last executing test programs:

1m29.561835906s ago: executing program 4 (id=833):
r0 = socket$kcm(0x21, 0x2, 0xa)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000008000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r2}, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe"], 0x98}}, 0x0)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000327bd7000fedbdf251300000008000100706369303a30303a31302e3000000000080003000000000008000b00d009000006001100070000000800010070636900110002"], 0x7c}, 0x1, 0x0, 0x0, 0x4000000}, 0x48050)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r5, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018002580140004004d2906d0880fc8acc30fe2020f9849675000028004000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af0800010000000000080001000000000060001a803f0003"], 0x270}, 0x1, 0x0, 0x0, 0x20008014}, 0x4)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in6={0x21, 0xfffc, 0x2, 0x1c, {0xa, 0x0, 0x4, @dev}}, 0x80, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0xfc00)

1m29.328123015s ago: executing program 4 (id=834):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000300)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @remote}, 0x14)
r2 = syz_open_procfs(0x0, 0x0)
preadv(r2, &(0x7f00000001c0)=[{&(0x7f0000000500)=""/212, 0xd4}], 0x1, 0x33, 0x0)

1m29.319497646s ago: executing program 4 (id=835):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x62040200)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f00000001c0)=[{&(0x7f0000000400)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1)

1m28.014535582s ago: executing program 4 (id=842):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xc40a, &(0x7f0000000300)={[{@noblock_validity}, {@dioread_lock}, {@usrjquota}, {@nojournal_checksum}, {@noquota}, {@usrjquota, 0x2e}, {@grpquota}, {@barrier_val={'barrier', 0x3d, 0x8}}, {@jqfmt_vfsv0}, {@noload}], [], 0x2c}, 0x1, 0x464, &(0x7f0000000a40)="$eJzs28tvG8UfAPDv2nHaXx+/hFIeLQUM5RHxSJq0QA9cikDqBQkJDuUY0rQqdRvUBIlWFQ0cyhH1LwCOSPwFnOgFAScQV7gjpArlQuCAjNZeG9eOU8eJ46T+fKSNZ3ZnvfPd3YlnZ+wABlYx/ZNE7ImIXyJiJCLyzQWK1Zflpaszfy1dnUmiXH7zjyTdLf5cujpTK5pkr7uzzFiuvqrF/OUr56dLpdlLWX5i4cJ7E/OXrzx/7sL02dmzsxenjh8/dnTypRenXtiQOPemdT344dyhAyffvvH6zKkb73z/VVq5Pdn2xjiqRtd9zGIU256AJ9f97lvL3uy17QVnS0rb+lBEFCrtfyTylVzVSLz2cV8rB/RUuVwu72hZW+8BLJaBu1gS/a4B0B+1D/r0+be2bGL3o+9unag+AKVxL2dLdctQ5LIyhYbn241WjIhTi39/li6x4jgEAMDG+ibt/zy3Uv8vF/c3lPt/Njc0GhH3RMS+iLg3IvZHxH0RlbIPRMSDazx+sSnf2v/56X9dBdahWycieTmb27q9/1fr/cVoPsvtrcRfSM6cK80eyc7JWBR2pPnJVY5x89WfP223rbH/ly7p8Wt9wawevw81DdCdnl6YXk/MjW59VBkDvNYaf1KfCUgi4kBEHOzi/XdGxLlnvjzUsqFhoui2+COa4l/FUBcValL+IuLp6vVfjKb4G6u6yvzkxM4ozR6ZqN0VrX748fob7Y5/5+vfW+n137Xi/V+PfzRpnK+dX/sxrv/6Sdtnmm7v/+HkrUp6OFv3wfTCwqXJiOFksXX91H/71vK18mn8Y4dXbv/7Iv75PNvvoYhIb+KHI+KRiHg0q/tjEfF4RBxeJf7vXnni3e7j7600/tNruv5rT+TPf/t1u+N3dv2PVVJj2ZpO/v91WsH1nDsAAADYLnKV78AnufF6OpcbH69+h39/7MqV5uYXnj0z9/7F09Xvyo9GIVcb6RppGA+dzMaGa/mppvzRbCwwlebHZ+ZKvZpTBzqzu037T/2W73ftgJ5b0zyaX3jBXWUD5tGBbUr7h8Gl/cPg0v5hcK3U/q9FLPehKsAm8/kPg0v7h8Gl/cPg0v5hIK3nd/2rJfad7NU7b8fEzYhoVybf1xo+tbvb3SNXOjC8NU7vHROF7G6vr8ltkYpVEjsiotPC12KzKtbnf0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb5N8AAAD//6eJ4CE=")
sendto$inet(0xffffffffffffffff, 0x0, 0xffef, 0x20000000, &(0x7f0000000240)={0x2, 0x4e22, @remote}, 0x10)
acct(0x0)
open(&(0x7f0000000080)='./file0\x00', 0x2000, 0x392)
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
r1 = shmget$private(0x0, 0x13000, 0x1, &(0x7f0000feb000/0x13000)=nil)
shmat(r1, &(0x7f0000ff1000/0x3000)=nil, 0x400c)

1m27.79725973s ago: executing program 4 (id=848):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
get_mempolicy(&(0x7f0000000040), &(0x7f0000000240), 0x8, &(0x7f0000289000/0x4000)=nil, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
unshare(0x62040200)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/mnt\x00')
setns(r4, 0x20000)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
syz_clone(0x11700411, 0x0, 0x0, 0x0, 0x0, 0x0)

1m27.328199348s ago: executing program 4 (id=851):
open(0x0, 0x148640, 0x78e22799f4a46f8e)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}], [], 0x6b}})

1m27.312452779s ago: executing program 32 (id=851):
open(0x0, 0x148640, 0x78e22799f4a46f8e)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}], [], 0x6b}})

2.664151232s ago: executing program 5 (id=1930):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f00000002c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000d0ff00000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000004c08000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
socket$inet6_sctp(0xa, 0x801, 0x84)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x4800)
vmsplice(r3, &(0x7f00000005c0)=[{&(0x7f0000001cc0)="b70cdbd771882612c450d694c9dd7d7f28d237e84e2780ca6428d132e03f188fff6bd9f85ead7e68f90830db9295022700491841f4a15a000aa4e29ac23601041ec521aa0ea8044f23feb74151693f228ba89f0a43385617bc7930f30a52ca91d02c64bd39d3d581abe9089b2284f876f9c58c124aba7a28700efcb0588ff4ab54a62c0c64fd577d85f5f753ec15281cf73fc37442b0a5ca4a1818cb01590d6415b1e9fda6c7d63cd293d7cc7ca5581041a2736e95b9b0322880b5fd7f27c0d4a59df8101b755fd6cc495963381c8a95d5d605b8ef4800b47091c8749f9e8e9fce163e46db0f7c0e4d0d3a621e3c999453e95aaa56090f220b220c50b31b9d6af722477ab1cda6d561156d85c658a3cd42d777314d154bf31bb61918ac7de8bfad7a5825be505af82806130e8dd03816b86086cc3361bf3a2a0cf6c18b7c84503477660ef5a0bf92d8169c43df1d7bb140652c799a4ac292b94fcea7f0c74413791879104e2bc9b414eda6c74f3625299f67d03e3ef58eeae5ca5fb029005ffa0fe23fb541bc24a57e9c6d8169702998273789ee8c9f08132ab9f76c02a6696c3ad68bf7a772d8be6b1840cfad2184edcf10bd5620f51657239e8eb49b8e77c1483dcc3dc04aeb6cae2922af4be346d52f2983dd5330cbef40b3207432ea6d2a6d2ffb0c3440c78add8395da089aa80e21d8692b16582edea583b73266fd1ab37abc02aa89310ed72a827153f1cbba0f76147a09977724706fdcd68ac168ceb433eba816f55bb5069924c0a6c59b1116e27de7938b835c467dbd9be1843913748e5a2e6f6621bf4944045d82b5124d23fa1d87e780b54a6955a51e47fbf36432be1b3d9d01c05d86e390e497850600000000000000cef62edce520860667c5259478602febbc5e87f216a6f1452b285f44282333569cbd2f49613730b86a74485e49e1979690ee2c11e1fb49d642c9f515d9e0cf30fe8995379b0b4b2177b2541a34cef72af676c2402b3ab03993047186d45016f83a735b7babda7b3e408f9a7b5c36e7daaaad51e437060c8a5a07646a31a43ebdda0b12a3f64f963315febebf0ad610f2ec9500717c4f33d8bf0e5b55ed2a976339643658df80f07bb29f5fac6f25957ef64ef1bac93f0ea64bfea48b38a4985ff610259762996044543bdf2c", 0x341}], 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fcntl$setpipe(r3, 0x407, 0x6)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000100)={@loopback, @multicast1, <r4=>0x0}, &(0x7f0000000140)=0xc)
r5 = socket$kcm(0x2a, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000180))
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x18, 0x7, &(0x7f0000000240)=ANY=[@ANYRES8=r5, @ANYBLOB="4ee7247d5b142e1e037481d341e97afcfe8e1ea906fd9e10947664fca6a122d64dae83634b402f3d1f1ed8f78f087ac6b10891f7b138a56cde0a8ab35325e03e353973b5fa5dc9ed7cff3e4c7426d8e69da7f0bb23a82796e4a5c799b0877f313ae3ef187e98", @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', r4, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='mm_page_free\x00', r6, 0x0, 0x3}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
munlockall()
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
execveat$binfmt(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x1000)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xe, 0x7, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000009049502a94c814375de04e14c07001ef1c389c62481924b38510307c4b05329"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r8}, 0x10)

2.587511088s ago: executing program 5 (id=1932):
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
socket$inet6(0xa, 0x2, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_COALESCE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000), 0xc, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000003b40)=[{{&(0x7f0000000240)=@sco={0x1f, @fixed}, 0x80, 0x0}, 0xfffffffd}], 0x1, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r2, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e2b, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7ff}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x800008d, 0x0)
r3 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r3, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r3, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
socket(0x15, 0x5, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0)

2.56325872s ago: executing program 5 (id=1933):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0f00000004000000040000000200000000000000", @ANYRES32, @ANYBLOB="0012000000030000000000000000000000000000191e1908ce93781f840bd94477d2b26aad0da85e98eb415d5975c47f973a4784676d3eb528c1bc370b49919208a6c06e3a93b42081c9b4246a75a6d416f435c10a83", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4)
futex(&(0x7f000000cffc)=0x1, 0x6, 0xffffffff, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x6, 0xf0, 0x0, 0x0, 0x0)
timer_create(0x7, &(0x7f0000000680)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000100))
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000340)={0x0, 0xcc}, 0x8)
syz_mount_image$iso9660(&(0x7f0000000b00), &(0x7f0000000280)='./file0\x00', 0x85002, &(0x7f00000001c0)=ANY=[@ANYRESHEX=r0], 0x1, 0xa2f, &(0x7f0000001580)="$eJzs3ctvXNd9B/DvHfEl2lBlW3VVwbZGMmTTNkuRVC1B8KKWyKFEl4+WpAALbWEZllQIIurCbgHb6EIFiq5q1CiKAk02gZdZGXAW8SbQLlkFWWURIPF/EBhZKQGCCebOUOJjZihSFKnIn89gNPfxO+f87tw792iGM/eEP2b1er28b3P+0vd3M1kePecnv/78i08b93+/lb7sy+vFD5OBJNWk5/flsdI7MbkwP7tJRTeTK0luJ0WS/jQfO9i/Zu5Kiv/Ok/fmb6f4bg63KTawxY1jU3W+1fb6+AMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfSxOTo6FiRmem5S29XOyuHAO+yfqW6r8pRv4uvVjfR16bZIika9wwMrAz1ffjQvdXPNv45nueac881R/4eyCdPPHvwjWd6KivluyS0Kz78+JOb7y4vX/vg3qLeTQv1P9yctqVve8Uu1OamF+enZ89dqFWnF+erZ0+fHj15cWqxOjWd2uLlxaXabHVioXZuaX6hOjTxSnXs7NlT1drI5flLcxcmR2ZqKwvP/MX46Ojp6lsjf1M7t7A4P3fyrZHFiYvTMzPTcxfKmMbqRsyZxoH419NL1aXaudlq9fqN5WunNkuyETTWdk1R3ZdVQeOb1TQ+Oj4+NjY+Pnb69bOvnxkd7dmwYHSdbIjY+4OWvfODh3IOh22qtPr/zGQ6c7mUt1Nte5vIZBYyn9kO61tW+v8TJ2td213d/6/08ofvrT6Ssv9/oTn3Qqf+v0Mum9/q9WbN2y2/cvswH+eT3My7Wc5yruWDB66xP+sy++2D1ti6VR98azfeLqSWuUxnMfOZzmzOlUuqrSXVnM3pnM5o3snFTGUx1UxlOjOpZTGXs5il1MojaiILqeVcljKfhVQzlIm8kmrGcjZncyrV1DKSy5nPpczlQiZzrqzlem6Uz/upLjneDRq7n6DxLkE73P/XH8X/CfKw7ej5Gx5EvdX/t3uP3gyor0wNTexaVgAAAMBO+vOf5MChp3/8y6Q3z5efy09Nz9RG9zotAAAAYAeVX9d7rvHQ25h6PoX3/wAAAPC4Kcrf2BVJBnO0OdX8JdS++BAAAAAAHhPl3/9faDwMNqaOprh7JZQre50bAAAAsDPuXmM/na6xu+lV+Ivhlcv/Vq82H6+2IlrX+R2cmp6pjUzMz7wxlpfKqwyUvzTYUNu+pOgtf37wao41o44NNh8H19Y40IgaG3ljLK/meGtDhl5sPLw41CZyvBn5cjPy5S6RpxqRAPC4O96lP77f/v/VDDcjho/09CXpOdKmZx3VswLAo2LzMXY2jSj+8t77/95WtWv6/6dz/WjzKwUjeS/vZzlXM1z+2qD8xsGaWv/+s9ZnBne/hjCa4U0+DViJ/dmZSoY7fB7Ql/X1jmd4k08EmrH5h+TUw98RALCLjnfoh7fS/w+vev+fje//7w4tdM1PCgHgkXB3BPuHOLHX2wgArKWXBgAAAAAAAAAAAAAAAAAAAAAAAAAAgJ23o1f7H9hm8V+1xvV7uMMQbJjY33oOtl/P/yTZvZyLRlv9O1dhZQfqqSfZrf21exM5mGz7WW17GPcl2fvt2srEXp6VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2C1Fsq/d8krSn2Q0ycndz2r7isYWdXFr1zLZbT/92w4r/mr1THEnd/JRDuxOTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3x6t6/9X0nx8orkoPZXkRJIrSf5ur3PcSXf2OoEdsn+b5VZd/7+xz1Mv0tPc7Sl6JyYX5mfL8RP6G+u//vyLTxv3VcX777edMrCybnCJVgvrY7/35MrUU2WpwclrH978l/f/uTp5PpX05fzS1Mzk7IWFN+8Vebb4MqmmeV+xku+/nfjRZ222/MvGlra3vt2p8smZ3Njun7Ur3b3dbm4sXxtvtLRUe3vpX//pxkerVj2dY8mLQ8nQ2pb+sXHv0NKx9HZrrfim+M/iQP4vV8r933g2inrR2EV/Um7//us3lq+NvPf+8tUOOR3M0SRXk4H7z+lo5wE5yqOu0ttodbQMavxzqF193cf0aFvjWIdteKo8ZAZb29B3X9tQ3SSBVc97pd36ZkanOmT0TF5qs6fr/UnnjF7qvqfbK74pflFczM/zH6vG/6g09v+JdH51rq2ijFx1pHSMrDQjyy0fX73infWRv/7/+8q+7TA1bNV/rXnxVlad/1v7aofOR/Wi6/loVYtbe12sa3HdUdHldVH2SIfWlWidfTqVaeV5qBnVIc8/zWtJz5FuZ8UNvfVrm53SVsq/2X71dl//3ymG8pvcMv4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw6CuSfe2WV5ITSQ6uzFeT+haq7e+0ojJYbDXFHXXr7j+PhcpWCxR3cicf5cDDSQcAAAAAAACA3XZ+8uvPv/i0cS//Hr/vTr3e+vt+NelJcrD43/2ZXJif3aSi3uRKktuN6YFOQb+rN61d2iiXJ+/N327MHW5bwcH73S4AoLM/BAAA///r9m7p")
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="0000230c1100"})
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="25390000290003"], 0x33fe0)

2.239642816s ago: executing program 2 (id=1937):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x7, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone3(&(0x7f0000000280)={0x2024800, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000400), {0x6}, &(0x7f0000000100)=""/228, 0xe4, &(0x7f0000000200)=""/6, &(0x7f0000000240)}, 0x58)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000340))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x8, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r2, &(0x7f0000008680)=[{{&(0x7f0000001b00)={0xa, 0x4e21, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x8001}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=[@pktinfo={{0x24, 0x29, 0x32, {@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}], 0x28}}], 0x1, 0x24008000)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$inet(0xa, 0x801, 0x84)
listen(r4, 0x8)
r5 = accept4(r4, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x3}, 0x8)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d6"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24040800}, 0x8d0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000006800e97800000000000000000a0000000000000008000500", @ANYRES8=r7], 0x20}}, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0x1, 0x1, 0x0, {0x0, 0x0, 0x0, 0x0, 0x420}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

2.088618749s ago: executing program 2 (id=1939):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000"], 0x6c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)

2.07833059s ago: executing program 3 (id=1940):
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
socket$inet6(0xa, 0x2, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_COALESCE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000), 0xc, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000003b40)=[{{&(0x7f0000000240)=@sco={0x1f, @fixed}, 0x80, 0x0}, 0xfffffffd}], 0x1, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r2, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e2b, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7ff}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x800008d, 0x0)
r3 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r3, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r3, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
r4 = socket(0x15, 0x5, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0)
sendto$inet(r3, 0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt(r4, 0x200000000114, 0x2715, &(0x7f0000000580)=""/102393, &(0x7f0000000000)=0x18ff9)

2.013205925s ago: executing program 2 (id=1941):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x104, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfc, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
pipe(&(0x7f0000000500)={<r2=>0xffffffffffffffff})
io_setup(0x2, &(0x7f0000002400))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x80, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0xfffffffffffffffd}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
lsm_set_self_attr(0x69, 0x0, 0x42, 0x0)
fcntl$setpipe(r2, 0x407, 0x401)
ptrace$setregs(0xd, r1, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
modify_ldt$write(0x1, &(0x7f0000000040)={0x806, 0x100000}, 0x10)

2.012500835s ago: executing program 3 (id=1942):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x20803, 0x0)
ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304)
gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f0000b28000)=0x20003)
pause()
fcntl$setsig(r1, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r2}], 0x2c, 0xffffffffffbffff8)
futex(&(0x7f00000006c0)=0x2, 0x0, 0x2, &(0x7f0000000140)={0x77359400}, 0x0, 0x80000002)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
r3 = gettid()
rt_sigaction(0x16, &(0x7f0000000080)={0x0, 0x90000003, 0x0}, 0x0, 0x8, &(0x7f0000000200))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000800)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021bc0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000900003808c000080080003400000000280000b807c000180090001006c617374000000006c000280080001400000000508000140000000090c0002"], 0x140}}, 0x0)
tkill(r3, 0x16)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', 0xffffffffffffffff, 0x0, 0x8000000000000}, 0x18)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000002c0)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000380)=[0x0], 0x0, 0x84, &(0x7f00000004c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f0000000540), &(0x7f0000000580), 0x8, 0xe3, 0x8, 0x8, &(0x7f0000000c40)}}, 0x10)

