last executing test programs:

2.006471312s ago: executing program 2 (id=2191):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1d459d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x3, 0x6}, 0x1a027, 0x4005, 0x4, 0x0, 0x1, 0x1, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @loopback}, 0xc)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0xa, 0x0, 0x0, 0x40f00, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r4, 0x0, 0xfffffffffffffffd}, 0x18)
r5 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_IO(r5, 0x2285, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
writev(r5, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {0x0}], 0x2)
write$binfmt_elf64(r3, &(0x7f0000000980)=ANY=[@ANYBLOB="7f454c4600000006010000000000000003003e000000000003000000000000004000000000000000980100000000000002000000000038000200000002000000000000600300000008000000000000000d00000000000000ed08000000000000f0ffffffffffffff0000000000000000080000000000000003"], 0x5b0)

1.939931489s ago: executing program 2 (id=2196):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001480)=ANY=[@ANYBLOB="130000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x10)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
recvmmsg(r2, &(0x7f0000002440), 0x1, 0x120, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r3}, 0x38)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r4, 0x0, 0x2}, 0x18)
setrlimit(0xa, &(0x7f00000001c0)={0x7})
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000300)={0x38, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}, @ETHTOOL_A_BITSET_MASK={0x4}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}]}, 0x38}}, 0x0)

1.686355064s ago: executing program 1 (id=2199):
r0 = socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0xc, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0xb, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', <r1=>0x0})
bind$packet(r0, &(0x7f00000001c0)={0x11, 0x11, r1, 0x1, 0xf, 0x6, @broadcast}, 0x14)
sendto$packet(r0, &(0x7f0000000180)="0b0312002e0064000200475400f6a13bb1000000086086dd4803", 0xbcff, 0x88a8ffff, &(0x7f0000000140)={0x11, 0x3, r1}, 0x14)

1.61764602s ago: executing program 1 (id=2203):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000004c0)=ANY=[])
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x1018}, './file0\x00'})

1.588958973s ago: executing program 1 (id=2205):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
writev(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d7", 0x20}, {&(0x7f0000000040)="aa1d484ea0000500f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e", 0x2a}], 0x2)

1.508092871s ago: executing program 1 (id=2207):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32=<r1=>0xffffffffffffffff, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000e3000000000000000018000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000100)=0x1800, 0x4)
r5 = getpid()
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r7, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r5}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r8}, 0x18)
r9 = socket(0x3, 0x5, 0x0)
setsockopt$sock_int(r9, 0x1, 0x23, &(0x7f0000000000)=0x2, 0x4)
bind$inet(r9, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
recvmmsg(r9, &(0x7f00000040c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000015c0)=""/127, 0x7f}}], 0x1, 0x0, 0x0)
sendto$inet(r9, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r10, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, 0x0, 0x0, 0x16, 0x0, "0af5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a7c1d1408407e5a774ef95f2fc1b947e00f000000123f2f1d34b0882e83d41b67cb9ff147c6d33a097d2269351b3ed300"}, 0xd8)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0)
epoll_create1(0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000cc0)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
sendmsg$unix(r11, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f00000007c0)='T', 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYRESDEC=r2], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)

1.272889084s ago: executing program 3 (id=2214):
r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb, 0x0, 0x0, 0xfffffffd, 0xe58}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
syz_emit_ethernet(0xfffffd2e, 0x0, 0x0)

1.235463498s ago: executing program 3 (id=2216):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000004c0)=ANY=[])
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x1018}, './file0\x00'})

1.234672348s ago: executing program 3 (id=2217):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
clock_gettime(0x0, &(0x7f0000000200))
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r3 = dup(0xffffffffffffffff)
write$UHID_INPUT(r3, &(0x7f0000002080)={0xc, {"a2e3ad214fc752f91b3e090987f70e06d038e7ff7fc6e5539b3264078b089b0e083863090890e0878f0e1ac6e7049b334c959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31360d3b6d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f30012f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d780231c9c99a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa3647f17b28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc91ca0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d9779750000495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f068bb87af8b90fd8f08876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d42a5071424d7076a122d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b281769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833fea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03ecb89ebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e51074b41bc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000e9f77be500", 0x1000}}, 0x491)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newtaction={0x6c, 0x30, 0x1, 0x70bd28, 0x25dfdbfd, {}, [{0x58, 0x1, [@m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x9, 0x1, {{0x8, 0x0, 0x10000000, 0xfffffffa, 0x4}, @empty, @dev={0xac, 0x14, 0x14, 0x2b}, 0xff}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4004001}, 0x2400c800)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
r6 = inotify_init()
inotify_add_watch(r6, &(0x7f00000001c0)='.\x00', 0x4000423)
creat(&(0x7f0000000040)='./bus\x00', 0x0)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r9 = openat$cgroup_devices(r8, &(0x7f00000000c0)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r9, &(0x7f0000000300)=ANY=[@ANYBLOB='c'], 0xa)
close_range(r7, 0xffffffffffffffff, 0x0)

1.145751037s ago: executing program 3 (id=2219):
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='\n\x00\x00\x00\v\x00'], 0x48)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0xfffd, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
r4 = syz_open_dev$evdev(&(0x7f0000000180), 0x6, 0x80)
ioctl$EVIOCGRAB(r4, 0x40044590, &(0x7f00000002c0)=0x5)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0xd0f, 0x70bd2c, 0x25dfdbfb, {0x60, 0x0, 0x0, r3, {}, {0xffe0, 0xa}, {0x1, 0xe}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x14, 0x2, [@TCA_CODEL_TARGET={0x8}, @TCA_CODEL_LIMIT={0x8, 0x2, 0x1}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x55}, 0xc010)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r6, &(0x7f0000000080)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r7, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xffff}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r9)
getsockname$packet(r9, &(0x7f0000000180)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route_sched(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=@delchain={0x3c, 0x2c, 0xf31, 0x80, 0x2000, {0x0, 0x0, 0x0, r10, {}, {0xfff2, 0xffff}, {0xffff, 0x1}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x3}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008844}, 0x4010)
sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)

1.076745094s ago: executing program 2 (id=2221):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
flock(0xffffffffffffffff, 0x2)
r1 = syz_io_uring_setup(0x14d9, &(0x7f0000000480)={0x0, 0x5121, 0x0, 0x3, 0x2cf}, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000600)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000080)=@IORING_OP_SYMLINKAT={0x26, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
syz_emit_ethernet(0x46, &(0x7f0000000240)={@link_local={0x3}, @random="f69a5d8783dd", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}, "00186371ae9b1c03"}}}}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r4, 0x0, 0x6}, 0x18)

998.475851ms ago: executing program 1 (id=2223):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000180)={{0x2, 0x4e23, @empty}, {0x20000010304, @local}, 0x4, {0x2, 0x4e20, @rand_addr=0x64010102}})
syz_io_uring_setup(0x2af8, &(0x7f00000000c0)={0x0, 0x0, 0x13090}, 0x0, 0x0)
unshare(0x26020480)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
unshare(0x2a060400)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000900)='kfree\x00', r1}, 0x18)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r2, 0x0, 0x5, &(0x7f0000000240)={@broadcast, @empty, 0xfffb, "66c5aff8a7eb3af1f6cec2e7420000008c84aea31700", 0x96bd, 0x1000000, 0x7e, 0x6b}, 0x3c)

900.191381ms ago: executing program 1 (id=2224):
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = socket$igmp(0x2, 0x3, 0x2)
recvmmsg(r0, 0x0, 0x0, 0x62, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x7e, &(0x7f0000000340)=ANY=[@ANYBLOB="ffffffffffff1704b45adbde0800450000700000000000019078ac1e0001ac1414aa0300907800080000450000000000000000ff2c000000000000000001443c00d10000000000000000ffffffff00000000ffffffff000000000000000000000000e000000100000000e0000001ffffffffff006c21c92eff1400000000008303000097e5c13ad346991c48395842af777f9b9da031a1b6b87bea06a513342c8dd30f32509efb637203b25ddeae571cd58b030583a136a3bb2127da8e83566d952780ccf77e332049aa074671a8cbecc47bb561dc90b98fa356a9e5fbaa3d"], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000540)='netlink_extack\x00', 0xffffffffffffffff, 0x0, 0x1000000000000000}, 0x18)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x103000, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x2}, 0x18)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
gettid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x2, @mcast1, 0x9}, 0x1c)
connect$pppl2tp(r4, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r5, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x32)
writev(r4, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = inotify_init()
r7 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r8 = inotify_add_watch(r6, &(0x7f0000000200)='./file0\x00', 0x400009bf)
write$binfmt_elf32(r7, &(0x7f0000000040)=ANY=[@ANYRES64=r8], 0x69)
close(r7)
execve(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
write$P9_RLOPEN(r7, &(0x7f00000001c0)={0x18, 0xd, 0x1, {{0x80, 0x4, 0x6}, 0x2}}, 0x18)

879.972483ms ago: executing program 0 (id=2225):
r0 = socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0xc, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0xb, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', <r1=>0x0})
bind$packet(r0, &(0x7f00000001c0)={0x11, 0x11, r1, 0x1, 0xf, 0x6, @broadcast}, 0x14)
sendto$packet(r0, &(0x7f0000000180)="0b0312002e0064000200475400f6a13bb1000000086086dd4803", 0xbcff, 0x88a8ffff, &(0x7f0000000140)={0x11, 0x3, r1}, 0x14)

841.562427ms ago: executing program 2 (id=2226):
r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb, 0x0, 0x0, 0xfffffffd, 0xe58}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
syz_emit_ethernet(0xfffffd2e, 0x0, 0x0)

829.813258ms ago: executing program 0 (id=2227):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x48, &(0x7f0000000300)=[@in6={0xa, 0x4a24, 0x9, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7177}, @in={0x2, 0x4e22, @rand_addr=0x64010101}, @in6={0xa, 0x4e24, 0x6, @empty, 0x7fff}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000240)=@assoc_value={0x0, 0x5}, 0x8)

788.039452ms ago: executing program 0 (id=2228):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x8, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$packet(0x11, 0x2, 0x300)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x20000080)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = syz_io_uring_setup(0x54d6, &(0x7f0000000080)={0x0, 0x989c, 0x8, 0x0, 0x233}, &(0x7f0000000500), &(0x7f0000000540))
io_uring_register$IORING_REGISTER_PROBE(r2, 0x8, &(0x7f0000000440), 0x3b)
syz_extract_tcp_res(0x0, 0x2, 0x1000)
syz_extract_tcp_res$synack(&(0x7f00000000c0), 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000357500007b8af8ff00000000bfa200000000000007020000f8"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_elf32(r3, &(0x7f00000010c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0xa, 0xb6, 0x5, 0x5, 0x3, 0x3e, 0x7, 0x1be, 0x38, 0x197, 0x0, 0x2, 0x20, 0x1, 0xf666, 0xd, 0x2}, [{0x2, 0x8, 0x6, 0x4, 0x3, 0x7f, 0x5, 0x98e9}], "", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xa58)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r5=>0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r5, {0x10, 0xfff1}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(0xffffffffffffffff, 0x111, 0x4, 0x0, 0x4)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
openat2(0xffffffffffffffff, 0x0, 0x0, 0x0)

732.217898ms ago: executing program 2 (id=2230):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000e868495fb58d00b6ad1f50ad32d6ad25dfd73a015e0ca6a0f68a7d007dc6751dfb265a0e3ccae669e173a64bc1cfd514600650a58f145ff1205fc9ddaa275e687d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983cd44c05bd0a48dfe3e26e7a23129d6606ed28a69989d552af6d9a9df2c3af36e0360070011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a1a83109753f54b21cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b81a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a928903000000cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba739cd0c31b05c00fba8a4aee676d7caa2e53b91a68ff2e60da7b01a2e5785a238afa4aba70c08b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf78b04963d679d5a5d07e618a1ef9057fec00f9e93021f5a8d30e716de8cde9c6000000000c3b64d10f0939b42b33ab2a8717096c58bb3bb1d457d8bb96870f5a7e2ba31fd69bb80235d957eaa9a40b764e5381ffa604aaafb76a980e72b408f686b185736693089213b4e140f8f38e5589663115093889deb646122a5dc5a9e5ba4d37749a36b880110e2bf524b79bc91105f1d3f7d0de694a9417d68694f17ba5e27ea1cec518b93fadcfe0de010ae9be3273ff73c34b5695080a35bfa5c69e3b533e1b939c81b3beda037b7191cb0000000000000000000010e5d683b8938db5c305cf7e6e62a6890ba9e1f4ee64f8202b59de5036569febfaa95f4633db108b2f786333ec7bacc927f4a1785165b5d2444b4c022bb5cff472e6a0c8ee9d6d8df83b704669147b732ac508c9b9f0ca0a1ce45319d43d4643eb285835daf2065b57bebd61ad6671296c27253a5f9688d57c91ccd40ffe2dbc5dd1613a2e6f5b363cc8d205ce6ef3c3c6ded7dd3dfdb39008d8997213f68cdc971c1d6fdacb7729a5560880a77525e9cfb94ef1735dfe74e6b948697f7e3580436b532a82e315d56b17a5dba98436cc24babaae409f0aab0b40af116001bc85492455956e853ead08b5793d4ecf72378a3dfd9cc837b1c66212d9a2be8fd6341c2f837c7fe09924a51ec42912856cce3d3b2d092c80813aad03e1e63a655f4138730f302df339f30a4fbd453c9a0fba381d071ad7cb80a52bec572e29b0b9b55c235806b97e166609f8083ce776075c"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) (async)
r1 = socket$inet(0x2, 0x2, 0x1)
getsockopt$inet_mreqsrc(r1, 0x0, 0x28, &(0x7f0000000000)={@multicast2, @loopback, @dev}, &(0x7f00000000c0)=0xc) (async)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x4014094) (async)
sendmsg$inet(r1, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x2400, @multicast1}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000680)="001081de0b60", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000810b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x4008800)

672.180104ms ago: executing program 2 (id=2231):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001480)=ANY=[@ANYBLOB="130000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x10)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
recvmmsg(r2, &(0x7f0000002440), 0x1, 0x120, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r3}, 0x38)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r4, 0x0, 0x2}, 0x18)
setrlimit(0xa, &(0x7f00000001c0)={0x7})
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000300)={0x38, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}, @ETHTOOL_A_BITSET_MASK={0x4}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}]}, 0x38}}, 0x0)

651.979116ms ago: executing program 0 (id=2232):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc094, 0x2, @perf_bp={&(0x7f0000000180), 0x4}, 0x1104, 0x3ee53089, 0x10003, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x53}, 0x28)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$SG_GET_VERSION_NUM(0xffffffffffffffff, 0x2284, &(0x7f0000000080))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000004c0)=ANY=[])
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x1018}, './file0\x00'})

608.48442ms ago: executing program 4 (id=2233):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1d459d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x3, 0x6}, 0x1a027, 0x4005, 0x4, 0x0, 0x1, 0x1, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @loopback}, 0xc)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0xa, 0x0, 0x0, 0x40f00, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r4, 0x0, 0xfffffffffffffffd}, 0x18)
r5 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_IO(r5, 0x2285, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
writev(r5, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)}], 0x2)
write$binfmt_elf64(r3, &(0x7f0000000980)=ANY=[@ANYBLOB="7f454c4600000006010000000000000003003e000000000003000000000000004000000000000000980100000000000002000000000038000200000002000000000000600300000008000000000000000d00000000000000ed08000000000000f0ffffffffffffff0000000000000000080000000000000003"], 0x5b0)

540.804086ms ago: executing program 0 (id=2234):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc094, 0x2, @perf_bp={0x0, 0x4}, 0x1104, 0x3ee53089, 0x10003, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$SG_GET_VERSION_NUM(0xffffffffffffffff, 0x2284, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000001c0)=0xfffffffffffffffc, 0x4)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
ioctl$TUNSETVNETLE(r1, 0x400454dc, &(0x7f0000000000)=0x1)
pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x480)
write$P9_RWRITE(r3, &(0x7f0000000180)={0xb, 0x77, 0x2, 0xd6a}, 0xb)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001"], 0x44}}, 0x0)

416.339189ms ago: executing program 0 (id=2235):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r1, &(0x7f0000000100)=[{&(0x7f00000004c0)='4', 0x1}], 0x9)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000600)=ANY=[@ANYRES8=r1, @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000690000009530aa7a526d63baa95589b07747a86e1e49e665b2439711f7e1036781044e9f8f77497dddc1920100a6820c"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1008000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x4d}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x40000)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r3)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)

390.802192ms ago: executing program 4 (id=2236):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0x7, 0x9) (fail_nth: 4)
write$P9_RWRITE(r3, &(0x7f0000000040)={0xb}, 0x11000)
read(r2, &(0x7f0000032440)=""/102364, 0x18fdc)

