last executing test programs:

27.887023078s ago: executing program 3 (id=4322):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file1\x00')
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0x14846, &(0x7f00000000c0)=ANY=[@ANYRES16=0x0], 0x0, 0x709, &(0x7f0000002000)="$eJzs3V2P21gZB/D/STJJJoWqYlG1qrqd0ykrTcWQOpltqqggYRwnY0jiyPbAjIS0KnRmNWqmQFskmpt2bniRli/A3d5wwYdYiQuu9lvAFUgrJCTECoSMfI6dl4mTmbTpdMv+f6PdOPbjcx4fe33WM/YxiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiICMJqGEZFoO10d3blbFbDczvJlyymluvSVnBTT9ycV+dKVC8gon9QLOJtPfvtr45CLkf/WsdV/e0qitFHEYMLly/dfSuXSdafk/CLwKIFPn46eHCv399/dIbYLBYu/nVC5gxBLbvr+K7TMVu2dHxX1ms149Z205dNp237e35gd6Tl2ZnA9eSGdVNW6vUtaZf33J1uq2G27WTmnW9UDaMmv1vQOxpA2be2nXbb6bZUTLQ4irkjP/yhDrDNjpQHh/39rbF8nqW1cRRUSUk+Mx4cBVVP29yqUa1WKtVqpXa7fvuOYeTiGSJO2sgZEWEMYWqVpR+09IZZ3smb6CVlrMZ/jD8LoI0iutjBLmTqj4UGPLjozFgeS/r/d2/Zc+sd7/+TXn5ltPgKVP9/TX+7Nqv/n5GLhFQrpC0RM+Yv9rOiMpJ4jKcY4AHuoY8+9vFoCWVLyLWXLiFvxC25lHxm/rRgowsHPlw46MBEC1+GjOdI1FFDDQbexzaa8CHRhIM2bPjYg48AdnRE5aNMbZgI4MKDxAYs3IREBXXUsQUJG2XswcUOumihARP/CsPwAIeq3bfifJ6nbDWSoMqMjSgglxx3+6jO2dpZ/f+Pnum1df8fZgH2/19M+jgo6I9P5sUQfQ6E8fX/gtZeTTZERERERERE9CoI9dt3of4q/w6AEE2nbRsTMYXXlh0RERERERERLYNAWMBVCH1XPt6BmL7+JyIiIiIiIqI3m1DP2AkAJXVTvxg9LnWWXwJkzyFFIiIiIiIiInpJ6sn/a3kgVHf5r0EsdP1PRERERERERG+AX4+NsZ/LxmPshsmf9TMA1v5SEB//vQBvRRz3dr8mjsxoiXkUx0zdARA0r4iL8UC96iMPQH2z7Ksirk0C/0x++xD59CB9rP/noSaE8E4kkM+OFzAjARHVXMvF3/AhrutVrsfjzN8fZKCW6BGFS02nbZctt323AtO8mAns3eDnDw9/AXjD7Tw47O+Xf/yT/n2Vy3E06/goKvTZRDqZ9MYY5fJEjbegnrlIG914Fc2kyt90OyWh6jWS7c/CPMqMVzRvB9RWAb2Vv8S63mfroY4tDYYj7gtgTQ3+UCmrXTax9d6KGGVRObnlaTtixpYXVRY3dMyNjRv6I2mTqJyMKH49C1TL0/tgIovqeBZz2yIZ3Xey/ednAVGM2mIryuKPUUEnsvjBx3rlrd5uMjzGKVmkHwVERK/LwagXUoOYT42xn3QPyUnt7P0OcvqU+1YOM3r3US1h3H8kvfuT34W6h8oCufhvE+m1JP0KojP6hlDl5PWA7rkrKWd0o/xZGIbmxSLGz+j/DcNkg4wFerfjMAxPntH/MHoHUpz2VBb/DsPwbkX1JL890at+FK3w0cx6/XY1iyIKeHL0UzUAfuSD/Q/2H1arWzXjPcO4XcWK+l+F+CML9j1ERDTl9HfsqIjMnAjxHq7rMq7f/9u7emqix/tKfEuBcgvo4z42k1cIrKWXWsIBvvUPfRvCpr5qBdZL+rM0kJcv3Y2uaoexhyKn3vCyOfOqTvWlOlbd3lAdxibvHTp5BTiK3XrFe4GIiOh8rc/oh4GJ/h+T/X9xov/fxIaO2LiSet1dGrulcDO5Oh5e0g8uHKfGVk5P/ttLbgwiIqIvCNv7VJSCXwnPc3rvV+r1ihls29Jzre9Jz2m0bOl0A9uzts1uy5Y9zw1cy23LnoeCs2r70t/p9VwvkE3Xkz3Xd3bVm99l/Op33+6Y3cCx/F7bNn1bWm43MK1ANhzfkr2d77Qdf9v21Mp+z7acpmOZgeN2pe/ueJZdltK37bFAp2F3A6fpRJNd2fOcjuntye+77Z2OLRu2b3lOL3B1gUldTrfpeh1VbBnhwi86JCIi+n/0+Ongwb1+f//RyYnV6NJczznGjJjpiXxKgRwjiIiI6HNm1F0vsFLxFSZERERERERERERERERERERERERERERERERTTn+kb8GJlbSHBYHhnJ9djOfgOUaPGE6VI/Cy+Xzm/UkN7Pciq2cWrTR5JGLw4JM5wavDOUnzj8ccL1IpLgEv3D5//RJwQc2BnpNb4gEw/fzo0o+xtIlvHugWnRWjFqYuKgz3RW75/zlEEw9/P71IRC0fhmE4f/XCZBvmz3485wA8ys/ZBaunHD/nfSYiovP2vwAAAP//Nlw29w==")
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2, 0x0, 0x1}, 0x18)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000380)=@o_path={&(0x7f00000001c0)='./file0\x00', r1}, 0x18)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2a00a9, &(0x7f0000000000)=ANY=[@ANYBLOB="060065726c00000000000000"])
futimesat(r0, &(0x7f0000000000)='./file1\x00', 0x0)
pipe(&(0x7f0000000080))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3, &(0x7f0000000080)=0xb, 0x8, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x5, 0x7f, 0xef0, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00')
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0)
preadv2(r6, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1, 0x0, 0x4, 0x1)
socket(0x10, 0x3, 0x0)
unshare(0x22020400)

26.988480461s ago: executing program 3 (id=4331):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r3)
sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x1c, r4, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4800}, 0x8004)
write$nci(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="414601", @ANYRES32=r3], 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r0}, 0x18)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x4)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={0xffffffffffffffff, 0x0, 0xe, 0x48000000, &(0x7f0000000300)="40f0538ef047b21fb60068305500", 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

26.815370354s ago: executing program 3 (id=4334):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x410040, 0x0)
write$P9_RMKDIR(r1, &(0x7f0000000040)={0x14, 0x49, 0x1, {0x10, 0x1, 0x1}}, 0x14)
sync_file_range(0xffffffffffffffff, 0x8, 0x9cb, 0x1)
close(0xffffffffffffffff)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000c00)={0xffffffffffffffff, 0xe0, &(0x7f0000000b00)={0x0, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdfb, 0x0, ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), <r4=>0x0, 0xf, &(0x7f0000000980), 0x0, 0x10, &(0x7f0000000a40), 0x0, 0x0, 0xe1, 0x8, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYRESHEX=r3, @ANYRES8=r2, @ANYRES64=r4, @ANYBLOB="18a14cecfad7dbe1f39e1f0ccb4485d7e65e1f7c0d3dfdf0fb08edfef1c6a32d9eae23"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1c, 0x10, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000001000000000000003b03000018110000", @ANYRES32=0x1, @ANYBLOB="2000000000000000c602000014000000b7032000000000008500000083000000bf09000000000000550901000000000008000000000000006222040000000000bf91000000000000b700000002000000000000b7000000000000009500"], &(0x7f00000001c0)='syzkaller\x00', 0x34, 0x3f, &(0x7f00000002c0)=""/63, 0x41000, 0x45, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x6, 0x80000001}, 0x8, 0x10, &(0x7f0000000340)={0x0, 0xe, 0x3, 0xf}, 0x10, r4, 0xffffffffffffffff, 0x0, &(0x7f0000000400)=[0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', r3, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000002b00)={'ip6_vti0\x00', &(0x7f0000002a80)={'syztnl0\x00', 0x0, 0x29, 0x0, 0x6, 0x0, 0x1c, @remote, @private0={0xfc, 0x0, '\x00', 0x1}, 0x60, 0x700, 0x1652, 0x8001}})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000002b40))
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}, {0xd, 0xfff2}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_BUCKETS_LOG={0x8, 0x8, 0x1}]}}]}, 0x38}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000003f80)={'batadv_slave_0\x00'})
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r10=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="7400000010000305000900"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000004c0012800c0001006d6163766c616e003c00028008000100100000001c0005800a000400aaaaaaaaaaaa00000a000400aaaaaaaaaaaa000008000300030000000a000400aaaaaaaaaaaa000008000500", @ANYRES32=r10], 0x74}, 0x1, 0x0, 0x0, 0x90}, 0x0)
r11 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x40)
getsockopt$inet_pktinfo(r11, 0x0, 0x8, &(0x7f0000000380)={0x0, @remote, @remote}, &(0x7f0000000400)=0xc)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
r12 = openat$vsock(0xffffffffffffff9c, 0x0, 0x141401, 0x0)
connect$inet6(r12, &(0x7f0000000180)={0xa, 0x4e1d, 0x521, @private0={0xfc, 0x0, '\x00', 0x1}, 0x4}, 0x1c)

26.814823484s ago: executing program 3 (id=4335):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x1, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r1}, 0x10)
setitimer(0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000240)='./bus\x00', 0x21081e, &(0x7f0000000440)={[{@minixdf}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}, {@user_xattr}]}, 0x0, 0x511, &(0x7f0000000a40)="$eJzs3c1vY1cVAPDjly8nkzZp6QIQtENbGNBonMTTRlUXUFYIoUqILkGahsQTRbHjKHZKE2aRrtkiMRIrWPIHsJ4Ve1ggZsdmWCDxEYEmSCyM3vNLxpOxJ9EksUP8+0lP73N8zp3k3Wsfx74BDK3rEbEXEeMR8XFEzOTHC/kSH7SX9LrH+/eWD/bvLRei1froH4XsfHosOv5N6lr+mMWI+MF3In5ceDZuY2d3falarWzl+3PN2uZcY2f31lptabWyWtkolxcXFuffu/1u+dza+kZtPN/68qPf733jp2la0/mRznacp3bTx47ipEYj4nsXEWwARvL2jA86EV5IEhGvRsSb2f0/EyPZTxMAuMparZlozXTuAwBXXZLVwApJKa8FTEeSlErtGt5rMZVU643mzbv17Y2Vdq1sNsaSu2vVynxeK5yNsUK6v5BtP9kvxx+K7WcU7f3bEfFKRPx8YjLbLy3XqysDe9YDAMPt2rHx/98T7fEfALjiioNOAADouxcZ/ycvIA8AoH+8/geA4WP8B4Dh0x7/VfQBYJh4/Q8Aw8f4DwBD5fsffpgurYP8+69XPtnZXq9/cmul0lgv1baXS8v1rc3Sar2+mn1nT+2kx6vW65sL78T2p7Pf3Gw05xo7u3dq9e2N5p3se73vVMayq/b60DIAoJdX3njwsJCOyO9PZkt0zOUwNtDMgIuWDDoBYGBGBp0AMDBm+4LhdYbX+MoDcEV0maL3KcVuHxBqtVqti0sJuGA3vqD+D8Oqo/7vr4BhyKj/w/BS/4fh1WoVTjvnf5z2QgDgclPjB3q8//9qvv5N/ubAj1aOX3H/IrMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAy+1w/t9SPhf4dCRJqRTxUkTMxljh7lq1Mh8RL0fEnybGJtL9hQHnDACcVfLXQj7/142Zt6efOvX6taPN8UjiJ7/86BefLjWbW3+MGC/8c6J9PKJ5Pz9e7n/2AMDJDsfpbL0QR9P/Pt6/t3y49DOfv307Iort+Af743FwFH80RrN1MUty6l+FfL+t0FG7OIu9zyLi893aX4jprAbSnvn0ePw09kt9jZ88FT/JzrXX6f/F584hFxg2D9L+54Nu918S17N19/u/mPVQZ5f3f+lDLR9kfeCT+If930iP/u/6aWO887vvtrcmnz33WcQXRyMOYx909D+H8Qs94r99yvh//tLrb/Y61/pVxI3oHr8z1lyztjnX2Nm9tVZbWq2sVjbK5cWFxfn3br9bnstq1HO9R4O/v3/z5V7n0vZP9YhfPKH9Xz1l+3/9349/+JXnxP/6W93iJ/Hac+KnY+LXnh/26Ndjaeq3xV4XpfFXerT/pJ//zZMannv0l91npg0HAAansbO7vlStVrb+jzYeps9pBp+Gjf5vpL+ylyCNrhvf6les8eh+6mdvte/pY6darReK1avHOI+qG3AZHN30EfGfQScDAAAAAAAAAAAAAAB01Y9PLA26jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFxd/wsAAP//W2HPFQ==")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x174)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, &(0x7f0000000300)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRES32=0x1, @ANYBLOB="03000000000000001000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="05000000020000000100"/28], 0x50)
prctl$PR_SET_UNALIGN(0x6, 0x2)
r3 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r3, 0x84, 0x25, &(0x7f0000000000), 0x20000010)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f00000007c0)=ANY=[@ANYRESHEX], &(0x7f00000006c0)=""/176, 0x50, 0xb0, 0x1, 0x9, 0x0, @void, @value}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000540), 0x84)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)

26.718782055s ago: executing program 3 (id=4338):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, 0x0, 0x0)
r1 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r1, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e)
connect$pptp(r1, &(0x7f0000000080)={0x18, 0x2, {0x0, @rand_addr=0x64010102}}, 0x1e)
socket$packet(0x11, 0xa, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r2 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)
close(r2)
perf_event_open(0x0, 0x0, 0x8, 0xffffffffffffffff, 0x8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000004c0)='sched_switch\x00', r3}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x100001f, &(0x7f0000000280), 0x21, 0x44b, &(0x7f0000000dc0)="$eJzs281vG0UbAPBn7aR9274lKSof/YAGCqICkTRpgR44tAgkDiAhwaEcQ5JWoW6DmiDRKoKAUDmiShy4IY5I/AWc4IKAExJXuKNKFcqlhZPR2ruJ49hJnNh1iH8/aZWZ3XFmHu+OPbPjDaBnDUXEpxHx/4j4PSIGIiKpLzBU/XN3cX7i78X5iSTK5Tf/Sirl7izOT+RF89ftyzML1fyRBvXOXrt+abxUmrqa5UfmLr83Mnvt+rPTl8cvTl2cujJ25szpU6MvPD/2XFviTNt05/CHM0cPvfr2zdcnzt985+dvkyy8qIujTYbWOvhkmyvrtv016aSviw2hJcWISE9Xf6X/D0Qxlk/eQLzySVcbB3RUuVwu725+eKEM7GBJdLsFQHfkX/Tp/Dff7tHQY1u4fa46AUrjvptt1SN9UcjK9NfNb9spnW2dX/jnq3SLztyHAABY4ftz1b+rx3+FeLCm3NlsbWgwIg7ULG4cjIgHIiplH4qIh1usv36RZPX4p3CrxX/ZknT892K2trVy/JeP/mKwmOX2V+LvTy5Ml6ZORsR9EXEi+nen+dE16vjh5d8+b3ZsqGb8l25p/flYMGvHrb66G3ST43PjW4m51u2PIw73NYo/WVoJSCLiUEQcPra5Oqaf/uZos2Prx7+GNqwzlb+OeKp6/heiLv5csvb65Mj/ojR1ciS/Klb75dcbbzSrv9X4D3y5PGdrh/T87214/S/FP1gu1qzXzrZex40/Pms6p9ns9b8reauS3pXt+2B8bu7qaMSu5LVs/9nl/WPLr83zefk0/hPHG/f/+2P5nTgSEelF/EhEPBoRx7K2PxYRj0fE8TXi/+mlJ97dfPydlcY/uc75T2rX6zeRKF768bsVlQ62En96/k9XUieyPRv5/NtoA7f6/gEAAMB/QaHy2/+kMLyULhSGh6u/lz8Yewulmdm5Zy7MvH9lsvqMwGD0F/I7XQM190NHs2l9nh+ry5/K7ht/UdxTyQ9PzJQmux089Lh9Tfp/6s9it1sHdJzntaB36f/Qu/R/6F36P/SsRs//79lAGWAHaPT9/1EX2gHce8b/0Lta7f/VyYEpAewEvv+hd+n/0JO28lx/JxP5+sN2ac+KRLm8Xpm+7dLUziWisC2aIdGhRJc/mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANrk3wAAAP//+TvoKw==")
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000800), 0xffffffffffffffff)
prctl$PR_SET_NAME(0xf, &(0x7f0000000180)='wg1\x00')
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000c00)='ext4_sync_fs\x00', r6, 0x0, 0xfffffffffffffff8}, 0x18)
sync()
pipe2(&(0x7f0000001cc0), 0x800)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7}, 0x10)
r8 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/net\x00')
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000ec0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000001400000408001d00", @ANYRES32=r8, @ANYBLOB="08000100"], 0x24}}, 0x0)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r4, 0x0, 0x24000080)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

22.817005596s ago: executing program 3 (id=4384):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = fsmount(r1, 0x0, 0x0)
fchdir(r3)
open(&(0x7f0000000280)='.\x00', 0x0, 0x8)
close_range(r0, 0xffffffffffffffff, 0x0)

22.816797586s ago: executing program 32 (id=4384):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = fsmount(r1, 0x0, 0x0)
fchdir(r3)
open(&(0x7f0000000280)='.\x00', 0x0, 0x8)
close_range(r0, 0xffffffffffffffff, 0x0)

2.765551867s ago: executing program 2 (id=4614):
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x400e, &(0x7f0000000300), 0x1, 0x440, &(0x7f0000000cc0)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=")
r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000280), 0x10000, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
syz_usb_disconnect(r2)
syz_usb_connect(0x4, 0x65, &(0x7f0000000500)=ANY=[], 0x0)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f00000000c0)={0x9}, 0x10)
sendmsg$nl_route_sched(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@gettaction={0x1c, 0x5a, 0xc6b747b6bf1c6b95, 0x0, 0x0, {}, [@action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8}]}, 0x1c}}, 0x0)
r4 = openat$cgroup_devices(r1, &(0x7f0000000140)='devices.allow\x00', 0x2, 0x0)
ioctl$FS_IOC_GETFSUUID(r4, 0x80111500, &(0x7f00000002c0))
ioctl$EVIOCRMFF(r2, 0xc0085508, &(0x7f00000000c0)=0x7)
r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
splice(0xffffffffffffffff, 0x0, r5, 0x0, 0x88000cc, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000200)=@generic={&(0x7f00000001c0)='./file1\x00', 0x0, 0x10}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1}, &(0x7f0000000240), &(0x7f0000000380)=r0}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000180)={0x2, &(0x7f0000000340)=[{0x7, 0xfe, 0x0, 0x7ffbffff}, {0x7fff, 0x0, 0x0, 0x9}]})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
msgget$private(0x0, 0x0)

2.411791712s ago: executing program 5 (id=4619):
r0 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000200)={[{@max_batch_time={'max_batch_time', 0x3d, 0x358}}, {@resuid}, {@stripe={'stripe', 0x3d, 0x9}}]}, 0x3, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==")
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{}, 0x0, &(0x7f0000000840)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000380)='ext4_request_blocks\x00'}, 0x18)
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r2, 0x2007ffc)
sendfile(r2, r2, 0x0, 0x800000009)

2.201203996s ago: executing program 0 (id=4620):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x2, 0x0, @loopback, 0x4}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000340)=@gcm_256={{0x303}, '\x00', "372a31a11e03279cec094e071cc80f218d360356a936a7e3971a8c35c47e5804", "400100", "fffffffffffffffd"}, 0x38)
setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000200)=0xffffffffffffffff, 0x4)
writev(r1, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)