1.870569706s ago: executing program 1 (id=1943):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f00000002c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000d0ff00000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000004c08000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
socket$inet6_sctp(0xa, 0x801, 0x84)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x4800)
vmsplice(r3, &(0x7f00000005c0)=[{&(0x7f0000001cc0)="b70cdbd771882612c450d694c9dd7d7f28d237e84e2780ca6428d132e03f188fff6bd9f85ead7e68f90830db9295022700491841f4a15a000aa4e29ac23601041ec521aa0ea8044f23feb74151693f228ba89f0a43385617bc7930f30a52ca91d02c64bd39d3d581abe9089b2284f876f9c58c124aba7a28700efcb0588ff4ab54a62c0c64fd577d85f5f753ec15281cf73fc37442b0a5ca4a1818cb01590d6415b1e9fda6c7d63cd293d7cc7ca5581041a2736e95b9b0322880b5fd7f27c0d4a59df8101b755fd6cc495963381c8a95d5d605b8ef4800b47091c8749f9e8e9fce163e46db0f7c0e4d0d3a621e3c999453e95aaa56090f220b220c50b31b9d6af722477ab1cda6d561156d85c658a3cd42d777314d154bf31bb61918ac7de8bfad7a5825be505af82806130e8dd03816b86086cc3361bf3a2a0cf6c18b7c84503477660ef5a0bf92d8169c43df1d7bb140652c799a4ac292b94fcea7f0c74413791879104e2bc9b414eda6c74f3625299f67d03e3ef58eeae5ca5fb029005ffa0fe23fb541bc24a57e9c6d8169702998273789ee8c9f08132ab9f76c02a6696c3ad68bf7a772d8be6b1840cfad2184edcf10bd5620f51657239e8eb49b8e77c1483dcc3dc04aeb6cae2922af4be346d52f2983dd5330cbef40b3207432ea6d2a6d2ffb0c3440c78add8395da089aa80e21d8692b16582edea583b73266fd1ab37abc02aa89310ed72a827153f1cbba0f76147a09977724706fdcd68ac168ceb433eba816f55bb5069924c0a6c59b1116e27de7938b835c467dbd9be1843913748e5a2e6f6621bf4944045d82b5124d23fa1d87e780b54a6955a51e47fbf36432be1b3d9d01c05d86e390e497850600000000000000cef62edce520860667c5259478602febbc5e87f216a6f1452b285f44282333569cbd2f49613730b86a74485e49e1979690ee2c11e1fb49d642c9f515d9e0cf30fe8995379b0b4b2177b2541a34cef72af676c2402b3ab03993047186d45016f83a735b7babda7b3e408f9a7b5c36e7daaaad51e437060c8a5a07646a31a43ebdda0b12a3f64f963315febebf0ad610f2ec9500717c4f33d8bf0e5b55ed2a976339643658df80f07bb29f5fac6f25957ef64ef1bac93f0ea64bfea48b38a4985ff610259762996044543bdf2c", 0x341}], 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fcntl$setpipe(r3, 0x407, 0x6)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000100)={@loopback, @multicast1, <r4=>0x0}, &(0x7f0000000140)=0xc)
r5 = socket$kcm(0x2a, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000180))
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x18, 0x7, &(0x7f0000000240)=ANY=[@ANYRES8=r5, @ANYBLOB="4ee7247d5b142e1e037481d341e97afcfe8e1ea906fd9e10947664fca6a122d64dae83634b402f3d1f1ed8f78f087ac6b10891f7b138a56cde0a8ab35325e03e353973b5fa5dc9ed7cff3e4c7426d8e69da7f0bb23a82796e4a5c799b0877f313ae3ef187e98", @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', r4, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='mm_page_free\x00', r6, 0x0, 0x3}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
munlockall()
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
execveat$binfmt(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x1000)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xe, 0x7, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000009049502a94c814375de04e14c07001ef1c389c62481924b38510307c4b05329"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r8}, 0x10)

1.864433527s ago: executing program 1 (id=1944):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0)

1.846934798s ago: executing program 1 (id=1945):
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f00000003c0)=0x5)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ba}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r1, 0x0, 0x3}, 0x18)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000900)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000100), 0xfffffd9d)
sendfile(r2, r4, 0x0, 0x8000002b)

1.541139834s ago: executing program 5 (id=1948):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB], 0xec}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)

1.502997777s ago: executing program 5 (id=1951):
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x50)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x387131d88c629875, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000011c0)="93bffce623851797a8dc79018d7716840ffc6906bb2b0eb2fe32d2f0048678cd35ef833c350900f95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb6000000000000", 0x87}, {&(0x7f0000000400)="029993440c7a1d95d3bb8cf353fd63c588ffa39f0ff0fced20927ea4b2a247d082247558bef6b2b2cd6a0dffece1b36526e9388c344fb7ac429e434ccb0330483c0604aaf296d8218e240055cb92f17b1b47fd7b1b178ca0d1c470154ed985a179f87c9bc40206c86df9abc5", 0x6c}, {&(0x7f00000002c0)="ec75d081fcb7e79634ec1a1abfdebb6a38b0c57cc77b83d2eea81aad8f73b36abc2019cb08fcaaec9647a07d0a0965f0f1e39afd84e7e2523aaded5e09aa1e36fcc90c269ad6d38d57619127cee4253655c33b71054226c3b00b9ee6ae29f0b07bc6fe7981126ca804c1f64e6c19ba36b2778c5f4a1c58625fe19516af43c9870c5b8191e23778abe7df2280d459b1651686a53ca52dce9570444c153f9c2903ae4c868074e89477bf6ed2ab648b0498ac8c0f90844ed9a26675199d5ff9b391c1dec077b5099cf9aecd1a9d94e2", 0xce}, {&(0x7f0000000180)="0c1928a7397d5f2e855cb2b0b1e61d3fe47dc3e798cf47cfdbf169e77257f308b400000000227094d569a4456954e58ea1850000000000000000355c5f42d9f2aa5f1ba0a5c6553eff16", 0x4a}, {&(0x7f0000000b80)="b97edc68d716252c8449bee174f6e06d864889b733fe11a2cd1b83edf4ee89f557882a6e115f6f313802bf3c797417d7b969c918598823448ed396000e44f8cc6a7a99db9bc97830b2df7971360f878a6cb35677", 0x54}], 0x5}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000700)="acc841985992b79554acfc02163bb0fb2bb293e68c02bb40b6b870bde5700d3687", 0x21}, {&(0x7f0000000a00)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e437323385b88c368f8bb5b933aa9169f5f7b51dd5319b8016623d1863d70581691a79a6678db1e5e7fa1c98c5b9e4a87272e9c4a1bd98dbb2ab76919ba5c1020e80bd0659e82d861dc6fe4c62639134c504aa438689d2", 0xc6}, {&(0x7f0000000740)="5be3b011e12323e4ab88c0472f0700000000000000e71ba6231f303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b39297bbbc2580600000000000000d6e36e737691a1c6bd2a64b2a85cbaaf646e72f8fe08c33a33b275787892f61fbb621794716f96031931b55af30fa01d72aa5a53ee4c07ab7c96a4a9ed93f4d20269982ab6feb22d8e77afb7b861622ab963b07f0026fd6424082bcd0864a8", 0xbf}], 0x3}}], 0x2, 0xc0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000500)="1713d522c8a27c24f724681aa099852c4bfae5a0bbdc0000000000060000171cca8728132db611681bb875ce88d2f192d5d5e70a6447cf2c8bbd6ca61a1888ccee8a9a05c07cdab36ab953eb5d4845932c986f64a81670953211a9eaac624dc2f8919eeb54509dda1178200df6e200753c5a45b3e91fa008023415b8166212548c4908d316dc7b2e9e648a23d59a31c6eace3e3dd8fa17a6ab43c50461c106997ff141b74f305966cb3a8ed77554c49ddb566b19891850", 0xb7, 0x14008095, 0x0, 0x0)

1.476442989s ago: executing program 2 (id=1952):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000"], 0x6c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)

1.45681132s ago: executing program 0 (id=1953):
syz_usb_connect(0x6, 0x1fc, &(0x7f0000000780)=ANY=[@ANYBLOB="12015002b8005108101407a0683e010203010902ea01030e00300309040309027f54cc00090502040004040403800109661bede31b6d40ffd5a6457d3483a7c64a2cf09c6b30e3afe9caf13ed9a2924ed053d2b4b24aedb4035d4212c8a5f7df3b67916187c245f81035efe9b53a8d79988d4b00a8aa5926f8b9103fd0e543cebd14ca5d0825146c7ff12ef0b8fe612538542d6f5c9fdc7894374795b8ccb6bdb303b42aa86746d3370ad7a31c090504104000050209072501830200040725018101070009045b060c317135060905051008000600d30725018002000009050610200080ff0407250101060200090500100004090401090504104000ab0005090505022000060d0d48007672bf7524ef90e0a086de3562bf356642bc0201de8fa807c3b757b1c182c0f4c59af7c59293e1bc41956912be0eafd96bdf03aa6117bc3e50fbee59a6e5dfc7206516e091fce94c0c778a134b5368d1af31d240535b0725018002010009050b08000401a9050725010332f60b0725010206ac15090502140000c7070e0905010400020805800905051000020802ae07250103fbff0009050010400008000309050c040002030d07410f8c1ea652c620acd24cbf2bfeb921dfc3f2c147f7c05a53e4f7db6742a64c76fe8d2f319387c80165b1ad6b9054e93ae7385d785e1c040f2c4e5c2388ef87910905090020000108"], 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
openat2(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x4}, 0x18)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r1=>0x0})
r2 = socket(0x10, 0x3, 0x9)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
lsm_get_self_attr(0x66, &(0x7f0000000380)={0x0, 0x0, 0x65, 0x45, ""/69}, &(0x7f00000000c0)=0x65, 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="00000000000000001c001a800800028008000200080000003e127a510800020010"], 0x44}}, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0xab, &(0x7f0000000200)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x99, 0x2, 0x1, 0x7, 0x80, 0x80, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x8, 0x24, 0x6, 0x0, 0x1, "53cc6a"}, {0x5, 0x24, 0x0, 0xd}, {0xd, 0x24, 0xf, 0x1, 0xfc6, 0x1, 0xfff9, 0x4}, {0x6, 0x24, 0x1a, 0x5}, [@country_functional={0xe, 0x24, 0x7, 0x7, 0x207, [0x8, 0x7fff, 0x9, 0xcb]}, @country_functional={0x12, 0x24, 0x7, 0xff, 0x0, [0x7, 0x3, 0x995d, 0x8001, 0x7, 0x159b]}, @mbim_extended={0x8, 0x24, 0x1c, 0x7, 0x1, 0x7}, @acm={0x4, 0x24, 0x2, 0x7}, @dmm={0x7, 0x24, 0x14, 0x2, 0xd}, @network_terminal={0x7, 0x24, 0xa, 0x9, 0x5, 0x2d, 0x3}]}, {{0x9, 0x5, 0x81, 0x3, 0x10, 0xf7, 0x8}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x20, 0x1, 0x7, 0x2}}, {{0x9, 0x5, 0x3, 0x2, 0x0, 0x8, 0xff, 0x9}}}}}}}]}}, &(0x7f0000000140)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x250, 0x1, 0xc7, 0x6, 0x8, 0xcd}, 0xd9, &(0x7f0000000380)={0x5, 0xf, 0xd9, 0x6, [@ext_cap={0x7, 0x10, 0x2, 0x12, 0x5, 0x8, 0x8000}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x8, 0x2, 0x80, 0xfffd}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x0, 0x5, 0x7, 0x2}, @generic={0xa7, 0x10, 0x3, "46399951c72a42fd1e793f2e458677bb698eafdd82f428300b0a02fb54d71acb26d8cfcab0b4d7aed3361b9955841ccdfd53bdecdf668e2589d0aec8446a9220ac73cb6c3fd0eaa8c541c93ec720a47a1c988e15d3df46a5dd7a9744d729994e046e31ac72e04486c93022e81845908070bc2810d36c93c4ba4fd488bd12e733def8ede92e93f9ae93c768a38d8bdbf03b02cfda5bebcb684cb21f5ef03ee2f6c3721c71"}, @wireless={0xb, 0x10, 0x1, 0x4, 0xa0, 0xd, 0x9, 0x401, 0x8}, @ext_cap={0x7, 0x10, 0x2, 0x18, 0x2, 0x7, 0x4}]}, 0x1, [{0x42, &(0x7f00000002c0)=@string={0x42, 0x3, "fa9377d1edddc912161bdddb0fe6af297327bb01ea991127395d87fe0b0f18e03d58fc3a003a46f9eca9f81d6b339428c2ca15cb595404c30d89f2667229c929"}}]})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[], 0xa0}}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f0000000000), 0x4000000000001f2, 0xfff0)

1.403730975s ago: executing program 2 (id=1954):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
get_mempolicy(0x0, &(0x7f0000000240), 0x8, &(0x7f0000289000/0x4000)=nil, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
unshare(0x62040200)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/mnt\x00')
setns(r5, 0x20000)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
syz_clone(0x11700411, 0x0, 0x0, 0x0, 0x0, 0x0)

1.402978795s ago: executing program 1 (id=1955):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f00000002c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000d0ff00000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000004c08000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
socket$inet6_sctp(0xa, 0x801, 0x84)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x4800)
vmsplice(r3, &(0x7f00000005c0)=[{&(0x7f0000001cc0)="b70cdbd771882612c450d694c9dd7d7f28d237e84e2780ca6428d132e03f188fff6bd9f85ead7e68f90830db9295022700491841f4a15a000aa4e29ac23601041ec521aa0ea8044f23feb74151693f228ba89f0a43385617bc7930f30a52ca91d02c64bd39d3d581abe9089b2284f876f9c58c124aba7a28700efcb0588ff4ab54a62c0c64fd577d85f5f753ec15281cf73fc37442b0a5ca4a1818cb01590d6415b1e9fda6c7d63cd293d7cc7ca5581041a2736e95b9b0322880b5fd7f27c0d4a59df8101b755fd6cc495963381c8a95d5d605b8ef4800b47091c8749f9e8e9fce163e46db0f7c0e4d0d3a621e3c999453e95aaa56090f220b220c50b31b9d6af722477ab1cda6d561156d85c658a3cd42d777314d154bf31bb61918ac7de8bfad7a5825be505af82806130e8dd03816b86086cc3361bf3a2a0cf6c18b7c84503477660ef5a0bf92d8169c43df1d7bb140652c799a4ac292b94fcea7f0c74413791879104e2bc9b414eda6c74f3625299f67d03e3ef58eeae5ca5fb029005ffa0fe23fb541bc24a57e9c6d8169702998273789ee8c9f08132ab9f76c02a6696c3ad68bf7a772d8be6b1840cfad2184edcf10bd5620f51657239e8eb49b8e77c1483dcc3dc04aeb6cae2922af4be346d52f2983dd5330cbef40b3207432ea6d2a6d2ffb0c3440c78add8395da089aa80e21d8692b16582edea583b73266fd1ab37abc02aa89310ed72a827153f1cbba0f76147a09977724706fdcd68ac168ceb433eba816f55bb5069924c0a6c59b1116e27de7938b835c467dbd9be1843913748e5a2e6f6621bf4944045d82b5124d23fa1d87e780b54a6955a51e47fbf36432be1b3d9d01c05d86e390e497850600000000000000cef62edce520860667c5259478602febbc5e87f216a6f1452b285f44282333569cbd2f49613730b86a74485e49e1979690ee2c11e1fb49d642c9f515d9e0cf30fe8995379b0b4b2177b2541a34cef72af676c2402b3ab03993047186d45016f83a735b7babda7b3e408f9a7b5c36e7daaaad51e437060c8a5a07646a31a43ebdda0b12a3f64f963315febebf0ad610f2ec9500717c4f33d8bf0e5b55ed2a976339643658df80f07bb29f5fac6f25957ef64ef1bac93f0ea64bfea48b38a4985ff610259762996044543bdf2c", 0x341}], 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fcntl$setpipe(r3, 0x407, 0x6)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000100)={@loopback, @multicast1, <r4=>0x0}, &(0x7f0000000140)=0xc)
r5 = socket$kcm(0x2a, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000180))
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x18, 0x7, &(0x7f0000000240)=ANY=[@ANYRES8=r5, @ANYBLOB="4ee7247d5b142e1e037481d341e97afcfe8e1ea906fd9e10947664fca6a122d64dae83634b402f3d1f1ed8f78f087ac6b10891f7b138a56cde0a8ab35325e03e353973b5fa5dc9ed7cff3e4c7426d8e69da7f0bb23a82796e4a5c799b0877f313ae3ef187e98", @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', r4, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='mm_page_free\x00', r6, 0x0, 0x3}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
munlockall()
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
execveat$binfmt(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x1000)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xe, 0x7, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000009049502a94c814375de04e14c07001ef1c389c62481924b38510307c4b05329"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r8}, 0x10)

1.328106021s ago: executing program 1 (id=1956):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r1, &(0x7f00000009c0)="3bf58d7d45d32cfe1da7c797b82f16713d1cb80b3fa1bda74e3977b40e7af46b4c60", 0x22)
ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(r1, 0x80083314, &(0x7f0000000200))
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)

986.811319ms ago: executing program 3 (id=1957):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x20803, 0x0)
ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304)
gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f0000b28000)=0x20003)
pause()
fcntl$setsig(r1, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r2}], 0x2c, 0xffffffffffbffff8)
futex(&(0x7f00000006c0)=0x2, 0x0, 0x2, &(0x7f0000000140)={0x77359400}, 0x0, 0x80000002)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
r3 = gettid()
rt_sigaction(0x16, &(0x7f0000000080)={0x0, 0x90000003, 0x0}, 0x0, 0x8, &(0x7f0000000200))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000800)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021bc0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000900003808c000080080003400000000280000b807c000180090001006c617374000000006c000280080001400000000508000140000000090c0002"], 0x140}}, 0x0)
tkill(r3, 0x16)
sched_rr_get_interval(r3, &(0x7f0000000440))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000002c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r5, 0x0, 0x8000000000000}, 0x18)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000002c0)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000380)=[0x0], 0x0, 0x84, &(0x7f00000004c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f0000000540), &(0x7f0000000580), 0x8, 0xe3, 0x8, 0x8, &(0x7f0000000c40)}}, 0x10)

879.728528ms ago: executing program 0 (id=1958):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
getpgrp(0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000018c0)=ANY=[@ANYBLOB="a6cc90c956f434959d21231ac0358966280bce10fc3aa508fd87b813f21212b891e4de86b8fce4ee1fa6e3578a3d4af43a3c4ac2ec0cd5cb617d39dd575e38a39f4e7c8ed65892b07cfdabe20efeb99b97e9a690d5af0962eb9d0e70051867e0a426c3ec3fca678a0732d2aacea9d30cf1bea6c771d5a38cffc306c87b3da4b0619720399197e46a54e1c5a1019fd74ec2e9dbbdb2f16ca068db7ce73b464aa49f994788fe5c825b5ed8d9ee9599fa02473b165cd23b8c3c5fcb02a010665216e79cf39fef2bfb4ad71bbcb0b5a0afc9263dd6a3aa39d0d926aa77d8a7ecab45ee966b36e41e"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
waitid(0x0, 0x0, 0x0, 0x2100000a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000380)={'bond0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mq={0xfffffffffffffdb2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xfff1, 0xffed}, {0xb, 0xf}, {0xd, 0xb}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}]}, 0x34}, 0x1, 0x0, 0x0, 0x8021}, 0x4008000)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1e, 0xe, &(0x7f0000002300)=ANY=[@ANYBLOB="b702000000001700bfa300000000000007030000f0ffffff720af4ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da487130d5f24bf901115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4b9535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024a0041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4fdc4b4861004eefbc17f54f82a804d4a69bf9bc5fa77ee2922bd165a5a68488e010030166565a097b103b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f940b6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c2d7f22b0d22772c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d366501753a7ac7fedb8d34f5bc381604fcd46105c457e7dd13cab6692422a47e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670100be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c160119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d300e4d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000001c800000000000000000000000928ee53595a779d243a48cea769470424d28804c024ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d74bf0a305790c9d644735efbf3411718d6ee7aebf9ef40662d7836d252c566f5ee934c679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c031578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6155e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bcdb7c89739f5d81e750d50517a59a3ad09e8802e8f4f535447cc0facd5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5b473332f2011e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd116bce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755367fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf00000048d2570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749e1338636555009edf66be445d6975d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab0043ebf7c79a953e023f74afad591821610b857e8717764b633b21cb32f09f4db033e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c1960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000000000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd5c17d5486b0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dff7aa46e820a74f9530bdcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fdca4e9eda0072f6df342f3e7071e28ef6806bc8e139c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7194d1eb3de6a5f99f301f89c2ee627e949cdd22000026a9960503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640000cd9e7f2e236ef5f1e3a94b108eb9750b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a2050000c375c705c798e0e208e4a5259d0bda526b462af45a6e9a84aebe025c8a7f65819f397574db7ab01bd2b3e3cd28c5aec50f8edfe39a00bafd688a7eea04efdeed96f67012bc3f795edb68b5dec80ad31a858eb756c815e7695d00000000000000000000000000000000000000000000000000007ccf0ce549d97510f7f8765408bb702f0000006d4754d98b7064cf31a681421994e1f307f0ab4ff2e33d3c88fea5d218a276b77adfee7c8fb145783ee1f8cf632c2604eab3a62a28611da1cae5ce60003111ce5c96a1d6e45ee144ffa3dcca32a33f8f0ce2995b7b7aa0bce228cbf37412e1bdebae06edb51a134301b4627d4927287daf9dcae6720334862f3a18094f1edd9e3503379815dcfbbc8141f6e1bbb0901ae91357677fd9d2bb00d4f17fb441c2dfa2b424bf46ae299d68ac27792cdac2f09e99f4ab5546ba1e5ad6a329f24e73a9c38eec34bd4dcc1609f6150e2de72f6599a2310c3841f4bb7f39cabc82c9fdfff5587ed4fa84090635fa3445c4cc54478b2f98320944ac7cb1c4e414556f7b0b763a00a84327cec7e11b3470f0384b27bbfdd8b2472497e7fe8c5df7e0a00641872472efa21c9ad3979e642dcc85c17ca8e084aa9689b83426e2fdaa01f500000000000000000000f9fd84fa991466ff749afe900d02281b2bb60d458340c4f68ec34835760ceca945bf181a000000c000000000b4a76515564ae189de7c1765f0ff68a0388ca8dd2aa831d0e01f0d7ce74401a58cef60e63e97a50c18de54121ce66380224ab7b9c0d4710f2347bad2c9b3e41cc738c1092728687f33e5cdb077223dc82c2137b4e3ba6791a2cd764e654f904c9505b7c5e3b2897072e747534952dcda50cde3e4deb6ebf85a04c3e415112b01eed6515c845a8a20519cd21787d560e9d8283fa8ff0c17b63ba06577c26678ff45420a1f85df47dbfc44e534f71aae5693fb5df61c5096219091ce0cd8e1e2e79bf9d37779e52007c66a00e6ded1499ed3892ed1544d1577906b52e16c734d4aec07dd15faa768c97298be87dd34ce704ffe3da8b46708cf972de4f31c0705ac933db80bdcfcb35c0d4620d4ec270ff7c9ce1b78994dd2b28b9d1c5c469d4c1a61781dce2f1b54d6138bd3f7df9e9ca613bec407c1b8d1bd0c7cb9d76eebf2f17c"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @sk_lookup=0x24, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040)={0x0, 0x2}, 0x10}, 0x94)
r6 = syz_open_dev$vcsa(&(0x7f00000003c0), 0x0, 0x541680)
write$cgroup_subtree(r6, &(0x7f0000000180)=ANY=[@ANYBLOB="2d726c696d69742013637075616363b43ce0ebc204b474202b6370757163637420"], 0x1a)
poll(&(0x7f00000000c0)=[{r6, 0x600}], 0x1, 0x74)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
lsm_list_modules(0x0, &(0x7f0000000140), 0x0)