173.326103ms ago: executing program 4 (id=2237):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss={0x2, 0x9}], 0x1)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
fallocate(r2, 0x8, 0x8, 0x1ff)
getsockopt(r1, 0x4, 0x2, &(0x7f0000000080)=""/72, &(0x7f0000000100)=0x48)
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000140)={0x124, 0x100, 0x6, 0xa75, 0x9, "a31aef7b679feebc"})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000480)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000440)={&(0x7f0000000240)={0x1f8, r3, 0x0, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_TX_RATES={0x160, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x3c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x11, 0x1, [0x48, 0x60, 0x1, 0x9, 0x3, 0x1, 0xb, 0x60, 0xb, 0x36, 0x3, 0x70, 0x48]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x800, 0x1770, 0x1, 0xd, 0xffff, 0xa, 0xe51, 0x40]}}]}, @NL80211_BAND_5GHZ={0x64, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x11, 0x1, [0x9, 0x3, 0x5, 0x30, 0xb, 0x16, 0x2, 0x36, 0x3, 0x1b, 0x36, 0x1, 0x6c]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x8e08, 0x401, 0x2, 0x0, 0x4a80, 0x4, 0x3c0, 0x7]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfffd, 0x2, 0x3, 0x3, 0x0, 0x0, 0x5, 0x5]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8000, 0x81, 0x4, 0x6, 0x4, 0x800, 0x2, 0x4]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_5GHZ={0x68, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x44, 0x2, [{0x5, 0xa}, {0x6, 0x6}, {0x4}, {0x7, 0xa}, {}, {0x6}, {0x6, 0x1}, {0x2, 0x5}, {0x7, 0x8}, {0x6}, {0x1, 0x3}, {0x4, 0x7}, {0x5, 0x7}, {0x0, 0xa}, {0x6, 0x7}, {0x5, 0x4}, {0x2, 0x5}, {0x6, 0x6}, {0x7, 0x2}, {0x6, 0x4}, {0x4, 0x7}, {0x5, 0x9}, {0x4, 0x6}, {0x3, 0x5}, {0x5, 0x3}, {0x0, 0x1}, {0x3}, {0x1, 0x9}, {0x5, 0x4}, {0x0, 0x4}, {0x6, 0x3}, {0x6, 0x5}, {0x5}, {0x2, 0xa}, {0x2}, {0x3, 0x3}, {0x4, 0x9}, {0x4}, {0x6, 0x7}, {0x6, 0x8}, {0x5, 0x6}, {0x6, 0x4}, {0x4}, {0x1, 0x3}, {0x1, 0xa}, {0x5, 0x4}, {0x0, 0x6}, {0x5, 0x7}, {0x3, 0x5}, {0x4, 0xa}, {0x4, 0x9}, {0x0, 0x8}, {0x2}, {0x3, 0x9}, {0x7, 0x2}, {0x5}, {0x3, 0x2}, {0x5, 0x7}, {0x1, 0x5}, {0x4, 0x6}, {0x2, 0x8}, {0x2, 0x2}, {0x5, 0x9}, {0x1, 0x7}]}, @NL80211_TXRATE_HT={0x18, 0x2, [{0x5, 0xa}, {0x1, 0x2}, {0x1, 0x1}, {0x0, 0x5}, {0x0, 0x7}, {0x6, 0x3}, {0x2, 0x5}, {0x2, 0x5}, {0x1, 0x2}, {0x2, 0x4}, {0x7, 0x9}, {0x2, 0x6}, {0x1, 0x5}, {0x3, 0x7}, {0x0, 0x2}, {0x0, 0x2}, {0x3, 0x2}, {0x0, 0x4}, {0x0, 0x4}, {0x2, 0x6}]}]}, @NL80211_BAND_60GHZ={0x54, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0x19, 0x1, [0x44, 0x18, 0x4, 0x6, 0x5, 0x5, 0x6c, 0xc, 0x6c, 0x6c, 0x30, 0x1, 0x4, 0x5, 0x12, 0x12, 0x36, 0x4, 0x5, 0x1b, 0x30]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xffff, 0x9, 0x91f, 0x7, 0x5, 0xd, 0x5, 0x7]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x18, 0x1b, 0x1, 0x2]}]}]}, @NL80211_ATTR_TX_RATES={0x7c, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x78, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x10, 0x804, 0x8000, 0xb, 0x9dcc, 0x4, 0x9, 0x10]}}, @NL80211_TXRATE_HT={0x2e, 0x2, [{0x2, 0x2}, {0x1, 0x3}, {0x6, 0x3}, {0x4, 0x8}, {0x7, 0x9}, {0x6, 0x4}, {0x0, 0x1}, {0x6, 0x5}, {0x5, 0x5}, {0x5, 0x3}, {0x1, 0x8}, {}, {0x3, 0x3}, {0x7, 0x8}, {0x4, 0x3}, {0x3, 0x1}, {0x0, 0x7}, {0x7, 0x1}, {0x2, 0x8}, {0x6, 0x2}, {0x2, 0xa}, {0x7, 0xa}, {0x7, 0x4}, {0x5, 0x5}, {0x0, 0x5}, {0x6, 0x9}, {0x6, 0x1}, {0x0, 0x7}, {0x7, 0xa}, {0x0, 0x8}, {0x2, 0x9}, {0x2, 0x9}, {0x4, 0x5}, {0x1, 0x6}, {0x4, 0x8}, {0x5, 0x7}, {0x5, 0x2}, {0x1, 0x4}, {0x3, 0x8}, {0x0, 0x3}, {0x7, 0x9}, {0x6, 0x4}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0xe, 0x1, [0x1b, 0x16, 0x48, 0x30, 0x24, 0x48, 0x48, 0x36, 0x12, 0x2]}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x60, 0xc, 0xc, 0x1]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}]}, 0x1f8}, 0x1, 0x0, 0x0, 0x40010}, 0x4008044)
r5 = open(&(0x7f0000000500)='./file0\x00', 0x400, 0x100)
syz_genetlink_get_family_id$wireguard(&(0x7f00000004c0), r5)
r6 = getpid()
write$P9_RGETLOCK(r5, &(0x7f0000000540)={0x26, 0x37, 0x2, {0x1, 0xe, 0x0, r6, 0x8, 'nl80211\x00'}}, 0x26)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f00000005c0), r5)
sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f00000006c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000680)={&(0x7f0000000600)={0x7c, r7, 0x100, 0x70bd26, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xa}, @IPVS_CMD_ATTR_DEST={0x60, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x1ff}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x1}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x78}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@empty}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x2}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x40}, 0x40)
unshare(0x10200)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000740)={0x6c, 0x0, 0x2, 0x70bd2c, 0x25dfdbfe, {}, [@HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6d1cbe8d09bb0c4d}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4000020}, 0x40001)
ioctl$EVIOCSABS3F(r1, 0x401845ff, &(0x7f0000000840)={0xf3e0, 0xfffffc01, 0x30000, 0x6, 0x1, 0x8})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000880)={0x2, 0x4, 0x8, 0x1, 0x80, r5, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x3}, 0x50)
r8 = socket$nl_sock_diag(0x10, 0x3, 0x4)
bind$netlink(r8, &(0x7f0000000900)={0x10, 0x0, 0x25dfdbff, 0x4000}, 0xc)
ioctl$TCSETS(r5, 0x5402, &(0x7f0000000940)={0xff, 0x8, 0x8, 0xa, 0x7, "5ba83125aa038504ad265ee5d5555b2d8cdf80"})
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r9, 0x0, 0x487, &(0x7f0000000980)={{0x3a, @private=0xa010102, 0x4e24, 0x0, 'dh\x00', 0x24, 0x0, 0x8}, {@rand_addr=0x64010101, 0x4e24, 0x2000, 0x3ff, 0x7fffffff, 0x40}}, 0x44)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001b80)={r1, 0x0, 0x9a, 0x70, &(0x7f0000000a00)="47d4d857233a410d97647fa61b4afa94405ff38385c455b4bd89a191b00f2fd5ba43c1793a887e81f00fd5f5b2ff7021984d2283c0b807cee6858bb08b8eb8b79658079babc10f1bccf80d0ba8de28f1820f8c834b7e4d6969d5b5fe766fc80903451f8c3ed7162bbe60a68b1757319123c89f54a13e01193e7f2a247d3e057393b1432196fe618db35bd3946eb4a53a46d44ad490dc2294732e", &(0x7f0000000ac0)=""/112, 0x4, 0x0, 0x1000, 0x1, &(0x7f0000000b40)="71b8919158f3c9d50f8509b3a24847a06b1aa51be540381abf0a5ac2edc31f169019be42b72b795a39664c64e6fa156a4b633af58fe697c1c1ef2c4ec98b649a14957ba31b30ae7f74a3d3500cbddd8ed9f513f82d442c5fd2dc55e8014be02a172bb2cfb908baa4c57a00882c9065da23037617644f880915203a46c8e5c399e739d18eb0e73b6f4252547dc831784d1682c00422fa4e8d00fd6a9df52b3833ba9afebd0d4a22c26000af9164b7238b33a3f1a9d08a8ecb2cebd26330aff176582e29386de48dce2b37310b56051185ee367b6a6b8b25af7f926a643414b177d03fe196d1623f2d56d580fae3817e845cca4a4e76116e8206dfab46c888a235525c9b89e592efd2c00119b000447e3e3cb5287817448eb41686335e93d9b59d882eb4f71b995bd8a5c8cbde5b96765271384ae3ecbbb17e075fc432393c5542f62ae4bdeab5b16ea2f2e030c981188db8dcbc70c299b62a32b6f0073a44336237d4cae1109cfef2442eb02bf797d347d107350a86b1a2bd9309709f430de0b879c91f1cefa58aa27c9505516d4a9b609374d7eb57c12fc7d34e1fd7bcf9796a44e6cf8c37d3cfac788b6bae0b7c810bbd81361febd5803f53d49af7663c0e46c675b1880d5031aa16268012c22332763baee3e6c10f753dde5b0cec4e177e4c0e6cb76c794080d8aef0b402b15697722fd70dc71c5c12cabc0e8c1653eb1d2a456be51646831d16602ed02e56550cedb4a0c6045f9a916642890b1df520d0bc1552e0e7d8bdcfa50b48185627332e56dc8948f37745bed917ab3c5e909fb80c50d3c6fe3ec04f2032ad9a0b078410e61e19bf57ebc532220017b599cd26378a46496d14638c6ec5b03c69924f81e49e7dddf0af2148b7befd9ef09eef17ad64608f49ed35000bdb24e06e579958782b1cb3bfae0386674b92a9e4ceddd2e5b0f50f17f21c0541a36ba69f2c959a87536058defcd16432a189cd746dfaeba798377051f027a67946ba545dc787cb17324a3d8c15d8965a47cb506d48f786bc1ab00c3c94cefc7fb79032d8d51ec76594cece70d967c7ce81d6188daa2eea89520c2e951a123f1f72ca6ba0f1ce767651cd3614b6a1d54e4902339200de47cc641bded834e8ec69bd9d7495612207a6bef391bd4c73fe6c4f3876ac4c6ad9aafe95be201955b67315ae98a620e00e2314d69a213c0fad4355ffddf36393a9ba6342baa2a4eadb97f3231ac8b5dd4b65743f6ec18459f140844ce49bfd6c041f6dcd32d40c497c215c87c87d4c3565691f9dab7236a8e77e133be813a793ef9b6f560070a964b4f5093d72daad4ff5609d8cb27fda8cd23073595cadda70c9fdbf272a39ee99cf5777d039f96b04cd3278a06d7ad8a1ca640d4f2af3a0d4678390fc6a597cbb6239d7dcd0a2da9393e64f8f87f89355fdc45206af0a95ce9732aa7b9e5ba8ad3674470c42c69927aff547d3434d80f0927f73466462062eddbd3cc67ebf2206d37f65708246542410be0712ffc49a435d2a4719aa60e479a053b42aaafe378df3d61b3fed795da3024bdad6a3863d7667802f233baef90bfe386880bcb168bf2dc3a484d00b49b89f966f0409be013e7b41d97d2f38bdd6ad087bc720569a4228974ccc653bc2319b5bfbf615254b5108563808c4270eebed71baf363a9b1f7f707b0c0d6f41a2ca4d6ba8815585b6e96d6f621f30ca7d48780a6e6fac6e266fa97e1b0c3eefc5b55687b9c18da5a37508e5416c0d8e883b2329307ea5ab0d8aca688eebd828df94d939f43bc195c0322adcb80c19f7fad7843dc5ea77a149996a02ff8a5dc9f3056eb9202599a2c0de0d7fd1580afc084ce482db7243375276ad939c7a42cead145100779539497b9601a4ab6ddca3edae02b6f134f939397c215ba7af17f7eabdf3522829b8465ff5b75ad33cd97a7482c5557086cbe987c96da4a9bc42c7d70824f059f9572533d0e76c6d716d1e9918404b24ddc3ea7eda838df4d12905ac57c6bfb0d846cc998ae78cfc279b2a59cdc99f1b9172f7b01c51d04d1aee4081d0e024855159fb95e3b4c078db33987c4e70719742bba4237068afa10e9a8e9f23afbc015a87e1fd4a67fe4c54bc15b017bc335ad702424d758ac151d940c0d4dedd1cf3f7a21039756bfe2710265157d95bce9a0b4657d11f82ceb3e5a6eef750e15cf8ede8106e6ca0afa8ba57f4d692e1512bd3c4733fb6457a7370eecb48eb747e99a31fcd43f8b772864bb45005155d60c72d3d04ff9f238f71a58b85ed1c030baf60be3e9905b151b6a85874d16dd89b0c0dd44329b73a282f0fa66be573e73289a55edae2bfb0921affeca5b5b2dbe16845eb87826bc73e7491e6af5fa4f8c16b21177810518f0518aaef60afb193096a60bbbf9bd6fc9b7bc3bd755a8e7b670943f54a6e381f4403f7fa8f00656778304067d5ee622dfd0d799fcf1275a560c22322df9be78e0072949a77f97fbb5c2e06c43c0486bf34c49000ef3f65c76ba4bd3bb762c2e91b4d944a2f8fbbfa7c432e82c19fa9f067fb8651c92ba534f45fff910d414e8ee4ede4a024376f5b5fcc955c0e7007eabbabe7aa2dba3d1a9b12b98977e8489b86d6810f67066c14b4fd4f5e2d581e61366e6e6493f4de4f51ac98b30d372a6beb8b8bad866d6149c8f6271207c80318a0dc14625b7a401708c0a5b0951127371b703a0bbeb8da06b2b4dcdcb14180435d1c5dce89ba16b35386a18f671d941062ac4135c45d626bf9f6645a50e441ad26a43092ca2e9303bb3312b71ba55321dfd8554e31f81fd3ebedc52d8d13dbdcc90046cfd1872565c1618765aba6d5de8b7e6a8838d762b0da3e860da1ba1f7582e19baa36cfb03f6c2474d35db6fc13bb6c5fba6aacf904e30d17b4ebc3b49326263be4dbf06fe08fcd9d1a28a5447a69433f1ede179c26cc371b93c47da9ee2ff378734f57d72b5cba54874948e7f62710680d6a356660656214fbc6fd7319fd501751e445d37908ac9f5f8792b40c884684bfcc6d40acd96cf2e0841cb9f92fc1327a94e74ebe42b6de37806478a2c16b340938ee5b9142dc9528f05b5691ba9c6f0544aa3d489055c4aa20aa0902d998d0adc39f17778a70c3a67ef63113821837d722d0606e1b6ab492f366959363cf0cb57438072e1fc91755d0c2ef8b50df8eb123a5df526d914c90104cd46de7c8ecfc75846316de075d0ef8177e14431d5519e7edd0242bfb560e2df339149e3dc10c49e852c999dcd0347f34a3978f8f29c504f918501e2702521313e308a72e20bae54167e810c03573089ac34187e2e2fe3143bcfce8ff69eb2fac0bba50c48df06cbf032359637e809bd0081ccac721473cc00cd205229ddc6e89d69e6791aa46d1a0404fcc373f50ef31931c080ea85ddb61a2350cd8fdf031c29baed7046166a20432ae8ae802eca7984f345ea91551b365f8f6a3fc560d0138f6dd783babc60ba0cee235dfa3f1f23f0b3f61380d6492a1ee69241323c0dda9622caf1dc5be34842a3964327ccc5af67f467f7831583fb45f0ffeb579bc66f80a0afb8adb4d79fdac92074a7dfde19090218a358776b68c47b69d7f86b42c9c27e0b0945319774a49ca2a8055a6e27fa06fc8ded09b2aecfc1dfcac83ebd9d256837fe4cd5bcd24dd044dd3549f75fee0ac08fdfe02420aa729499835d129ee695ecff27b1bd5a404972b7f0d1ba54f219e9bec7ec4b01cee7f47ce46cc3787e3c3891a719bf425d4efdf1cd77990131d0cb4937686474180c01d6941680633ac0c6f371d766567987e7c186cb27debb0cba25f77a0be892f9f58df7f5c358f9e6644c6a67f9729c66e58c8f81d0a8442f43d8f9d801bdf29c79ec53f3b84a64b9385f5f7c9d1e35eb7c61703b7ed979281ede1885a9583426ce04269fd20c3a940b1a3816a369b5591ec83de6a07bd99b4a75a801ff7a7363ce7dbe49ea7eaa369ca5ae35b05ce03c227611605ba6dafba08e86b75f9d7b86524ef23490d8813142ec58444d3221b1bd7140254bec95da752fea5f0f1ac874aa59a7364dc4a5cc874f5ea7386a5217520a6a72df897f2bc6c151c5309a5c83082717d3b1ede53bfcc5cf8c8ad12e6784c27f2c5f0eb1f7342a2ef86951c85e316e17efa8d732bb42ae55e5bc7af29919042dc59f2c97533ef42355eba2254716de6039c6e79960180304fe46fb1ac7902c7500b2c3dac592d760de34fa3fbdb80e69566a6d112aa85e7d66f205c2ef5fede262e6d27c243922e43d33b84285b80b417458a794669965f483a5ed821cd54e32f11856ff7f7e9c70534d03f81f99e4290efa30e9b01f043208bc0b6997c1c9bcde6cdb31a14a1c7cf860ce43727e55b21e3af1c8a5ec7cea6900a14011c97a1ab8e3f8cde828c601db409222209c150c0695cb8d459322e4c1ffe9e3e9e85139855057c6be70dfc6c910fde5bcee4b76ac3ba1078a340cf3e83ad537ff2c0d8186faabf4e1c8e9ce813a5a920d324c013dca8576e8f68100eacbb6210d3c66b70e4e97e2f34a228e790667ec87329c623f6385c1835366a6e0af2ceb98ff07af1a8db800821fe0ef50ff14e30f447599397831ff13563af1202191493caf868602589b3ddd74dfc6e1db0a12c3c5f40362c521924218abf94a94ac3f29473fd7685213b44e8b91e0ff6b38e777aacc44f54a113d64cbe9036ac6ea69ddac2966f9b73f5f2c8919dd34c6afa7e38414bc7529d0946a00a999191795babfd4ee9130f7b31ae683050194c234c80f15f01aedc51d8cd80360dca545f5ec40e9dafbad826e67d8bb3b24e33c734db266a79a2404fa8d62641f157725f039083200abd152169ca719bbc35386b55b8a4e1e41115e7cdd36ce212e1bb35b0b507f73724d2a5f60ec18e0e01005932bcb66e49d05d3f4646943a8c9c7e3587e3f919d0e41c9e3b18845a42cd67b0cb0f3bf16da600872f3fd48ee6c7a212d7c68d2c3a1f8482a29343e85335a71eaf07aabc7762fda8a56808bc9c4825bcda42bc8f3baa28f5d74d1373b00e5ecbaf45608a7789d4fec74cd51908f26fb86ff77a320ccf6b925d7d03c2cc8376505a722ec1580d067c86a078b067fd039889e07d16676a248a5f5ce8ce4e7ccd1591a73cb1563ead88b1ab34b7888a78144509e5e48e13343c49d0b7474b42aa93d15862513e9f6de6c1e87dded44e1efa60a0e7b238507ff359bd87fe01875466863b75ee41ee5c31abb89240425c3f5c7c6240569d6250a2b6506fcd0fd6faed67ca8658b7a0718b7a4f30ffca2dff9e87c131d9f6aed5c99b3d4490971d9c4c8146d8a07494ae3d06ee594398d66abb30bdc01409dd50cfc54bce7176fa6d4b43bafb5d4016b7ebf131fb53e6ffe1193f72de162d5c5c6bc7da1a31942cbe94854d6c72b331e2851e0c838dd1caf12d752f35db7c20556506e93ad40e08f3bdf9544ec3c594528b9382d0a2d4ce9c9ae4257a97318d86ba5a6dee651e75bda4b4c64fbd4c93cc3dbe80d79862f7b79118362b3a37db5fd8cdaa6442b78f4df68bbfb6aa23d2b45812969f577de7a15131bc1b08b0ca1353d98a7a0ba210a90968a8e233898aed894a09b8218f92f0a012838a6ef151699de013f8e2598e7f7bdd6dc151f569b4296046966d97542659a1766836139fc7580905f2f33e0de52479be3bab7c36ee8eafc17f45e8197cafed1466d35d99c61807887a0578c131b063e5afb4352fb51e93323dd15332302df04ba2227212bcbdfab2cff964e75923c5f5e117e67a9ba2a26c0496de126236887e674d6", &(0x7f0000001b40)="d9", 0xa, 0x0, 0xb1}, 0x50)
r10 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000001c00), 0x0, 0x0)
ioctl$TIOCSETD(r10, 0x5423, &(0x7f0000001c40)=0x13)
r11 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$VT_OPENQRY(r11, 0x5600, &(0x7f0000001c80))

83.654591ms ago: executing program 4 (id=2238):
r0 = socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0xc, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0xb, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
bind$packet(r0, &(0x7f00000001c0)={0x11, 0x11, r2, 0x1, 0xf, 0x6, @broadcast}, 0x14)
sendto$packet(r0, &(0x7f0000000180)="0b0312002e0064000200475400f6a13bb1000000086086dd4803", 0xbcff, 0x88a8ffff, &(0x7f0000000140)={0x11, 0x3, r2}, 0x14)

83.299122ms ago: executing program 3 (id=2239):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x48, &(0x7f0000000300)=[@in6={0xa, 0x4a24, 0x9, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7177}, @in={0x2, 0x4e22, @rand_addr=0x64010101}, @in6={0xa, 0x4e24, 0x6, @empty, 0x7fff}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000240)=@assoc_value={0x0, 0x5}, 0x8)

55.166515ms ago: executing program 3 (id=2240):
socket$nl_rdma(0x10, 0x3, 0x14)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xc, 0x0, &(0x7f0000001480)='GPL\x00', 0x8, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='kfree\x00', r0, 0x0, 0x4804}, 0x18)
open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x170)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@nobarrier}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x4, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0x1a, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000200000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8"], 0x0, 0x81, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYBLOB="0000005933fb7b"], 0x48)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write(r5, &(0x7f00000001c0)="f14a18f6", 0x4)
sendfile(r5, r2, 0x0, 0x40001)
sendfile(r5, r4, 0x0, 0x7ffff000)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000140)='kfree\x00', r6, 0x0, 0xfffffffffffffff8}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x18, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000007000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c}, 0x94)
syz_mount_image$ext4(&(0x7f0000000480)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200), 0x1, 0x257, &(0x7f0000000ac0)="$eJzs3T1oJGUcBvBnZncv5m6RUxtB/AAR0UA4O8HmbBQO5DhEBBVORGyUO+G8w+7WysZCa5WrbA6xM1pKmmCjiFZRU8RG0GBhsNBiZXc2EpMN6u5mx8v8fjCZr3fm/w4zz5ttZjdAY51McjpJK8lSkk6SYneDe6rp5Gj12uLa+aTff/KXYtiuWq/sHHciSS/Jw0lWyyIvt5MrK89u/rb++P1vXe7c98HKM4tzvciRrc2NJ7bfP/vmx2ceuvLlNz+dLXI63b9d1+wVY7a1i+TWwyj2P1G06+4B/8a51z/6dpD725LcO8x/J2Wqm/f2pWOrnTz43kHHvvPzV3fMs6/A7PX7ncH/wF4faJwySTdFuZykWi7L5eXqM/x3rePlKxcvvbb00sXLF16se6QCZqWbbDz26cInJ/bk/8dWlX/g6Brk/6lz178fLG+3JjrFwqz7BByyO6vZIP9Lz199IJPnH7hByT80l/xDc8k/NJf8Q3PJPzSX/MMR9PVo3tnZ0BvbTP6hueQfjrhjB++Sf2iu3fkHAJqlv1D3G8hAXeoefwAAAAAAAAAAAAAAAAAAgP2uLa6d35nmVfPzd5OtR5O0x9VvDX+POLlp+Pf4r8Wg2V+K6rCpPHf3lCeY0oc1v3198w/11v/irnrrX72Q9N5Icqrd3v/8FaPnb3K3/MP+zgtTFviPij3rjzw93/p7/XG93vpn1pPPBuPPqRTZd//L3D6cjx9/uru/YnlCr/4+5QkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmz8DAAD//25Tbg4=")

