
[  144.681888][ T9850] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.721162][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.306556][ T9886] FAULT_INJECTION: forcing a failure.
[  145.306556][ T9886] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  145.320222][ T9886] CPU: 1 UID: 0 PID: 9886 Comm: syz.5.2250 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  145.320288][ T9886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  145.320304][ T9886] Call Trace:
[  145.320312][ T9886]  <TASK>
[  145.320321][ T9886]  __dump_stack+0x1d/0x30
[  145.320347][ T9886]  dump_stack_lvl+0xe8/0x140
[  145.320365][ T9886]  dump_stack+0x15/0x1b
[  145.320416][ T9886]  should_fail_ex+0x265/0x280
[  145.320446][ T9886]  should_fail+0xb/0x20
[  145.320488][ T9886]  should_fail_usercopy+0x1a/0x20
[  145.320584][ T9886]  _copy_from_user+0x1c/0xb0
[  145.320684][ T9886]  ucma_bind+0x52/0x2e0
[  145.320714][ T9886]  ucma_write+0x1b3/0x250
[  145.320732][ T9886]  vfs_writev+0x406/0x8b0
[  145.320753][ T9886]  ? __pfx_ucma_write+0x10/0x10
[  145.320783][ T9886]  do_writev+0xe7/0x210
[  145.320863][ T9886]  __x64_sys_writev+0x45/0x50
[  145.320937][ T9886]  x64_sys_call+0x2006/0x2fb0
[  145.321006][ T9886]  do_syscall_64+0xd2/0x200
[  145.321059][ T9886]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  145.321085][ T9886]  ? clear_bhb_loop+0x40/0x90
[  145.321111][ T9886]  ? clear_bhb_loop+0x40/0x90
[  145.321132][ T9886]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.321227][ T9886] RIP: 0033:0x7f984579e9a9
[  145.321245][ T9886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.321264][ T9886] RSP: 002b:00007f9843dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  145.321284][ T9886] RAX: ffffffffffffffda RBX: 00007f98459c5fa0 RCX: 00007f984579e9a9
[  145.321298][ T9886] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000014
[  145.321313][ T9886] RBP: 00007f9843dff090 R08: 0000000000000000 R09: 0000000000000000
[  145.321342][ T9886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  145.321357][ T9886] R13: 0000000000000000 R14: 00007f98459c5fa0 R15: 00007ffc40a6fb38
[  145.321381][ T9886]  </TASK>
[  145.633326][ T9896] loop5: detected capacity change from 0 to 512
[  145.661384][ T9896] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  145.671099][ T9896] System zones: 1-12
[  145.683228][ T9896] EXT4-fs error (device loop5): ext4_xattr_inode_iget:442: comm syz.5.2253: error while reading EA inode 32 err=-116
[  145.699628][ T9896] EXT4-fs (loop5): Remounting filesystem read-only
[  145.706501][ T9896] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  145.720106][ T9896] EXT4-fs (loop5): 1 orphan inode deleted
[  145.726846][ T9896] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.782303][ T8947] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.968840][ T9925] loop5: detected capacity change from 0 to 1024
[  145.976551][ T9925] ext4: Unknown parameter 'uid<00000000000000000000'
[  146.050214][ T9929] tipc: Started in network mode
[  146.055234][ T9929] tipc: Node identity ac1414aa, cluster identity 4711
[  146.062602][ T9929] tipc: Enabled bearer <udp:syz2>, priority 10
[  146.122454][ T9939] __nla_validate_parse: 17 callbacks suppressed
[  146.122469][ T9939] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2268'.
[  146.152051][ T9946] loop5: detected capacity change from 0 to 512
[  146.174409][ T9946] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  146.186432][ T9946] System zones: 1-12
[  146.199840][ T9946] EXT4-fs error (device loop5): ext4_xattr_inode_iget:442: comm syz.5.2270: error while reading EA inode 32 err=-116
[  146.214898][ T9946] EXT4-fs (loop5): Remounting filesystem read-only
[  146.221662][ T9946] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  146.232212][ T9946] EXT4-fs (loop5): 1 orphan inode deleted
[  146.238818][ T9946] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.267559][ T9955] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2271'.
