last executing test programs:

2.78521749s ago: executing program 1 (id=1225):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, 0x0, &(0x7f0000000380), 0x1, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000008500", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) (fail_nth: 8)

2.555671853s ago: executing program 1 (id=1226):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000500)={[0x5]}, 0x8)
name_to_handle_at(r0, &(0x7f00000000c0)='\x00', 0x0, 0x0, 0x1400)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_bp={0x0, 0x8}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0x34, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r2 = syz_io_uring_setup(0x3b52, &(0x7f0000000140)={0x0, 0x5883, 0x1000, 0x8003, 0x1c2}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000680)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000380)='./file0\x00', 0xffffffffffffffff, 0x0, 0x1})
io_uring_enter(r2, 0x10007b0f, 0x96f0, 0x20, 0x0, 0x0)
syz_io_uring_setup(0x516d, &(0x7f0000000200)={0x0, 0x705d, 0x10100, 0x0, 0x19f}, 0x0, 0x0)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
recvmmsg(r5, &(0x7f0000005e40)=[{{0x0, 0x0, 0x0}, 0xd58}], 0x1, 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000006c0)={0x8ae}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000880)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x121000e, &(0x7f0000000780)={[{@abort}, {@data_err_abort}, {@grpjquota_path={'grpjquota', 0x3d, '.\x02'}}, {@init_itable}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800000}}, {@dioread_nolock}, {@oldalloc}, {@jqfmt_vfsv0}, {@min_batch_time={'min_batch_time', 0x3d, 0x3}}, {@acl}], [{@smackfsfloor={'smackfsfloor', 0x3d, 'min_batch_time'}}, {@seclabel}, {@hash}, {@uid_gt={'uid>', 0xee01}}]}, 0x5, 0x542, &(0x7f0000000140)="$eJzs3c1vI2cZAPBnnHhJuinZAodSqWVFi3YrWGfT0Dbi0HYF4lYBWu5LlHijKE68ip12bVVVKg4ckRCilThx4oLEH4CE+iegSpXoHQECVbCFAwdgqhmP98MdZxOtHUfO7ydN/M47H8/z2rH9zodnAjizLkbEaxExExHPR8RiUV8phjjoDdl8n9x5az0bsinX/5FEUtRF5MW7zheLzfUeSrU63e21RqO+V4wvtXduLbU63StbO2ub9c367srK8kurL6++uHp1JO3M2vXKd/76i5/++ruv/P4bb/7pxt8vv50l/e1ietGOkfso/1vNnou7ZiNibxzBJmCmaE910okAAHAkWR//CxHx1bz/vxgzeW8uN9ilmzv57AAAAIBRSF9diP8mEWna37xPAQAAgCnzakQsRFKpFecCLESlUqv1zuH9UjxWaTRb7a/fbO7vbmTT8jM9Kze3GvWrxTm1F6KaZOPLefne+AsD4ysR8URE/HxxPh+vrTcbGxPe9wEAAABnxfmB7f9/H/S2/wEAAIApc2HSCQAAAABjV2z/zwzWJxPIBQAAABgPx/8BAABgqn3/9dezIe3f/3rjjc7+dvONKxv11nZtZ3+9tt7cu1XbbDY382v27TxsfY1m89Y3Y3f/9lK73movtTrdGzvN/d32jS33DwQAAIBJeeIr73+URMTBt+bzIXMuyn4MUHCuAEyNynFm/sv48gBO3rCveWD6zU46AWByDo6/yMVx5AFMzAOX+ijpFNx/8s4D+wz+ML6cAACA0br05fLj//md/iedHDBWxzr+D0wVx//h7Drm8f8PxpUHcPKqegBw5j3sVh+lF++YH3L8/1zZzGl66LoAAICxW8iHpFIrjgUuRKVSq0U8nv/Uv5rc3GrUr0bE5yPij4vVz2Xjy/mSidsDAgAAAAAAAAAAAAAAAAAAAAAAAMARpWkSKQAAADDVIip/S4r7f11afG5hcP/AueQ/i1Hc0uvNX15/9/biXHtvOav/59369nvX37291m7vvTCJPRgAAADAoP52ev64POlsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJg2n9x5a70/nGTcj6/F9+JCWfzZmMsf56IaEY/9K4nZ+5ZLImJmBPEP3omIJ8viJ1lacaHIYjB+JSLmRx+/em/K3fhPp2laGv/8COLDWfb+tYh4rez9X4mL+WP5+3+2GB7Vx9fyN3lp/P7n38yQz7/HjxjjqQ9/uzQ0/jsRT82Wf/714ydD4j9btsKSJ+VHP+x2P1PZW3mkv4q4VPr9kzwQa6m9c2up1ele2dpZ26xv1ndXVpZfWn159cXVq0s3txr14m9pG3/29O/+P1D1v7Qnb398Nv5PoveyHNr+57LCfZ/YkQ6GKYJ9ePvOF3vF6sAq8viXny1//Z88JH72P/G14nsgm36pXz7ole/3zG8+eKY0sSL+xpDn/2Gv/+VhKx3w/A9+/OcjzgoAnIBWp7u91mjU945UmD/OzJ3udppG9GveS9P0mIsrnGCh37sbW4i509LSU1DI+tanII1hhVHs2QIAAE6be53+Iy/y9lgTAgAAAAAAAAAAAAAAAAAAgDOo1YnK4dcDS9OIR7uc2GDMg8k0FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgUJ8GAAD//4gf0qc=")
r6 = socket$nl_generic(0x10, 0x3, 0x10)
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)={0x30, r7, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x19, {0x3, 0x1, 0x1}}}}, 0x30}}, 0x4000000)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x20c006, &(0x7f0000000480)={[{@grpjquota}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@discard}, {@grpquota}], [{@seclabel}]}, 0x1, 0x446, &(0x7f0000000d40)="$eJzs28tvG8UfAPDv2kn6/P1qqvLoAwgURMQjadJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSd8QRib+AE1wQcELiCndUqUK5tMDFaOPdxHbttA5ONtSfj7TJzO44M1/vjj07kw2gbw2nP5KIvRHxa0Tsq2ebCwzXf91cXpz6c3lxKola7Y0/kpVyN5YXp/Ki+ev25JmBiNInSRxuU+/8pcvnJqvVmYtZfmzh/Ltj85cuPzN7fvLszNmZCxOnTp04Pv7cyYlnexJnGteNQx/MHTn4yltXX5s6ffXtH79O8vhb4uiR4fUOPl6r9bi6Yv2vIZ0MFNgQulKud9MYXOn/+6IcaydvX7z8caGNAzZVrVar3df58FINuIslUXQLgGLkX/Tp/W++bdHQY1u4/kL9BiiN+2a21Y8MRCkrM9hyf9tLwxFxeumvL9ItNmceAgCgybfp+OfpbPzXtPBTisZ5of9nayiViLgnIvZHxMmIOBAR90aslL0/Ih7osv7WRZJbxz+la13+ya6k47/ns7Wt5vFfPvqLSjni73y4XInB5MxsdeZY9p6MxOCOND++Th3fvfTLZ52ONY7/0i2tPx8LZu24NrCj+TXTkwuT/ybmRtc/ijg00C7+ZHUlIL0sDkbEoQ3WMfvkV0c6Hbt9/M2GGjM9WGeqfRnxRP38L0VL/Llk/fXJsZ1RnTk2ll8Vt/rp5yuvd6q/2/h7LT3/u9te/6vxV5LG9dr57uu48tunHe9pNnr9DyVvNu17f3Jh4eJ4xFDyar3RjfsnWspNrJVP4x852r7/74+1d+JwRKQX8YMR8VBEPJy1/ZGIeDQijq4T/w8vPvZO856ki/g3Vxr/dFfnfy0xFK172ifK577/pqnSSnQRf3r+T6ykRrI9d/L5dyft2tjVDAAAAP89pYjYG0lpdDVdKo2O1v+H/0DsLlXn5heeOjP33oXp+jMClRgs5TNd9fng+nzoeHZbn+cnWvLHs3njz8u7VvKjU3PV6aKDhz63p0P/T/1eLrp1wKbzvBb0L/0f+pf+D/1L/4f+1ab/7yqiHcDWa/f9/2EB7QC2Xkv/t+wHfcT9P/Qv/R/6l/4PfWl+V9z+Ifntmti5PZrRn4koFVd7PkNV+JtwFycK/mACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokX8CAAD//2Ts5lU=")
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x1001, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)

2.323820957s ago: executing program 1 (id=1228):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xb1}, 0x100002, 0x2, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$sock(r3, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@timestamping={{0x14, 0x1, 0x25, 0x103}}], 0x18}, 0x0)
recvmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000b00), 0x1, 0x0, 0x3f}, 0x12160)

2.273862537s ago: executing program 1 (id=1230):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x494816459c341ca6}, 0x8002, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = gettid()
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', <r4=>0x0})
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x3a, &(0x7f0000000000)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0xe000, 0x0, 0x5, 0x0, @dev={0xac, 0x14, 0x14, 0xff}, @private=0xa010100, {[@generic={0x94, 0x2}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e0000000800000000001800038014000380"], 0x44}}, 0x20008000)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000100)={0x0, @in6={{0xa, 0x4e22, 0x9, @remote, 0x8}}}, &(0x7f0000000000)=0x84)
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x1ff, {0x0, 0x0, 0x0, r4, {0xfff2}, {}, {0x8, 0x10}}}, 0x24}}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r8=>0x0)
timer_settime(r8, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r9)
waitid(0x0, r9, 0x0, 0x8, 0xfffffffffffffffd)
waitid(0x1, r9, 0x0, 0x4, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "1e00040000000100"}, 0x28)
write$binfmt_script(r1, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd87}, &(0x7f0000000240)=0x40)
writev(r1, &(0x7f00000030c0)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
close_range(r0, r1, 0x0)

2.053040331s ago: executing program 3 (id=1238):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000004780)={0xe, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r1}, &(0x7f0000000500), &(0x7f00000002c0)=r0}, 0x20)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="05"], 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b7040000000000008500000001000000"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r1}, &(0x7f00000006c0), &(0x7f0000000700)=r0}, 0x20)

2.028214401s ago: executing program 3 (id=1240):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000280)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, 0x0, &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r2}, 0x18)
r3 = socket$kcm(0x21, 0x2, 0x2)
recvmsg$kcm(r3, &(0x7f0000001a80)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
futex(0x0, 0x2, 0x1, 0x0, 0x0, 0x2)
msgsnd(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0300"], 0x0, 0x0)
msgctl$IPC_SET(0x0, 0x1, 0x0)
io_submit(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7, 0x0, 0x7}, 0x18)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x401, 0x0)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
close_range(r8, 0xffffffffffffffff, 0x0)
recvmmsg(r5, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000017c0)=""/130, 0x82}], 0x1}, 0xa1}], 0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.778871285s ago: executing program 2 (id=1241):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8"], 0x0, 0x0, 0x0, 0x0, 0x61980, 0x48, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000100)={[{@delalloc}, {@data_err_abort}, {@barrier}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001600)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x8)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000003000), r1)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000003040)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYRES32=r3, @ANYBLOB='\b\x00\v'], 0x30}, 0x1, 0x0, 0x0, 0x20000050}, 0x20040084)

1.673076596s ago: executing program 2 (id=1243):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x5, 0x0, &(0x7f0000000ac0)=[{0xffffffff, 0x2, 0x2000002, 0x3}, {0x4, 0x3, 0x42}, {0x1, 0x3, 0xf, 0x4}, {0x4, 0x4, 0xb, 0x8}, {0x2, 0x4, 0xc, 0x1}], 0x10, 0x8a3, @void, @value}, 0x94)
r2 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$sock(r2, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@timestamping={{0x14, 0x1, 0x25, 0x103}}], 0x18}, 0x0)
recvmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000b00), 0x1, 0x0, 0x3f}, 0x12160)

1.40214671s ago: executing program 1 (id=1246):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x5, 0x0, &(0x7f0000000ac0)=[{0xffffffff, 0x2, 0x2000002, 0x3}, {0x4, 0x3, 0x42}, {0x1, 0x3, 0xf, 0x4}, {0x4, 0x4, 0xb, 0x8}, {0x2, 0x4, 0xc, 0x1}], 0x10, 0x8a3, @void, @value}, 0x94)
r2 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$sock(r2, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@timestamping={{0x14, 0x1, 0x25, 0x103}}], 0x18}, 0x0)
recvmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000b00), 0x1, 0x0, 0x3f}, 0x12160)

1.372801251s ago: executing program 2 (id=1247):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000000e8ffffffffffff05000000", @ANYRES32=0x1], 0x48)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="1400000010000100000000ff000000000000000a20000000000a03000000000000000000010000000900010073797a300002000068000000090a010400000000fcff00000100000008000a"], 0xb0}}, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ptrace(0x10, r1)
ptrace$getregset(0x4205, r1, 0x202, &(0x7f0000000240)={0x0})

1.328636191s ago: executing program 1 (id=1250):
socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0xfc0, &(0x7f0000007940)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd606410a60f8a0000fec00000002c00001200ffffe0000012fe8000000000000000000000000000aa8400000000000000223427d5c9a46b9f2e505b0c0a013589317d2af31ba55431762f462a5abc3f46494ee91bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e4210dfc209f0c68df65b57f420fd215546b798af6b6ab7bfb2fe6bd6142f877852717370b1ca39d199c149c3ead97c4e16229ce4c08a111a0fc64651c21e9174dd72442a9ae2a42d9433c7b54c8dd4b59203f9a2e227e9b043eb430e606cf98f3428ac8511948dd553bc0728c0626fbda71bd2a1d734d605e27bdb0be93b7b91284689e31fccb70c15f2c39da9011c84d36fe4b4b36ff26e45a34685fc638dbdaa068a3d3d4f5d44b74afc0fc7956e5fcc3fe405ac6d292d1d90f257f18fe14a3192d28ed369956aa2f91f9fee773cf7fb5d90705347eeadc1af86de78a498fa1a20e5b3f481a0595769654d969299506d8ffbc172a7fb9453a8a3787e80b167936863f2cc16c1d03481bd40e1abcf87a292559771572136932bf30e48174012a1d4d5f138f93140af2ceb9c821c7966ea7592d762975b5b33ef141b6b91eb388c91b924945c3231d0f299adb5a36e0c95a17872e7ebf0bc0e33baf5c46f9e2087b77bad0794d519ce7bc8674a70f3545d020454ded22f164185df3b4f952b132947b75333993fd73a6bac5836dd5720e559bcb82a4926734c5c3b1287c5fec219a99f71eb398430001f007306e9232c269c2886357f75d935e8de054341ac36f1df1fc77fbc347d90660f4d5658cfeb9e289f70968a7c0b38ae34c4bfa46b47964e223ac34f472e3231e8c285add5713592c76c062c3477beb55b279846f04f8d6a5ce2743c6a2020f0c5164953b8dca7e57239dc8a7f507bcf77767ab0b4602437171a09c8e80f5a165c4c37eaae386c020000000000000017fa1608792b34bafbc20cf11a678455894ede62788309ab7a7075535847a2b48260a613e521b01d75648263ad78e6176528dbf3e6c4e4d72066e617be5387183a51dd97d2e846c5d173b51e17a4c8d78a49c914cbe44236c52c78de45b44f9d80bc6f77c75135922a84579bce77baa71311889f5b7b90c5124b8298d5e9c81c442d60df00795854d3213a1ac254c8963c109f68b3ff5451c381f6fb56c116f86b71f988d1e9f732280cbf3d4e9791fefc4bdec5dc293fb77b02d5aab6bd8cd179b7e425126b7f78c0d004bc6470ecc2bbc422bd06a6bd8f717009509e6a88b01347b7a62b9dea6f7a7446a371f422499a6e66eeb6a7b0beb4a86a61f875a9bfe0f5d5f0d0e4c85852afaea97d74ebc80d6491a8a1c998c4b5bc34b3edaeba2df902cd5e14e016720e6c3c8b15287b2471c34251e26dc442720cd5d984e30b110b7370f233f865b9ac129fdf49ff02b303d7d4f91039d3bb58a9d64d7a72d8b8eba6b45a000370d4f0e9c0d411768441372e7112e5d4e7d70a9d6b428b8b85ee6209d6f73e7b024740c052166deeb843e4ab78d1d354d75a5827ff0d49d8964e75785f3594c7299c0917b48f3b2efb81a4c3a7d6e0f1cf50efe0360963c2e3ee390ed2a4c39f42e856eced0f2ee7beacd2ecbece493e911ca0460584323ea6d4a0c00864693c979cae38f0c5841bfaeebf609d1075163c120fea0bd0207d2dd07e5e2e0a5afe3efee0ee6bb9a926a8dba7a27a82c5421a5b20bfb5dbdef532a12435fcd899f15603209831711e0dcfaaf2104b2016f087fce44848c70b653d226e57ab5ba06c656273d4efba73a8a61aae19df4d2445f3ce7e649af1b4ffc86106c9092ddd0aafeb45653d181cb32b06a1dd41573495f15c3b8c0019ba72a2eb163dfcbdbb235322ae27d7116af506f295c2424ab9191aa8ce0e4617b212af21983f8d2b19d7fdeec881f6fa448acc7c3e133b6f281583fad4467c05801e69f6ffc1ae2e1f54655534d884c2f8f60303da33ccbe47a293643edb61c7d9fad4e3e54028bc64be8e5b1da53446869b136660b8e96ff96c48641ece275967b27b291c5c240b3399b5b901b699227735f821938bc88ded45bada2b5295e93496a6fdf5af8122257b1a4bcab7ed6647f2027e5680c87329e9cfdba6bde2f2a9b676be016001702bebbabb2eae3eba01d6f49ab70245a4c5ef0e136b531e1843487b3f69c5b811217d6d2f5e71b47f40c28117bd09a88bb21887a06e2cc164d4281d0df47cbd5781f1524098d89ccae32f24c5f9d86469106685fdc683ad5e873030b621dc00354e0621106da90aca69bb53848dd57251a45bc1898aca9bc84c9a8d2f8aabeed888560771c8cb03aab02620430fec8e9740880790060ccbffd5b8edaa219ca61587eff1b1b03ae8af53059f121efdec8b3ee8aba06f494a5b4575bc848d5a9773d2346f75811cb82a078fc960c9bd374555d78b1b4ba0b438ef00e8aa75810ca5efc5c70936e2cb0e515912cb7f625a2130a9ad58f29e58ae6eac5c3f15f22f0163ee6dead6947c4390b92c8dfb146fec7bfc0b37e8ff2c9de90c30f2d8b5e334107f9835bc47fbc193c60ebd5ac4e677c7fd5b6261ff96e97c185c726ec02941bc2336946f181fd2aff43f0e95f06105a049fcb8e4e3738407d6356856f533f17fae281a3be9f2050ae3d19d1b8350d424087aec960fc052ecd165d17a7897de75f15316a072bb9ccf6ce1ec085bb5356c271b985a437a32f12308fc927410fd444bcded9859e7b8a3cfaaf29ebfb92cc7cbfad2559bbe4f90e189e8708e93827b221869cc78fa41fd5bcb6577b7dfe4c3927dc25a58aa84419f76e71d1f3c10cbb5e52ab2bebe0d39bdffda0fa1b55fe3a03683f882a82dd58498d62b101acd710fd436aa7409fe3cf5352dffb399d560323e14d564bdb3121b89c1f43fc9a892b799cd32f7ce2ededb868920b4547735ef0bf3e148251a4f65dddb7f96b2f33734522a8cffdc51520ac98926b3406e96618cf15a042a67239e755afc70ec6a9c99f8e08ec2946e5901364d85223a63d49572519137d93b6b0798e72acf9da120e706ee73367dec1450a68def886c149bcd734469e10b933899501011cd548e99d638821d5709fde050ab382d4896ecfd7999d44dee62c4fc1007bc5b0ea9c690c26d396545224c8f9e19705593df2688eb592e2476a0193f7054ab6f703d41c545a80bf285bbc7"], 0x0) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r1) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4b, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) (async, rerun: 64)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==") (rerun: 64)