53.895894ms ago: executing program 4 (id=2241):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000a00)='\r', 0x1}], 0x1}, 0x1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001540)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="281effe935fdca249bf6ffffffffffffff556eabdca3f2729b0ec1218002a6e5", 0x20}], 0x1}}], 0x1, 0x4800)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff038}, {0x6}]}, 0x10)
sendmmsg(r2, &(0x7f0000000180), 0x4000190, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0xa, &(0x7f0000000180), 0x4)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x18, 0x2, 0x1, 0x401, 0x0, 0x0, {0x0, 0x0, 0x3}, [@CTA_TUPLE_ORIG={0x4}]}, 0x18}}, 0x40010)

0s ago: executing program 4 (id=2242):
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000005c0)=<r0=>0x0)
r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_bp={&(0x7f0000000580)}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRESDEC=r2, @ANYRES8=r1, @ANYBLOB="aed1835ccfe24674db2320537c8e361908049b9b268900eb3d37dc1b7bb18c8a706edd95634f73016dc69fbe57084ed1dedfe5f0466965e588aacc35db7027e7a788f5d3f5dbf805756c95803413ca748a658587a33ecf3c1a79160513a224bdae45bbae17d79b6f82cccb0b597ffe3ddde01fb0b3b286544ea7684bd338e92298897860bf5193d2dab171f3df79ba9de8c6151b22d6d53ad99bc784e9dce00b"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0)
r5 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000440)="4c0000001200ff09ff3a150099a283ff04b8008000f0ffff0000000600401500240036001fc411a0b598bc593ab6821148a730cc33a49868c62b2ca654a6613b6aab", 0x42}, {&(0x7f0000000080)='G%\t\x00\x00\x00\x00\x00\x00\x00', 0xa}], 0x2}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$xdp(0xffffffffffffffff, &(0x7f00000022c0)={0x0, 0x0, &(0x7f0000002240)=[{&(0x7f00000000c0)="9454b83847a5c639dccc1cc3aa288229ee8a8a45ab78b6638fd2636c7547f7afcc1711878b54b4a8bc9eda3358a5cafd58dbb8a9f638354fbf2e6ab22b8558896f959a8579d9a05c6dde4a9dcc1779d407440e34d6e555f793ec7c2979d1f4b82e4122ce3f815e2e5322b7e74e3439af393c3adad4bab28934e91efd14ebc482d56ce8cedb094afc27d5c1e6cc050411de76f5731640796ba1e233fa6da1bb14cd30662898a0595bf34af8eebc3d12716e62ae66fbb6cf070bef47415d593769c361fc054ea962c9d09ed46aecba2af20e0a40204d4d795d019895bc0d52d8cc032ee13ae832fb1f989b70ab35596dfe28c239d45c99016cadd05b87af7bd13d37c5efae45046d0e5f9860e35c2f08ef9f67c80c47b870e353c089bab87b74c588183c64b20b7ccbdb068390e4c59a848d9695f46fc8bdbde97a4400f2e8b7379a62c57fd4ef8bd4f8e3a4bf141e87156efc1b86e15f34591489db7112fcae399f83f9e4ee56a923ea3123b3fbff37ccdf92284137a1500cad979bc0331524168b5f1a5da3e2d6643b6b0f28eb15869ba7f609c4fc9e4aecca1183de7b6427e7564714ffe154c2e4db0042ada0561c58a4003191033a4fdbf0d09c9c49e802e325da5bc2bcbe5b7a64c411a780ae8d0902118894f5f63fe989623f25a7e201e135e8f25b5365c3a615a4727144109cc4b88660728445ce841940d20e87069cb74f63fbfb5dd7992dc4ccde1484aeec05630a440ed9481d03267585eed156484d23b07280cc045ff023abd628d43f7d3b7bc5a9e8e6445f94271d508e5bb17b12216dba8a5f1a02aef9126389dcf725197440404b29b95e71d45b9dad8f3fdf1c6a2734632ca7991026304d869a94259cc32ac8a45da5ba38f54e9d98faf2af04e3f11ab495eb490daa88cbf465fe127cf144081196d8319692a51d3bae449ff531427c829d9cfab8cb15ae4ff6f4392e2c657beae5364b55d05729bc7f950e4b99c7ce71136168a3fda8b7ead182973c1f5fb52f7c6f488f6383c1259345306375ebe0639e40f367be4a480c2babf3e0572a5c089cccd06588489fdf12ff256af41faef912dea1c1cf122e8e4b99770b19fdc9f6b12cdfa51d0b0d3b6dbc18af665f0f92b83b12eda1fae071a9fb49575763d1bfce45616089b868e37bad0c806a5cff911ae163f82f98c885e7c9afa4d55a4117246086b07e55991205ad345dde63ef855097c7be09343ff9dd982e7e8332337c1b9c8aedd1afeb06010e59aeb5008f7bb0d971963f79df825d94773c9b79e6897c53a83388ef89bddd1d35addfb6c3dc0121ac2a7936643159365a0ef14dc95de2d1f60f41a687c04ba42ed9b225496a418e593587f40a25bbb761eeddc2080512646d163a9968ea00f599239b3abd581253d383fb72abad3b19e0d85a7eafdc02e92cbe784129c37152934a286c2a3d5c5eb1ac65caf63f352e58c96a26b0b13462b992926bae78774d7d9de575bf86b50da743692fb38ee9fbc51ac0eff40589f7259b50e1208753abdd7e404abe252592ec7605fb2aacf41771c506cbcf84d7e8657d3801a64f8b8480ff07", 0x461}], 0x1, 0x0, 0x0, 0x10}, 0x40000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x6, &(0x7f0000002300)=ANY=[@ANYBLOB="180000060010000000000000000000001800000004000000000000000700000085100000fbffffff1864000003000000000000000200000095000000000000009721f8f99b9c32b94fa3531ed1fe6ba94a51ebae43e4e02c6702b58f46e33936345a20937f2a96fd56d9437cee57a6a28ddc0fa3e93f72c37140d76fdb2f2dba11bf3e68b3d449ed8a6e259d56194a83c83d8add0ffb3af5414ebd89"], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x27, &(0x7f0000000000)=""/114}, 0xa8)
openat$cgroup_ro(r4, &(0x7f0000000340)='cgroup.stat\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x18)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040)={<r8=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r7, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000280)=0x1, r8, 0x0, 0x1, 0x4}}, 0x20)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r9 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x1e, r9, 0x0, r9, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000940))
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a090000000000000000000200fffd0900020073797a310000000008000440000000000900010073797a30000000000800034000000005"], 0x98}}, 0x0)

kernel console output (not intermixed with test programs):