608.15166ms ago: executing program 5 (id=1959):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0f00000004000000040000000200000000000000", @ANYRES32, @ANYBLOB="0012000000030000000000000000000000000000191e1908ce93781f840bd94477d2b26aad0da85e98eb415d5975c47f973a4784676d3eb528c1bc370b49919208a6c06e3a93b42081c9b4246a75a6d416f435c10a83", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4)
futex(&(0x7f000000cffc)=0x1, 0x6, 0xffffffff, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x6, 0xf0, 0x0, 0x0, 0x0)
timer_create(0x7, &(0x7f0000000680)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000100))
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000340)={0x0, 0xcc}, 0x8)
syz_mount_image$iso9660(&(0x7f0000000b00), &(0x7f0000000280)='./file0\x00', 0x85002, &(0x7f00000001c0)=ANY=[@ANYRESHEX=r0], 0x1, 0xa2f, &(0x7f0000001580)="$eJzs3ctvXNd9B/DvHfEl2lBlW3VVwbZGMmTTNkuRVC1B8KKWyKFEl4+WpAALbWEZllQIIurCbgHb6EIFiq5q1CiKAk02gZdZGXAW8SbQLlkFWWURIPF/EBhZKQGCCebOUOJjZihSFKnIn89gNPfxO+f87tw792iGM/eEP2b1er28b3P+0vd3M1kePecnv/78i08b93+/lb7sy+vFD5OBJNWk5/flsdI7MbkwP7tJRTeTK0luJ0WS/jQfO9i/Zu5Kiv/Ok/fmb6f4bg63KTawxY1jU3W+1fb6+AMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfSxOTo6FiRmem5S29XOyuHAO+yfqW6r8pRv4uvVjfR16bZIika9wwMrAz1ffjQvdXPNv45nueac881R/4eyCdPPHvwjWd6KivluyS0Kz78+JOb7y4vX/vg3qLeTQv1P9yctqVve8Uu1OamF+enZ89dqFWnF+erZ0+fHj15cWqxOjWd2uLlxaXabHVioXZuaX6hOjTxSnXs7NlT1drI5flLcxcmR2ZqKwvP/MX46Ojp6lsjf1M7t7A4P3fyrZHFiYvTMzPTcxfKmMbqRsyZxoH419NL1aXaudlq9fqN5WunNkuyETTWdk1R3ZdVQeOb1TQ+Oj4+NjY+Pnb69bOvnxkd7dmwYHSdbIjY+4OWvfODh3IOh22qtPr/zGQ6c7mUt1Nte5vIZBYyn9kO61tW+v8TJ2td213d/6/08ofvrT6Ssv9/oTn3Qqf+v0Mum9/q9WbN2y2/cvswH+eT3My7Wc5yruWDB66xP+sy++2D1ti6VR98azfeLqSWuUxnMfOZzmzOlUuqrSXVnM3pnM5o3snFTGUx1UxlOjOpZTGXs5il1MojaiILqeVcljKfhVQzlIm8kmrGcjZncyrV1DKSy5nPpczlQiZzrqzlem6Uz/upLjneDRq7n6DxLkE73P/XH8X/CfKw7ej5Gx5EvdX/t3uP3gyor0wNTexaVgAAAMBO+vOf5MChp3/8y6Q3z5efy09Nz9RG9zotAAAAYAeVX9d7rvHQ25h6PoX3/wAAAPC4Kcrf2BVJBnO0OdX8JdS++BAAAAAAHhPl3/9faDwMNqaOprh7JZQre50bAAAAsDPuXmM/na6xu+lV+Ivhlcv/Vq82H6+2IlrX+R2cmp6pjUzMz7wxlpfKqwyUvzTYUNu+pOgtf37wao41o44NNh8H19Y40IgaG3ljLK/meGtDhl5sPLw41CZyvBn5cjPy5S6RpxqRAPC4O96lP77f/v/VDDcjho/09CXpOdKmZx3VswLAo2LzMXY2jSj+8t77/95WtWv6/6dz/WjzKwUjeS/vZzlXM1z+2qD8xsGaWv/+s9ZnBne/hjCa4U0+DViJ/dmZSoY7fB7Ql/X1jmd4k08EmrH5h+TUw98RALCLjnfoh7fS/w+vev+fje//7w4tdM1PCgHgkXB3BPuHOLHX2wgArKWXBgAAAAAAAAAAAAAAAAAAAAAAAAAAgJ23o1f7H9hm8V+1xvV7uMMQbJjY33oOtl/P/yTZvZyLRlv9O1dhZQfqqSfZrf21exM5mGz7WW17GPcl2fvt2srEXp6VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2C1Fsq/d8krSn2Q0ycndz2r7isYWdXFr1zLZbT/92w4r/mr1THEnd/JRDuxOTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3x6t6/9X0nx8orkoPZXkRJIrSf5ur3PcSXf2OoEdsn+b5VZd/7+xz1Mv0tPc7Sl6JyYX5mfL8RP6G+u//vyLTxv3VcX777edMrCybnCJVgvrY7/35MrUU2WpwclrH978l/f/uTp5PpX05fzS1Mzk7IWFN+8Vebb4MqmmeV+xku+/nfjRZ222/MvGlra3vt2p8smZ3Njun7Ur3b3dbm4sXxtvtLRUe3vpX//pxkerVj2dY8mLQ8nQ2pb+sXHv0NKx9HZrrfim+M/iQP4vV8r933g2inrR2EV/Um7//us3lq+NvPf+8tUOOR3M0SRXk4H7z+lo5wE5yqOu0ttodbQMavxzqF193cf0aFvjWIdteKo8ZAZb29B3X9tQ3SSBVc97pd36ZkanOmT0TF5qs6fr/UnnjF7qvqfbK74pflFczM/zH6vG/6g09v+JdH51rq2ijFx1pHSMrDQjyy0fX73infWRv/7/+8q+7TA1bNV/rXnxVlad/1v7aofOR/Wi6/loVYtbe12sa3HdUdHldVH2SIfWlWidfTqVaeV5qBnVIc8/zWtJz5FuZ8UNvfVrm53SVsq/2X71dl//3ymG8pvcMv4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw6CuSfe2WV5ITSQ6uzFeT+haq7e+0ojJYbDXFHXXr7j+PhcpWCxR3cicf5cDDSQcAAAAAAACA3XZ+8uvPv/i0cS//Hr/vTr3e+vt+NelJcrD43/2ZXJif3aSi3uRKktuN6YFOQb+rN61d2iiXJ+/N327MHW5bwcH73S4AoLM/BAAA///r9m7p")
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="0000230c1100"})
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="25390000290003"], 0x33fe0)

554.080815ms ago: executing program 0 (id=1960):
r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000240)={'erspan0\x00', &(0x7f0000000500)={'syztnl2\x00', 0x0, 0x10, 0x8000, 0x0, 0x14, {{0x5, 0x4, 0x1, 0x34, 0x14, 0x64, 0x0, 0x94, 0x4, 0x0, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x1f}}}}})
pipe(&(0x7f0000000200))
r1 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000001340)=@hci={0x1f, 0xc00, 0xe}, 0x80, &(0x7f0000002540)=[{&(0x7f00000006c0)='b', 0x10}], 0x1}, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000000)=@chain={'key_or_keyring:', r0})

552.389645ms ago: executing program 2 (id=1961):
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
readv(r1, &(0x7f0000001340)=[{&(0x7f00000001c0)=""/144, 0x90}], 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)
sendto$inet(r2, &(0x7f0000000000), 0xfffffffffffffd74, 0x40004, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000400000"], 0x0, 0x0, 0x0, 0x0, 0x81e00}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
recvfrom$inet(r2, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

516.249647ms ago: executing program 0 (id=1962):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x0, 0x0)
set_mempolicy_home_node(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x420, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @perf_bp={&(0x7f0000000080)}, 0xc200, 0x0, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x8000000, 0x0, 0x30046, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000200)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000540)={0x0, 0x4660, 0x400, 0x3, 0x285}, &(0x7f00000004c0)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001480)={0x20, 0xc, &(0x7f0000001600)=ANY=[@ANYBLOB="18000000001811000000000000006f55039ad18d191525db6188312f735f3aae221bf3e8ae568de27e2552e65e2cb1ae0cd4395bd1aff49303134d5f640cb9086367bea2edae20a1b5605d549aac24b8b0dd10c74b66b5bb78f703719998d299c84f545d0d42cf1c1d5c31c7ae23edb0cec1c70cb1963d0373ba93", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095", @ANYRES8=0x0], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
setresuid(0xee00, 0xee01, 0xee01)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000840)=ANY=[@ANYBLOB="b4000000800000001c10000000000000a500ffffff1dd6e69500000000000000e33ffe49fb92182c3b5b8c9db21f920abbda78cc57dea9dc8050492b3af1d6a2d083a0e6400dc2a94e32c310e9c0b3956f3cd3cbd5593df617314dcebc690d833f3007e7bac43d7319bfa8f7bbe408d291c5779802b0ffd32b4a9cec00bb8b9cd88cc9977c73fac7a050502464af257d3739ed9b1743775ab4cc1b6a628d3da7a75b3a5123565b2c15643dc19992b4a186ecdafd025d1bc148a732968f1f47831e2525646aff0a07317a1385bcb7afb9000000"], &(0x7f0000000080)='GPL\x00', 0x2, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0})
io_uring_enter(r1, 0x40f9, 0x217, 0xa5, 0x0, 0xf5)

439.126384ms ago: executing program 1 (id=1963):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r1, &(0x7f00000009c0)="3bf58d7d45d32cfe1da7c797b82f16713d1cb80b3fa1bda74e3977b40e7af46b4c60", 0x22)
ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(r1, 0x80083314, &(0x7f0000000200))
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)

219.675372ms ago: executing program 0 (id=1964):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
r1 = gettid()
rt_tgsigqueueinfo(0x0, r1, 0x34, 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000001a80)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe50a10a000600014002020c600e41b0000900ac000a0501000000160012000a00ff120048035c3b61c1d67f6f94007134cf6efb8007a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000001008af26c8b7b55f4d2a6823a45", 0xd8}], 0x1}, 0x894)

189.896694ms ago: executing program 0 (id=1965):
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f00000003c0)=0x5)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ba}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r1, 0x0, 0x3}, 0x18)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000900)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000100), 0xfffffd9d)
sendfile(r2, r4, 0x0, 0x8000002b)

83.420853ms ago: executing program 3 (id=1966):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfe3d}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000200)='kmem_cache_free\x00', r0}, 0x18)
faccessat2(0xffffffffffffffff, &(0x7f00000002c0)='./file1\x00', 0x1, 0x1200)

64.662104ms ago: executing program 3 (id=1967):
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@newsa={0x194, 0x10, 0x713, 0x0, 0x25dfdbfc, {{@in=@loopback, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x200, 0x0, 0x4e21, 0x2, 0xa, 0x0, 0x0, 0x3b, 0x0, 0xee00}, {@in6=@private2, 0x4d4, 0x32}, @in6=@dev={0xfe, 0x80, '\x00', 0x1b}, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x543}, {0x4, 0x7fffffffffffffff}, {0x0, 0xffffffff}, 0x70bd28, 0x3500, 0xa, 0x4}, [@algo_aead={0xa1, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x2a8, 0x60, "39ca7b8070b853dde51a5e83242fbc238cce6d6ef5992b6c9a7a82d87d63a4d06857957d866ef130d5b2db0bbd8e57c51e91cf546b52f9fa690728aa54a9071e85f49a539e2c665a54249fcbf4fef88588689eadf1"}}]}, 0x194}, 0x1, 0x0, 0x0, 0x880}, 0x0)

0s ago: executing program 3 (id=1968):
creat(&(0x7f00000000c0)='./file0\x00', 0xce)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x41ff, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0xfffffffd, 0x0, 0x8}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]})
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r3)
sendmsg$NFC_CMD_DEP_LINK_UP(r3, &(0x7f0000000600)={0x0, 0xffffffffffffff24, &(0x7f00000005c0)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000fbdbdf250400000005000a0000000000080001"], 0x3c}, 0x1, 0x0, 0x0, 0x26040041}, 0x40)

kernel console output (not intermixed with test programs):