1.262344032s ago: executing program 2 (id=1251):
pipe2(&(0x7f0000000000)={0x0, <r0=>0x0}, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_all\x00', 0x275a, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="640000000206050000000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a300000000005000400004000000500050002000000050001000600000014000780080006400000000008001340"], 0x64}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)={0x1c, 0x3, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000000)={0x0, 0x2, 0x7ffffffffffffffb, 0x7ffffffc})
ioctl$KDMKTONE(r1, 0x4b30, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x18, 0x4, &(0x7f0000000080)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10, @void, @value}, 0x94)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r5 = socket(0xa, 0x2400000001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r5, 0x29, 0x2a, &(0x7f0000000300)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000bc0000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r6, 0x0, 0x3}, 0x18)
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r7, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x800000000000, 0x0, 0x0, 0x751, 0x7, 0x200000000080], 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000200000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000"]}, 0x108)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0xffffffff}, 0x18)
r8 = syz_open_dev$usbfs(&(0x7f0000000140), 0x77, 0x1501)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000240), 0x28002, 0x0)
ioctl$USBDEVFS_SUBMITURB(r8, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x3, 0x44, &(0x7f00000001c0)={0x1f, 0x3, 0x17, 0x1}, 0x8, 0x6, 0xd80, 0x0, 0x4bf, 0x404, 0x0})
close_range(r0, 0xffffffffffffffff, 0x0)

1.164692203s ago: executing program 3 (id=1253):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80001, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x1000200000002}, 0x18)
pipe(&(0x7f0000005880)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fsetxattr$security_selinux(r1, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0)

1.103433344s ago: executing program 3 (id=1254):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8"], 0x0, 0x0, 0x0, 0x0, 0x61980, 0x48, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000100)={[{@delalloc}, {@data_err_abort}, {@barrier}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001600)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x8)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000003000), r1)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000003040)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB, @ANYRES32=r3, @ANYBLOB='\b\x00\v'], 0x30}, 0x1, 0x0, 0x0, 0x20000050}, 0x20040084)

993.283546ms ago: executing program 3 (id=1256):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x494816459c341ca6}, 0x8002, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = gettid()
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', <r4=>0x0})
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x3a, &(0x7f0000000000)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0xe000, 0x0, 0x5, 0x0, @dev={0xac, 0x14, 0x14, 0xff}, @private=0xa010100, {[@generic={0x94, 0x2}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e0000000800000000001800038014000380"], 0x44}}, 0x20008000)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000100)={0x0, @in6={{0xa, 0x4e22, 0x9, @remote, 0x8}}}, &(0x7f0000000000)=0x84)
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x1ff, {0x0, 0x0, 0x0, r4, {0xfff2}, {}, {0x8, 0x10}}}, 0x24}}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r8=>0x0)
timer_settime(r8, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r9)
waitid(0x0, r9, 0x0, 0x8, 0xfffffffffffffffd)
waitid(0x1, r9, 0x0, 0x4, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "1e00040000000100"}, 0x28)
write$binfmt_script(r1, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd87}, &(0x7f0000000240)=0x40)
writev(r1, &(0x7f00000030c0)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
close_range(r0, r1, 0x0)

962.246876ms ago: executing program 4 (id=1257):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xb1}, 0x100002, 0x2, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x5, 0x0, &(0x7f0000000ac0)=[{0xffffffff, 0x2, 0x2000002, 0x3}, {0x4, 0x3, 0x42}, {0x1, 0x3, 0xf, 0x4}, {0x4, 0x4, 0xb, 0x8}, {0x2, 0x4, 0xc, 0x1}], 0x10, 0x8a3, @void, @value}, 0x94)
r3 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$sock(r3, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@timestamping={{0x14, 0x1, 0x25, 0x103}}], 0x18}, 0x0)
recvmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000b00), 0x1, 0x0, 0x3f}, 0x12160)

812.077929ms ago: executing program 4 (id=1258):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xb1}, 0x100002, 0x2, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$sock(r3, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@timestamping={{0x14, 0x1, 0x25, 0x103}}], 0x18}, 0x0)
recvmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000b00), 0x1, 0x0, 0x3f}, 0x12160)

644.277951ms ago: executing program 2 (id=1261):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x5, 0x0, &(0x7f0000000ac0)=[{0xffffffff, 0x2, 0x2000002, 0x3}, {0x4, 0x3, 0x42}, {0x1, 0x3, 0xf, 0x4}, {0x4, 0x4, 0xb, 0x8}, {0x2, 0x4, 0xc, 0x1}], 0x10, 0x8a3, @void, @value}, 0x94)
r2 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$sock(r2, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@timestamping={{0x14, 0x1, 0x25, 0x103}}], 0x18}, 0x0)
recvmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000b00), 0x1, 0x0, 0x3f}, 0x12160)

643.714751ms ago: executing program 4 (id=1262):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x800000}, 0x18)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, 0x0, 0xf00)

632.078331ms ago: executing program 0 (id=1263):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000280)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r2}, 0x18)
r3 = socket$kcm(0x21, 0x2, 0x2)
recvmsg$kcm(r3, &(0x7f0000001a80)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
futex(0x0, 0x2, 0x1, 0x0, 0x0, 0x2)
msgsnd(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0300"], 0x0, 0x0)
msgctl$IPC_SET(0x0, 0x1, 0x0)
io_submit(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7, 0x0, 0x7}, 0x18)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x401, 0x0)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
close_range(r8, 0xffffffffffffffff, 0x0)
recvmmsg(r5, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000017c0)=""/130, 0x82}], 0x1}, 0xa1}], 0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

602.569472ms ago: executing program 4 (id=1264):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r0}, 0x0, &(0x7f0000000700)}, 0x20)

601.182112ms ago: executing program 2 (id=1265):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000500)={[0x5]}, 0x8)
name_to_handle_at(r0, &(0x7f00000000c0)='\x00', 0x0, 0x0, 0x1400)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_bp={0x0, 0x8}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0x34, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r2 = syz_io_uring_setup(0x3b52, &(0x7f0000000140)={0x0, 0x5883, 0x1000, 0x8003, 0x1c2}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000680)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000380)='./file0\x00', 0xffffffffffffffff, 0x0, 0x1})
io_uring_enter(r2, 0x10007b0f, 0x96f0, 0x20, 0x0, 0x0)
syz_io_uring_setup(0x516d, &(0x7f0000000200)={0x0, 0x705d, 0x10100, 0x0, 0x19f}, 0x0, 0x0)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
recvmmsg(r5, &(0x7f0000005e40)=[{{0x0, 0x0, 0x0}, 0xd58}], 0x1, 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000006c0)={0x8ae}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000880)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x121000e, &(0x7f0000000780)={[{@abort}, {@data_err_abort}, {@grpjquota_path={'grpjquota', 0x3d, '.\x02'}}, {@init_itable}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800000}}, {@dioread_nolock}, {@oldalloc}, {@jqfmt_vfsv0}, {@min_batch_time={'min_batch_time', 0x3d, 0x3}}, {@acl}], [{@smackfsfloor={'smackfsfloor', 0x3d, 'min_batch_time'}}, {@seclabel}, {@hash}, {@uid_gt={'uid>', 0xee01}}]}, 0x5, 0x542, &(0x7f0000000140)="$eJzs3c1vI2cZAPBnnHhJuinZAodSqWVFi3YrWGfT0Dbi0HYF4lYBWu5LlHijKE68ip12bVVVKg4ckRCilThx4oLEH4CE+iegSpXoHQECVbCFAwdgqhmP98MdZxOtHUfO7ydN/M47H8/z2rH9zodnAjizLkbEaxExExHPR8RiUV8phjjoDdl8n9x5az0bsinX/5FEUtRF5MW7zheLzfUeSrU63e21RqO+V4wvtXduLbU63StbO2ub9c367srK8kurL6++uHp1JO3M2vXKd/76i5/++ruv/P4bb/7pxt8vv50l/e1ietGOkfso/1vNnou7ZiNibxzBJmCmaE910okAAHAkWR//CxHx1bz/vxgzeW8uN9ilmzv57AAAAIBRSF9diP8mEWna37xPAQAAgCnzakQsRFKpFecCLESlUqv1zuH9UjxWaTRb7a/fbO7vbmTT8jM9Kze3GvWrxTm1F6KaZOPLefne+AsD4ysR8URE/HxxPh+vrTcbGxPe9wEAAABnxfmB7f9/H/S2/wEAAIApc2HSCQAAAABjV2z/zwzWJxPIBQAAABgPx/8BAABgqn3/9dezIe3f/3rjjc7+dvONKxv11nZtZ3+9tt7cu1XbbDY382v27TxsfY1m89Y3Y3f/9lK73movtTrdGzvN/d32jS33DwQAAIBJeeIr73+URMTBt+bzIXMuyn4MUHCuAEyNynFm/sv48gBO3rCveWD6zU46AWByDo6/yMVx5AFMzAOX+ijpFNx/8s4D+wz+ML6cAACA0br05fLj//md/iedHDBWxzr+D0wVx//h7Drm8f8PxpUHcPKqegBw5j3sVh+lF++YH3L8/1zZzGl66LoAAICxW8iHpFIrjgUuRKVSq0U8nv/Uv5rc3GrUr0bE5yPij4vVz2Xjy/mSidsDAgAAAAAAAAAAAAAAAAAAAAAAAMARpWkSKQAAADDVIip/S4r7f11afG5hcP/AueQ/i1Hc0uvNX15/9/biXHtvOav/59369nvX37291m7vvTCJPRgAAADAoP52ev64POlsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJg2n9x5a70/nGTcj6/F9+JCWfzZmMsf56IaEY/9K4nZ+5ZLImJmBPEP3omIJ8viJ1lacaHIYjB+JSLmRx+/em/K3fhPp2laGv/8COLDWfb+tYh4rez9X4mL+WP5+3+2GB7Vx9fyN3lp/P7n38yQz7/HjxjjqQ9/uzQ0/jsRT82Wf/714ydD4j9btsKSJ+VHP+x2P1PZW3mkv4q4VPr9kzwQa6m9c2up1ele2dpZ26xv1ndXVpZfWn159cXVq0s3txr14m9pG3/29O/+P1D1v7Qnb398Nv5PoveyHNr+57LCfZ/YkQ6GKYJ9ePvOF3vF6sAq8viXny1//Z88JH72P/G14nsgm36pXz7ole/3zG8+eKY0sSL+xpDn/2Gv/+VhKx3w/A9+/OcjzgoAnIBWp7u91mjU945UmD/OzJ3udppG9GveS9P0mIsrnGCh37sbW4i509LSU1DI+tanII1hhVHs2QIAAE6be53+Iy/y9lgTAgAAAAAAAAAAAAAAAAAAgDOo1YnK4dcDS9OIR7uc2GDMg8k0FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgUJ8GAAD//4gf0qc=")
r6 = socket$nl_generic(0x10, 0x3, 0x10)
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)={0x30, r7, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x19, {0x3, 0x1, 0x1}}}}, 0x30}}, 0x4000000)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x20c006, &(0x7f0000000480)={[{@grpjquota}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@discard}, {@grpquota}], [{@seclabel}]}, 0x1, 0x446, &(0x7f0000000d40)="$eJzs28tvG8UfAPDv2kn6/P1qqvLoAwgURMQjadJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSd8QRib+AE1wQcELiCndUqUK5tMDFaOPdxHbttA5ONtSfj7TJzO44M1/vjj07kw2gbw2nP5KIvRHxa0Tsq2ebCwzXf91cXpz6c3lxKola7Y0/kpVyN5YXp/Ki+ev25JmBiNInSRxuU+/8pcvnJqvVmYtZfmzh/Ltj85cuPzN7fvLszNmZCxOnTp04Pv7cyYlnexJnGteNQx/MHTn4yltXX5s6ffXtH79O8vhb4uiR4fUOPl6r9bi6Yv2vIZ0MFNgQulKud9MYXOn/+6IcaydvX7z8caGNAzZVrVar3df58FINuIslUXQLgGLkX/Tp/W++bdHQY1u4/kL9BiiN+2a21Y8MRCkrM9hyf9tLwxFxeumvL9ItNmceAgCgybfp+OfpbPzXtPBTisZ5of9nayiViLgnIvZHxMmIOBAR90aslL0/Ih7osv7WRZJbxz+la13+ya6k47/ns7Wt5vFfPvqLSjni73y4XInB5MxsdeZY9p6MxOCOND++Th3fvfTLZ52ONY7/0i2tPx8LZu24NrCj+TXTkwuT/ybmRtc/ijg00C7+ZHUlIL0sDkbEoQ3WMfvkV0c6Hbt9/M2GGjM9WGeqfRnxRP38L0VL/Llk/fXJsZ1RnTk2ll8Vt/rp5yuvd6q/2/h7LT3/u9te/6vxV5LG9dr57uu48tunHe9pNnr9DyVvNu17f3Jh4eJ4xFDyar3RjfsnWspNrJVP4x852r7/74+1d+JwRKQX8YMR8VBEPJy1/ZGIeDQijq4T/w8vPvZO856ki/g3Vxr/dFfnfy0xFK172ifK577/pqnSSnQRf3r+T6ykRrI9d/L5dyft2tjVDAAAAP89pYjYG0lpdDVdKo2O1v+H/0DsLlXn5heeOjP33oXp+jMClRgs5TNd9fng+nzoeHZbn+cnWvLHs3njz8u7VvKjU3PV6aKDhz63p0P/T/1eLrp1wKbzvBb0L/0f+pf+D/1L/4f+1ab/7yqiHcDWa/f9/2EB7QC2Xkv/t+wHfcT9P/Qv/R/6l/4PfWl+V9z+Ifntmti5PZrRn4koFVd7PkNV+JtwFycK/mACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokX8CAAD//2Ts5lU=")
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x1001, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)

465.683664ms ago: executing program 4 (id=1266):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8"], 0x0, 0x0, 0x0, 0x0, 0x61980, 0x48, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000100)={[{@delalloc}, {@data_err_abort}, {@barrier}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001600)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x8)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000003000), r1)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000003040)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB, @ANYRES32=r3, @ANYBLOB='\b\x00\v'], 0x30}, 0x1, 0x0, 0x0, 0x20000050}, 0x20040084)

427.925064ms ago: executing program 0 (id=1267):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095", @ANYBLOB="fbd7d8bfb68c0a6caeb662a57c143a2c955f597767d9834be0aed8e672af0bf2a94e00a51c754b68e250a22e8dc351329a927a81427412c6c3507245bcc798fd64cce95417a3777ea5d7270d5586928a4f822854e38c6ef73ec20a58297700a5ef05b98ebe3e326cedc3835d514d36"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
getpid()
socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000006c0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4, 0x0, 0xffffffffffffffff}, 0x18)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000480)='./file2\x00', 0x2000000, &(0x7f0000000280)=ANY=[], 0x8, 0x2f8, &(0x7f0000000ac0)="$eJzs3EtPE1EUwPHTB6UtgbIwGk0MN7rRzQSqa6UxkBibSJAaH4nJAFNtOrak02BqjOjKrfFDuCAs2ZEoX4CNO924ccfGxIUsjDWdB4UyhVKgRfj/EjKHuffM3NsZyLlNO+sP3j/PZy0tq5clGFUSEBHZEBmUoHgC7jZoxxHZ6o1c7fv19eK9h4/upNLpsUmlxlNT15JKqYGhTy9exdxuK72yNvhk/Wfyx9rZtfPrf6ee5SyVs1ShWFa6mi5+L+vTpqFmc1ZeU2rCNHTLULmCZZSc9qLTnjWLc3MVpRdm++NzJcOylF6oqLxRUeWiKpcqKvRUzxWUpmmqPy6nWbilXpnFyUk91eYpZtrMQ4eVSik9JCKxHS2Zxa4MCAAAdFVj/R8UdZj1/9Kl1XLf/eUBt/5fifjV/9e/OcfaVv9HRcS3/vfO71v/6/ur/3dWRKfLgep/HA9DkR27AvWw1lhK6XH379f29vHSsB1Q/wMAAAAAAAAAAAAAAAAAAAAA8D/YqFYT1Wo14W29n14RiYqI97tPakhEbnZhyDhELVz/YJPrjxOg/sW98ICI+W4+M59xtm6HVRExxZBhScgf+35w1WLvm0eqZlA+mwtu/sJ8JmS3pLKSs/NHJNEjjfnV6vjt9NiIcmzP75H4Zn6vIUlJyBn//KRvfkSuXN5yfk0S8mVGimLKrD2Oev7rEaVu3U035MfsfgAAAAAAnASa2uS7fte0Zu1O/ub6uvH9gVB9fT3suz4Py4XWHlIJAAAAAAAOyKq8zOumaZR2CWKyd5/2g/ARHdmbYatZ3mcZjm6muwTeybc1Rd2dh/6yBPbxsjQJgtJO1lBtNuqgs/DeNmrWRyZGO38F7eDch4+/95cV3OWuu7Ec3WOm7Qch5wZoduSejvzzAQAAANBR9aLf2zPa3QEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAKdeLpaN2eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBc/AsAAP//QE0BYQ==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r5 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
unlinkat(r5, &(0x7f0000000280)='./file0\x00', 0x200)

227.498587ms ago: executing program 0 (id=1268):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xb1}, 0x100002, 0x2, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x5, 0x0, &(0x7f0000000ac0)=[{0xffffffff, 0x2, 0x2000002, 0x3}, {0x4, 0x3, 0x42}, {0x1, 0x3, 0xf, 0x4}, {0x4, 0x4, 0xb, 0x8}, {0x2, 0x4, 0xc, 0x1}], 0x10, 0x8a3, @void, @value}, 0x94)
r3 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$sock(r3, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@timestamping={{0x14, 0x1, 0x25, 0x103}}], 0x18}, 0x0)
recvmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000b00), 0x1, 0x0, 0x3f}, 0x12160)

216.754707ms ago: executing program 4 (id=1269):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000400)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r2, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r2], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f00000006c0)=0x4, 0x12)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0xc0280, 0x0)
ioctl$PPPIOCATTACH(0xffffffffffffffff, 0x4004743d, &(0x7f0000000040)=0x3)
ioctl$TUNSETOWNER(r6, 0x400454cc, 0x0)
getsockopt$ARPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x63, &(0x7f0000000140)={'ipvs\x00'}, &(0x7f0000000640)=0x1e)
close(r6)
syz_usb_connect$hid(0x6, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="1201000200000020d90472a040000102030109022400010108b0070904007c0203010101092108000301223f0f0905810300020e0408273cacb0f8a6f509b7486900b9ef9e93adbb000315618a1daf50ff0a9cf894532bc00e9a64ee8308d318ccb8149ec1e68423db22b75a58ad5941b8"], &(0x7f0000000540)={0xa, &(0x7f0000000300)={0xa, 0x6, 0x250, 0x80, 0x2, 0x0, 0xff, 0x3}, 0xbf, &(0x7f0000000440)={0x5, 0xf, 0xbf, 0x3, [@ext_cap={0x7, 0x10, 0x2, 0x6, 0x4, 0xe, 0x1000}, @generic={0xa9, 0x10, 0x3, "2cabb78a340cd8e7b21087cad2b72ae6fb58f013d6505bc41c0840ea5e3d96dfd3890c3645f4008ab0f39d80d4cb1ce9ebfdf6841223fd44430e4ad4935665bc9a32d94fd6639fcfa9254bf8074dd5ec66625da260268040d0e3f0feeaffa101f169c2951064eda519a88c2d070d567611b22de6a08754dd1a7ead8706748af2a162631a70ed13e51ef12d2358abdbcbcffd1bca95702265ba31bc2462246471c55c4dec2ce2"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x5, 0x3, 0x4, 0x5}]}, 0x1, [{0x7, &(0x7f0000000500)=@string={0x7, 0x3, "ef09255def"}}]})
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, r5, {0x0, 0x9}, {0xffff, 0xffff}, {0x5, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x6, 0x2}}}}]}, 0x79}}, 0x800)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001540)=@newtfilter={0x68, 0x28, 0xd27, 0x1004001, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xffff, 0x9}, {}, {0x2, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x38, 0x2, [@TCA_CGROUP_ACT={0x34, 0x1, [@m_sample={0x30, 0x215, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x8810}, 0x404c0c0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0xe000, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0x0, 0x1}}}, 0x24}}, 0x10)