2.051147679s ago: executing program 5 (id=4621):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
rt_tgsigqueueinfo(r0, r0, 0x8, &(0x7f0000000140)={0x3d, 0x5, 0xfffffff9})
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='sched_switch\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, 0x0, 0x44084)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000700)='/proc/keys\x00', 0x0, 0x0)
syz_io_uring_setup(0x54fd, 0x0, 0x0, 0x0)
r2 = perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x17, 0x40, 0x6, 0x0, 0x0, 0x10409, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x4}, 0x108bcf, 0x7ff, 0xffff, 0x8, 0xb, 0x2, 0x3ff, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x100000b, 0x12011, r2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x51031, 0xffffffffffffffff, 0x0)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r3, 0xc0105500, &(0x7f0000000040)={0x0, 0x0, 0x8, 0x10, 0x0, 0x9, 0x0})
delete_module(&(0x7f0000000000)='-%{,}:,,\x00', 0x800)
io_uring_setup(0xeb4, &(0x7f0000000180)={0x0, 0x40000, 0x2, 0x3, 0x241})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="19000000040000000800"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$kcm(0x2, 0xa, 0x2)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
preadv(r6, &(0x7f0000000100)=[{&(0x7f0000000140)=""/197, 0xc5}], 0x1, 0x1036, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00'}, 0x10)
mount$tmpfs(0x0, &(0x7f0000000580)='./cgroup.cpu/cgroup.procs\x00', &(0x7f00000005c0), 0xa00806, &(0x7f0000000a00)=ANY=[])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r4}, &(0x7f0000000380), &(0x7f0000000200)=r5}, 0x20)
r7 = inotify_init1(0x0)
inotify_add_watch(r7, 0x0, 0x40000022)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0)

2.017455859s ago: executing program 0 (id=4623):
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
inotify_init1(0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)
recvmsg(r0, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x437aba2}], 0x1, 0x0, 0x46, 0x407006}, 0x104)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)

1.95759395s ago: executing program 2 (id=4624):
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, 0x0, &(0x7f0000001480))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x50, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xfffffd93, 0x2, [@TCA_CAKE_ATM={0x8, 0x4, 0x3}, @TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x9}, @TCA_CAKE_MEMORY={0x8, 0xa, 0x101}]}}]}, 0x50}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES16=r1], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000300), r1)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r2, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000340)={&(0x7f0000000500)={0xf8, r3, 0x110, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x34, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @initdev={0xac, 0x1e, 0x1, 0x0}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x53}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x40}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}]}, @MPTCP_PM_ATTR_ADDR={0x38, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @empty}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x58, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x3e}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x7}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x5}]}, 0xf8}, 0x1, 0x0, 0x0, 0xc000}, 0x10)

1.884902371s ago: executing program 0 (id=4627):
creat(&(0x7f0000000040)='./bus\x00', 0x8)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')

1.847461191s ago: executing program 5 (id=4628):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x24, &(0x7f0000000d00)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000e868495fb58d00b6ad1f50ad32d6ad25dfd73a015e0ca6a0f68a7d007dc6751dfb265a0e3ccae669e173a64bc1cfd514600650a58f145ff1205fc9ddaa275e687d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983cd44c05bd0a48dfe3e26e7a23129d6606ed28a69989d552af6d9a9df2c3af36e0360070011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a1a83109753f54b21cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b81a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a928903000000cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba739cd0c31b05c00fba8a4aee676d7caa2e53b91a68ff2e60da7b01a2e5785a238afa4aba70c08b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf78b04963d679d5a5d07e618a1ef9057fec00f9e93021f5a8d30e716de8cde9c6000000000c3b64d10f0939b42b33ab2a8717096c58bb3bb1d457d8bb96870f5a7e2ba31fd69bb80235d957eaa9a40b764e5381ffa604aaafb76a980e72b408f686b185736693089213b4e140f8f38e5589663115093889deb646122a5dc5a9e5ba4d37749a36b880110e2bf524b79bc91105f1d3f7d0de694a9417d68694f17ba5e27ea1cec518b93fadcfe0de010ae9be3273ff73c34b5695080a35bfa5c69e3b533e1b939c81b3beda037b7191cb0000000000000000000010e5d683b8938db5c305cf7e6e62a6890ba9e1f4ee64f8202b59de5036569febfaa95f4633db108b2f786333ec7bacc927f4a1785165b5d2444b4c022bb5cff472e6a0c8ee9d6d8df83b704669147b732ac508c9b9f0ca0a1ce45319d43d4643eb285835daf2065b57bebd61ad6671296c27253a5f9688d57c91ccd40ffe2dbc5dd1613a2e6f5b363cc8d205ce6ef3c3c6ded7dd3dfdb39008d8997213f68cdc971c1d6fdacb7729a5560880a77525e9cfb94ef1735dfe74e6b948699d2e9d6adec4a0db12498b027f7e3580436b532a82e315d56b17a5dba98436cc24babaae409f0aab0b40af116001bc85492455956e853ead08b5793d4ecf72378a3dfd9cc837b1c66212d9a2be8fd6341c2f837c7fe09924a51ec42912856cce3d3b2d092c80813aad03e1e63a655f4138730f302df339f30a4fbd453c9a0fba381d071ad7cb80a52bec572e29b0b9b55c235806b97e166609f8083ce776075c"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f0000000600)=""/198, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0xffffffff}, 0x10)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
close(r2)
r3 = getpid()
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xc5fffffd)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
unshare(0x68040200)

1.814144612s ago: executing program 2 (id=4629):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file1\x00')
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0x14846, &(0x7f00000000c0)=ANY=[@ANYRES16=0x0], 0x0, 0x709, &(0x7f0000002000)="$eJzs3V2P21gZB/D/STJJJoWqYlG1qrqd0ykrTcWQOpltqqggYRwnY0jiyPbAjIS0KnRmNWqmQFskmpt2bniRli/A3d5wwYdYiQuu9lvAFUgrJCTECoSMfI6dl4mTmbTpdMv+f6PdOPbjcx4fe33WM/YxiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiICMJqGEZFoO10d3blbFbDczvJlyymluvSVnBTT9ycV+dKVC8gon9QLOJtPfvtr45CLkf/WsdV/e0qitFHEYMLly/dfSuXSdafk/CLwKIFPn46eHCv399/dIbYLBYu/nVC5gxBLbvr+K7TMVu2dHxX1ms149Z205dNp237e35gd6Tl2ZnA9eSGdVNW6vUtaZf33J1uq2G27WTmnW9UDaMmv1vQOxpA2be2nXbb6bZUTLQ4irkjP/yhDrDNjpQHh/39rbF8nqW1cRRUSUk+Mx4cBVVP29yqUa1WKtVqpXa7fvuOYeTiGSJO2sgZEWEMYWqVpR+09IZZ3smb6CVlrMZ/jD8LoI0iutjBLmTqj4UGPLjozFgeS/r/d2/Zc+sd7/+TXn5ltPgKVP9/TX+7Nqv/n5GLhFQrpC0RM+Yv9rOiMpJ4jKcY4AHuoY8+9vFoCWVLyLWXLiFvxC25lHxm/rRgowsHPlw46MBEC1+GjOdI1FFDDQbexzaa8CHRhIM2bPjYg48AdnRE5aNMbZgI4MKDxAYs3IREBXXUsQUJG2XswcUOumihARP/CsPwAIeq3bfifJ6nbDWSoMqMjSgglxx3+6jO2dpZ/f+Pnum1df8fZgH2/19M+jgo6I9P5sUQfQ6E8fX/gtZeTTZERERERERE9CoI9dt3of4q/w6AEE2nbRsTMYXXlh0RERERERERLYNAWMBVCH1XPt6BmL7+JyIiIiIiIqI3m1DP2AkAJXVTvxg9LnWWXwJkzyFFIiIiIiIiInpJ6sn/a3kgVHf5r0EsdP1PRERERERERG+AX4+NsZ/LxmPshsmf9TMA1v5SEB//vQBvRRz3dr8mjsxoiXkUx0zdARA0r4iL8UC96iMPQH2z7Ksirk0C/0x++xD59CB9rP/noSaE8E4kkM+OFzAjARHVXMvF3/AhrutVrsfjzN8fZKCW6BGFS02nbZctt323AtO8mAns3eDnDw9/AXjD7Tw47O+Xf/yT/n2Vy3E06/goKvTZRDqZ9MYY5fJEjbegnrlIG914Fc2kyt90OyWh6jWS7c/CPMqMVzRvB9RWAb2Vv8S63mfroY4tDYYj7gtgTQ3+UCmrXTax9d6KGGVRObnlaTtixpYXVRY3dMyNjRv6I2mTqJyMKH49C1TL0/tgIovqeBZz2yIZ3Xey/ednAVGM2mIryuKPUUEnsvjBx3rlrd5uMjzGKVmkHwVERK/LwagXUoOYT42xn3QPyUnt7P0OcvqU+1YOM3r3US1h3H8kvfuT34W6h8oCufhvE+m1JP0KojP6hlDl5PWA7rkrKWd0o/xZGIbmxSLGz+j/DcNkg4wFerfjMAxPntH/MHoHUpz2VBb/DsPwbkX1JL890at+FK3w0cx6/XY1iyIKeHL0UzUAfuSD/Q/2H1arWzXjPcO4XcWK+l+F+CML9j1ERDTl9HfsqIjMnAjxHq7rMq7f/9u7emqix/tKfEuBcgvo4z42k1cIrKWXWsIBvvUPfRvCpr5qBdZL+rM0kJcv3Y2uaoexhyKn3vCyOfOqTvWlOlbd3lAdxibvHTp5BTiK3XrFe4GIiOh8rc/oh4GJ/h+T/X9xov/fxIaO2LiSet1dGrulcDO5Oh5e0g8uHKfGVk5P/ttLbgwiIqIvCNv7VJSCXwnPc3rvV+r1ihls29Jzre9Jz2m0bOl0A9uzts1uy5Y9zw1cy23LnoeCs2r70t/p9VwvkE3Xkz3Xd3bVm99l/Op33+6Y3cCx/F7bNn1bWm43MK1ANhzfkr2d77Qdf9v21Mp+z7acpmOZgeN2pe/ueJZdltK37bFAp2F3A6fpRJNd2fOcjuntye+77Z2OLRu2b3lOL3B1gUldTrfpeh1VbBnhwi86JCIi+n/0+Ongwb1+f//RyYnV6NJczznGjJjpiXxKgRwjiIiI6HNm1F0vsFLxFSZERERERERERERERERERERERERERERERERTTn+kb8GJlbSHBYHhnJ9djOfgOUaPGE6VI/Cy+Xzm/UkN7Pciq2cWrTR5JGLw4JM5wavDOUnzj8ccL1IpLgEv3D5//RJwQc2BnpNb4gEw/fzo0o+xtIlvHugWnRWjFqYuKgz3RW75/zlEEw9/P71IRC0fhmE4f/XCZBvmz3485wA8ys/ZBaunHD/nfSYiovP2vwAAAP//Nlw29w==")
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2, 0x0, 0x1}, 0x18)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000380)=@o_path={&(0x7f00000001c0)='./file0\x00', r1}, 0x18)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2a00a9, &(0x7f0000000000)=ANY=[@ANYBLOB="060065726c00000000000000"])
futimesat(r0, &(0x7f0000000000)='./file1\x00', 0x0)
pipe(&(0x7f0000000080))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3, &(0x7f0000000080)=0xb, 0x8, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x5, 0x7f, 0xef0, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000), &(0x7f00000007c0), 0x402, r3}, 0x38)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00')
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0)
preadv2(r6, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1, 0x0, 0x4, 0x1)
socket(0x10, 0x3, 0x0)
unshare(0x22020400)

1.810368612s ago: executing program 0 (id=4630):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x8020000)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000480)=ANY=[], 0x15)
r4 = dup(r3)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r6, 0x0, 0xfffffffffffffffc}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

1.750458993s ago: executing program 1 (id=4631):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x83, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}, 0x1, 0x0, 0x0, 0x9, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = getpid()
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x9, 0x0, 0x0, 0x0, 0x0, 0x9, 0xa2516, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, @perf_bp={0x0, 0x8}, 0x2, 0x4, 0x20}, r1, 0x1, r0, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00'}, 0x18)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x200008, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@quota}]}, 0x1, 0x504, &(0x7f0000001000)="$eJzs3c9vI1cdAPDveOPEyaZNWnoABO3SFha0WifxtlHVA5QTQqgSokeQtiHxRlHsOIqd0oQ9pGckTkhU4gRH/gDOPXHnguDGpRyQ+BGBGiQORjMep07W3gSS2FH8+UijeW/erL/vbXbei7/Z+AUwtu5ExEFETEbEuxExl19P8iPe6hzpfZ8cPl49Ony8mkS7/c7fk6w9vRY9fyZ1O3/NUkR871sRP0yejNvc299cqdWqO3l9oVXfXmju7d/fqK+sV9erW5XK8tLy4hsPXq9c2lhfqk/mpS9+/LuDr/047dZsfqV3HJepM/TicZzURER85yqCjcCtfDyTo+4I/5dCRDwfES9nz/9c3Mq+mgDATdZuz0V7rrd+LDlZBQBuikKWA0sK5TwXMBuFQrncyeG9EDOFWqPZuveosbu11smVzUex8GijVl3Mc4XzUUzS+lJW/rReOVV/EBHPRcTPpqazenm1UVsb5Tc+ADDGbp9a//811Vn/AYAbrjTqDgAAQ2f9B4DxY/0HgPFj/QeA8dNZ/6dH3Q0AYIi8/weA8WP9B4Cx8t23306P9lH++ddr7+3tbjbeu79WbW6W67ur5dXGznZ5vdFYzz6zp37W69Uaje2l12L3/fmvbzdbC829/Yf1xu5W62H2ud4Pq8XsroMhjAwAGOS5lz76Y5KuyG9OZ0f07OVQHGnPgKtWGHUHgJG5NeoOACNjty8YXxd4j1+M+KkUAdwAfbboPaHU7xeE2u12++q6BFyxu5+T/4dx1ZP/97+AYczI/8P4kv+H8dVuJ+fd5D/OeyMAcL3J8QMDfv7/fH7+df7DgR+snb7jw6vsFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFxv3f1/y/le4LNRKJTLEc9ExHwUk0cbtepiRDwbEX+YKk6l9aUR9xkAuKjCX5J8/6+7c6/Onmh68fZxcTIifvSLd37+/kqrtfP7iMnkH1Pd660P8+uV4fceADhbd53Ozj1v5D85fLzaPYbZn79+MyJKnfhHh5NxdBx/IiaycymKETHzzySvdyQ9uYuLOPggIj7bb/xJzGY5kM7Op6fjp7GfGWr8won4haytc07/Lj5zCX2BcfNROv+81e/5K8Sd7Nz/+S9lM9TF5fNf+lKrR9kc+Gn87vx3a8D8d+e8MV777bc7pekn2z6I+PxERDf2Uc/8042fDIj/6jnj/+kLL748qK39y4i70T9+b6yFVn17obm3f3+jvrJeXa9uVSrLS8uLbzx4vbKQ5agXBq8Gf3vz3rOD2tLxzwyIXzpj/F8+5/h/9Z93v/+lp8T/6iv94hfihafET9fEr5wz/srMb0qD2tL4awPGf9bX/94543/85/0ntg0HAEanube/uVKrVXcUFK5/If0new260bfwjWHFmoz+TT95pfNMn2rqfu//P8YaNGNcRtYNuA6OH/qI+PeoOwMAAAAAAAAAAAAAAPQ1jN9YGvUYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLn+GwAA//+hm8cd")

1.665489504s ago: executing program 0 (id=4632):
r0 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000200)={[{@max_batch_time={'max_batch_time', 0x3d, 0x358}}, {@resuid}, {@stripe={'stripe', 0x3d, 0x9}}]}, 0x3, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==")
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{}, 0x0, &(0x7f0000000840)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000380)='ext4_request_blocks\x00'}, 0x18)
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r2, 0x2007ffc)
sendfile(r2, r2, 0x0, 0x800000009)

1.374084219s ago: executing program 1 (id=4634):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000570000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
personality(0x400000d)

1.204758581s ago: executing program 1 (id=4636):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
syz_open_procfs(0x0, &(0x7f00000004c0)='net/rt_acct\x00')
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
r2 = socket(0x2, 0x80805, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, 0x0, &(0x7f0000000140))
getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000200)={<r4=>0x0, 0xd, 0x6, 0x1, 0x2, 0x4}, &(0x7f0000000240)=0x14)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000000280)={r4}, &(0x7f00000002c0)=0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0xf904}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000001, 0x11, 0xffffffffffffffff, 0x0)
r5 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000180), 0xa082, 0x0)
setsockopt$MRT_ADD_VIF(r5, 0x0, 0xca, &(0x7f00000001c0)={0x1, 0x4, 0x7, 0x80, @vifc_lcl_addr=@remote, @local}, 0x10)
syz_clone(0x44066000, 0x0, 0x0, 0x0, 0x0, 0x0)
open(0x0, 0x145142, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x14, &(0x7f0000000740)={0x77359400}, 0x10)
setns(0xffffffffffffffff, 0x2000000)
getsockopt$inet_sctp_SCTP_MAXSEG(r5, 0x84, 0xd, &(0x7f0000000040)=@assoc_value={r4, 0x3}, &(0x7f0000000300)=0x8)
r9 = gettid()
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYRESOCT=r8, @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007000000f8ffffffb703000008000000b71d018afafaad13670000002400000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r10 = gettid()
capget(&(0x7f0000000000)={0x20071026, r10}, 0x0)
socketpair(0x18, 0x0, 0x2, &(0x7f0000000000))
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r6, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x500, 0x0, 0x2000040}, 0xc, &(0x7f0000000240)={&(0x7f0000000800)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010028bd7000ffdbdf2514000000080001000100000008000300", @ANYRES32=0x0, @ANYBLOB="08001c00", @ANYRES32=r9], 0x2c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)

1.086772413s ago: executing program 4 (id=4638):
r0 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000680)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func={0x4, 0x0, 0x0, 0xc, 0x3}]}}, 0x0, 0x26, 0x0, 0x1, 0x9, 0x0, @void, @value}, 0x28)
socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000200)={[{@max_batch_time={'max_batch_time', 0x3d, 0x358}}, {@resuid}, {@stripe={'stripe', 0x3d, 0x9}}]}, 0x3, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
clock_nanosleep(0x9, 0x0, &(0x7f00000000c0)={0x0, 0x3938700}, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000380)='ext4_request_blocks\x00', r5}, 0x18)
r6 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r6, 0x2007ffc)
sendfile(r6, r6, 0x0, 0x800000009)

939.850366ms ago: executing program 5 (id=4639):
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, 0x0, &(0x7f0000001480))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x50, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xfffffd93, 0x2, [@TCA_CAKE_ATM={0x8, 0x4, 0x3}, @TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x9}, @TCA_CAKE_MEMORY={0x8, 0xa, 0x101}]}}]}, 0x50}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES16=r1], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000300), r1)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r2, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000340)={&(0x7f0000000500)={0xf8, r3, 0x110, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x34, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @initdev={0xac, 0x1e, 0x1, 0x0}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x53}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x40}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}]}, @MPTCP_PM_ATTR_ADDR={0x38, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @empty}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x58, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x3e}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x7}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x5}]}, 0xf8}, 0x1, 0x0, 0x0, 0xc000}, 0x10)

750.536908ms ago: executing program 1 (id=4640):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x20, r1, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x4048000)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r2)
sendmsg$IEEE802154_ASSOCIATE_RESP(r2, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000800)={0x14, r3, 0x4043c4b8c3a9da03, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x40010) (async, rerun: 64)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) (async, rerun: 64)
ustat(0x10, &(0x7f0000000080)) (rerun: 64)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r6=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000540)={0x5c, r5, 0x5eae78d9c54e9d3f, 0x0, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_SEC_KEY={0x40, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "3e7d9e838196f61c9b54c9c6b8bd5d48"}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_ID={0x20, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}]}, @NL802154_KEY_ID_ATTR_MODE={0x8}]}]}]}, 0x5c}}, 0x0)
sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, r1, 0x20, 0x70bd2d, 0x25dfdbfc, {}, [@NL802154_ATTR_CHANNEL={0x5, 0x8, 0xf}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_CHANNEL={0x5}]}, 0x2c}}, 0x10) (async)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x1b, 0x1, 0x0, 0x0, {{@in6=@mcast1, @in6=@ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x0, 0x0, 0x0, 0x80, 0xa, 0x0, 0xb0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xf, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x2, 0x2}, 0x2, 0x8}, [@tmpl={0x44, 0x8, [{{@in6=@loopback={0x800000000000000}, 0x4d4}, 0x0, @in6=@private2={0xfc, 0x2, '\x00', 0x1}}]}]}, 0xfc}}, 0x0)

740.917259ms ago: executing program 4 (id=4641):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x4, 0x3, 0xff, "0062ba7d820000000001001f820dac4eb71eed"})
r2 = syz_open_pts(r1, 0x800)
r3 = dup(r2)
fsetxattr$security_selinux(r3, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)