e: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.640178][ T7790] RSP: 002b:00007f79fbad7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  142.640198][ T7790] RAX: ffffffffffffffda RBX: 00007f79fd2c5fa0 RCX: 00007f79fd06eec9
[  142.640240][ T7790] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 0000000000000007
[  142.640253][ T7790] RBP: 00007f79fbad7090 R08: 0000000000000000 R09: 0000000000000000
[  142.640268][ T7790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  142.640281][ T7790] R13: 00007f79fd2c6038 R14: 00007f79fd2c5fa0 R15: 00007ffff4b61598
[  142.640301][ T7790]  </TASK>
[  142.844508][ T3644] Bluetooth: hci0: command 0x1003 tx timeout
[  142.852032][ T3640] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  142.905131][ T7792] netlink: 'syz.3.1449': attribute type 4 has an invalid length.
[  143.004721][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.020575][ T7798] netlink: 'syz.2.1452': attribute type 1 has an invalid length.
[  143.058937][ T7798] 8021q: adding VLAN 0 to HW filter on device bond5
[  143.089106][ T7808] loop4: detected capacity change from 0 to 512
[  143.117692][ T7806] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1453'.
[  143.155318][ T7813] syzkaller0: entered allmulticast mode
[  143.161170][ T7813] syzkaller0: entered promiscuous mode
[  143.168564][ T7813] syzkaller0 (unregistering): left allmulticast mode
[  143.175462][ T7813] syzkaller0 (unregistering): left promiscuous mode
[  143.247254][ T7808] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.298261][ T7808] ext4 filesystem being mounted at /247/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  143.320758][ T4793] Bluetooth: hci0: Frame reassembly failed (-84)
[  143.342514][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.403626][ T7832] loop1: detected capacity change from 0 to 764
[  143.410274][ T7829] loop4: detected capacity change from 0 to 8192
[  143.417082][ T7832] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  143.473210][ T7836] netlink: 'syz.1.1466': attribute type 4 has an invalid length.
[  143.601714][ T7844] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1470'.
[  143.610963][ T7844] IPVS: Error connecting to the multicast addr
[  143.666200][ T7846] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1471'.
[  144.062592][ T7865] 9pnet: Could not find request transport: 0xffffffffffffffff
[  144.179154][ T7878] syzkaller0: entered allmulticast mode
[  144.185137][ T7878] syzkaller0: entered promiscuous mode
[  144.192994][ T7880] loop3: detected capacity change from 0 to 4096
[  144.193524][ T7878] syzkaller0 (unregistering): left allmulticast mode
[  144.206287][ T7878] syzkaller0 (unregistering): left promiscuous mode
[  144.217519][ T7880] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.373623][ T7889] FAULT_INJECTION: forcing a failure.
[  144.373623][ T7889] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  144.387292][ T7889] CPU: 1 UID: 0 PID: 7889 Comm: syz.4.1488 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  144.387329][ T7889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  144.387347][ T7889] Call Trace:
[  144.387435][ T7889]  <TASK>
[  144.387445][ T7889]  __dump_stack+0x1d/0x30
[  144.387472][ T7889]  dump_stack_lvl+0xe8/0x140
[  144.387492][ T7889]  dump_stack+0x15/0x1b
[  144.387513][ T7889]  should_fail_ex+0x265/0x280
[  144.387609][ T7889]  should_fail+0xb/0x20
[  144.387721][ T7889]  should_fail_usercopy+0x1a/0x20
[  144.387748][ T7889]  _copy_from_user+0x1c/0xb0
[  144.387781][ T7889]  __sys_connect+0xd0/0x2b0
[  144.387882][ T7889]  __x64_sys_connect+0x3f/0x50
[  144.387948][ T7889]  x64_sys_call+0x2c0c/0x3000
[  144.387973][ T7889]  do_syscall_64+0xd2/0x200
[  144.388046][ T7889]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  144.388077][ T7889]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  144.388099][ T7889]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.388120][ T7889] RIP: 0033:0x7f79fd06eec9
[  144.388137][ T7889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.388180][ T7889] RSP: 002b:00007f79fbad7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  144.388206][ T7889] RAX: ffffffffffffffda RBX: 00007f79fd2c5fa0 RCX: 00007f79fd06eec9
[  144.388223][ T7889] RDX: 0000000000000060 RSI: 0000200000000040 RDI: 0000000000000003
[  144.388240][ T7889] RBP: 00007f79fbad7090 R08: 0000000000000000 R09: 0000000000000000
[  144.388256][ T7889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  144.388313][ T7889] R13: 00007f79fd2c6038 R14: 00007f79fd2c5fa0 R15: 00007ffff4b61598
[  144.388338][ T7889]  </TASK>
[  144.603081][   T29] kauditd_printk_skb: 231 callbacks suppressed
[  144.603100][   T29] audit: type=1400 audit(1760386176.909:4371): avc:  denied  { watch_reads } for  pid=7891 comm="syz.4.1489" path="/252" dev="tmpfs" ino=1391 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  144.659615][ T7899] loop1: detected capacity change from 0 to 1024
[  144.668703][ T7897] 9pnet: Could not find request transport: 0xffffffffffffffff
[  144.688934][ T7899] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  144.708307][ T7899] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  144.719327][ T7899] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  144.729423][ T7899] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  144.740682][ T7899] EXT4-fs error (device loop1): ext4_get_journal_inode:5808: inode #17: comm syz.1.1490: iget: bad i_size value: 4398046511204
[  144.768936][ T7899] EXT4-fs (loop1): no journal found
[  144.918388][ T7909] loop1: detected capacity change from 0 to 2048
[  144.956013][ T7909] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.991489][ T7913] netlink: 'syz.2.1496': attribute type 4 has an invalid length.
[  145.016220][   T29] audit: type=1400 audit(1760386177.329:4372): avc:  denied  { rmdir } for  pid=3315 comm="syz-executor" name="lost+found" dev="loop1" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  145.048974][ T3315] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  145.050033][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.063919][ T3315] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  145.090861][   T29] audit: type=1400 audit(1760386177.399:4373): avc:  denied  { unlink } for  pid=3315 comm="syz-executor" name="file0" dev="loop1" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  145.113541][   T29] audit: type=1400 audit(1760386177.399:4374): avc:  denied  { unlink } for  pid=3315 comm="syz-executor" name="file1" dev="loop1" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  145.139010][   T29] audit: type=1400 audit(1760386177.459:4375): avc:  denied  { unmount } for  pid=3315 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  145.159524][   T29] audit: type=1400 audit(1760386177.479:4376): avc:  denied  { unlink } for  pid=3315 comm="syz-executor" name="bus" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  145.195173][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.233417][ T7919] loop1: detected capacity change from 0 to 1024
[  145.251951][ T7919] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  145.269026][ T7919] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  145.280021][ T7919] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  145.304548][ T7919] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  145.319724][ T7919] EXT4-fs error (device loop1): ext4_get_journal_inode:5808: inode #17: comm syz.1.1497: iget: bad i_size value: 4398046511204
[  145.333100][ T3640] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  145.362079][ T7919] EXT4-fs (loop1): no journal found
[  145.384909][ T7924] syzkaller0: entered allmulticast mode
[  145.394521][ T7924] syzkaller0: entered promiscuous mode
[  145.505582][ T7924] syzkaller0 (unregistering): left allmulticast mode
[  145.512419][ T7924] syzkaller0 (unregistering): left promiscuous mode
[  145.603611][   T29] audit: type=1326 audit(1760386177.909:4377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7928 comm="syz.3.1503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162887eec9 code=0x7ffc0000
[  145.649229][ T7927] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1502'.
[  145.658327][ T7927] netlink: 51 bytes leftover after parsing attributes in process `syz.1.1502'.
[  145.660143][   T29] audit: type=1326 audit(1760386177.949:4378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7928 comm="syz.3.1503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f162887eec9 code=0x7ffc0000
[  145.667322][ T7927] netlink: 'syz.1.1502': attribute type 4 has an invalid length.
[  145.698894][   T29] audit: type=1326 audit(1760386177.949:4379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7928 comm="syz.3.1503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162887eec9 code=0x7ffc0000
[  145.722513][   T29] audit: type=1326 audit(1760386177.949:4380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7928 comm="syz.3.1503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f162887eec9 code=0x7ffc0000
[  145.793663][   T52] Bluetooth: hci0: Frame reassembly failed (-84)
[  145.845358][ T7935] vhci_hcd: invalid port number 255
[  145.878022][ T7939] FAULT_INJECTION: forcing a failure.
[  145.878022][ T7939] name failslab, interval 1, probability 0, space 0, times 0
[  145.890859][ T7939] CPU: 0 UID: 0 PID: 7939 Comm: syz.4.1508 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  145.890887][ T7939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  145.890900][ T7939] Call Trace:
[  145.890906][ T7939]  <TASK>
[  145.890915][ T7939]  __dump_stack+0x1d/0x30
[  145.890939][ T7939]  dump_stack_lvl+0xe8/0x140
[  145.891034][ T7939]  dump_stack+0x15/0x1b
[  145.891056][ T7939]  should_fail_ex+0x265/0x280
[  145.891180][ T7939]  should_failslab+0x8c/0xb0
[  145.891216][ T7939]  __kmalloc_cache_node_noprof+0x54/0x4a0
[  145.891256][ T7939]  ? __get_vm_area_node+0x106/0x1d0
[  145.891335][ T7939]  __get_vm_area_node+0x106/0x1d0
[  145.891368][ T7939]  __vmalloc_node_range_noprof+0x28c/0xed0
[  145.891448][ T7939]  ? xt_alloc_entry_offsets+0x4d/0x60
[  145.891485][ T7939]  ? alloc_pages_mpol+0x217/0x260
[  145.891521][ T7939]  ? alloc_frozen_pages_noprof+0x90/0x110
[  145.891550][ T7939]  ? ___kmalloc_large_node+0x52/0x100
[  145.891661][ T7939]  __kvmalloc_node_noprof+0x483/0x670
[  145.891691][ T7939]  ? xt_alloc_entry_offsets+0x4d/0x60
[  145.891728][ T7939]  ? xt_alloc_entry_offsets+0x4d/0x60
[  145.891782][ T7939]  xt_alloc_entry_offsets+0x4d/0x60
[  145.891820][ T7939]  translate_table+0xa9/0x1070
[  145.891856][ T7939]  ? __rcu_read_unlock+0x4f/0x70
[  145.891913][ T7939]  ? __memcg_slab_post_alloc_hook+0x44c/0x580
[  145.891960][ T7939]  ? should_fail_ex+0xdb/0x280
[  145.892022][ T7939]  ? _copy_from_user+0x89/0xb0
[  145.892052][ T7939]  do_ip6t_set_ctl+0x678/0x840
[  145.892089][ T7939]  nf_setsockopt+0x199/0x1b0
[  145.892143][ T7939]  ipv6_setsockopt+0x11a/0x130
[  145.892169][ T7939]  udpv6_setsockopt+0x99/0xb0
[  145.892203][ T7939]  sock_common_setsockopt+0x69/0x80
[  145.892250][ T7939]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  145.892280][ T7939]  __sys_setsockopt+0x184/0x200
[  145.892336][ T7939]  __x64_sys_setsockopt+0x64/0x80
[  145.892381][ T7939]  x64_sys_call+0x20ec/0x3000
[  145.892410][ T7939]  do_syscall_64+0xd2/0x200
[  145.892467][ T7939]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  145.892511][ T7939]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  145.892542][ T7939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.892663][ T7939] RIP: 0033:0x7f79fd06eec9
[  145.892731][ T7939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.892755][ T7939] RSP: 002b:00007f79fbad7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  145.892780][ T7939] RAX: ffffffffffffffda RBX: 00007f79fd2c5fa0 RCX: 00007f79fd06eec9
[  145.892798][ T7939] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  145.892814][ T7939] RBP: 00007f79fbad7090 R08: 00000000000002f0 R09: 0000000000000000
[  145.892831][ T7939] R10: 0000200000000e40 R11: 0000000000000246 R12: 0000000000000001
[  145.892849][ T7939] R13: 00007f79fd2c6038 R14: 00007f79fd2c5fa0 R15: 00007ffff4b61598
[  145.892873][ T7939]  </TASK>
[  145.892943][ T7939] syz.4.1508: vmalloc error: size 536870912, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  146.190243][ T7939] CPU: 0 UID: 0 PID: 7939 Comm: syz.4.1508 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  146.190286][ T7939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  146.190313][ T7939] Call Trace:
[  146.190321][ T7939]  <TASK>
[  146.190330][ T7939]  __dump_stack+0x1d/0x30
[  146.190357][ T7939]  dump_stack_lvl+0xe8/0x140
[  146.190377][ T7939]  dump_stack+0x15/0x1b
[  146.190393][ T7939]  warn_alloc+0x12b/0x1a0
[  146.190547][ T7939]  __vmalloc_node_range_noprof+0x2b1/0xed0
[  146.190594][ T7939]  ? alloc_pages_mpol+0x217/0x260
[  146.190623][ T7939]  ? alloc_frozen_pages_noprof+0x90/0x110
[  146.190652][ T7939]  ? ___kmalloc_large_node+0x52/0x100
[  146.190750][ T7939]  __kvmalloc_node_noprof+0x483/0x670
[  146.190799][ T7939]  ? xt_alloc_entry_offsets+0x4d/0x60
[  146.190835][ T7939]  ? xt_alloc_entry_offsets+0x4d/0x60
[  146.190876][ T7939]  xt_alloc_entry_offsets+0x4d/0x60
[  146.191012][ T7939]  translate_table+0xa9/0x1070
[  146.191048][ T7939]  ? __rcu_read_unlock+0x4f/0x70
[  146.191117][ T7939]  ? __memcg_slab_post_alloc_hook+0x44c/0x580
[  146.191160][ T7939]  ? should_fail_ex+0xdb/0x280
[  146.191196][ T7939]  ? _copy_from_user+0x89/0xb0
[  146.191229][ T7939]  do_ip6t_set_ctl+0x678/0x840
[  146.191333][ T7939]  nf_setsockopt+0x199/0x1b0
[  146.191374][ T7939]  ipv6_setsockopt+0x11a/0x130
[  146.191408][ T7939]  udpv6_setsockopt+0x99/0xb0
[  146.191556][ T7939]  sock_common_setsockopt+0x69/0x80
[  146.191585][ T7939]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  146.191616][ T7939]  __sys_setsockopt+0x184/0x200
[  146.191648][ T7939]  __x64_sys_setsockopt+0x64/0x80
[  146.191675][ T7939]  x64_sys_call+0x20ec/0x3000
[  146.191766][ T7939]  do_syscall_64+0xd2/0x200
[  146.191866][ T7939]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  146.191902][ T7939]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  146.191927][ T7939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.191956][ T7939] RIP: 0033:0x7f79fd06eec9
[  146.191975][ T7939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.192060][ T7939] RSP: 002b:00007f79fbad7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  146.192079][ T7939] RAX: ffffffffffffffda RBX: 00007f79fd2c5fa0 RCX: 00007f79fd06eec9
[  146.192096][ T7939] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  146.192113][ T7939] RBP: 00007f79fbad7090 R08: 00000000000002f0 R09: 0000000000000000
[  146.192129][ T7939] R10: 0000200000000e40 R11: 0000000000000246 R12: 0000000000000001
[  146.192141][ T7939] R13: 00007f79fd2c6038 R14: 00007f79fd2c5fa0 R15: 00007ffff4b61598
[  146.192185][ T7939]  </TASK>
[  146.192214][ T7939] Mem-Info:
[  146.450447][ T7939] active_anon:13587 inactive_anon:0 isolated_anon:0
[  146.450447][ T7939]  active_file:11011 inactive_file:12531 isolated_file:0
[  146.450447][ T7939]  unevictable:4 dirty:165 writeback:0
[  146.450447][ T7939]  slab_reclaimable:3330 slab_unreclaimable:33160
[  146.450447][ T7939]  mapped:30386 shmem:5836 pagetables:1250
[  146.450447][ T7939]  sec_pagetables:0 bounce:0
[  146.450447][ T7939]  kernel_misc_reclaimable:0
[  146.450447][ T7939]  free:1808122 free_pcp:16476 free_cma:0
[  146.495743][ T7939] Node 0 active_anon:39384kB inactive_anon:0kB active_file:44044kB inactive_file:50124kB unevictable:16kB isolated(anon):0kB isolated(file):0kB mapped:121544kB dirty:660kB writeback:0kB shmem:8264kB kernel_stack:3904kB pagetables:5000kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  146.523134][ T7939] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  146.552842][ T7939] lowmem_reserve[]: 0 2883 7862 7862
[  146.558289][ T7939] Node 0 DMA32 free:2949156kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2952688kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:3532kB free_cma:0kB
[  146.589674][ T7939] lowmem_reserve[]: 0 0 4978 4978
[  146.594769][ T7939] Node 0 Normal free:4275860kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:31728kB inactive_anon:0kB active_file:44044kB inactive_file:50124kB unevictable:16kB writepending:660kB zspages:0kB present:5242880kB managed:5098240kB mlocked:16kB bounce:0kB free_pcp:76568kB local_pcp:12508kB free_cma:0kB
[  146.628084][ T7939] lowmem_reserve[]: 0 0 0 0
[  146.632712][ T7939] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  146.645515][ T7939] Node 0 DMA32: 3*4kB (M) 3*8kB (M) 6*16kB (M) 3*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949156kB
[  146.661836][ T7939] Node 0 Normal: 2045*4kB (UME) 880*8kB (UM) 402*16kB (UM) 324*32kB (UME) 220*64kB (UME) 112*128kB (UE) 73*256kB (U) 60*512kB (UME) 37*1024kB (UE) 43*2048kB (UM) 988*4096kB (UM) = 4282644kB
[  146.680697][ T7939] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  146.690015][ T7939] 23700 total pagecache pages
[  146.694737][ T7939] 0 pages in swap cache
[  146.698898][ T7939] Free swap  = 124996kB
[  146.703081][ T7939] Total swap = 124996kB
[  146.707272][ T7939] 2097051 pages RAM
[  146.711093][ T7939] 0 pages HighMem/MovableOnly
[  146.715806][ T7939] 80479 pages reserved
[  146.803800][ T1993] Bluetooth: hci1: Frame reassembly failed (-84)
[  146.829060][ T7952] syzkaller0: entered allmulticast mode
[  146.835179][ T7952] syzkaller0: entered promiscuous mode
[  146.843524][ T7952] syzkaller0 (unregistering): left allmulticast mode
[  146.850519][ T7952] syzkaller0 (unregistering): left promiscuous mode
[  147.023187][ T7958] loop2: detected capacity change from 0 to 1024
[  147.078657][ T7958] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1516: bg 0: block 88: padding at end of block bitmap is not set
[  147.119100][ T7958] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1516'.
[  147.193046][ T7969] loop4: detected capacity change from 0 to 128
[  147.207963][ T7971] netlink: 'syz.2.1520': attribute type 1 has an invalid length.
[  147.220862][ T7969] ext4 filesystem being mounted at /260/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  147.244026][ T7971] 8021q: adding VLAN 0 to HW filter on device bond6
[  147.274630][ T7969] ip6_vti0 speed is unknown, defaulting to 1000
[  147.483607][ T7986] loop4: detected capacity change from 0 to 128
[  147.496121][ T7986] ext4 filesystem being mounted at /261/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  147.533785][ T7986] ip6_vti0 speed is unknown, defaulting to 1000
[  147.554990][ T7991] vhci_hcd: invalid port number 255
[  147.717209][ T8000] loop1: detected capacity change from 0 to 1024
[  147.783704][ T8002] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1532'.
[  147.793505][ T8002] IPVS: Error connecting to the multicast addr
[  147.806021][ T3644] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  147.806039][ T3518] Bluetooth: hci0: command 0x1003 tx timeout
[  147.856358][ T8000] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1531: bg 0: block 88: padding at end of block bitmap is not set
[  147.918718][ T8000] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1531'.
[  147.984304][ T8016] loop0: detected capacity change from 0 to 1024
[  147.992658][ T8016] EXT4-fs: Ignoring removed oldalloc option
[  147.998685][ T8016] EXT4-fs: Ignoring removed bh option
[  148.223206][ T8030] ip6_vti0 speed is unknown, defaulting to 1000
[  148.292770][ T8036] loop1: detected capacity change from 0 to 128
[  148.339222][ T4793] Bluetooth: hci0: Frame reassembly failed (-84)
[  148.502171][ T8043] loop2: detected capacity change from 0 to 1024
[  148.530534][ T8043] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1546: bg 0: block 88: padding at end of block bitmap is not set
[  148.725511][ T8052] loop2: detected capacity change from 0 to 128
[  148.744314][ T8052] ext4 filesystem being mounted at /310/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  148.844507][ T3640] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  148.846288][ T3518] Bluetooth: hci1: command 0x1003 tx timeout
[  148.852065][ T8052] ip6_vti0 speed is unknown, defaulting to 1000
[  148.890822][ T8060] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1551'.
[  148.964156][ T8060] IPVS: Error connecting to the multicast addr
[  148.998085][ T8066] loop4: detected capacity change from 0 to 1024
[  149.025542][ T8066] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  149.041141][ T8066] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  149.052217][ T8066] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  149.058821][ T8071] loop3: detected capacity change from 0 to 128
[  149.062324][ T8066] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  149.086239][ T8072] syzkaller0: entered allmulticast mode
[  149.086898][ T8066] EXT4-fs error (device loop4): ext4_get_journal_inode:5808: inode #17: comm syz.4.1554: iget: bad i_size value: 4398046511204
[  149.099189][ T8072] syzkaller0: entered promiscuous mode
[  149.105545][ T8066] EXT4-fs (loop4): no journal found
[  149.113476][ T8071] ext4 filesystem being mounted at /303/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  149.136063][ T8072] syzkaller0 (unregistering): left allmulticast mode
[  149.142837][ T8072] syzkaller0 (unregistering): left promiscuous mode
[  149.206046][ T8071] ip6_vti0 speed is unknown, defaulting to 1000
[  149.231024][ T8083] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1560'.
[  149.357772][ T8095] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1566'.
[  149.373273][ T8095] IPVS: Error connecting to the multicast addr
[  149.413981][ T8100] loop4: detected capacity change from 0 to 128
[  149.437363][ T8100] ext4 filesystem being mounted at /276/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  149.466779][ T8100] ip6_vti0 speed is unknown, defaulting to 1000
[  149.489907][ T8105] loop0: detected capacity change from 0 to 2048
[  149.496803][ T8105] ext4: Unknown parameter 'uid>00000000000000000000'
[  149.529100][ T8108] loop0: detected capacity change from 0 to 512
[  149.554736][ T8108] ext4 filesystem being mounted at /319/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  149.649427][ T8116] syzkaller0: entered allmulticast mode
[  149.658791][ T8116] syzkaller0: entered promiscuous mode
[  149.669186][ T8116] syzkaller0 (unregistering): left allmulticast mode
[  149.676312][ T8116] syzkaller0 (unregistering): left promiscuous mode
[  149.766229][ T8122] loop0: detected capacity change from 0 to 128