199.702207ms ago: executing program 0 (id=1270):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_async', 0x40a02, 0x0)
write$tcp_mem(r0, &(0x7f0000000500)={0xfffffffffffffffa, 0x20, 0xffffffffffffffff, 0x20, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
sigaltstack(0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
creat(&(0x7f0000000140)='./file0\x00', 0x4)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000600)=@raw={'raw\x00', 0x8, 0x3, 0x3c8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f0, 0xffffffff, 0xffffffff, 0x3f0, 0xffffffff, 0xb, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x1a}, @dev={0xfe, 0x80, '\x00', 0x28}, [0xffffff00, 0xffffff00, 0x0, 0xff000000], [0xff, 0x0, 0x9f19fd7a5e924fa7, 0xff], 'macvtap0\x00', 'bridge0\x00', {0xff}, {0xff}, 0x2b, 0x7, 0x5, 0x10}, 0x0, 0xa8, 0xc8, 0x60030000, {0x0, 0xff000000}}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x1c8, 0x230, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@tcpmss={{0x28}, {0x39d3, 0x9, 0x1}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x428)
sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000000000000000000a20000000050a010100c26ac35357ee21150000010073797a30000000004c000000090a010400000300000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000023100011800c000100630500000000000000feffff100001000000000007e6d805a4e6000000000300000a000000"], 0x94}}, 0x4000)

46.22424ms ago: executing program 0 (id=1271):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)

45.40515ms ago: executing program 3 (id=1272):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0xfffffffffffffffa}, 0x18)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r2, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'veth0_virt_wifi\x00', 0x2000000}, 0x18)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r2, 0x0, 0x48c, &(0x7f00000002c0)={0x1, 'ipvlan1\x00', 0x100}, 0x18) (fail_nth: 3)

0s ago: executing program 0 (id=1273):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xb1}, 0x100002, 0x2, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$sock(r3, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@timestamping={{0x14, 0x1, 0x25, 0x103}}], 0x18}, 0x0)
recvmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000b00), 0x1, 0x0, 0x3f}, 0x12160)

kernel console output (not intermixed with test programs):