655.85693ms ago: executing program 1 (id=4642):
creat(&(0x7f0000000040)='./bus\x00', 0x8)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')

654.73699ms ago: executing program 0 (id=4643):
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
inotify_init1(0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)
recvmsg(r0, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x437aba2}], 0x1, 0x0, 0x46, 0x407006}, 0x104)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)

587.425601ms ago: executing program 1 (id=4644):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x3b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x6}, 0x18)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8)
sendto$inet6(r1, &(0x7f0000000340)="04", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0xfffffff9, @rand_addr=' \x01\x00'}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f00000002c0)={0x0, 0x0, 0x4}, 0x8)

587.098931ms ago: executing program 4 (id=4645):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x83, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}, 0x1, 0x0, 0x0, 0x9, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = getpid()
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x9, 0x0, 0x0, 0x0, 0x0, 0x9, 0xa2516, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, @perf_bp={0x0, 0x8}, 0x2, 0x4, 0x20}, r1, 0x1, r0, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x200008, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@quota}]}, 0x1, 0x504, &(0x7f0000001000)="$eJzs3c9vI1cdAPDveOPEyaZNWnoABO3SFha0WifxtlHVA5QTQqgSokeQtiHxRlHsOIqd0oQ9pGckTkhU4gRH/gDOPXHnguDGpRyQ+BGBGiQORjMep07W3gSS2FH8+UijeW/erL/vbXbei7/Z+AUwtu5ExEFETEbEuxExl19P8iPe6hzpfZ8cPl49Ony8mkS7/c7fk6w9vRY9fyZ1O3/NUkR871sRP0yejNvc299cqdWqO3l9oVXfXmju7d/fqK+sV9erW5XK8tLy4hsPXq9c2lhfqk/mpS9+/LuDr/047dZsfqV3HJepM/TicZzURER85yqCjcCtfDyTo+4I/5dCRDwfES9nz/9c3Mq+mgDATdZuz0V7rrd+LDlZBQBuikKWA0sK5TwXMBuFQrncyeG9EDOFWqPZuveosbu11smVzUex8GijVl3Mc4XzUUzS+lJW/rReOVV/EBHPRcTPpqazenm1UVsb5Tc+ADDGbp9a//811Vn/AYAbrjTqDgAAQ2f9B4DxY/0HgPFj/QeA8dNZ/6dH3Q0AYIi8/weA8WP9B4Cx8t23306P9lH++ddr7+3tbjbeu79WbW6W67ur5dXGznZ5vdFYzz6zp37W69Uaje2l12L3/fmvbzdbC829/Yf1xu5W62H2ud4Pq8XsroMhjAwAGOS5lz76Y5KuyG9OZ0f07OVQHGnPgKtWGHUHgJG5NeoOACNjty8YXxd4j1+M+KkUAdwAfbboPaHU7xeE2u12++q6BFyxu5+T/4dx1ZP/97+AYczI/8P4kv+H8dVuJ+fd5D/OeyMAcL3J8QMDfv7/fH7+df7DgR+snb7jw6vsFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFxv3f1/y/le4LNRKJTLEc9ExHwUk0cbtepiRDwbEX+YKk6l9aUR9xkAuKjCX5J8/6+7c6/Onmh68fZxcTIifvSLd37+/kqrtfP7iMnkH1Pd660P8+uV4fceADhbd53Ozj1v5D85fLzaPYbZn79+MyJKnfhHh5NxdBx/IiaycymKETHzzySvdyQ9uYuLOPggIj7bb/xJzGY5kM7Op6fjp7GfGWr8won4haytc07/Lj5zCX2BcfNROv+81e/5K8Sd7Nz/+S9lM9TF5fNf+lKrR9kc+Gn87vx3a8D8d+e8MV777bc7pekn2z6I+PxERDf2Uc/8042fDIj/6jnj/+kLL748qK39y4i70T9+b6yFVn17obm3f3+jvrJeXa9uVSrLS8uLbzx4vbKQ5agXBq8Gf3vz3rOD2tLxzwyIXzpj/F8+5/h/9Z93v/+lp8T/6iv94hfihafET9fEr5wz/srMb0qD2tL4awPGf9bX/94543/85/0ntg0HAEanube/uVKrVXcUFK5/If0new260bfwjWHFmoz+TT95pfNMn2rqfu//P8YaNGNcRtYNuA6OH/qI+PeoOwMAAAAAAAAAAAAAAPQ1jN9YGvUYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLn+GwAA//+hm8cd")

574.164201ms ago: executing program 5 (id=4646):
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x50, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xfffffd93, 0x2, [@TCA_CAKE_ATM={0x8, 0x4, 0x3}, @TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x9}, @TCA_CAKE_MEMORY={0x8, 0xa, 0x101}]}}]}, 0x50}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES16=r2], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000300), r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, &(0x7f0000000540)='\x00', &(0x7f0000001c80)='n', 0x1)
close(0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r4, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000340)={&(0x7f0000000500)={0xf8, r5, 0x110, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x34, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @initdev={0xac, 0x1e, 0x1, 0x0}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x53}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x40}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}]}, @MPTCP_PM_ATTR_ADDR={0x38, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @empty}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x58, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x3e}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x7}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r1}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x5}]}, 0xf8}, 0x1, 0x0, 0x0, 0xc000}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
ioctl$IMADDTIMER(0xffffffffffffffff, 0x80044940, 0x0)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="500000000906010200000000004e2200020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000003}, 0x80)

426.178124ms ago: executing program 4 (id=4647):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000040)={0xb, {'syz1\x00', 'syz0\x00', 'syz1\x00', 0xa3, 0x9, 0x80000000, 0x10000, 0x1, 0x8, "07a9a9d408b52ffcf4685ad757d6b0e73614b5690c4560684403aed7ee5a000ee45efc6ec9db995ee18962b5f1da86e0a61b1eee984c7501e0d7c0e67344a03562bc9aaa26f8d494b2d54ece867885f1b5482542ca4e4b8d4a49e34a72326e1ee77e37242dab8702cded1b51f1a9fa040980786fc0044297fc6e5d59993ca634085040c61a1a589454a78b7fa43d416955269d0846613ce95c07fa6942b1e60f409624"}}, 0x1bb)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000380)={&(0x7f0000000240)={0x104, 0x16, 0x2, 0x70bd2d, 0x25dfdbfb, {0x1f}, [@generic="35789b7082b8fea6402cec8789e354e86f5731dd591c601a6844f22610f4ed21230bae4ac6e764f0596fc9f69d46d09e8141beb18589b2c92396989883109590773670ff58eaeaf38fea205f820c89ce37e43351c24bf3856b96bd44ec9fc6a0af9ab103084bcbd8776367e6855a358fa88eee0191f404c325bf480eb56f5a27a46ea935ea229b3751dbc88b585531c77ae462fa1a80d9a260a03daaf0826942ad23051708b12497feb2f8a52ff2521d9ba2eec213489f34624151f59e37c7492745647f572efeb90fe98128a880aadd6598aee049a1dd3e92ac3f622d84c198a365b26eefb9f837abedc9f0a26221"]}, 0x104}, 0x1, 0x0, 0x0, 0x17a8ec2ecdf874df}, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000480)={{0xffffffffffffffff, <r2=>0xffffffffffffffff}, &(0x7f0000000400), &(0x7f0000000440)='%pS    \x00'}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000540)={{r2}, &(0x7f00000004c0), &(0x7f0000000500)='%pK    \x00'}, 0x20) (async)
r3 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r3, 0x84, 0x20, &(0x7f00000005c0)=0x1, 0x4) (async)
sync_file_range(r1, 0x7, 0x9, 0x2) (async)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r3, 0x84, 0xf, &(0x7f0000000600)={<r4=>0x0, @in6={{0xa, 0x4e21, 0x7ff, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}}}, 0x4, 0x1ff, 0x6, 0xc, 0x3}, &(0x7f00000006c0)=0x98)
getsockopt$inet_sctp6_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000700)={r4, 0x0, 0xa6c, 0x2}, &(0x7f0000000740)=0x10) (async)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000780), r5) (async)
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f00000007c0), r1) (async)
r7 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000800), 0x2, 0x0) (async)
sync()
ioctl$SNDRV_TIMER_IOCTL_CREATE(r3, 0xc02054a5, &(0x7f0000000840)={0x3, <r8=>r2, 'id1\x00'}) (async)
sendmsg$nl_route_sched(r3, &(0x7f0000000980)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)=@deltclass={0x34, 0x29, 0x2, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xe, 0xfff3}, {0x3, 0xe}, {0xd, 0xfff2}}, [@tclass_kind_options=@c_red={0x8}, @TCA_RATE={0x6, 0x5, {0x1, 0x2}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000400}, 0x20000000) (async)
write$UHID_DESTROY(r3, &(0x7f00000009c0), 0x4) (async)
openat$urandom(0xffffffffffffff9c, &(0x7f0000000a00), 0x8a502, 0x0) (async)
getpeername$packet(r3, &(0x7f0000000a40)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000a80)=0x14)
setsockopt$inet6_mreq(r8, 0x29, 0x1b, &(0x7f0000000ac0)={@remote, r9}, 0x14)
io_setup(0x4, &(0x7f0000000b00))
sendmsg$WG_CMD_SET_DEVICE(r7, &(0x7f0000000c40)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000b80)={0x5c, r6, 0x420, 0x70bd25, 0x25dfdbfc, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r9}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @a}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000014}, 0x8014) (async)
socketpair(0xb, 0x5, 0x7fff, &(0x7f0000000c80)) (async)
socket$kcm(0x29, 0x5, 0x0)
r10 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001180)=@bpf_ext={0x1c, 0x1b, &(0x7f0000000ec0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@exit, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xe2}}, @btf_id={0x18, 0x5, 0x3, 0x0, 0x2}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x1}}}, &(0x7f0000000fc0)='syzkaller\x00', 0x9, 0x82, &(0x7f0000001000)=""/130, 0x41100, 0x4, '\x00', r9, 0x0, r3, 0x8, &(0x7f00000010c0)={0x1, 0x1}, 0x8, 0x10, &(0x7f0000001100)={0x2, 0xf, 0x0, 0x800}, 0x10, 0xf774, 0xffffffffffffffff, 0x0, &(0x7f0000001140)=[r8], 0x0, 0x10, 0x401, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x1e, 0x9, &(0x7f0000000cc0)=@raw=[@btf_id={0x18, 0x8, 0x3, 0x0, 0x5}, @map_idx={0x18, 0x5, 0x5, 0x0, 0xe}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7ff}, @jmp={0x5, 0x0, 0x3, 0xa, 0x5, 0x6, 0xffffffffffffffff}, @cb_func={0x18, 0x8, 0x4, 0x0, 0x6}], &(0x7f0000000d40)='GPL\x00', 0x0, 0xd0, &(0x7f0000000d80)=""/208, 0x41000, 0x30, '\x00', r9, @sk_lookup=0x7ef3825d57de2f8a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000e80)={0x5, 0x2, 0x7, 0x8001}, 0x10, 0x0, r10, 0x3, 0x0, &(0x7f0000001240)=[{0x0, 0x2, 0xa, 0x7}, {0x4, 0x5, 0x2, 0x9}, {0x1, 0x2, 0x1, 0x3}], 0x10, 0xb59, @void, @value}, 0x94) (async)
pivot_root(&(0x7f0000001340)='./file0\x00', &(0x7f0000001380)='./file0\x00')
sched_setaffinity(0x0, 0x8, &(0x7f0000001440)=0x55a)

371.385274ms ago: executing program 5 (id=4648):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @lirc_mode2=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r1}, &(0x7f0000000380), &(0x7f00000003c0)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r3}, 0x10)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x4c, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1, 0x5dd8, 0x0, 0x3, 0x400000, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x8220c00, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x369ac89f52bf2160}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="191d25bd7000ffdbdf256300000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
openat$cgroup_procs(r7, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
openat$cgroup(r7, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)

357.055795ms ago: executing program 2 (id=4649):
accept(0xffffffffffffffff, 0x0, &(0x7f0000000040))
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x653ab2f87f83228c}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
write$P9_RLERRORu(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="5300000007000046009d40ed", @ANYRESHEX=r3], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x2004000, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB='\x00\x00'])

248.412596ms ago: executing program 4 (id=4650):
accept(0xffffffffffffffff, 0x0, &(0x7f0000000040))
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x653ab2f87f83228c}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
write$P9_RLERRORu(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="5300000007000046009d40ed", @ANYRESHEX=r3], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x2004000, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB='\x00\x00'])

247.964536ms ago: executing program 2 (id=4651):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r1, 0x2007ffc)
sendfile(r1, r1, 0x0, 0x800000009)

230.574507ms ago: executing program 4 (id=4652):
r0 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000680)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func={0x4, 0x0, 0x0, 0xc, 0x3}]}}, 0x0, 0x26, 0x0, 0x1, 0x9, 0x0, @void, @value}, 0x28)
socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000200)={[{@max_batch_time={'max_batch_time', 0x3d, 0x358}}, {@resuid}, {@stripe={'stripe', 0x3d, 0x9}}]}, 0x3, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
clock_nanosleep(0x9, 0x0, &(0x7f00000000c0)={0x0, 0x3938700}, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000380)='ext4_request_blocks\x00', r5}, 0x18)
r6 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r6, 0x2007ffc)
sendfile(r6, r6, 0x0, 0x800000009)

0s ago: executing program 2 (id=4653):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="7f454c46040700030700000000000000020003"], 0x58)
close(r0)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)

kernel console output (not intermixed with test programs):