[  149.776276][ T8122] ext4 filesystem being mounted at /321/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  149.812560][ T8122] ip6_vti0 speed is unknown, defaulting to 1000
[  150.095300][ T8132] vhci_hcd: invalid port number 255
[  150.123410][ T8136] loop2: detected capacity change from 0 to 1024
[  150.142576][ T8136] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1579: bg 0: block 88: padding at end of block bitmap is not set
[  150.179099][   T29] kauditd_printk_skb: 220 callbacks suppressed
[  150.179115][   T29] audit: type=1326 audit(1760386182.489:4599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8139 comm="syz.2.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d6b85eec9 code=0x7ffc0000
[  150.197697][ T8140] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1580'.
[  150.218634][ T8140] IPVS: Error connecting to the multicast addr
[  150.229788][   T29] audit: type=1326 audit(1760386182.509:4600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8139 comm="syz.2.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d6b85eec9 code=0x7ffc0000
[  150.253322][   T29] audit: type=1326 audit(1760386182.509:4601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8139 comm="syz.2.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6d6b85eec9 code=0x7ffc0000
[  150.276893][   T29] audit: type=1326 audit(1760386182.509:4602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8139 comm="syz.2.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d6b85eec9 code=0x7ffc0000
[  150.300374][   T29] audit: type=1326 audit(1760386182.509:4603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8139 comm="syz.2.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d6b85eec9 code=0x7ffc0000
[  150.323840][   T29] audit: type=1326 audit(1760386182.509:4604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8139 comm="syz.2.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6d6b85eec9 code=0x7ffc0000
[  150.347255][   T29] audit: type=1326 audit(1760386182.509:4605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8139 comm="syz.2.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d6b85eec9 code=0x7ffc0000
[  150.370738][   T29] audit: type=1326 audit(1760386182.509:4606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8139 comm="syz.2.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f6d6b860d5c code=0x7ffc0000
[  150.374551][ T3640] Bluetooth: hci0: command 0x1003 tx timeout
[  150.394209][   T29] audit: type=1326 audit(1760386182.509:4607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8139 comm="syz.2.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f6d6b860c94 code=0x7ffc0000
[  150.394254][   T29] audit: type=1326 audit(1760386182.509:4608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8139 comm="syz.2.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f6d6b860c94 code=0x7ffc0000
[  150.449916][ T3644] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  150.495101][ T8146] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1583'.
[  150.507869][    T9] IPVS: starting estimator thread 0...
[  150.551850][ T8152] vhci_hcd: invalid port number 255
[  150.605289][ T8150] IPVS: using max 2304 ests per chain, 115200 per kthread
[  150.635017][ T8159] unsupported nla_type 52263
[  150.649638][ T3003] udevd[3003]: worker [6007] terminated by signal 33 (Unknown signal 33)
[  150.652491][ T8164] loop1: detected capacity change from 0 to 1024
[  150.690379][ T8164] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1589: bg 0: block 88: padding at end of block bitmap is not set
[  150.708726][ T8164] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1589'.
[  150.770169][ T8176] FAULT_INJECTION: forcing a failure.
[  150.770169][ T8176] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  150.783568][ T8176] CPU: 1 UID: 0 PID: 8176 Comm: syz.4.1594 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  150.783597][ T8176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  150.783614][ T8176] Call Trace:
[  150.783623][ T8176]  <TASK>
[  150.783633][ T8176]  __dump_stack+0x1d/0x30
[  150.783661][ T8176]  dump_stack_lvl+0xe8/0x140
[  150.783735][ T8176]  dump_stack+0x15/0x1b
[  150.783751][ T8176]  should_fail_ex+0x265/0x280
[  150.783802][ T8176]  should_fail+0xb/0x20
[  150.783860][ T8176]  should_fail_usercopy+0x1a/0x20
[  150.783884][ T8176]  _copy_to_user+0x20/0xa0
[  150.783915][ T8176]  simple_read_from_buffer+0xb5/0x130
[  150.783945][ T8176]  proc_fail_nth_read+0x10e/0x150
[  150.784035][ T8176]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  150.784069][ T8176]  vfs_read+0x1a8/0x770
[  150.784094][ T8176]  ? __rcu_read_unlock+0x4f/0x70
[  150.784153][ T8176]  ? __fget_files+0x184/0x1c0
[  150.784183][ T8176]  ? __rcu_read_unlock+0x4f/0x70
[  150.784218][ T8176]  ksys_read+0xda/0x1a0
[  150.784249][ T8176]  __x64_sys_read+0x40/0x50
[  150.784284][ T8176]  x64_sys_call+0x27c0/0x3000
[  150.784306][ T8176]  do_syscall_64+0xd2/0x200
[  150.784336][ T8176]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  150.784371][ T8176]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  150.784460][ T8176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.784488][ T8176] RIP: 0033:0x7f79fd06d8dc
[  150.784507][ T8176] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  150.784529][ T8176] RSP: 002b:00007f79fbad7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  150.784548][ T8176] RAX: ffffffffffffffda RBX: 00007f79fd2c5fa0 RCX: 00007f79fd06d8dc
[  150.784630][ T8176] RDX: 000000000000000f RSI: 00007f79fbad70a0 RDI: 0000000000000004
[  150.784645][ T8176] RBP: 00007f79fbad7090 R08: 0000000000000000 R09: 0000000000000000
[  150.784662][ T8176] R10: 0000001000000000 R11: 0000000000000246 R12: 0000000000000001
[  150.784678][ T8176] R13: 00007f79fd2c6038 R14: 00007f79fd2c5fa0 R15: 00007ffff4b61598
[  150.784702][ T8176]  </TASK>
[  151.072183][ T8180] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1595'.
[  151.197295][ T8189] ip6_vti0 speed is unknown, defaulting to 1000
[  151.343015][ T8210] loop1: detected capacity change from 0 to 1024
[  151.350135][ T8210] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  151.515079][ T8210] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  151.526210][ T8210] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  152.306398][ T8210] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  152.317570][ T8210] EXT4-fs error (device loop1): ext4_get_journal_inode:5808: inode #17: comm syz.1.1609: iget: bad i_size value: 4398046511204
[  152.330928][ T8216] loop3: detected capacity change from 0 to 512
[  152.331277][ T8210] EXT4-fs (loop1): no journal found
[  152.689197][ T8241] loop4: detected capacity change from 0 to 512
[  152.741368][ T8241] vfat: Unknown parameter '01777777777777777777777'
[  152.787709][ T8261] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1629'.
[  152.804597][ T8261] IPVS: Error connecting to the multicast addr
[  152.876305][ T8278] loop3: detected capacity change from 0 to 1024
[  153.103846][ T8344] loop2: detected capacity change from 0 to 512
[  153.120491][ T8344] EXT4-fs: Ignoring removed mblk_io_submit option
[  153.133059][ T8283] loop3: detected capacity change from 0 to 8192
[  153.175636][ T8344] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[  153.423340][ T8356] loop3: detected capacity change from 0 to 128
[  153.459942][ T8358] vhci_hcd: invalid port number 255
[  153.518441][ T8361] syzkaller0: entered allmulticast mode
[  153.539399][ T8361] syzkaller0: entered promiscuous mode
[  153.564021][ T8361] syzkaller0 (unregistering): left allmulticast mode
[  153.570865][ T8361] syzkaller0 (unregistering): left promiscuous mode
[  153.620434][ T8356] ext4 filesystem being mounted at /314/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  153.731700][ T8356] ip6_vti0 speed is unknown, defaulting to 1000
[  153.961562][ T8387] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1655'.
[  154.068510][ T8393] netlink: 'syz.4.1658': attribute type 4 has an invalid length.
[  154.146170][ T8404] ip6_vti0 speed is unknown, defaulting to 1000
[  154.175934][ T8408] vhci_hcd: invalid port number 255
[  154.184684][ T8412] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1667'.
[  154.199195][ T8412] IPVS: Error connecting to the multicast addr
[  154.371028][ T8428] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1675'.
[  154.446105][ T8440] vhci_hcd: invalid port number 255
[  154.486260][ T8447] syzkaller0: entered allmulticast mode
[  154.492341][ T8447] syzkaller0: entered promiscuous mode
[  154.500054][ T8449] program syz.1.1682 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  154.500617][ T8447] syzkaller0 (unregistering): left allmulticast mode
[  154.516597][ T8447] syzkaller0 (unregistering): left promiscuous mode
[  154.612780][ T8456] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1684'.
[  154.612780][ T8464] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1684'.
[  154.681034][ T8471] loop3: detected capacity change from 0 to 512
[  154.697519][ T8471] ext4 filesystem being mounted at /326/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.751028][ T8478] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1692'.
[  154.789013][ T8471] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  154.916900][ T8498] syzkaller0: entered allmulticast mode
[  154.922745][ T8498] syzkaller0: entered promiscuous mode
[  154.930487][ T8498] syzkaller0 (unregistering): left allmulticast mode
[  154.937674][ T8498] syzkaller0 (unregistering): left promiscuous mode
[  155.090077][ T8508] loop2: detected capacity change from 0 to 1024
[  155.162598][ T8517] loop2: detected capacity change from 0 to 1024
[  155.169895][ T8517] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  155.181960][ T8517] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #3: block 1: comm syz.2.1706: lblock 1 mapped to illegal pblock 1 (length 1)
[  155.196331][ T8517] __quota_error: 283 callbacks suppressed
[  155.196353][ T8517] Quota error (device loop2): write_blk: dquota write failed
[  155.209631][ T8517] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  155.219676][ T8517] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.1706: Failed to acquire dquot type 0
[  155.231411][ T8517] EXT4-fs error (device loop2): ext4_free_blocks:6706: comm syz.2.1706: Freeing blocks not in datazone - block = 0, count = 4096
[  155.245696][ T8517] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.1706: Invalid inode bitmap blk 0 in block_group 0
[  155.258607][ T8517] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[  155.267427][ T8307] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:25: lblock 1 mapped to illegal pblock 1 (length 1)
[  155.272774][ T8517] EXT4-fs (loop2): 1 orphan inode deleted
[  155.286748][ T8307] Quota error (device loop2): remove_tree: Can't read quota data block 1
[  155.295996][ T8307] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:25: Failed to release dquot type 0
[  155.336466][ T8321] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:37: lblock 1 mapped to illegal pblock 1 (length 1)
[  155.351023][ T8321] Quota error (device loop2): remove_tree: Can't read quota data block 1
[  155.359532][ T8321] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:37: Failed to release dquot type 0
[  155.414585][ T8521] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1707'.
[  155.559449][   T29] audit: type=1326 audit(1760386187.869:4892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8540 comm="syz.1.1715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb96e9eec9 code=0x7ffc0000
[  155.593214][   T29] audit: type=1326 audit(1760386187.869:4893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8540 comm="syz.1.1715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb96e9eec9 code=0x7ffc0000
[  155.616730][   T29] audit: type=1326 audit(1760386187.869:4894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8540 comm="syz.1.1715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb96e9eec9 code=0x7ffc0000
[  155.640394][   T29] audit: type=1326 audit(1760386187.869:4895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8540 comm="syz.1.1715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb96e9eec9 code=0x7ffc0000
[  155.663974][   T29] audit: type=1326 audit(1760386187.869:4896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8540 comm="syz.1.1715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb96e9eec9 code=0x7ffc0000
[  155.687552][   T29] audit: type=1326 audit(1760386187.869:4897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8540 comm="syz.1.1715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb96e9eec9 code=0x7ffc0000
[  155.802061][ T8568] FAULT_INJECTION: forcing a failure.
[  155.802061][ T8568] name failslab, interval 1, probability 0, space 0, times 0
[  155.814766][ T8568] CPU: 1 UID: 0 PID: 8568 Comm: syz.1.1725 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  155.814801][ T8568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  155.814871][ T8568] Call Trace:
[  155.814879][ T8568]  <TASK>
[  155.814888][ T8568]  __dump_stack+0x1d/0x30
[  155.814942][ T8568]  dump_stack_lvl+0xe8/0x140
[  155.814967][ T8568]  dump_stack+0x15/0x1b
[  155.814989][ T8568]  should_fail_ex+0x265/0x280
[  155.815034][ T8568]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  155.815062][ T8568]  should_failslab+0x8c/0xb0
[  155.815182][ T8568]  kmem_cache_alloc_lru_noprof+0x55/0x490
[  155.815217][ T8568]  ? shmem_alloc_inode+0x34/0x50
[  155.815244][ T8568]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  155.815271][ T8568]  shmem_alloc_inode+0x34/0x50
[  155.815363][ T8568]  alloc_inode+0x40/0x170
[  155.815399][ T8568]  new_inode+0x1d/0xe0
[  155.815431][ T8568]  shmem_get_inode+0x244/0x750
[  155.815459][ T8568]  __shmem_file_setup+0x113/0x210
[  155.815538][ T8568]  shmem_file_setup+0x3b/0x50
[  155.815576][ T8568]  __se_sys_memfd_create+0x2c3/0x590
[  155.815605][ T8568]  __x64_sys_memfd_create+0x31/0x40
[  155.815648][ T8568]  x64_sys_call+0x2ac2/0x3000
[  155.815675][ T8568]  do_syscall_64+0xd2/0x200
[  155.815707][ T8568]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  155.815823][ T8568]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  155.815896][ T8568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.815934][ T8568] RIP: 0033:0x7fdb96e9eec9
[  155.815954][ T8568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.815982][ T8568] RSP: 002b:00007fdb95906e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  155.816002][ T8568] RAX: ffffffffffffffda RBX: 0000000000000519 RCX: 00007fdb96e9eec9
[  155.816079][ T8568] RDX: 00007fdb95906ef0 RSI: 0000000000000000 RDI: 00007fdb96f22960
[  155.816093][ T8568] RBP: 00002000000005c0 R08: 00007fdb95906bb7 R09: 00007fdb95906e40
[  155.816105][ T8568] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[  155.816117][ T8568] R13: 00007fdb95906ef0 R14: 00007fdb95906eb0 R15: 0000200000000200
[  155.816175][ T8568]  </TASK>
[  156.086571][ T8575] netlink: 296 bytes leftover after parsing attributes in process `syz.1.1727'.
[  156.159935][ T8584] loop1: detected capacity change from 0 to 128
[  156.179173][ T8585] wg2: entered promiscuous mode
[  156.184124][ T8585] wg2: entered allmulticast mode
[  156.222126][ T8584] ext4 filesystem being mounted at /395/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  156.275175][ T8584] ip6_vti0 speed is unknown, defaulting to 1000
[  156.472262][ T8601] loop2: detected capacity change from 0 to 128
[  156.481623][ T8601] ext4 filesystem being mounted at /355/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  156.509876][ T8601] ip6_vti0 speed is unknown, defaulting to 1000
[  156.553628][ T8606] loop1: detected capacity change from 0 to 1024
[  156.575919][ T8606] EXT4-fs: Ignoring removed bh option
[  156.585937][ T8606] EXT4-fs (loop1): stripe (36) is not aligned with cluster size (16), stripe is disabled
[  156.624857][ T8609] FAULT_INJECTION: forcing a failure.
[  156.624857][ T8609] name failslab, interval 1, probability 0, space 0, times 0
[  156.637629][ T8609] CPU: 0 UID: 0 PID: 8609 Comm: syz.0.1739 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  156.637729][ T8609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  156.637743][ T8609] Call Trace:
[  156.637750][ T8609]  <TASK>
[  156.637759][ T8609]  __dump_stack+0x1d/0x30
[  156.637781][ T8609]  dump_stack_lvl+0xe8/0x140
[  156.637801][ T8609]  dump_stack+0x15/0x1b
[  156.637868][ T8609]  should_fail_ex+0x265/0x280
[  156.637954][ T8609]  should_failslab+0x8c/0xb0
[  156.637982][ T8609]  __kmalloc_node_noprof+0xaa/0x580
[  156.638013][ T8609]  ? __vmalloc_node_range_noprof+0x410/0xed0
[  156.638063][ T8609]  __vmalloc_node_range_noprof+0x410/0xed0
[  156.638167][ T8609]  ? sel_write_load+0x158/0x380
[  156.638211][ T8609]  vmalloc_noprof+0x82/0xc0
[  156.638265][ T8609]  ? sel_write_load+0x158/0x380
[  156.638369][ T8609]  sel_write_load+0x158/0x380
[  156.638402][ T8609]  ? __pfx_sel_write_load+0x10/0x10
[  156.638439][ T8609]  vfs_write+0x269/0x960
[  156.638463][ T8609]  ? __rcu_read_unlock+0x4f/0x70
[  156.638490][ T8609]  ? __fget_files+0x184/0x1c0
[  156.638592][ T8609]  ksys_write+0xda/0x1a0
[  156.638696][ T8609]  __x64_sys_write+0x40/0x50
[  156.638721][ T8609]  x64_sys_call+0x2802/0x3000
[  156.638820][ T8609]  do_syscall_64+0xd2/0x200
[  156.638902][ T8609]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  156.638931][ T8609]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  156.638954][ T8609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.638984][ T8609] RIP: 0033:0x7f78ddc4eec9
[  156.638999][ T8609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.639018][ T8609] RSP: 002b:00007f78dc6b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  156.639038][ T8609] RAX: ffffffffffffffda RBX: 00007f78ddea5fa0 RCX: 00007f78ddc4eec9
[  156.639052][ T8609] RDX: 000000000000ffa8 RSI: 0000200000000000 RDI: 0000000000000003
[  156.639117][ T8609] RBP: 00007f78dc6b7090 R08: 0000000000000000 R09: 0000000000000000
[  156.639130][ T8609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.639143][ T8609] R13: 00007f78ddea6038 R14: 00007f78ddea5fa0 R15: 00007fff1fb216e8
[  156.639181][ T8609]  </TASK>
[  156.639358][ T8609] syz.0.1739: vmalloc error: size 65536, failed to allocated page array size 128, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null)
[  156.764479][ T8619] netlink: 'syz.4.1742': attribute type 1 has an invalid length.
[  156.768838][ T8609] ,cpuset=
[  156.783651][ T8619] 8021q: adding VLAN 0 to HW filter on device bond5
[  156.785141][ T8609] /,mems_allowed=0
[  156.891522][ T8609] CPU: 0 UID: 0 PID: 8609 Comm: syz.0.1739 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  156.891549][ T8609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  156.891561][ T8609] Call Trace:
[  156.891568][ T8609]  <TASK>
[  156.891575][ T8609]  __dump_stack+0x1d/0x30
[  156.891655][ T8609]  dump_stack_lvl+0xe8/0x140
[  156.891673][ T8609]  dump_stack+0x15/0x1b
[  156.891687][ T8609]  warn_alloc+0x12b/0x1a0
[  156.891716][ T8609]  ? should_failslab+0x8c/0xb0
[  156.891744][ T8609]  __vmalloc_node_range_noprof+0x4b9/0xed0
[  156.891808][ T8609]  ? sel_write_load+0x158/0x380
[  156.891838][ T8609]  vmalloc_noprof+0x82/0xc0
[  156.891904][ T8609]  ? sel_write_load+0x158/0x380
[  156.892023][ T8609]  sel_write_load+0x158/0x380
[  156.892051][ T8609]  ? __pfx_sel_write_load+0x10/0x10
[  156.892147][ T8609]  vfs_write+0x269/0x960
[  156.892178][ T8609]  ? __rcu_read_unlock+0x4f/0x70
[  156.892213][ T8609]  ? __fget_files+0x184/0x1c0
[  156.892239][ T8609]  ksys_write+0xda/0x1a0
[  156.892290][ T8609]  __x64_sys_write+0x40/0x50
[  156.892322][ T8609]  x64_sys_call+0x2802/0x3000
[  156.892342][ T8609]  do_syscall_64+0xd2/0x200
[  156.892364][ T8609]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  156.892411][ T8609]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  156.892442][ T8609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.892468][ T8609] RIP: 0033:0x7f78ddc4eec9
[  156.892482][ T8609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.892498][ T8609] RSP: 002b:00007f78dc6b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  156.892545][ T8609] RAX: ffffffffffffffda RBX: 00007f78ddea5fa0 RCX: 00007f78ddc4eec9
[  156.892557][ T8609] RDX: 000000000000ffa8 RSI: 0000200000000000 RDI: 0000000000000003
[  156.892579][ T8609] RBP: 00007f78dc6b7090 R08: 0000000000000000 R09: 0000000000000000
[  156.892598][ T8609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.892609][ T8609] R13: 00007f78ddea6038 R14: 00007f78ddea5fa0 R15: 00007fff1fb216e8
[  156.892626][ T8609]  </TASK>
[  156.892632][ T8609] Mem-Info:
[  157.100586][ T8609] active_anon:4283 inactive_anon:0 isolated_anon:0
[  157.100586][ T8609]  active_file:10999 inactive_file:12563 isolated_file:0
[  157.100586][ T8609]  unevictable:0 dirty:330 writeback:0
[  157.100586][ T8609]  slab_reclaimable:3333 slab_unreclaimable:33465
[  157.100586][ T8609]  mapped:30115 shmem:319 pagetables:1137
[  157.100586][ T8609]  sec_pagetables:0 bounce:0
[  157.100586][ T8609]  kernel_misc_reclaimable:0
[  157.100586][ T8609]  free:1826766 free_pcp:6307 free_cma:0
[  157.145547][ T8609] Node 0 active_anon:17132kB inactive_anon:0kB active_file:43996kB inactive_file:50252kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:120460kB dirty:1320kB writeback:0kB shmem:1276kB kernel_stack:4880kB pagetables:4548kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  157.173781][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.183455][ T8609] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  157.213183][ T8609] lowmem_reserve[]: 0 2883 7862 7862
[  157.218707][ T8609] Node 0 DMA32 free:2949156kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2952688kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:3532kB free_cma:0kB
[  157.250365][ T8609] lowmem_reserve[]: 0 0 4978 4978
[  157.255523][ T8609] Node 0 Normal free:4342548kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:17132kB inactive_anon:0kB active_file:43996kB inactive_file:50252kB unevictable:0kB writepending:1320kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:21708kB local_pcp:5636kB free_cma:0kB
[  157.288701][ T8609] lowmem_reserve[]: 0 0 0 0
[  157.293257][ T8609] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  157.305999][ T8609] Node 0 DMA32: 3*4kB (M) 3*8kB (M) 6*16kB (M) 3*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949156kB
[  157.322331][ T8609] Node 0 Normal: 22*4kB (UME) 339*8kB (UME) 371*16kB (UME) 579*32kB (UME) 414*64kB (UME) 208*128kB (UME) 117*256kB (UME) 82*512kB (UME) 54*1024kB (UME) 51*2048kB (UM) 984*4096kB (UM) = 4342528kB