0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  140.342213][ T8889] R13: 00007fb674356038 R14: 00007fb674355fa0 R15: 00007ffee34ba338
[  140.342272][ T8889]  </TASK>
[  140.560250][ T8898] sd 0:0:1:0: device reset
[  140.627384][ T8907] loop0: detected capacity change from 0 to 512
[  140.634385][ T8907] EXT4-fs: Ignoring removed mblk_io_submit option
[  140.641115][ T8907] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  140.652421][ T8907] EXT4-fs (loop0): 1 truncate cleaned up
[  140.658792][ T8907] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.668936][ T8909] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1445'.
[  140.693160][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.788112][ T8919] netlink: 'syz.0.1452': attribute type 6 has an invalid length.
[  140.862333][ T8922] pim6reg1: entered promiscuous mode
[  140.867821][ T8922] pim6reg1: entered allmulticast mode
[  140.923948][ T8927] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1455'.
[  141.043291][ T8935] FAULT_INJECTION: forcing a failure.
[  141.043291][ T8935] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.056466][ T8935] CPU: 1 UID: 0 PID: 8935 Comm: syz.5.1458 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  141.056577][ T8935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  141.056591][ T8935] Call Trace:
[  141.056599][ T8935]  <TASK>
[  141.056609][ T8935]  __dump_stack+0x1d/0x30
[  141.056633][ T8935]  dump_stack_lvl+0xe8/0x140
[  141.056728][ T8935]  dump_stack+0x15/0x1b
[  141.056791][ T8935]  should_fail_ex+0x265/0x280
[  141.056815][ T8935]  should_fail+0xb/0x20
[  141.056842][ T8935]  should_fail_usercopy+0x1a/0x20
[  141.056862][ T8935]  strncpy_from_user+0x25/0x230
[  141.056895][ T8935]  ? kmem_cache_alloc_noprof+0x186/0x310
[  141.056926][ T8935]  ? getname_flags+0x80/0x3b0
[  141.056959][ T8935]  getname_flags+0xae/0x3b0
[  141.056989][ T8935]  do_sys_openat2+0x60/0x110
[  141.057023][ T8935]  __x64_sys_creat+0x65/0x90
[  141.057058][ T8935]  x64_sys_call+0x2d94/0x2ff0
[  141.057131][ T8935]  do_syscall_64+0xd2/0x200
[  141.057207][ T8935]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  141.057234][ T8935]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  141.057262][ T8935]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.057298][ T8935] RIP: 0033:0x7f708827ebe9
[  141.057345][ T8935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.057364][ T8935] RSP: 002b:00007f7086ce7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  141.057387][ T8935] RAX: ffffffffffffffda RBX: 00007f70884a5fa0 RCX: 00007f708827ebe9
[  141.057400][ T8935] RDX: 0000000000000000 RSI: 0000000000000036 RDI: 00002000000003c0
[  141.057413][ T8935] RBP: 00007f7086ce7090 R08: 0000000000000000 R09: 0000000000000000
[  141.057487][ T8935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.057499][ T8935] R13: 00007f70884a6038 R14: 00007f70884a5fa0 R15: 00007ffdadd87938
[  141.057518][ T8935]  </TASK>
[  141.067040][ T8929] lo speed is unknown, defaulting to 1000
[  141.086999][ T8936] netlink: 'syz.2.1454': attribute type 4 has an invalid length.
[  141.347424][ T8944] loop0: detected capacity change from 0 to 2048
[  141.373651][ T8941] lo speed is unknown, defaulting to 1000
[  141.382689][ T8944]  loop0: p1 < > p4
[  141.389666][ T8944] loop0: p4 size 8388608 extends beyond EOD, truncated
[  141.403640][ T8946] loop5: detected capacity change from 0 to 512
[  141.412313][ T8946] EXT4-fs: Ignoring removed mblk_io_submit option
[  141.420047][ T8946] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  141.433730][ T8946] EXT4-fs (loop5): 1 truncate cleaned up
[  141.439968][ T8946] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.535059][ T6698] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.564017][ T8954] random: crng reseeded on system resumption
[  141.622035][ T3409] usb 3-1: enqueue for inactive port 0
[  141.627709][ T3409] usb 3-1: enqueue for inactive port 0
[  141.648741][ T8957] loop1: detected capacity change from 0 to 2048
[  141.666445][ T8957] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.722003][ T3409] vhci_hcd: vhci_device speed not set
[  141.768845][ T8965] FAULT_INJECTION: forcing a failure.
[  141.768845][ T8965] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.782275][ T8965] CPU: 1 UID: 0 PID: 8965 Comm: syz.2.1467 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  141.782331][ T8965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  141.782345][ T8965] Call Trace:
[  141.782352][ T8965]  <TASK>
[  141.782361][ T8965]  __dump_stack+0x1d/0x30
[  141.782384][ T8965]  dump_stack_lvl+0xe8/0x140
[  141.782401][ T8965]  dump_stack+0x15/0x1b
[  141.782456][ T8965]  should_fail_ex+0x265/0x280
[  141.782479][ T8965]  should_fail+0xb/0x20
[  141.782495][ T8965]  should_fail_usercopy+0x1a/0x20
[  141.782569][ T8965]  _copy_from_user+0x1c/0xb0
[  141.782596][ T8965]  __copy_msghdr+0x244/0x300
[  141.782616][ T8965]  ___sys_sendmsg+0x109/0x1d0
[  141.782662][ T8965]  __x64_sys_sendmsg+0xd4/0x160
[  141.782684][ T8965]  x64_sys_call+0x191e/0x2ff0
[  141.782706][ T8965]  do_syscall_64+0xd2/0x200
[  141.782749][ T8965]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  141.782775][ T8965]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  141.782799][ T8965]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.782820][ T8965] RIP: 0033:0x7fadcb25ebe9
[  141.782837][ T8965] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.782919][ T8965] RSP: 002b:00007fadc9cbf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  141.782939][ T8965] RAX: ffffffffffffffda RBX: 00007fadcb485fa0 RCX: 00007fadcb25ebe9
[  141.782996][ T8965] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000004
[  141.783008][ T8965] RBP: 00007fadc9cbf090 R08: 0000000000000000 R09: 0000000000000000
[  141.783019][ T8965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.783031][ T8965] R13: 00007fadcb486038 R14: 00007fadcb485fa0 R15: 00007fff52b6bef8
[  141.783077][ T8965]  </TASK>
[  141.788690][ T8966] netlink: 76 bytes leftover after parsing attributes in process `syz.5.1464'.
[  141.851454][ T8969] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(12)
[  141.982861][ T8969] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  141.990835][ T8969] vhci_hcd vhci_hcd.0: Device attached
[  142.001883][ T8968] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(14)
[  142.008793][ T8968] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  142.016893][ T8968] vhci_hcd vhci_hcd.0: Device attached
[  142.032997][ T8968] vhci_hcd vhci_hcd.0: pdev(2) rhport(2) sockfd(17)
[  142.039667][ T8968] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  142.047565][ T8968] vhci_hcd vhci_hcd.0: Device attached
[  142.053697][ T8968] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  142.068734][ T8968] vhci_hcd vhci_hcd.0: pdev(2) rhport(4) sockfd(21)
[  142.075399][ T8968] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  142.083101][ T8968] vhci_hcd vhci_hcd.0: Device attached
[  142.090778][ T8968] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(23)
[  142.097509][ T8968] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  142.105353][ T8968] vhci_hcd vhci_hcd.0: Device attached
[  142.113407][ T8968] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  142.123478][ T8968] vhci_hcd vhci_hcd.0: pdev(2) rhport(6) sockfd(27)
[  142.130220][ T8968] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  142.138120][ T8968] vhci_hcd vhci_hcd.0: Device attached
[  142.146623][ T8968] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  142.157787][ T8984] vhci_hcd: connection closed
[  142.157995][   T31] vhci_hcd: stop threads
[  142.158134][ T8982] vhci_hcd: connection closed
[  142.163069][   T31] vhci_hcd: release socket
[  142.168030][ T8977] vhci_hcd: connection closed
[  142.172197][   T31] vhci_hcd: disconnect device
[  142.172916][ T8979] vhci_hcd: connection closed
[  142.177546][ T8975] vhci_hcd: connection closed
[  142.195916][   T31] vhci_hcd: stop threads
[  142.196298][ T8970] vhci_hcd: connection closed
[  142.201021][   T31] vhci_hcd: release socket
[  142.214548][   T31] vhci_hcd: disconnect device
[  142.220443][   T31] vhci_hcd: stop threads
[  142.224822][   T31] vhci_hcd: release socket
[  142.229362][   T31] vhci_hcd: disconnect device
[  142.234549][   T31] vhci_hcd: stop threads
[  142.239011][   T31] vhci_hcd: release socket
[  142.243779][   T31] vhci_hcd: disconnect device
[  142.248881][   T31] vhci_hcd: stop threads
[  142.253260][   T31] vhci_hcd: release socket
[  142.258055][   T31] vhci_hcd: disconnect device
[  142.261958][   T36] usb 5-1: new low-speed USB device number 4 using vhci_hcd
[  142.264157][ T8875] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  142.270247][ T8971] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  142.291428][   T31] vhci_hcd: stop threads
[  142.295953][   T31] vhci_hcd: release socket
[  142.300428][   T31] vhci_hcd: disconnect device
[  142.316214][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.373142][ T8997] FAULT_INJECTION: forcing a failure.
[  142.373142][ T8997] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  142.386338][ T8997] CPU: 1 UID: 0 PID: 8997 Comm: syz.0.1472 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  142.386405][ T8997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  142.386430][ T8997] Call Trace:
[  142.386439][ T8997]  <TASK>
[  142.386453][ T8997]  __dump_stack+0x1d/0x30
[  142.386478][ T8997]  dump_stack_lvl+0xe8/0x140
[  142.386499][ T8997]  dump_stack+0x15/0x1b
[  142.386598][ T8997]  should_fail_ex+0x265/0x280
[  142.386625][ T8997]  should_fail+0xb/0x20
[  142.386646][ T8997]  should_fail_usercopy+0x1a/0x20
[  142.386714][ T8997]  _copy_from_user+0x1c/0xb0
[  142.386763][ T8997]  ___bpf_copy_key+0xa5/0x110
[  142.386799][ T8997]  map_update_elem+0x165/0x520
[  142.386917][ T8997]  __sys_bpf+0x571/0x7b0
[  142.386960][ T8997]  __x64_sys_bpf+0x41/0x50
[  142.386984][ T8997]  x64_sys_call+0x2aea/0x2ff0
[  142.387009][ T8997]  do_syscall_64+0xd2/0x200
[  142.387107][ T8997]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  142.387126][ T8997]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  142.387142][ T8997]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.387236][ T8997] RIP: 0033:0x7fb67412ebe9
[  142.387288][ T8997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.387307][ T8997] RSP: 002b:00007fb672b8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  142.387322][ T8997] RAX: ffffffffffffffda RBX: 00007fb674355fa0 RCX: 00007fb67412ebe9
[  142.387332][ T8997] RDX: 0000000000000020 RSI: 0000200000000200 RDI: 0000000000000002
[  142.387341][ T8997] RBP: 00007fb672b8f090 R08: 0000000000000000 R09: 0000000000000000
[  142.387349][ T8997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  142.387357][ T8997] R13: 00007fb674356038 R14: 00007fb674355fa0 R15: 00007ffee34ba338
[  142.387370][ T8997]  </TASK>
[  142.662424][    T9] usb 1-1: enqueue for inactive port 0
[  142.668057][    T9] usb 1-1: enqueue for inactive port 0
[  142.746048][    T9] vhci_hcd: vhci_device speed not set
[  142.927149][ T9041] netlink: 'syz.3.1476': attribute type 6 has an invalid length.
[  143.108494][ T9062] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  143.373418][ T9084] FAULT_INJECTION: forcing a failure.
[  143.373418][ T9084] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  143.387032][ T9084] CPU: 0 UID: 0 PID: 9084 Comm: syz.3.1481 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  143.387070][ T9084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  143.387082][ T9084] Call Trace:
[  143.387089][ T9084]  <TASK>
[  143.387097][ T9084]  __dump_stack+0x1d/0x30
[  143.387121][ T9084]  dump_stack_lvl+0xe8/0x140
[  143.387199][ T9084]  dump_stack+0x15/0x1b
[  143.387276][ T9084]  should_fail_ex+0x265/0x280
[  143.387300][ T9084]  should_fail+0xb/0x20
[  143.387320][ T9084]  should_fail_usercopy+0x1a/0x20
[  143.387345][ T9084]  _copy_from_user+0x1c/0xb0
[  143.387442][ T9084]  sctp_getsockopt_connectx3+0xda/0x300
[  143.387475][ T9084]  sctp_getsockopt+0x910/0xaa0
[  143.387539][ T9084]  sock_common_getsockopt+0x5d/0x70
[  143.387565][ T9084]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  143.387642][ T9084]  do_sock_getsockopt+0x1fd/0x240
[  143.387666][ T9084]  __x64_sys_getsockopt+0x11e/0x1a0
[  143.387693][ T9084]  x64_sys_call+0x2bc6/0x2ff0
[  143.387737][ T9084]  do_syscall_64+0xd2/0x200
[  143.387766][ T9084]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  143.387795][ T9084]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  143.387818][ T9084]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.387898][ T9084] RIP: 0033:0x7f953325ebe9
[  143.387913][ T9084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.387930][ T9084] RSP: 002b:00007f9531cc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  143.387993][ T9084] RAX: ffffffffffffffda RBX: 00007f9533485fa0 RCX: 00007f953325ebe9
[  143.388007][ T9084] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000003
[  143.388020][ T9084] RBP: 00007f9531cc7090 R08: 0000200000000100 R09: 0000000000000000
[  143.388034][ T9084] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  143.388046][ T9084] R13: 00007f9533486038 R14: 00007f9533485fa0 R15: 00007ffd6f966218
[  143.388080][ T9084]  </TASK>
[  143.598588][ T9081] lo speed is unknown, defaulting to 1000
[  143.647396][ T9092] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1483'.
[  143.656694][ T9092] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1483'.
[  143.669502][   T29] kauditd_printk_skb: 210 callbacks suppressed
[  143.669522][   T29] audit: type=1326 audit(1754954400.948:4813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9093 comm="syz.2.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcb25ebe9 code=0x7ffc0000
[  143.728262][ T9104] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1485'.
[  143.789091][ T9117] loop3: detected capacity change from 0 to 1024
[  143.801055][   T29] audit: type=1326 audit(1754954400.978:4814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9093 comm="syz.2.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7fadcb25ebe9 code=0x7ffc0000
[  143.825054][   T29] audit: type=1326 audit(1754954400.978:4815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9093 comm="syz.2.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcb25ebe9 code=0x7ffc0000
[  143.848798][   T29] audit: type=1326 audit(1754954400.978:4816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9093 comm="syz.2.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fadcb25ebe9 code=0x7ffc0000
[  143.872626][   T29] audit: type=1326 audit(1754954400.978:4817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9093 comm="syz.2.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcb25ebe9 code=0x7ffc0000
[  143.896977][   T29] audit: type=1326 audit(1754954400.978:4818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9093 comm="syz.2.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fadcb25ebe9 code=0x7ffc0000
[  143.920907][   T29] audit: type=1326 audit(1754954400.978:4819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9093 comm="syz.2.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcb25ebe9 code=0x7ffc0000
[  143.944835][   T29] audit: type=1326 audit(1754954400.978:4820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9093 comm="syz.2.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7fadcb25ebe9 code=0x7ffc0000
[  143.969575][   T29] audit: type=1326 audit(1754954400.978:4821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9093 comm="syz.2.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcb25ebe9 code=0x7ffc0000
[  144.048153][   T29] audit: type=1400 audit(1754954401.328:4822): avc:  denied  { ioctl } for  pid=9128 comm="syz.3.1488" path="socket:[23433]" dev="sockfs" ino=23433 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  144.172609][ T9134] FAULT_INJECTION: forcing a failure.
[  144.172609][ T9134] name failslab, interval 1, probability 0, space 0, times 0
[  144.185849][ T9134] CPU: 1 UID: 0 PID: 9134 Comm: syz.3.1490 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  144.185883][ T9134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  144.185896][ T9134] Call Trace:
[  144.185902][ T9134]  <TASK>
[  144.185909][ T9134]  __dump_stack+0x1d/0x30
[  144.185937][ T9134]  dump_stack_lvl+0xe8/0x140
[  144.186039][ T9134]  dump_stack+0x15/0x1b
[  144.186057][ T9134]  should_fail_ex+0x265/0x280
[  144.186077][ T9134]  should_failslab+0x8c/0xb0
[  144.186105][ T9134]  __kmalloc_noprof+0xa5/0x3e0
[  144.186130][ T9134]  ? sock_kmalloc+0x85/0xc0
[  144.186181][ T9134]  ? iovec_from_user+0x179/0x210
[  144.186216][ T9134]  sock_kmalloc+0x85/0xc0
[  144.186242][ T9134]  ____sys_sendmsg+0xf8/0x4e0
[  144.186278][ T9134]  ___sys_sendmsg+0x17b/0x1d0
[  144.186314][ T9134]  __sys_sendmmsg+0x178/0x300
[  144.186402][ T9134]  __x64_sys_sendmmsg+0x57/0x70
[  144.186423][ T9134]  x64_sys_call+0x1c4a/0x2ff0
[  144.186442][ T9134]  do_syscall_64+0xd2/0x200
[  144.186544][ T9134]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  144.186573][ T9134]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  144.186674][ T9134]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.186766][ T9134] RIP: 0033:0x7f953325ebe9
[  144.186785][ T9134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.186805][ T9134] RSP: 002b:00007f9531cc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  144.186861][ T9134] RAX: ffffffffffffffda RBX: 00007f9533485fa0 RCX: 00007f953325ebe9
[  144.186876][ T9134] RDX: 0000000000000002 RSI: 0000200000000a00 RDI: 0000000000000003
[  144.186890][ T9134] RBP: 00007f9531cc7090 R08: 0000000000000000 R09: 0000000000000000
[  144.186966][ T9134] R10: 0000000008008801 R11: 0000000000000246 R12: 0000000000000001
[  144.187041][ T9134] R13: 00007f9533486038 R14: 00007f9533485fa0 R15: 00007ffd6f966218
[  144.187061][ T9134]  </TASK>
[  144.592387][ T6240] usb usb4-port1: attempt power cycle
[  144.622146][ T9151] loop0: detected capacity change from 0 to 1024
[  144.634912][ T9151] EXT4-fs: Ignoring removed mblk_io_submit option
[  144.670630][ T9151] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.846937][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.883434][ T9162] loop2: detected capacity change from 0 to 512
[  145.283554][ T9162] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117
[  145.308665][ T9162] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.1498: invalid indirect mapped block 256 (level 1)
[  145.324414][ T9162] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.1498: invalid indirect mapped block 2683928664 (level 1)
[  145.339204][ T9162] EXT4-fs (loop2): 1 truncate cleaned up
[  145.354235][ T9162] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.383862][ T9218] loop0: detected capacity change from 0 to 1024
[  145.404724][ T9222] loop1: detected capacity change from 0 to 512
[  145.413473][ T9222] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  145.425434][ T9218] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  145.425680][ T9222] EXT4-fs (loop1): 1 truncate cleaned up
[  145.438091][ T9218] ext4 filesystem being mounted at /321/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  145.456110][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.470377][ T9222] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.471551][ T9222] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.563013][ T9239] loop2: detected capacity change from 0 to 512
[  145.615236][ T9239] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.1503: iget: bad i_size value: 38620345925642
[  145.617938][ T9239] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.1503: couldn't read orphan inode 15 (err -117)
[  145.620227][ T9239] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.623971][ T9262] random: crng reseeded on system resumption
[  145.628536][ T9239] EXT4-fs (loop2): shut down requested (0)
[  145.712663][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.745132][ T9272] netlink: 'syz.2.1506': attribute type 6 has an invalid length.
[  145.762295][ T3389] usb usb2-port1: attempt power cycle
[  145.775941][ T9277] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1504'.
[  145.815450][ T9281] FAULT_INJECTION: forcing a failure.
[  145.815450][ T9281] name failslab, interval 1, probability 0, space 0, times 0
[  145.815588][ T9281] CPU: 0 UID: 0 PID: 9281 Comm: syz.2.1507 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  145.815626][ T9281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  145.815650][ T9281] Call Trace:
[  145.815659][ T9281]  <TASK>
[  145.815669][ T9281]  __dump_stack+0x1d/0x30
[  145.815697][ T9281]  dump_stack_lvl+0xe8/0x140
[  145.815716][ T9281]  dump_stack+0x15/0x1b
[  145.815731][ T9281]  should_fail_ex+0x265/0x280
[  145.815755][ T9281]  should_failslab+0x8c/0xb0
[  145.815791][ T9281]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  145.815818][ T9281]  ? shmem_alloc_inode+0x34/0x50
[  145.815841][ T9281]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  145.815904][ T9281]  shmem_alloc_inode+0x34/0x50
[  145.815929][ T9281]  alloc_inode+0x3d/0x170
[  145.815954][ T9281]  new_inode+0x1d/0xe0
[  145.816067][ T9281]  shmem_get_inode+0x244/0x750
[  145.816091][ T9281]  shmem_mknod+0x46/0x180
[  145.816114][ T9281]  shmem_create+0x34/0x50
[  145.816216][ T9281]  ? __pfx_shmem_create+0x10/0x10
[  145.816243][ T9281]  path_openat+0x1105/0x2170
[  145.816276][ T9281]  do_filp_open+0x109/0x230
[  145.816306][ T9281]  do_sys_openat2+0xa6/0x110
[  145.816431][ T9281]  __x64_sys_creat+0x65/0x90
[  145.816468][ T9281]  x64_sys_call+0x2d94/0x2ff0
[  145.816566][ T9281]  do_syscall_64+0xd2/0x200
[  145.816590][ T9281]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  145.816655][ T9281]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  145.816684][ T9281]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.816709][ T9281] RIP: 0033:0x7fadcb25ebe9
[  145.816728][ T9281] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.816772][ T9281] RSP: 002b:00007fadc9cbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  145.816792][ T9281] RAX: ffffffffffffffda RBX: 00007fadcb485fa0 RCX: 00007fadcb25ebe9
[  145.816804][ T9281] RDX: 0000000000000000 RSI: 0000000000000048 RDI: 00002000000000c0
[  145.816818][ T9281] RBP: 00007fadc9cbf090 R08: 0000000000000000 R09: 0000000000000000
[  145.816833][ T9281] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  145.816847][ T9281] R13: 00007fadcb486038 R14: 00007fadcb485fa0 R15: 00007fff52b6bef8
[  145.816869][ T9281]  </TASK>
[  145.838809][ T9281] loop2: detected capacity change from 0 to 1764
[  145.902354][ T9281] ISOFS: Bad logical zone size 2051
[  145.922491][ T9283] netlink: 76 bytes leftover after parsing attributes in process `syz.5.1505'.
[  145.988772][ T9289] loop2: detected capacity change from 0 to 512
[  146.264210][ T9289] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.278173][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  146.281076][ T9289] ext4 filesystem being mounted at /309/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  146.406895][ T9289] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9289 comm=syz.2.1509
[  146.721212][ T9303] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1514'.
[  146.768978][ T9308] lo speed is unknown, defaulting to 1000
[  146.832262][ T9310] ref_ctr_offset mismatch. inode: 0x6c6 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000
[  146.851480][ T6240] usb usb4-port1: unable to enumerate USB device