 avc:  denied  { checkpoint_restore } for  pid=17343 comm="syz.2.4154" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  362.801565][   T29] audit: type=1400 audit(2000000228.912:6154): avc:  denied  { connect } for  pid=17343 comm="syz.2.4154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  362.849317][T17347] vhci_hcd: invalid port number 16
[  362.854767][T17347] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  362.883701][T17347] SELinux: security_context_str_to_sid () failed with errno=-22
[  363.410817][T17326] syz.4.4148 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  363.425062][T17326] CPU: 0 UID: 0 PID: 17326 Comm: syz.4.4148 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  363.425172][T17326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  363.425184][T17326] Call Trace:
[  363.425191][T17326]  <TASK>
[  363.425201][T17326]  __dump_stack+0x1d/0x30
[  363.425225][T17326]  dump_stack_lvl+0xe8/0x140
[  363.425245][T17326]  dump_stack+0x15/0x1b
[  363.425261][T17326]  dump_header+0x81/0x220
[  363.425334][T17326]  oom_kill_process+0x334/0x3f0
[  363.425370][T17326]  out_of_memory+0x979/0xb80
[  363.425401][T17326]  try_charge_memcg+0x5e6/0x9e0
[  363.425434][T17326]  obj_cgroup_charge_pages+0xa6/0x150
[  363.425478][T17326]  __memcg_kmem_charge_page+0x9f/0x170
[  363.425577][T17326]  __alloc_frozen_pages_noprof+0x188/0x360
[  363.425609][T17326]  alloc_pages_mpol+0xb3/0x250
[  363.425653][T17326]  alloc_pages_noprof+0x90/0x130
[  363.425687][T17326]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  363.425748][T17326]  __kvmalloc_node_noprof+0x30f/0x4e0
[  363.425780][T17326]  ? ip_set_alloc+0x1f/0x30
[  363.425882][T17326]  ? ip_set_alloc+0x1f/0x30
[  363.425909][T17326]  ? __kmalloc_cache_noprof+0x189/0x320
[  363.425953][T17326]  ip_set_alloc+0x1f/0x30
[  363.426033][T17326]  hash_netiface_create+0x282/0x740
[  363.426141][T17326]  ? __pfx_hash_netiface_create+0x10/0x10
[  363.426172][T17326]  ip_set_create+0x3cc/0x960
[  363.426289][T17326]  ? __nla_parse+0x40/0x60
[  363.426313][T17326]  nfnetlink_rcv_msg+0x4c3/0x590
[  363.426361][T17326]  ? selinux_capable+0x1f9/0x270
[  363.426424][T17326]  netlink_rcv_skb+0x123/0x220
[  363.426484][T17326]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  363.426616][T17326]  nfnetlink_rcv+0x16b/0x1690
[  363.426643][T17326]  ? __kfree_skb+0x109/0x150
[  363.426676][T17326]  ? nlmon_xmit+0x4f/0x60
[  363.426758][T17326]  ? consume_skb+0x49/0x150
[  363.426805][T17326]  ? nlmon_xmit+0x4f/0x60
[  363.426828][T17326]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  363.426888][T17326]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  363.426979][T17326]  ? __dev_queue_xmit+0x182/0x1fb0
[  363.427012][T17326]  ? ref_tracker_free+0x37d/0x3e0
[  363.427049][T17326]  ? __netlink_deliver_tap+0x4dc/0x500
[  363.427108][T17326]  netlink_unicast+0x59e/0x670
[  363.427213][T17326]  netlink_sendmsg+0x58b/0x6b0
[  363.427237][T17326]  ? __pfx_netlink_sendmsg+0x10/0x10
[  363.427260][T17326]  __sock_sendmsg+0x142/0x180
[  363.427287][T17326]  ____sys_sendmsg+0x31e/0x4e0
[  363.427402][T17326]  ___sys_sendmsg+0x17b/0x1d0
[  363.427477][T17326]  __x64_sys_sendmsg+0xd4/0x160
[  363.427502][T17326]  x64_sys_call+0x2999/0x2fb0
[  363.427523][T17326]  do_syscall_64+0xd2/0x200
[  363.427570][T17326]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  363.427599][T17326]  ? clear_bhb_loop+0x40/0x90
[  363.427622][T17326]  ? clear_bhb_loop+0x40/0x90
[  363.427824][T17326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.427912][T17326] RIP: 0033:0x7f9b5707e929
[  363.427931][T17326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  363.427951][T17326] RSP: 002b:00007f9b556c6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  363.427975][T17326] RAX: ffffffffffffffda RBX: 00007f9b572a6080 RCX: 00007f9b5707e929
[  363.428062][T17326] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[  363.428076][T17326] RBP: 00007f9b57100b39 R08: 0000000000000000 R09: 0000000000000000
[  363.428168][T17326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  363.428235][T17326] R13: 0000000000000000 R14: 00007f9b572a6080 R15: 00007ffefa4c5018
[  363.428256][T17326]  </TASK>
[  363.428263][T17326] memory: usage 307200kB, limit 307200kB, failcnt 5575
[  363.448142][T17376] netlink: 'syz.2.4167': attribute type 1 has an invalid length.
[  363.451297][T17326] memory+swap: usage 307680kB, limit 9007199254740988kB, failcnt 0
[  363.697441][T17376] 8021q: adding VLAN 0 to HW filter on device bond1
[  363.697996][T17326] kmem: usage 307144kB, limit 9007199254740988kB, failcnt 0
[  363.698018][T17326] Memory cgroup stats for /syz4:
[  363.698198][T17326] cache 12288
[  363.825278][T17326] rss 4096
[  363.828321][T17326] shmem 0
[  363.831285][T17326] mapped_file 12288
[  363.835133][T17326] dirty 0
[  363.838229][T17326] writeback 0
[  363.841668][T17326] workingset_refault_anon 1244
[  363.846478][T17326] workingset_refault_file 17777
[  363.851475][T17326] swap 503808
[  363.854871][T17326] swapcached 4096
[  363.858539][T17326] pgpgin 710161
[  363.862145][T17326] pgpgout 710147
[  363.865929][T17326] pgfault 382332
[  363.869909][T17326] pgmajfault 825
[  363.873679][T17326] inactive_anon 4096
[  363.877612][T17326] active_anon 0
[  363.881115][T17326] inactive_file 53248
[  363.885500][T17326] active_file 0
[  363.889143][T17326] unevictable 0
[  363.892686][T17326] hierarchical_memory_limit 314572800
[  363.898143][T17326] hierarchical_memsw_limit 9223372036854771712
[  363.904379][T17326] total_cache 12288
[  363.908465][T17326] total_rss 4096
[  363.912053][T17326] total_shmem 0
[  363.915531][T17326] total_mapped_file 12288
[  363.919934][T17326] total_dirty 0
[  363.923450][T17326] total_writeback 0
[  363.927333][T17326] total_workingset_refault_anon 1244
[  363.932749][T17326] total_workingset_refault_file 17777
[  363.938151][T17326] total_swap 503808
[  363.941989][T17326] total_swapcached 4096
[  363.946252][T17326] total_pgpgin 710161
[  363.950364][T17326] total_pgpgout 710147
[  363.954922][T17326] total_pgfault 382332
[  363.959005][T17326] total_pgmajfault 825
[  363.963105][T17326] total_inactive_anon 4096
[  363.967609][T17326] total_active_anon 0
[  363.971634][T17326] total_inactive_file 53248
[  363.976273][T17326] total_active_file 0
[  363.980262][T17326] total_unevictable 0
[  363.984449][T17326] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.4148,pid=17322,uid=0
[  363.999357][T17326] Memory cgroup out of memory: Killed process 17322 (syz.4.4148) total-vm:95932kB, anon-rss:936kB, file-rss:22336kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  364.127202][   T29] audit: type=1400 audit(2000000230.282:6155): avc:  granted  { setsecparam } for  pid=17382 comm="syz.1.4168" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  364.174425][T17369] loop0: detected capacity change from 0 to 512
[  364.204666][T17369] ext4 filesystem being mounted at /206/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  364.226022][T17391] vhci_hcd: invalid port number 16
[  364.231248][T17391] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  364.250872][T17391] SELinux: security_context_str_to_sid () failed with errno=-22
[  364.251713][T17369] EXT4-fs: Ignoring removed orlov option
[  364.264873][T17369] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  364.274033][T17369] EXT4-fs (loop0): can't enable nombcache during remount
[  364.385705][T17402] vhci_hcd: invalid port number 16
[  364.390880][T17402] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  364.403976][T17402] SELinux: security_context_str_to_sid () failed with errno=-22
[  364.458361][T17234] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  364.488150][T17234] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  364.520678][T17234] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  364.521241][T17418] loop4: detected capacity change from 0 to 512
[  364.541824][T17418] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  364.545042][T17419] vhci_hcd: invalid port number 16
[  364.557182][T17419] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  364.567257][T17418] EXT4-fs (loop4): 1 truncate cleaned up
[  364.567822][T17234] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  364.595873][T17418] netlink: 197276 bytes leftover after parsing attributes in process `syz.4.4181'.
[  364.667061][T17427] loop4: detected capacity change from 0 to 512
[  364.684519][T17425] netlink: 'syz.1.4183': attribute type 1 has an invalid length.
[  364.702520][T17427] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  364.713566][T17425] 8021q: adding VLAN 0 to HW filter on device bond3
[  364.723719][T17419] SELinux: security_context_str_to_sid () failed with errno=-22
[  364.733830][T17427] EXT4-fs (loop4): 1 truncate cleaned up
[  364.939286][T17444] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4189'.
[  364.961600][T17447] vhci_hcd: invalid port number 16
[  364.966889][T17447] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  364.991068][T17455] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4189'.
[  365.017077][T17457] loop3: detected capacity change from 0 to 512
[  365.024883][T17457] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  365.039707][T17457] EXT4-fs (loop3): 1 truncate cleaned up
[  365.081075][T17447] SELinux: security_context_str_to_sid () failed with errno=-22
[  365.191215][T17465] loop3: detected capacity change from 0 to 512
[  365.204936][T17467] loop4: detected capacity change from 0 to 512
[  365.218110][T17465] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  365.226305][T17467] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  365.243258][T17465] EXT4-fs (loop3): 1 truncate cleaned up
[  365.263616][T17465] veth0_to_bridge: entered promiscuous mode
[  365.279153][T17465] macvtap1: entered promiscuous mode
[  365.284703][T17465] macvtap1: entered allmulticast mode
[  365.290182][T17465] veth0_to_bridge: entered allmulticast mode
[  365.309154][T17467] EXT4-fs (loop4): 1 truncate cleaned up
[  365.324197][T17465] veth0_to_bridge: left allmulticast mode
[  365.330093][T17465] veth0_to_bridge: left promiscuous mode
[  365.438003][T17473] 9pnet_fd: Insufficient options for proto=fd
[  365.660924][T17475] vhci_hcd: invalid port number 16
[  365.666178][T17475] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  365.713388][T17490] SELinux: security_context_str_to_sid () failed with errno=-22
[  365.757437][T17492] loop3: detected capacity change from 0 to 512
[  365.767196][T17492] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  365.797449][T17492] EXT4-fs (loop3): 1 truncate cleaned up
[  366.091823][T17503] vhci_hcd: invalid port number 16
[  366.097187][T17503] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  366.152585][T17503] SELinux: security_context_str_to_sid () failed with errno=-22
[  366.323852][T17510] loop0: detected capacity change from 0 to 512
[  366.376614][T17510] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  366.451893][T17510] EXT4-fs (loop0): 1 truncate cleaned up
[  366.462522][T17512] netlink: 'syz.1.4211': attribute type 1 has an invalid length.
[  366.471641][T14135] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  366.476261][T17512] 8021q: adding VLAN 0 to HW filter on device bond4
[  366.482576][T14135] CPU: 0 UID: 0 PID: 14135 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  366.482609][T14135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  366.482634][T14135] Call Trace:
[  366.482661][T14135]  <TASK>
[  366.482669][T14135]  __dump_stack+0x1d/0x30
[  366.482693][T14135]  dump_stack_lvl+0xe8/0x140
[  366.482712][T14135]  dump_stack+0x15/0x1b
[  366.482729][T14135]  dump_header+0x81/0x220
[  366.482801][T14135]  oom_kill_process+0x334/0x3f0
[  366.482861][T14135]  out_of_memory+0x979/0xb80
[  366.482890][T14135]  try_charge_memcg+0x5e6/0x9e0
[  366.482916][T14135]  charge_memcg+0x51/0xc0
[  366.483015][T14135]  __mem_cgroup_charge+0x28/0xb0
[  366.483045][T14135]  filemap_add_folio+0x4e/0x1b0
[  366.483072][T14135]  __filemap_get_folio+0x31e/0x6b0
[  366.483146][T14135]  filemap_fault+0x41d/0xb40
[  366.483196][T14135]  __do_fault+0xbc/0x200
[  366.483257][T14135]  handle_mm_fault+0xf78/0x2be0
[  366.483279][T14135]  ? mas_walk+0xf2/0x120
[  366.483342][T14135]  do_user_addr_fault+0x636/0x1090
[  366.483373][T14135]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  366.483399][T14135]  exc_page_fault+0x62/0xa0
[  366.483503][T14135]  asm_exc_page_fault+0x26/0x30
[  366.483522][T14135] RIP: 0033:0x7f9b56f55974
[  366.483540][T14135] Code: 85 ed 09 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 28 fe e7 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d 39 fd e7 00 48 01 d1
[  366.483621][T14135] RSP: 002b:00007ffefa4c53a0 EFLAGS: 00010202
[  366.483639][T14135] RAX: 0000001b2ee20000 RBX: 000000000000022f RCX: 00000000000595b0
[  366.483653][T14135] RDX: 0000000006a52abc RSI: 00007ffefa4c5430 RDI: 0000000000000001
[  366.483666][T14135] RBP: 00007ffefa4c53dc R08: 0000000019596fd7 R09: 7fffffffffffffff
[  366.483679][T14135] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  366.483746][T14135] R13: 00000000000927c0 R14: 000000000005945e R15: 00007ffefa4c5430
[  366.483763][T14135]  </TASK>
[  366.483770][T14135] memory: usage 307200kB, limit 307200kB, failcnt 5819
[  366.690873][T14135] memory+swap: usage 307696kB, limit 9007199254740988kB, failcnt 0
[  366.698824][T14135] kmem: usage 307160kB, limit 9007199254740988kB, failcnt 0
[  366.706210][T14135] Memory cgroup stats for /syz4:
[  366.803870][T14135] cache 0
[  366.811904][T14135] rss 0
[  366.814727][T14135] shmem 0
[  366.817747][T14135] mapped_file 0
[  366.821280][T14135] dirty 0
[  366.824307][T14135] writeback 0
[  366.827639][T14135] workingset_refault_anon 1338
[  366.832450][T14135] workingset_refault_file 17905
[  366.837652][T14135] swap 507904
[  366.840950][T14135] swapcached 0
[  366.844373][T14135] pgpgin 711640
[  366.847865][T14135] pgpgout 711630
[  366.851622][T14135] pgfault 383596
[  366.855201][T14135] pgmajfault 889
[  366.859279][T14135] inactive_anon 0
[  366.863156][T14135] active_anon 0
[  366.866665][T14135] inactive_file 0
[  366.870344][T14135] active_file 40960
[  366.874201][T14135] unevictable 0
[  366.877764][T14135] hierarchical_memory_limit 314572800
[  366.883246][T14135] hierarchical_memsw_limit 9223372036854771712
[  366.890289][T14135] total_cache 0
[  366.893967][T14135] total_rss 0
[  366.897439][T14135] total_shmem 0
[  366.900917][T14135] total_mapped_file 0
[  366.904950][T14135] total_dirty 0
[  366.908422][T14135] total_writeback 0
[  366.912430][T14135] total_workingset_refault_anon 1338
[  366.917731][T14135] total_workingset_refault_file 17905
[  366.923191][T14135] total_swap 507904
[  366.927009][T14135] total_swapcached 0
[  366.930929][T14135] total_pgpgin 711640
[  366.935048][T14135] total_pgpgout 711630
[  366.939199][T14135] total_pgfault 383596
[  366.944645][T14135] total_pgmajfault 889
[  366.948820][T14135] total_inactive_anon 0
[  366.953010][T14135] total_active_anon 0
[  366.957035][T14135] total_inactive_file 0
[  366.961419][T14135] total_active_file 40960
[  366.965854][T14135] total_unevictable 0
[  366.969874][T14135] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.4202,pid=17476,uid=0
[  366.984859][T14135] Memory cgroup out of memory: Killed process 17476 (syz.4.4202) total-vm:93884kB, anon-rss:1064kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  367.165733][   T29] audit: type=1400 audit(2000000233.323:6156): avc:  granted  { setsecparam } for  pid=17519 comm="syz.0.4214" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  367.212436][T17524] vhci_hcd: invalid port number 16
[  367.217889][T17524] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  367.270921][T17524] SELinux: security_context_str_to_sid () failed with errno=-22
[  367.379473][T17531] wireguard0: entered promiscuous mode
[  367.443233][T17534] wireguard0: entered promiscuous mode
[  367.743245][T17559] vhci_hcd: invalid port number 16
[  367.748539][T17559] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  367.762719][T17558] wireguard0: entered promiscuous mode
[  367.846636][T17559] SELinux: security_context_str_to_sid () failed with errno=-22
[  367.902810][   T29] audit: type=1400 audit(2000000234.063:6157): avc:  granted  { setsecparam } for  pid=17567 comm="syz.0.4230" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  368.173434][T17585] loop3: detected capacity change from 0 to 128
[  368.215147][T17590] futex_wake_op: syz.0.4235 tries to shift op by -1; fix this program
[  368.362480][T17597] vhci_hcd: invalid port number 16
[  368.367850][T17597] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  368.378705][T17597] SELinux: security_context_str_to_sid () failed with errno=-22
[  368.440875][T14135] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  368.451929][T14135] CPU: 0 UID: 0 PID: 14135 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  368.451963][T14135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  368.451976][T14135] Call Trace:
[  368.451985][T14135]  <TASK>
[  368.452061][T14135]  __dump_stack+0x1d/0x30
[  368.452094][T14135]  dump_stack_lvl+0xe8/0x140
[  368.452117][T14135]  dump_stack+0x15/0x1b
[  368.452137][T14135]  dump_header+0x81/0x220
[  368.452205][T14135]  oom_kill_process+0x334/0x3f0
[  368.452314][T14135]  out_of_memory+0x979/0xb80
[  368.452423][T14135]  try_charge_memcg+0x5e6/0x9e0
[  368.452450][T14135]  charge_memcg+0x51/0xc0
[  368.452477][T14135]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  368.452584][T14135]  __read_swap_cache_async+0x1df/0x350
[  368.452622][T14135]  swap_cluster_readahead+0x277/0x3e0
[  368.452654][T14135]  swapin_readahead+0xde/0x6f0
[  368.452754][T14135]  ? __filemap_get_folio+0x4f7/0x6b0
[  368.452788][T14135]  ? perf_iterate_sb+0x62a/0x650
[  368.452811][T14135]  ? swap_cache_get_folio+0x77/0x200
[  368.452843][T14135]  do_swap_page+0x301/0x2430
[  368.452862][T14135]  ? finish_task_switch+0xad/0x2b0
[  368.452889][T14135]  ? __pfx_default_wake_function+0x10/0x10
[  368.452954][T14135]  handle_mm_fault+0x9a5/0x2be0
[  368.452978][T14135]  ? mas_walk+0xf2/0x120
[  368.453008][T14135]  do_user_addr_fault+0x636/0x1090
[  368.453036][T14135]  ? fpregs_restore_userregs+0xe2/0x1d0
[  368.453098][T14135]  ? switch_fpu_return+0xe/0x20
[  368.453123][T14135]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  368.453152][T14135]  exc_page_fault+0x62/0xa0
[  368.453244][T14135]  asm_exc_page_fault+0x26/0x30
[  368.453267][T14135] RIP: 0033:0x7f9b570b11a5
[  368.453286][T14135] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 9e 43 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[  368.453307][T14135] RSP: 002b:00007ffefa4c5358 EFLAGS: 00010246
[  368.453404][T14135] RAX: 0000000000000000 RBX: 0000000000000235 RCX: 00007f9b570b11a3
[  368.453420][T14135] RDX: 00007ffefa4c5370 RSI: 0000000000000000 RDI: 0000000000000000
[  368.453435][T14135] RBP: 00007ffefa4c53dc R08: 0000000014d5a4c4 R09: 0000000000000000
[  368.453448][T14135] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[  368.453459][T14135] R13: 00000000000927c0 R14: 0000000000059d74 R15: 00007ffefa4c5430
[  368.453508][T14135]  </TASK>
[  368.453515][T14135] memory: usage 307200kB, limit 307200kB, failcnt 6006
[  368.693388][T14135] memory+swap: usage 307684kB, limit 9007199254740988kB, failcnt 0
[  368.701504][T14135] kmem: usage 307148kB, limit 9007199254740988kB, failcnt 0
[  368.709030][T14135] Memory cgroup stats for /syz4:
[  368.734895][T14135] cache 0
[  368.743087][T14135] rss 4096
[  368.746222][T14135] shmem 0
[  368.749320][T14135] mapped_file 0
[  368.753055][T14135] dirty 0
[  368.756248][T14135] writeback 8192
[  368.759844][T14135] workingset_refault_anon 1406
[  368.764666][T14135] workingset_refault_file 18002
[  368.769673][T14135] swap 495616
[  368.773074][T14135] swapcached 12288
[  368.776817][T14135] pgpgin 711882
[  368.780385][T14135] pgpgout 711869
[  368.783996][T14135] pgfault 383875
[  368.787593][T14135] pgmajfault 940
[  368.791253][T14135] inactive_anon 8192
[  368.795162][T14135] active_anon 4096
[  368.798893][T14135] inactive_file 0
[  368.802583][T14135] active_file 40960
[  368.806480][T14135] unevictable 0
[  368.809976][T14135] hierarchical_memory_limit 314572800
[  368.815398][T14135] hierarchical_memsw_limit 9223372036854771712
[  368.821684][T14135] total_cache 0
[  368.825167][T14135] total_rss 4096
[  368.828747][T14135] total_shmem 0
[  368.832253][T14135] total_mapped_file 0
[  368.836614][T14135] total_dirty 0
[  368.840192][T14135] total_writeback 8192
[  368.844348][T14135] total_workingset_refault_anon 1406
[  368.849759][T14135] total_workingset_refault_file 18002
[  368.855584][T14135] total_swap 495616
[  368.859454][T14135] total_swapcached 12288
[  368.863782][T14135] total_pgpgin 711882
[  368.867848][T14135] total_pgpgout 711869
[  368.872100][T14135] total_pgfault 383875
[  368.876213][T14135] total_pgmajfault 940
[  368.880470][T14135] total_inactive_anon 8192
[  368.885037][T14135] total_active_anon 4096
[  368.889305][T14135] total_inactive_file 0
[  368.893781][T14135] total_active_file 40960
[  368.898499][T14135] total_unevictable 0
[  368.902879][T14135] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.4228,pid=17555,uid=0
[  368.918020][T14135] Memory cgroup out of memory: Killed process 17555 (syz.4.4228) total-vm:93884kB, anon-rss:932kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  369.313329][T17626] loop4: detected capacity change from 0 to 512
[  369.321393][T17626] EXT4-fs (loop4): orphan cleanup on readonly fs
[  369.326157][T17629] futex_wake_op: syz.2.4250 tries to shift op by -1; fix this program
[  369.330225][T17626] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4252: bg 0: block 131: padding at end of block bitmap is not set
[  369.367605][T17626] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  369.377592][T17626] EXT4-fs (loop4): 1 truncate cleaned up
[  369.383986][T17626] EXT4-fs mount: 20 callbacks suppressed
[  369.383999][T17626] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  369.474538][T17625] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4252'.
[  369.561341][T17631] lo speed is unknown, defaulting to 1000
[  369.568059][T17631] lo speed is unknown, defaulting to 1000
[  369.664644][T14135] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.962612][T17646] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4259'.
[  370.004518][T17648] netlink: 197276 bytes leftover after parsing attributes in process `syz.1.4255'.
[  370.071767][T17655] wireguard0: entered promiscuous mode
[  370.105994][T17658] loop3: detected capacity change from 0 to 512
[  370.113866][T17658] EXT4-fs (loop3): orphan cleanup on readonly fs
[  370.120764][T17658] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4260: bg 0: block 131: padding at end of block bitmap is not set
[  370.136978][T17658] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  370.147451][T17658] EXT4-fs (loop3): 1 truncate cleaned up
[  370.155998][T17657] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4257'.
[  370.221660][T17658] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  370.275124][T17663] vhci_hcd: invalid port number 16
[  370.280298][T17663] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  370.324376][T17663] SELinux: security_context_str_to_sid () failed with errno=-22
[  370.349894][T17668] futex_wake_op: syz.2.4264 tries to shift op by -1; fix this program