[  157.341702][ T8609] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  157.351065][ T8609] 23877 total pagecache pages
[  157.355796][ T8609] 0 pages in swap cache
[  157.360011][ T8609] Free swap  = 124996kB
[  157.364163][ T8609] Total swap = 124996kB
[  157.368396][ T8609] 2097051 pages RAM
[  157.372203][ T8609] 0 pages HighMem/MovableOnly
[  157.376984][ T8609] 80479 pages reserved
[  157.383131][ T8606] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  157.446096][ T8321] Bluetooth: hci0: Frame reassembly failed (-84)
[  157.475321][ T8626] vhci_hcd: invalid port number 255
[  157.482194][ T8628] FAULT_INJECTION: forcing a failure.
[  157.482194][ T8628] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.495476][ T8628] CPU: 1 UID: 0 PID: 8628 Comm: syz.4.1746 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  157.495508][ T8628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  157.495525][ T8628] Call Trace:
[  157.495532][ T8628]  <TASK>
[  157.495541][ T8628]  __dump_stack+0x1d/0x30
[  157.495568][ T8628]  dump_stack_lvl+0xe8/0x140
[  157.495637][ T8628]  dump_stack+0x15/0x1b
[  157.495659][ T8628]  should_fail_ex+0x265/0x280
[  157.495765][ T8628]  should_fail+0xb/0x20
[  157.495806][ T8628]  should_fail_usercopy+0x1a/0x20
[  157.495842][ T8628]  _copy_from_user+0x1c/0xb0
[  157.495875][ T8628]  __sys_bind+0x106/0x2a0
[  157.495908][ T8628]  __x64_sys_bind+0x3f/0x50
[  157.495938][ T8628]  x64_sys_call+0x2b72/0x3000
[  157.495988][ T8628]  do_syscall_64+0xd2/0x200
[  157.496020][ T8628]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  157.496058][ T8628]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  157.496088][ T8628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.496182][ T8628] RIP: 0033:0x7f79fd06eec9
[  157.496202][ T8628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.496226][ T8628] RSP: 002b:00007f79fbad7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  157.496295][ T8628] RAX: ffffffffffffffda RBX: 00007f79fd2c5fa0 RCX: 00007f79fd06eec9
[  157.496312][ T8628] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000003
[  157.496328][ T8628] RBP: 00007f79fbad7090 R08: 0000000000000000 R09: 0000000000000000
[  157.496344][ T8628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  157.496426][ T8628] R13: 00007f79fd2c6038 R14: 00007f79fd2c5fa0 R15: 00007ffff4b61598
[  157.496446][ T8628]  </TASK>
[  157.707722][ T8635] loop4: detected capacity change from 0 to 2048
[  157.715013][ T8635] ext4: Unknown parameter 'uid>00000000000000000000'
[  157.763302][ T8645] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1754'.
[  157.783944][ T8647] netlink: 'syz.0.1755': attribute type 1 has an invalid length.
[  157.800095][ T8647] 8021q: adding VLAN 0 to HW filter on device bond7
[  157.855077][ T8655] vhci_hcd: invalid port number 255
[  157.900179][ T8659] loop4: detected capacity change from 0 to 8192
[  157.943821][ T8666] ip6_vti0 speed is unknown, defaulting to 1000
[  158.079274][ T8673] loop3: detected capacity change from 0 to 2048
[  158.105182][ T8673] ext4: Unknown parameter 'uid>00000000000000000000'
[  158.182137][ T8681] netlink: 'syz.3.1769': attribute type 1 has an invalid length.
[  158.205230][ T8681] 8021q: adding VLAN 0 to HW filter on device bond7
[  158.245587][ T8685] syzkaller0: entered promiscuous mode
[  158.251156][ T8685] syzkaller0: entered allmulticast mode
[  158.261291][ T8685] loop3: detected capacity change from 0 to 512
[  158.294986][ T8685] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  158.311140][ T8685] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  158.335038][ T8685] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  158.357879][ T8691] vhci_hcd: invalid port number 255
[  158.382412][ T8685] PF_CAN: dropped non conform CAN FD skbuff: dev type 280, len 65487
[  158.461235][ T8699] ip6_vti0 speed is unknown, defaulting to 1000
[  158.608909][ T8708] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  158.767601][ T8720] loop3: detected capacity change from 0 to 1024
[  158.778957][ T8720] EXT4-fs: Ignoring removed nobh option
[  158.794602][ T8720] EXT4-fs: Mount option(s) incompatible with ext3
[  158.905519][ T8740] syzkaller0: entered allmulticast mode
[  158.909112][ T8306] Bluetooth: hci1: Frame reassembly failed (-84)
[  158.913009][ T8743] loop4: detected capacity change from 0 to 128
[  158.924048][ T8740] syzkaller0: entered promiscuous mode
[  158.942097][ T8743] ext4 filesystem being mounted at /316/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  158.953725][ T8740] syzkaller0 (unregistering): left allmulticast mode
[  158.960569][ T8740] syzkaller0 (unregistering): left promiscuous mode
[  159.064082][ T8743] ip6_vti0 speed is unknown, defaulting to 1000
[  159.390139][ T8775] 9pnet_fd: p9_fd_create_unix (8775): problem connecting socket: ./file0: -2
[  159.401578][ T8775] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  159.484504][ T3644] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  159.518311][ T8781] loop1: detected capacity change from 0 to 128
[  159.526955][ T8781] ext4 filesystem being mounted at /398/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  159.636595][ T8789] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1811'.
[  159.745282][ T8799] vhci_hcd: invalid port number 255
[  159.812521][ T8339] Bluetooth: hci0: Frame reassembly failed (-84)
[  159.988586][ T8813] loop1: detected capacity change from 0 to 8192
[  160.179048][ T8819] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1825'.
[  160.449894][ T8834] loop4: detected capacity change from 0 to 1024
[  160.477288][ T8834] FAULT_INJECTION: forcing a failure.
[  160.477288][ T8834] name failslab, interval 1, probability 0, space 0, times 0
[  160.490137][ T8834] CPU: 0 UID: 0 PID: 8834 Comm: syz.4.1831 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  160.490163][ T8834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  160.490228][ T8834] Call Trace:
[  160.490239][ T8834]  <TASK>
[  160.490245][ T8834]  __dump_stack+0x1d/0x30
[  160.490265][ T8834]  dump_stack_lvl+0xe8/0x140
[  160.490282][ T8834]  dump_stack+0x15/0x1b
[  160.490297][ T8834]  should_fail_ex+0x265/0x280
[  160.490404][ T8834]  should_failslab+0x8c/0xb0
[  160.490429][ T8834]  __kmalloc_noprof+0xa5/0x570
[  160.490486][ T8834]  ? copy_splice_read+0xc2/0x660
[  160.490507][ T8834]  copy_splice_read+0xc2/0x660
[  160.490530][ T8834]  ? __pfx_ext4_file_splice_read+0x10/0x10
[  160.490562][ T8834]  splice_direct_to_actor+0x290/0x680
[  160.490606][ T8834]  ? __pfx_direct_splice_actor+0x10/0x10
[  160.490638][ T8834]  do_splice_direct+0xda/0x150
[  160.490666][ T8834]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  160.490702][ T8834]  do_sendfile+0x380/0x650
[  160.490784][ T8834]  __x64_sys_sendfile64+0x105/0x150
[  160.490863][ T8834]  x64_sys_call+0x2bb4/0x3000
[  160.490882][ T8834]  do_syscall_64+0xd2/0x200
[  160.490987][ T8834]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  160.491009][ T8834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.491028][ T8834] RIP: 0033:0x7f79fd06eec9
[  160.491050][ T8834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.491104][ T8834] RSP: 002b:00007f79fbad7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  160.491122][ T8834] RAX: ffffffffffffffda RBX: 00007f79fd2c5fa0 RCX: 00007f79fd06eec9
[  160.491134][ T8834] RDX: 0000000000000000 RSI: 000000000000000a RDI: 000000000000000a
[  160.491145][ T8834] RBP: 00007f79fbad7090 R08: 0000000000000000 R09: 0000000000000000
[  160.491157][ T8834] R10: 0000000800000009 R11: 0000000000000246 R12: 0000000000000001
[  160.491168][ T8834] R13: 00007f79fd2c6038 R14: 00007f79fd2c5fa0 R15: 00007ffff4b61598
[  160.491207][ T8834]  </TASK>
[  160.731086][ T3319] EXT4-fs unmount: 51 callbacks suppressed
[  160.731105][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.781049][   T29] kauditd_printk_skb: 187 callbacks suppressed
[  160.781068][   T29] audit: type=1400 audit(1760386193.089:5083): avc:  denied  { map } for  pid=8837 comm="syz.4.1832" path="socket:[25837]" dev="sockfs" ino=25837 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  160.810743][   T29] audit: type=1400 audit(1760386193.089:5084): avc:  denied  { read accept } for  pid=8837 comm="syz.4.1832" path="socket:[25837]" dev="sockfs" ino=25837 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  160.858894][ T8843] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1834'.
[  160.906399][   T29] audit: type=1326 audit(1760386193.149:5085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8842 comm="syz.0.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78ddc4eec9 code=0x7ffc0000
[  160.926716][ T3644] Bluetooth: hci1: command 0x1003 tx timeout
[  160.929981][   T29] audit: type=1326 audit(1760386193.149:5086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8842 comm="syz.0.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78ddc4eec9 code=0x7ffc0000
[  160.935968][ T3640] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  160.965799][   T29] audit: type=1326 audit(1760386193.149:5087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8842 comm="syz.0.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f78ddc4eec9 code=0x7ffc0000
[  160.989346][   T29] audit: type=1326 audit(1760386193.149:5088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8842 comm="syz.0.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78ddc4eec9 code=0x7ffc0000
[  161.012806][   T29] audit: type=1326 audit(1760386193.149:5089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8842 comm="syz.0.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78ddc4eec9 code=0x7ffc0000
[  161.036252][   T29] audit: type=1326 audit(1760386193.149:5090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8842 comm="syz.0.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f78ddc4eec9 code=0x7ffc0000
[  161.059667][   T29] audit: type=1326 audit(1760386193.149:5091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8842 comm="syz.0.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78ddc4eec9 code=0x7ffc0000
[  161.083160][   T29] audit: type=1326 audit(1760386193.149:5092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8842 comm="syz.0.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78ddc4eec9 code=0x7ffc0000
[  161.269890][ T8863] loop1: detected capacity change from 0 to 512
[  161.294228][ T8863] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.1843: corrupted in-inode xattr: invalid ea_ino
[  161.308948][ T8863] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1843: couldn't read orphan inode 15 (err -117)
[  161.321657][ T8863] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.338424][ T8863] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.1843: invalid indirect mapped block 234881024 (level 0)
[  161.388436][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.460842][ T8875] loop1: detected capacity change from 0 to 1024
[  161.471453][ T8875] EXT4-fs: Ignoring removed oldalloc option
[  161.477531][ T8875] EXT4-fs: Ignoring removed bh option
[  161.502861][ T8875] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.521984][ T8881] loop3: detected capacity change from 0 to 1024
[  161.529684][ T8881] EXT4-fs: Ignoring removed oldalloc option
[  161.535836][ T8881] EXT4-fs: Ignoring removed bh option
[  161.607532][ T8881] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.885556][ T3518] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  162.040728][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.188723][ T8912] netlink: 'syz.4.1862': attribute type 1 has an invalid length.
[  162.203529][ T8912] 8021q: adding VLAN 0 to HW filter on device bond6
[  162.224116][ T8915] syzkaller0: entered allmulticast mode
[  162.230709][ T8915] syzkaller0: entered promiscuous mode
[  162.286478][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  162.304256][ T8920] loop3: detected capacity change from 0 to 512
[  162.311398][ T8922] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1865'.
[  162.320832][ T8922] unsupported nlmsg_type 40
[  162.326630][ T8920] EXT4-fs: Ignoring removed bh option
[  162.353184][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.369613][ T8920] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.382753][ T8920] ext4 filesystem being mounted at /351/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  162.394604][ T8920] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1866'.
[  162.401958][ T8930] loop1: detected capacity change from 0 to 1024
[  162.411890][ T8920] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1866'.
[  162.415709][ T8918] syzkaller0: left promiscuous mode
[  162.423894][ T8920] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.1866: iget: bad i_size value: 2533274857506816
[  162.426563][ T8918] syzkaller0: left allmulticast mode
[  162.455947][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.466371][ T8930] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.483019][ T8930] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1868: bg 0: block 88: padding at end of block bitmap is not set
[  162.501724][ T8937] netlink: 'syz.3.1870': attribute type 4 has an invalid length.
[  162.504426][ T8930] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1868'.
[  162.549207][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.634313][ T8951] syzkaller0: entered allmulticast mode
[  162.640655][ T8951] syzkaller0: entered promiscuous mode
[  162.646829][ T8946] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1875'.
[  162.707821][ T8958] loop1: detected capacity change from 0 to 1024
[  162.714865][ T8958] EXT4-fs: Ignoring removed oldalloc option
[  162.720832][ T8958] EXT4-fs: Ignoring removed bh option
[  162.760425][ T8962] only policy match revision 0 supported
[  162.760439][ T8962] unable to load match
[  162.767788][ T8958] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.772690][ T8962] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1881'.
[  162.800941][ T8962] netlink: 'syz.3.1881': attribute type 4 has an invalid length.
[  162.828538][ T8955] syzkaller0: left promiscuous mode
[  162.833945][ T8955] syzkaller0: left allmulticast mode
[  162.873501][ T8967] loop2: detected capacity change from 0 to 128
[  162.994475][ T8980] FAULT_INJECTION: forcing a failure.
[  162.994475][ T8980] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.007687][ T8980] CPU: 0 UID: 0 PID: 8980 Comm: syz.3.1887 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  163.007723][ T8980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  163.007774][ T8980] Call Trace:
[  163.007780][ T8980]  <TASK>
[  163.007787][ T8980]  __dump_stack+0x1d/0x30
[  163.007806][ T8980]  dump_stack_lvl+0xe8/0x140
[  163.007831][ T8980]  dump_stack+0x15/0x1b
[  163.007846][ T8980]  should_fail_ex+0x265/0x280
[  163.007954][ T8980]  should_fail+0xb/0x20
[  163.008014][ T8980]  should_fail_usercopy+0x1a/0x20
[  163.008039][ T8980]  _copy_from_user+0x1c/0xb0
[  163.008062][ T8980]  ___sys_sendmsg+0xc1/0x1d0
[  163.008104][ T8980]  __x64_sys_sendmsg+0xd4/0x160
[  163.008180][ T8980]  x64_sys_call+0x191e/0x3000
[  163.008200][ T8980]  do_syscall_64+0xd2/0x200
[  163.008222][ T8980]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  163.008299][ T8980]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  163.008319][ T8980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.008339][ T8980] RIP: 0033:0x7f162887eec9
[  163.008353][ T8980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.008442][ T8980] RSP: 002b:00007f16272df038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  163.008468][ T8980] RAX: ffffffffffffffda RBX: 00007f1628ad5fa0 RCX: 00007f162887eec9
[  163.008538][ T8980] RDX: 0000000000020014 RSI: 0000200000000340 RDI: 0000000000000003
[  163.008550][ T8980] RBP: 00007f16272df090 R08: 0000000000000000 R09: 0000000000000000
[  163.008561][ T8980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.008572][ T8980] R13: 00007f1628ad6038 R14: 00007f1628ad5fa0 R15: 00007ffcaa4b8548
[  163.008591][ T8980]  </TASK>
[  163.243916][ T8989] syzkaller0: entered allmulticast mode
[  163.250193][ T8989] syzkaller0: entered promiscuous mode
[  163.276950][ T8984] hub 2-0:1.0: USB hub found
[  163.287263][ T8992] FAULT_INJECTION: forcing a failure.
[  163.287263][ T8992] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.289353][ T8984] hub 2-0:1.0: 8 ports detected
[  163.300516][ T8992] CPU: 0 UID: 0 PID: 8992 Comm: syz.3.1891 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  163.300559][ T8992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  163.300577][ T8992] Call Trace:
[  163.300588][ T8992]  <TASK>
[  163.300601][ T8992]  __dump_stack+0x1d/0x30
[  163.300631][ T8992]  dump_stack_lvl+0xe8/0x140
[  163.300659][ T8992]  dump_stack+0x15/0x1b
[  163.300693][ T8992]  should_fail_ex+0x265/0x280
[  163.300761][ T8992]  should_fail+0xb/0x20
[  163.300805][ T8992]  should_fail_usercopy+0x1a/0x20
[  163.300835][ T8992]  _copy_to_user+0x20/0xa0
[  163.300895][ T8992]  simple_read_from_buffer+0xb5/0x130
[  163.300930][ T8992]  proc_fail_nth_read+0x10e/0x150
[  163.300972][ T8992]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  163.301015][ T8992]  vfs_read+0x1a8/0x770
[  163.301152][ T8992]  ? __rcu_read_unlock+0x4f/0x70
[  163.301188][ T8992]  ? __fget_files+0x184/0x1c0
[  163.301230][ T8992]  ksys_read+0xda/0x1a0
[  163.301287][ T8992]  __x64_sys_read+0x40/0x50
[  163.301320][ T8992]  x64_sys_call+0x27c0/0x3000
[  163.301351][ T8992]  do_syscall_64+0xd2/0x200
[  163.301446][ T8992]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  163.301485][ T8992]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  163.301517][ T8992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.301566][ T8992] RIP: 0033:0x7f162887d8dc
[  163.301588][ T8992] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  163.301615][ T8992] RSP: 002b:00007f16272df030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  163.301649][ T8992] RAX: ffffffffffffffda RBX: 00007f1628ad5fa0 RCX: 00007f162887d8dc
[  163.301668][ T8992] RDX: 000000000000000f RSI: 00007f16272df0a0 RDI: 0000000000000004
[  163.301694][ T8992] RBP: 00007f16272df090 R08: 0000000000000000 R09: 00000000fffffdcf
[  163.301712][ T8992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.301729][ T8992] R13: 00007f1628ad6038 R14: 00007f1628ad5fa0 R15: 00007ffcaa4b8548
[  163.301802][ T8992]  </TASK>
[  163.529707][ T8990] syzkaller0: left promiscuous mode
[  163.535281][ T8990] syzkaller0: left allmulticast mode
[  163.582198][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.702111][ T9012] IPv6: NLM_F_CREATE should be specified when creating new route
[  164.247197][ T9038] netlink: 'syz.2.1910': attribute type 1 has an invalid length.
[  164.274948][ T9038] 8021q: adding VLAN 0 to HW filter on device bond7
[  164.309373][ T9041] ip6_vti0 speed is unknown, defaulting to 1000
[  164.485163][ T9049] loop4: detected capacity change from 0 to 2048
[  164.492219][ T9049] EXT4-fs: Ignoring removed mblk_io_submit option
[  164.498853][ T9049] EXT4-fs: Ignoring removed i_version option
[  164.508838][ T9049] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.582157][ T9049] veth0: entered promiscuous mode
[  164.596883][ T9049] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1915'.
[  164.606718][ T9049] veth0 (unregistering): left promiscuous mode
[  164.721102][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.763925][ T9058] loop3: detected capacity change from 0 to 764
[  164.815676][ T9064] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1917'.
[  164.939903][ T9074] loop4: detected capacity change from 0 to 2048
[  164.947119][ T9074] ext4: Unknown parameter 'uid>00000000000000000000'
[  165.013319][ T9084] FAULT_INJECTION: forcing a failure.
[  165.013319][ T9084] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.026490][ T9084] CPU: 0 UID: 0 PID: 9084 Comm: syz.1.1927 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  165.026565][ T9084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  165.026583][ T9084] Call Trace:
[  165.026620][ T9084]  <TASK>
[  165.026630][ T9084]  __dump_stack+0x1d/0x30
[  165.026658][ T9084]  dump_stack_lvl+0xe8/0x140
[  165.026683][ T9084]  dump_stack+0x15/0x1b
[  165.026772][ T9084]  should_fail_ex+0x265/0x280
[  165.026819][ T9084]  should_fail+0xb/0x20
[  165.026882][ T9084]  should_fail_usercopy+0x1a/0x20
[  165.026910][ T9084]  _copy_from_user+0x1c/0xb0
[  165.026987][ T9084]  ___sys_sendmsg+0xc1/0x1d0
[  165.027040][ T9084]  __x64_sys_sendmsg+0xd4/0x160
[  165.027160][ T9084]  x64_sys_call+0x191e/0x3000
[  165.027184][ T9084]  do_syscall_64+0xd2/0x200
[  165.027208][ T9084]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  165.027237][ T9084]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  165.027263][ T9084]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.027292][ T9084] RIP: 0033:0x7fdb96e9eec9
[  165.027313][ T9084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.027335][ T9084] RSP: 002b:00007fdb95907038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  165.027401][ T9084] RAX: ffffffffffffffda RBX: 00007fdb970f5fa0 RCX: 00007fdb96e9eec9
[  165.027420][ T9084] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000005
[  165.027437][ T9084] RBP: 00007fdb95907090 R08: 0000000000000000 R09: 0000000000000000
[  165.027454][ T9084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.027471][ T9084] R13: 00007fdb970f6038 R14: 00007fdb970f5fa0 R15: 00007fff8df468a8
[  165.027494][ T9084]  </TASK>
[  165.288261][ T9095] xt_recent: Unsupported userspace flags (000000b1)
[  165.296464][ T9095] Driver unsupported XDP return value 0 on prog  (id 1541) dev N/A, expect packet loss!
[  165.429098][ T9100] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1934'.
[  165.954001][ T9128] loop4: detected capacity change from 0 to 128
[  165.962325][ T9128] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  165.974982][ T9128] ext4 filesystem being mounted at /346/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  166.002796][ T9128] ip6_vti0 speed is unknown, defaulting to 1000
[  166.087483][ T3319] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  166.147627][ T9134] loop4: detected capacity change from 0 to 1024
[  166.167373][ T9134] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.195412][ T9134] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1944: bg 0: block 88: padding at end of block bitmap is not set
[  166.213181][ T9134] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1944'.