[  146.895023][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.925337][ T9312] FAULT_INJECTION: forcing a failure.
[  146.925337][ T9312] name failslab, interval 1, probability 0, space 0, times 0
[  146.938353][ T9312] CPU: 0 UID: 0 PID: 9312 Comm: syz.1.1515 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  146.938382][ T9312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  146.938438][ T9312] Call Trace:
[  146.938446][ T9312]  <TASK>
[  146.938457][ T9312]  __dump_stack+0x1d/0x30
[  146.938553][ T9312]  dump_stack_lvl+0xe8/0x140
[  146.938575][ T9312]  dump_stack+0x15/0x1b
[  146.938595][ T9312]  should_fail_ex+0x265/0x280
[  146.938620][ T9312]  should_failslab+0x8c/0xb0
[  146.938649][ T9312]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  146.938717][ T9312]  ? sidtab_sid2str_get+0xa0/0x130
[  146.938744][ T9312]  kmemdup_noprof+0x2b/0x70
[  146.938775][ T9312]  sidtab_sid2str_get+0xa0/0x130
[  146.938795][ T9312]  security_sid_to_context_core+0x1eb/0x2e0
[  146.938824][ T9312]  security_sid_to_context+0x27/0x40
[  146.938846][ T9312]  selinux_lsmprop_to_secctx+0x67/0xf0
[  146.938889][ T9312]  security_lsmprop_to_secctx+0x43/0x80
[  146.938965][ T9312]  audit_log_task_context+0x77/0x190
[  146.939001][ T9312]  audit_log_task+0xf4/0x250
[  146.939047][ T9312]  audit_seccomp+0x61/0x100
[  146.939144][ T9312]  ? __seccomp_filter+0x68c/0x10d0
[  146.939225][ T9312]  __seccomp_filter+0x69d/0x10d0
[  146.939245][ T9312]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  146.939271][ T9312]  ? vfs_write+0x7e8/0x960
[  146.939309][ T9312]  __secure_computing+0x82/0x150
[  146.939398][ T9312]  syscall_trace_enter+0xcf/0x1e0
[  146.939420][ T9312]  do_syscall_64+0xac/0x200
[  146.939446][ T9312]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  146.939509][ T9312]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  146.939536][ T9312]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.939579][ T9312] RIP: 0033:0x7fcc817aebe9
[  146.939594][ T9312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.939611][ T9312] RSP: 002b:00007fcc8020f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000119
[  146.939632][ T9312] RAX: ffffffffffffffda RBX: 00007fcc819d5fa0 RCX: 00007fcc817aebe9
[  146.939647][ T9312] RDX: 0000000000000001 RSI: 0000200000000080 RDI: 0000000000000003
[  146.939661][ T9312] RBP: 00007fcc8020f090 R08: 0000000000000000 R09: 0000000000000000
[  146.939674][ T9312] R10: 00000000000004c6 R11: 0000000000000246 R12: 0000000000000001
[  146.939705][ T9312] R13: 00007fcc819d6038 R14: 00007fcc819d5fa0 R15: 00007ffe6ed546a8
[  146.939772][ T9312]  </TASK>
[  147.302011][   T36] usb 5-1: enqueue for inactive port 0
[  147.307703][   T36] usb 5-1: enqueue for inactive port 0
[  147.395459][ T9332] lo speed is unknown, defaulting to 1000
[  147.447185][   T36] vhci_hcd: vhci_device speed not set
[  147.478890][ T9334] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1518'.
[  147.844083][ T9346] vxlan0: left promiscuous mode
[  147.852096][ T5894] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  147.872708][ T9344] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1521'.
[  147.884403][ T5894] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  147.905208][ T5894] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  147.925529][ T9350] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1524'.
[  147.950570][ T5894] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  148.132469][ T3389] usb usb2-port1: unable to enumerate USB device
[  148.996953][ T9361] loop3: detected capacity change from 0 to 8192
[  149.013507][ T9365] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1528'.
[  149.052235][ T9361]  loop3: p1 p2 p3 p4
[  149.058393][ T9361] loop3: p1 size 3523149824 extends beyond EOD, truncated
[  149.072633][ T9361] loop3: p2 start 4293394688 is beyond EOD, truncated
[  149.079815][ T9361] loop3: p3 start 150994944 is beyond EOD, truncated
[  149.086864][ T9361] loop3: p4 size 50331648 extends beyond EOD, truncated
[  149.119379][ T9361] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1526'.
[  149.327966][ T9377] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  149.355325][ T9377] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  149.400334][ T9378] lo speed is unknown, defaulting to 1000
[  149.735262][ T9383] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1535'.
[  149.827353][ T9384] FAULT_INJECTION: forcing a failure.
[  149.827353][ T9384] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  149.840942][ T9384] CPU: 1 UID: 0 PID: 9384 Comm: syz.5.1535 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  149.840976][ T9384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  149.840988][ T9384] Call Trace:
[  149.840997][ T9384]  <TASK>
[  149.841006][ T9384]  __dump_stack+0x1d/0x30
[  149.841031][ T9384]  dump_stack_lvl+0xe8/0x140
[  149.841157][ T9384]  dump_stack+0x15/0x1b
[  149.841175][ T9384]  should_fail_ex+0x265/0x280
[  149.841196][ T9384]  should_fail+0xb/0x20
[  149.841213][ T9384]  should_fail_usercopy+0x1a/0x20
[  149.841233][ T9384]  _copy_from_user+0x1c/0xb0
[  149.841293][ T9384]  ___sys_sendmsg+0xc1/0x1d0
[  149.841326][ T9384]  __x64_sys_sendmsg+0xd4/0x160
[  149.841352][ T9384]  x64_sys_call+0x191e/0x2ff0
[  149.841374][ T9384]  do_syscall_64+0xd2/0x200
[  149.841408][ T9384]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  149.841436][ T9384]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  149.841530][ T9384]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.841551][ T9384] RIP: 0033:0x7f708827ebe9
[  149.841569][ T9384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.841590][ T9384] RSP: 002b:00007f7086cc6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  149.841648][ T9384] RAX: ffffffffffffffda RBX: 00007f70884a6090 RCX: 00007f708827ebe9
[  149.841662][ T9384] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000007
[  149.841676][ T9384] RBP: 00007f7086cc6090 R08: 0000000000000000 R09: 0000000000000000
[  149.841690][ T9384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.841772][ T9384] R13: 00007f70884a6128 R14: 00007f70884a6090 R15: 00007ffdadd87938
[  149.841793][ T9384]  </TASK>
[  150.081629][ T9386] lo speed is unknown, defaulting to 1000
[  150.099557][ T9385] lo speed is unknown, defaulting to 1000
[  150.212980][ T9393] netlink: 'syz.0.1537': attribute type 6 has an invalid length.
[  150.244426][ T9390] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1536'.
[  150.329498][ T9399] loop3: detected capacity change from 0 to 512
[  150.346849][ T9397] netlink: 'syz.0.1539': attribute type 6 has an invalid length.
[  150.383819][ T9399] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117
[  150.397116][ T9399] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1541: invalid indirect mapped block 256 (level 1)
[  150.412661][ T9399] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1541: invalid indirect mapped block 2683928664 (level 1)
[  150.427850][ T9399] EXT4-fs (loop3): 1 truncate cleaned up
[  150.435094][ T9399] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.482071][   T29] kauditd_printk_skb: 48 callbacks suppressed
[  150.482089][   T29] audit: type=1326 audit(1754954407.768:4870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9398 comm="syz.3.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  150.521935][   T29] audit: type=1326 audit(1754954407.798:4871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9398 comm="syz.3.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  150.545624][   T29] audit: type=1326 audit(1754954407.798:4872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9398 comm="syz.3.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  150.570354][   T29] audit: type=1326 audit(1754954407.798:4873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9398 comm="syz.3.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  150.594610][   T29] audit: type=1326 audit(1754954407.798:4874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9398 comm="syz.3.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  150.618651][   T29] audit: type=1326 audit(1754954407.798:4875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9398 comm="syz.3.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  150.642353][   T29] audit: type=1326 audit(1754954407.798:4876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9398 comm="syz.3.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  150.666230][   T29] audit: type=1326 audit(1754954407.798:4877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9398 comm="syz.3.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f953325d550 code=0x7ffc0000
[  150.690943][   T29] audit: type=1326 audit(1754954407.798:4878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9398 comm="syz.3.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  150.715185][   T29] audit: type=1326 audit(1754954407.798:4879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9398 comm="syz.3.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  150.804012][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.843155][ T9419] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  150.863022][ T9419] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  150.957416][ T9425] lo speed is unknown, defaulting to 1000
[  151.345526][ T9431] __nla_validate_parse: 2 callbacks suppressed
[  151.345548][ T9431] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1550'.
[  151.361120][ T9430] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1551'.
[  151.440716][ T9434] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1552'.
[  151.462606][ T9436] netlink: 'syz.3.1553': attribute type 6 has an invalid length.
[  151.527705][ T9444] loop1: detected capacity change from 0 to 512
[  151.559983][ T9444] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117
[  151.584587][ T9444] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.1557: invalid indirect mapped block 256 (level 1)
[  151.601664][ T9444] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.1557: invalid indirect mapped block 2683928664 (level 1)
[  151.623059][ T9444] EXT4-fs (loop1): 1 truncate cleaned up
[  151.629355][ T9444] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.652564][ T9449] FAULT_INJECTION: forcing a failure.
[  151.652564][ T9449] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  151.665856][ T9449] CPU: 0 UID: 0 PID: 9449 Comm: syz.5.1558 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  151.665888][ T9449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  151.665982][ T9449] Call Trace:
[  151.665993][ T9449]  <TASK>
[  151.666003][ T9449]  __dump_stack+0x1d/0x30
[  151.666031][ T9449]  dump_stack_lvl+0xe8/0x140
[  151.666055][ T9449]  dump_stack+0x15/0x1b
[  151.666096][ T9449]  should_fail_ex+0x265/0x280
[  151.666116][ T9449]  should_fail+0xb/0x20
[  151.666133][ T9449]  should_fail_usercopy+0x1a/0x20
[  151.666214][ T9449]  _copy_to_user+0x20/0xa0
[  151.666283][ T9449]  simple_read_from_buffer+0xb5/0x130
[  151.666374][ T9449]  proc_fail_nth_read+0x10e/0x150
[  151.666406][ T9449]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  151.666492][ T9449]  vfs_read+0x1a8/0x770
[  151.666512][ T9449]  ? __rcu_read_unlock+0x4f/0x70
[  151.666582][ T9449]  ? __fget_files+0x184/0x1c0
[  151.666610][ T9449]  ksys_read+0xda/0x1a0
[  151.666632][ T9449]  __x64_sys_read+0x40/0x50
[  151.666658][ T9449]  x64_sys_call+0x27bc/0x2ff0
[  151.666686][ T9449]  do_syscall_64+0xd2/0x200
[  151.666784][ T9449]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  151.666882][ T9449]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  151.666906][ T9449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.666931][ T9449] RIP: 0033:0x7f708827d5fc
[  151.667014][ T9449] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  151.667037][ T9449] RSP: 002b:00007f7086ce7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  151.667062][ T9449] RAX: ffffffffffffffda RBX: 00007f70884a5fa0 RCX: 00007f708827d5fc
[  151.667099][ T9449] RDX: 000000000000000f RSI: 00007f7086ce70a0 RDI: 0000000000000005
[  151.667115][ T9449] RBP: 00007f7086ce7090 R08: 0000000000000000 R09: 0000000000000000
[  151.667130][ T9449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.667145][ T9449] R13: 00007f70884a6038 R14: 00007f70884a5fa0 R15: 00007ffdadd87938
[  151.667167][ T9449]  </TASK>
[  151.668371][ T9442] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1556'.
[  151.801702][ T9434] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1552'.
[  151.801749][ T9442] netlink: 'syz.3.1556': attribute type 30 has an invalid length.
[  151.822152][ T9434] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1552'.
[  151.862132][ T9441] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1556'.
[  151.864028][ T9434] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1552'.
[  151.872567][ T9441] netlink: 'syz.3.1556': attribute type 30 has an invalid length.
[  151.900266][ T5305] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  151.969621][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.979779][ T5305] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  151.988534][ T5305] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  151.997576][ T5305] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  152.096978][ T9462] veth0_to_team: entered promiscuous mode
[  152.104020][ T9461] loop1: detected capacity change from 0 to 1024
[  152.129791][ T9465] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1565'.
[  152.143285][ T9461] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  152.149098][ T9466] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  152.162817][ T9461] FAULT_INJECTION: forcing a failure.
[  152.162817][ T9461] name failslab, interval 1, probability 0, space 0, times 0
[  152.164928][ T9466] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  152.177398][ T9461] CPU: 0 UID: 0 PID: 9461 Comm: syz.1.1563 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  152.177430][ T9461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  152.177443][ T9461] Call Trace:
[  152.177451][ T9461]  <TASK>
[  152.177460][ T9461]  __dump_stack+0x1d/0x30
[  152.177537][ T9461]  dump_stack_lvl+0xe8/0x140
[  152.177557][ T9461]  dump_stack+0x15/0x1b
[  152.177573][ T9461]  should_fail_ex+0x265/0x280
[  152.177637][ T9461]  should_failslab+0x8c/0xb0
[  152.177678][ T9461]  kmem_cache_alloc_noprof+0x50/0x310
[  152.177705][ T9461]  ? __es_insert_extent+0x508/0xee0
[  152.177735][ T9461]  __es_insert_extent+0x508/0xee0
[  152.177800][ T9461]  ? try_to_wake_up+0x3e7/0x630
[  152.177831][ T9461]  ? should_fail_ex+0xdb/0x280
[  152.177879][ T9461]  ext4_es_insert_extent+0x435/0x1c10
[  152.177972][ T9461]  ? ext4_find_extent+0x16b/0x7a0
[  152.178069][ T9461]  ext4_ext_map_blocks+0x172b/0x38a0
[  152.178160][ T9461]  ? blk_mq_issue_direct+0x3b5/0x530
[  152.178188][ T9461]  ? __rcu_read_unlock+0x4f/0x70
[  152.178274][ T9461]  ? folio_mark_accessed+0x240/0x3d0
[  152.178305][ T9461]  ? folio_mark_accessed+0x240/0x3d0
[  152.178397][ T9461]  ext4_map_query_blocks+0xa8/0x480
[  152.178427][ T9461]  ext4_map_blocks+0x330/0xd00
[  152.178451][ T9461]  ? ext4_get_group_desc+0x16b/0x190
[  152.178482][ T9461]  ? __ext4_journal_start_sb+0x131/0x300
[  152.178552][ T9461]  ext4_iomap_begin+0x88d/0xe00
[  152.178584][ T9461]  ? __pfx_ext4_iomap_begin+0x10/0x10
[  152.178612][ T9461]  iomap_iter+0x332/0x730
[  152.178712][ T9461]  ? should_failslab+0x8c/0xb0
[  152.178748][ T9461]  __iomap_dio_rw+0x708/0x1250
[  152.178780][ T9461]  ? ext4_journal_check_start+0x11a/0x1b0
[  152.178802][ T9461]  iomap_dio_rw+0x40/0x90
[  152.178841][ T9461]  ext4_file_write_iter+0xad9/0xf00
[  152.178993][ T9461]  do_iter_readv_writev+0x49c/0x540
[  152.179021][ T9461]  vfs_writev+0x2df/0x8b0
[  152.179055][ T9461]  __se_sys_pwritev2+0xfc/0x1c0
[  152.179081][ T9461]  __x64_sys_pwritev2+0x67/0x80
[  152.179142][ T9461]  x64_sys_call+0x2c55/0x2ff0
[  152.179164][ T9461]  do_syscall_64+0xd2/0x200
[  152.179189][ T9461]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  152.179239][ T9461]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  152.179271][ T9461]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.179325][ T9461] RIP: 0033:0x7fcc817aebe9
[  152.179342][ T9461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.179360][ T9461] RSP: 002b:00007fcc8020f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  152.179382][ T9461] RAX: ffffffffffffffda RBX: 00007fcc819d5fa0 RCX: 00007fcc817aebe9
[  152.179395][ T9461] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000006
[  152.179461][ T9461] RBP: 00007fcc8020f090 R08: 0000000000000000 R09: 0000000000000003
[  152.179474][ T9461] R10: 0000000000007c00 R11: 0000000000000246 R12: 0000000000000001
[  152.179487][ T9461] R13: 00007fcc819d6038 R14: 00007fcc819d5fa0 R15: 00007ffe6ed546a8
[  152.179505][ T9461]  </TASK>
[  152.182453][ T9461] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.1563: Allocating blocks 497-513 which overlap fs metadata
[  152.275271][ T9474] loop2: detected capacity change from 0 to 512
[  152.277484][ T9474] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117
[  152.282272][ T9461] EXT4-fs (loop1): pa ffff888107169d20: logic 256, phys. 369, len 9
[  152.287034][ T9474] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.1569: invalid indirect mapped block 256 (level 1)
[  152.291675][ T9461] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, 
[  152.298581][ T9474] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.1569: invalid indirect mapped block 2683928664 (level 1)
[  152.302573][ T9461] free 0, pa_free 1
[  152.308144][ T9474] EXT4-fs (loop2): 1 truncate cleaned up
[  152.314406][ T9461] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, 
[  152.318729][ T9474] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  152.324038][ T9461] inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  152.603886][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.620205][ T9478] random: crng reseeded on system resumption
[  152.636506][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.667967][ T9484] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1574'.
[  152.677051][ T9484] batman_adv: batadv0: Removing interface: batadv_slave_0
[  152.685911][ T9484] batman_adv: batadv0: Removing interface: batadv_slave_1
[  152.691303][ T9486] loop1: detected capacity change from 0 to 1024
[  152.696504][ T9488] FAULT_INJECTION: forcing a failure.
[  152.696504][ T9488] name failslab, interval 1, probability 0, space 0, times 0
[  152.712436][ T9488] CPU: 1 UID: 0 PID: 9488 Comm: syz.3.1575 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  152.712472][ T9488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  152.712513][ T9488] Call Trace:
[  152.712521][ T9488]  <TASK>
[  152.712531][ T9488]  __dump_stack+0x1d/0x30
[  152.712604][ T9488]  dump_stack_lvl+0xe8/0x140
[  152.712623][ T9488]  dump_stack+0x15/0x1b
[  152.712642][ T9488]  should_fail_ex+0x265/0x280
[  152.712666][ T9488]  should_failslab+0x8c/0xb0
[  152.712694][ T9488]  kmem_cache_alloc_noprof+0x50/0x310
[  152.712841][ T9488]  ? audit_log_start+0x365/0x6c0
[  152.712873][ T9488]  audit_log_start+0x365/0x6c0
[  152.712909][ T9488]  audit_seccomp+0x48/0x100
[  152.712941][ T9488]  ? __seccomp_filter+0x68c/0x10d0
[  152.712963][ T9488]  __seccomp_filter+0x69d/0x10d0
[  152.713011][ T9488]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  152.713035][ T9488]  ? vfs_write+0x7e8/0x960
[  152.713061][ T9488]  __secure_computing+0x82/0x150
[  152.713085][ T9488]  syscall_trace_enter+0xcf/0x1e0
[  152.713122][ T9488]  do_syscall_64+0xac/0x200
[  152.713145][ T9488]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  152.713160][ T9488]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  152.713176][ T9488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.713190][ T9488] RIP: 0033:0x7f953325ebe9
[  152.713202][ T9488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.713266][ T9488] RSP: 002b:00007f9531cc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000009e
[  152.713282][ T9488] RAX: ffffffffffffffda RBX: 00007f9533485fa0 RCX: 00007f953325ebe9
[  152.713290][ T9488] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000005003
[  152.713306][ T9488] RBP: 00007f9531cc7090 R08: 0000000000000000 R09: 0000000000000000
[  152.713314][ T9488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  152.713322][ T9488] R13: 00007f9533486038 R14: 00007f9533485fa0 R15: 00007ffd6f966218
[  152.713335][ T9488]  </TASK>
[  152.723784][ T9486] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  152.942933][ T9486] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.1571: Allocating blocks 497-513 which overlap fs metadata
[  152.958239][ T9486] EXT4-fs (loop1): pa ffff888107169d20: logic 256, phys. 369, len 9
[  152.966494][ T9486] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  152.977641][ T9486] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  152.996531][ T9503] loop3: detected capacity change from 0 to 512
[  153.003896][ T9503] EXT4-fs: Ignoring removed mblk_io_submit option
[  153.023547][ T9503] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  153.034956][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.051964][ T9503] EXT4-fs (loop3): 1 truncate cleaned up
[  153.061714][ T9503] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  153.087436][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.300132][ T9523] loop5: detected capacity change from 0 to 1764
[  153.479591][ T9532] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  153.511857][ T9532] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  153.925059][ T9545] loop5: detected capacity change from 0 to 512
[  153.931785][ T9545] EXT4-fs: Ignoring removed mblk_io_submit option
[  153.959557][ T9545] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  153.983763][ T9545] EXT4-fs (loop5): 1 truncate cleaned up
[  153.989883][ T9545] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  154.004821][ T9551] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(13)
[  154.011552][ T9551] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  154.019248][ T9551] vhci_hcd vhci_hcd.0: Device attached
[  154.028140][ T9551] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(15)
[  154.034916][ T9551] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  154.042804][ T9551] vhci_hcd vhci_hcd.0: Device attached
[  154.050795][ T9551] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(17)
[  154.057507][ T9551] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  154.065152][ T9551] vhci_hcd vhci_hcd.0: Device attached
[  154.071126][ T9551] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  154.081437][ T9551] vhci_hcd vhci_hcd.0: pdev(1) rhport(4) sockfd(21)
[  154.085545][ T9563] loop3: detected capacity change from 0 to 512
[  154.088094][ T9551] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  154.102189][ T9551] vhci_hcd vhci_hcd.0: Device attached
[  154.103530][ T6698] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.127709][ T9551] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(23)
[  154.130619][ T9563] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117
[  154.134479][ T9551] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  154.134614][ T9551] vhci_hcd vhci_hcd.0: Device attached
[  154.145828][ T9563] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1594: invalid indirect mapped block 256 (level 1)