[  370.358925][T13928] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.603926][T17674] lo speed is unknown, defaulting to 1000
[  370.610476][T17674] lo speed is unknown, defaulting to 1000
[  371.362194][   T29] audit: type=1326 audit(2000000237.523:6158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17689 comm="syz.0.4272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f991efae929 code=0x7ffc0000
[  371.386182][   T29] audit: type=1326 audit(2000000237.523:6159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17689 comm="syz.0.4272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f991efae929 code=0x7ffc0000
[  371.412585][T17690] loop0: detected capacity change from 0 to 164
[  371.424745][   T29] audit: type=1326 audit(2000000237.563:6160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17689 comm="syz.0.4272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f991efae929 code=0x7ffc0000
[  371.448896][   T29] audit: type=1326 audit(2000000237.563:6161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17689 comm="syz.0.4272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f991efae963 code=0x7ffc0000
[  371.472567][   T29] audit: type=1326 audit(2000000237.573:6162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17689 comm="syz.0.4272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f991efad3df code=0x7ffc0000
[  371.496152][   T29] audit: type=1326 audit(2000000237.573:6163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17689 comm="syz.0.4272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f991efae9b7 code=0x7ffc0000
[  371.520380][   T29] audit: type=1326 audit(2000000237.573:6164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17689 comm="syz.0.4272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f991efad290 code=0x7ffc0000
[  371.544183][   T29] audit: type=1326 audit(2000000237.573:6165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17689 comm="syz.0.4272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f991efae52b code=0x7ffc0000
[  371.567756][   T29] audit: type=1326 audit(2000000237.583:6166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17689 comm="syz.0.4272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f991efad58a code=0x7ffc0000
[  371.603413][T17690] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  371.664313][T17700] loop3: detected capacity change from 0 to 1024
[  371.673900][T17690] tmpfs: Unknown parameter ''
[  371.679253][T17690] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  371.690770][T17690] Symlink component flag not implemented
[  371.696480][T17690] Symlink component flag not implemented
[  371.722449][T17700] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  371.742528][T17700] ext4 filesystem being mounted at /263/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  371.753504][T17690] Symlink component flag not implemented (7)
[  371.759609][T17690] Symlink component flag not implemented (116)
[  371.851031][T17702] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4278'.
[  371.918204][T17700] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4277'.
[  371.930578][T17700] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  371.973990][T17700] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 27 with max blocks 1 with error 28
[  371.986440][T17700] EXT4-fs (loop3): This should not happen!! Data will be lost
[  371.986440][T17700] 
[  371.996168][T17700] EXT4-fs (loop3): Total free blocks count 0
[  372.002372][T17700] EXT4-fs (loop3): Free/Dirty block details
[  372.008359][T17700] EXT4-fs (loop3): free_blocks=4293918720
[  372.014188][T17700] EXT4-fs (loop3): dirty_blocks=16
[  372.019346][T17700] EXT4-fs (loop3): Block reservation details
[  372.025366][T17700] EXT4-fs (loop3): i_reserved_data_blocks=1
[  372.033333][T17712] netlink: 'syz.4.4279': attribute type 1 has an invalid length.
[  372.056228][T17712] 8021q: adding VLAN 0 to HW filter on device bond4
[  372.099157][T13928] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.229627][T17722] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4283'.
[  372.277798][T17722] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4283'.
[  372.780310][T17730] loop0: detected capacity change from 0 to 512
[  372.808218][T17730] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  372.843788][T17730] EXT4-fs (loop0): 1 truncate cleaned up
[  372.860536][T17730] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  372.934254][   T29] kauditd_printk_skb: 36 callbacks suppressed
[  372.934270][   T29] audit: type=1400 audit(2000000239.093:6203): avc:  denied  { compute_member } for  pid=17736 comm="syz.4.4288" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  372.973766][T17737] IPVS: set_ctl: invalid protocol: 59 10.1.1.0:20001
[  373.025773][T17730] netlink: 197276 bytes leftover after parsing attributes in process `syz.0.4286'.
[  373.037650][   T29] audit: type=1400 audit(2000000239.203:6204): avc:  granted  { setsecparam } for  pid=17740 comm="syz.4.4289" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  373.069696][T17739] veth0_to_bridge: entered promiscuous mode
[  373.076914][T17739] macvtap1: entered promiscuous mode
[  373.082974][T17739] macvtap1: entered allmulticast mode
[  373.088458][T17739] veth0_to_bridge: entered allmulticast mode
[  373.098541][T17741] siw: device registration error -23
[  373.126231][T13631] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.142120][T17739] veth0_to_bridge: left allmulticast mode
[  373.147977][T17739] veth0_to_bridge: left promiscuous mode
[  373.169471][T17747] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  373.228028][   T29] audit: type=1400 audit(2000000239.383:6205): avc:  denied  { associate } for  pid=17756 comm="syz.3.4294" name="0" dev="devpts" ino=3 scontext=system_u:object_r:mouse_device_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  373.252061][   T29] audit: type=1400 audit(2000000239.383:6206): avc:  denied  { ioctl } for  pid=17756 comm="syz.3.4294" path="/dev/pts/0" dev="devpts" ino=3 ioctlcmd=0x540f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  373.285024][T17747] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  373.345510][T17762] lo speed is unknown, defaulting to 1000
[  373.363892][T17747] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  373.393216][T17762] lo speed is unknown, defaulting to 1000
[  373.403575][   T29] audit: type=1326 audit(2000000239.563:6207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17769 comm="syz.2.4299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f44dfe929 code=0x7ffc0000
[  373.427204][   T29] audit: type=1326 audit(2000000239.563:6208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17769 comm="syz.2.4299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f44dfe929 code=0x7ffc0000
[  373.451381][   T29] audit: type=1326 audit(2000000239.563:6209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17769 comm="syz.2.4299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f4f44dfe929 code=0x7ffc0000
[  373.475520][   T29] audit: type=1326 audit(2000000239.563:6210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17769 comm="syz.2.4299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4f44dfe963 code=0x7ffc0000
[  373.499991][   T29] audit: type=1326 audit(2000000239.563:6211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17769 comm="syz.2.4299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f4f44dfd3df code=0x7ffc0000
[  373.523907][   T29] audit: type=1326 audit(2000000239.563:6212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17769 comm="syz.2.4299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f4f44dfe9b7 code=0x7ffc0000
[  373.566106][T17747] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  373.582435][T17770] tmpfs: Unknown parameter ''
[  373.637677][T17747] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  373.673136][T17747] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  373.704404][T17747] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  373.716242][T17747] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  373.792784][T17778] loop3: detected capacity change from 0 to 512
[  373.802317][T17776] netlink: 'syz.0.4300': attribute type 10 has an invalid length.
[  373.810493][T17776] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.812056][T17778] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  373.817743][T17776] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.838550][T17776] bridge0: port 2(bridge_slave_1) entered blocking state
[  373.845674][T17776] bridge0: port 2(bridge_slave_1) entered forwarding state
[  373.853198][T17776] bridge0: port 1(bridge_slave_0) entered blocking state
[  373.860370][T17776] bridge0: port 1(bridge_slave_0) entered forwarding state
[  373.869766][T17774] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4298'.
[  373.870973][T17776] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  373.915946][T17778] EXT4-fs (loop3): 1 truncate cleaned up
[  373.937467][T17778] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  373.940534][T17776] bridge_slave_1: left allmulticast mode
[  373.955765][T17776] bridge_slave_1: left promiscuous mode
[  373.961449][T17776] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.971055][T17776] bridge_slave_0: left allmulticast mode
[  373.976794][T17776] bridge_slave_0: left promiscuous mode
[  373.982550][T17776] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.996241][T17776] bond0: (slave bridge0): Releasing backup interface
[  374.017046][T13928] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.146789][T17789] siw: device registration error -23
[  374.256157][T17801] 9pnet_fd: Insufficient options for proto=fd
[  374.276702][T17799] capability: warning: `syz.3.4308' uses 32-bit capabilities (legacy support in use)
[  374.312614][T17805] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.385823][T17811] loop4: detected capacity change from 0 to 1024
[  374.394922][T17805] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.407237][T17811] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  374.421347][T17811] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #3: comm syz.4.4312: pblk 0 bad header/extent: invalid magic - magic ff0a, entries 0, max 0(0), depth 0(0)
[  374.442694][T17805] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.452799][T17811] EXT4-fs error (device loop4): ext4_quota_enable:7127: comm syz.4.4312: Bad quota inode: 3, type: 0
[  374.468240][T17811] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  374.485669][T17811] EXT4-fs (loop4): mount failed
[  374.523445][T17805] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.576440][T17820] wireguard0: entered promiscuous mode
[  374.606585][T17825] siw: device registration error -23
[  374.625716][T17805] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  374.638100][T17805] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  374.650394][T17805] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  374.662700][T17805] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  374.777771][T17832] wireguard0: entered promiscuous mode
[  374.791887][T17834] loop3: detected capacity change from 0 to 164
[  374.800243][T17834] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  374.816080][T17834] tmpfs: Unknown parameter ''
[  374.823019][T17834] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  374.838562][T17834] Symlink component flag not implemented
[  374.844621][T17834] Symlink component flag not implemented
[  374.865217][T17834] Symlink component flag not implemented (7)
[  374.871481][T17834] Symlink component flag not implemented (116)
[  374.879152][T17837] loop4: detected capacity change from 0 to 512
[  374.887166][T17837] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  374.931788][T17837] EXT4-fs (loop4): 1 truncate cleaned up
[  374.938596][T17837] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  375.026197][T17791] syz.1.4305 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  375.037325][T17791] CPU: 1 UID: 0 PID: 17791 Comm: syz.1.4305 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  375.037429][T17791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  375.037443][T17791] Call Trace:
[  375.037452][T17791]  <TASK>
[  375.037461][T17791]  __dump_stack+0x1d/0x30
[  375.037487][T17791]  dump_stack_lvl+0xe8/0x140
[  375.037505][T17791]  dump_stack+0x15/0x1b
[  375.037652][T17791]  dump_header+0x81/0x220
[  375.037684][T17791]  oom_kill_process+0x334/0x3f0
[  375.037711][T17791]  out_of_memory+0x979/0xb80
[  375.037741][T17791]  try_charge_memcg+0x5e6/0x9e0
[  375.037835][T17791]  charge_memcg+0x51/0xc0
[  375.037865][T17791]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  375.037930][T17791]  __read_swap_cache_async+0x1df/0x350
[  375.037967][T17791]  swap_cluster_readahead+0x277/0x3e0
[  375.038018][T17791]  swapin_readahead+0xde/0x6f0
[  375.038083][T17791]  ? __filemap_get_folio+0x4f7/0x6b0
[  375.038111][T17791]  ? swap_cache_get_folio+0x77/0x200
[  375.038164][T17791]  do_swap_page+0x301/0x2430
[  375.038183][T17791]  ? css_rstat_updated+0xcd/0x5b0
[  375.038216][T17791]  ? __pfx_default_wake_function+0x10/0x10
[  375.038313][T17791]  handle_mm_fault+0x9a5/0x2be0
[  375.038340][T17791]  ? mas_walk+0xf2/0x120
[  375.038377][T17791]  do_user_addr_fault+0x636/0x1090
[  375.038406][T17791]  ? fpregs_restore_userregs+0xad/0x1d0
[  375.038457][T17791]  ? switch_fpu_return+0xe/0x20
[  375.038489][T17791]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  375.038591][T17791]  exc_page_fault+0x62/0xa0
[  375.038623][T17791]  asm_exc_page_fault+0x26/0x30
[  375.038646][T17791] RIP: 0033:0x7f370622538c
[  375.038662][T17791] Code: 66 0f 1f 44 00 00 69 3d 26 03 e8 00 e8 03 00 00 48 8d 1d 27 0c 35 00 e8 02 95 12 00 eb 0c 48 81 c3 e0 00 00 00 48 39 eb 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 e0 00 00
[  375.038680][T17791] RSP: 002b:00007ffdecbd2e20 EFLAGS: 00010206
[  375.038763][T17791] RAX: 0000000000000000 RBX: 00007f3706575fa0 RCX: 0000000000000000
[  375.038776][T17791] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055558b696808
[  375.038789][T17791] RBP: 00007f3706577ba0 R08: 0000000000000000 R09: 7fffffffffffffff
[  375.038801][T17791] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000005b8b5
[  375.038815][T17791] R13: 00007f3706576080 R14: ffffffffffffffff R15: 00007ffdecbd2f30
[  375.038837][T17791]  </TASK>
[  375.038845][T17791] memory: usage 307200kB, limit 307200kB, failcnt 6927
[  375.248688][T17844] __nla_validate_parse: 2 callbacks suppressed
[  375.248706][T17844] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4324'.
[  375.250398][T17791] memory+swap: usage 307400kB, limit 9007199254740988kB, failcnt 0
[  375.250412][T17791] kmem: usage 307140kB, limit 9007199254740988kB, failcnt 0
[  375.250421][T17791] Memory cgroup stats for /syz1:
[  375.307456][T17791] cache 0
[  375.308165][T14135] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.312456][T17791] rss 0
[  375.327431][T17791] shmem 0
[  375.330425][T17791] mapped_file 0
[  375.334010][T17791] dirty 0
[  375.337091][T17791] writeback 8192
[  375.340622][T17791] workingset_refault_anon 1735
[  375.345422][T17791] workingset_refault_file 12047
[  375.350312][T17791] swap 204800
[  375.353682][T17791] swapcached 8192
[  375.357302][T17791] pgpgin 644930
[  375.360913][T17791] pgpgout 644915
[  375.364445][T17791] pgfault 368536
[  375.368140][T17791] pgmajfault 1141
[  375.371770][T17791] inactive_anon 8192
[  375.375690][T17791] active_anon 0
[  375.379160][T17791] inactive_file 53248
[  375.383141][T17791] active_file 0
[  375.386618][T17791] unevictable 0
[  375.390126][T17791] hierarchical_memory_limit 314572800
[  375.395497][T17791] hierarchical_memsw_limit 9223372036854771712
[  375.401655][T17791] total_cache 0
[  375.405417][T17791] total_rss 0
[  375.408688][T17791] total_shmem 0
[  375.412173][T17791] total_mapped_file 0
[  375.416246][T17791] total_dirty 0
[  375.419686][T17791] total_writeback 8192
[  375.423886][T17791] total_workingset_refault_anon 1735
[  375.429414][T17791] total_workingset_refault_file 12047
[  375.434957][T17791] total_swap 204800
[  375.438740][T17791] total_swapcached 8192
[  375.442886][T17791] total_pgpgin 644930
[  375.446970][T17791] total_pgpgout 644915
[  375.451181][T17791] total_pgfault 368536
[  375.455417][T17791] total_pgmajfault 1141
[  375.459739][T17791] total_inactive_anon 8192
[  375.464188][T17791] total_active_anon 0
[  375.468299][T17791] total_inactive_file 53248
[  375.472833][T17791] total_active_file 0
[  375.476790][T17791] total_unevictable 0
[  375.480787][T17791] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.4305,pid=17791,uid=0
[  375.495719][T17791] Memory cgroup out of memory: Killed process 17791 (syz.1.4305) total-vm:93680kB, anon-rss:932kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  375.611703][T17850] netlink: 'syz.4.4327': attribute type 1 has an invalid length.
[  375.653754][T17850] 8021q: adding VLAN 0 to HW filter on device bond5
[  375.702805][T17857] 9pnet: p9_errstr2errno: server reported unknown error �@�0x000000000000000a
[  375.819486][T17871] vhci_hcd: invalid port number 16
[  375.824922][T17871] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  375.833931][T17871] SELinux: security_context_str_to_sid () failed with errno=-22
[  375.854033][T17874] loop3: detected capacity change from 0 to 512
[  375.888354][T17874] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  375.903219][T17874] ext4 filesystem being mounted at /283/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  375.998329][T17598] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.383984][T17889] vhci_hcd: invalid port number 16
[  376.389237][T17889] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  376.400623][T17889] SELinux: security_context_str_to_sid () failed with errno=-22
[  376.578975][T17902] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4345'.
[  376.607565][T17904] vhci_hcd: invalid port number 16
[  376.613228][T17904] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  376.622853][T17904] SELinux: security_context_str_to_sid () failed with errno=-22
[  376.760523][T17913] vhci_hcd: invalid port number 16
[  376.766218][T17913] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  377.053385][T15945] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  377.064724][T15945] CPU: 1 UID: 0 PID: 15945 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  377.064796][T15945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  377.064857][T15945] Call Trace:
[  377.064866][T15945]  <TASK>
[  377.064873][T15945]  __dump_stack+0x1d/0x30
[  377.064893][T15945]  dump_stack_lvl+0xe8/0x140
[  377.064979][T15945]  dump_stack+0x15/0x1b
[  377.064995][T15945]  dump_header+0x81/0x220
[  377.065025][T15945]  oom_kill_process+0x334/0x3f0
[  377.065051][T15945]  out_of_memory+0x979/0xb80
[  377.065109][T15945]  try_charge_memcg+0x5e6/0x9e0
[  377.065134][T15945]  charge_memcg+0x51/0xc0
[  377.065233][T15945]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  377.065300][T15945]  __read_swap_cache_async+0x1df/0x350
[  377.065335][T15945]  swap_cluster_readahead+0x277/0x3e0
[  377.065374][T15945]  swapin_readahead+0xde/0x6f0
[  377.065403][T15945]  ? __filemap_get_folio+0x4f7/0x6b0
[  377.065430][T15945]  ? __rcu_read_unlock+0x34/0x70
[  377.065455][T15945]  ? swap_cache_get_folio+0x77/0x200
[  377.065490][T15945]  do_swap_page+0x301/0x2430
[  377.065599][T15945]  ? css_rstat_updated+0xcd/0x5b0
[  377.065636][T15945]  ? __pfx_default_wake_function+0x10/0x10
[  377.065700][T15945]  handle_mm_fault+0x9a5/0x2be0
[  377.065784][T15945]  ? mas_walk+0xf2/0x120
[  377.065821][T15945]  do_user_addr_fault+0x636/0x1090
[  377.065851][T15945]  exc_page_fault+0x62/0xa0
[  377.065880][T15945]  asm_exc_page_fault+0x26/0x30
[  377.065946][T15945] RIP: 0033:0x7f3706344c6e
[  377.066017][T15945] Code: 83 c4 28 5b 5d c3 66 0f 1f 44 00 00 8b 04 24 eb de e8 36 cf 00 00 66 0f 1f 44 00 00 48 83 ec 08 48 89 fa 48 89 f1 31 ff 31 f6 <e8> 0d c5 03 00 85 c0 75 09 48 83 c4 08 c3 0f 1f 40 00 48 c7 c2 a8
[  377.066098][T15945] RSP: 002b:00007ffdecbd3000 EFLAGS: 00010246
[  377.066115][T15945] RAX: 0000000000000000 RBX: 000000000000014b RCX: 0000000000000000
[  377.066127][T15945] RDX: 00007ffdecbd3010 RSI: 0000000000000000 RDI: 0000000000000000
[  377.066139][T15945] RBP: 00007ffdecbd307c R08: 0000000036c49830 R09: 0000000000000000
[  377.066151][T15945] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  377.066164][T15945] R13: 00000000000927c0 R14: 000000000005bea2 R15: 00007ffdecbd30d0
[  377.066183][T15945]  </TASK>
[  377.066191][T15945] memory: usage 307200kB, limit 307200kB, failcnt 7178
[  377.208247][T17911] loop4: detected capacity change from 0 to 512
[  377.211563][T15945] memory+swap: usage 307480kB, limit 9007199254740988kB, failcnt 0
[  377.211582][T15945] kmem: usage 307136kB, limit 9007199254740988kB, failcnt 0
[  377.211596][T15945] Memory cgroup stats for /syz1:
[  377.233519][T15945] cache 0
[  377.292820][T17911] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  377.293431][T15945] rss 0
[  377.293441][T15945] shmem 0
[  377.293447][T15945] mapped_file 0
[  377.293454][T15945] dirty 0
[  377.293480][T15945] writeback 4096
[  377.300519][T17911] ext4 filesystem being mounted at /246/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  377.307773][T15945] workingset_refault_anon 1780
[  377.307786][T15945] workingset_refault_file 12145
[  377.307794][T15945] swap 286720
[  377.307813][T15945] swapcached 12288
[  377.307821][T15945] pgpgin 656566
[  377.307828][T15945] pgpgout 656550
[  377.386808][T15945] pgfault 372308
[  377.389789][T17924] lo speed is unknown, defaulting to 1000
[  377.390450][T15945] pgmajfault 1168
[  377.397653][T17924] lo speed is unknown, defaulting to 1000
[  377.399924][T15945] inactive_anon 12288
[  377.399936][T15945] active_anon 0
[  377.399994][T15945] inactive_file 53248
[  377.417386][T15945] active_file 0
[  377.421092][T15945] unevictable 0
[  377.424580][T15945] hierarchical_memory_limit 314572800
[  377.429984][T15945] hierarchical_memsw_limit 9223372036854771712
[  377.436287][T15945] total_cache 0
[  377.439766][T15945] total_rss 0
[  377.443164][T15945] total_shmem 0
[  377.446718][T15945] total_mapped_file 0
[  377.450774][T15945] total_dirty 0
[  377.454283][T15945] total_writeback 4096
[  377.458426][T15945] total_workingset_refault_anon 1780
[  377.463841][T15945] total_workingset_refault_file 12145
[  377.469228][T15945] total_swap 286720
[  377.473151][T15945] total_swapcached 12288
[  377.477409][T15945] total_pgpgin 656566
[  377.481478][T15945] total_pgpgout 656550
[  377.485564][T15945] total_pgfault 372308
[  377.489651][T15945] total_pgmajfault 1168
[  377.494022][T15945] total_inactive_anon 12288
[  377.498589][T15945] total_active_anon 0
[  377.502628][T15945] total_inactive_file 53248
[  377.507320][T15945] total_active_file 0
[  377.511348][T15945] total_unevictable 0
[  377.515447][T15945] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.4343,pid=17892,uid=0
[  377.530311][T15945] Memory cgroup out of memory: Killed process 17892 (syz.1.4343) total-vm:93680kB, anon-rss:932kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  377.618149][T17927] infiniband syz2: set active
[  377.622937][T17927] infiniband syz2: added veth0_to_bond
[  377.630438][T14135] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.634689][T17927] RDS/IB: syz2: added
[  377.643634][T17927] smc: adding ib device syz2 with port count 1
[  377.650838][T17927] smc:    ib device syz2 port 1 has pnetid 