[  166.235044][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.278848][ T9140] ip6_vti0 speed is unknown, defaulting to 1000
[  166.416288][ T9148] netlink: 'syz.1.1949': attribute type 6 has an invalid length.
[  166.455608][   T29] kauditd_printk_skb: 98 callbacks suppressed
[  166.455626][   T29] audit: type=1326 audit(1760386198.768:5191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9150 comm="syz.3.1950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162887eec9 code=0x7ffc0000
[  166.485287][   T29] audit: type=1326 audit(1760386198.768:5192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9150 comm="syz.3.1950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162887eec9 code=0x7ffc0000
[  166.508999][   T29] audit: type=1326 audit(1760386198.768:5193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9150 comm="syz.3.1950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f162887eec9 code=0x7ffc0000
[  166.532453][   T29] audit: type=1326 audit(1760386198.768:5194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9150 comm="syz.3.1950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162887eec9 code=0x7ffc0000
[  166.556038][   T29] audit: type=1326 audit(1760386198.768:5195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9150 comm="syz.3.1950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162887eec9 code=0x7ffc0000
[  166.579530][   T29] audit: type=1326 audit(1760386198.768:5196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9150 comm="syz.3.1950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f162887eec9 code=0x7ffc0000
[  166.607959][   T29] audit: type=1326 audit(1760386198.928:5197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9150 comm="syz.3.1950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162887eec9 code=0x7ffc0000
[  166.631518][   T29] audit: type=1326 audit(1760386198.928:5198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9150 comm="syz.3.1950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162887eec9 code=0x7ffc0000
[  166.683019][   T29] audit: type=1326 audit(1760386198.948:5199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9153 comm="syz.1.1951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb96e9eec9 code=0x7ffc0000
[  166.706728][   T29] audit: type=1326 audit(1760386198.948:5200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9153 comm="syz.1.1951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb96e9eec9 code=0x7ffc0000
[  166.953191][ T9171] FAULT_INJECTION: forcing a failure.
[  166.953191][ T9171] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  166.966348][ T9171] CPU: 1 UID: 0 PID: 9171 Comm: syz.2.1958 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  166.966421][ T9171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  166.966496][ T9171] Call Trace:
[  166.966504][ T9171]  <TASK>
[  166.966513][ T9171]  __dump_stack+0x1d/0x30
[  166.966539][ T9171]  dump_stack_lvl+0xe8/0x140
[  166.966572][ T9171]  dump_stack+0x15/0x1b
[  166.966595][ T9171]  should_fail_ex+0x265/0x280
[  166.966762][ T9171]  should_fail+0xb/0x20
[  166.966802][ T9171]  should_fail_usercopy+0x1a/0x20
[  166.966827][ T9171]  _copy_from_iter+0xd2/0xe80
[  166.966850][ T9171]  ? __build_skb_around+0x1ab/0x200
[  166.966944][ T9171]  ? __alloc_skb+0x223/0x320
[  166.966971][ T9171]  netlink_sendmsg+0x471/0x6b0
[  166.967006][ T9171]  ? __pfx_netlink_sendmsg+0x10/0x10
[  166.967106][ T9171]  __sock_sendmsg+0x145/0x180
[  166.967145][ T9171]  ____sys_sendmsg+0x31e/0x4e0
[  166.967178][ T9171]  ___sys_sendmsg+0x17b/0x1d0
[  166.967238][ T9171]  __x64_sys_sendmsg+0xd4/0x160
[  166.967282][ T9171]  x64_sys_call+0x191e/0x3000
[  166.967341][ T9171]  do_syscall_64+0xd2/0x200
[  166.967373][ T9171]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  166.967413][ T9171]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  166.967436][ T9171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.967522][ T9171] RIP: 0033:0x7f6d6b85eec9
[  166.967539][ T9171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.967558][ T9171] RSP: 002b:00007f6d6a2c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  166.967577][ T9171] RAX: ffffffffffffffda RBX: 00007f6d6bab5fa0 RCX: 00007f6d6b85eec9
[  166.967592][ T9171] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000006
[  166.967609][ T9171] RBP: 00007f6d6a2c7090 R08: 0000000000000000 R09: 0000000000000000
[  166.967626][ T9171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.967699][ T9171] R13: 00007f6d6bab6038 R14: 00007f6d6bab5fa0 R15: 00007ffd9e388228
[  166.967719][ T9171]  </TASK>
[  167.372102][ T9182] loop1: detected capacity change from 0 to 1024
[  167.474654][ T9196] __nla_validate_parse: 2 callbacks suppressed
[  167.474670][ T9196] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1969'.
[  167.490004][ T9196] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1969'.
[  167.514205][ T9182] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.527968][ T9182] ext4 filesystem being mounted at /433/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.548498][ T9200] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1970'.
[  167.593439][ T9209] loop3: detected capacity change from 0 to 512
[  167.611191][ T9209] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  167.633184][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.652839][ T9209] EXT4-fs (loop3): 1 truncate cleaned up
[  167.661281][ T9209] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.687138][ T9216] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1977'.
[  167.697368][ T9216] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1977'.
[  167.706796][ T9216] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1977'.
[  167.717563][ T9216] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1977'.
[  167.726569][ T9216] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1977'.
[  167.781551][ T9220] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1975'.
[  167.812722][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.828854][ T9227] loop1: detected capacity change from 0 to 8192
[  167.852012][ T9233] netlink: 'syz.3.1984': attribute type 11 has an invalid length.
[  167.852012][ T9234] netlink: 'syz.3.1984': attribute type 11 has an invalid length.
[  167.897967][ T9238] loop2: detected capacity change from 0 to 1024
[  167.914051][ T9242] FAULT_INJECTION: forcing a failure.
[  167.914051][ T9242] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.927426][ T9242] CPU: 1 UID: 0 PID: 9242 Comm: syz.4.1987 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  167.927458][ T9242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  167.927480][ T9242] Call Trace:
[  167.927485][ T9242]  <TASK>
[  167.927492][ T9242]  __dump_stack+0x1d/0x30
[  167.927514][ T9242]  dump_stack_lvl+0xe8/0x140
[  167.927539][ T9242]  dump_stack+0x15/0x1b
[  167.927556][ T9242]  should_fail_ex+0x265/0x280
[  167.927648][ T9242]  should_fail+0xb/0x20
[  167.927704][ T9242]  should_fail_usercopy+0x1a/0x20
[  167.927731][ T9242]  _copy_from_user+0x1c/0xb0
[  167.927763][ T9242]  __sys_bpf+0x183/0x7c0
[  167.927844][ T9242]  __x64_sys_bpf+0x41/0x50
[  167.927879][ T9242]  x64_sys_call+0x2aee/0x3000
[  167.927919][ T9242]  do_syscall_64+0xd2/0x200
[  167.927950][ T9242]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  167.928050][ T9242]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  167.928073][ T9242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.928094][ T9242] RIP: 0033:0x7f79fd06eec9
[  167.928113][ T9242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.928138][ T9242] RSP: 002b:00007f79fbad7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  167.928242][ T9242] RAX: ffffffffffffffda RBX: 00007f79fd2c5fa0 RCX: 00007f79fd06eec9
[  167.928259][ T9242] RDX: 0000000000000050 RSI: 0000200000000180 RDI: 0000000000000000
[  167.928272][ T9238] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.928283][ T9242] RBP: 00007f79fbad7090 R08: 0000000000000000 R09: 0000000000000000
[  167.928300][ T9242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.928315][ T9242] R13: 00007f79fd2c6038 R14: 00007f79fd2c5fa0 R15: 00007ffff4b61598
[  167.928365][ T9242]  </TASK>
[  168.117607][ T9238] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1985: bg 0: block 88: padding at end of block bitmap is not set
[  168.133931][ T9238] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1985'.
[  168.156703][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.237006][ T9267] bridge_slave_0: left allmulticast mode
[  168.242793][ T9267] bridge_slave_0: left promiscuous mode
[  168.248696][ T9267] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.256460][ T9267] bridge_slave_1: left allmulticast mode
[  168.262162][ T9267] bridge_slave_1: left promiscuous mode
[  168.267869][ T9267] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.276112][ T9267] bond0: (slave bond_slave_0): Releasing backup interface
[  168.284169][ T9267] bond0: (slave bond_slave_1): Releasing backup interface
[  168.293264][ T9267] team0: Port device team_slave_0 removed
[  168.300969][ T9267] team0: Port device team_slave_1 removed
[  168.307446][ T9267] bond1: (slave veth3): Releasing active interface
[  168.355939][ T9278] random: crng reseeded on system resumption
[  168.370286][ T9278] loop2: detected capacity change from 0 to 128
[  168.497210][ T9284] loop2: detected capacity change from 0 to 1024
[  168.507413][ T9284] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.522014][ T9284] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2003: bg 0: block 88: padding at end of block bitmap is not set
[  168.575362][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.590475][ T9291] FAULT_INJECTION: forcing a failure.
[  168.590475][ T9291] name failslab, interval 1, probability 0, space 0, times 0
[  168.603448][ T9291] CPU: 1 UID: 0 PID: 9291 Comm: syz.0.2004 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  168.603478][ T9291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  168.603495][ T9291] Call Trace:
[  168.603503][ T9291]  <TASK>
[  168.603511][ T9291]  __dump_stack+0x1d/0x30
[  168.603534][ T9291]  dump_stack_lvl+0xe8/0x140
[  168.603605][ T9291]  dump_stack+0x15/0x1b
[  168.603626][ T9291]  should_fail_ex+0x265/0x280
[  168.603671][ T9291]  should_failslab+0x8c/0xb0
[  168.603717][ T9291]  __kmalloc_noprof+0xa5/0x570
[  168.603749][ T9291]  ? cgroup_mkdir+0x173/0xcc0
[  168.603811][ T9291]  ? cgroup_kn_lock_live+0x130/0x1e0
[  168.603852][ T9291]  cgroup_mkdir+0x173/0xcc0
[  168.603882][ T9291]  ? kernfs_iop_mkdir+0x109/0x1c0
[  168.603931][ T9291]  ? __pfx_cgroup_mkdir+0x10/0x10
[  168.603953][ T9291]  kernfs_iop_mkdir+0x11e/0x1c0
[  168.604045][ T9291]  vfs_mkdir+0x213/0x340
[  168.604074][ T9291]  do_mkdirat+0x132/0x3f0
[  168.604105][ T9291]  __x64_sys_mkdirat+0x4c/0x60
[  168.604130][ T9291]  x64_sys_call+0x2b7/0x3000
[  168.604151][ T9291]  do_syscall_64+0xd2/0x200
[  168.604225][ T9291]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  168.604314][ T9291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.604343][ T9291] RIP: 0033:0x7f78ddc4eec9
[  168.604363][ T9291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.604382][ T9291] RSP: 002b:00007f78dc6b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  168.604401][ T9291] RAX: ffffffffffffffda RBX: 00007f78ddea5fa0 RCX: 00007f78ddc4eec9
[  168.604440][ T9291] RDX: 00000000000001ff RSI: 0000200000000000 RDI: ffffffffffffff9c
[  168.604456][ T9291] RBP: 00007f78dc6b7090 R08: 0000000000000000 R09: 0000000000000000
[  168.604527][ T9291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  168.604544][ T9291] R13: 00007f78ddea6038 R14: 00007f78ddea5fa0 R15: 00007fff1fb216e8
[  168.604568][ T9291]  </TASK>
[  169.017268][ T9318] netlink: 'syz.3.2016': attribute type 1 has an invalid length.
[  169.030582][ T9319] ip6_vti0 speed is unknown, defaulting to 1000
[  169.054901][ T9318] 8021q: adding VLAN 0 to HW filter on device bond8
[  169.068530][ T9324] FAULT_INJECTION: forcing a failure.
[  169.068530][ T9324] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  169.081780][ T9324] CPU: 1 UID: 0 PID: 9324 Comm: syz.0.2015 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  169.081817][ T9324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  169.081834][ T9324] Call Trace:
[  169.081843][ T9324]  <TASK>
[  169.081854][ T9324]  __dump_stack+0x1d/0x30
[  169.081882][ T9324]  dump_stack_lvl+0xe8/0x140
[  169.081907][ T9324]  dump_stack+0x15/0x1b
[  169.081978][ T9324]  should_fail_ex+0x265/0x280
[  169.082019][ T9324]  should_fail+0xb/0x20
[  169.082051][ T9324]  should_fail_usercopy+0x1a/0x20
[  169.082072][ T9324]  _copy_from_user+0x1c/0xb0
[  169.082131][ T9324]  ___sys_sendmsg+0xc1/0x1d0
[  169.082193][ T9324]  __x64_sys_sendmsg+0xd4/0x160
[  169.082234][ T9324]  x64_sys_call+0x191e/0x3000
[  169.082306][ T9324]  do_syscall_64+0xd2/0x200
[  169.082330][ T9324]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  169.082354][ T9324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.082422][ T9324] RIP: 0033:0x7f78ddc4eec9
[  169.082442][ T9324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.082474][ T9324] RSP: 002b:00007f78dc696038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  169.082498][ T9324] RAX: ffffffffffffffda RBX: 00007f78ddea6090 RCX: 00007f78ddc4eec9
[  169.082510][ T9324] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 000000000000000a
[  169.082526][ T9324] RBP: 00007f78dc696090 R08: 0000000000000000 R09: 0000000000000000
[  169.082542][ T9324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.082598][ T9324] R13: 00007f78ddea6128 R14: 00007f78ddea6090 R15: 00007fff1fb216e8
[  169.082624][ T9324]  </TASK>
[  169.381295][ T9337] FAULT_INJECTION: forcing a failure.
[  169.381295][ T9337] name failslab, interval 1, probability 0, space 0, times 0
[  169.394279][ T9337] CPU: 0 UID: 0 PID: 9337 Comm: syz.3.2023 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  169.394314][ T9337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  169.394374][ T9337] Call Trace:
[  169.394381][ T9337]  <TASK>
[  169.394388][ T9337]  __dump_stack+0x1d/0x30
[  169.394415][ T9337]  dump_stack_lvl+0xe8/0x140
[  169.394440][ T9337]  dump_stack+0x15/0x1b
[  169.394488][ T9337]  should_fail_ex+0x265/0x280
[  169.394531][ T9337]  should_failslab+0x8c/0xb0
[  169.394563][ T9337]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[  169.394644][ T9337]  ? sidtab_sid2str_get+0xa0/0x130
[  169.394753][ T9337]  kmemdup_noprof+0x2b/0x70
[  169.394786][ T9337]  sidtab_sid2str_get+0xa0/0x130
[  169.394877][ T9337]  security_sid_to_context_core+0x1eb/0x2e0
[  169.394918][ T9337]  security_sid_to_context+0x27/0x40
[  169.394952][ T9337]  selinux_lsmprop_to_secctx+0x67/0xf0
[  169.394991][ T9337]  security_lsmprop_to_secctx+0x1a3/0x1c0
[  169.395036][ T9337]  audit_log_subj_ctx+0xa4/0x3e0
[  169.395091][ T9337]  ? skb_put+0xa9/0xf0
[  169.395125][ T9337]  audit_log_task_context+0x48/0x70
[  169.395232][ T9337]  audit_log_task+0xf4/0x250
[  169.395275][ T9337]  ? kstrtouint+0x76/0xc0
[  169.395316][ T9337]  audit_seccomp+0x61/0x100
[  169.395399][ T9337]  ? __seccomp_filter+0x82d/0x1250
[  169.395435][ T9337]  __seccomp_filter+0x83e/0x1250
[  169.395510][ T9337]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  169.395551][ T9337]  ? vfs_write+0x7e8/0x960
[  169.395644][ T9337]  __secure_computing+0x82/0x150
[  169.395678][ T9337]  syscall_trace_enter+0xcf/0x1e0
[  169.395755][ T9337]  do_syscall_64+0xac/0x200
[  169.395785][ T9337]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  169.395821][ T9337]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  169.395851][ T9337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.395899][ T9337] RIP: 0033:0x7f162887eec9
[  169.395917][ T9337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.395941][ T9337] RSP: 002b:00007f16272df038 EFLAGS: 00000246 ORIG_RAX: 0000000000000147
[  169.396031][ T9337] RAX: ffffffffffffffda RBX: 00007f1628ad5fa0 RCX: 00007f162887eec9
[  169.396046][ T9337] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[  169.396058][ T9337] RBP: 00007f16272df090 R08: 0000000000000000 R09: 0000000000000000
[  169.396154][ T9337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.396177][ T9337] R13: 00007f1628ad6038 R14: 00007f1628ad5fa0 R15: 00007ffcaa4b8548
[  169.396199][ T9337]  </TASK>
[  169.720070][ T9352] FAULT_INJECTION: forcing a failure.
[  169.720070][ T9352] name failslab, interval 1, probability 0, space 0, times 0
[  169.732862][ T9352] CPU: 0 UID: 0 PID: 9352 Comm: syz.2.2030 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  169.732960][ T9352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  169.732974][ T9352] Call Trace:
[  169.732981][ T9352]  <TASK>
[  169.733006][ T9352]  __dump_stack+0x1d/0x30
[  169.733037][ T9352]  dump_stack_lvl+0xe8/0x140
[  169.733095][ T9352]  dump_stack+0x15/0x1b
[  169.733118][ T9352]  should_fail_ex+0x265/0x280
[  169.733171][ T9352]  should_failslab+0x8c/0xb0
[  169.733313][ T9352]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  169.733351][ T9352]  ? __alloc_skb+0x101/0x320
[  169.733423][ T9352]  __alloc_skb+0x101/0x320
[  169.733458][ T9352]  netlink_alloc_large_skb+0xbf/0xf0
[  169.733495][ T9352]  netlink_sendmsg+0x3cf/0x6b0
[  169.733527][ T9352]  ? __pfx_netlink_sendmsg+0x10/0x10
[  169.733657][ T9352]  __sock_sendmsg+0x145/0x180
[  169.733687][ T9352]  ____sys_sendmsg+0x31e/0x4e0
[  169.733814][ T9352]  ___sys_sendmsg+0x17b/0x1d0
[  169.733934][ T9352]  __x64_sys_sendmsg+0xd4/0x160
[  169.733976][ T9352]  x64_sys_call+0x191e/0x3000
[  169.734007][ T9352]  do_syscall_64+0xd2/0x200
[  169.734082][ T9352]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  169.734112][ T9352]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  169.734144][ T9352]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.734219][ T9352] RIP: 0033:0x7f6d6b85eec9
[  169.734240][ T9352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.734266][ T9352] RSP: 002b:00007f6d6a2c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  169.734293][ T9352] RAX: ffffffffffffffda RBX: 00007f6d6bab5fa0 RCX: 00007f6d6b85eec9
[  169.734320][ T9352] RDX: 0000000000040010 RSI: 0000200000000240 RDI: 0000000000000003
[  169.734337][ T9352] RBP: 00007f6d6a2c7090 R08: 0000000000000000 R09: 0000000000000000
[  169.734388][ T9352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.734406][ T9352] R13: 00007f6d6bab6038 R14: 00007f6d6bab5fa0 R15: 00007ffd9e388228
[  169.734433][ T9352]  </TASK>
[  170.100509][ T9370] macvtap0: refused to change device tx_queue_len
[  170.108042][ T9371] macvtap0: refused to change device tx_queue_len
[  170.270516][ T9390] loop3: detected capacity change from 0 to 8192
[  170.293079][ T9397] loop2: detected capacity change from 0 to 2048
[  170.301326][ T9397] ext4: Unknown parameter 'uid>00000000000000000000'
[  170.340128][ T9403] netlink: 'syz.2.2050': attribute type 1 has an invalid length.
[  170.357625][ T9403] 8021q: adding VLAN 0 to HW filter on device bond8
[  170.921822][ T9458] ip6_vti0 speed is unknown, defaulting to 1000
[  171.260172][ T9480] loop3: detected capacity change from 0 to 512
[  171.281279][ T9480] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.300186][ T9480] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.315422][ T9490] FAULT_INJECTION: forcing a failure.
[  171.315422][ T9490] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  171.328661][ T9490] CPU: 0 UID: 0 PID: 9490 Comm: syz.0.2081 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  171.328731][ T9490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  171.328748][ T9490] Call Trace:
[  171.328806][ T9490]  <TASK>
[  171.328815][ T9490]  __dump_stack+0x1d/0x30
[  171.328837][ T9490]  dump_stack_lvl+0xe8/0x140
[  171.328856][ T9490]  dump_stack+0x15/0x1b
[  171.328874][ T9490]  should_fail_ex+0x265/0x280
[  171.328976][ T9490]  should_fail+0xb/0x20
[  171.329062][ T9490]  should_fail_usercopy+0x1a/0x20
[  171.329084][ T9490]  _copy_to_user+0x20/0xa0
[  171.329110][ T9490]  simple_read_from_buffer+0xb5/0x130
[  171.329134][ T9490]  proc_fail_nth_read+0x10e/0x150
[  171.329270][ T9490]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  171.329357][ T9490]  vfs_read+0x1a8/0x770
[  171.329385][ T9490]  ? __rcu_read_unlock+0x4f/0x70
[  171.329418][ T9490]  ? __fget_files+0x184/0x1c0
[  171.329449][ T9490]  ksys_read+0xda/0x1a0
[  171.329495][ T9490]  __x64_sys_read+0x40/0x50
[  171.329519][ T9490]  x64_sys_call+0x27c0/0x3000
[  171.329560][ T9490]  do_syscall_64+0xd2/0x200
[  171.329589][ T9490]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  171.329684][ T9490]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  171.329707][ T9490]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.329730][ T9490] RIP: 0033:0x7f78ddc4d8dc
[  171.329792][ T9490] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  171.329811][ T9490] RSP: 002b:00007f78dc6b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  171.329832][ T9490] RAX: ffffffffffffffda RBX: 00007f78ddea5fa0 RCX: 00007f78ddc4d8dc
[  171.329845][ T9490] RDX: 000000000000000f RSI: 00007f78dc6b70a0 RDI: 0000000000000006
[  171.329858][ T9490] RBP: 00007f78dc6b7090 R08: 0000000000000000 R09: 0000000000000000
[  171.329871][ T9490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.329884][ T9490] R13: 00007f78ddea6038 R14: 00007f78ddea5fa0 R15: 00007fff1fb216e8
[  171.329997][ T9490]  </TASK>
[  171.550684][   T29] kauditd_printk_skb: 343 callbacks suppressed
[  171.550704][   T29] audit: type=1400 audit(1760386203.858:5543): avc:  denied  { create } for  pid=9491 comm="syz.1.2082" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  171.578498][   T29] audit: type=1400 audit(1760386203.858:5544): avc:  denied  { mounton } for  pid=9491 comm="syz.1.2082" path="/443/file0" dev="tmpfs" ino=2394 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  171.601746][   T29] audit: type=1400 audit(1760386203.858:5545): avc:  denied  { listen } for  pid=9479 comm="syz.3.2078" lport=33038 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  171.625324][   T29] audit: type=1400 audit(1760386203.858:5546): avc:  denied  { accept } for  pid=9479 comm="syz.3.2078" lport=33038 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  171.649108][   T29] audit: type=1400 audit(1760386203.858:5547): avc:  denied  { write } for  pid=9479 comm="syz.3.2078" lport=33038 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  171.672796][   T29] audit: type=1400 audit(1760386203.868:5548): avc:  denied  { setopt } for  pid=9479 comm="syz.3.2078" lport=33038 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  171.698470][   T29] audit: type=1400 audit(1760386203.868:5549): avc:  denied  { create } for  pid=9479 comm="syz.3.2078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  171.718124][   T29] audit: type=1400 audit(1760386203.868:5550): avc:  denied  { write } for  pid=9479 comm="syz.3.2078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  171.738114][   T29] audit: type=1400 audit(1760386203.868:5551): avc:  denied  { ioctl } for  pid=9479 comm="syz.3.2078" path="socket:[28101]" dev="sockfs" ino=28101 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  171.762955][   T29] audit: type=1400 audit(1760386203.878:5552): avc:  denied  { unlink } for  pid=3315 comm="syz-executor" name="file0" dev="tmpfs" ino=2394 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  171.799024][ T9495] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  171.962232][ T9518] syzkaller0: entered allmulticast mode