[  154.171822][ T9563] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1594: invalid indirect mapped block 2683928664 (level 1)
[  154.195087][ T9573] FAULT_INJECTION: forcing a failure.
[  154.195087][ T9573] name failslab, interval 1, probability 0, space 0, times 0
[  154.196480][ T9551] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  154.208783][ T9573] CPU: 1 UID: 0 PID: 9573 Comm: syz.5.1597 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  154.208814][ T9573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  154.208877][ T9573] Call Trace:
[  154.208885][ T9573]  <TASK>
[  154.208894][ T9573]  __dump_stack+0x1d/0x30
[  154.208973][ T9573]  dump_stack_lvl+0xe8/0x140
[  154.208993][ T9573]  dump_stack+0x15/0x1b
[  154.209039][ T9573]  should_fail_ex+0x265/0x280
[  154.209061][ T9573]  should_failslab+0x8c/0xb0
[  154.209086][ T9573]  kmem_cache_alloc_noprof+0x50/0x310
[  154.209113][ T9573]  ? audit_log_start+0x365/0x6c0
[  154.209195][ T9573]  audit_log_start+0x365/0x6c0
[  154.209282][ T9573]  audit_seccomp+0x48/0x100
[  154.209307][ T9573]  ? __seccomp_filter+0x68c/0x10d0
[  154.209329][ T9573]  __seccomp_filter+0x69d/0x10d0
[  154.209352][ T9573]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  154.209451][ T9573]  ? vfs_write+0x7e8/0x960
[  154.209473][ T9573]  ? __rcu_read_unlock+0x4f/0x70
[  154.209495][ T9573]  ? __fget_files+0x184/0x1c0
[  154.209522][ T9573]  __secure_computing+0x82/0x150
[  154.209543][ T9573]  syscall_trace_enter+0xcf/0x1e0
[  154.209637][ T9573]  do_syscall_64+0xac/0x200
[  154.209663][ T9573]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  154.209714][ T9573]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  154.209756][ T9573]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.209849][ T9573] RIP: 0033:0x7f708827ebe9
[  154.209866][ T9573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.209884][ T9573] RSP: 002b:00007f7086ce7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b7
[  154.209906][ T9573] RAX: ffffffffffffffda RBX: 00007f70884a5fa0 RCX: 00007f708827ebe9
[  154.209932][ T9573] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffffffffffff9c
[  154.209945][ T9573] RBP: 00007f7086ce7090 R08: 0000000000000000 R09: 0000000000000000
[  154.209992][ T9573] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001
[  154.210005][ T9573] R13: 00007f70884a6038 R14: 00007f70884a5fa0 R15: 00007ffdadd87938
[  154.210048][ T9573]  </TASK>
[  154.238856][ T9563] EXT4-fs (loop3): 1 truncate cleaned up
[  154.272328][ T9551] vhci_hcd vhci_hcd.0: pdev(1) rhport(6) sockfd(27)
[  154.273652][   T36] usb 3-1: new low-speed USB device number 6 using vhci_hcd
[  154.277773][ T9551] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  154.454296][ T9551] vhci_hcd vhci_hcd.0: Device attached
[  154.454837][ T9563] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.461869][ T9579] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  154.503884][ T9574] vhci_hcd: connection closed
[  154.504096][ T9565] vhci_hcd: connection closed
[  154.504330][   T31] vhci_hcd: stop threads
[  154.518371][   T31] vhci_hcd: release socket
[  154.519569][ T9561] vhci_hcd: connection closed
[  154.523000][   T31] vhci_hcd: disconnect device
[  154.536209][ T9552] vhci_hcd: connection reset by peer
[  154.541839][ T9555] vhci_hcd: connection closed
[  154.542294][   T31] vhci_hcd: stop threads
[  154.547308][ T9557] vhci_hcd: connection closed
[  154.551488][   T31] vhci_hcd: release socket
[  154.551520][   T31] vhci_hcd: disconnect device
[  154.567435][   T31] vhci_hcd: stop threads
[  154.571831][   T31] vhci_hcd: release socket
[  154.576569][   T31] vhci_hcd: disconnect device
[  154.582127][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.595893][ T9587] netlink: 'syz.0.1605': attribute type 5 has an invalid length.
[  154.603903][   T31] vhci_hcd: stop threads
[  154.603917][   T31] vhci_hcd: release socket
[  154.603933][   T31] vhci_hcd: disconnect device
[  154.604275][   T31] vhci_hcd: stop threads
[  154.621934][   T31] vhci_hcd: release socket
[  154.626445][   T31] vhci_hcd: disconnect device
[  154.646420][   T31] vhci_hcd: stop threads
[  154.650909][   T31] vhci_hcd: release socket
[  154.655423][   T31] vhci_hcd: disconnect device
[  154.681237][ T9596] loop5: detected capacity change from 0 to 1764
[  155.394085][ T9646] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(13)
[  155.400918][ T9646] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  155.408589][ T9646] vhci_hcd vhci_hcd.0: Device attached
[  155.417283][ T9651] FAULT_INJECTION: forcing a failure.
[  155.417283][ T9651] name failslab, interval 1, probability 0, space 0, times 0
[  155.430420][ T9651] CPU: 0 UID: 0 PID: 9651 Comm: syz.0.1624 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  155.430519][ T9651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  155.430534][ T9651] Call Trace:
[  155.430540][ T9651]  <TASK>
[  155.430547][ T9651]  __dump_stack+0x1d/0x30
[  155.430569][ T9651]  dump_stack_lvl+0xe8/0x140
[  155.430647][ T9651]  dump_stack+0x15/0x1b
[  155.430698][ T9651]  should_fail_ex+0x265/0x280
[  155.430721][ T9651]  ? do_mq_timedreceive+0x23c/0x6d0
[  155.430782][ T9651]  should_failslab+0x8c/0xb0
[  155.430823][ T9651]  __kmalloc_cache_noprof+0x4c/0x320
[  155.430853][ T9651]  do_mq_timedreceive+0x23c/0x6d0
[  155.430879][ T9651]  __x64_sys_mq_timedreceive+0xc6/0x160
[  155.430902][ T9651]  x64_sys_call+0x2906/0x2ff0
[  155.430955][ T9651]  do_syscall_64+0xd2/0x200
[  155.430991][ T9651]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  155.431020][ T9651]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  155.431078][ T9651]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.431098][ T9651] RIP: 0033:0x7fb67412ebe9
[  155.431114][ T9651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.431133][ T9651] RSP: 002b:00007fb672b8f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f3
[  155.431210][ T9651] RAX: ffffffffffffffda RBX: 00007fb674355fa0 RCX: 00007fb67412ebe9
[  155.431222][ T9651] RDX: ffffffffffffff32 RSI: 000020000001a3c0 RDI: 0000000000000006
[  155.431234][ T9651] RBP: 00007fb672b8f090 R08: 0000000000000000 R09: 0000000000000000
[  155.431259][ T9651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  155.431273][ T9651] R13: 00007fb674356038 R14: 00007fb674355fa0 R15: 00007ffee34ba338
[  155.431295][ T9651]  </TASK>
[  155.431535][ T9646] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(15)
[  155.613179][ T9646] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  155.620915][ T9646] vhci_hcd vhci_hcd.0: Device attached
[  155.621115][ T9650] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  155.668763][ T9654] vhci_hcd vhci_hcd.0: pdev(5) rhport(2) sockfd(18)
[  155.675515][ T9654] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  155.683775][ T9654] vhci_hcd vhci_hcd.0: Device attached
[  155.750966][ T9646] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  155.759895][   T23] usb 11-1: new low-speed USB device number 3 using vhci_hcd
[  155.784310][ T9646] vhci_hcd vhci_hcd.0: pdev(5) rhport(4) sockfd(21)
[  155.791166][ T9646] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  155.798973][ T9646] vhci_hcd vhci_hcd.0: Device attached
[  155.814668][ T9646] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(23)
[  155.821540][ T9646] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  155.829302][ T9646] vhci_hcd vhci_hcd.0: Device attached
[  155.885779][ T9646] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  155.896241][ T9646] vhci_hcd vhci_hcd.0: pdev(5) rhport(6) sockfd(27)
[  155.903097][ T9646] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  155.910911][ T9646] vhci_hcd vhci_hcd.0: Device attached
[  155.922784][ T9646] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  155.935464][ T9671] vhci_hcd: connection closed
[  155.935828][   T31] vhci_hcd: stop threads
[  155.944960][   T31] vhci_hcd: release socket
[  155.949590][   T31] vhci_hcd: disconnect device
[  156.023658][ T9658] vhci_hcd: connection closed
[  156.038946][ T9647] vhci_hcd: connection reset by peer
[  156.049621][ T9666] vhci_hcd: connection closed
[  156.049891][ T9668] vhci_hcd: connection closed
[  156.062170][ T9652] vhci_hcd: connection closed
[  156.068454][   T31] vhci_hcd: stop threads
[  156.078045][   T31] vhci_hcd: release socket
[  156.082743][   T31] vhci_hcd: disconnect device
[  156.108764][ T9675] lo speed is unknown, defaulting to 1000
[  156.162025][   T31] vhci_hcd: stop threads
[  156.166346][   T31] vhci_hcd: release socket
[  156.171269][   T31] vhci_hcd: disconnect device
[  156.191423][   T31] vhci_hcd: stop threads
[  156.195942][   T31] vhci_hcd: release socket
[  156.200663][   T31] vhci_hcd: disconnect device
[  156.230897][   T31] vhci_hcd: stop threads
[  156.235312][   T31] vhci_hcd: release socket
[  156.239992][   T31] vhci_hcd: disconnect device
[  156.261218][   T31] vhci_hcd: stop threads
[  156.265757][   T31] vhci_hcd: release socket
[  156.270214][   T31] vhci_hcd: disconnect device
[  156.575638][ T9692] loop1: detected capacity change from 0 to 1764
[  156.609809][ T9692] __nla_validate_parse: 18 callbacks suppressed
[  156.609835][ T9692] netlink: 14593 bytes leftover after parsing attributes in process `syz.1.1633'.
[  156.634088][ T9695] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1635'.
[  156.643521][ T9695] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1635'.
[  156.749351][ T9702] netlink: 'syz.2.1638': attribute type 5 has an invalid length.
[  156.888172][ T9707] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1637'.
[  156.897297][ T9707] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1637'.
[  157.061350][ T9717] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1642'.
[  157.192236][   T29] kauditd_printk_skb: 128 callbacks suppressed
[  157.192258][   T29] audit: type=1326 audit(1754954414.408:5004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9716 comm="syz.3.1642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  157.222874][   T29] audit: type=1326 audit(1754954414.408:5005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9716 comm="syz.3.1642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=461 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  157.246594][   T29] audit: type=1326 audit(1754954414.408:5006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9716 comm="syz.3.1642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  157.270547][   T29] audit: type=1326 audit(1754954414.408:5007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9716 comm="syz.3.1642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  157.294422][   T29] audit: type=1326 audit(1754954414.408:5008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9716 comm="syz.3.1642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  157.318134][   T29] audit: type=1326 audit(1754954414.408:5009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9716 comm="syz.3.1642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f953325d550 code=0x7ffc0000
[  157.341986][   T29] audit: type=1326 audit(1754954414.408:5010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9716 comm="syz.3.1642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  157.365954][   T29] audit: type=1326 audit(1754954414.408:5011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9716 comm="syz.3.1642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  157.390123][   T29] audit: type=1326 audit(1754954414.408:5012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9716 comm="syz.3.1642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  157.414068][   T29] audit: type=1326 audit(1754954414.408:5013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9716 comm="syz.3.1642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  157.423539][ T9719] lo speed is unknown, defaulting to 1000
[  157.488065][ T9722] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1643'.
[  157.588290][ T9724] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13)
[  157.595117][ T9724] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  157.602908][ T9724] vhci_hcd vhci_hcd.0: Device attached
[  157.618917][ T9731] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(16)
[  157.625626][ T9731] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  157.633309][ T9731] vhci_hcd vhci_hcd.0: Device attached
[  157.647887][ T9737] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1647'.
[  157.741953][ T9739] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(15)
[  157.748669][ T9739] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  157.756364][ T9739] vhci_hcd vhci_hcd.0: Device attached
[  157.774126][ T9724] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  157.784254][ T9734] infiniband syz!: set active
[  157.789028][ T9734] infiniband syz!: added team_slave_0
[  157.802716][ T9724] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(19)
[  157.809386][ T9724] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  157.817047][ T9724] vhci_hcd vhci_hcd.0: Device attached
[  157.838687][ T9734] RDS/IB: syz!: added
[  157.843005][ T3358] usb 7-1: new low-speed USB device number 7 using vhci_hcd
[  157.871471][ T9734] smc: adding ib device syz! with port count 1
[  157.880835][ T9724] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(23)
[  157.887486][ T9724] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  157.895476][ T9724] vhci_hcd vhci_hcd.0: Device attached
[  157.903476][ T9734] smc:    ib device syz! port 1 has pnetid 
[  157.940019][ T9731] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  157.955923][ T9755] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  157.977946][ T9724] vhci_hcd vhci_hcd.0: pdev(3) rhport(6) sockfd(27)
[  157.984693][ T9724] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  157.992606][ T9724] vhci_hcd vhci_hcd.0: Device attached
[  158.006175][ T9757] loop5: detected capacity change from 0 to 512
[  158.020745][ T9755] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  158.036204][ T9731] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  158.046365][ T9757] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  158.064305][ T9732] vhci_hcd: connection closed
[  158.064480][ T9726] vhci_hcd: connection reset by peer
[  158.064507][ T9758] vhci_hcd: connection closed
[  158.076851][ T9740] vhci_hcd: connection closed
[  158.081657][ T9746] vhci_hcd: connection closed
[  158.086591][ T9752] vhci_hcd: connection closed
[  158.093223][ T5305] vhci_hcd: stop threads
[  158.102496][ T5305] vhci_hcd: release socket
[  158.107346][ T5305] vhci_hcd: disconnect device
[  158.113322][ T9757] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  158.121935][ T9757] EXT4-fs (loop5): failed to initialize system zone (-117)
[  158.129385][ T9757] EXT4-fs (loop5): mount failed
[  158.137479][ T5305] vhci_hcd: stop threads
[  158.141977][ T5305] vhci_hcd: release socket
[  158.146753][ T5305] vhci_hcd: disconnect device
[  158.155159][ T5305] vhci_hcd: stop threads
[  158.159457][ T5305] vhci_hcd: release socket
[  158.163988][ T5305] vhci_hcd: disconnect device
[  158.169984][ T9757] loop5: detected capacity change from 0 to 512
[  158.177420][ T5305] vhci_hcd: stop threads
[  158.181699][ T5305] vhci_hcd: release socket
[  158.186166][ T5305] vhci_hcd: disconnect device
[  158.193341][ T5305] vhci_hcd: stop threads
[  158.197636][ T5305] vhci_hcd: release socket
[  158.202144][ T5305] vhci_hcd: disconnect device
[  158.207537][ T5305] vhci_hcd: stop threads
[  158.211834][ T5305] vhci_hcd: release socket
[  158.216427][ T5305] vhci_hcd: disconnect device
[  158.223186][ T9757] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.236608][ T9757] ext4 filesystem being mounted at /121/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  158.266444][ T9770] loop2: detected capacity change from 0 to 1764
[  158.282620][ T9770] netlink: 14593 bytes leftover after parsing attributes in process `syz.2.1654'.
[  158.287870][ T9773] random: crng reseeded on system resumption
[  158.299417][ T6698] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.463379][ T9781] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1655'.
[  158.795221][ T9794] lo speed is unknown, defaulting to 1000
[  159.238239][ T9818] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(13)
[  159.244953][ T9818] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  159.252560][ T9818] vhci_hcd vhci_hcd.0: Device attached
[  159.304728][ T9827] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(16)
[  159.311468][ T9827] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  159.319210][ T9827] vhci_hcd vhci_hcd.0: Device attached
[  159.360928][ T9818] vhci_hcd vhci_hcd.0: pdev(5) rhport(2) sockfd(15)
[  159.367684][ T9818] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  159.375336][ T9818] vhci_hcd vhci_hcd.0: Device attached
[  159.402498][ T9827] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  159.429086][ T9818] vhci_hcd vhci_hcd.0: pdev(5) rhport(4) sockfd(19)
[  159.435949][ T9818] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  159.443628][ T9818] vhci_hcd vhci_hcd.0: Device attached
[  159.480717][ T9827] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(24)
[  159.487446][ T9827] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  159.495220][ T9827] vhci_hcd vhci_hcd.0: Device attached
[  159.519735][ T9818] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  159.544566][   T36] usb 3-1: enqueue for inactive port 0
[  159.550266][   T36] usb 3-1: enqueue for inactive port 0
[  159.581378][ T9827] vhci_hcd vhci_hcd.0: pdev(5) rhport(6) sockfd(28)
[  159.588109][ T9827] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  159.595846][ T9827] vhci_hcd vhci_hcd.0: Device attached
[  159.619369][ T9818] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  159.631124][ T9851] vhci_hcd: connection closed
[  159.631350][   T31] vhci_hcd: stop threads
[  159.640577][   T31] vhci_hcd: release socket
[  159.645079][   T31] vhci_hcd: disconnect device
[  159.655928][   T36] vhci_hcd: vhci_device speed not set
[  159.663302][ T9838] vhci_hcd: connection closed
[  159.663527][ T9843] vhci_hcd: connection closed
[  159.664476][   T31] vhci_hcd: stop threads
[  159.668791][ T9829] vhci_hcd: connection closed
[  159.673235][   T31] vhci_hcd: release socket
[  159.678775][ T9820] vhci_hcd: connection closed
[  159.682475][   T31] vhci_hcd: disconnect device
[  159.698138][ T9832] vhci_hcd: connection closed
[  159.703012][   T31] vhci_hcd: stop threads
[  159.712141][   T31] vhci_hcd: release socket
[  159.716649][   T31] vhci_hcd: disconnect device
[  159.722691][   T31] vhci_hcd: stop threads
[  159.727092][   T31] vhci_hcd: release socket
[  159.731725][   T31] vhci_hcd: disconnect device
[  159.747648][   T31] vhci_hcd: stop threads
[  159.752076][   T31] vhci_hcd: release socket
[  159.756526][   T31] vhci_hcd: disconnect device
[  159.763829][   T31] vhci_hcd: stop threads
[  159.768200][   T31] vhci_hcd: release socket
[  159.772841][   T31] vhci_hcd: disconnect device
[  160.147675][ T9907] hub 6-0:1.0: USB hub found
[  160.180285][ T9907] hub 6-0:1.0: 8 ports detected
[  160.271735][ T9958] loop5: detected capacity change from 0 to 512
[  160.303292][ T9958] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -117
[  160.329719][ T9958] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.1680: invalid indirect mapped block 256 (level 1)
[  160.344068][ T9958] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.1680: invalid indirect mapped block 2683928664 (level 1)
[  160.359074][ T9958] EXT4-fs (loop5): 1 truncate cleaned up
[  160.382825][ T9958] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.482226][ T6698] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.750214][T10033] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13)
[  160.757154][T10033] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  160.764937][T10033] vhci_hcd vhci_hcd.0: Device attached
[  160.773307][T10033] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(15)
[  160.779982][T10033] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  160.787955][T10033] vhci_hcd vhci_hcd.0: Device attached
[  160.809695][T10033] vhci_hcd vhci_hcd.0: pdev(0) rhport(2) sockfd(17)
[  160.816478][T10033] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  160.824638][T10033] vhci_hcd vhci_hcd.0: Device attached
[  160.830351][   T23] usb 11-1: enqueue for inactive port 0
[  160.836333][   T23] usb 11-1: enqueue for inactive port 0
[  160.850581][T10033] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  160.859793][T10033] vhci_hcd vhci_hcd.0: pdev(0) rhport(4) sockfd(21)
[  160.866438][T10033] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  160.874439][T10033] vhci_hcd vhci_hcd.0: Device attached
[  160.882316][T10033] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(23)
[  160.889064][T10033] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  160.896930][T10033] vhci_hcd vhci_hcd.0: Device attached
[  160.903820][T10033] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  160.911972][   T23] vhci_hcd: vhci_device speed not set
[  160.917968][T10033] vhci_hcd vhci_hcd.0: pdev(0) rhport(6) sockfd(27)
[  160.925669][T10033] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  160.933560][T10033] vhci_hcd vhci_hcd.0: Device attached
[  160.940076][T10033] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  160.950506][T10064] vhci_hcd: connection closed
[  160.950560][T10058] vhci_hcd: connection closed
[  160.950788][   T37] vhci_hcd: stop threads
[  160.955996][T10052] vhci_hcd: connection closed
[  160.960111][   T37] vhci_hcd: release socket
[  160.973985][   T37] vhci_hcd: disconnect device
[  160.979637][T10045] vhci_hcd: connection closed
[  160.979745][T10034] vhci_hcd: connection closed
[  160.984674][T10039] vhci_hcd: connection closed
[  160.992425][   T37] vhci_hcd: stop threads
[  161.001630][   T37] vhci_hcd: release socket
[  161.006199][   T37] vhci_hcd: disconnect device
[  161.011047][ T4591] usb 1-1: new low-speed USB device number 6 using vhci_hcd
[  161.019983][T10036] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  161.026512][   T37] vhci_hcd: stop threads
[  161.030855][   T37] vhci_hcd: release socket
[  161.035534][   T37] vhci_hcd: disconnect device
[  161.040783][   T37] vhci_hcd: stop threads
[  161.045133][   T37] vhci_hcd: release socket
[  161.049633][   T37] vhci_hcd: disconnect device
[  161.055259][   T37] vhci_hcd: stop threads
[  161.059529][   T37] vhci_hcd: release socket
[  161.064073][   T37] vhci_hcd: disconnect device
[  161.069562][   T37] vhci_hcd: stop threads
[  161.073930][   T37] vhci_hcd: release socket
[  161.078498][   T37] vhci_hcd: disconnect device
[  161.136563][T10095] random: crng reseeded on system resumption
[  161.333022][T10136] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  161.341622][T10136] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  161.895421][T10154] __nla_validate_parse: 11 callbacks suppressed
[  161.895489][T10154] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1704'.
[  161.988886][T10160] lo speed is unknown, defaulting to 1000
[  162.258963][T10166] FAULT_INJECTION: forcing a failure.
[  162.258963][T10166] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  162.272486][T10166] CPU: 1 UID: 0 PID: 10166 Comm: syz.0.1707 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  162.272520][T10166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  162.272593][T10166] Call Trace:
[  162.272601][T10166]  <TASK>