bprm+0x62/0x660
[   67.857835][ T4891]  alloc_bprm+0x133/0x660
[   67.857869][ T4891]  ? should_fail+0xb/0x20
[   67.857905][ T4891]  do_execveat_common+0x12e/0x750
[   67.857934][ T4891]  ? getname_flags+0x154/0x3b0
[   67.857969][ T4891]  __x64_sys_execveat+0x73/0x90
[   67.858018][ T4891]  x64_sys_call+0x2dae/0x2fb0
[   67.858047][ T4891]  do_syscall_64+0xd2/0x200
[   67.858087][ T4891]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   67.858124][ T4891]  ? clear_bhb_loop+0x40/0x90
[   67.858151][ T4891]  ? clear_bhb_loop+0x40/0x90
[   67.858176][ T4891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.858224][ T4891] RIP: 0033:0x7fe21cb4e969
[   67.858242][ T4891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.858259][ T4891] RSP: 002b:00007fe21b1b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[   67.858277][ T4891] RAX: ffffffffffffffda RBX: 00007fe21cd75fa0 RCX: 00007fe21cb4e969
[   67.858289][ T4891] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[   67.858300][ T4891] RBP: 00007fe21b1b7090 R08: 0000000000001000 R09: 0000000000000000
[   67.858312][ T4891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.858388][ T4891] R13: 0000000000000000 R14: 00007fe21cd75fa0 R15: 00007ffd1513bb08
[   67.858407][ T4891]  </TASK>
[   68.255293][ T4905] loop2: detected capacity change from 0 to 164
[   68.266752][ T4905] iso9660: Unknown parameter '18446744073709551615'
[   68.278829][ T4905] sd 0:0:1:0: device reset
[   68.286355][ T4905] siw: device registration error -23
[   68.383704][ T4916] loop2: detected capacity change from 0 to 1024
[   68.396230][ T4916] EXT4-fs: Ignoring removed nobh option
[   68.404090][ T4916] EXT4-fs: Ignoring removed bh option
[   68.450030][ T4921] hub 9-0:1.0: USB hub found
[   68.455532][ T4921] hub 9-0:1.0: 8 ports detected
[   68.595897][ T4931] loop1: detected capacity change from 0 to 512
[   68.643571][ T4931] ext4 filesystem being mounted at /85/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.792491][ T4946] hub 9-0:1.0: USB hub found
[   68.798398][ T4946] hub 9-0:1.0: 8 ports detected
[   68.816179][ T4949] random: crng reseeded on system resumption
[   68.916588][ T4952] FAULT_INJECTION: forcing a failure.
[   68.916588][ T4952] name failslab, interval 1, probability 0, space 0, times 0
[   68.930534][ T4952] CPU: 1 UID: 0 PID: 4952 Comm: syz.1.494 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[   68.930573][ T4952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   68.930638][ T4952] Call Trace:
[   68.930649][ T4952]  <TASK>
[   68.930660][ T4952]  __dump_stack+0x1d/0x30
[   68.930691][ T4952]  dump_stack_lvl+0xe8/0x140
[   68.930721][ T4952]  dump_stack+0x15/0x1b
[   68.930746][ T4952]  should_fail_ex+0x265/0x280
[   68.930805][ T4952]  should_failslab+0x8c/0xb0
[   68.930915][ T4952]  kmem_cache_alloc_noprof+0x50/0x310
[   68.931033][ T4952]  ? posix_lock_inode+0x162/0x2380
[   68.931077][ T4952]  ? avc_has_perm+0xd3/0x150
[   68.931124][ T4952]  posix_lock_inode+0x162/0x2380
[   68.931176][ T4952]  ? file_has_perm+0x324/0x370
[   68.931253][ T4952]  fcntl_setlk+0x61f/0x950
[   68.931299][ T4952]  do_fcntl+0x5dd/0xdf0
[   68.931380][ T4952]  ? selinux_file_fcntl+0x1cb/0x1e0
[   68.931422][ T4952]  __se_sys_fcntl+0xb1/0x120
[   68.931455][ T4952]  __x64_sys_fcntl+0x43/0x50
[   68.931531][ T4952]  x64_sys_call+0x1f1d/0x2fb0
[   68.931563][ T4952]  do_syscall_64+0xd2/0x200
[   68.931624][ T4952]  ? clear_bhb_loop+0x40/0x90
[   68.931675][ T4952]  ? clear_bhb_loop+0x40/0x90
[   68.931726][ T4952]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.931758][ T4952] RIP: 0033:0x7fe3dfece969
[   68.931781][ T4952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.931800][ T4952] RSP: 002b:00007fe3de516038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[   68.931907][ T4952] RAX: ffffffffffffffda RBX: 00007fe3e00f6080 RCX: 00007fe3dfece969
[   68.931926][ T4952] RDX: 0000200000000380 RSI: 0000000000000026 RDI: 0000000000000005
[   68.931945][ T4952] RBP: 00007fe3de516090 R08: 0000000000000000 R09: 0000000000000000
[   68.931963][ T4952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.931981][ T4952] R13: 0000000000000000 R14: 00007fe3e00f6080 R15: 00007fffd10bbfd8
[   68.932004][ T4952]  </TASK>
[   69.720190][ T4958] loop4: detected capacity change from 0 to 512
[   69.727273][ T4958] EXT4-fs: Ignoring removed oldalloc option
[   69.733524][ T4958] ext4: Unknown parameter 'smackfsfloor'
[   69.758653][ T4962] loop2: detected capacity change from 0 to 1024
[   69.769423][ T4962] EXT4-fs: Ignoring removed nobh option
[   69.775235][ T4962] EXT4-fs: Ignoring removed bh option
[   69.794898][ T4958] loop4: detected capacity change from 0 to 512
[   69.848119][ T4970] loop3: detected capacity change from 0 to 512
[   69.882818][ T4958] EXT4-fs: Ignoring removed mblk_io_submit option
[   69.926920][ T4958] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   69.934154][ T4970] ext4 filesystem being mounted at /87/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.991163][ T4958] EXT4-fs (loop4): 1 truncate cleaned up
[   69.997690][ T4981] random: crng reseeded on system resumption
[   70.135505][ T4989] __nla_validate_parse: 2 callbacks suppressed
[   70.135583][ T4989] netlink: 8 bytes leftover after parsing attributes in process `syz.0.505'.
[   70.234277][ T4989] netlink: 4 bytes leftover after parsing attributes in process `syz.0.505'.
[   70.422552][ T5009] random: crng reseeded on system resumption
[   70.530481][ T5015] FAULT_INJECTION: forcing a failure.
[   70.530481][ T5015] name failslab, interval 1, probability 0, space 0, times 0
[   70.543734][ T5015] CPU: 1 UID: 0 PID: 5015 Comm: syz.1.517 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[   70.543769][ T5015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   70.543782][ T5015] Call Trace:
[   70.543789][ T5015]  <TASK>
[   70.543864][ T5015]  __dump_stack+0x1d/0x30
[   70.543937][ T5015]  dump_stack_lvl+0xe8/0x140
[   70.543963][ T5015]  dump_stack+0x15/0x1b
[   70.544063][ T5015]  should_fail_ex+0x265/0x280
[   70.544104][ T5015]  should_failslab+0x8c/0xb0
[   70.544175][ T5015]  kmem_cache_alloc_noprof+0x50/0x310
[   70.544286][ T5015]  ? skb_clone+0x151/0x1f0
[   70.544319][ T5015]  skb_clone+0x151/0x1f0
[   70.544357][ T5015]  __netlink_deliver_tap+0x2c9/0x500
[   70.544435][ T5015]  netlink_unicast+0x64c/0x670
[   70.544482][ T5015]  netlink_sendmsg+0x58b/0x6b0
[   70.544522][ T5015]  ? __pfx_netlink_sendmsg+0x10/0x10
[   70.544561][ T5015]  __sock_sendmsg+0x142/0x180
[   70.544602][ T5015]  ____sys_sendmsg+0x31e/0x4e0
[   70.544633][ T5015]  ___sys_sendmsg+0x17b/0x1d0
[   70.544676][ T5015]  __x64_sys_sendmsg+0xd4/0x160
[   70.544750][ T5015]  x64_sys_call+0x2999/0x2fb0
[   70.544780][ T5015]  do_syscall_64+0xd2/0x200
[   70.544814][ T5015]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   70.544897][ T5015]  ? clear_bhb_loop+0x40/0x90
[   70.544971][ T5015]  ? clear_bhb_loop+0x40/0x90
[   70.545002][ T5015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.545028][ T5015] RIP: 0033:0x7fe3dfece969
[   70.545045][ T5015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.545064][ T5015] RSP: 002b:00007fe3de537038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   70.545084][ T5015] RAX: ffffffffffffffda RBX: 00007fe3e00f5fa0 RCX: 00007fe3dfece969
[   70.545141][ T5015] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[   70.545157][ T5015] RBP: 00007fe3de537090 R08: 0000000000000000 R09: 0000000000000000
[   70.545174][ T5015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   70.545190][ T5015] R13: 0000000000000000 R14: 00007fe3e00f5fa0 R15: 00007fffd10bbfd8
[   70.545213][ T5015]  </TASK>
[   70.545742][ T5015] netlink: 12 bytes leftover after parsing attributes in process `syz.1.517'.
[   70.822659][ T5021] random: crng reseeded on system resumption
[   71.042048][ T5038] random: crng reseeded on system resumption
[   71.187808][   T29] kauditd_printk_skb: 942 callbacks suppressed
[   71.187827][   T29] audit: type=1326 audit(1748722471.970:4311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5010 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe21cb45927 code=0x7ffc0000
[   71.188029][   T29] audit: type=1326 audit(1748722471.970:4312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5010 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe21caeab39 code=0x7ffc0000
[   71.188201][   T29] audit: type=1326 audit(1748722471.970:4313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5010 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7fe21cb4e969 code=0x7ffc0000
[   71.197241][   T29] audit: type=1326 audit(1748722471.980:4314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5037 comm="syz.3.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fbe6d47e969 code=0x7ffc0000
[   71.202141][   T29] audit: type=1326 audit(1748722471.990:4315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5010 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe21cb45927 code=0x7ffc0000
[   71.202336][   T29] audit: type=1326 audit(1748722471.990:4316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5010 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe21caeab39 code=0x7ffc0000
[   71.202442][   T29] audit: type=1326 audit(1748722471.990:4317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5010 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7fe21cb4e969 code=0x7ffc0000
[   71.205810][   T29] audit: type=1326 audit(1748722471.990:4318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5010 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe21cb45927 code=0x7ffc0000
[   71.205939][   T29] audit: type=1326 audit(1748722471.990:4319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5010 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe21caeab39 code=0x7ffc0000
[   71.206107][   T29] audit: type=1326 audit(1748722471.990:4320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5010 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7fe21cb4e969 code=0x7ffc0000
[   71.498300][ T5063] loop2: detected capacity change from 0 to 512
[   71.598948][ T5064] loop1: detected capacity change from 0 to 128
[   71.625544][ T5063] EXT4-fs mount: 50 callbacks suppressed
[   71.625618][ T5063] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.625724][ T5063] ext4 filesystem being mounted at /121/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   71.647818][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.789746][ T5073] loop2: detected capacity change from 0 to 512
[   71.800913][ T5075] loop4: detected capacity change from 0 to 164
[   71.801384][ T5075] iso9660: Unknown parameter '18446744073709551615'
[   71.804699][ T5073] EXT4-fs: Ignoring removed oldalloc option
[   71.809131][ T5073] ext4: Unknown parameter 'smackfsfloor'
[   71.835533][ T5075] sd 0:0:1:0: device reset
[   71.837207][ T5075] siw: device registration error -23
[   71.876990][ T5077] FAULT_INJECTION: forcing a failure.
[   71.876990][ T5077] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   71.877092][ T5077] CPU: 1 UID: 0 PID: 5077 Comm: syz.4.542 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[   71.877120][ T5077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   71.877133][ T5077] Call Trace:
[   71.877140][ T5077]  <TASK>
[   71.877149][ T5077]  __dump_stack+0x1d/0x30
[   71.877176][ T5077]  dump_stack_lvl+0xe8/0x140
[   71.877199][ T5077]  dump_stack+0x15/0x1b
[   71.877245][ T5077]  should_fail_ex+0x265/0x280
[   71.877341][ T5077]  should_fail+0xb/0x20
[   71.877382][ T5077]  should_fail_usercopy+0x1a/0x20
[   71.877408][ T5077]  _copy_from_user+0x1c/0xb0
[   71.877436][ T5077]  io_register_resize_rings+0x100/0xac0
[   71.877464][ T5077]  ? _parse_integer+0x27/0x40
[   71.877576][ T5077]  ? kstrtoull+0x111/0x140
[   71.877649][ T5077]  ? fget+0x36/0x40
[   71.877673][ T5077]  __se_sys_io_uring_register+0xa6d/0xeb0
[   71.877703][ T5077]  ? fput+0x8f/0xc0
[   71.877817][ T5077]  ? ksys_write+0x192/0x1a0
[   71.877837][ T5077]  __x64_sys_io_uring_register+0x55/0x70
[   71.877859][ T5077]  x64_sys_call+0xc91/0x2fb0
[   71.877889][ T5077]  do_syscall_64+0xd2/0x200
[   71.877925][ T5077]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   71.878029][ T5077]  ? clear_bhb_loop+0x40/0x90
[   71.878059][ T5077]  ? clear_bhb_loop+0x40/0x90
[   71.878127][ T5077]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.878152][ T5077] RIP: 0033:0x7fa53ec1e969
[   71.878172][ T5077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.878192][ T5077] RSP: 002b:00007fa53d287038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[   71.878264][ T5077] RAX: ffffffffffffffda RBX: 00007fa53ee45fa0 RCX: 00007fa53ec1e969
[   71.878281][ T5077] RDX: 0000200000000440 RSI: 0000000000000021 RDI: 0000000000000006
[   71.878370][ T5077] RBP: 00007fa53d287090 R08: 0000000000000000 R09: 0000000000000000
[   71.878386][ T5077] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[   71.878403][ T5077] R13: 0000000000000000 R14: 00007fa53ee45fa0 R15: 00007ffc40691668
[   71.878430][ T5077]  </TASK>
[   71.929386][ T5073] loop2: detected capacity change from 0 to 512
[   71.933263][ T5073] EXT4-fs: Ignoring removed mblk_io_submit option
[   71.936482][ T5073] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   71.977211][ T5073] EXT4-fs (loop2): 1 truncate cleaned up
[   71.978436][ T5073] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.245225][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.308541][ T5096] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.357755][ T5096] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.372929][ T5101] netlink: 'syz.2.548': attribute type 10 has an invalid length.
[   72.372951][ T5101] netlink: 40 bytes leftover after parsing attributes in process `syz.2.548'.
[   72.385340][ T5100] loop3: detected capacity change from 0 to 1024
[   72.385876][ T5100] EXT4-fs: Ignoring removed nobh option
[   72.385909][ T5100] EXT4-fs: Ignoring removed bh option
[   72.391099][ T5096] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.427931][ T5100] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.501739][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.507675][ T5110] hub 9-0:1.0: USB hub found
[   72.517179][ T5110] hub 9-0:1.0: 8 ports detected
[   72.517994][ T5096] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.596989][ T5096] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.610552][ T5121] random: crng reseeded on system resumption
[   72.624761][ T5096] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.638879][ T5096] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.659751][ T5096] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.697779][ T5123] FAULT_INJECTION: forcing a failure.
[   72.697779][ T5123] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   72.711983][ T5123] CPU: 0 UID: 0 PID: 5123 Comm: syz.0.558 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[   72.712016][ T5123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   72.712098][ T5123] Call Trace:
[   72.712105][ T5123]  <TASK>
[   72.712114][ T5123]  __dump_stack+0x1d/0x30
[   72.712136][ T5123]  dump_stack_lvl+0xe8/0x140
[   72.712157][ T5123]  dump_stack+0x15/0x1b
[   72.712258][ T5123]  should_fail_ex+0x265/0x280
[   72.712302][ T5123]  should_fail+0xb/0x20
[   72.712343][ T5123]  should_fail_usercopy+0x1a/0x20
[   72.712369][ T5123]  _copy_from_user+0x1c/0xb0
[   72.712456][ T5123]  kstrtouint_from_user+0x69/0xf0
[   72.712501][ T5123]  ? 0xffffffff81000000
[   72.712520][ T5123]  ? selinux_file_permission+0x1e4/0x320
[   72.712556][ T5123]  proc_fail_nth_write+0x50/0x160
[   72.712584][ T5123]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   72.712631][ T5123]  vfs_write+0x266/0x8e0
[   72.712652][ T5123]  ? vfs_read+0x47f/0x6f0
[   72.712718][ T5123]  ? __rcu_read_unlock+0x4f/0x70
[   72.712749][ T5123]  ? __fget_files+0x184/0x1c0
[   72.712805][ T5123]  ksys_write+0xda/0x1a0
[   72.712835][ T5123]  __x64_sys_write+0x40/0x50
[   72.712929][ T5123]  x64_sys_call+0x2cdd/0x2fb0
[   72.712989][ T5123]  do_syscall_64+0xd2/0x200
[   72.713017][ T5123]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   72.713116][ T5123]  ? clear_bhb_loop+0x40/0x90
[   72.713145][ T5123]  ? clear_bhb_loop+0x40/0x90
[   72.713175][ T5123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.713215][ T5123] RIP: 0033:0x7fec13add41f
[   72.713265][ T5123] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   72.713289][ T5123] RSP: 002b:00007fec12147030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   72.713391][ T5123] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fec13add41f
[   72.713408][ T5123] RDX: 0000000000000001 RSI: 00007fec121470a0 RDI: 0000000000000006
[   72.713482][ T5123] RBP: 00007fec12147090 R08: 0000000000000000 R09: 0000000000000000
[   72.713495][ T5123] R10: 0000000000000021 R11: 0000000000000293 R12: 0000000000000001
[   72.713508][ T5123] R13: 0000000000000000 R14: 00007fec13d05fa0 R15: 00007ffeb970fc68
[   72.713530][ T5123]  </TASK>
[   73.043924][ T5128] loop3: detected capacity change from 0 to 512
[   73.083664][ T5128] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.083798][ T5128] ext4 filesystem being mounted at /100/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   73.133250][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.183503][ T5143] loop3: detected capacity change from 0 to 164
[   73.184880][ T5143] iso9660: Unknown parameter '18446744073709551615'
[   73.242203][ T5143] sd 0:0:1:0: device reset
[   73.249001][ T5143] siw: device registration error -23
[   73.336933][ T5151] netlink: 8 bytes leftover after parsing attributes in process `syz.4.570'.
[   73.396230][ T5155] loop1: detected capacity change from 0 to 256
[   73.397597][ T5155] FAT-fs (loop1): Directory bread(block 1285) failed
[   73.415713][ T5151] netlink: 4 bytes leftover after parsing attributes in process `syz.4.570'.
[   73.917206][ T5160] netlink: 8 bytes leftover after parsing attributes in process `syz.0.572'.
[   73.952854][ T5160] netlink: 4 bytes leftover after parsing attributes in process `syz.0.572'.
[   73.981946][ T5162] random: crng reseeded on system resumption
[   74.282203][ T5184] random: crng reseeded on system resumption
[   74.438355][ T5187] loop1: detected capacity change from 0 to 256
[   74.449265][ T5187] FAT-fs (loop1): Directory bread(block 1285) failed
[   74.491322][ T5187] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.539186][ T5189] hub 1-0:1.0: USB hub found
[   74.544331][ T5189] hub 1-0:1.0: 8 ports detected
[   74.564117][ T5187] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.625477][ T5187] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.684849][ T5187] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.728758][ T5187] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.743065][ T5187] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.757819][ T5187] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.772079][ T5187] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.887363][ T5208] loop1: detected capacity change from 0 to 512
[   74.923646][ T5208] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.940842][ T5208] ext4 filesystem being mounted at /112/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   74.992172][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.068266][ T5215] loop1: detected capacity change from 0 to 256
[   75.115041][ T5215] FAT-fs (loop1): Directory bread(block 1285) failed
[   75.281036][ T5227] loop3: detected capacity change from 0 to 512
[   75.292266][ T5229] loop4: detected capacity change from 0 to 164
[   75.308172][ T5229] iso9660: Unknown parameter '18446744073709551615'
[   75.330010][ T5227] EXT4-fs: Ignoring removed oldalloc option
[   75.336622][ T5229] sd 0:0:1:0: device reset
[   75.347289][ T5229] siw: device registration error -23
[   75.389235][ T5227] ext4: Unknown parameter 'smackfsfloor'
[   75.419770][ T5227] loop3: detected capacity change from 0 to 512
[   75.443996][ T5227] EXT4-fs: Ignoring removed mblk_io_submit option
[   75.456378][ T5227] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   75.496597][ T5227] EXT4-fs (loop3): 1 truncate cleaned up
[   75.503676][ T5227] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.555868][ T5238] loop4: detected capacity change from 0 to 512
[   75.647410][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.677877][ T5238] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.699981][ T5238] ext4 filesystem being mounted at /111/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   75.747418][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.017656][ T5267] netlink: 'syz.4.612': attribute type 10 has an invalid length.
[   76.026096][ T5267] netlink: 40 bytes leftover after parsing attributes in process `syz.4.612'.
[   76.192720][   T29] kauditd_printk_skb: 1054 callbacks suppressed
[   76.192738][   T29] audit: type=1326 audit(1748722476.990:5375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5239 comm="syz.0.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fec13ad5927 code=0x7ffc0000
[   76.226515][   T29] audit: type=1326 audit(1748722476.990:5376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5239 comm="syz.0.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fec13a7ab39 code=0x7ffc0000
[   76.253672][   T29] audit: type=1326 audit(1748722476.990:5377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5239 comm="syz.0.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7fec13ade969 code=0x7ffc0000
[   76.285535][   T29] audit: type=1326 audit(1748722477.000:5378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5239 comm="syz.0.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fec13ad5927 code=0x7ffc0000
[   76.313425][   T29] audit: type=1326 audit(1748722477.000:5379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5239 comm="syz.0.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fec13a7ab39 code=0x7ffc0000
[   76.341908][   T29] audit: type=1326 audit(1748722477.000:5380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5239 comm="syz.0.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7fec13ade969 code=0x7ffc0000
[   76.369724][   T29] audit: type=1326 audit(1748722477.020:5381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5239 comm="syz.0.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fec13ad5927 code=0x7ffc0000
[   76.397520][   T29] audit: type=1326 audit(1748722477.020:5382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5239 comm="syz.0.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fec13a7ab39 code=0x7ffc0000
[   76.423571][   T29] audit: type=1326 audit(1748722477.020:5383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5239 comm="syz.0.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7fec13ade969 code=0x7ffc0000
[   76.450640][   T29] audit: type=1326 audit(1748722477.020:5384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5270 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa53ec1e969 code=0x7ffc0000
[   76.484117][ T5277] netlink: 4 bytes leftover after parsing attributes in process `syz.4.617'.
[   76.531631][ T5284] hub 9-0:1.0: USB hub found
[   76.537484][ T5284] hub 9-0:1.0: 8 ports detected
[   76.646490][ T5295] netlink: 8 bytes leftover after parsing attributes in process `syz.0.624'.
[   76.662271][ T5295] netlink: 4 bytes leftover after parsing attributes in process `syz.0.624'.
[   76.883195][ T5305] netlink: 4 bytes leftover after parsing attributes in process `syz.1.629'.
[   77.155671][ T5311] random: crng reseeded on system resumption
[   77.310973][ T5320] hub 9-0:1.0: USB hub found
[   77.315876][ T5320] hub 9-0:1.0: 8 ports detected
[   77.336040][ T5324] loop4: detected capacity change from 0 to 1024
[   77.345562][ T5324] EXT4-fs: Ignoring removed nobh option
[   77.352032][ T5324] EXT4-fs: Ignoring removed bh option
[   77.361979][ T5324] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.362175][ T5328] FAULT_INJECTION: forcing a failure.
[   77.362175][ T5328] name failslab, interval 1, probability 0, space 0, times 0
[   77.387259][ T5328] CPU: 0 UID: 0 PID: 5328 Comm: syz.0.637 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[   77.387308][ T5328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   77.387321][ T5328] Call Trace:
[   77.387333][ T5328]  <TASK>
[   77.387340][ T5328]  __dump_stack+0x1d/0x30
[   77.387365][ T5328]  dump_stack_lvl+0xe8/0x140
[   77.387390][ T5328]  dump_stack+0x15/0x1b
[   77.387411][ T5328]  should_fail_ex+0x265/0x280
[   77.387448][ T5328]  ? rtnl_newlink+0x5c/0x12d0
[   77.387491][ T5328]  should_failslab+0x8c/0xb0
[   77.387518][ T5328]  __kmalloc_cache_noprof+0x4c/0x320
[   77.387621][ T5328]  ? css_rstat_updated+0xcd/0x5b0
[   77.387664][ T5328]  rtnl_newlink+0x5c/0x12d0
[   77.387743][ T5328]  ? xfd_validate_state+0x45/0xf0
[   77.387771][ T5328]  ? __rcu_read_unlock+0x34/0x70