[  146.277258][ T9955] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2271'.
[  146.287791][ T8947] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.347500][ T9966] netlink: 'syz.4.2278': attribute type 298 has an invalid length.
[  146.382075][ T9964] netlink: 33912 bytes leftover after parsing attributes in process `syz.5.2275'.
[  146.633260][ T9984] loop5: detected capacity change from 0 to 2048
[  146.681719][ T9984]  loop5: p1 < > p4
[  146.686883][ T9984] loop5: p4 size 8388608 extends beyond EOD, truncated
[  146.727528][ T9990] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2288'.
[  146.729443][ T9984] lo speed is unknown, defaulting to 1000
[  146.740471][ T9990] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  146.751985][ T9990] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  146.761057][ T9990] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  146.770615][ T9990] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  146.833580][ T9999] netlink: 'syz.1.2291': attribute type 3 has an invalid length.
[  147.018475][ T9996] bridge0: entered allmulticast mode
[  147.036468][ T9996] batadv1: left allmulticast mode
[  147.041773][ T9996] batadv1: left promiscuous mode
[  147.047017][ T9996] bridge0: port 1(batadv1) entered disabled state
[  147.072153][T10027] loop5: detected capacity change from 0 to 2048
[  147.119839][T10027]  loop5: p1 < > p4
[  147.125349][T10027] loop5: p4 size 8388608 extends beyond EOD, truncated
[  147.149529][T10027] lo speed is unknown, defaulting to 1000
[  147.195085][ T3355] tipc: Node number set to 2886997162
[  147.223610][T10035] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2298'.
[  147.250553][T10037] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2299'.
[  147.260053][T10037] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2299'.
[  147.269098][T10037] netlink: 'syz.5.2299': attribute type 15 has an invalid length.
[  147.280889][T10037] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  147.289976][T10037] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  147.299445][T10037] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  147.308453][T10037] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  147.328987][T10037] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2299'.
[  147.338089][T10037] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2299'.
[  147.347322][T10037] netlink: 'syz.5.2299': attribute type 15 has an invalid length.
[  147.350380][T10039] loop3: detected capacity change from 0 to 1024
[  147.362341][T10039] ext4: Unknown parameter 'uid<00000000000000000000'
[  147.401460][T10043] FAULT_INJECTION: forcing a failure.
[  147.401460][T10043] name failslab, interval 1, probability 0, space 0, times 0
[  147.414296][T10043] CPU: 0 UID: 0 PID: 10043 Comm: syz.3.2302 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  147.414355][T10043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  147.414371][T10043] Call Trace:
[  147.414379][T10043]  <TASK>
[  147.414388][T10043]  __dump_stack+0x1d/0x30
[  147.414414][T10043]  dump_stack_lvl+0xe8/0x140
[  147.414438][T10043]  dump_stack+0x15/0x1b
[  147.414499][T10043]  should_fail_ex+0x265/0x280
[  147.414533][T10043]  should_failslab+0x8c/0xb0
[  147.414552][T10043]  kmem_cache_alloc_noprof+0x50/0x310
[  147.414596][T10043]  ? getname_flags+0x80/0x3b0
[  147.414616][T10043]  getname_flags+0x80/0x3b0
[  147.414634][T10043]  user_path_at+0x28/0x130
[  147.414656][T10043]  do_sys_truncate+0x5c/0x130
[  147.414688][T10043]  __x64_sys_truncate+0x31/0x40
[  147.414767][T10043]  x64_sys_call+0x2920/0x2fb0
[  147.414787][T10043]  do_syscall_64+0xd2/0x200
[  147.414803][T10043]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  147.414891][T10043]  ? clear_bhb_loop+0x40/0x90
[  147.414909][T10043]  ? clear_bhb_loop+0x40/0x90
[  147.414992][T10043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.415039][T10043] RIP: 0033:0x7faa0a2ce9a9
[  147.415063][T10043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.415079][T10043] RSP: 002b:00007faa08937038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  147.415095][T10043] RAX: ffffffffffffffda RBX: 00007faa0a4f5fa0 RCX: 00007faa0a2ce9a9
[  147.415106][T10043] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[  147.415117][T10043] RBP: 00007faa08937090 R08: 0000000000000000 R09: 0000000000000000
[  147.415128][T10043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.415138][T10043] R13: 0000000000000000 R14: 00007faa0a4f5fa0 R15: 00007ffd0d940358
[  147.415180][T10043]  </TASK>
[  147.630055][T10049] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1013 sclass=netlink_route_socket pid=10049 comm=syz.5.2303
[  148.091957][T10094] netlink: 'syz.0.2322': attribute type 13 has an invalid length.