[  162.272609][T10166]  __dump_stack+0x1d/0x30
[  162.272631][T10166]  dump_stack_lvl+0xe8/0x140
[  162.272653][T10166]  dump_stack+0x15/0x1b
[  162.272673][T10166]  should_fail_ex+0x265/0x280
[  162.272699][T10166]  should_fail+0xb/0x20
[  162.272720][T10166]  should_fail_usercopy+0x1a/0x20
[  162.272790][T10166]  _copy_from_iter+0xcf/0xe40
[  162.272814][T10166]  ? alloc_pages_mpol+0x201/0x250
[  162.272849][T10166]  ip_generic_getfrag+0x90/0x1b0
[  162.272884][T10166]  __ip_append_data+0x1351/0x2440
[  162.272970][T10166]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  162.273050][T10166]  ip_append_data+0xd6/0x130
[  162.273073][T10166]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  162.273160][T10166]  udp_sendmsg+0x36e/0x13c0
[  162.273186][T10166]  ? mntput+0x4b/0x80
[  162.273218][T10166]  ? __rcu_read_unlock+0x4f/0x70
[  162.273241][T10166]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  162.273368][T10166]  ? avc_has_perm+0xf7/0x180
[  162.273394][T10166]  ? __pfx_udp_sendmsg+0x10/0x10
[  162.273482][T10166]  inet_sendmsg+0xac/0xd0
[  162.273550][T10166]  __sock_sendmsg+0x102/0x180
[  162.273580][T10166]  __sys_sendto+0x268/0x330
[  162.273641][T10166]  __x64_sys_sendto+0x76/0x90
[  162.273680][T10166]  x64_sys_call+0x2d05/0x2ff0
[  162.273700][T10166]  do_syscall_64+0xd2/0x200
[  162.273771][T10166]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  162.273799][T10166]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  162.273828][T10166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.273903][T10166] RIP: 0033:0x7fb67412ebe9
[  162.273928][T10166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.273961][T10166] RSP: 002b:00007fb672b8f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  162.273986][T10166] RAX: ffffffffffffffda RBX: 00007fb674355fa0 RCX: 00007fb67412ebe9
[  162.273999][T10166] RDX: 000000000000ffe3 RSI: 00002000000000c0 RDI: 0000000000000003
[  162.274012][T10166] RBP: 00007fb672b8f090 R08: 0000000000000000 R09: 0000000000000000
[  162.274023][T10166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  162.274036][T10166] R13: 00007fb674356038 R14: 00007fb674355fa0 R15: 00007ffee34ba338
[  162.274092][T10166]  </TASK>
[  162.533667][ T3409] usb usb4-port1: attempt power cycle
[  162.575924][   T29] kauditd_printk_skb: 155 callbacks suppressed
[  162.575941][   T29] audit: type=1326 audit(1754954419.858:5169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10167 comm="syz.5.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f708827ebe9 code=0x7ffc0000
[  162.608679][   T29] audit: type=1326 audit(1754954419.858:5170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10167 comm="syz.5.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7f708827ebe9 code=0x7ffc0000
[  162.632292][   T29] audit: type=1326 audit(1754954419.858:5171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10167 comm="syz.5.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f708827ebe9 code=0x7ffc0000
[  162.637738][T10172] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1710'.
[  162.655993][   T29] audit: type=1326 audit(1754954419.858:5172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10167 comm="syz.5.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f708827ebe9 code=0x7ffc0000
[  162.656102][   T29] audit: type=1326 audit(1754954419.858:5173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10167 comm="syz.5.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f708827ebe9 code=0x7ffc0000
[  162.712455][   T29] audit: type=1326 audit(1754954419.858:5174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10167 comm="syz.5.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f708827ebe9 code=0x7ffc0000
[  162.735901][   T29] audit: type=1326 audit(1754954419.858:5175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10167 comm="syz.5.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f708827ebe9 code=0x7ffc0000
[  162.759507][   T29] audit: type=1326 audit(1754954419.858:5176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10167 comm="syz.5.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7f708827ebe9 code=0x7ffc0000
[  162.783295][   T29] audit: type=1326 audit(1754954419.858:5177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10167 comm="syz.5.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f708827ebe9 code=0x7ffc0000
[  162.806843][   T29] audit: type=1326 audit(1754954419.858:5178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10167 comm="syz.5.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f708827ebe9 code=0x7ffc0000
[  162.860051][T10190] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  162.870563][T10190] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  162.902173][ T3358] usb 7-1: enqueue for inactive port 0
[  162.926643][ T3358] usb 7-1: enqueue for inactive port 0
[  162.946190][T10201] loop5: detected capacity change from 0 to 1764
[  162.960179][T10201] netlink: 14593 bytes leftover after parsing attributes in process `syz.5.1714'.
[  163.001957][ T3358] vhci_hcd: vhci_device speed not set
[  163.443691][T10285] netlink: 'syz.2.1716': attribute type 6 has an invalid length.
[  163.499801][T10297] loop2: detected capacity change from 0 to 512
[  163.508307][T10297] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117
[  163.517844][T10297] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.1718: invalid indirect mapped block 256 (level 1)
[  163.532754][T10297] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.1718: invalid indirect mapped block 2683928664 (level 1)
[  163.547580][T10297] EXT4-fs (loop2): 1 truncate cleaned up
[  163.554385][T10297] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.583308][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.673300][T10327] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1723'.
[  163.706842][T10331] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1725'.
[  163.742400][ T3389] usb usb12-port1: attempt power cycle
[  163.763228][T10338] netlink: 'syz.2.1728': attribute type 6 has an invalid length.
[  163.857675][T10352] FAULT_INJECTION: forcing a failure.
[  163.857675][T10352] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.871064][T10352] CPU: 0 UID: 0 PID: 10352 Comm: syz.5.1732 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  163.871093][T10352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  163.871101][T10352] Call Trace:
[  163.871106][T10352]  <TASK>
[  163.871114][T10352]  __dump_stack+0x1d/0x30
[  163.871131][T10352]  dump_stack_lvl+0xe8/0x140
[  163.871161][T10352]  dump_stack+0x15/0x1b
[  163.871172][T10352]  should_fail_ex+0x265/0x280
[  163.871186][T10352]  should_fail+0xb/0x20
[  163.871201][T10352]  should_fail_usercopy+0x1a/0x20
[  163.871224][T10352]  strncpy_from_user+0x25/0x230
[  163.871294][T10352]  ? __fget_files+0x184/0x1c0
[  163.871317][T10352]  __se_sys_request_key+0x57/0x290
[  163.871344][T10352]  ? fput+0x8f/0xc0
[  163.871364][T10352]  __x64_sys_request_key+0x55/0x70
[  163.871378][T10352]  x64_sys_call+0x1d98/0x2ff0
[  163.871392][T10352]  do_syscall_64+0xd2/0x200
[  163.871483][T10352]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  163.871499][T10352]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  163.871547][T10352]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.871564][T10352] RIP: 0033:0x7f708827ebe9
[  163.871576][T10352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.871588][T10352] RSP: 002b:00007f7086ce7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[  163.871603][T10352] RAX: ffffffffffffffda RBX: 00007f70884a5fa0 RCX: 00007f708827ebe9
[  163.871683][T10352] RDX: 0000200000000140 RSI: 0000200000000080 RDI: 0000200000000040
[  163.871691][T10352] RBP: 00007f7086ce7090 R08: 0000000000000000 R09: 0000000000000000
[  163.871699][T10352] R10: fffffffffffffffe R11: 0000000000000246 R12: 0000000000000001
[  163.871707][T10352] R13: 00007f70884a6038 R14: 00007f70884a5fa0 R15: 00007ffdadd87938
[  163.871720][T10352]  </TASK>
[  164.062814][T10354] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1733'.
[  164.087377][T10358] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1735'.
[  164.120751][T10362] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1737'.
[  164.130587][T10362] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1737'.
[  164.140183][T10362] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1737'.
[  164.261643][T10375] loop5: detected capacity change from 0 to 1024
[  164.271020][T10377] netlink: 'syz.2.1743': attribute type 6 has an invalid length.
[  164.280439][T10375] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.310049][T10375] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.1742: Allocating blocks 449-513 which overlap fs metadata
[  164.316305][T10383] FAULT_INJECTION: forcing a failure.
[  164.316305][T10383] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.326682][T10374] EXT4-fs (loop5): pa ffff888107244700: logic 48, phys. 177, len 21
[  164.337380][T10383] CPU: 0 UID: 0 PID: 10383 Comm: syz.2.1745 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  164.337470][T10383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  164.337490][T10383] Call Trace:
[  164.337499][T10383]  <TASK>
[  164.337507][T10383]  __dump_stack+0x1d/0x30
[  164.337532][T10383]  dump_stack_lvl+0xe8/0x140
[  164.337595][T10383]  dump_stack+0x15/0x1b
[  164.337612][T10383]  should_fail_ex+0x265/0x280
[  164.337634][T10383]  should_fail+0xb/0x20
[  164.337652][T10383]  should_fail_usercopy+0x1a/0x20
[  164.337698][T10383]  strncpy_from_user+0x25/0x230
[  164.337725][T10383]  ? kmem_cache_alloc_noprof+0x186/0x310
[  164.337753][T10383]  ? getname_flags+0x80/0x3b0
[  164.337782][T10383]  getname_flags+0xae/0x3b0
[  164.337891][T10383]  user_path_at+0x28/0x130
[  164.338003][T10383]  do_utimes+0xd9/0x210
[  164.338028][T10383]  __x64_sys_utime+0xbc/0x140
[  164.338054][T10383]  x64_sys_call+0x2b0b/0x2ff0
[  164.338076][T10383]  do_syscall_64+0xd2/0x200
[  164.338102][T10383]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  164.338189][T10383]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  164.338273][T10383]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.338354][T10383] RIP: 0033:0x7fadcb25ebe9
[  164.338371][T10383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.338389][T10383] RSP: 002b:00007fadc9cbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000084
[  164.338410][T10383] RAX: ffffffffffffffda RBX: 00007fadcb485fa0 RCX: 00007fadcb25ebe9
[  164.338432][T10383] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000200000000000
[  164.338445][T10383] RBP: 00007fadc9cbf090 R08: 0000000000000000 R09: 0000000000000000
[  164.338457][T10383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.338470][T10383] R13: 00007fadcb486038 R14: 00007fadcb485fa0 R15: 00007fff52b6bef8
[  164.338497][T10383]  </TASK>
[  164.538880][T10374] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  164.549115][ T3409] usb usb4-port1: unable to enumerate USB device
[  164.564883][ T6698] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.665344][T10396] FAULT_INJECTION: forcing a failure.
[  164.665344][T10396] name failslab, interval 1, probability 0, space 0, times 0
[  164.678671][T10396] CPU: 1 UID: 0 PID: 10396 Comm: syz.2.1750 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  164.678770][T10396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  164.678784][T10396] Call Trace:
[  164.678794][T10396]  <TASK>
[  164.678804][T10396]  __dump_stack+0x1d/0x30
[  164.678830][T10396]  dump_stack_lvl+0xe8/0x140
[  164.678849][T10396]  dump_stack+0x15/0x1b
[  164.678865][T10396]  should_fail_ex+0x265/0x280
[  164.678894][T10396]  should_failslab+0x8c/0xb0
[  164.678923][T10396]  kmem_cache_alloc_noprof+0x50/0x310
[  164.678972][T10396]  ? ep_insert+0x13c/0xdb0
[  164.679052][T10396]  ep_insert+0x13c/0xdb0
[  164.679078][T10396]  ? proc_fail_nth_write+0x13b/0x160
[  164.679183][T10396]  ? __rcu_read_unlock+0x4f/0x70
[  164.679256][T10396]  do_epoll_ctl+0x686/0x8a0
[  164.679288][T10396]  __x64_sys_epoll_ctl+0xcb/0x100
[  164.679319][T10396]  x64_sys_call+0x706/0x2ff0
[  164.679338][T10396]  do_syscall_64+0xd2/0x200
[  164.679362][T10396]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  164.679465][T10396]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  164.679489][T10396]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.679509][T10396] RIP: 0033:0x7fadcb25ebe9
[  164.679526][T10396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.679568][T10396] RSP: 002b:00007fadc9cbf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  164.679629][T10396] RAX: ffffffffffffffda RBX: 00007fadcb485fa0 RCX: 00007fadcb25ebe9
[  164.679644][T10396] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004
[  164.679725][T10396] RBP: 00007fadc9cbf090 R08: 0000000000000000 R09: 0000000000000000
[  164.679740][T10396] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  164.679789][T10396] R13: 00007fadcb486038 R14: 00007fadcb485fa0 R15: 00007fff52b6bef8
[  164.679809][T10396]  </TASK>
[  165.056562][T10408] FAULT_INJECTION: forcing a failure.
[  165.056562][T10408] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.070412][T10408] CPU: 0 UID: 0 PID: 10408 Comm: syz.5.1754 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  165.070443][T10408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  165.070455][T10408] Call Trace:
[  165.070464][T10408]  <TASK>
[  165.070472][T10408]  __dump_stack+0x1d/0x30
[  165.070496][T10408]  dump_stack_lvl+0xe8/0x140
[  165.070569][T10408]  dump_stack+0x15/0x1b
[  165.070587][T10408]  should_fail_ex+0x265/0x280
[  165.070608][T10408]  should_fail+0xb/0x20
[  165.070624][T10408]  should_fail_usercopy+0x1a/0x20
[  165.070718][T10408]  _copy_to_user+0x20/0xa0
[  165.070744][T10408]  rtc_dev_ioctl+0xb01/0xb60
[  165.070775][T10408]  ? __pfx_rtc_dev_ioctl+0x10/0x10
[  165.070922][T10408]  __se_sys_ioctl+0xcb/0x140
[  165.070960][T10408]  __x64_sys_ioctl+0x43/0x50
[  165.070987][T10408]  x64_sys_call+0x1816/0x2ff0
[  165.071067][T10408]  do_syscall_64+0xd2/0x200
[  165.071094][T10408]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  165.071117][T10408]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  165.071140][T10408]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.071171][T10408] RIP: 0033:0x7f708827ebe9
[  165.071190][T10408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.071209][T10408] RSP: 002b:00007f7086ce7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  165.071287][T10408] RAX: ffffffffffffffda RBX: 00007f70884a5fa0 RCX: 00007f708827ebe9
[  165.071300][T10408] RDX: 0000200000000240 RSI: 0000000040187013 RDI: 0000000000000003
[  165.071312][T10408] RBP: 00007f7086ce7090 R08: 0000000000000000 R09: 0000000000000000
[  165.071324][T10408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.071415][T10408] R13: 00007f70884a6038 R14: 00007f70884a5fa0 R15: 00007ffdadd87938
[  165.071436][T10408]  </TASK>
[  165.333656][T10418] netlink: 'syz.3.1755': attribute type 6 has an invalid length.
[  165.357746][T10423] random: crng reseeded on system resumption
[  165.447826][T10432] loop1: detected capacity change from 0 to 1764
[  165.618235][T10440] lo speed is unknown, defaulting to 1000
[  166.157811][ T4591] usb 1-1: enqueue for inactive port 0
[  166.163716][ T4591] usb 1-1: enqueue for inactive port 0
[  166.232067][ T4591] vhci_hcd: vhci_device speed not set
[  166.263765][T10452] loop2: detected capacity change from 0 to 1024
[  166.328934][T10452] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.344214][T10452] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.362495][ T3389] usb usb12-port1: unable to enumerate USB device
[  166.469580][T10466] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.476966][T10466] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.531598][T10466] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  166.540794][T10466] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  166.589497][T10466] vxlan0: left promiscuous mode
[  166.596106][ T3382] lo speed is unknown, defaulting to 1000
[  166.602053][ T3382] sy: Port: 1 Link DOWN
[  166.629938][T10472] netlink: 'syz.0.1774': attribute type 6 has an invalid length.
[  166.653639][ T3576] netdevsim netdevsim1 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  166.662321][ T3576] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  166.747890][ T3576] netdevsim netdevsim1 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  166.756456][ T3576] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  166.774304][T10478] loop1: detected capacity change from 0 to 2048
[  166.800778][ T3576] netdevsim netdevsim1 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  166.809335][ T3576] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  166.838952][ T3576] netdevsim netdevsim1 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  166.847506][ T3576] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  166.857017][T10478]  loop1: p1 < > p4
[  166.861499][T10478] loop1: p4 size 8388608 extends beyond EOD, truncated
[  166.937266][T10483] random: crng reseeded on system resumption
[  167.112228][T10487] __nla_validate_parse: 12 callbacks suppressed
[  167.112245][T10487] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1778'.
[  167.354269][T10496] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1782'.
[  167.424271][T10499] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1783'.
[  167.433645][T10499] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1783'.
[  167.490854][T10500] lo speed is unknown, defaulting to 1000
[  167.523754][T10505] lo speed is unknown, defaulting to 1000
[  167.657575][   T29] kauditd_printk_skb: 218 callbacks suppressed
[  167.657675][   T29] audit: type=1326 audit(1754954424.868:5397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10509 comm="syz.5.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f708827ebe9 code=0x7ffc0000
[  167.687635][   T29] audit: type=1326 audit(1754954424.868:5398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10509 comm="syz.5.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f708827ebe9 code=0x7ffc0000
[  167.711287][   T29] audit: type=1326 audit(1754954424.868:5399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10509 comm="syz.5.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f708827ebe9 code=0x7ffc0000
[  167.735169][   T29] audit: type=1326 audit(1754954424.868:5400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10509 comm="syz.5.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f708827ebe9 code=0x7ffc0000
[  167.759399][   T29] audit: type=1326 audit(1754954424.868:5401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10509 comm="syz.5.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f708827ebe9 code=0x7ffc0000
[  167.783534][   T29] audit: type=1326 audit(1754954424.868:5402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10509 comm="syz.5.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7f708827ebe9 code=0x7ffc0000
[  167.807243][   T29] audit: type=1326 audit(1754954424.868:5403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10509 comm="syz.5.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f708827ebe9 code=0x7ffc0000
[  167.831127][   T29] audit: type=1326 audit(1754954424.868:5404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10509 comm="syz.5.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f708827ebe9 code=0x7ffc0000
[  167.854895][   T29] audit: type=1326 audit(1754954424.868:5405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10509 comm="syz.5.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f708827ebe9 code=0x7ffc0000
[  167.878536][   T29] audit: type=1326 audit(1754954424.868:5406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10509 comm="syz.5.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f708827ebe9 code=0x7ffc0000
[  168.017779][T10514] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1788'.
[  168.060369][T10521] loop5: detected capacity change from 0 to 2048
[  168.132919][T10521]  loop5: p1 < > p4
[  168.146225][T10521] loop5: p4 size 8388608 extends beyond EOD, truncated
[  168.153524][T10524] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  168.163042][T10524] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  168.503664][T10535] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1794'.
[  168.527293][T10536] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1796'.
[  168.618553][T10538] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1797'.
[  168.653864][T10543] random: crng reseeded on system resumption
[  168.743711][T10547] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1800'.
[  168.840501][T10559] netlink: 76 bytes leftover after parsing attributes in process `syz.5.1798'.
[  169.267118][T10579] FAULT_INJECTION: forcing a failure.
[  169.267118][T10579] name failslab, interval 1, probability 0, space 0, times 0
[  169.280728][T10579] CPU: 0 UID: 0 PID: 10579 Comm: syz.0.1810 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  169.280795][T10579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  169.280811][T10579] Call Trace:
[  169.280818][T10579]  <TASK>
[  169.280827][T10579]  __dump_stack+0x1d/0x30
[  169.280851][T10579]  dump_stack_lvl+0xe8/0x140
[  169.280869][T10579]  dump_stack+0x15/0x1b
[  169.280885][T10579]  should_fail_ex+0x265/0x280
[  169.280964][T10579]  ? tcx_link_attach+0xae/0x5e0
[  169.280992][T10579]  should_failslab+0x8c/0xb0
[  169.281021][T10579]  __kmalloc_cache_noprof+0x4c/0x320
[  169.281137][T10579]  tcx_link_attach+0xae/0x5e0
[  169.281163][T10579]  ? 0xffffffff81000000
[  169.281179][T10579]  ? __rcu_read_unlock+0x4f/0x70
[  169.281206][T10579]  link_create+0x546/0x6e0
[  169.281243][T10579]  __sys_bpf+0x61d/0x7b0
[  169.281281][T10579]  __x64_sys_bpf+0x41/0x50
[  169.281305][T10579]  x64_sys_call+0x2aea/0x2ff0
[  169.281378][T10579]  do_syscall_64+0xd2/0x200
[  169.281405][T10579]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  169.281447][T10579]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  169.281476][T10579]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.281501][T10579] RIP: 0033:0x7fb67412ebe9
[  169.281519][T10579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.281541][T10579] RSP: 002b:00007fb672b8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  169.281644][T10579] RAX: ffffffffffffffda RBX: 00007fb674355fa0 RCX: 00007fb67412ebe9
[  169.281704][T10579] RDX: 0000000000000020 RSI: 0000200000000000 RDI: 000000000000001c
[  169.281716][T10579] RBP: 00007fb672b8f090 R08: 0000000000000000 R09: 0000000000000000
[  169.281728][T10579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.281739][T10579] R13: 00007fb674356038 R14: 00007fb674355fa0 R15: 00007ffee34ba338
[  169.281835][T10579]  </TASK>
[  169.687103][T10598] loop2: detected capacity change from 0 to 2048
[  169.716843][ T5898] netdevsim netdevsim3 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  169.729945][ T5898] netdevsim netdevsim3 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  169.739648][T10598]  loop2: p1 < > p4
[  169.744392][T10598] loop2: p4 size 8388608 extends beyond EOD, truncated
[  169.753866][ T5898] netdevsim netdevsim3 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  169.763916][ T5898] netdevsim netdevsim3 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  169.918266][T10605] FAULT_INJECTION: forcing a failure.
[  169.918266][T10605] name failslab, interval 1, probability 0, space 0, times 0