[   77.387840][ T5328]  ? cmp_ex_search+0x25/0x40
[   77.387879][ T5328]  ? bsearch+0x95/0xc0
[   77.387910][ T5328]  ? __pfx_cmp_ex_search+0x10/0x10
[   77.387950][ T5328]  ? strncpy_from_user+0x17d/0x230
[   77.388055][ T5328]  ? search_extable+0x53/0x80
[   77.388092][ T5328]  ? strncpy_from_user+0x17d/0x230
[   77.388152][ T5328]  ? strncpy_from_user+0x17d/0x230
[   77.388184][ T5328]  ? fixup_exception+0x72e/0xd00
[   77.388206][ T5328]  ? get_partial_node+0x2e0/0x320
[   77.388252][ T5328]  ? __kfree_skb+0x109/0x150
[   77.388337][ T5328]  ? __rcu_read_unlock+0x4f/0x70
[   77.388364][ T5328]  ? avc_has_perm_noaudit+0x1b1/0x200
[   77.388477][ T5328]  ? selinux_capable+0x1f9/0x270
[   77.388517][ T5328]  ? security_capable+0x83/0x90
[   77.388553][ T5328]  ? ns_capable+0x7d/0xb0
[   77.388626][ T5328]  ? __pfx_rtnl_newlink+0x10/0x10
[   77.388659][ T5328]  rtnetlink_rcv_msg+0x5fb/0x6d0
[   77.388707][ T5328]  netlink_rcv_skb+0x123/0x220
[   77.388743][ T5328]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   77.388792][ T5328]  rtnetlink_rcv+0x1c/0x30
[   77.388831][ T5328]  netlink_unicast+0x59e/0x670
[   77.388905][ T5328]  netlink_sendmsg+0x58b/0x6b0
[   77.388942][ T5328]  ? __pfx_netlink_sendmsg+0x10/0x10
[   77.388979][ T5328]  __sock_sendmsg+0x142/0x180
[   77.389029][ T5328]  ____sys_sendmsg+0x31e/0x4e0
[   77.389150][ T5328]  ___sys_sendmsg+0x17b/0x1d0
[   77.389206][ T5328]  __x64_sys_sendmsg+0xd4/0x160
[   77.389251][ T5328]  x64_sys_call+0x2999/0x2fb0
[   77.389280][ T5328]  do_syscall_64+0xd2/0x200
[   77.389310][ T5328]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   77.389375][ T5328]  ? clear_bhb_loop+0x40/0x90
[   77.389420][ T5328]  ? clear_bhb_loop+0x40/0x90
[   77.389488][ T5328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.389517][ T5328] RIP: 0033:0x7fec13ade969
[   77.389594][ T5328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.389618][ T5328] RSP: 002b:00007fec12147038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   77.389661][ T5328] RAX: ffffffffffffffda RBX: 00007fec13d05fa0 RCX: 00007fec13ade969
[   77.389674][ T5328] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[   77.389688][ T5328] RBP: 00007fec12147090 R08: 0000000000000000 R09: 0000000000000000
[   77.389708][ T5328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   77.389727][ T5328] R13: 0000000000000000 R14: 00007fec13d05fa0 R15: 00007ffeb970fc68
[   77.389755][ T5328]  </TASK>
[   77.750807][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.845197][ T5343] loop1: detected capacity change from 0 to 512
[   77.889684][ T5343] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.912742][ T5353] netlink: 'syz.4.640': attribute type 10 has an invalid length.
[   77.920817][ T5353] netlink: 40 bytes leftover after parsing attributes in process `syz.4.640'.
[   77.933945][ T5355] loop3: detected capacity change from 0 to 164
[   77.936275][ T5343] ext4 filesystem being mounted at /120/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   77.940875][ T5355] iso9660: Unknown parameter '18446744073709551615'
[   77.974085][ T5355] sd 0:0:1:0: device reset
[   78.009971][ T5355] siw: device registration error -23
[   78.018230][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.040021][ T5361] netlink: 4 bytes leftover after parsing attributes in process `syz.0.651'.
[   78.057581][ T5366] netlink: 32 bytes leftover after parsing attributes in process `syz.1.652'.
[   78.068570][ T5366] netlink: 48 bytes leftover after parsing attributes in process `syz.1.652'.
[   78.085624][ T5366] netlink: 48 bytes leftover after parsing attributes in process `syz.1.652'.
[   78.355119][ T5387] loop4: detected capacity change from 0 to 512
[   78.383710][ T5387] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.399091][ T5387] ext4 filesystem being mounted at /129/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   78.437129][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.556484][ T5403] loop1: detected capacity change from 0 to 1024
[   78.563633][ T5403] EXT4-fs: Ignoring removed nobh option
[   78.569426][ T5403] EXT4-fs: Ignoring removed bh option
[   78.591363][ T5403] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.617503][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.644866][ T5408] loop1: detected capacity change from 0 to 1024
[   78.652379][ T5408] EXT4-fs: Ignoring removed nobh option
[   78.658079][ T5408] EXT4-fs: Ignoring removed bh option
[   78.673513][ T5408] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.698067][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.900960][ T5429] atomic_op ffff888118f9cd28 conn xmit_atomic 0000000000000000
[   78.913490][ T5429] netlink: 'syz.2.673': attribute type 3 has an invalid length.
[   78.975063][ T5431] random: crng reseeded on system resumption
[   79.237438][ T5442] loop3: detected capacity change from 0 to 1024
[   79.244555][ T5442] EXT4-fs: Ignoring removed nobh option
[   79.250580][ T5442] EXT4-fs: Ignoring removed bh option
[   79.273398][ T5442] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.299419][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.350124][ T5449] loop3: detected capacity change from 0 to 1024
[   79.356846][ T5448] hub 9-0:1.0: USB hub found
[   79.362910][ T5448] hub 9-0:1.0: 8 ports detected
[   79.372891][ T5449] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.680: Failed to acquire dquot type 0
[   79.385822][ T5449] EXT4-fs (loop3): 1 truncate cleaned up
[   79.393296][ T5449] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.438156][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.589055][ T5467] loop2: detected capacity change from 0 to 164
[   79.596089][ T5467] iso9660: Unknown parameter '18446744073709551615'
[   79.605080][ T5467] sd 0:0:1:0: device reset
[   79.611427][ T5467] siw: device registration error -23
[   79.653792][ T5470] loop1: detected capacity change from 0 to 1024
[   79.660960][ T5470] EXT4-fs: Ignoring removed nobh option
[   79.666588][ T5470] EXT4-fs: Ignoring removed bh option
[   79.685281][ T5470] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.755599][ T5483] loop2: detected capacity change from 0 to 256
[   79.764585][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.804316][ T5483] usb usb9: usbfs: process 5483 (syz.2.694) did not claim interface 3 before use
[   79.814196][ T5487] hub 9-0:1.0: USB hub found
[   79.819058][ T5487] hub 9-0:1.0: 8 ports detected
[   79.986266][ T5506] loop1: detected capacity change from 0 to 1024
[   79.994324][ T5506] EXT4-fs: Ignoring removed nobh option
[   80.000129][ T5506] EXT4-fs: Ignoring removed bh option
[   80.022211][ T5506] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.051568][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.081987][ T5516] loop1: detected capacity change from 0 to 1024
[   80.098070][ T5516] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.708: Failed to acquire dquot type 0
[   80.110204][ T5516] EXT4-fs (loop1): 1 truncate cleaned up
[   80.116459][ T5516] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.140855][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.167317][ T5520] hub 9-0:1.0: USB hub found
[   80.172461][ T5520] hub 9-0:1.0: 8 ports detected
[   80.222008][ T5524] loop1: detected capacity change from 0 to 512
[   80.232278][ T5524] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.245577][ T5524] ext4 filesystem being mounted at /139/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   80.277683][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.357116][ T5534] loop4: detected capacity change from 0 to 512
[   80.396145][ T5534] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.421378][ T5534] ext4 filesystem being mounted at /134/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   80.453102][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.500229][ T5548] random: crng reseeded on system resumption
[   80.563880][ T5553] loop1: detected capacity change from 0 to 164
[   80.571115][ T5553] iso9660: Unknown parameter '18446744073709551615'
[   80.579647][ T5550] sd 0:0:1:0: device reset
[   80.824635][ T5577] loop2: detected capacity change from 0 to 512
[   80.845095][ T5577] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.858008][ T5577] ext4 filesystem being mounted at /151/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   80.887112][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.964258][ T5585] random: crng reseeded on system resumption
[   81.032220][ T5589] sd 0:0:1:0: device reset
[   81.039029][ T5587] siw: device registration error -23
[   81.124706][ T5595] __nla_validate_parse: 7 callbacks suppressed
[   81.124725][ T5595] netlink: 4 bytes leftover after parsing attributes in process `syz.2.738'.
[   81.482930][   T29] kauditd_printk_skb: 759 callbacks suppressed
[   81.482951][   T29] audit: type=1326 audit(1748722482.279:6140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5564 comm="syz.1.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=219 compat=0 ip=0x7fe3dff01225 code=0x7ffc0000
[   81.541997][   T29] audit: type=1326 audit(1748722482.279:6141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5564 comm="syz.1.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fe3dfece969 code=0x7ffc0000
[   81.699575][ T5636] loop4: detected capacity change from 0 to 1024
[   81.709328][ T5636] EXT4-fs: Ignoring removed nobh option
[   81.715112][ T5636] EXT4-fs: Ignoring removed bh option
[   81.731724][ T5636] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.758967][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.802069][ T5641] loop4: detected capacity change from 0 to 164
[   81.809896][ T5641] iso9660: Unknown parameter '18446744073709551615'
[   81.820616][ T5641] sd 0:0:1:0: device reset
[   81.834964][   T29] audit: type=1326 audit(1748722482.629:6142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5642 comm="syz.0.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec13ade969 code=0x7ffc0000
[   81.860202][   T29] audit: type=1326 audit(1748722482.629:6143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5642 comm="syz.0.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec13ade969 code=0x7ffc0000
[   81.865452][ T5643] netlink: 4 bytes leftover after parsing attributes in process `syz.0.757'.
[   81.893536][   T29] audit: type=1326 audit(1748722482.629:6144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5642 comm="syz.0.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fec13ade969 code=0x7ffc0000
[   81.911114][ T5646] siw: device registration error -23
[   81.918301][   T29] audit: type=1326 audit(1748722482.629:6145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5642 comm="syz.0.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec13ade969 code=0x7ffc0000
[   81.948021][   T29] audit: type=1326 audit(1748722482.629:6146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5642 comm="syz.0.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fec13ade969 code=0x7ffc0000
[   81.972242][   T29] audit: type=1326 audit(1748722482.629:6147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5642 comm="syz.0.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec13ade969 code=0x7ffc0000
[   81.997192][   T29] audit: type=1326 audit(1748722482.629:6148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5642 comm="syz.0.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec13ade969 code=0x7ffc0000
[   82.021285][   T29] audit: type=1326 audit(1748722482.629:6149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5642 comm="syz.0.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec13ade969 code=0x7ffc0000
[   82.195385][ T5672] loop2: detected capacity change from 0 to 1024
[   82.202770][ T5672] EXT4-fs: Ignoring removed nobh option
[   82.208510][ T5672] EXT4-fs: Ignoring removed bh option
[   82.237630][ T5672] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.254711][ T5673] loop4: detected capacity change from 0 to 1024
[   82.261750][ T5678] loop3: detected capacity change from 0 to 164
[   82.274238][ T5678] iso9660: Unknown parameter '18446744073709551615'
[   82.274403][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.282201][ T5673] EXT4-fs: Ignoring removed nobh option
[   82.296122][ T5673] EXT4-fs: Ignoring removed bh option
[   82.302994][ T5678] sd 0:0:1:0: device reset
[   82.309105][ T5678] siw: device registration error -23
[   82.336238][ T5673] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.349178][ T5683] netlink: 32 bytes leftover after parsing attributes in process `syz.3.771'.
[   82.358669][ T5683] netlink: 48 bytes leftover after parsing attributes in process `syz.3.771'.
[   82.373660][ T5683] netlink: 48 bytes leftover after parsing attributes in process `syz.3.771'.
[   82.397721][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.444879][ T5692] random: crng reseeded on system resumption
[   82.585758][ T5708] loop1: detected capacity change from 0 to 128
[   82.621021][ T5712] loop2: detected capacity change from 0 to 164
[   82.633743][ T5712] iso9660: Unknown parameter '18446744073709551615'
[   82.642110][ T5712] sd 0:0:1:0: device reset
[   82.648002][ T5712] siw: device registration error -23
[   82.717041][ T5718] loop2: detected capacity change from 0 to 1024
[   82.727832][ T5716] loop4: detected capacity change from 0 to 512
[   82.744752][ T5718] EXT4-fs: Ignoring removed nobh option
[   82.750528][ T5718] EXT4-fs: Ignoring removed bh option
[   82.771235][ T5716] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.791469][ T5716] ext4 filesystem being mounted at /153/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   82.811141][ T5721] loop3: detected capacity change from 0 to 512
[   82.811487][ T5718] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.824663][ T5721] EXT4-fs: Ignoring removed oldalloc option
[   82.853826][ T5721] ext4: Unknown parameter 'smackfsfloor'
[   82.866699][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.888562][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.911340][ T5727] netlink: 32 bytes leftover after parsing attributes in process `syz.4.787'.
[   82.930737][ T5714] loop3: detected capacity change from 0 to 512
[   82.938277][ T5727] netlink: 48 bytes leftover after parsing attributes in process `syz.4.787'.
[   82.945094][ T5714] EXT4-fs: Ignoring removed mblk_io_submit option
[   82.947720][ T5727] netlink: 48 bytes leftover after parsing attributes in process `syz.4.787'.
[   82.995027][ T5714] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   83.026764][ T5714] EXT4-fs (loop3): 1 truncate cleaned up
[   83.033642][ T5714] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.127537][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.251376][ T5748] netlink: 4 bytes leftover after parsing attributes in process `syz.2.795'.
[   83.367216][ T5764] loop3: detected capacity change from 0 to 256
[   83.387613][ T5764] FAT-fs (loop3): Directory bread(block 1285) failed
[   83.416473][ T5766] loop1: detected capacity change from 0 to 1024
[   83.424814][ T5766] EXT4-fs: Ignoring removed nobh option
[   83.430551][ T5766] EXT4-fs: Ignoring removed bh option
[   83.453036][ T5766] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.498041][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.603913][ T5780] loop4: detected capacity change from 0 to 1024
[   83.622025][ T5780] EXT4-fs: Ignoring removed nobh option
[   83.627704][ T5780] EXT4-fs: Ignoring removed bh option
[   83.634470][ T5784] netlink: 8 bytes leftover after parsing attributes in process `syz.1.808'.
[   83.673160][ T5780] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.687869][ T5791] hub 9-0:1.0: USB hub found
[   83.692808][ T5791] hub 9-0:1.0: 8 ports detected
[   83.706627][ T5794] loop3: detected capacity change from 0 to 128
[   83.739668][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.775935][ T5800] loop4: detected capacity change from 0 to 1024
[   83.787026][ T5800] EXT4-fs: Ignoring removed nobh option
[   83.792976][ T5800] EXT4-fs: Ignoring removed bh option
[   83.813572][ T5800] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.843281][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.867367][ T5810] sd 0:0:1:0: device reset
[   83.874783][ T5810] siw: device registration error -23
[   84.112872][ T5832] loop2: detected capacity change from 0 to 512
[   84.140075][ T5832] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.157542][ T5832] ext4 filesystem being mounted at /175/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.497528][ T5836] loop3: detected capacity change from 0 to 1024
[   84.501933][ T5836] EXT4-fs: Ignoring removed nobh option
[   84.510759][ T5836] EXT4-fs: Ignoring removed bh option
[   84.549795][ T5836] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.566058][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.654100][ T5842] loop1: detected capacity change from 0 to 164
[   84.667226][ T5842] iso9660: Unknown parameter '18446744073709551615'
[   84.678033][ T5842] sd 0:0:1:0: device reset
[   84.755308][ T5848] hub 9-0:1.0: USB hub found
[   84.755407][ T5848] hub 9-0:1.0: 8 ports detected
[   84.881490][ T5855] loop4: detected capacity change from 0 to 512
[   84.915541][ T5855] EXT4-fs: Ignoring removed oldalloc option
[   84.915635][ T5855] ext4: Unknown parameter 'smackfsfloor'
[   85.024766][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.062606][ T5866] loop1: detected capacity change from 0 to 128
[   85.105441][ T5827] syz.0.826 (5827) used greatest stack depth: 6096 bytes left
[   85.148944][ T5871] loop2: detected capacity change from 0 to 164
[   85.179448][ T5871] iso9660: Unknown parameter '18446744073709551615'
[   85.207448][ T5871] sd 0:0:1:0: device reset
[   85.214521][ T5871] siw: device registration error -23
[   85.320164][ T5890] random: crng reseeded on system resumption
[   85.478540][ T5893] infiniband syz1: set active
[   85.483487][ T5893] infiniband syz1: added veth0_to_bridge
[   85.495473][ T5893] RDS/IB: syz1: added
[   85.499772][ T5893] smc: adding ib device syz1 with port count 1
[   85.506040][ T5893] smc:    ib device syz1 port 1 has pnetid 
[   85.706220][ T5898] loop2: detected capacity change from 0 to 512
[   85.714995][ T5897] loop3: detected capacity change from 0 to 512
[   85.733830][ T5897] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.743963][ T5898] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.759147][ T5898] ext4 filesystem being mounted at /184/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   85.764614][ T5897] ext4 filesystem being mounted at /150/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   85.946815][ T5920] random: crng reseeded on system resumption
[   86.038216][ T5923] FAULT_INJECTION: forcing a failure.
[   86.038216][ T5923] name failslab, interval 1, probability 0, space 0, times 0
[   86.051041][ T5923] CPU: 1 UID: 0 PID: 5923 Comm: syz.2.863 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[   86.051141][ T5923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   86.051159][ T5923] Call Trace:
[   86.051168][ T5923]  <TASK>
[   86.051178][ T5923]  __dump_stack+0x1d/0x30
[   86.051208][ T5923]  dump_stack_lvl+0xe8/0x140
[   86.051275][ T5923]  dump_stack+0x15/0x1b
[   86.051292][ T5923]  should_fail_ex+0x265/0x280
[   86.051329][ T5923]  should_failslab+0x8c/0xb0
[   86.051392][ T5923]  __kmalloc_noprof+0xa5/0x3e0
[   86.051427][ T5923]  ? tun_device_event+0x3f1/0x980
[   86.051461][ T5923]  tun_device_event+0x3f1/0x980
[   86.051543][ T5923]  ? bond_netdev_event+0x5c/0x750
[   86.051642][ T5923]  ? inetdev_event+0x566/0xc10
[   86.051667][ T5923]  ? macvtap_device_event+0x58/0x300
[   86.051694][ T5923]  ? __pfx_tun_device_event+0x10/0x10
[   86.051729][ T5923]  raw_notifier_call_chain+0x6c/0x1b0
[   86.051764][ T5923]  ? call_netdevice_notifiers_info+0x9c/0x100
[   86.051843][ T5923]  call_netdevice_notifiers_info+0xae/0x100
[   86.051978][ T5923]  netif_change_tx_queue_len+0xba/0x170
[   86.052011][ T5923]  dev_change_tx_queue_len+0xc0/0x170
[   86.052040][ T5923]  dev_ifsioc+0x1a1/0xaa0
[   86.052113][ T5923]  ? __rcu_read_unlock+0x4f/0x70
[   86.052138][ T5923]  dev_ioctl+0x70a/0x960
[   86.052170][ T5923]  sock_do_ioctl+0x197/0x220
[   86.052269][ T5923]  sock_ioctl+0x41b/0x610
[   86.052301][ T5923]  ? __pfx_sock_ioctl+0x10/0x10
[   86.052336][ T5923]  __se_sys_ioctl+0xcb/0x140
[   86.052388][ T5923]  __x64_sys_ioctl+0x43/0x50
[   86.052422][ T5923]  x64_sys_call+0x19a8/0x2fb0
[   86.052443][ T5923]  do_syscall_64+0xd2/0x200
[   86.052476][ T5923]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   86.052563][ T5923]  ? clear_bhb_loop+0x40/0x90
[   86.052585][ T5923]  ? clear_bhb_loop+0x40/0x90
[   86.052608][ T5923]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.052637][ T5923] RIP: 0033:0x7fe21cb4e969
[   86.052656][ T5923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.052695][ T5923] RSP: 002b:00007fe21b1b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   86.052717][ T5923] RAX: ffffffffffffffda RBX: 00007fe21cd75fa0 RCX: 00007fe21cb4e969
[   86.052734][ T5923] RDX: 0000200000002280 RSI: 0000000000008943 RDI: 0000000000000005
[   86.052750][ T5923] RBP: 00007fe21b1b7090 R08: 0000000000000000 R09: 0000000000000000
[   86.052766][ T5923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.052781][ T5923] R13: 0000000000000000 R14: 00007fe21cd75fa0 R15: 00007ffd1513bb08
[   86.052888][ T5923]  </TASK>
[   86.052901][ T5923] syzkaller0: refused to change device tx_queue_len
[   86.334644][ T5932] __nla_validate_parse: 7 callbacks suppressed
[   86.334668][ T5932] netlink: 4 bytes leftover after parsing attributes in process `syz.0.865'.
[   86.357114][ T5943] loop1: detected capacity change from 0 to 512
[   86.375623][ T5943] ext4 filesystem being mounted at /168/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   86.493925][   T29] kauditd_printk_skb: 1118 callbacks suppressed
[   86.493947][   T29] audit: type=1326 audit(1748722487.288:7268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5924 comm="syz.3.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbe6d475927 code=0x7ffc0000
[   86.524747][   T29] audit: type=1326 audit(1748722487.288:7269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5924 comm="syz.3.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbe6d41ab39 code=0x7ffc0000
[   86.548513][   T29] audit: type=1326 audit(1748722487.288:7270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5924 comm="syz.3.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7fbe6d47e969 code=0x7ffc0000
[   86.548697][ T5957] loop2: detected capacity change from 0 to 128
[   86.571962][   T29] audit: type=1326 audit(1748722487.318:7271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5924 comm="syz.3.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbe6d475927 code=0x7ffc0000
[   86.602512][   T29] audit: type=1326 audit(1748722487.318:7272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5924 comm="syz.3.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbe6d41ab39 code=0x7ffc0000
[   86.626455][   T29] audit: type=1326 audit(1748722487.318:7273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5924 comm="syz.3.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbe6d475927 code=0x7ffc0000
[   86.652409][   T29] audit: type=1326 audit(1748722487.318:7274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5924 comm="syz.3.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbe6d41ab39 code=0x7ffc0000
[   86.678555][   T29] audit: type=1326 audit(1748722487.318:7275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5924 comm="syz.3.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7fbe6d47e969 code=0x7ffc0000
[   86.705313][   T29] audit: type=1326 audit(1748722487.368:7276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5924 comm="syz.3.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbe6d475927 code=0x7ffc0000
[   86.729829][   T29] audit: type=1326 audit(1748722487.368:7277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5924 comm="syz.3.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbe6d41ab39 code=0x7ffc0000
[   86.789592][ T5968] loop1: detected capacity change from 0 to 164
[   86.797275][ T5968] iso9660: Unknown parameter '18446744073709551615'
[   86.805713][ T5968] sd 0:0:1:0: device reset
[   86.836901][ T5970] loop1: detected capacity change from 0 to 1024
[   86.846550][ T5970] EXT4-fs: Ignoring removed nobh option
[   86.852367][ T5970] EXT4-fs: Ignoring removed bh option
[   87.016640][ T5992] netlink: 32 bytes leftover after parsing attributes in process `syz.0.887'.
[   87.025912][ T5992] netlink: 48 bytes leftover after parsing attributes in process `syz.0.887'.
[   87.035005][ T5992] netlink: 48 bytes leftover after parsing attributes in process `syz.0.887'.
[   87.044887][ T5994] loop1: detected capacity change from 0 to 164