[  148.169560][T10098] loop5: detected capacity change from 0 to 4096
[  148.179415][T10098] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  148.193910][T10098] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.312629][T10098] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.320023][T10098] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.327869][T10098] bridge0: entered allmulticast mode
[  148.337878][T10098] bridge_slave_1: left allmulticast mode
[  148.343887][T10098] bridge_slave_1: left promiscuous mode
[  148.349700][T10098] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.358733][T10098] bridge_slave_0: left allmulticast mode
[  148.364560][T10098] bridge_slave_0: left promiscuous mode
[  148.370304][T10098] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.558957][T10125] netlink: 'syz.0.2335': attribute type 13 has an invalid length.
[  148.718722][T10144] loop3: detected capacity change from 0 to 512
[  148.726134][T10144] EXT4-fs: Ignoring removed mblk_io_submit option
[  148.732640][T10144] EXT4-fs: Ignoring removed bh option
[  148.738203][T10144] EXT4-fs: test_dummy_encryption option not supported
[  148.898560][T10165] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[  149.003750][ T8947] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.037737][T10175] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[  149.415124][T10198] loop5: detected capacity change from 0 to 2048
[  149.467074][T10198]  loop5: p1 < > p4
[  149.471814][T10198] loop5: p4 size 8388608 extends beyond EOD, truncated
[  149.496361][T10198] lo speed is unknown, defaulting to 1000
[  149.594062][   T29] kauditd_printk_skb: 936 callbacks suppressed
[  149.594078][   T29] audit: type=1400 audit(1753801525.937:13991): avc:  denied  { create } for  pid=10203 comm="syz.5.2362" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  149.621829][   T29] audit: type=1400 audit(1753801525.947:13992): avc:  denied  { bind } for  pid=10203 comm="syz.5.2362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  149.642957][   T29] audit: type=1400 audit(1753801525.967:13993): avc:  denied  { mounton } for  pid=10203 comm="syz.5.2362" path="/71/file0" dev="tmpfs" ino=416 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  149.666505][   T29] audit: type=1400 audit(1753801525.967:13994): avc:  denied  { mount } for  pid=10203 comm="syz.5.2362" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  149.688772][   T29] audit: type=1400 audit(1753801525.967:13995): avc:  denied  { write } for  pid=10203 comm="syz.5.2362" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  149.709844][   T29] audit: type=1400 audit(1753801525.967:13996): avc:  denied  { open } for  pid=10203 comm="syz.5.2362" path="/71/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  149.733124][   T29] audit: type=1400 audit(1753801526.056:13997): avc:  denied  { unmount } for  pid=8947 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  149.762401][   T29] audit: type=1326 audit(1753801526.106:13998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10209 comm="syz.0.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd15040e9a9 code=0x7ffc0000
[  149.786234][   T29] audit: type=1326 audit(1753801526.106:13999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10209 comm="syz.0.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd15040e9a9 code=0x7ffc0000
[  149.827162][   T29] audit: type=1326 audit(1753801526.136:14000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10209 comm="syz.0.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd15040e9a9 code=0x7ffc0000
[  149.885347][T10220] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  149.984041][T10233] FAULT_INJECTION: forcing a failure.