[  169.931311][T10605] CPU: 0 UID: 0 PID: 10605 Comm: syz.3.1821 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  169.931347][T10605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  169.931361][T10605] Call Trace:
[  169.931371][T10605]  <TASK>
[  169.931391][T10605]  __dump_stack+0x1d/0x30
[  169.931482][T10605]  dump_stack_lvl+0xe8/0x140
[  169.931505][T10605]  dump_stack+0x15/0x1b
[  169.931525][T10605]  should_fail_ex+0x265/0x280
[  169.931560][T10605]  should_failslab+0x8c/0xb0
[  169.931607][T10605]  kmem_cache_alloc_noprof+0x50/0x310
[  169.931660][T10605]  ? getname_kernel+0x3c/0x1f0
[  169.931694][T10605]  getname_kernel+0x3c/0x1f0
[  169.931735][T10605]  kern_path+0x23/0x130
[  169.931769][T10605]  unix_find_other+0xe9/0x760
[  169.931809][T10605]  unix_dgram_connect+0x213/0x810
[  169.931987][T10605]  ? __pfx_unix_dgram_connect+0x10/0x10
[  169.932009][T10605]  __sys_connect+0x1ef/0x2b0
[  169.932045][T10605]  __x64_sys_connect+0x3f/0x50
[  169.932156][T10605]  x64_sys_call+0x2c08/0x2ff0
[  169.932178][T10605]  do_syscall_64+0xd2/0x200
[  169.932205][T10605]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  169.932234][T10605]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  169.932314][T10605]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.932336][T10605] RIP: 0033:0x7f953325ebe9
[  169.932353][T10605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.932397][T10605] RSP: 002b:00007f9531cc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  169.932467][T10605] RAX: ffffffffffffffda RBX: 00007f9533485fa0 RCX: 00007f953325ebe9
[  169.932482][T10605] RDX: 000000000000006e RSI: 0000200000002800 RDI: 0000000000000005
[  169.932496][T10605] RBP: 00007f9531cc7090 R08: 0000000000000000 R09: 0000000000000000
[  169.932507][T10605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.932520][T10605] R13: 00007f9533486038 R14: 00007f9533485fa0 R15: 00007ffd6f966218
[  169.932541][T10605]  </TASK>
[  170.004877][T10607] lo speed is unknown, defaulting to 1000
[  170.203005][T10610] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10610 comm=syz.2.1822
[  170.265334][T10614] loop5: detected capacity change from 0 to 512
[  170.285172][T10614] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.1823: iget: bad i_size value: 38620345925642
[  170.315892][T10614] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.1823: couldn't read orphan inode 15 (err -117)
[  170.345709][T10614] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.380590][T10614] EXT4-fs (loop5): shut down requested (0)
[  170.424899][ T6698] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.517207][T10622] netlink: 'syz.5.1825': attribute type 6 has an invalid length.
[  170.912654][T10629] random: crng reseeded on system resumption
[  170.929095][T10627] lo speed is unknown, defaulting to 1000
[  171.093900][T10639] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  171.102733][T10639] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  171.202515][T10649] netlink: 'syz.1.1836': attribute type 12 has an invalid length.
[  171.210615][T10649] netlink: 'syz.1.1836': attribute type 29 has an invalid length.
[  171.286660][T10655] lo speed is unknown, defaulting to 1000
[  171.330215][T10662] netlink: 'syz.1.1839': attribute type 6 has an invalid length.
[  171.790584][T10674] lo speed is unknown, defaulting to 1000
[  172.293643][T10688] __nla_validate_parse: 16 callbacks suppressed
[  172.293663][T10688] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1848'.
[  172.331005][T10692] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1849'.
[  172.340147][T10692] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1849'.
[  172.388824][T10696] netlink: 'syz.0.1851': attribute type 6 has an invalid length.
[  172.431034][T10700] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1853'.
[  172.461600][T10704] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1855'.
[  172.545372][T10706] loop3: detected capacity change from 0 to 2048
[  172.623047][T10706]  loop3: p1 < > p4
[  172.647118][T10706] loop3: p4 size 8388608 extends beyond EOD, truncated
[  172.716600][   T29] kauditd_printk_skb: 123 callbacks suppressed
[  172.716619][   T29] audit: type=1400 audit(1754954429.998:5530): avc:  denied  { mount } for  pid=10716 comm="syz.5.1860" name="/" dev="selinuxfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1
[  172.910584][   T29] audit: type=1326 audit(1754954430.178:5531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.3.1865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  172.934344][   T29] audit: type=1326 audit(1754954430.178:5532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.3.1865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  172.958287][   T29] audit: type=1326 audit(1754954430.178:5533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.3.1865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  172.982383][   T29] audit: type=1326 audit(1754954430.178:5534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.3.1865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  173.006575][   T29] audit: type=1326 audit(1754954430.178:5535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.3.1865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  173.030512][   T29] audit: type=1326 audit(1754954430.178:5536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.3.1865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  173.054906][   T29] audit: type=1326 audit(1754954430.178:5537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.3.1865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  173.079421][   T29] audit: type=1326 audit(1754954430.178:5538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.3.1865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  173.103463][   T29] audit: type=1326 audit(1754954430.178:5539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.3.1865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f953325ebe9 code=0x7ffc0000
[  173.124790][T10740] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1867'.
[  173.240433][T10745] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1868'.
[  173.276999][T10747] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1870'.
[  173.493163][T10755] ref_ctr_offset mismatch. inode: 0x864 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000
[  173.589928][T10758] lo speed is unknown, defaulting to 1000
[  173.828162][T10767] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1878'.
[  174.332531][T10777] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1881'.
[  174.493075][T10780] netlink: 'syz.0.1882': attribute type 10 has an invalid length.
[  174.501504][T10780] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  174.923067][T10789] FAULT_INJECTION: forcing a failure.
[  174.923067][T10789] name failslab, interval 1, probability 0, space 0, times 0
[  174.935884][T10789] CPU: 0 UID: 0 PID: 10789 Comm: syz.1.1886 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  174.935978][T10789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  174.935991][T10789] Call Trace:
[  174.935999][T10789]  <TASK>
[  174.936029][T10789]  __dump_stack+0x1d/0x30
[  174.936054][T10789]  dump_stack_lvl+0xe8/0x140
[  174.936075][T10789]  dump_stack+0x15/0x1b
[  174.936094][T10789]  should_fail_ex+0x265/0x280
[  174.936117][T10789]  should_failslab+0x8c/0xb0
[  174.936144][T10789]  kmem_cache_alloc_node_noprof+0x57/0x320
[  174.936219][T10789]  ? __alloc_skb+0x101/0x320
[  174.936332][T10789]  __alloc_skb+0x101/0x320
[  174.936365][T10789]  netlink_alloc_large_skb+0xba/0xf0
[  174.936400][T10789]  netlink_sendmsg+0x3cf/0x6b0
[  174.936429][T10789]  ? __pfx_netlink_sendmsg+0x10/0x10
[  174.936451][T10789]  __sock_sendmsg+0x145/0x180
[  174.936481][T10789]  ____sys_sendmsg+0x31e/0x4e0
[  174.936550][T10789]  ___sys_sendmsg+0x17b/0x1d0
[  174.936587][T10789]  __x64_sys_sendmsg+0xd4/0x160
[  174.936614][T10789]  x64_sys_call+0x191e/0x2ff0
[  174.936638][T10789]  do_syscall_64+0xd2/0x200
[  174.936703][T10789]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  174.936725][T10789]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  174.936752][T10789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.936776][T10789] RIP: 0033:0x7fcc817aebe9
[  174.936872][T10789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.936891][T10789] RSP: 002b:00007fcc8020f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  174.936961][T10789] RAX: ffffffffffffffda RBX: 00007fcc819d5fa0 RCX: 00007fcc817aebe9
[  174.936976][T10789] RDX: 0000000020004080 RSI: 00002000000006c0 RDI: 0000000000000003
[  174.936989][T10789] RBP: 00007fcc8020f090 R08: 0000000000000000 R09: 0000000000000000
[  174.937002][T10789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  174.937015][T10789] R13: 00007fcc819d6038 R14: 00007fcc819d5fa0 R15: 00007ffe6ed546a8
[  174.937098][T10789]  </TASK>
[  175.280662][T10795] FAULT_INJECTION: forcing a failure.
[  175.280662][T10795] name failslab, interval 1, probability 0, space 0, times 0
[  175.293460][T10795] CPU: 1 UID: 0 PID: 10795 Comm: syz.2.1889 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  175.293491][T10795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  175.293504][T10795] Call Trace:
[  175.293523][T10795]  <TASK>
[  175.293534][T10795]  __dump_stack+0x1d/0x30
[  175.293628][T10795]  dump_stack_lvl+0xe8/0x140
[  175.293647][T10795]  dump_stack+0x15/0x1b
[  175.293664][T10795]  should_fail_ex+0x265/0x280
[  175.293688][T10795]  should_failslab+0x8c/0xb0
[  175.293720][T10795]  __kvmalloc_node_noprof+0x123/0x4e0
[  175.293794][T10795]  ? __se_sys_add_key+0x1e9/0x350
[  175.293872][T10795]  __se_sys_add_key+0x1e9/0x350
[  175.293900][T10795]  __x64_sys_add_key+0x67/0x80
[  175.293921][T10795]  x64_sys_call+0x28c4/0x2ff0
[  175.293995][T10795]  do_syscall_64+0xd2/0x200
[  175.294028][T10795]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  175.294059][T10795]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  175.294086][T10795]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.294187][T10795] RIP: 0033:0x7fadcb25ebe9
[  175.294256][T10795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.294279][T10795] RSP: 002b:00007fadc9cbf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  175.294305][T10795] RAX: ffffffffffffffda RBX: 00007fadcb485fa0 RCX: 00007fadcb25ebe9
[  175.294322][T10795] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000200000000280
[  175.294338][T10795] RBP: 00007fadc9cbf090 R08: ffffffffffffffff R09: 0000000000000000
[  175.294354][T10795] R10: 0000000000000018 R11: 0000000000000246 R12: 0000000000000001
[  175.294373][T10795] R13: 00007fadcb486038 R14: 00007fadcb485fa0 R15: 00007fff52b6bef8
[  175.294396][T10795]  </TASK>
[  175.416025][T10798] loop1: detected capacity change from 0 to 1764
[  175.738240][T10814] loop3: detected capacity change from 0 to 512
[  175.768704][T10814] EXT4-fs: Ignoring removed mblk_io_submit option
[  175.781360][T10814] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  175.806004][T10814] EXT4-fs (loop3): 1 truncate cleaned up
[  175.812432][T10814] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.473999][T10829] lo speed is unknown, defaulting to 1000
[  176.522285][T10834] netlink: 'syz.1.1900': attribute type 6 has an invalid length.
[  177.063990][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.108174][T10854] loop3: detected capacity change from 0 to 2048
[  177.209391][T10854]  loop3: p1 < > p4
[  177.218471][T10854] loop3: p4 size 8388608 extends beyond EOD, truncated
[  177.469129][T10858] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  177.511363][T10860] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  177.520305][T10860] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  177.820811][   T29] kauditd_printk_skb: 93 callbacks suppressed
[  177.820830][   T29] audit: type=1326 audit(1754954435.098:5633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10863 comm="syz.1.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc817aebe9 code=0x7ffc0000
[  177.825990][T10866] netlink: 'syz.5.1913': attribute type 6 has an invalid length.
[  177.827568][   T29] audit: type=1326 audit(1754954435.098:5634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10863 comm="syz.1.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc817aebe9 code=0x7ffc0000
[  177.887177][   T29] audit: type=1326 audit(1754954435.098:5635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10863 comm="syz.1.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcc817aebe9 code=0x7ffc0000
[  177.911153][   T29] audit: type=1326 audit(1754954435.098:5636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10863 comm="syz.1.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc817aebe9 code=0x7ffc0000
[  177.935378][   T29] audit: type=1326 audit(1754954435.098:5637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10863 comm="syz.1.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc817aebe9 code=0x7ffc0000
[  177.948496][T10870] __nla_validate_parse: 6 callbacks suppressed
[  177.948513][T10870] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1914'.
[  177.959338][   T29] audit: type=1326 audit(1754954435.098:5638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10863 comm="syz.1.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcc817aebe9 code=0x7ffc0000
[  177.998892][   T29] audit: type=1326 audit(1754954435.098:5639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10863 comm="syz.1.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc817aebe9 code=0x7ffc0000
[  178.003692][T10874] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  178.022638][   T29] audit: type=1326 audit(1754954435.098:5640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10863 comm="syz.1.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc817aebe9 code=0x7ffc0000
[  178.031891][T10874] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  178.054822][   T29] audit: type=1326 audit(1754954435.098:5641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10863 comm="syz.1.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7fcc817aebe9 code=0x7ffc0000
[  178.086396][   T29] audit: type=1326 audit(1754954435.098:5642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10863 comm="syz.1.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc817aebe9 code=0x7ffc0000
[  178.148086][T10879] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1919'.
[  178.383244][T10895] veth0_to_team: left promiscuous mode
[  178.469916][T10900] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1927'.
[  178.691643][T10916] FAULT_INJECTION: forcing a failure.
[  178.691643][T10916] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  178.704875][T10916] CPU: 1 UID: 0 PID: 10916 Comm: syz.1.1934 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  178.704908][T10916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  178.704923][T10916] Call Trace:
[  178.704930][T10916]  <TASK>
[  178.704939][T10916]  __dump_stack+0x1d/0x30
[  178.704966][T10916]  dump_stack_lvl+0xe8/0x140
[  178.705003][T10916]  dump_stack+0x15/0x1b
[  178.705021][T10916]  should_fail_ex+0x265/0x280
[  178.705043][T10916]  should_fail+0xb/0x20
[  178.705065][T10916]  should_fail_usercopy+0x1a/0x20
[  178.705091][T10916]  _copy_from_user+0x1c/0xb0
[  178.705199][T10916]  do_sched_setscheduler+0x4e/0x1f0
[  178.705252][T10916]  ? syscall_trace_enter+0x102/0x1e0
[  178.705281][T10916]  __x64_sys_sched_setscheduler+0x17/0x30
[  178.705337][T10916]  x64_sys_call+0x10c3/0x2ff0
[  178.705363][T10916]  do_syscall_64+0xd2/0x200
[  178.705455][T10916]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  178.705478][T10916]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  178.705532][T10916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.705631][T10916] RIP: 0033:0x7fcc817aebe9
[  178.705649][T10916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.705666][T10916] RSP: 002b:00007fcc8020f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000090
[  178.705689][T10916] RAX: ffffffffffffffda RBX: 00007fcc819d5fa0 RCX: 00007fcc817aebe9
[  178.705704][T10916] RDX: 0000200000000040 RSI: 0000000000000001 RDI: 0000000000000000
[  178.705744][T10916] RBP: 00007fcc8020f090 R08: 0000000000000000 R09: 0000000000000000
[  178.705759][T10916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  178.705775][T10916] R13: 00007fcc819d6038 R14: 00007fcc819d5fa0 R15: 00007ffe6ed546a8
[  178.705797][T10916]  </TASK>
[  178.921230][T10918] loop5: detected capacity change from 0 to 1764
[  178.935211][T10918] netlink: 14593 bytes leftover after parsing attributes in process `syz.5.1933'.
[  178.959725][T10920] loop3: detected capacity change from 0 to 2048
[  179.002784][T10920]  loop3: p1 < > p4
[  179.012966][T10920] loop3: p4 size 8388608 extends beyond EOD, truncated
[  179.160927][T10936] random: crng reseeded on system resumption
[  179.168012][T10922] loop1: detected capacity change from 0 to 2048
[  179.194130][T10922] EXT4-fs (loop1): failed to initialize system zone (-117)
[  179.224888][T10922] EXT4-fs (loop1): mount failed
[  179.337232][T10948] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1942'.
[  179.393787][T10953] FAULT_INJECTION: forcing a failure.
[  179.393787][T10953] name failslab, interval 1, probability 0, space 0, times 0
[  179.406762][T10953] CPU: 1 UID: 0 PID: 10953 Comm: syz.0.1947 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  179.406794][T10953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  179.406824][T10953] Call Trace:
[  179.406831][T10953]  <TASK>
[  179.406840][T10953]  __dump_stack+0x1d/0x30
[  179.406868][T10953]  dump_stack_lvl+0xe8/0x140
[  179.406889][T10953]  dump_stack+0x15/0x1b
[  179.406906][T10953]  should_fail_ex+0x265/0x280
[  179.406935][T10953]  should_failslab+0x8c/0xb0
[  179.406962][T10953]  kmem_cache_alloc_noprof+0x50/0x310
[  179.406993][T10953]  ? getname_flags+0x80/0x3b0
[  179.407027][T10953]  getname_flags+0x80/0x3b0
[  179.407063][T10953]  user_path_at+0x28/0x130
[  179.407099][T10953]  do_faccessat+0x380/0x800
[  179.407124][T10953]  __x64_sys_faccessat2+0x51/0x60
[  179.407155][T10953]  x64_sys_call+0x200f/0x2ff0
[  179.407242][T10953]  do_syscall_64+0xd2/0x200
[  179.407311][T10953]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  179.407341][T10953]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  179.407370][T10953]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.407395][T10953] RIP: 0033:0x7fb67412ebe9
[  179.407423][T10953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  179.407453][T10953] RSP: 002b:00007fb672b8f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b7
[  179.407495][T10953] RAX: ffffffffffffffda RBX: 00007fb674355fa0 RCX: 00007fb67412ebe9
[  179.407510][T10953] RDX: 0000000000000001 RSI: 00002000000002c0 RDI: ffffffffffffffff
[  179.407525][T10953] RBP: 00007fb672b8f090 R08: 0000000000000000 R09: 0000000000000000
[  179.407541][T10953] R10: 0000000000001200 R11: 0000000000000246 R12: 0000000000000001
[  179.407628][T10953] R13: 00007fb674356038 R14: 00007fb674355fa0 R15: 00007ffee34ba338
[  179.407681][T10953]  </TASK>
[  179.716402][T10966] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  179.724986][T10966] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  179.843906][T10973] loop1: detected capacity change from 0 to 512
[  179.850561][T10973] EXT4-fs: Ignoring removed mblk_io_submit option
[  179.857498][T10973] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  179.868540][T10973] EXT4-fs (loop1): 1 truncate cleaned up
[  179.874567][T10973] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.950432][T10976] lo speed is unknown, defaulting to 1000
[  180.233276][T10980] random: crng reseeded on system resumption
[  180.370487][T10983] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1958'.
[  180.524276][T10988] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1957'.
[  180.630312][T10993] loop5: detected capacity change from 0 to 1764
[  180.654858][T10993] netlink: 14593 bytes leftover after parsing attributes in process `syz.5.1959'.
[  180.687770][T10998] ref_ctr_offset mismatch. inode: 0x8c8 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000
[  180.726623][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.744998][T11002] loop1: detected capacity change from 0 to 512
[  180.752137][T11002] EXT4-fs: Ignoring removed mblk_io_submit option
[  180.759322][T11002] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  180.770514][T11002] EXT4-fs (loop1): 1 truncate cleaned up
[  180.776976][T11002] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  180.954595][T11007] netlink: 'syz.0.1964': attribute type 6 has an invalid length.
[  181.130753][T11016] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1968'.
[  181.159111][T11002] ==================================================================
[  181.167491][T11002] BUG: KCSAN: data-race in file_write_and_wait_range / xas_set_mark
[  181.175614][T11002] 
[  181.177964][T11002] write to 0xffff888107225c9c of 4 bytes by task 11005 on cpu 0:
[  181.186363][T11002]  xas_set_mark+0x12b/0x140
[  181.191080][T11002]  tag_pages_for_writeback+0xc2/0x290
[  181.196508][T11002]  ext4_do_writepages+0x6b2/0x2750
[  181.201754][T11002]  ext4_writepages+0x176/0x300
[  181.206549][T11002]  do_writepages+0x1c3/0x310
[  181.211262][T11002]  filemap_write_and_wait_range+0x144/0x340
[  181.217201][T11002]  filemap_invalidate_pages+0xa4/0x1a0
[  181.222747][T11002]  kiocb_invalidate_pages+0x6e/0x80
[  181.227978][T11002]  __iomap_dio_rw+0x5d4/0x1250
[  181.232774][T11002]  iomap_dio_rw+0x40/0x90
[  181.237150][T11002]  ext4_file_write_iter+0xad9/0xf00
[  181.242486][T11002]  iter_file_splice_write+0x666/0x9e0
[  181.247972][T11002]  direct_splice_actor+0x153/0x2a0
[  181.253108][T11002]  splice_direct_to_actor+0x30f/0x680
[  181.258513][T11002]  do_splice_direct+0xda/0x150
[  181.263327][T11002]  do_sendfile+0x380/0x650
[  181.267919][T11002]  __x64_sys_sendfile64+0x105/0x150
[  181.273199][T11002]  x64_sys_call+0x2bb0/0x2ff0
[  181.278188][T11002]  do_syscall_64+0xd2/0x200
[  181.282744][T11002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.288682][T11002] 
[  181.291389][T11002] read to 0xffff888107225c9c of 4 bytes by task 11002 on cpu 1:
[  181.299056][T11002]  file_write_and_wait_range+0x10e/0x2c0
[  181.304980][T11002]  generic_buffers_fsync_noflush+0x45/0x120
[  181.310914][T11002]  ext4_sync_file+0x1ab/0x690
[  181.315688][T11002]  vfs_fsync_range+0x10d/0x130
[  181.320584][T11002]  ext4_buffered_write_iter+0x34f/0x3c0
[  181.326214][T11002]  ext4_file_write_iter+0xdbf/0xf00
[  181.331670][T11002]  iter_file_splice_write+0x666/0x9e0
[  181.337349][T11002]  direct_splice_actor+0x153/0x2a0
[  181.342500][T11002]  splice_direct_to_actor+0x30f/0x680
[  181.348174][T11002]  do_splice_direct+0xda/0x150
[  181.353077][T11002]  do_sendfile+0x380/0x650
[  181.357854][T11002]  __x64_sys_sendfile64+0x105/0x150
[  181.363098][T11002]  x64_sys_call+0x2bb0/0x2ff0
[  181.367863][T11002]  do_syscall_64+0xd2/0x200
[  181.372460][T11002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.378717][T11002] 
[  181.381067][T11002] value changed: 0x02000021 -> 0x04000021
[  181.387425][T11002] 
[  181.389853][T11002] Reported by Kernel Concurrency Sanitizer on:
[  181.396377][T11002] CPU: 1 UID: 0 PID: 11002 Comm: syz.1.1963 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  181.407355][T11002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  181.417713][T11002] ==================================================================
[  181.681567][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.