[   87.056714][ T5994] iso9660: Unknown parameter '18446744073709551615'
[   87.067355][ T5994] sd 0:0:1:0: device reset
[   87.133189][ T5997] netlink: 4 bytes leftover after parsing attributes in process `syz.1.889'.
[   87.496902][ T6017] netlink: 8 bytes leftover after parsing attributes in process `syz.0.895'.
[   87.552620][ T6017] netlink: 4 bytes leftover after parsing attributes in process `syz.0.895'.
[   87.926564][ T6031] loop3: detected capacity change from 0 to 128
[   87.981751][ T6033] netlink: 32 bytes leftover after parsing attributes in process `syz.1.903'.
[   87.991220][ T6033] netlink: 48 bytes leftover after parsing attributes in process `syz.1.903'.
[   88.000196][ T6033] netlink: 48 bytes leftover after parsing attributes in process `syz.1.903'.
[   88.348589][ T6051] loop2: detected capacity change from 0 to 512
[   88.367782][ T6051] EXT4-fs: Ignoring removed oldalloc option
[   88.378976][ T6051] ext4: Unknown parameter 'smackfsfloor'
[   88.398064][ T6050] loop2: detected capacity change from 0 to 512
[   88.413334][ T6050] EXT4-fs: Ignoring removed mblk_io_submit option
[   88.420459][ T6050] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   88.434457][ T6050] EXT4-fs (loop2): 1 truncate cleaned up
[   88.510981][ T6059] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.553172][ T6059] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.558047][ T6063] loop2: detected capacity change from 0 to 1024
[   88.570588][ T6063] EXT4-fs: Ignoring removed nobh option
[   88.576983][ T6063] EXT4-fs: Ignoring removed bh option
[   88.620793][ T6059] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.663606][ T6059] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.708801][ T6075] loop2: detected capacity change from 0 to 164
[   88.717616][ T6075] iso9660: Unknown parameter '18446744073709551615'
[   88.730998][ T6075] sd 0:0:1:0: device reset
[   88.739505][ T6075] siw: device registration error -23
[   88.745908][ T6059] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.769663][ T6059] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.800528][ T6059] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.813694][ T6059] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.904764][ T6084] loop2: detected capacity change from 0 to 512
[   88.931386][ T6082] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.944660][ T6084] ext4 filesystem being mounted at /200/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   88.988711][ T6093] loop4: detected capacity change from 0 to 1024
[   89.002611][ T6093] EXT4-fs: Ignoring removed nobh option
[   89.008287][ T6093] EXT4-fs: Ignoring removed bh option
[   89.029644][ T6082] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.074916][ T6082] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.125308][ T6106] loop2: detected capacity change from 0 to 512
[   89.153834][ T6082] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.158964][ T6110] loop4: detected capacity change from 0 to 164
[   89.178745][ T6110] iso9660: Unknown parameter '18446744073709551615'
[   89.194944][ T6114] capability: warning: `syz.1.933' uses deprecated v2 capabilities in a way that may be insecure
[   89.201533][ T6106] ext4 filesystem being mounted at /201/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   89.217608][ T6110] sd 0:0:1:0: device reset
[   89.224103][ T6110] siw: device registration error -23
[   89.246440][ T6114] loop1: detected capacity change from 0 to 512
[   89.260609][ T6114] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   89.270728][ T6114] EXT4-fs (loop1): inodes count not valid: 0 vs 32
[   89.298929][ T6082] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.313138][ T6082] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.347666][ T6082] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.365190][ T6114] lo speed is unknown, defaulting to 1000
[   89.368875][ T6082] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.620023][ T6149] loop1: detected capacity change from 0 to 128
[   89.669442][ T6149] bio_check_eod: 13 callbacks suppressed
[   89.669457][ T6149] syz.1.945: attempt to access beyond end of device
[   89.669457][ T6149] loop1: rw=0, sector=121, nr_sectors = 120 limit=128
[   89.702893][ T1088] kworker/u8:6: attempt to access beyond end of device
[   89.702893][ T1088] loop1: rw=1, sector=241, nr_sectors = 800 limit=128
[   89.756553][ T6155] loop1: detected capacity change from 0 to 512
[   89.774423][ T6155] ext4 filesystem being mounted at /198/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   90.013764][ T6165] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.053387][ T6165] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.103669][ T6165] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.143450][ T6165] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.289795][ T6190] loop3: detected capacity change from 0 to 512
[   90.326448][ T6195] loop2: detected capacity change from 0 to 164
[   90.354732][ T6195] iso9660: Unknown parameter '18446744073709551615'
[   90.364954][ T6195] sd 0:0:1:0: device reset
[   90.375449][ T6195] siw: device registration error -23
[   90.383439][ T6190] ext4 filesystem being mounted at /165/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.391475][ T6199] loop4: detected capacity change from 0 to 1024
[   90.435498][ T6199] FAULT_INJECTION: forcing a failure.
[   90.435498][ T6199] name failslab, interval 1, probability 0, space 0, times 0
[   90.448428][ T6199] CPU: 0 UID: 0 PID: 6199 Comm: syz.4.965 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[   90.448459][ T6199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   90.448525][ T6199] Call Trace:
[   90.448536][ T6199]  <TASK>
[   90.448585][ T6199]  __dump_stack+0x1d/0x30
[   90.448614][ T6199]  dump_stack_lvl+0xe8/0x140
[   90.448641][ T6199]  dump_stack+0x15/0x1b
[   90.448777][ T6199]  should_fail_ex+0x265/0x280
[   90.448825][ T6199]  ? __iomap_dio_rw+0x14b/0x1250
[   90.448937][ T6199]  should_failslab+0x8c/0xb0
[   90.448978][ T6199]  __kmalloc_cache_noprof+0x4c/0x320
[   90.449064][ T6199]  __iomap_dio_rw+0x14b/0x1250
[   90.449106][ T6199]  ? css_rstat_updated+0xcd/0x5b0
[   90.449152][ T6199]  ? schedule+0x5f/0xd0
[   90.449281][ T6199]  ? __mod_memcg_lruvec_state+0x130/0x280
[   90.449336][ T6199]  ? ext4_journal_check_start+0x11a/0x1b0
[   90.449380][ T6199]  iomap_dio_rw+0x40/0x90
[   90.449426][ T6199]  ext4_file_write_iter+0xad9/0xf00
[   90.449477][ T6199]  iter_file_splice_write+0x5f2/0x970
[   90.449600][ T6199]  ? __pfx_iter_file_splice_write+0x10/0x10
[   90.449663][ T6199]  direct_splice_actor+0x153/0x2a0
[   90.449722][ T6199]  ? ext4_release_file+0x111/0x1c0
[   90.449755][ T6199]  splice_direct_to_actor+0x30f/0x680
[   90.449869][ T6199]  ? __pfx_direct_splice_actor+0x10/0x10
[   90.449935][ T6199]  do_splice_direct+0xda/0x150
[   90.450047][ T6199]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   90.450101][ T6199]  do_sendfile+0x380/0x650
[   90.450155][ T6199]  __x64_sys_sendfile64+0x105/0x150
[   90.450273][ T6199]  x64_sys_call+0xb39/0x2fb0
[   90.450303][ T6199]  do_syscall_64+0xd2/0x200
[   90.450361][ T6199]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   90.450400][ T6199]  ? clear_bhb_loop+0x40/0x90
[   90.450427][ T6199]  ? clear_bhb_loop+0x40/0x90
[   90.450459][ T6199]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.450501][ T6199] RIP: 0033:0x7fa53ec1e969
[   90.450523][ T6199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.450550][ T6199] RSP: 002b:00007fa53d287038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   90.450643][ T6199] RAX: ffffffffffffffda RBX: 00007fa53ee45fa0 RCX: 00007fa53ec1e969
[   90.450662][ T6199] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000007
[   90.450679][ T6199] RBP: 00007fa53d287090 R08: 0000000000000000 R09: 0000000000000000
[   90.450705][ T6199] R10: 000000000003ffff R11: 0000000000000246 R12: 0000000000000001
[   90.450723][ T6199] R13: 0000000000000000 R14: 00007fa53ee45fa0 R15: 00007ffc40691668
[   90.450752][ T6199]  </TASK>
[   90.466150][ T6204] loop2: detected capacity change from 0 to 512
[   90.735508][ T6204] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #3: comm syz.2.966: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   90.789174][ T6204] EXT4-fs error (device loop2): ext4_quota_enable:7127: comm syz.2.966: Bad quota inode: 3, type: 0
[   90.789383][ T6204] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   90.789515][ T6204] EXT4-fs (loop2): mount failed
[   91.306227][ T6238] loop3: detected capacity change from 0 to 512
[   91.329890][ T6238] EXT4-fs: Ignoring removed oldalloc option
[   91.350249][ T6238] ext4: Unknown parameter 'smackfsfloor'
[   91.377550][ T6244] FAULT_INJECTION: forcing a failure.
[   91.377550][ T6244] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   91.390800][ T6244] CPU: 0 UID: 0 PID: 6244 Comm: syz.4.982 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[   91.390829][ T6244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   91.390845][ T6244] Call Trace:
[   91.390852][ T6244]  <TASK>
[   91.390862][ T6244]  __dump_stack+0x1d/0x30
[   91.390916][ T6244]  dump_stack_lvl+0xe8/0x140
[   91.390943][ T6244]  dump_stack+0x15/0x1b
[   91.390962][ T6244]  should_fail_ex+0x265/0x280
[   91.391062][ T6244]  should_fail+0xb/0x20
[   91.391126][ T6244]  should_fail_usercopy+0x1a/0x20
[   91.391183][ T6244]  strncpy_from_user+0x25/0x230
[   91.391214][ T6244]  ? kmem_cache_alloc_noprof+0x186/0x310
[   91.391250][ T6244]  ? getname_flags+0x80/0x3b0
[   91.391283][ T6244]  getname_flags+0xae/0x3b0
[   91.391314][ T6244]  __x64_sys_execve+0x42/0x70
[   91.391406][ T6244]  x64_sys_call+0x13ab/0x2fb0
[   91.391425][ T6233] loop3: detected capacity change from 0 to 512
[   91.391431][ T6244]  do_syscall_64+0xd2/0x200
[   91.391505][ T6244]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   91.391558][ T6244]  ? clear_bhb_loop+0x40/0x90
[   91.391604][ T6244]  ? clear_bhb_loop+0x40/0x90
[   91.391637][ T6244]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.391668][ T6244] RIP: 0033:0x7fa53ec1e969
[   91.391691][ T6244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.391731][ T6244] RSP: 002b:00007fa53d287038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[   91.391758][ T6244] RAX: ffffffffffffffda RBX: 00007fa53ee45fa0 RCX: 00007fa53ec1e969
[   91.391803][ T6244] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000003040
[   91.391821][ T6244] RBP: 00007fa53d287090 R08: 0000000000000000 R09: 0000000000000000
[   91.391835][ T6244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.391849][ T6244] R13: 0000000000000000 R14: 00007fa53ee45fa0 R15: 00007ffc40691668
[   91.391870][ T6244]  </TASK>
[   91.569908][ T6246] random: crng reseeded on system resumption
[   91.594737][ T6233] EXT4-fs: Ignoring removed mblk_io_submit option
[   91.601589][   T29] kauditd_printk_skb: 1584 callbacks suppressed
[   91.601607][   T29] audit: type=1326 audit(1748722492.338:8862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6219 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fec13ad5927 code=0x7ffc0000
[   91.631611][   T29] audit: type=1326 audit(1748722492.338:8863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6219 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fec13a7ab39 code=0x7ffc0000
[   91.655168][   T29] audit: type=1326 audit(1748722492.338:8864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6219 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7fec13ade969 code=0x7ffc0000
[   91.678723][   T29] audit: type=1326 audit(1748722492.348:8865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6219 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fec13ad5927 code=0x7ffc0000
[   91.701987][   T29] audit: type=1326 audit(1748722492.348:8866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6219 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fec13a7ab39 code=0x7ffc0000
[   91.725499][   T29] audit: type=1326 audit(1748722492.348:8867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6219 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7fec13ade969 code=0x7ffc0000
[   91.732217][ T6249] loop2: detected capacity change from 0 to 128
[   91.749354][   T29] audit: type=1326 audit(1748722492.358:8868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6219 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fec13ad5927 code=0x7ffc0000
[   91.773309][ T6233] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   91.779135][   T29] audit: type=1326 audit(1748722492.358:8869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6219 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fec13a7ab39 code=0x7ffc0000
[   91.812391][   T29] audit: type=1326 audit(1748722492.358:8870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6219 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7fec13ade969 code=0x7ffc0000
[   91.832495][ T6233] EXT4-fs (loop3): 1 truncate cleaned up
[   91.838233][   T29] audit: type=1326 audit(1748722492.488:8871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6245 comm="syz.4.983" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa53ec1e969 code=0x0
[   92.350371][ T6165] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.360247][ T6165] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.369750][ T6165] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.394524][ T6165] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.421668][ T6269] FAULT_INJECTION: forcing a failure.
[   92.421668][ T6269] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   92.421727][ T6269] CPU: 0 UID: 0 PID: 6269 Comm: syz.4.991 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[   92.421764][ T6269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   92.421821][ T6269] Call Trace:
[   92.421829][ T6269]  <TASK>
[   92.421839][ T6269]  __dump_stack+0x1d/0x30
[   92.421866][ T6269]  dump_stack_lvl+0xe8/0x140
[   92.421893][ T6269]  dump_stack+0x15/0x1b
[   92.421915][ T6269]  should_fail_ex+0x265/0x280
[   92.421962][ T6269]  should_fail+0xb/0x20
[   92.422101][ T6269]  should_fail_usercopy+0x1a/0x20
[   92.422154][ T6269]  strncpy_from_user+0x25/0x230
[   92.422186][ T6269]  ? kmem_cache_alloc_noprof+0x186/0x310
[   92.422224][ T6269]  ? getname_flags+0x80/0x3b0
[   92.422277][ T6269]  getname_flags+0xae/0x3b0
[   92.422313][ T6269]  io_openat_prep+0x129/0x2b0
[   92.422344][ T6269]  io_submit_sqes+0x5e2/0xfd0
[   92.422450][ T6269]  __se_sys_io_uring_enter+0x1c1/0x1b70
[   92.422496][ T6269]  ? 0xffffffff81000000
[   92.422522][ T6269]  ? __rcu_read_unlock+0x4f/0x70
[   92.422613][ T6269]  ? get_pid_task+0x96/0xd0
[   92.422641][ T6269]  ? proc_fail_nth_write+0x12d/0x160
[   92.422669][ T6269]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   92.422696][ T6269]  ? vfs_write+0x75e/0x8e0
[   92.422739][ T6269]  ? __rcu_read_unlock+0x4f/0x70
[   92.422770][ T6269]  ? __fget_files+0x184/0x1c0
[   92.422802][ T6269]  ? fput+0x8f/0xc0
[   92.422840][ T6269]  __x64_sys_io_uring_enter+0x78/0x90
[   92.422894][ T6269]  x64_sys_call+0x28c8/0x2fb0
[   92.422925][ T6269]  do_syscall_64+0xd2/0x200
[   92.422959][ T6269]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   92.422993][ T6269]  ? clear_bhb_loop+0x40/0x90
[   92.423023][ T6269]  ? clear_bhb_loop+0x40/0x90
[   92.423085][ T6269]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.423116][ T6269] RIP: 0033:0x7fa53ec1e969
[   92.423136][ T6269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.423214][ T6269] RSP: 002b:00007fa53d287038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   92.423240][ T6269] RAX: ffffffffffffffda RBX: 00007fa53ee45fa0 RCX: 00007fa53ec1e969
[   92.423258][ T6269] RDX: 0000000000000000 RSI: 00000000000047f6 RDI: 0000000000000003
[   92.423276][ T6269] RBP: 00007fa53d287090 R08: 0000000000000000 R09: 0000000000000000
[   92.423293][ T6269] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[   92.423310][ T6269] R13: 0000000000000000 R14: 00007fa53ee45fa0 R15: 00007ffc40691668
[   92.423338][ T6269]  </TASK>
[   92.485091][ T6272] loop4: detected capacity change from 0 to 512
[   92.503935][ T6274] __nla_validate_parse: 9 callbacks suppressed
[   92.503957][ T6274] netlink: 8 bytes leftover after parsing attributes in process `syz.1.994'.
[   92.546798][ T6272] ext4 filesystem being mounted at /190/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   92.654284][ T6282] netlink: 4 bytes leftover after parsing attributes in process `syz.2.995'.
[   92.663450][ T6283] netlink: 4 bytes leftover after parsing attributes in process `syz.1.994'.
[   92.917511][ T6297] random: crng reseeded on system resumption
[   92.987694][ T6304] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1003'.
[   92.997371][ T6304] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1003'.
[   93.009979][ T6304] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1003'.
[   93.130861][ T6308] FAULT_INJECTION: forcing a failure.
[   93.130861][ T6308] name failslab, interval 1, probability 0, space 0, times 0
[   93.143939][ T6308] CPU: 0 UID: 0 PID: 6308 Comm: syz.4.1005 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[   93.143998][ T6308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   93.144014][ T6308] Call Trace:
[   93.144022][ T6308]  <TASK>
[   93.144031][ T6308]  __dump_stack+0x1d/0x30
[   93.144088][ T6308]  dump_stack_lvl+0xe8/0x140
[   93.144110][ T6308]  dump_stack+0x15/0x1b
[   93.144129][ T6308]  should_fail_ex+0x265/0x280
[   93.144236][ T6308]  should_failslab+0x8c/0xb0
[   93.144262][ T6308]  __kmalloc_noprof+0xa5/0x3e0
[   93.144367][ T6308]  ? kobject_get_path+0x92/0x1c0
[   93.144438][ T6308]  kobject_get_path+0x92/0x1c0
[   93.144475][ T6308]  input_devices_seq_show+0x36/0x470
[   93.144502][ T6308]  seq_read_iter+0x62a/0x940
[   93.144539][ T6308]  seq_read+0x1f7/0x240
[   93.144597][ T6308]  ? __pfx_seq_read+0x10/0x10
[   93.144639][ T6308]  proc_reg_read+0x125/0x1c0
[   93.144668][ T6308]  ? __pfx_proc_reg_read+0x10/0x10
[   93.144696][ T6308]  vfs_readv+0x3fb/0x690
[   93.144772][ T6308]  __x64_sys_preadv+0xfd/0x1c0
[   93.144798][ T6308]  x64_sys_call+0x1503/0x2fb0
[   93.144823][ T6308]  do_syscall_64+0xd2/0x200
[   93.144925][ T6308]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.145002][ T6308]  ? clear_bhb_loop+0x40/0x90
[   93.145027][ T6308]  ? clear_bhb_loop+0x40/0x90
[   93.145056][ T6308]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.145080][ T6308] RIP: 0033:0x7fa53ec1e969
[   93.145098][ T6308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.145140][ T6308] RSP: 002b:00007fa53d287038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[   93.145161][ T6308] RAX: ffffffffffffffda RBX: 00007fa53ee45fa0 RCX: 00007fa53ec1e969
[   93.145174][ T6308] RDX: 0000000000000001 RSI: 00002000000015c0 RDI: 0000000000000003
[   93.145187][ T6308] RBP: 00007fa53d287090 R08: 0000000000000003 R09: 0000000000000000
[   93.145201][ T6308] R10: 00000000000000f0 R11: 0000000000000246 R12: 0000000000000001
[   93.145214][ T6308] R13: 0000000000000000 R14: 00007fa53ee45fa0 R15: 00007ffc40691668
[   93.145236][ T6308]  </TASK>
[   93.415644][ T6314] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1008'.
[   93.654053][ T6329] loop2: detected capacity change from 0 to 164
[   93.668747][ T6329] iso9660: Unknown parameter '18446744073709551615'
[   93.680806][ T6329] sd 0:0:1:0: device reset
[   93.691425][ T6329] siw: device registration error -23
[   93.801291][ T6340] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1021'.
[   93.873347][ T6346] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.934411][ T6346] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.950803][ T6360] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1025'.
[   93.951085][ T6353] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1019'.
[   94.008051][ T6365] loop1: detected capacity change from 0 to 512
[   94.024632][ T6365] ext4 filesystem being mounted at /212/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   94.037560][ T6346] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.076249][ T6371] loop1: detected capacity change from 0 to 164
[   94.083558][ T6371] iso9660: Unknown parameter '18446744073709551615'
[   94.093599][ T6346] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.104718][ T6371] sd 0:0:1:0: device reset
[   94.155897][ T6346] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.168325][ T6346] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.183800][ T6346] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.198396][ T6346] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.265837][ T6380] FAULT_INJECTION: forcing a failure.
[   94.265837][ T6380] name failslab, interval 1, probability 0, space 0, times 0
[   94.278712][ T6380] CPU: 1 UID: 0 PID: 6380 Comm: syz.2.1034 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[   94.278744][ T6380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.278762][ T6380] Call Trace:
[   94.278771][ T6380]  <TASK>
[   94.278782][ T6380]  __dump_stack+0x1d/0x30
[   94.278808][ T6380]  dump_stack_lvl+0xe8/0x140
[   94.278871][ T6380]  dump_stack+0x15/0x1b
[   94.278893][ T6380]  should_fail_ex+0x265/0x280
[   94.278968][ T6380]  should_failslab+0x8c/0xb0
[   94.279014][ T6380]  kmem_cache_alloc_noprof+0x50/0x310
[   94.279050][ T6380]  ? sk_prot_alloc+0x3f/0x190
[   94.279079][ T6380]  ? should_failslab+0x8c/0xb0
[   94.279188][ T6380]  sk_prot_alloc+0x3f/0x190
[   94.279218][ T6380]  sk_alloc+0x34/0x360
[   94.279246][ T6380]  inet_create+0x3c0/0x780
[   94.279363][ T6380]  __sock_create+0x2ec/0x5b0
[   94.279390][ T6380]  sock_create_kern+0x38/0x50
[   94.279414][ T6380]  udp_sock_create4+0x66/0x2a0
[   94.279543][ T6380]  fou_nl_add_doit+0xef/0x410
[   94.279578][ T6380]  genl_family_rcv_msg_doit+0x140/0x1b0
[   94.279634][ T6380]  genl_rcv_msg+0x422/0x460
[   94.279718][ T6380]  ? __pfx_fou_nl_add_doit+0x10/0x10
[   94.279749][ T6380]  netlink_rcv_skb+0x123/0x220
[   94.279834][ T6380]  ? __pfx_genl_rcv_msg+0x10/0x10
[   94.279946][ T6380]  genl_rcv+0x28/0x40
[   94.279979][ T6380]  netlink_unicast+0x59e/0x670
[   94.280008][ T6380]  netlink_sendmsg+0x58b/0x6b0
[   94.280111][ T6380]  ? __pfx_netlink_sendmsg+0x10/0x10
[   94.280144][ T6380]  __sock_sendmsg+0x142/0x180
[   94.280183][ T6380]  ____sys_sendmsg+0x31e/0x4e0
[   94.280298][ T6380]  ___sys_sendmsg+0x17b/0x1d0
[   94.280374][ T6380]  __x64_sys_sendmsg+0xd4/0x160
[   94.280473][ T6380]  x64_sys_call+0x2999/0x2fb0
[   94.280498][ T6380]  do_syscall_64+0xd2/0x200
[   94.280606][ T6380]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   94.280637][ T6380]  ? clear_bhb_loop+0x40/0x90
[   94.280664][ T6380]  ? clear_bhb_loop+0x40/0x90
[   94.280691][ T6380]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.280743][ T6380] RIP: 0033:0x7fe21cb4e969
[   94.280761][ T6380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.280822][ T6380] RSP: 002b:00007fe21b1b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   94.280843][ T6380] RAX: ffffffffffffffda RBX: 00007fe21cd75fa0 RCX: 00007fe21cb4e969
[   94.280857][ T6380] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[   94.280994][ T6380] RBP: 00007fe21b1b7090 R08: 0000000000000000 R09: 0000000000000000
[   94.281007][ T6380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.281020][ T6380] R13: 0000000000000000 R14: 00007fe21cd75fa0 R15: 00007ffd1513bb08
[   94.281042][ T6380]  </TASK>
[   94.600267][ T6383] openvswitch: netlink: Message has 6 unknown bytes.
[   94.674639][ T6389] IPv6: Can't replace route, no match found
[   94.767831][ T6395] loop4: detected capacity change from 0 to 512
[   94.800176][ T6397] random: crng reseeded on system resumption
[   94.809154][ T6395] ext4 filesystem being mounted at /204/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   94.909464][ T6406] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   94.920199][ T6406] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.997233][ T6406] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   95.007843][ T6406] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.067756][ T6406] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   95.078259][ T6406] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.147441][ T6428] loop1: detected capacity change from 0 to 2048
[   95.157901][ T6406] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   95.168581][ T6406] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.197154][ T6428] netlink: 'syz.1.1055': attribute type 10 has an invalid length.
[   95.240461][ T6437] loop1: detected capacity change from 0 to 512