[  149.984041][T10233] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  149.997403][T10233] CPU: 1 UID: 0 PID: 10233 Comm: syz.3.2371 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  149.997431][T10233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  149.997443][T10233] Call Trace:
[  149.997448][T10233]  <TASK>
[  149.997455][T10233]  __dump_stack+0x1d/0x30
[  149.997479][T10233]  dump_stack_lvl+0xe8/0x140
[  149.997547][T10233]  dump_stack+0x15/0x1b
[  149.997567][T10233]  should_fail_ex+0x265/0x280
[  149.997598][T10233]  should_fail+0xb/0x20
[  149.997628][T10233]  should_fail_usercopy+0x1a/0x20
[  149.997795][T10233]  _copy_from_user+0x1c/0xb0
[  149.997820][T10233]  ___sys_sendmsg+0xc1/0x1d0
[  149.997913][T10233]  __x64_sys_sendmsg+0xd4/0x160
[  149.998003][T10233]  x64_sys_call+0x2999/0x2fb0
[  149.998028][T10233]  do_syscall_64+0xd2/0x200
[  149.998116][T10233]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  149.998142][T10233]  ? clear_bhb_loop+0x40/0x90
[  149.998198][T10233]  ? clear_bhb_loop+0x40/0x90
[  149.998282][T10233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.998302][T10233] RIP: 0033:0x7faa0a2ce9a9
[  149.998384][T10233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.998406][T10233] RSP: 002b:00007faa08937038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  149.998425][T10233] RAX: ffffffffffffffda RBX: 00007faa0a4f5fa0 RCX: 00007faa0a2ce9a9
[  149.998438][T10233] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000006
[  149.998453][T10233] RBP: 00007faa08937090 R08: 0000000000000000 R09: 0000000000000000
[  149.998468][T10233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.998581][T10233] R13: 0000000000000000 R14: 00007faa0a4f5fa0 R15: 00007ffd0d940358
[  149.998600][T10233]  </TASK>
[  150.188245][T10236] netlink: 'syz.5.2369': attribute type 13 has an invalid length.
[  150.236904][ T3387] IPVS: starting estimator thread 0...
[  150.286168][T10252] loop5: detected capacity change from 0 to 128
[  150.295768][T10252] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  150.308220][T10252] ext4 filesystem being mounted at /74/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  150.346180][T10248] IPVS: using max 2112 ests per chain, 105600 per kthread
[  150.357554][ T8947] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  150.378275][T10258] loop5: detected capacity change from 0 to 512
[  150.384946][T10258] ext4: Unknown parameter 'measure'
[  150.391168][T10258] FAULT_INJECTION: forcing a failure.
[  150.391168][T10258] name failslab, interval 1, probability 0, space 0, times 0
[  150.404158][T10258] CPU: 0 UID: 0 PID: 10258 Comm: syz.5.2378 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  150.404192][T10258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  150.404208][T10258] Call Trace:
[  150.404216][T10258]  <TASK>
[  150.404226][T10258]  __dump_stack+0x1d/0x30
[  150.404251][T10258]  dump_stack_lvl+0xe8/0x140
[  150.404287][T10258]  dump_stack+0x15/0x1b
[  150.404303][T10258]  should_fail_ex+0x265/0x280
[  150.404336][T10258]  should_failslab+0x8c/0xb0
[  150.404402][T10258]  kmem_cache_alloc_noprof+0x50/0x310
[  150.404511][T10258]  ? getname_flags+0x80/0x3b0
[  150.404539][T10258]  getname_flags+0x80/0x3b0
[  150.404560][T10258]  user_path_at+0x28/0x130
[  150.404695][T10258]  __se_sys_name_to_handle_at+0xff/0x5d0
[  150.404735][T10258]  ? ksys_write+0x192/0x1a0
[  150.404774][T10258]  __x64_sys_name_to_handle_at+0x67/0x80
[  150.404824][T10258]  x64_sys_call+0x279f/0x2fb0
[  150.404844][T10258]  do_syscall_64+0xd2/0x200
[  150.404866][T10258]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  150.404897][T10258]  ? clear_bhb_loop+0x40/0x90
[  150.404992][T10258]  ? clear_bhb_loop+0x40/0x90
[  150.405020][T10258]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.405057][T10258] RIP: 0033:0x7f984579e9a9
[  150.405072][T10258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.405107][T10258] RSP: 002b:00007f9843dff038 EFLAGS: 00000246 ORIG_RAX: 000000000000012f
[  150.405127][T10258] RAX: ffffffffffffffda RBX: 00007f98459c5fa0 RCX: 00007f984579e9a9
[  150.405142][T10258] RDX: 0000000000000000 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  150.405154][T10258] RBP: 00007f9843dff090 R08: 0000000000000200 R09: 0000000000000000
[  150.405165][T10258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  150.405177][T10258] R13: 0000000000000000 R14: 00007f98459c5fa0 R15: 00007ffc40a6fb38
[  150.405195][T10258]  </TASK>
[  150.794115][T10271] netlink: 'syz.5.2380': attribute type 2 has an invalid length.