[  378.074591][T17937] loop4: detected capacity change from 0 to 512
[  378.098154][T17937] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  378.124786][T17937] EXT4-fs (loop4): 1 truncate cleaned up
[  378.131094][T17937] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  378.147174][T17940] loop0: detected capacity change from 0 to 512
[  378.160167][T17940] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  378.188700][T17942] netlink: 197276 bytes leftover after parsing attributes in process `syz.1.4357'.
[  378.201496][T17940] EXT4-fs (loop0): 1 truncate cleaned up
[  378.207770][T17940] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  378.264339][T17948] veth0_to_bridge: entered promiscuous mode
[  378.270548][T17948] macvtap1: entered promiscuous mode
[  378.276692][T17948] macvtap1: entered allmulticast mode
[  378.282283][T17948] veth0_to_bridge: entered allmulticast mode
[  378.289564][T13631] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.300534][T17948] veth0_to_bridge: left allmulticast mode
[  378.306479][T17948] veth0_to_bridge: left promiscuous mode
[  378.317234][T14135] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.336166][T17950] vhci_hcd: invalid port number 16
[  378.341428][T17950] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  378.358659][T17954] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4362'.
[  378.374947][T17954] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4362'.
[  378.417264][   T29] kauditd_printk_skb: 133 callbacks suppressed
[  378.417278][   T29] audit: type=1400 audit(2000000244.573:6346): avc:  granted  { setsecparam } for  pid=17958 comm="syz.4.4365" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  378.464357][T17959] futex_wake_op: syz.0.4364 tries to shift op by -1; fix this program
[  378.599352][T17964] loop4: detected capacity change from 0 to 1024
[  378.684996][T17965] lo speed is unknown, defaulting to 1000
[  378.691743][T17965] lo speed is unknown, defaulting to 1000
[  378.807500][T17964] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  378.837720][T17964] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #3: comm syz.4.4366: pblk 0 bad header/extent: invalid magic - magic ff0a, entries 0, max 0(0), depth 0(0)
[  378.938833][T17964] EXT4-fs error (device loop4): ext4_quota_enable:7127: comm syz.4.4366: Bad quota inode: 3, type: 0
[  379.040584][T17964] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  379.055599][T17964] EXT4-fs (loop4): mount failed
[  379.112036][T17969] veth0_to_bridge: entered promiscuous mode
[  379.118062][T17969] macvtap1: entered promiscuous mode
[  379.123536][T17969] macvtap1: entered allmulticast mode
[  379.129108][T17969] veth0_to_bridge: entered allmulticast mode
[  379.151902][T17969] veth0_to_bridge: left allmulticast mode
[  379.157779][T17969] veth0_to_bridge: left promiscuous mode
[  379.175736][T17972] loop4: detected capacity change from 0 to 512
[  379.191561][T17972] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  379.228975][T17972] EXT4-fs (loop4): 1 truncate cleaned up
[  379.236752][T17972] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  379.324055][T17977] netlink: 'syz.1.4372': attribute type 1 has an invalid length.
[  379.335526][T17975] loop0: detected capacity change from 0 to 512
[  379.358553][T17975] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  379.362761][T17977] 8021q: adding VLAN 0 to HW filter on device bond5
[  379.406828][T17975] EXT4-fs (loop0): 1 truncate cleaned up
[  379.444353][T17975] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  379.491284][T17985] veth0_to_bridge: entered promiscuous mode
[  379.508535][T14135] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.520650][T17985] macvtap1: entered promiscuous mode
[  379.526110][T17985] macvtap1: entered allmulticast mode
[  379.531559][T17985] veth0_to_bridge: entered allmulticast mode
[  379.552728][T17985] veth0_to_bridge: left allmulticast mode
[  379.558594][T17985] veth0_to_bridge: left promiscuous mode
[  379.576042][T17975] netlink: 197276 bytes leftover after parsing attributes in process `syz.0.4371'.
[  379.576306][T17992] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4377'.
[  379.597401][T17987] lo speed is unknown, defaulting to 1000
[  379.604889][T17987] lo speed is unknown, defaulting to 1000
[  379.627654][T17992] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4377'.
[  379.666558][T13631] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.675735][T17996] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4379'.
[  379.705633][T17999] futex_wake_op: syz.2.4381 tries to shift op by -1; fix this program
[  379.745730][   T12] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  379.963252][   T12] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  379.998954][T18013] netlink: 'syz.4.4386': attribute type 1 has an invalid length.
[  380.024820][T18010] lo speed is unknown, defaulting to 1000
[  380.031324][T18010] lo speed is unknown, defaulting to 1000
[  380.182980][   T12] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.213678][T18016] loop0: detected capacity change from 0 to 512
[  380.274356][T18016] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  380.319700][T18016] EXT4-fs (loop0): 1 truncate cleaned up
[  380.331045][T18016] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  380.331505][T18013] 8021q: adding VLAN 0 to HW filter on device bond6
[  380.398991][   T12] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.430186][T13631] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.496656][T18029] loop0: detected capacity change from 0 to 512
[  380.506777][T18009] lo speed is unknown, defaulting to 1000
[  380.514172][T18029] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  380.520725][T18009] lo speed is unknown, defaulting to 1000
[  380.526367][T18029] EXT4-fs (loop0): 1 truncate cleaned up
[  380.536171][T18029] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  380.542695][   T12] bridge_slave_1: left allmulticast mode
[  380.554034][   T12] bridge_slave_1: left promiscuous mode
[  380.559747][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  380.623422][   T12] bridge_slave_0: left allmulticast mode
[  380.629418][   T12] bridge_slave_0: left promiscuous mode
[  380.635344][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  380.797057][T18040] loop4: detected capacity change from 0 to 1024
[  380.809783][T18040] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  380.827702][T18040] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #3: comm syz.4.4393: pblk 0 bad header/extent: invalid magic - magic ff0a, entries 0, max 0(0), depth 0(0)
[  380.845587][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  380.855491][T18040] EXT4-fs error (device loop4): ext4_quota_enable:7127: comm syz.4.4393: Bad quota inode: 3, type: 0
[  380.855610][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  380.876539][   T12] bond0 (unregistering): Released all slaves
[  380.877603][T18040] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  380.885453][   T12] bond1 (unregistering): Released all slaves
[  380.906789][   T12] bond2 (unregistering): Released all slaves
[  380.915442][   T12] bond3 (unregistering): Released all slaves
[  380.925687][T18040] EXT4-fs (loop4): mount failed
[  380.931550][T18029] veth0_to_bridge: entered promiscuous mode
[  380.937776][T18029] macvtap0: entered promiscuous mode
[  380.943497][T18029] macvtap0: entered allmulticast mode
[  380.949041][T18029] veth0_to_bridge: entered allmulticast mode
[  380.963524][T18029] veth0_to_bridge: left allmulticast mode
[  380.969523][T18029] veth0_to_bridge: left promiscuous mode
[  381.047308][T13631] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.092533][T18050] loop0: detected capacity change from 0 to 512
[  381.100737][T18052] loop4: detected capacity change from 0 to 1024
[  381.107756][T18052] EXT4-fs: Ignoring removed orlov option
[  381.113813][T18050] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  381.130272][   T12] hsr_slave_0: left promiscuous mode
[  381.130384][T18050] EXT4-fs (loop0): 1 truncate cleaned up
[  381.136365][T18052] EXT4-fs: Invalid want_extra_isize 130
[  381.147266][   T12] hsr_slave_1: left promiscuous mode
[  381.150981][T18050] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  381.154720][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  381.172265][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  381.264499][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  381.272118][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  381.291568][   T12] veth1_macvtap: left promiscuous mode
[  381.311818][   T12] veth0_macvtap: left promiscuous mode
[  381.317458][   T12] veth1_vlan: left promiscuous mode
[  381.340078][   T12] veth0_vlan: left promiscuous mode
[  381.346935][T13631] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.421668][T18057] futex_wake_op: syz.0.4399 tries to shift op by -1; fix this program
[  381.569909][   T12] team0 (unregistering): Port device team_slave_1 removed
[  381.812420][   T12] team0 (unregistering): Port device team_slave_0 removed
[  381.853378][T18066] netlink: 'syz.2.4398': attribute type 1 has an invalid length.
[  382.147126][T18063] lo speed is unknown, defaulting to 1000
[  382.153563][T18063] lo speed is unknown, defaulting to 1000
[  382.215145][T18066] 8021q: adding VLAN 0 to HW filter on device bond2
[  382.306844][T18076] futex_wake_op: syz.1.4400 tries to shift op by -1; fix this program
[  382.324167][T18009] chnl_net:caif_netlink_parms(): no params data found
[  382.365215][   T29] audit: type=1326 audit(2000000248.493:6347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18070 comm="syz.4.4401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b5707e929 code=0x7ffc0000
[  382.389222][   T29] audit: type=1326 audit(2000000248.493:6348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18070 comm="syz.4.4401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b5707e929 code=0x7ffc0000
[  382.413158][   T29] audit: type=1326 audit(2000000248.503:6349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18070 comm="syz.4.4401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9b570758e7 code=0x7ffc0000
[  382.437218][   T29] audit: type=1326 audit(2000000248.503:6350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18070 comm="syz.4.4401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9b5701ab19 code=0x7ffc0000
[  382.460784][   T29] audit: type=1326 audit(2000000248.503:6351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18070 comm="syz.4.4401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b5707e929 code=0x7ffc0000
[  382.484524][   T29] audit: type=1326 audit(2000000248.513:6352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18070 comm="syz.4.4401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=318 compat=0 ip=0x7f9b5707e929 code=0x7ffc0000
[  382.508343][   T29] audit: type=1326 audit(2000000248.513:6353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18070 comm="syz.4.4401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b5707e929 code=0x7ffc0000
[  382.532037][   T29] audit: type=1326 audit(2000000248.513:6354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18070 comm="syz.4.4401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7f9b5707e929 code=0x7ffc0000
[  382.536758][T18085] loop0: detected capacity change from 0 to 164
[  382.556044][   T29] audit: type=1326 audit(2000000248.513:6355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18070 comm="syz.4.4401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b5707e929 code=0x7ffc0000
[  382.603149][T18085] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  382.619243][T18081] loop4: detected capacity change from 0 to 512
[  382.626388][T18081] EXT4-fs: dax option not supported
[  382.626546][T18009] bridge0: port 1(bridge_slave_0) entered blocking state
[  382.638977][T18009] bridge0: port 1(bridge_slave_0) entered disabled state
[  382.734270][T18085] tmpfs: Unknown parameter ''
[  382.735108][T18085] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  382.735598][T18085] Symlink component flag not implemented
[  382.735605][T18085] Symlink component flag not implemented
[  382.735664][T18085] Symlink component flag not implemented (7)
[  382.735673][T18085] Symlink component flag not implemented (116)
[  382.835216][T18009] bridge_slave_0: entered allmulticast mode
[  382.836778][T18009] bridge_slave_0: entered promiscuous mode
[  382.850387][T18087] lo speed is unknown, defaulting to 1000
[  382.851054][T18087] lo speed is unknown, defaulting to 1000
[  382.955458][T18009] bridge0: port 2(bridge_slave_1) entered blocking state
[  382.955494][T18009] bridge0: port 2(bridge_slave_1) entered disabled state
[  382.956228][T18009] bridge_slave_1: entered allmulticast mode
[  382.959486][T18009] bridge_slave_1: entered promiscuous mode
[  383.011192][T18009] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  383.012954][T18009] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  383.078850][T18009] team0: Port device team_slave_0 added
[  383.085779][T18009] team0: Port device team_slave_1 added
[  383.123769][T18009] batman_adv: batadv0: Adding interface: batadv_slave_0
[  383.123787][T18009] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  383.123864][T18009] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  383.128550][T18009] batman_adv: batadv0: Adding interface: batadv_slave_1
[  383.128564][T18009] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  383.128685][T18009] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  383.205232][T18091] loop4: detected capacity change from 0 to 2048
[  383.230009][T18009] hsr_slave_0: entered promiscuous mode
[  383.230548][T18009] hsr_slave_1: entered promiscuous mode
[  383.230769][T18091]  loop4: p1 < > p4
[  383.234242][T18091] loop4: p4 size 8388608 extends beyond EOD, truncated
[  383.495153][T18009] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  383.546336][T18009] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  383.565038][T18009] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  383.583863][T18009] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  383.591157][   T29] kauditd_printk_skb: 56 callbacks suppressed
[  383.591172][   T29] audit: type=1400 audit(2000000249.753:6412): avc:  granted  { setsecparam } for  pid=18105 comm="syz.4.4410" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  383.669322][T18109] netlink: 'syz.2.4411': attribute type 1 has an invalid length.
[  383.697779][T18120] futex_wake_op: syz.4.4413 tries to shift op by -1; fix this program
[  383.722705][T18109] 8021q: adding VLAN 0 to HW filter on device bond3
[  383.855958][T18009] 8021q: adding VLAN 0 to HW filter on device bond0
[  383.870536][T18009] 8021q: adding VLAN 0 to HW filter on device team0
[  383.880833][T11080] bridge0: port 1(bridge_slave_0) entered blocking state
[  383.888330][T11080] bridge0: port 1(bridge_slave_0) entered forwarding state
[  383.911745][T18125] netlink: 'syz.2.4411': attribute type 11 has an invalid length.
[  383.950025][T18009] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  383.960674][T18009] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  383.982614][ T1731] bridge0: port 2(bridge_slave_1) entered blocking state
[  383.989928][ T1731] bridge0: port 2(bridge_slave_1) entered forwarding state
[  384.109676][T18126] lo speed is unknown, defaulting to 1000
[  384.116195][T18126] lo speed is unknown, defaulting to 1000
[  384.447870][T18131] wireguard0: entered promiscuous mode
[  384.494706][T18009] 8021q: adding VLAN 0 to HW filter on device batadv0
[  384.502632][T18136] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4416'.
[  384.614108][T18136] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4416'.
[  384.641473][   T29] audit: type=1400 audit(2000000250.804:6413): avc:  granted  { setsecparam } for  pid=18144 comm="syz.4.4419" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  384.723583][T18153] FAULT_INJECTION: forcing a failure.
[  384.723583][T18153] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  384.737031][T18153] CPU: 0 UID: 0 PID: 18153 Comm: syz.4.4421 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  384.737064][T18153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  384.737134][T18153] Call Trace:
[  384.737141][T18153]  <TASK>
[  384.737204][T18153]  __dump_stack+0x1d/0x30
[  384.737231][T18153]  dump_stack_lvl+0xe8/0x140
[  384.737254][T18153]  dump_stack+0x15/0x1b
[  384.737274][T18153]  should_fail_ex+0x265/0x280
[  384.737328][T18153]  should_fail+0xb/0x20
[  384.737395][T18153]  should_fail_usercopy+0x1a/0x20
[  384.737478][T18153]  _copy_from_user+0x1c/0xb0
[  384.737503][T18153]  get_sg_io_hdr+0x82/0x360
[  384.737528][T18153]  ? path_openat+0x1bf8/0x2170
[  384.737559][T18153]  ? __rcu_read_unlock+0x4f/0x70
[  384.737635][T18153]  sg_new_write+0xc3/0x890
[  384.737678][T18153]  sg_ioctl+0xb81/0x1360
[  384.737711][T18153]  ? __pfx_sg_ioctl+0x10/0x10
[  384.737812][T18153]  __se_sys_ioctl+0xcb/0x140
[  384.737904][T18153]  __x64_sys_ioctl+0x43/0x50
[  384.737935][T18153]  x64_sys_call+0x19a8/0x2fb0
[  384.738024][T18153]  do_syscall_64+0xd2/0x200
[  384.738043][T18153]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  384.738066][T18153]  ? clear_bhb_loop+0x40/0x90
[  384.738092][T18153]  ? clear_bhb_loop+0x40/0x90
[  384.738117][T18153]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.738213][T18153] RIP: 0033:0x7f9b5707e929
[  384.738232][T18153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  384.738252][T18153] RSP: 002b:00007f9b556e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  384.738276][T18153] RAX: ffffffffffffffda RBX: 00007f9b572a5fa0 RCX: 00007f9b5707e929
[  384.738288][T18153] RDX: 00002000000005c0 RSI: 0000000000002285 RDI: 0000000000000003
[  384.738300][T18153] RBP: 00007f9b556e7090 R08: 0000000000000000 R09: 0000000000000000
[  384.738497][T18153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  384.738511][T18153] R13: 0000000000000000 R14: 00007f9b572a5fa0 R15: 00007ffefa4c5018
[  384.738610][T18153]  </TASK>
[  385.174640][T18009] veth0_vlan: entered promiscuous mode
[  385.183975][T18009] veth1_vlan: entered promiscuous mode
[  385.202846][T18009] veth0_macvtap: entered promiscuous mode
[  385.211008][T18009] veth1_macvtap: entered promiscuous mode
[  385.223728][T18009] batman_adv: batadv0: Interface activated: batadv_slave_0
[  385.236136][T18009] batman_adv: batadv0: Interface activated: batadv_slave_1
[  385.239160][T18156] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4420'.
[  385.246994][T18009] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  385.261713][T18009] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  385.270697][T18009] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  385.279570][T18009] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  385.345583][T18172] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4426'.
[  385.355322][T18172] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4426'.
[  385.394209][T18179] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[  385.400937][T18179] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  385.408863][T18179] vhci_hcd vhci_hcd.0: Device attached
[  385.429354][   T29] audit: type=1326 audit(2000000251.584:6414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18181 comm="syz.2.4428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f44dfe929 code=0x7ffc0000
[  385.453378][   T29] audit: type=1326 audit(2000000251.584:6415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18181 comm="syz.2.4428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f44dfe929 code=0x7ffc0000
[  385.481582][   T29] audit: type=1400 audit(2000000251.644:6416): avc:  denied  { accept } for  pid=18178 comm="syz.4.4427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  385.502381][T18182] vhci_hcd: connection closed
[  385.504963][   T31] vhci_hcd: stop threads
[  385.514085][   T31] vhci_hcd: release socket
[  385.518337][   T29] audit: type=1326 audit(2000000251.664:6417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18181 comm="syz.2.4428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f4f44dfe929 code=0x7ffc0000
[  385.518598][   T31] vhci_hcd: disconnect device
[  385.547338][   T29] audit: type=1326 audit(2000000251.664:6418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18181 comm="syz.2.4428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4f44dfe963 code=0x7ffc0000
[  385.571003][   T29] audit: type=1326 audit(2000000251.664:6419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18181 comm="syz.2.4428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f4f44dfd3df code=0x7ffc0000
[  385.594771][   T29] audit: type=1326 audit(2000000251.664:6420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18181 comm="syz.2.4428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f4f44dfe9b7 code=0x7ffc0000
[  385.608855][T18189] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  385.618971][   T29] audit: type=1326 audit(2000000251.664:6421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18181 comm="syz.2.4428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4f44dfd290 code=0x7ffc0000
[  385.626816][T18189] batman_adv: batadv0: Removing interface: batadv_slave_0
[  385.661317][T18185] tmpfs: Unknown parameter ''
[  385.680454][T18189] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  385.687968][T18189] batman_adv: batadv0: Removing interface: batadv_slave_1
[  385.692130][T18191] loop0: detected capacity change from 0 to 164
[  385.706901][T18191] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  385.727458][T18191] tmpfs: Unknown parameter ''
[  385.736597][T18191] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  385.768317][T18187] tipc: Started in network mode
[  385.773417][T18187] tipc: Node identity 4, cluster identity 4711
[  385.777363][T18191] Symlink component flag not implemented
[  385.779842][T18187] tipc: Node number set to 4
[  385.790257][T18191] Symlink component flag not implemented
[  385.796448][T18191] Symlink component flag not implemented (7)
[  385.802504][T18191] Symlink component flag not implemented (116)
[  386.347649][T18208] loop4: detected capacity change from 0 to 512
[  386.363976][T18211] tmpfs: Unknown parameter 'inode
�('
[  386.371725][T18210] tmpfs: Unknown parameter 'inode
�('
[  386.395288][T18208] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  386.415010][T18208] ext4 filesystem being mounted at /275/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  386.506574][T18217] vhci_hcd: invalid port number 16
[  386.512027][T18217] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  386.557064][T14135] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.717629][T18223] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4439'.
[  386.903644][T18233] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  386.982060][T18233] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  387.052620][T18233] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  387.103567][T18240] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4442'.
[  387.122727][T18233] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  387.147464][T18242] veth0_to_bridge: entered promiscuous mode
[  387.164297][T18242] macvtap1: entered promiscuous mode
[  387.169976][T18242] macvtap1: entered allmulticast mode
[  387.175733][T18242] veth0_to_bridge: entered allmulticast mode