[   95.245746][ T6406] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   95.255213][ T6406] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.266735][ T6437] ext4 filesystem being mounted at /222/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   95.269217][ T6406] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   95.285593][ T6406] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.300089][ T6406] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   95.308893][ T6406] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.323907][ T6406] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   95.333274][ T6406] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.359733][ T6442] loop1: detected capacity change from 0 to 164
[   95.368495][ T6442] iso9660: Unknown parameter '18446744073709551615'
[   95.388510][ T6442] sd 0:0:1:0: device reset
[   95.485017][ T6450] loop2: detected capacity change from 0 to 164
[   95.509811][ T6450] iso9660: Unknown parameter '18446744073709551615'
[   95.524345][ T6450] sd 0:0:1:0: device reset
[   95.543960][ T6450] siw: device registration error -23
[   95.670857][ T6462] loop3: detected capacity change from 0 to 512
[   95.711248][ T6462] ext4 filesystem being mounted at /181/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   95.770904][ T6468] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.875173][ T6468] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.894192][ T6482] loop3: detected capacity change from 0 to 128
[   95.924947][ T6484] FAULT_INJECTION: forcing a failure.
[   95.924947][ T6484] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   95.940889][ T6484] CPU: 1 UID: 0 PID: 6484 Comm: syz.0.1077 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[   95.940929][ T6484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   95.940980][ T6484] Call Trace:
[   95.940990][ T6484]  <TASK>
[   95.941000][ T6484]  __dump_stack+0x1d/0x30
[   95.941030][ T6484]  dump_stack_lvl+0xe8/0x140
[   95.941059][ T6484]  dump_stack+0x15/0x1b
[   95.941078][ T6484]  should_fail_ex+0x265/0x280
[   95.941184][ T6484]  should_fail+0xb/0x20
[   95.941224][ T6484]  should_fail_usercopy+0x1a/0x20
[   95.941252][ T6484]  _copy_to_user+0x20/0xa0
[   95.941296][ T6484]  simple_read_from_buffer+0xb5/0x130
[   95.941345][ T6484]  proc_fail_nth_read+0x100/0x140
[   95.941376][ T6484]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   95.941470][ T6484]  vfs_read+0x1a0/0x6f0
[   95.941512][ T6484]  ? __rcu_read_unlock+0x4f/0x70
[   95.941536][ T6484]  ? __fget_files+0x184/0x1c0
[   95.941570][ T6484]  ksys_read+0xda/0x1a0
[   95.941597][ T6484]  __x64_sys_read+0x40/0x50
[   95.941652][ T6484]  x64_sys_call+0x2d77/0x2fb0
[   95.941683][ T6484]  do_syscall_64+0xd2/0x200
[   95.941719][ T6484]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   95.941756][ T6484]  ? clear_bhb_loop+0x40/0x90
[   95.941787][ T6484]  ? clear_bhb_loop+0x40/0x90
[   95.941834][ T6484]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.941857][ T6484] RIP: 0033:0x7fec13add37c
[   95.941879][ T6484] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   95.941905][ T6484] RSP: 002b:00007fec12147030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   95.941933][ T6484] RAX: ffffffffffffffda RBX: 00007fec13d05fa0 RCX: 00007fec13add37c
[   95.941961][ T6484] RDX: 000000000000000f RSI: 00007fec121470a0 RDI: 0000000000000007
[   95.941979][ T6484] RBP: 00007fec12147090 R08: 0000000000000000 R09: 0000000000000000
[   95.941996][ T6484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.942014][ T6484] R13: 0000000000000000 R14: 00007fec13d05fa0 R15: 00007ffeb970fc68
[   95.942044][ T6484]  </TASK>
[   96.175346][ T6468] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.224477][ T6468] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.250178][ T6495] loop4: detected capacity change from 0 to 512
[   96.266196][ T6495] ext4 filesystem being mounted at /211/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   96.284430][ T6500] netlink: 'syz.0.1083': attribute type 10 has an invalid length.
[   96.299415][ T6500] team0: Port device team_slave_1 removed
[   96.412565][ T6507] loop4: detected capacity change from 0 to 512
[   96.419690][ T6507] EXT4-fs: Ignoring removed oldalloc option
[   96.429135][ T6507] ext4: Unknown parameter 'smackfsfloor'
[   96.441038][ T6508] random: crng reseeded on system resumption
[   96.617844][ T6468] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.629966][ T6468] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.641899][ T6468] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.655355][ T6468] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.721207][   T29] kauditd_printk_skb: 715 callbacks suppressed
[   96.721248][   T29] audit: type=1326 audit(1748722497.507:9587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6524 comm="syz.3.1090" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbe6d47e969 code=0x0
[   96.761363][ T6521] loop1: detected capacity change from 0 to 1024
[   96.825204][ T6533] FAULT_INJECTION: forcing a failure.
[   96.825204][ T6533] name failslab, interval 1, probability 0, space 0, times 0
[   96.838196][ T6533] CPU: 0 UID: 0 PID: 6533 Comm: syz.1.1092 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[   96.838235][ T6533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   96.838253][ T6533] Call Trace:
[   96.838262][ T6533]  <TASK>
[   96.838271][ T6533]  __dump_stack+0x1d/0x30
[   96.838299][ T6533]  dump_stack_lvl+0xe8/0x140
[   96.838434][ T6533]  dump_stack+0x15/0x1b
[   96.838457][ T6533]  should_fail_ex+0x265/0x280
[   96.838500][ T6533]  ? do_proc_control+0x1d6/0x8b0
[   96.838520][ T6533]  should_failslab+0x8c/0xb0
[   96.838591][ T6533]  __kmalloc_cache_noprof+0x4c/0x320
[   96.838648][ T6533]  do_proc_control+0x1d6/0x8b0
[   96.838685][ T6533]  ? should_fail_ex+0xdb/0x280
[   96.838731][ T6533]  proc_control_compat+0xae/0xe0
[   96.838774][ T6533]  usbdev_ioctl+0xee1/0x1710
[   96.838828][ T6533]  ? __pfx_usbdev_ioctl+0x10/0x10
[   96.838939][ T6533]  __se_sys_ioctl+0xcb/0x140
[   96.838974][ T6533]  __x64_sys_ioctl+0x43/0x50
[   96.839005][ T6533]  x64_sys_call+0x19a8/0x2fb0
[   96.839119][ T6533]  do_syscall_64+0xd2/0x200
[   96.839156][ T6533]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   96.839236][ T6533]  ? clear_bhb_loop+0x40/0x90
[   96.839265][ T6533]  ? clear_bhb_loop+0x40/0x90
[   96.839369][ T6533]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.839399][ T6533] RIP: 0033:0x7fe3dfece969
[   96.839419][ T6533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.839446][ T6533] RSP: 002b:00007fe3de537038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   96.839471][ T6533] RAX: ffffffffffffffda RBX: 00007fe3e00f5fa0 RCX: 00007fe3dfece969
[   96.839488][ T6533] RDX: 0000200000000000 RSI: 00000000c0105500 RDI: 0000000000000003
[   96.839537][ T6533] RBP: 00007fe3de537090 R08: 0000000000000000 R09: 0000000000000000
[   96.839552][ T6533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.839569][ T6533] R13: 0000000000000000 R14: 00007fe3e00f5fa0 R15: 00007fffd10bbfd8
[   96.839595][ T6533]  </TASK>
[   97.093657][ T6541] loop2: detected capacity change from 0 to 512
[   97.123598][ T6541] ext4 filesystem being mounted at /228/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   97.193934][ T6549] loop2: detected capacity change from 0 to 164
[   97.200713][ T6549] iso9660: Unknown parameter '18446744073709551615'
[   97.221616][ T6549] sd 0:0:1:0: device reset
[   97.226697][ T6550] loop1: detected capacity change from 0 to 512
[   97.236472][ T6549] siw: device registration error -23
[   97.255981][ T6550] EXT4-fs: Ignoring removed oldalloc option
[   97.262174][ T6550] ext4: Unknown parameter 'smackfsfloor'
[   97.297057][   T29] audit: type=1326 audit(1748722498.087:9588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6551 comm="syz.2.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe21cb4e969 code=0x7ffc0000
[   97.321263][   T29] audit: type=1326 audit(1748722498.087:9589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6551 comm="syz.2.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe21cb4e969 code=0x7ffc0000
[   97.321835][ T6552] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.344862][   T29] audit: type=1326 audit(1748722498.087:9590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6551 comm="syz.2.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=440 compat=0 ip=0x7fe21cb4e969 code=0x7ffc0000
[   97.344904][   T29] audit: type=1326 audit(1748722498.087:9591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6551 comm="syz.2.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe21cb4e969 code=0x7ffc0000
[   97.401699][   T29] audit: type=1326 audit(1748722498.087:9592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6551 comm="syz.2.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fe21cb4e969 code=0x7ffc0000
[   97.425047][   T29] audit: type=1326 audit(1748722498.087:9593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6551 comm="syz.2.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe21cb4e969 code=0x7ffc0000
[   97.448835][   T29] audit: type=1326 audit(1748722498.087:9594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6551 comm="syz.2.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe21cb4e969 code=0x7ffc0000
[   97.472204][   T29] audit: type=1326 audit(1748722498.087:9595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6551 comm="syz.2.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe21cb4e969 code=0x7ffc0000
[   97.495767][   T29] audit: type=1326 audit(1748722498.087:9596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6551 comm="syz.2.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fe21cb507fc code=0x7ffc0000
[   97.549615][ T6557] loop1: detected capacity change from 0 to 2048
[   97.583964][ T6552] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.594616][ T6557] __nla_validate_parse: 13 callbacks suppressed
[   97.594636][ T6557] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1101'.
[   97.617535][ T6561] loop4: detected capacity change from 0 to 128
[   97.637286][ T6557] EXT4-fs error (device loop1): ext4_find_extent:939: inode #2: comm syz.1.1101: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   97.661167][ T6552] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.715691][ T6552] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.754792][ T6574] loop3: detected capacity change from 0 to 1024
[   97.769098][ T6574] EXT4-fs: Ignoring removed nobh option
[   97.774840][ T6574] EXT4-fs: Ignoring removed bh option
[   97.797822][ T6574] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1106'.
[   97.817745][ T6580] loop1: detected capacity change from 0 to 512
[   97.835382][ T6580] ext4 filesystem being mounted at /238/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   97.854653][ T6584] loop3: detected capacity change from 0 to 164
[   97.861834][ T6584] iso9660: Unknown parameter '18446744073709551615'
[   97.884122][ T6584] sd 0:0:1:0: device reset
[   97.895603][ T6584] siw: device registration error -23
[   97.958677][ T6586] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1110'.
[   97.998785][ T6592] loop3: detected capacity change from 0 to 512
[   98.008606][ T6592] EXT4-fs: Ignoring removed oldalloc option
[   98.018662][ T6592] ext4: Unknown parameter 'smackfsfloor'
[   98.082846][ T6595] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1112'.
[   98.092198][ T6595] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1112'.
[   98.101698][ T6595] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1112'.
[   98.290576][ T6552] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.304803][ T6552] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.318281][ T6552] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.354989][ T6552] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.491506][ T6609] loop3: detected capacity change from 0 to 1024
[   98.506933][ T6609] EXT4-fs: Ignoring removed nobh option
[   98.512961][ T6609] EXT4-fs: Ignoring removed bh option
[   98.516229][ T6613] loop4: detected capacity change from 0 to 512
[   98.571215][ T6613] ext4 filesystem being mounted at /221/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   98.581494][ T6609] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1119'.
[   98.645315][ T6626] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.657744][ T6624] loop4: detected capacity change from 0 to 164
[   98.665061][ T6624] iso9660: Unknown parameter '18446744073709551615'
[   98.675062][ T6624] sd 0:0:1:0: device reset
[   98.682186][ T6624] siw: device registration error -23
[   98.694427][ T6626] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.785119][ T6626] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.845456][ T6639] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1131'.
[   98.857638][ T6626] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.905357][ T6645] loop4: detected capacity change from 0 to 512
[   98.915767][ T6645] EXT4-fs: Ignoring removed oldalloc option
[   98.926753][ T6645] ext4: Unknown parameter 'smackfsfloor'
[   98.935060][ T6626] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.949214][ T6626] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.961966][ T6626] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.970499][ T6643] loop4: detected capacity change from 0 to 512
[   98.976164][ T6626] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.977661][ T6643] EXT4-fs: Ignoring removed mblk_io_submit option
[   98.995900][ T6643] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   99.016912][ T6643] EXT4-fs (loop4): 1 truncate cleaned up
[   99.055227][ T6652] loop3: detected capacity change from 0 to 1024
[   99.062820][ T6652] EXT4-fs: Ignoring removed nobh option
[   99.068503][ T6652] EXT4-fs: Ignoring removed bh option
[   99.135133][ T6658] loop3: detected capacity change from 0 to 164
[   99.142376][ T6658] iso9660: Unknown parameter '18446744073709551615'
[   99.152808][ T6658] sd 0:0:1:0: device reset
[   99.159992][ T6658] siw: device registration error -23
[   99.255020][ T6662] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1138'.
[   99.300691][ T6673] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1143'.
[   99.373781][ T6675] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   99.384457][ T6675] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.435500][ T6675] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   99.445478][ T6675] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.504644][ T6675] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   99.514575][ T6675] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.546257][ T6675] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   99.556287][ T6675] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.585512][ T6681] loop2: detected capacity change from 0 to 512
[   99.612071][ T6681] EXT4-fs: Ignoring removed oldalloc option
[   99.618639][ T6681] ext4: Unknown parameter 'smackfsfloor'
[   99.625929][ T6675] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   99.634350][ T6675] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.656952][ T6675] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   99.665455][ T6675] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.677728][ T6675] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   99.686179][ T6675] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.689443][ T6680] loop2: detected capacity change from 0 to 512
[   99.708814][ T6680] EXT4-fs: Ignoring removed mblk_io_submit option
[   99.730480][ T6680] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   99.747914][ T6680] EXT4-fs (loop2): 1 truncate cleaned up
[   99.757965][ T6675] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   99.766299][ T6675] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.829643][ T6690] loop4: detected capacity change from 0 to 164
[   99.843228][ T6690] iso9660: Unknown parameter '18446744073709551615'
[   99.874634][ T6688] lo speed is unknown, defaulting to 1000
[   99.914534][ T6690] sd 0:0:1:0: device reset
[   99.986606][ T6690] siw: device registration error -23
[  100.079652][ T6714] loop4: detected capacity change from 0 to 1024
[  100.098194][ T6714] EXT4-fs: Ignoring removed nobh option
[  100.107367][ T6714] EXT4-fs: Ignoring removed bh option
[  100.228596][ T6730] loop1: detected capacity change from 0 to 512
[  100.273750][ T6730] ext4 filesystem being mounted at /247/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  100.287458][ T6724] loop3: detected capacity change from 0 to 512
[  100.297486][ T6724] EXT4-fs: Ignoring removed oldalloc option
[  100.336100][ T6724] ext4: Unknown parameter 'smackfsfloor'
[  100.368977][ T6718] loop3: detected capacity change from 0 to 512
[  100.380325][ T6742] loop4: detected capacity change from 0 to 164
[  100.388619][ T6718] EXT4-fs: Ignoring removed mblk_io_submit option
[  100.399887][ T6718] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  100.412231][ T6742] iso9660: Unknown parameter '18446744073709551615'
[  100.421431][ T6718] EXT4-fs (loop3): 1 truncate cleaned up
[  100.437959][ T6742] sd 0:0:1:0: device reset
[  100.449112][ T6742] siw: device registration error -23
[  100.488342][ T6747] capability: warning: `syz.1.1171' uses 32-bit capabilities (legacy support in use)
[  100.558084][ T6750] loop4: detected capacity change from 0 to 1024
[  100.588962][ T6750] EXT4-fs (loop4): filesystem is read-only
[  100.639668][ T6750] usb usb7: usbfs: process 6750 (syz.4.1173) did not claim interface 2 before use
[  100.665857][ T6765] loop3: detected capacity change from 0 to 512
[  100.724205][ T6765] ext4 filesystem being mounted at /202/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  100.803615][ T6781] loop3: detected capacity change from 0 to 164
[  100.813253][ T6781] iso9660: Unknown parameter '18446744073709551615'
[  100.854711][ T6781] sd 0:0:1:0: device reset
[  100.877523][ T6781] siw: device registration error -23
[  100.963411][ T6786] loop1: detected capacity change from 0 to 512
[  100.970311][ T6786] EXT4-fs: Ignoring removed oldalloc option
[  101.040835][ T6786] ext4: Unknown parameter 'smackfsfloor'
[  101.094337][ T6786] loop1: detected capacity change from 0 to 512
[  101.117057][ T6786] EXT4-fs: Ignoring removed mblk_io_submit option
[  101.146378][ T6786] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  101.157401][ T6809] FAULT_INJECTION: forcing a failure.
[  101.157401][ T6809] name failslab, interval 1, probability 0, space 0, times 0
[  101.170381][ T6809] CPU: 0 UID: 0 PID: 6809 Comm: syz.4.1196 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  101.170420][ T6809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  101.170438][ T6809] Call Trace:
[  101.170448][ T6809]  <TASK>
[  101.170481][ T6809]  __dump_stack+0x1d/0x30
[  101.170508][ T6809]  dump_stack_lvl+0xe8/0x140
[  101.170535][ T6809]  dump_stack+0x15/0x1b
[  101.170559][ T6809]  should_fail_ex+0x265/0x280
[  101.170602][ T6809]  should_failslab+0x8c/0xb0
[  101.170665][ T6809]  kmem_cache_alloc_noprof+0x50/0x310
[  101.170693][ T6809]  ? alloc_empty_file+0x76/0x200
[  101.170769][ T6809]  alloc_empty_file+0x76/0x200
[  101.170797][ T6809]  path_openat+0x68/0x2170
[  101.170828][ T6809]  ? strlen+0x19/0x40
[  101.170864][ T6809]  ? perf_trace_kmem_cache_free+0x55/0x160
[  101.170931][ T6809]  ? audit_log_end+0x1d7/0x1f0
[  101.170971][ T6809]  ? audit_log_end+0x1d7/0x1f0
[  101.171016][ T6809]  ? kmem_cache_free+0xdf/0x300
[  101.171135][ T6809]  ? audit_log_end+0x1d7/0x1f0
[  101.171184][ T6809]  do_filp_open+0x109/0x230
[  101.171302][ T6809]  do_sys_openat2+0xa6/0x110
[  101.171338][ T6809]  __x64_sys_open+0xe6/0x110
[  101.171448][ T6809]  x64_sys_call+0x14d4/0x2fb0
[  101.171474][ T6809]  do_syscall_64+0xd2/0x200
[  101.171506][ T6809]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.171533][ T6809]  ? clear_bhb_loop+0x40/0x90
[  101.171609][ T6809]  ? clear_bhb_loop+0x40/0x90
[  101.171638][ T6809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.171668][ T6809] RIP: 0033:0x7fa53ec1e969
[  101.171690][ T6809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.171717][ T6809] RSP: 002b:00007fa53d287038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  101.171743][ T6809] RAX: ffffffffffffffda RBX: 00007fa53ee45fa0 RCX: 00007fa53ec1e969
[  101.171817][ T6809] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000280
[  101.171915][ T6809] RBP: 00007fa53d287090 R08: 0000000000000000 R09: 0000000000000000
[  101.171931][ T6809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.171948][ T6809] R13: 0000000000000000 R14: 00007fa53ee45fa0 R15: 00007ffc40691668
[  101.171976][ T6809]  </TASK>
[  101.417478][ T6786] EXT4-fs (loop1): 1 truncate cleaned up
[  101.454086][ T6808] loop2: detected capacity change from 0 to 128
[  101.512411][ T6816] loop2: detected capacity change from 0 to 164
[  101.519631][ T6816] iso9660: Unknown parameter '18446744073709551615'
[  101.529112][ T6816] sd 0:0:1:0: device reset
[  101.537902][ T6816] siw: device registration error -23
[  101.738535][ T6838] loop3: detected capacity change from 0 to 512
[  101.749795][ T6840] loop2: detected capacity change from 0 to 512
[  101.770104][ T6838] EXT4-fs mount: 66 callbacks suppressed
[  101.770175][ T6838] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.770245][ T6838] ext4 filesystem being mounted at /205/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  101.770383][ T6840] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.771589][ T6840] ext4 filesystem being mounted at /253/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  101.828408][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.892002][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.978301][ T6849] loop3: detected capacity change from 0 to 512
[  101.986044][ T6849] EXT4-fs: Ignoring removed oldalloc option
[  102.002475][ T6849] ext4: Unknown parameter 'smackfsfloor'
[  102.026681][ T6849] loop3: detected capacity change from 0 to 512
[  102.031654][ T6849] EXT4-fs: Ignoring removed mblk_io_submit option
[  102.097220][ T6853] loop2: detected capacity change from 0 to 1024
[  102.101695][ T6849] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  102.106075][ T6853] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  102.126543][ T6853] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  102.139200][ T6853] JBD2: no valid journal superblock found
[  102.139274][ T6853] EXT4-fs (loop2): Could not load journal inode
[  102.140415][ T6849] EXT4-fs (loop3): 1 truncate cleaned up
[  102.158380][ T6853] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  102.188775][ T6849] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.316235][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.336732][ T6861] random: crng reseeded on system resumption
[  102.420889][ T6867] loop4: detected capacity change from 0 to 512
[  102.442135][   T29] kauditd_printk_skb: 1063 callbacks suppressed
[  102.442222][   T29] audit: type=1400 audit(1748722503.126:10660): avc:  denied  { create } for  pid=6860 comm="syz.3.1215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  102.470576][   T29] audit: type=1400 audit(1748722503.126:10661): avc:  denied  { read } for  pid=6860 comm="syz.3.1215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  102.470605][   T29] audit: type=1400 audit(1748722503.126:10662): avc:  denied  { name_bind } for  pid=6860 comm="syz.3.1215" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  102.470652][   T29] audit: type=1400 audit(1748722503.126:10663): avc:  denied  { append } for  pid=6860 comm="syz.3.1215" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  102.470707][   T29] audit: type=1400 audit(1748722503.126:10664): avc:  denied  { open } for  pid=6860 comm="syz.3.1215" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  102.482204][   T29] audit: type=1326 audit(1748722503.266:10665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6860 comm="syz.3.1215" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbe6d47e969 code=0x0
[  102.603027][ T6867] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.618767][ T6872] __nla_validate_parse: 9 callbacks suppressed
[  102.618789][ T6872] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1217'.
[  102.627791][ T6867] ext4 filesystem being mounted at /251/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  102.669726][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.671133][   T29] audit: type=1400 audit(1748722503.456:10666): avc:  denied  { create } for  pid=6880 comm="syz.1.1222" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  102.724151][ T6885] FAULT_INJECTION: forcing a failure.
[  102.724151][ T6885] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  102.737490][ T6885] CPU: 1 UID: 0 PID: 6885 Comm: syz.1.1225 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  102.737563][ T6885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  102.737622][ T6885] Call Trace:
[  102.737630][ T6885]  <TASK>