[  150.901161][T10291] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  151.215563][T10325] netlink: 'syz.4.2405': attribute type 10 has an invalid length.
[  151.223494][T10325] __nla_validate_parse: 20 callbacks suppressed
[  151.223512][T10325] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2405'.
[  151.240955][T10325] team0: entered promiscuous mode
[  151.246600][T10325] team_slave_0: entered promiscuous mode
[  151.252433][T10325] team_slave_1: entered promiscuous mode
[  151.258399][T10325] bond1: entered promiscuous mode
[  151.263754][T10325] team0: entered allmulticast mode
[  151.272459][T10325] team_slave_0: entered allmulticast mode
[  151.278271][T10325] team_slave_1: entered allmulticast mode
[  151.284113][T10325] bond1: entered allmulticast mode
[  151.295755][T10325] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  151.472810][T10337] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2408'.
[  151.488952][T10337] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2408'.
[  151.497742][T10338] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2409'.
[  151.507346][T10338] netlink: 128 bytes leftover after parsing attributes in process `syz.4.2409'.
[  151.596189][T10262] syz.5.2380 (10262) used greatest stack depth: 6952 bytes left
[  151.619460][T10340] loop5: detected capacity change from 0 to 1024
[  151.626268][T10340] ext4: Unknown parameter 'uid<00000000000000000000'
[  151.654293][T10342] loop5: detected capacity change from 0 to 128
[  151.665339][T10342] FAT-fs (loop5): Directory bread(block 32) failed
[  151.673984][T10342] FAT-fs (loop5): Directory bread(block 33) failed
[  151.681309][T10342] FAT-fs (loop5): Directory bread(block 34) failed
[  151.688006][T10342] FAT-fs (loop5): Directory bread(block 35) failed
[  151.694620][T10342] FAT-fs (loop5): Directory bread(block 36) failed
[  151.701327][T10342] FAT-fs (loop5): Directory bread(block 37) failed
[  151.707993][T10342] FAT-fs (loop5): Directory bread(block 38) failed
[  151.714657][T10342] FAT-fs (loop5): Directory bread(block 39) failed
[  151.721320][T10342] FAT-fs (loop5): Directory bread(block 40) failed
[  151.728040][T10342] FAT-fs (loop5): Directory bread(block 41) failed
[  151.808936][T10345] GUP no longer grows the stack in syz.0.2412 (10345): 200000002000-200000006000 (200000001000)
[  151.819478][T10345] CPU: 1 UID: 0 PID: 10345 Comm: syz.0.2412 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  151.819536][T10345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  151.819549][T10345] Call Trace:
[  151.819558][T10345]  <TASK>
[  151.819572][T10345]  __dump_stack+0x1d/0x30
[  151.819635][T10345]  dump_stack_lvl+0xe8/0x140
[  151.819707][T10345]  dump_stack+0x15/0x1b
[  151.819781][T10345]  __get_user_pages+0x199d/0x1fb0
[  151.819808][T10345]  ? __d_alloc+0x2c8/0x350
[  151.819834][T10345]  ? css_rstat_updated+0xcd/0x5b0
[  151.819862][T10345]  ? __rcu_read_unlock+0x4f/0x70
[  151.819895][T10345]  ? avc_has_perm_noaudit+0x1b1/0x200
[  151.819926][T10345]  __gup_longterm_locked+0x9c9/0x1010
[  151.820006][T10345]  ? selinux_ptrace_access_check+0x102/0x110
[  151.820038][T10345]  ? security_ptrace_access_check+0x69/0x80