[  387.186176][T18242] veth0_to_bridge: left allmulticast mode
[  387.192254][T18242] veth0_to_bridge: left promiscuous mode
[  387.199991][T18247] tmpfs: Unknown parameter ''
[  387.225088][T18233] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  387.239242][T18233] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  387.277317][T18233] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  387.292280][T18233] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  387.352618][T18251] wireguard0: entered promiscuous mode
[  387.434756][T18255] vhci_hcd: invalid port number 16
[  387.440047][T18255] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  387.589469][T18262] vhci_hcd: invalid port number 16
[  387.594724][T18262] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  387.613128][T18264] FAULT_INJECTION: forcing a failure.
[  387.613128][T18264] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  387.626453][T18264] CPU: 0 UID: 0 PID: 18264 Comm: syz.1.4452 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  387.626487][T18264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  387.626500][T18264] Call Trace:
[  387.626508][T18264]  <TASK>
[  387.626552][T18264]  __dump_stack+0x1d/0x30
[  387.626577][T18264]  dump_stack_lvl+0xe8/0x140
[  387.626596][T18264]  dump_stack+0x15/0x1b
[  387.626611][T18264]  should_fail_ex+0x265/0x280
[  387.626638][T18264]  should_fail+0xb/0x20
[  387.626747][T18264]  should_fail_usercopy+0x1a/0x20
[  387.626784][T18264]  _copy_from_user+0x1c/0xb0
[  387.626866][T18264]  ___sys_sendmsg+0xc1/0x1d0
[  387.626906][T18264]  __x64_sys_sendmsg+0xd4/0x160
[  387.626929][T18264]  x64_sys_call+0x2999/0x2fb0
[  387.627010][T18264]  do_syscall_64+0xd2/0x200
[  387.627031][T18264]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  387.627127][T18264]  ? clear_bhb_loop+0x40/0x90
[  387.627157][T18264]  ? clear_bhb_loop+0x40/0x90
[  387.627178][T18264]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  387.627201][T18264] RIP: 0033:0x7f370634e929
[  387.627219][T18264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  387.627240][T18264] RSP: 002b:00007f37049b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  387.627286][T18264] RAX: ffffffffffffffda RBX: 00007f3706575fa0 RCX: 00007f370634e929
[  387.627300][T18264] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[  387.627314][T18264] RBP: 00007f37049b7090 R08: 0000000000000000 R09: 0000000000000000
[  387.627328][T18264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  387.627343][T18264] R13: 0000000000000000 R14: 00007f3706575fa0 R15: 00007ffdecbd2cb8
[  387.627365][T18264]  </TASK>
[  387.865142][T18269] lo speed is unknown, defaulting to 1000
[  387.872170][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  387.879762][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  387.887317][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  387.910756][T18269] lo speed is unknown, defaulting to 1000
[  387.940116][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  387.947650][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  387.955152][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  387.962695][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  387.970329][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  387.977930][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  387.985523][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  387.992968][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  388.000630][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  388.008112][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  388.130478][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  388.138006][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  388.145665][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  388.153299][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  388.160741][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  388.168507][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  388.176136][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  388.183660][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  388.191420][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  388.198882][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  388.206601][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  388.214606][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  388.222106][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  388.229527][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  388.237047][ T5130] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  388.256240][ T5130] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  388.298069][T18283] futex_wake_op: syz.1.4457 tries to shift op by -1; fix this program
[  388.517698][T18296] lo speed is unknown, defaulting to 1000
[  388.524390][T18296] lo speed is unknown, defaulting to 1000
[  388.857325][T18294] vhci_hcd: invalid port number 16
[  388.862812][T18294] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  388.976711][   T29] kauditd_printk_skb: 182 callbacks suppressed
[  388.976729][   T29] audit: type=1400 audit(2000000255.134:6604): avc:  granted  { setsecparam } for  pid=18300 comm="syz.2.4463" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  389.211532][T18249] loop5: detected capacity change from 0 to 512
[  389.342562][T18313] lo speed is unknown, defaulting to 1000
[  389.349167][T18313] lo speed is unknown, defaulting to 1000
[  389.654383][   T29] audit: type=1326 audit(2000000255.814:6605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18317 comm="syz.4.4468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b5707e929 code=0x7ffc0000
[  389.687075][T18318] audit: audit_lost=3 audit_rate_limit=0 audit_backlog_limit=64
[  389.694820][T18318] audit: out of memory in audit_log_start
[  389.701140][   T29] audit: type=1326 audit(2000000255.844:6606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18317 comm="syz.4.4468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b5707e929 code=0x7ffc0000
[  389.725067][   T29] audit: type=1326 audit(2000000255.844:6607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18317 comm="syz.4.4468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9b5707e929 code=0x7ffc0000
[  389.749166][   T29] audit: type=1326 audit(2000000255.844:6608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18317 comm="syz.4.4468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b5707e929 code=0x7ffc0000
[  389.773213][   T29] audit: type=1326 audit(2000000255.844:6609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18317 comm="syz.4.4468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9b5707e929 code=0x7ffc0000
[  389.796881][   T29] audit: type=1326 audit(2000000255.844:6610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18317 comm="syz.4.4468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b5707e929 code=0x7ffc0000
[  389.820534][   T29] audit: type=1326 audit(2000000255.844:6611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18317 comm="syz.4.4468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9b5707e929 code=0x7ffc0000
[  389.854692][T18249] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  389.870575][T18249] ext4 filesystem being mounted at /2/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  390.030904][T18009] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  390.161242][T18339] netlink: 197276 bytes leftover after parsing attributes in process `syz.2.4475'.
[  390.213813][T18342] vhci_hcd: invalid port number 16
[  390.219031][T18342] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  390.279055][T18357] 9pnet_fd: Insufficient options for proto=fd
[  390.323532][T18361] loop0: detected capacity change from 0 to 512
[  390.341470][T18363] lo speed is unknown, defaulting to 1000
[  390.347744][T18363] lo speed is unknown, defaulting to 1000
[  390.354480][T18361] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  390.401589][T18361] EXT4-fs (loop0): 1 truncate cleaned up
[  390.417948][T18361] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  390.494739][T18374] netlink: 197276 bytes leftover after parsing attributes in process `syz.2.4488'.
[  390.533705][T18376] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.571506][T13631] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  390.586458][T18376] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.653133][T18376] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.664685][T18386] 9pnet_fd: Insufficient options for proto=fd
[  390.735643][T18376] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.817686][T18376] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  390.829683][T18376] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  390.910731][T18376] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  390.924107][T18376] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  391.041938][T18409] vhci_hcd: invalid port number 16
[  391.047131][T18409] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  391.066874][T18412] wireguard0: entered promiscuous mode
[  391.128457][T18418] FAULT_INJECTION: forcing a failure.
[  391.128457][T18418] name failslab, interval 1, probability 0, space 0, times 0
[  391.141439][T18418] CPU: 0 UID: 0 PID: 18418 Comm: syz.0.4498 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  391.141496][T18418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  391.141511][T18418] Call Trace:
[  391.141520][T18418]  <TASK>
[  391.141529][T18418]  __dump_stack+0x1d/0x30
[  391.141555][T18418]  dump_stack_lvl+0xe8/0x140
[  391.141575][T18418]  dump_stack+0x15/0x1b
[  391.141612][T18418]  should_fail_ex+0x265/0x280
[  391.141647][T18418]  should_failslab+0x8c/0xb0
[  391.141674][T18418]  kmem_cache_alloc_node_noprof+0x57/0x320
[  391.141758][T18418]  ? __alloc_skb+0x101/0x320
[  391.141790][T18418]  __alloc_skb+0x101/0x320
[  391.141890][T18418]  netlink_alloc_large_skb+0xba/0xf0
[  391.141967][T18418]  netlink_sendmsg+0x3cf/0x6b0
[  391.142034][T18418]  ? __pfx_netlink_sendmsg+0x10/0x10
[  391.142083][T18418]  __sock_sendmsg+0x142/0x180
[  391.142112][T18418]  ____sys_sendmsg+0x31e/0x4e0
[  391.142171][T18418]  ___sys_sendmsg+0x17b/0x1d0
[  391.142202][T18418]  __x64_sys_sendmsg+0xd4/0x160
[  391.142228][T18418]  x64_sys_call+0x2999/0x2fb0
[  391.142261][T18418]  do_syscall_64+0xd2/0x200
[  391.142282][T18418]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  391.142308][T18418]  ? clear_bhb_loop+0x40/0x90
[  391.142332][T18418]  ? clear_bhb_loop+0x40/0x90
[  391.142426][T18418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.142446][T18418] RIP: 0033:0x7f991efae929
[  391.142461][T18418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  391.142517][T18418] RSP: 002b:00007f991d617038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  391.142540][T18418] RAX: ffffffffffffffda RBX: 00007f991f1d5fa0 RCX: 00007f991efae929
[  391.142555][T18418] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000005
[  391.142570][T18418] RBP: 00007f991d617090 R08: 0000000000000000 R09: 0000000000000000
[  391.142584][T18418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  391.142598][T18418] R13: 0000000000000000 R14: 00007f991f1d5fa0 R15: 00007ffccf99edd8
[  391.142620][T18418]  </TASK>
[  391.398869][T18423] loop5: detected capacity change from 0 to 512
[  391.410630][T18423] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  391.431322][T18423] EXT4-fs (loop5): 1 truncate cleaned up
[  391.437702][T18423] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  391.455605][T18423] netlink: 197276 bytes leftover after parsing attributes in process `syz.5.4500'.
[  391.479240][T18009] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  391.570986][T18441] FAULT_INJECTION: forcing a failure.
[  391.570986][T18441] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  391.584502][T18441] CPU: 0 UID: 0 PID: 18441 Comm: syz.5.4509 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  391.584531][T18441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  391.584543][T18441] Call Trace:
[  391.584551][T18441]  <TASK>
[  391.584559][T18441]  __dump_stack+0x1d/0x30
[  391.584583][T18441]  dump_stack_lvl+0xe8/0x140
[  391.584604][T18441]  dump_stack+0x15/0x1b
[  391.584688][T18441]  should_fail_ex+0x265/0x280
[  391.584763][T18441]  should_fail+0xb/0x20
[  391.584909][T18441]  should_fail_usercopy+0x1a/0x20
[  391.584944][T18441]  _copy_from_user+0x1c/0xb0
[  391.584966][T18441]  do_ip_getsockopt+0x12a/0xfe0
[  391.585077][T18441]  ? _parse_integer+0x27/0x40
[  391.585100][T18441]  ? __rcu_read_unlock+0x4f/0x70
[  391.585123][T18441]  ? avc_has_perm_noaudit+0x1b1/0x200
[  391.585156][T18441]  ? avc_has_perm+0xd3/0x150
[  391.585229][T18441]  ip_getsockopt+0x5c/0x180
[  391.585258][T18441]  ? selinux_socket_getsockopt+0x160/0x1b0
[  391.585292][T18441]  ? selinux_socket_getsockopt+0x160/0x1b0
[  391.585384][T18441]  tcp_getsockopt+0xad/0xe0
[  391.585430][T18441]  sock_common_getsockopt+0x60/0x70
[  391.585458][T18441]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  391.585537][T18441]  do_sock_getsockopt+0x200/0x240
[  391.585613][T18441]  __x64_sys_getsockopt+0x11e/0x1a0
[  391.585650][T18441]  x64_sys_call+0x12aa/0x2fb0
[  391.585702][T18441]  do_syscall_64+0xd2/0x200
[  391.585720][T18441]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  391.585745][T18441]  ? clear_bhb_loop+0x40/0x90
[  391.585766][T18441]  ? clear_bhb_loop+0x40/0x90
[  391.585813][T18441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.585836][T18441] RIP: 0033:0x7fad5c58e929
[  391.585853][T18441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  391.585873][T18441] RSP: 002b:00007fad5abf7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  391.585970][T18441] RAX: ffffffffffffffda RBX: 00007fad5c7b5fa0 RCX: 00007fad5c58e929
[  391.585983][T18441] RDX: 0000000000000053 RSI: 0000000000000000 RDI: 0000000000000003
[  391.585996][T18441] RBP: 00007fad5abf7090 R08: 0000200000000040 R09: 0000000000000000
[  391.586009][T18441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  391.586023][T18441] R13: 0000000000000000 R14: 00007fad5c7b5fa0 R15: 00007ffd3ee09f78
[  391.586043][T18441]  </TASK>
[  391.608189][T18444] lo speed is unknown, defaulting to 1000
[  391.632557][T18442] vhci_hcd: invalid port number 16
[  391.647344][T18444] lo speed is unknown, defaulting to 1000
[  391.651630][T18442] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  392.104429][T18452] loop5: detected capacity change from 0 to 512
[  392.125547][T18452] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  392.147951][T18452] ext4 filesystem being mounted at /9/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  392.269654][T18009] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  392.329324][T18463] loop5: detected capacity change from 0 to 512
[  392.402625][T18463] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  392.431843][T18463] EXT4-fs (loop5): 1 truncate cleaned up
[  392.444746][T18463] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  392.475258][T18463] veth0_to_bridge: entered promiscuous mode
[  392.493061][T18468] netlink: 'syz.1.4517': attribute type 1 has an invalid length.
[  392.500972][T18463] macvtap1: entered promiscuous mode
[  392.506415][T18463] macvtap1: entered allmulticast mode
[  392.511916][T18463] veth0_to_bridge: entered allmulticast mode
[  392.532018][T18463] veth0_to_bridge: left allmulticast mode
[  392.537957][T18463] veth0_to_bridge: left promiscuous mode
[  392.633413][T18468] 8021q: adding VLAN 0 to HW filter on device bond6
[  392.736974][T18009] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  392.848645][T18481] loop5: detected capacity change from 0 to 1024
[  392.860977][T18481] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  392.878992][T18470] netlink: 'syz.1.4517': attribute type 11 has an invalid length.
[  392.892199][T18481] EXT4-fs error (device loop5): ext4_ext_check_inode:523: inode #3: comm syz.5.4520: pblk 0 bad header/extent: invalid magic - magic ff0a, entries 0, max 0(0), depth 0(0)
[  392.930514][T18481] EXT4-fs error (device loop5): ext4_quota_enable:7127: comm syz.5.4520: Bad quota inode: 3, type: 0
[  392.943482][T18481] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  392.958518][T18481] EXT4-fs (loop5): mount failed
[  392.981950][T18486] vhci_hcd: invalid port number 16
[  392.987161][T18486] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  393.025894][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.033652][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.041166][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.050736][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.058183][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.065736][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.073293][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.080726][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.088262][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.096238][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.103827][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.111308][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.118817][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.129428][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.136985][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.144574][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.152040][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.159490][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.166989][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.174579][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.182166][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.189598][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.197162][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.204679][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.212215][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.219624][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.227228][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.232598][T18495] loop5: detected capacity change from 0 to 2048
[  393.234986][ T3479] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  393.291120][T18495]  loop5: p1 < > p4
[  393.298118][T18497] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4525'.
[  393.308437][T18495] loop5: p4 size 8388608 extends beyond EOD, truncated
[  393.367086][ T3479] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  393.430928][T18501] FAULT_INJECTION: forcing a failure.
[  393.430928][T18501] name failslab, interval 1, probability 0, space 0, times 0
[  393.443692][T18501] CPU: 0 UID: 0 PID: 18501 Comm: syz.1.4527 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  393.443787][T18501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  393.443798][T18501] Call Trace:
[  393.443805][T18501]  <TASK>
[  393.443814][T18501]  __dump_stack+0x1d/0x30
[  393.443882][T18501]  dump_stack_lvl+0xe8/0x140
[  393.443905][T18501]  dump_stack+0x15/0x1b
[  393.443924][T18501]  should_fail_ex+0x265/0x280
[  393.443968][T18501]  should_failslab+0x8c/0xb0
[  393.444049][T18501]  kmem_cache_alloc_node_noprof+0x57/0x320
[  393.444075][T18501]  ? __alloc_skb+0x101/0x320
[  393.444178][T18501]  __alloc_skb+0x101/0x320
[  393.444211][T18501]  netlink_alloc_large_skb+0xba/0xf0
[  393.444247][T18501]  netlink_sendmsg+0x3cf/0x6b0
[  393.444268][T18501]  ? __pfx_netlink_sendmsg+0x10/0x10
[  393.444286][T18501]  __sock_sendmsg+0x142/0x180
[  393.444378][T18501]  ____sys_sendmsg+0x31e/0x4e0
[  393.444415][T18501]  ___sys_sendmsg+0x17b/0x1d0
[  393.444445][T18501]  __x64_sys_sendmsg+0xd4/0x160
[  393.444547][T18501]  x64_sys_call+0x2999/0x2fb0
[  393.444571][T18501]  do_syscall_64+0xd2/0x200
[  393.444604][T18501]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  393.444635][T18501]  ? clear_bhb_loop+0x40/0x90
[  393.444659][T18501]  ? clear_bhb_loop+0x40/0x90
[  393.444741][T18501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.444761][T18501] RIP: 0033:0x7f370634e929
[  393.444820][T18501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  393.444842][T18501] RSP: 002b:00007f37049b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  393.444866][T18501] RAX: ffffffffffffffda RBX: 00007f3706575fa0 RCX: 00007f370634e929
[  393.444902][T18501] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  393.444914][T18501] RBP: 00007f37049b7090 R08: 0000000000000000 R09: 0000000000000000
[  393.444927][T18501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  393.444941][T18501] R13: 0000000000000000 R14: 00007f3706575fa0 R15: 00007ffdecbd2cb8
[  393.444963][T18501]  </TASK>
[  393.731585][T18504] wireguard0: entered promiscuous mode
[  393.973396][T18510] loop0: detected capacity change from 0 to 512
[  393.994579][T18512] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4532'.
[  394.011116][   T29] kauditd_printk_skb: 187 callbacks suppressed
[  394.011133][   T29] audit: type=1400 audit(2000000260.174:6799): avc:  denied  { execute } for  pid=18513 comm="syz.5.4533" dev="tmpfs" ino=727 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  394.052366][T18510] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  394.056757][T18521] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4532'.
[  394.079847][T18510] ext4 filesystem being mounted at /268/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  394.082038][   T29] audit: type=1400 audit(2000000260.174:6800): avc:  denied  { execute_no_trans } for  pid=18513 comm="syz.5.4533" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=727 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  394.165227][   T29] audit: type=1400 audit(2000000260.314:6801): avc:  denied  { setopt } for  pid=18511 comm="syz.1.4532" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  394.185964][   T29] audit: type=1400 audit(2000000260.314:6802): avc:  denied  { create } for  pid=18511 comm="syz.1.4532" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  394.206039][   T29] audit: type=1400 audit(2000000260.314:6803): avc:  denied  { setopt } for  pid=18511 comm="syz.1.4532" lport=4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  394.217543][T18526] lo speed is unknown, defaulting to 1000
[  394.226903][   T29] audit: type=1400 audit(2000000260.314:6804): avc:  denied  { connect } for  pid=18511 comm="syz.1.4532" lport=4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  394.254612][T18526] lo speed is unknown, defaulting to 1000
[  394.383521][T18531] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4536'.
[  394.396308][T13631] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  394.426150][   T29] audit: type=1400 audit(2000000260.584:6805): avc:  denied  { setopt } for  pid=18533 comm="syz.4.4538" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  394.450862][T18536] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4537'.
[  394.461346][T18534] futex_wake_op: syz.4.4538 tries to shift op by -1; fix this program
[  394.479838][T18536] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4537'.
[  394.663320][T18545] lo speed is unknown, defaulting to 1000
[  394.669503][T18545] lo speed is unknown, defaulting to 1000
[  394.766894][T18547] vhci_hcd: invalid port number 16
[  394.772238][T18547] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  395.216128][   T29] audit: type=1400 audit(2000000261.374:6806): avc:  denied  { associate } for  pid=18570 comm="syz.1.4547" name="0" dev="devpts" ino=3 scontext=system_u:object_r:mouse_device_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  395.325330][T18577] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4551'.