[  102.737638][ T6885]  __dump_stack+0x1d/0x30
[  102.737665][ T6885]  dump_stack_lvl+0xe8/0x140
[  102.737690][ T6885]  dump_stack+0x15/0x1b
[  102.737708][ T6885]  should_fail_ex+0x265/0x280
[  102.737815][ T6885]  should_fail+0xb/0x20
[  102.737943][ T6885]  should_fail_usercopy+0x1a/0x20
[  102.737970][ T6885]  _copy_to_user+0x20/0xa0
[  102.738002][ T6885]  rng_dev_read+0x3ef/0x740
[  102.738069][ T6885]  ? __pfx_rng_dev_read+0x10/0x10
[  102.738193][ T6885]  vfs_readv+0x3fb/0x690
[  102.738245][ T6885]  __x64_sys_preadv+0xfd/0x1c0
[  102.738279][ T6885]  x64_sys_call+0x1503/0x2fb0
[  102.738306][ T6885]  do_syscall_64+0xd2/0x200
[  102.738382][ T6885]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  102.738419][ T6885]  ? clear_bhb_loop+0x40/0x90
[  102.738521][ T6885]  ? clear_bhb_loop+0x40/0x90
[  102.738555][ T6885]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.738584][ T6885] RIP: 0033:0x7fe3dfece969
[  102.738605][ T6885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.738642][ T6885] RSP: 002b:00007fe3de537038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  102.738722][ T6885] RAX: ffffffffffffffda RBX: 00007fe3e00f5fa0 RCX: 00007fe3dfece969
[  102.738741][ T6885] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000003
[  102.738758][ T6885] RBP: 00007fe3de537090 R08: 0000000000000000 R09: 0000000000000000
[  102.738774][ T6885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.738843][ T6885] R13: 0000000000000000 R14: 00007fe3e00f5fa0 R15: 00007fffd10bbfd8
[  102.738873][ T6885]  </TASK>
[  103.010641][ T6889] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1223'.
[  103.036623][ T6894] loop1: detected capacity change from 0 to 512
[  103.054828][ T6894] EXT4-fs: Ignoring removed oldalloc option
[  103.064869][ T6894] ext4: Unknown parameter 'smackfsfloor'
[  103.086090][ T6887] loop1: detected capacity change from 0 to 512
[  103.097493][ T6887] EXT4-fs: Ignoring removed mblk_io_submit option
[  103.105892][ T6887] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  103.120004][ T6887] EXT4-fs (loop1): 1 truncate cleaned up
[  103.127869][ T6887] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.176088][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.277045][ T6904] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1230'.
[  103.283388][   T29] audit: type=1400 audit(1748722504.066:10667): avc:  denied  { create } for  pid=6908 comm="syz.3.1232" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  103.330902][ T6915] loop3: detected capacity change from 0 to 512
[  103.359330][ T6915] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.377428][ T6915] ext4 filesystem being mounted at /211/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  103.419076][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.497087][ T6930] random: crng reseeded on system resumption
[  103.590877][ T6933] loop2: detected capacity change from 0 to 512
[  103.600032][ T6933] EXT4-fs: Ignoring removed oldalloc option
[  103.606552][   T29] audit: type=1326 audit(1748722504.376:10668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6929 comm="syz.3.1240" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbe6d47e969 code=0x0
[  103.608576][ T6933] ext4: Unknown parameter 'smackfsfloor'
[  103.652498][ T6932] loop2: detected capacity change from 0 to 512
[  103.660303][ T6932] EXT4-fs: Ignoring removed mblk_io_submit option
[  103.668972][ T6932] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  103.682532][ T6932] EXT4-fs (loop2): 1 truncate cleaned up
[  103.689045][ T6932] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.737619][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.775374][ T6939] loop2: detected capacity change from 0 to 1024
[  103.785691][ T6939] EXT4-fs: Ignoring removed nobh option
[  103.791706][ T6939] EXT4-fs: Ignoring removed bh option
[  103.815517][ T6939] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.843391][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.870832][ T6945] FAULT_INJECTION: forcing a failure.
[  103.870832][ T6945] name failslab, interval 1, probability 0, space 0, times 0
[  103.883782][ T6945] CPU: 0 UID: 0 PID: 6945 Comm: syz.0.1244 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  103.883848][ T6945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  103.883866][ T6945] Call Trace:
[  103.883875][ T6945]  <TASK>
[  103.883885][ T6945]  __dump_stack+0x1d/0x30
[  103.883913][ T6945]  dump_stack_lvl+0xe8/0x140
[  103.884034][ T6945]  dump_stack+0x15/0x1b
[  103.884060][ T6945]  should_fail_ex+0x265/0x280
[  103.884179][ T6945]  should_failslab+0x8c/0xb0
[  103.884208][ T6945]  __kvmalloc_node_noprof+0x126/0x4f0
[  103.884247][ T6945]  ? io_alloc_cache_init+0x31/0xa0
[  103.884309][ T6945]  io_alloc_cache_init+0x31/0xa0
[  103.884334][ T6945]  io_ring_ctx_alloc+0x2b7/0x6a0
[  103.884414][ T6945]  io_uring_create+0x10f/0x610
[  103.884452][ T6945]  __se_sys_io_uring_setup+0x1f7/0x210
[  103.884601][ T6945]  __x64_sys_io_uring_setup+0x31/0x40
[  103.884645][ T6945]  x64_sys_call+0x184b/0x2fb0
[  103.884742][ T6945]  do_syscall_64+0xd2/0x200
[  103.884774][ T6945]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  103.884935][ T6945]  ? clear_bhb_loop+0x40/0x90
[  103.884967][ T6945]  ? clear_bhb_loop+0x40/0x90
[  103.884999][ T6945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.885026][ T6945] RIP: 0033:0x7fec13ade969
[  103.885044][ T6945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.885127][ T6945] RSP: 002b:00007fec12146fc8 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  103.885151][ T6945] RAX: ffffffffffffffda RBX: 00007fec13d05fa0 RCX: 00007fec13ade969
[  103.885221][ T6945] RDX: 0000200000000200 RSI: 0000200000000140 RDI: 00000000000005c2
[  103.885294][ T6945] RBP: 0000200000000140 R08: 0000000000000000 R09: 0000200000000200
[  103.885307][ T6945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.885323][ T6945] R13: 0000200000000240 R14: 00000000000005c2 R15: 0000200000000200
[  103.885353][ T6945]  </TASK>
[  104.121720][ T6948] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1245'.
[  104.195131][ T6948] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1245'.
[  104.225556][ T6962] loop1: detected capacity change from 0 to 1024
[  104.235034][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  104.235068][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  104.236228][ T6962] JBD2: no valid journal superblock found
[  104.236244][ T6962] EXT4-fs (loop1): Could not load journal inode
[  104.265551][ T6962] loop1: detected capacity change from 0 to 1024
[  104.284901][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  104.284940][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  104.286348][ T6962] JBD2: no valid journal superblock found
[  104.286365][ T6962] EXT4-fs (loop1): Could not load journal inode
[  104.320992][ T6962] loop1: detected capacity change from 0 to 1024
[  104.321634][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  104.321740][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  104.326688][ T6966] loop4: detected capacity change from 0 to 128
[  104.353882][ T6962] JBD2: no valid journal superblock found
[  104.353897][ T6962] EXT4-fs (loop1): Could not load journal inode
[  104.372238][ T6962] loop1: detected capacity change from 0 to 1024
[  104.378356][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  104.378393][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  104.379590][ T6962] JBD2: no valid journal superblock found
[  104.379605][ T6962] EXT4-fs (loop1): Could not load journal inode
[  104.393644][ T6962] loop1: detected capacity change from 0 to 1024
[  104.395138][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  104.395168][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  104.395458][ T6962] JBD2: no valid journal superblock found
[  104.395470][ T6962] EXT4-fs (loop1): Could not load journal inode
[  104.405376][ T6962] loop1: detected capacity change from 0 to 1024
[  104.405668][   T29] audit: type=1400 audit(1748722505.176:10669): avc:  denied  { setopt } for  pid=6963 comm="syz.2.1251" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  104.405787][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  104.405817][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  104.406728][ T6962] JBD2: no valid journal superblock found
[  104.406741][ T6962] EXT4-fs (loop1): Could not load journal inode
[  104.430937][ T6962] loop1: detected capacity change from 0 to 1024
[  104.445569][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  104.445633][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  104.446646][ T6962] JBD2: no valid journal superblock found
[  104.446658][ T6962] EXT4-fs (loop1): Could not load journal inode
[  104.467790][ T6971] loop3: detected capacity change from 0 to 1024
[  104.470529][ T6971] EXT4-fs: Ignoring removed nobh option
[  104.470561][ T6971] EXT4-fs: Ignoring removed bh option
[  104.496037][ T6971] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.522180][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.563072][ T6962] loop1: detected capacity change from 0 to 1024
[  104.777545][ T6980] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1256'.
[  104.804856][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  104.816139][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  104.858147][ T6962] JBD2: no valid journal superblock found
[  104.864175][ T6962] EXT4-fs (loop1): Could not load journal inode
[  104.897462][ T6962] loop1: detected capacity change from 0 to 1024
[  104.913333][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  104.915642][ T6997] random: crng reseeded on system resumption
[  104.924532][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  105.017120][ T6962] JBD2: no valid journal superblock found
[  105.023060][ T6962] EXT4-fs (loop1): Could not load journal inode
[  105.057765][ T7002] loop4: detected capacity change from 0 to 1024
[  105.073823][ T7002] EXT4-fs: Ignoring removed nobh option
[  105.079536][ T7002] EXT4-fs: Ignoring removed bh option
[  105.113138][ T7003] loop2: detected capacity change from 0 to 512
[  105.125199][ T6962] loop1: detected capacity change from 0 to 1024
[  105.131497][ T7003] EXT4-fs: Ignoring removed oldalloc option
[  105.152115][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  105.154379][ T7003] ext4: Unknown parameter 'smackfsfloor'
[  105.163222][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  105.199511][ T6962] JBD2: no valid journal superblock found
[  105.205468][ T6962] EXT4-fs (loop1): Could not load journal inode
[  105.239322][ T7002] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.274195][ T6962] loop1: detected capacity change from 0 to 1024
[  105.305043][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.315689][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  105.326957][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  105.339739][ T6999] loop2: detected capacity change from 0 to 512
[  105.346848][ T6999] EXT4-fs: Ignoring removed mblk_io_submit option
[  105.355556][ T6999] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  105.356693][ T6962] JBD2: no valid journal superblock found
[  105.371486][ T6962] EXT4-fs (loop1): Could not load journal inode
[  105.404562][ T6962] loop1: detected capacity change from 0 to 1024
[  105.430722][ T6999] EXT4-fs (loop2): 1 truncate cleaned up
[  105.438584][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  105.449591][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  105.458815][ T7016] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1269'.
[  105.468932][ T6962] JBD2: no valid journal superblock found
[  105.474964][ T6962] EXT4-fs (loop1): Could not load journal inode
[  105.494912][ T6962] loop1: detected capacity change from 0 to 1024
[  105.501005][ T6999] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.513801][ T7018] IPVS: stopping master sync thread 7019 ...
[  105.522759][ T7019] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  105.535310][ T7018] FAULT_INJECTION: forcing a failure.
[  105.535310][ T7018] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  105.548711][ T7018] CPU: 0 UID: 0 PID: 7018 Comm: syz.3.1272 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  105.548747][ T7018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  105.548763][ T7018] Call Trace:
[  105.548770][ T7018]  <TASK>
[  105.548781][ T7018]  __dump_stack+0x1d/0x30
[  105.548808][ T7018]  dump_stack_lvl+0xe8/0x140
[  105.548834][ T7018]  dump_stack+0x15/0x1b
[  105.548882][ T7018]  should_fail_ex+0x265/0x280
[  105.549004][ T7018]  should_fail+0xb/0x20
[  105.549040][ T7018]  should_fail_usercopy+0x1a/0x20
[  105.549065][ T7018]  _copy_to_user+0x20/0xa0
[  105.549097][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  105.549244][ T7018] ==================================================================
[  105.549293][ T7018] BUG: KCSAN: data-race in data_push_tail / string
[  105.549359][ T7018] 
[  105.549366][ T7018] write to 0xffffffff88e392d0 of 1 bytes by task 6962 on cpu 1:
[  105.549399][ T7018]  string+0x187/0x220
[  105.549439][ T7018]  vsnprintf+0x532/0x890
[  105.549478][ T7018]  vscnprintf+0x41/0x90
[  105.549516][ T7018]  printk_sprint+0x30/0x2d0
[  105.549539][ T7018]  vprintk_store+0x599/0x860
[  105.549560][ T7018]  vprintk_emit+0x178/0x650
[  105.549583][ T7018]  vprintk_default+0x26/0x30
[  105.549607][ T7018]  vprintk+0x1d/0x30
[  105.549637][ T7018]  _printk+0x79/0xa0
[  105.549674][ T7018]  __ext4_msg+0x18f/0x1a0
[  105.549702][ T7018]  ext4_group_desc_init+0xedb/0x14e0
[  105.549740][ T7018]  ext4_fill_super+0x1dbb/0x34e0
[  105.549768][ T7018]  get_tree_bdev_flags+0x291/0x300
[  105.549793][ T7018]  get_tree_bdev+0x1f/0x30
[  105.549814][ T7018]  ext4_get_tree+0x1c/0x30
[  105.549840][ T7018]  vfs_get_tree+0x54/0x1d0
[  105.549862][ T7018]  do_new_mount+0x207/0x680
[  105.549905][ T7018]  path_mount+0x4a4/0xb20
[  105.549946][ T7018]  __se_sys_mount+0x28f/0x2e0
[  105.549969][ T7018]  __x64_sys_mount+0x67/0x80
[  105.549992][ T7018]  x64_sys_call+0xd36/0x2fb0
[  105.550019][ T7018]  do_syscall_64+0xd2/0x200
[  105.550051][ T7018]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.550079][ T7018] 
[  105.550086][ T7018] read to 0xffffffff88e392d0 of 8 bytes by task 7018 on cpu 0:
[  105.550107][ T7018]  data_push_tail+0xfd/0x420
[  105.550148][ T7018]  data_alloc+0xbf/0x2b0
[  105.550186][ T7018]  prb_reserve+0x808/0xaf0
[  105.550224][ T7018]  vprintk_store+0x56d/0x860
[  105.550244][ T7018]  vprintk_emit+0x178/0x650
[  105.550267][ T7018]  vprintk_default+0x26/0x30
[  105.550290][ T7018]  vprintk+0x1d/0x30
[  105.550321][ T7018]  _printk+0x79/0xa0
[  105.550357][ T7018]  show_trace_log_lvl+0x4e3/0x560
[  105.550394][ T7018]  __dump_stack+0x1d/0x30
[  105.550415][ T7018]  dump_stack_lvl+0xe8/0x140
[  105.550437][ T7018]  dump_stack+0x15/0x1b
[  105.550459][ T7018]  should_fail_ex+0x265/0x280
[  105.550498][ T7018]  should_fail+0xb/0x20
[  105.550537][ T7018]  should_fail_usercopy+0x1a/0x20
[  105.550561][ T7018]  _copy_to_user+0x20/0xa0
[  105.550587][ T7018]  simple_read_from_buffer+0xb5/0x130
[  105.550628][ T7018]  proc_fail_nth_read+0x100/0x140
[  105.550652][ T7018]  vfs_read+0x1a0/0x6f0
[  105.550696][ T7018]  ksys_read+0xda/0x1a0
[  105.550717][ T7018]  __x64_sys_read+0x40/0x50
[  105.550740][ T7018]  x64_sys_call+0x2d77/0x2fb0
[  105.550769][ T7018]  do_syscall_64+0xd2/0x200
[  105.550801][ T7018]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.550828][ T7018] 
[  105.550832][ T7018] value changed: 0x00000000ffffe4c6 -> 0x2073662d34545845
[  105.550847][ T7018] 
[  105.550851][ T7018] Reported by Kernel Concurrency Sanitizer on:
[  105.550864][ T7018] CPU: 0 UID: 0 PID: 7018 Comm: syz.3.1272 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  105.550901][ T7018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  105.550917][ T7018] ==================================================================
[  105.550963][ T7018]  simple_read_from_buffer+0xb5/0x130
[  105.551030][ T7018]  proc_fail_nth_read+0x100/0x140
[  105.551059][ T7018]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  105.551086][ T7018]  vfs_read+0x1a0/0x6f0
[  105.551195][ T7018]  ? __sys_setsockopt+0x18e/0x200
[  105.551228][ T7018]  ? __rcu_read_unlock+0x4f/0x70
[  105.551276][ T7018]  ? __fget_files+0x184/0x1c0
[  105.551309][ T7018]  ksys_read+0xda/0x1a0
[  105.551484][ T7018]  __x64_sys_read+0x40/0x50
[  105.551511][ T7018]  x64_sys_call+0x2d77/0x2fb0
[  105.551553][ T7018]  do_syscall_64+0xd2/0x200
[  105.551589][ T7018]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  105.551626][ T7018]  ? clear_bhb_loop+0x40/0x90
[  105.551701][ T7018]  ? clear_bhb_loop+0x40/0x90
[  105.551734][ T7018]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.551823][ T7018] RIP: 0033:0x7fbe6d47d37c
[  105.551917][ T7018] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  105.551944][ T7018] RSP: 002b:00007fbe6bae7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  105.551971][ T7018] RAX: ffffffffffffffda RBX: 00007fbe6d6a5fa0 RCX: 00007fbe6d47d37c
[  105.551991][ T7018] RDX: 000000000000000f RSI: 00007fbe6bae70a0 RDI: 0000000000000007
[  105.552031][ T7018] RBP: 00007fbe6bae7090 R08: 0000000000000000 R09: 0000000000000000
[  105.552048][ T7018] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  105.552088][ T7018] R13: 0000000000000000 R14: 00007fbe6d6a5fa0 R15: 00007ffccec2e858
[  105.552119][ T7018]  </TASK>
[  105.568231][ T7022] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1269'.
[  105.571716][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  106.099383][ T6962] JBD2: no valid journal superblock found
[  106.105435][ T6962] EXT4-fs (loop1): Could not load journal inode
[  106.149934][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.169888][ T6962] loop1: detected capacity change from 0 to 1024
[  106.179827][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  106.190860][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  106.201230][ T6962] JBD2: no valid journal superblock found
[  106.207465][ T6962] EXT4-fs (loop1): Could not load journal inode
[  106.222353][ T6962] loop1: detected capacity change from 0 to 1024
[  106.230298][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  106.241799][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  106.252051][ T6962] JBD2: no valid journal superblock found
[  106.258012][ T6962] EXT4-fs (loop1): Could not load journal inode
[  106.272715][ T6962] loop1: detected capacity change from 0 to 1024
[  106.282329][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  106.293561][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  106.304068][ T6962] JBD2: no valid journal superblock found
[  106.309961][ T6962] EXT4-fs (loop1): Could not load journal inode
[  106.327929][ T6962] loop1: detected capacity change from 0 to 1024
[  106.336678][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  106.348151][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  106.359565][ T6962] JBD2: no valid journal superblock found
[  106.365429][ T6962] EXT4-fs (loop1): Could not load journal inode
[  106.379532][ T6962] loop1: detected capacity change from 0 to 1024
[  106.389465][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  106.400926][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  106.411355][ T6962] JBD2: no valid journal superblock found
[  106.417391][ T6962] EXT4-fs (loop1): Could not load journal inode
[  106.431134][ T6962] loop1: detected capacity change from 0 to 1024
[  106.439690][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  106.452974][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  106.463694][ T6962] JBD2: no valid journal superblock found
[  106.470413][ T6962] EXT4-fs (loop1): Could not load journal inode
[  106.484812][ T6962] loop1: detected capacity change from 0 to 1024
[  106.492690][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  106.503867][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  106.515647][ T6962] JBD2: no valid journal superblock found
[  106.521439][ T6962] EXT4-fs (loop1): Could not load journal inode
[  106.534852][ T6962] loop1: detected capacity change from 0 to 1024
[  106.543037][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  106.554107][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  106.564655][ T6962] JBD2: no valid journal superblock found
[  106.570463][ T6962] EXT4-fs (loop1): Could not load journal inode
[  106.584606][ T6962] loop1: detected capacity change from 0 to 1024
[  106.591840][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  106.602977][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  106.613461][ T6962] JBD2: no valid journal superblock found
[  106.619347][ T6962] EXT4-fs (loop1): Could not load journal inode
[  106.633150][ T6962] loop1: detected capacity change from 0 to 1024
[  106.641523][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  106.653019][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  106.663188][ T6962] JBD2: no valid journal superblock found
[  106.669228][ T6962] EXT4-fs (loop1): Could not load journal inode
[  106.682793][ T6962] loop1: detected capacity change from 0 to 1024
[  106.691055][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  106.702213][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  106.713675][ T6962] JBD2: no valid journal superblock found
[  106.719561][ T6962] EXT4-fs (loop1): Could not load journal inode
[  106.733299][ T6962] loop1: detected capacity change from 0 to 1024
[  106.742089][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  106.753075][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  106.763852][ T6962] JBD2: no valid journal superblock found
[  106.769771][ T6962] EXT4-fs (loop1): Could not load journal inode
[  106.783068][ T6962] loop1: detected capacity change from 0 to 1024
[  106.791555][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  106.802838][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  106.812859][ T6962] JBD2: no valid journal superblock found
[  106.818884][ T6962] EXT4-fs (loop1): Could not load journal inode
[  106.835060][ T6962] loop1: detected capacity change from 0 to 1024
[  106.842927][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  106.854428][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  106.864475][ T6962] JBD2: no valid journal superblock found
[  106.870221][ T6962] EXT4-fs (loop1): Could not load journal inode
[  106.883735][ T6962] loop1: detected capacity change from 0 to 1024
[  106.892132][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  106.903316][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  106.914924][ T6962] JBD2: no valid journal superblock found
[  106.920778][ T6962] EXT4-fs (loop1): Could not load journal inode
[  106.934176][ T6962] loop1: detected capacity change from 0 to 1024
[  106.943159][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  106.954581][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  106.965009][ T6962] JBD2: no valid journal superblock found
[  106.970774][ T6962] EXT4-fs (loop1): Could not load journal inode
[  106.984423][ T6962] loop1: detected capacity change from 0 to 1024
[  106.992700][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  107.003712][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  107.014902][ T6962] JBD2: no valid journal superblock found
[  107.020895][ T6962] EXT4-fs (loop1): Could not load journal inode
[  107.035715][ T6962] loop1: detected capacity change from 0 to 1024
[  107.042886][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  107.054068][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  107.064130][ T6962] JBD2: no valid journal superblock found
[  107.069863][ T6962] EXT4-fs (loop1): Could not load journal inode
[  107.083869][ T6962] loop1: detected capacity change from 0 to 1024
[  107.090895][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  107.102047][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  107.112217][ T6962] JBD2: no valid journal superblock found
[  107.118097][ T6962] EXT4-fs (loop1): Could not load journal inode
[  107.132287][ T6962] loop1: detected capacity change from 0 to 1024
[  107.141112][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  107.153565][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  107.165232][ T6962] JBD2: no valid journal superblock found
[  107.171482][ T6962] EXT4-fs (loop1): Could not load journal inode
[  107.187505][ T6962] loop1: detected capacity change from 0 to 1024
[  107.197298][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  107.209829][ T6962] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  107.220936][ T6962] JBD2: no valid journal superblock found
[  107.227029][ T6962] EXT4-fs (loop1): Could not load journal inode