[  151.820115][T10345]  ? __ptrace_may_access+0x2c3/0x340
[  151.820197][T10345]  pin_user_pages_remote+0x7e/0xb0
[  151.820237][T10345]  process_vm_rw+0x484/0x950
[  151.820349][T10345]  ? __pfx_futex_wake_mark+0x10/0x10
[  151.820448][T10345]  __x64_sys_process_vm_writev+0x78/0x90
[  151.820477][T10345]  x64_sys_call+0xe80/0x2fb0
[  151.820499][T10345]  do_syscall_64+0xd2/0x200
[  151.820518][T10345]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  151.820627][T10345]  ? clear_bhb_loop+0x40/0x90
[  151.820718][T10345]  ? clear_bhb_loop+0x40/0x90
[  151.820741][T10345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.820764][T10345] RIP: 0033:0x7fd15040e9a9
[  151.820788][T10345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.820807][T10345] RSP: 002b:00007fd14ea4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[  151.820826][T10345] RAX: ffffffffffffffda RBX: 00007fd150636080 RCX: 00007fd15040e9a9
[  151.820839][T10345] RDX: 0000000000000001 RSI: 0000200000001c80 RDI: 000000000000045e
[  151.820851][T10345] RBP: 00007fd150490d69 R08: 0000000000000001 R09: 0000000000000000
[  151.820864][T10345] R10: 0000200000001d80 R11: 0000000000000246 R12: 0000000000000000
[  151.820905][T10345] R13: 0000000000000000 R14: 00007fd150636080 R15: 00007ffd5880bb68
[  151.820945][T10345]  </TASK>
[  152.058420][T10351] FAULT_INJECTION: forcing a failure.
[  152.058420][T10351] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  152.071762][T10351] CPU: 0 UID: 0 PID: 10351 Comm: syz.5.2413 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  152.071792][T10351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  152.071808][T10351] Call Trace:
[  152.071816][T10351]  <TASK>
[  152.071826][T10351]  __dump_stack+0x1d/0x30
[  152.071918][T10351]  dump_stack_lvl+0xe8/0x140
[  152.071941][T10351]  dump_stack+0x15/0x1b
[  152.071958][T10351]  should_fail_ex+0x265/0x280
[  152.071987][T10351]  should_fail+0xb/0x20
[  152.072047][T10351]  should_fail_usercopy+0x1a/0x20
[  152.072082][T10351]  _copy_from_user+0x1c/0xb0
[  152.072101][T10351]  ___sys_sendmsg+0xc1/0x1d0
[  152.072215][T10351]  __x64_sys_sendmsg+0xd4/0x160
[  152.072259][T10351]  x64_sys_call+0x2999/0x2fb0
[  152.072285][T10351]  do_syscall_64+0xd2/0x200
[  152.072349][T10351]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  152.072420][T10351]  ? clear_bhb_loop+0x40/0x90
[  152.072447][T10351]  ? clear_bhb_loop+0x40/0x90
[  152.072529][T10351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.072555][T10351] RIP: 0033:0x7f984579e9a9
[  152.072594][T10351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.072615][T10351] RSP: 002b:00007f9843dff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  152.072638][T10351] RAX: ffffffffffffffda RBX: 00007f98459c5fa0 RCX: 00007f984579e9a9
[  152.072654][T10351] RDX: 0000000000000000 RSI: 0000200000000500 RDI: 0000000000000003
[  152.072667][T10351] RBP: 00007f9843dff090 R08: 0000000000000000 R09: 0000000000000000
[  152.072678][T10351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  152.072689][T10351] R13: 0000000000000000 R14: 00007f98459c5fa0 R15: 00007ffc40a6fb38
[  152.072748][T10351]  </TASK>
[  152.347366][T10368] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2419'.