[  395.339983][   T29] audit: type=1400 audit(2000000261.494:6807): avc:  denied  { read write } for  pid=18572 comm="syz.4.4552" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  395.364291][   T29] audit: type=1400 audit(2000000261.494:6808): avc:  denied  { open } for  pid=18572 comm="syz.4.4552" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  395.371618][T18576] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4550'.
[  395.402552][T18574] random: crng reseeded on system resumption
[  395.430916][T18577] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4551'.
[  395.440763][T18581] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4550'.
[  395.664953][T18592] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  395.723322][T18592] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  395.872512][T18592] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  395.908048][T18606] loop5: detected capacity change from 0 to 512
[  395.922429][T18592] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  395.948281][T18606] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  395.978153][T18592] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  395.992208][T18592] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  396.013316][T18592] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  396.041287][T18606] EXT4-fs (loop5): 1 truncate cleaned up
[  396.047334][T18606] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  396.065311][T18592] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  396.110230][T18613] FAULT_INJECTION: forcing a failure.
[  396.110230][T18613] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  396.124093][T18613] CPU: 1 UID: 0 PID: 18613 Comm: syz.0.4563 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  396.124153][T18613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  396.124165][T18613] Call Trace:
[  396.124173][T18613]  <TASK>
[  396.124182][T18613]  __dump_stack+0x1d/0x30
[  396.124203][T18613]  dump_stack_lvl+0xe8/0x140
[  396.124220][T18613]  dump_stack+0x15/0x1b
[  396.124287][T18613]  should_fail_ex+0x265/0x280
[  396.124372][T18613]  should_fail+0xb/0x20
[  396.124396][T18613]  should_fail_usercopy+0x1a/0x20
[  396.124471][T18613]  _copy_from_user+0x1c/0xb0
[  396.124495][T18613]  memdup_user+0x5e/0xd0
[  396.124561][T18613]  strndup_user+0x68/0xb0
[  396.124581][T18613]  __se_sys_mount+0x4d/0x2e0
[  396.124605][T18613]  ? __bpf_trace_sys_enter+0x10/0x30
[  396.124630][T18613]  ? trace_sys_enter+0xd0/0x110
[  396.124656][T18613]  __x64_sys_mount+0x67/0x80
[  396.124716][T18613]  x64_sys_call+0xd36/0x2fb0
[  396.124741][T18613]  do_syscall_64+0xd2/0x200
[  396.124768][T18613]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  396.124792][T18613]  ? clear_bhb_loop+0x40/0x90
[  396.124815][T18613]  ? clear_bhb_loop+0x40/0x90
[  396.124853][T18613]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.124908][T18613] RIP: 0033:0x7f991efae929
[  396.124923][T18613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  396.124942][T18613] RSP: 002b:00007f991d617038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  396.124965][T18613] RAX: ffffffffffffffda RBX: 00007f991f1d5fa0 RCX: 00007f991efae929
[  396.124980][T18613] RDX: 00002000000002c0 RSI: 0000200000000280 RDI: 0000200000000100
[  396.124994][T18613] RBP: 00007f991d617090 R08: 0000200000000300 R09: 0000000000000000
[  396.125007][T18613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  396.125031][T18613] R13: 0000000000000000 R14: 00007f991f1d5fa0 R15: 00007ffccf99edd8
[  396.125049][T18613]  </TASK>
[  396.202993][T18616] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4565'.
[  396.213444][T18616] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4565'.
[  396.221760][T18606] veth0_to_bridge: entered promiscuous mode
[  396.221901][T18606] macvtap1: entered promiscuous mode
[  396.221960][T18606] macvtap1: entered allmulticast mode
[  396.221972][T18606] veth0_to_bridge: entered allmulticast mode
[  396.246613][T18606] veth0_to_bridge: left allmulticast mode
[  396.246762][T18606] veth0_to_bridge: left promiscuous mode
[  396.277298][T18620] lo speed is unknown, defaulting to 1000
[  396.277576][T18620] lo speed is unknown, defaulting to 1000
[  396.306503][T18622] netlink: 197276 bytes leftover after parsing attributes in process `syz.2.4568'.
[  396.428549][T18629] loop0: detected capacity change from 0 to 512
[  396.532744][T18009] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  396.540118][T18629] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  396.565491][T18629] EXT4-fs (loop0): 1 truncate cleaned up
[  396.591054][T18629] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  396.665945][T18637] tmpfs: Unknown parameter ''
[  396.808236][T13631] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  396.975349][T18651] loop0: detected capacity change from 0 to 512
[  397.043299][T18651] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  397.103431][T18651] ext4 filesystem being mounted at /275/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  397.271584][T13631] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  397.292847][T18661] wireguard0: entered promiscuous mode
[  397.369346][T18666] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4580'.
[  397.382609][T18666] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4580'.
[  397.424787][T18635] syz.5.4570 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  397.435955][T18635] CPU: 0 UID: 0 PID: 18635 Comm: syz.5.4570 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  397.435986][T18635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  397.436055][T18635] Call Trace:
[  397.436064][T18635]  <TASK>
[  397.436074][T18635]  __dump_stack+0x1d/0x30
[  397.436097][T18635]  dump_stack_lvl+0xe8/0x140
[  397.436115][T18635]  dump_stack+0x15/0x1b
[  397.436191][T18635]  dump_header+0x81/0x220
[  397.436220][T18635]  oom_kill_process+0x334/0x3f0
[  397.436317][T18635]  out_of_memory+0x979/0xb80
[  397.436393][T18635]  try_charge_memcg+0x5e6/0x9e0
[  397.436423][T18635]  charge_memcg+0x51/0xc0
[  397.436490][T18635]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  397.436530][T18635]  __read_swap_cache_async+0x1df/0x350
[  397.436563][T18635]  swap_cluster_readahead+0x277/0x3e0
[  397.436596][T18635]  swapin_readahead+0xde/0x6f0
[  397.436696][T18635]  ? __filemap_get_folio+0x4f7/0x6b0
[  397.436727][T18635]  ? __rcu_read_unlock+0x34/0x70
[  397.436757][T18635]  ? swap_cache_get_folio+0x77/0x200
[  397.436802][T18635]  do_swap_page+0x301/0x2430
[  397.436841][T18635]  ? css_rstat_updated+0xcd/0x5b0
[  397.436869][T18635]  ? __pfx_default_wake_function+0x10/0x10
[  397.436967][T18635]  handle_mm_fault+0x9a5/0x2be0
[  397.436989][T18635]  ? mas_walk+0xf2/0x120
[  397.437020][T18635]  do_user_addr_fault+0x636/0x1090
[  397.437119][T18635]  exc_page_fault+0x62/0xa0
[  397.437146][T18635]  asm_exc_page_fault+0x26/0x30
[  397.437165][T18635] RIP: 0033:0x7fad5c5c1193
[  397.437182][T18635] Code: df 08 00 48 8d 3d 76 df 08 00 e8 f8 48 f6 ff 0f 1f 84 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 <80> 3d 9e 43 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 c3 66 2e 0f
[  397.437199][T18635] RSP: 002b:00007ffd3ee0a098 EFLAGS: 00010293
[  397.437266][T18635] RAX: 00000000fffffffa RBX: 00007fad5c7b5fa0 RCX: 0000000000000000
[  397.437280][T18635] RDX: 00007ffd3ee0a0b0 RSI: 0000000000000000 RDI: 0000000000000000
[  397.437293][T18635] RBP: 00007fad5c7b7ba0 R08: 000000001848ed73 R09: 7fffffffffffffff
[  397.437307][T18635] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000000610a3
[  397.437320][T18635] R13: 00007fad5c7b6080 R14: ffffffffffffffff R15: 00007ffd3ee0a1f0
[  397.437338][T18635]  </TASK>
[  397.437344][T18635] memory: usage 307200kB, limit 307200kB, failcnt 139
[  397.473262][T18672] loop4: detected capacity change from 0 to 512
[  397.476545][T18635] memory+swap: usage 307400kB, limit 9007199254740988kB, failcnt 0
[  397.476564][T18635] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[  397.508381][T18670] netlink: 197276 bytes leftover after parsing attributes in process `syz.2.4582'.
[  397.510168][T18635] Memory cgroup stats for 
[  397.531307][T18672] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  397.536223][T18635] /syz5:
[  397.536752][T18635] cache 0
[  397.633515][T18672] EXT4-fs (loop4): 1 truncate cleaned up
[  397.636150][T18635] rss 0
[  397.636160][T18635] shmem 0
[  397.636168][T18635] mapped_file 0
[  397.645054][T18672] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  397.652395][T18635] dirty 0
[  397.652408][T18635] writeback 0
[  397.652416][T18635] workingset_refault_anon 37
[  397.652425][T18635] workingset_refault_file 0
[  397.652438][T18635] swap 212992
[  397.652444][T18635] swapcached 4096
[  397.652451][T18635] pgpgin 28005
[  397.652492][T18635] pgpgout 28004
[  397.652498][T18635] pgfault 14161
[  397.652506][T18635] pgmajfault 15
[  397.652513][T18635] inactive_anon 0
[  397.652521][T18635] active_anon 0
[  397.652529][T18635] inactive_file 0
[  397.652585][T18635] active_file 0
[  397.652592][T18635] unevictable 0
[  397.652600][T18635] hierarchical_memory_limit 314572800
[  397.652655][T18635] hierarchical_memsw_limit 9223372036854771712
[  397.652664][T18635] total_cache 0
[  397.652671][T18635] total_rss 0
[  397.652678][T18635] total_shmem 0
[  397.652685][T18635] total_mapped_file 0
[  397.652693][T18635] total_dirty 0
[  397.652701][T18635] total_writeback 0
[  397.652709][T18635] total_workingset_refault_anon 37
[  397.652718][T18635] total_workingset_refault_file 0
[  397.652739][T18635] total_swap 212992
[  397.652747][T18635] total_swapcached 4096
[  397.652766][T18635] total_pgpgin 28005
[  397.652773][T18635] total_pgpgout 28004
[  397.652781][T18635] total_pgfault 14161
[  397.652789][T18635] total_pgmajfault 15
[  397.652797][T18635] total_inactive_anon 0
[  397.652805][T18635] total_active_anon 0
[  397.652814][T18635] total_inactive_file 0
[  397.652822][T18635] total_active_file 0
[  397.652836][T18635] total_unevictable 0
[  397.652844][T18635] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.4570,pid=18635,uid=0
[  397.652934][T18635] Memory cgroup out of memory: Killed process 18635 (syz.5.4570) total-vm:93752kB, anon-rss:936kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  397.973936][T18686] loop0: detected capacity change from 0 to 512
[  398.001635][T18686] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  398.017356][T18686] ext4 filesystem being mounted at /278/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  398.062598][T14135] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  398.256430][T13631] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  398.277234][T18701] loop5: detected capacity change from 0 to 512
[  398.293217][T18701] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  398.307382][T18697] loop4: detected capacity change from 0 to 8192
[  398.330488][T18697] vfat: Unknown parameter '01777777777777777777777��18446744073709551615�����������6��֚��oCn�i�L��i �Ҿ��jI7���#D+2U��G�׸"���W�������mEE3i��n�eO}4�+�����l��
[  398.330488][T18697] WG"��`P�u�gƻPl���^.OE�/�� �Ӕ�'
[  398.362858][T18701] EXT4-fs (loop5): warning: maximal mount count reached, running e2fsck is recommended
[  398.429899][T18701] EXT4-fs error (device loop5): ext4_orphan_get:1393: comm syz.5.4594: inode #15: comm syz.5.4594: iget: illegal inode #
[  398.479336][T18709] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.490417][T18701] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.4594: couldn't read orphan inode 15 (err -117)
[  398.522288][T18701] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  398.562061][T18709] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.582985][T18009] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  398.731027][T18709] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.856819][T18709] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.869370][T18726] loop5: detected capacity change from 0 to 128
[  398.876282][T18726] vfat: Unknown parameter '���~���H����
[  398.876282][T18726] z��
�'
[  398.924585][T18726] SELinux: syz.5.4600 (18726) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  399.034051][T18709] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  399.054560][   T29] kauditd_printk_skb: 109 callbacks suppressed
[  399.054577][   T29] audit: type=1326 audit(2000000265.214:6918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18725 comm="syz.5.4600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fad5c58e929 code=0x7ffc0000
[  399.084614][   T29] audit: type=1326 audit(2000000265.214:6919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18725 comm="syz.5.4600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad5c58e929 code=0x7ffc0000
[  399.137730][T18709] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  399.149322][T18709] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  399.172209][T18709] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  399.376084][T18738] loop4: detected capacity change from 0 to 512
[  399.410021][   T29] audit: type=1326 audit(2000000265.274:6920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18725 comm="syz.5.4600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7fad5c58e929 code=0x7ffc0000
[  399.415269][T18738] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  399.433559][   T29] audit: type=1326 audit(2000000265.274:6921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18725 comm="syz.5.4600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad5c58e929 code=0x7ffc0000
[  399.467934][   T29] audit: type=1326 audit(2000000265.274:6922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18725 comm="syz.5.4600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fad5c58e929 code=0x7ffc0000
[  399.492089][   T29] audit: type=1326 audit(2000000265.274:6923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18725 comm="syz.5.4600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad5c58e929 code=0x7ffc0000
[  399.516018][   T29] audit: type=1326 audit(2000000265.274:6924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18725 comm="syz.5.4600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fad5c58e929 code=0x7ffc0000
[  399.540374][   T29] audit: type=1326 audit(2000000265.274:6925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18725 comm="syz.5.4600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad5c58e929 code=0x7ffc0000
[  399.564102][   T29] audit: type=1326 audit(2000000265.274:6926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18725 comm="syz.5.4600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fad5c58e929 code=0x7ffc0000
[  399.588661][   T29] audit: type=1326 audit(2000000265.274:6927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18725 comm="syz.5.4600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad5c58e929 code=0x7ffc0000
[  399.671880][T18742] wireguard0: entered promiscuous mode
[  399.681901][T18738] EXT4-fs (loop4): 1 truncate cleaned up
[  399.700311][T18738] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  399.720399][T18749] vhci_hcd: invalid port number 16
[  399.725784][T18749] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  399.953021][T18763] loop5: detected capacity change from 0 to 512
[  399.982299][T14135] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  399.988081][T18768] lo speed is unknown, defaulting to 1000
[  399.993761][T18763] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  399.997626][T18768] lo speed is unknown, defaulting to 1000
[  400.048744][T18763] ext4 filesystem being mounted at /38/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  400.084704][T18774] netlink: 'syz.4.4617': attribute type 1 has an invalid length.
[  400.132190][T18774] 8021q: adding VLAN 0 to HW filter on device bond7
[  400.246017][T18009] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  400.369052][T18784] loop5: detected capacity change from 0 to 512
[  400.422344][T18784] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  400.453608][T18784] EXT4-fs (loop5): 1 truncate cleaned up
[  400.491349][T18784] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  400.605527][T18009] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  400.669776][T18791] vhci_hcd: invalid port number 16
[  400.675073][T18791] vhci_hcd: default hub control req: 0000 v0008 i0010 l0
[  400.709761][T18795] __nla_validate_parse: 9 callbacks suppressed
[  400.709781][T18795] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4624'.
[  400.731474][T18797] netlink: 197276 bytes leftover after parsing attributes in process `syz.1.4625'.
[  400.780514][T18795] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4624'.
[  400.821670][T18805] futex_wake_op: syz.5.4628 tries to shift op by -1; fix this program
[  400.878561][T18809] tmpfs: Unknown parameter ''
[  401.043311][T18816] lo speed is unknown, defaulting to 1000
[  401.049810][T18816] lo speed is unknown, defaulting to 1000
[  401.373540][T18820] loop0: detected capacity change from 0 to 512
[  401.455518][T18820] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  401.473203][T18828] loop4: detected capacity change from 0 to 512
[  401.477686][T18826] lo speed is unknown, defaulting to 1000
[  401.482302][T18828] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  401.507752][T18828] EXT4-fs (loop4): 1 truncate cleaned up
[  401.510611][T18826] lo speed is unknown, defaulting to 1000
[  401.525004][T18828] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  401.542113][T18828] netlink: 197276 bytes leftover after parsing attributes in process `syz.4.4637'.
[  401.575060][T14135] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  401.588497][T18820] EXT4-fs (loop0): 1 truncate cleaned up
[  401.605287][T18820] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  401.644854][T18834] loop4: detected capacity change from 0 to 512
[  401.704243][T18834] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  401.741029][T18834] EXT4-fs (loop4): 1 truncate cleaned up
[  401.747204][T18834] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  401.876321][T18839] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4639'.
[  401.920862][T14135] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  401.929374][T18846] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4639'.
[  402.020470][T13631] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  402.097405][T18853] loop4: detected capacity change from 0 to 512
[  402.104154][T18856] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4646'.
[  402.125213][T18853] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  402.139592][T18853] ext4 filesystem being mounted at /306/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  402.160538][T18862] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4646'.
[  402.237505][T14135] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  402.303366][   T23] hid (null): global environment stack underflow
[  402.316172][T18871] 9pnet: p9_errstr2errno: server reported unknown error �@�0x0000000000000008
[  402.335900][   T23] hid-generic 0009:80000000:10000.0004: global environment stack underflow
[  402.344584][   T23] hid-generic 0009:80000000:10000.0004: item 0 1 1 11 parsing failed
[  402.359097][   T23] hid-generic 0009:80000000:10000.0004: probe with driver hid-generic failed with error -22
[  402.386152][T18876] 9pnet: p9_errstr2errno: server reported unknown error �@�0x0000000000000007
[  402.441894][T18880] loop4: detected capacity change from 0 to 512
[  402.469829][T18880] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  402.570605][T18880] EXT4-fs (loop4): 1 truncate cleaned up
[  402.576745][T18880] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  402.728190][T18869] ==================================================================
[  402.736324][T18869] BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping
[  402.744116][T18869] 
[  402.746424][T18869] write to 0xffffea0005a20bd8 of 8 bytes by task 18793 on cpu 0:
[  402.754300][T18869]  __filemap_remove_folio+0x1a5/0x2a0
[  402.759661][T18869]  filemap_remove_folio+0x6d/0x1d0
[  402.764760][T18869]  truncate_inode_folio+0x42/0x50
[  402.769763][T18869]  shmem_undo_range+0x244/0xa80
[  402.774598][T18869]  shmem_evict_inode+0x134/0x520
[  402.779599][T18869]  evict+0x2e0/0x550
[  402.783476][T18869]  iput+0x447/0x5b0
[  402.787270][T18869]  dentry_unlink_inode+0x24f/0x260
[  402.792448][T18869]  __dentry_kill+0x18d/0x4b0
[  402.797024][T18869]  dput+0x5e/0xd0
[  402.800749][T18869]  __fput+0x444/0x650
[  402.804891][T18869]  ____fput+0x1c/0x30
[  402.808860][T18869]  task_work_run+0x12e/0x1a0
[  402.813431][T18869]  do_exit+0x47f/0x1590
[  402.817579][T18869]  do_group_exit+0xff/0x140
[  402.822097][T18869]  get_signal+0xe59/0xf70
[  402.826420][T18869]  arch_do_signal_or_restart+0x96/0x480
[  402.831980][T18869]  exit_to_user_mode_loop+0x7a/0x100
[  402.837271][T18869]  do_syscall_64+0x1d6/0x200
[  402.841938][T18869]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.847983][T18869] 
[  402.850294][T18869] read to 0xffffea0005a20bd8 of 8 bytes by task 18869 on cpu 1:
[  402.857924][T18869]  folio_mapping+0xa1/0x120
[  402.862601][T18869]  move_folios_to_lru+0x128/0x6a0
[  402.867757][T18869]  evict_folios+0x3013/0x33d0
[  402.872419][T18869]  try_to_shrink_lruvec+0x45a/0x7e0
[  402.877609][T18869]  shrink_lruvec+0x22e/0x1b40
[  402.882461][T18869]  shrink_node+0x686/0x2120
[  402.887049][T18869]  do_try_to_free_pages+0x3f6/0xcd0
[  402.892241][T18869]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  402.898116][T18869]  try_charge_memcg+0x358/0x9e0
[  402.902948][T18869]  obj_cgroup_charge_pages+0xa6/0x150
[  402.908311][T18869]  __memcg_kmem_charge_page+0x9f/0x170
[  402.913757][T18869]  __alloc_frozen_pages_noprof+0x188/0x360
[  402.919555][T18869]  alloc_pages_mpol+0xb3/0x250
[  402.924313][T18869]  alloc_pages_noprof+0x90/0x130
[  402.929252][T18869]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  402.935089][T18869]  __kvmalloc_node_noprof+0x30f/0x4e0
[  402.940457][T18869]  ip_set_alloc+0x1f/0x30
[  402.944801][T18869]  hash_netiface_create+0x282/0x740
[  402.949994][T18869]  ip_set_create+0x3cc/0x960
[  402.954577][T18869]  nfnetlink_rcv_msg+0x4c3/0x590
[  402.959494][T18869]  netlink_rcv_skb+0x123/0x220
[  402.964239][T18869]  nfnetlink_rcv+0x16b/0x1690
[  402.968908][T18869]  netlink_unicast+0x59e/0x670
[  402.973662][T18869]  netlink_sendmsg+0x58b/0x6b0
[  402.978414][T18869]  __sock_sendmsg+0x142/0x180
[  402.983078][T18869]  ____sys_sendmsg+0x31e/0x4e0
[  402.987837][T18869]  ___sys_sendmsg+0x17b/0x1d0
[  402.992591][T18869]  __x64_sys_sendmsg+0xd4/0x160
[  402.997421][T18869]  x64_sys_call+0x2999/0x2fb0
[  403.002092][T18869]  do_syscall_64+0xd2/0x200
[  403.006684][T18869]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.012569][T18869] 
[  403.014873][T18869] value changed: 0xffff88811a07dc18 -> 0x0000000000000000
[  403.021958][T18869] 
[  403.024259][T18869] Reported by Kernel Concurrency Sanitizer on:
[  403.030393][T18869] CPU: 1 UID: 0 PID: 18869 Comm: syz.5.4648 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  403.042879][T18869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  403.052930][T18869] ==================================================================
[  403.190847][T14135] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.