[  152.397862][T10372] loop5: detected capacity change from 0 to 1024
[  152.405105][T10372] ext4: Unknown parameter 'uid<00000000000000000000'
[  152.502421][T10382] netlink: 'syz.1.2425': attribute type 13 has an invalid length.
[  152.513123][T10383] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2422'.
[  152.522855][T10383] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2422'.
[  152.709582][T10391] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2427'.
[  152.718777][T10391] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2427'.
[  153.340293][T10402] loop5: detected capacity change from 0 to 164
[  153.348880][T10402] Unable to read rock-ridge attributes
[  153.369912][T10402] Unable to read rock-ridge attributes
[  153.461037][T10405] random: crng reseeded on system resumption
[  153.554995][T10411] block device autoloading is deprecated and will be removed.
[  153.727518][T10426] netlink: 'syz.4.2438': attribute type 12 has an invalid length.
[  154.713426][T10447] loop5: detected capacity change from 0 to 512
[  154.730131][T10447] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  154.764181][T10452] 9pnet: Could not find request transport: r
[  154.821119][T10447] EXT4-fs (loop5): 1 truncate cleaned up
[  154.828528][T10447] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.881594][ T8947] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.935199][T10461] ==================================================================
[  154.943346][T10461] BUG: KCSAN: data-race in io_flush_timeouts / io_issue_sqe
[  154.950657][T10461] 
[  154.952983][T10461] read-write to 0xffff888118e0ba10 of 4 bytes by task 10466 on cpu 0:
[  154.961145][T10461]  io_issue_sqe+0x19c/0x970
[  154.965664][T10461]  io_wq_submit_work+0x3f7/0x5f0
[  154.970705][T10461]  io_worker_handle_work+0x44e/0x9b0
[  154.976022][T10461]  io_wq_worker+0x22e/0x870
[  154.980558][T10461]  ret_from_fork+0xda/0x150
[  154.985094][T10461]  ret_from_fork_asm+0x1a/0x30
[  154.989980][T10461] 
[  154.992333][T10461] read to 0xffff888118e0ba10 of 4 bytes by task 10461 on cpu 1:
[  154.999971][T10461]  io_flush_timeouts+0x56/0x1d0
[  155.005035][T10461]  __io_commit_cqring_flush+0xeb/0x100
[  155.010519][T10461]  __io_submit_flush_completions+0x9e3/0xa00
[  155.016539][T10461]  ctx_flush_and_put+0x9b/0x150
[  155.021408][T10461]  io_handle_tw_list+0x1a9/0x1c0
[  155.026358][T10461]  tctx_task_work_run+0x6d/0x1a0
[  155.031306][T10461]  tctx_task_work+0x3f/0x80
[  155.035958][T10461]  task_work_run+0x131/0x1a0
[  155.040576][T10461]  get_signal+0xe13/0xf70
[  155.044936][T10461]  arch_do_signal_or_restart+0x96/0x480
[  155.050581][T10461]  exit_to_user_mode_loop+0x7a/0x100
[  155.055990][T10461]  do_syscall_64+0x1d6/0x200
[  155.060601][T10461]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.066528][T10461] 
[  155.068851][T10461] value changed: 0x000004fd -> 0x000004fe
[  155.074581][T10461] 
[  155.076902][T10461] Reported by Kernel Concurrency Sanitizer on:
[  155.083148][T10461] CPU: 1 UID: 0 PID: 10461 Comm: syz.4.2449 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  155.094012][T10461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  155.104082][T10461] ==================================================================
[  155.132064][T10471] tmpfs: Unknown parameter 'ÿÿä˼ZpMÖ•Üœ˜£Z>Ö !Q>oUÇ$lòN«Ò‹?[xévZSÉ1'
[  156.578929][   T29] kauditd_printk_skb: 684 callbacks suppressed
[  156.579013][   T29] audit: type=1400 audit(1753801532.899:14685): avc:  denied  { ioctl } for  pid=3314 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=988 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1