[  171.983032][ T9518] syzkaller0: entered promiscuous mode
[  171.991872][ T9522] FAULT_INJECTION: forcing a failure.
[  171.991872][ T9522] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  172.005793][ T9522] CPU: 1 UID: 0 PID: 9522 Comm: syz.2.2097 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  172.005831][ T9522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  172.005849][ T9522] Call Trace:
[  172.005857][ T9522]  <TASK>
[  172.005867][ T9522]  __dump_stack+0x1d/0x30
[  172.005895][ T9522]  dump_stack_lvl+0xe8/0x140
[  172.005919][ T9522]  dump_stack+0x15/0x1b
[  172.006027][ T9522]  should_fail_ex+0x265/0x280
[  172.006071][ T9522]  should_fail+0xb/0x20
[  172.006165][ T9522]  should_fail_usercopy+0x1a/0x20
[  172.006242][ T9522]  strncpy_from_user+0x25/0x230
[  172.006316][ T9522]  ? kmem_cache_alloc_noprof+0x242/0x480
[  172.006350][ T9522]  ? getname_flags+0x80/0x3b0
[  172.006387][ T9522]  getname_flags+0xae/0x3b0
[  172.006418][ T9522]  do_sys_openat2+0x60/0x110
[  172.006507][ T9522]  __x64_sys_openat+0xf2/0x120
[  172.006630][ T9522]  x64_sys_call+0x2eab/0x3000
[  172.006656][ T9522]  do_syscall_64+0xd2/0x200
[  172.006680][ T9522]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  172.006717][ T9522]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  172.006747][ T9522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.006851][ T9522] RIP: 0033:0x7f6d6b85eec9
[  172.006867][ T9522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  172.006886][ T9522] RSP: 002b:00007f6d6a2c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  172.006912][ T9522] RAX: ffffffffffffffda RBX: 00007f6d6bab5fa0 RCX: 00007f6d6b85eec9
[  172.006942][ T9522] RDX: 0000000000414f02 RSI: 0000200000000200 RDI: 0000000000000004
[  172.007028][ T9522] RBP: 00007f6d6a2c7090 R08: 0000000000000000 R09: 0000000000000000
[  172.007044][ T9522] R10: 52abe154ad664fa4 R11: 0000000000000246 R12: 0000000000000001
[  172.007060][ T9522] R13: 00007f6d6bab6038 R14: 00007f6d6bab5fa0 R15: 00007ffd9e388228
[  172.007083][ T9522]  </TASK>
[  172.203865][ T9518] syzkaller0 (unregistering): left allmulticast mode
[  172.210786][ T9518] syzkaller0 (unregistering): left promiscuous mode
[  172.257781][ T9539] FAULT_INJECTION: forcing a failure.
[  172.257781][ T9539] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  172.271284][ T9539] CPU: 0 UID: 0 PID: 9539 Comm: syz.2.2103 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  172.271324][ T9539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  172.271339][ T9539] Call Trace:
[  172.271385][ T9539]  <TASK>
[  172.271394][ T9539]  __dump_stack+0x1d/0x30
[  172.271421][ T9539]  dump_stack_lvl+0xe8/0x140
[  172.271446][ T9539]  dump_stack+0x15/0x1b
[  172.271464][ T9539]  should_fail_ex+0x265/0x280
[  172.271507][ T9539]  should_fail_alloc_page+0xf2/0x100
[  172.271621][ T9539]  __alloc_frozen_pages_noprof+0xff/0x360
[  172.271716][ T9539]  alloc_pages_mpol+0xb3/0x260
[  172.271822][ T9539]  vma_alloc_folio_noprof+0x1aa/0x300
[  172.271859][ T9539]  handle_mm_fault+0xec2/0x2be0
[  172.271946][ T9539]  ? mt_find+0x208/0x320
[  172.271994][ T9539]  do_user_addr_fault+0x3fe/0x1080
[  172.272067][ T9539]  exc_page_fault+0x62/0xa0
[  172.272095][ T9539]  asm_exc_page_fault+0x26/0x30
[  172.272120][ T9539] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  172.272245][ T9539] Code: cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 ff f8 01 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  172.272269][ T9539] RSP: 0018:ffffc90000e1f930 EFLAGS: 00050206
[  172.272291][ T9539] RAX: ffff88811b0dcca0 RBX: ffff888139468000 RCX: 0000000000000088
[  172.272308][ T9539] RDX: 0000000000000000 RSI: ffff888139468000 RDI: 0000200000001800
[  172.272324][ T9539] RBP: 0000200000001800 R08: 00000000000001bb R09: 0000000000000000
[  172.272365][ T9539] R10: 0001888139468000 R11: 0001888139468087 R12: 0000200000001888
[  172.272381][ T9539] R13: ffff888139468e20 R14: 0000000000000088 R15: 00007ffffffff000
[  172.272406][ T9539]  _copy_to_iter+0x141/0xe70
[  172.272455][ T9539]  ? sysfs_bin_attr_simple_read+0x3e/0x50
[  172.272487][ T9539]  ? __pfx_sysfs_bin_attr_simple_read+0x10/0x10
[  172.272519][ T9539]  ? sysfs_kf_bin_read+0x129/0x160
[  172.272587][ T9539]  kernfs_fop_read_iter+0x259/0x330
[  172.272634][ T9539]  ? __pfx_kernfs_fop_read_iter+0x10/0x10
[  172.272679][ T9539]  __io_read+0x442/0xc30
[  172.272741][ T9539]  ? should_fail_ex+0xdb/0x280
[  172.272849][ T9539]  ? __rcu_read_unlock+0x4f/0x70
[  172.272963][ T9539]  io_read+0x4a/0x180
[  172.273003][ T9539]  __io_issue_sqe+0xfe/0x2e0
[  172.273042][ T9539]  ? io_assign_file+0x1b6/0x200
[  172.273085][ T9539]  io_issue_sqe+0x56/0xa80
[  172.273192][ T9539]  ? io_prep_rwv+0xef/0x250
[  172.273237][ T9539]  io_submit_sqes+0x675/0x1060
[  172.273333][ T9539]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  172.273379][ T9539]  ? 0xffffffff81000000
[  172.273397][ T9539]  ? __rcu_read_unlock+0x4f/0x70
[  172.273430][ T9539]  ? get_pid_task+0x96/0xd0
[  172.273483][ T9539]  ? proc_fail_nth_write+0x13b/0x160
[  172.273521][ T9539]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  172.273555][ T9539]  ? vfs_write+0x7e8/0x960
[  172.273659][ T9539]  ? __rcu_read_unlock+0x4f/0x70
[  172.273693][ T9539]  ? __fget_files+0x184/0x1c0
[  172.273731][ T9539]  ? fput+0x8f/0xc0
[  172.273839][ T9539]  __x64_sys_io_uring_enter+0x78/0x90
[  172.273875][ T9539]  x64_sys_call+0x2df0/0x3000
[  172.273913][ T9539]  do_syscall_64+0xd2/0x200
[  172.273945][ T9539]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  172.274011][ T9539]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  172.274042][ T9539]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.274072][ T9539] RIP: 0033:0x7f6d6b85eec9
[  172.274093][ T9539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  172.274118][ T9539] RSP: 002b:00007f6d6a2c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  172.274175][ T9539] RAX: ffffffffffffffda RBX: 00007f6d6bab5fa0 RCX: 00007f6d6b85eec9
[  172.274193][ T9539] RDX: 0000000000002000 RSI: 00000000000847ba RDI: 0000000000000004
[  172.274210][ T9539] RBP: 00007f6d6a2c7090 R08: 0000000000000000 R09: 0000000000000000
[  172.274299][ T9539] R10: 000000000000000e R11: 0000000000000246 R12: 0000000000000001
[  172.274316][ T9539] R13: 00007f6d6bab6038 R14: 00007f6d6bab5fa0 R15: 00007ffd9e388228
[  172.274415][ T9539]  </TASK>
[  172.687393][ T9526] ip6_vti0 speed is unknown, defaulting to 1000
[  172.947369][ T9584] syzkaller0: entered allmulticast mode
[  172.953532][ T9584] syzkaller0: entered promiscuous mode
[  172.963766][ T9584] syzkaller0 (unregistering): left allmulticast mode
[  172.970626][ T9584] syzkaller0 (unregistering): left promiscuous mode
[  172.992240][ T9589] netlink: 'syz.2.2121': attribute type 4 has an invalid length.
[  173.047631][ T9594] loop3: detected capacity change from 0 to 128
[  173.066818][ T9594] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  173.107478][ T9594] ext4 filesystem being mounted at /406/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  173.150405][ T9607] loop4: detected capacity change from 0 to 2048
[  173.154430][ T9594] ip6_vti0 speed is unknown, defaulting to 1000
[  173.186674][ T9607] ext4: Unknown parameter 'uid>00000000000000000000'
[  173.205822][ T9609] loop2: detected capacity change from 0 to 128
[  173.220993][ T9609] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  173.257108][ T9609] ext4 filesystem being mounted at /435/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  173.333648][ T3313] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  173.356970][ T9609] ip6_vti0 speed is unknown, defaulting to 1000
[  173.504380][ T9636] __nla_validate_parse: 4 callbacks suppressed
[  173.504397][ T9636] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2138'.
[  173.545006][ T3322] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  173.598585][ T9655] loop3: detected capacity change from 0 to 1024
[  173.620027][ T9655] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.628233][ T9648] ip6_vti0 speed is unknown, defaulting to 1000
[  173.642087][ T9655] FAULT_INJECTION: forcing a failure.
[  173.642087][ T9655] name failslab, interval 1, probability 0, space 0, times 0
[  173.654873][ T9655] CPU: 0 UID: 0 PID: 9655 Comm: syz.3.2145 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  173.654902][ T9655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  173.654914][ T9655] Call Trace:
[  173.654923][ T9655]  <TASK>
[  173.655005][ T9655]  __dump_stack+0x1d/0x30
[  173.655033][ T9655]  dump_stack_lvl+0xe8/0x140
[  173.655058][ T9655]  dump_stack+0x15/0x1b
[  173.655138][ T9655]  should_fail_ex+0x265/0x280
[  173.655174][ T9655]  should_failslab+0x8c/0xb0
[  173.655210][ T9655]  kmem_cache_alloc_noprof+0x50/0x480
[  173.655295][ T9655]  ? skb_clone+0x151/0x1f0
[  173.655332][ T9655]  skb_clone+0x151/0x1f0
[  173.655439][ T9655]  __netlink_deliver_tap+0x2c9/0x500
[  173.655484][ T9655]  netlink_unicast+0x66b/0x690
[  173.655520][ T9655]  netlink_sendmsg+0x58b/0x6b0
[  173.655637][ T9655]  ? __pfx_netlink_sendmsg+0x10/0x10
[  173.655677][ T9655]  __sock_sendmsg+0x145/0x180
[  173.655736][ T9655]  ____sys_sendmsg+0x31e/0x4e0
[  173.655777][ T9655]  ___sys_sendmsg+0x17b/0x1d0
[  173.655922][ T9655]  __x64_sys_sendmsg+0xd4/0x160
[  173.655979][ T9655]  x64_sys_call+0x191e/0x3000
[  173.656005][ T9655]  do_syscall_64+0xd2/0x200
[  173.656045][ T9655]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  173.656082][ T9655]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  173.656171][ T9655]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.656200][ T9655] RIP: 0033:0x7f162887eec9
[  173.656219][ T9655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.656292][ T9655] RSP: 002b:00007f16272df038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  173.656315][ T9655] RAX: ffffffffffffffda RBX: 00007f1628ad5fa0 RCX: 00007f162887eec9
[  173.656332][ T9655] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000008
[  173.656348][ T9655] RBP: 00007f16272df090 R08: 0000000000000000 R09: 0000000000000000
[  173.656390][ T9655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.656406][ T9655] R13: 00007f1628ad6038 R14: 00007f1628ad5fa0 R15: 00007ffcaa4b8548
[  173.656428][ T9655]  </TASK>
[  173.861359][ T9655] netlink: 'syz.3.2145': attribute type 27 has an invalid length.
[  173.869603][ T9655] lo: left allmulticast mode
[  173.876655][ T9655] tunl0: left allmulticast mode
[  173.883141][ T9655] gre0: left allmulticast mode
[  173.892732][ T9655] gretap0: left allmulticast mode
[  173.899714][ T9655] erspan0: left allmulticast mode
[  173.906496][ T9655] ip_vti0: left allmulticast mode
[  173.912850][ T9655] ip6_vti0: left allmulticast mode
[  173.920064][ T9655] sit0: left allmulticast mode
[  173.928738][ T9655] ip6tnl0: left allmulticast mode
[  173.935983][ T9655] ip6gre0: left allmulticast mode
[  173.942454][ T9655] syz_tun: left allmulticast mode
[  173.949128][ T9655] ip6gretap0: left allmulticast mode
[  173.955952][ T9655] bridge0: port 2(bridge_slave_1) entered disabled state
[  173.963368][ T9655] bridge0: port 1(bridge_slave_0) entered disabled state
[  173.971052][ T9655] bridge0: left allmulticast mode
[  173.978429][ T9655] vcan0: left allmulticast mode
[  173.984291][ T9655] bond0: left allmulticast mode
[  173.989333][ T9655] bond_slave_0: left allmulticast mode
[  173.994938][ T9655] bond_slave_1: left allmulticast mode
[  174.002180][ T9655] team0: left allmulticast mode
[  174.007103][ T9655] team_slave_0: left allmulticast mode
[  174.012592][ T9655] team_slave_1: left allmulticast mode
[  174.019977][ T9655] dummy0: left allmulticast mode
[  174.027557][ T9655] nlmon0: left allmulticast mode
[  174.033686][ T9655] caif0: left allmulticast mode
[  174.102518][ T8292] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  174.111083][ T8292] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  174.111511][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.120380][ T8292] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  174.137670][ T8292] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  174.576558][ T9708] netlink: 'syz.3.2166': attribute type 4 has an invalid length.
[  174.635504][ T9710] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2167'.
[  174.895543][ T9741] netlink: 'syz.3.2180': attribute type 4 has an invalid length.
[  174.929764][ T9729] loop9: detected capacity change from 0 to 7
[  174.936069][ T9729] Buffer I/O error on dev loop9, logical block 0, async page read
[  174.944224][ T9729] Buffer I/O error on dev loop9, logical block 0, async page read
[  174.952116][ T9729]  loop9: unable to read partition table
[  174.957927][ T9729] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  174.957927][ T9729] 
) failed (rc=-5)
[  175.015669][ T9731] loop3: detected capacity change from 0 to 7
[  175.022350][ T3313] Buffer I/O error on dev loop3, logical block 0, async page read
[  175.030489][ T3313] Buffer I/O error on dev loop3, logical block 0, async page read
[  175.038428][ T3313]  loop3: unable to read partition table
[  175.046644][ T9731] Buffer I/O error on dev loop3, logical block 0, async page read
[  175.056901][ T9731] Buffer I/O error on dev loop3, logical block 0, async page read
[  175.064797][ T9731]  loop3: unable to read partition table
[  175.070830][ T9731] loop_reread_partitions: partition scan of loop3 (�被x������ڬ��dG�����ݡ�����
[  175.070830][ T9731] 
) failed (rc=-5)
[  175.116870][ T9751] loop1: detected capacity change from 0 to 1024
[  175.137908][ T9753] netlink: 'syz.2.2186': attribute type 1 has an invalid length.
[  175.152726][ T9759] loop4: detected capacity change from 0 to 1024
[  175.162542][ T9751] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  175.185917][ T9759] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 not in group (block 3)!
[  175.189802][ T9751] ext4 filesystem being mounted at /459/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  175.196147][ T9759] EXT4-fs (loop4): group descriptors corrupted!
[  175.209073][ T9753] 8021q: adding VLAN 0 to HW filter on device bond9
[  175.226630][ T9751] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #15: block 3: comm syz.1.2184: lblock 3 mapped to illegal pblock 3 (length 3)
[  175.244279][ T9751] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  175.256779][ T9751] EXT4-fs (loop1): This should not happen!! Data will be lost
[  175.256779][ T9751] 
[  175.268869][ T9751] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2184'.
[  175.290369][ T8316] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #15: block 8: comm kworker/u8:34: lblock 8 mapped to illegal pblock 8 (length 8)
[  175.305039][ T8316] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  175.317523][ T8316] EXT4-fs (loop1): This should not happen!! Data will be lost
[  175.317523][ T8316] 
[  175.337466][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  175.372906][ T9767] netlink: 'syz.2.2191': attribute type 4 has an invalid length.
[  175.417943][ T9775] sctp: [Deprecated]: syz.3.2193 (pid 9775) Use of struct sctp_assoc_value in delayed_ack socket option.
[  175.417943][ T9775] Use struct sctp_sack_info instead
[  175.437575][ T9779] FAULT_INJECTION: forcing a failure.
[  175.437575][ T9779] name failslab, interval 1, probability 0, space 0, times 0
[  175.450302][ T9779] CPU: 1 UID: 0 PID: 9779 Comm: syz.4.2194 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  175.450410][ T9779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  175.450424][ T9779] Call Trace:
[  175.450429][ T9779]  <TASK>
[  175.450437][ T9779]  __dump_stack+0x1d/0x30
[  175.450462][ T9779]  dump_stack_lvl+0xe8/0x140
[  175.450487][ T9779]  dump_stack+0x15/0x1b
[  175.450547][ T9779]  should_fail_ex+0x265/0x280
[  175.450582][ T9779]  should_failslab+0x8c/0xb0
[  175.450610][ T9779]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  175.450663][ T9779]  ? __alloc_skb+0x101/0x320
[  175.450698][ T9779]  __alloc_skb+0x101/0x320
[  175.450723][ T9779]  netlink_alloc_large_skb+0xbf/0xf0
[  175.450816][ T9779]  netlink_sendmsg+0x3cf/0x6b0
[  175.450849][ T9779]  ? __pfx_netlink_sendmsg+0x10/0x10
[  175.450884][ T9779]  __sock_sendmsg+0x145/0x180
[  175.450912][ T9779]  ____sys_sendmsg+0x31e/0x4e0
[  175.450997][ T9779]  ___sys_sendmsg+0x17b/0x1d0
[  175.451052][ T9779]  __x64_sys_sendmsg+0xd4/0x160
[  175.451096][ T9779]  x64_sys_call+0x191e/0x3000
[  175.451124][ T9779]  do_syscall_64+0xd2/0x200
[  175.451205][ T9779]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  175.451251][ T9779]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  175.451281][ T9779]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.451309][ T9779] RIP: 0033:0x7f79fd06eec9
[  175.451329][ T9779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.451371][ T9779] RSP: 002b:00007f79fbad7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  175.451390][ T9779] RAX: ffffffffffffffda RBX: 00007f79fd2c5fa0 RCX: 00007f79fd06eec9
[  175.451402][ T9779] RDX: 0000000004008040 RSI: 0000200000000280 RDI: 0000000000000003
[  175.451488][ T9779] RBP: 00007f79fbad7090 R08: 0000000000000000 R09: 0000000000000000
[  175.451505][ T9779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  175.451521][ T9779] R13: 00007f79fd2c6038 R14: 00007f79fd2c5fa0 R15: 00007ffff4b61598
[  175.451596][ T9779]  </TASK>
[  175.704697][ T9789] loop4: detected capacity change from 0 to 1024
[  175.711876][ T9789] EXT4-fs: Ignoring removed oldalloc option
[  175.717996][ T9789] EXT4-fs: Ignoring removed bh option
[  175.738077][ T9789] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.778219][ T9800] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  175.829179][ T9807] netlink: 'syz.0.2206': attribute type 4 has an invalid length.
[  175.849184][ T9805] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.911530][ T9805] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.970750][ T9805] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.032793][ T9805] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.077786][ T9825] sctp: [Deprecated]: syz.0.2212 (pid 9825) Use of struct sctp_assoc_value in delayed_ack socket option.
[  176.077786][ T9825] Use struct sctp_sack_info instead
[  176.144074][ T8330] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  176.159875][ T8308] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  176.174865][ T8308] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  176.195245][ T8330] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  176.221504][ T9837] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  176.232053][ T9837] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2219'.
[  176.244116][ T9837] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9837 comm=syz.3.2219
[  176.327420][ T9843] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2222'.
[  176.336360][ T9843] netlink: 348 bytes leftover after parsing attributes in process `syz.0.2222'.
[  176.345562][ T9843] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2222'.
[  176.354609][ T9843] netlink: 348 bytes leftover after parsing attributes in process `syz.0.2222'.
[  176.370692][ T9843] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2222'.
[  176.394201][ T9843] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2222'.
[  176.449861][ T8330] Bluetooth: hci0: Frame reassembly failed (-84)
[  176.549574][ T9857] sctp: [Deprecated]: syz.0.2227 (pid 9857) Use of struct sctp_assoc_value in delayed_ack socket option.
[  176.549574][ T9857] Use struct sctp_sack_info instead
[  176.583605][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.598741][   T29] kauditd_printk_skb: 497 callbacks suppressed
[  176.598757][   T29] audit: type=1400 audit(1760386208.917:6050): avc:  denied  { create } for  pid=9860 comm="syz.2.2230" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  176.625395][   T29] audit: type=1400 audit(1760386208.937:6051): avc:  denied  { getopt } for  pid=9860 comm="syz.2.2230" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  176.664909][   T29] audit: type=1400 audit(1760386208.937:6052): avc:  denied  { write } for  pid=9860 comm="syz.2.2230" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  176.831313][ T9877] netlink: 'syz.4.2233': attribute type 4 has an invalid length.
[  176.841886][   T29] audit: type=1400 audit(1760386209.157:6053): avc:  denied  { create } for  pid=9879 comm="syz.0.2234" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  176.863981][   T29] audit: type=1400 audit(1760386209.157:6054): avc:  denied  { setopt } for  pid=9879 comm="syz.0.2234" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  176.994614][ T9885] FAULT_INJECTION: forcing a failure.
[  176.994614][ T9885] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  177.007967][ T9885] CPU: 0 UID: 0 PID: 9885 Comm: syz.4.2236 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  177.008015][ T9885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  177.008030][ T9885] Call Trace:
[  177.008038][ T9885]  <TASK>
[  177.008048][ T9885]  __dump_stack+0x1d/0x30
[  177.008074][ T9885]  dump_stack_lvl+0xe8/0x140
[  177.008099][ T9885]  dump_stack+0x15/0x1b
[  177.008120][ T9885]  should_fail_ex+0x265/0x280
[  177.008156][ T9885]  should_fail+0xb/0x20
[  177.008262][ T9885]  should_fail_usercopy+0x1a/0x20
[  177.008289][ T9885]  _copy_to_user+0x20/0xa0
[  177.008319][ T9885]  copy_siginfo_to_user+0x22/0xb0
[  177.008389][ T9885]  x64_setup_rt_frame+0x2b5/0x580
[  177.008419][ T9885]  arch_do_signal_or_restart+0x23e/0x440
[  177.008451][ T9885]  exit_to_user_mode_loop+0x77/0x110
[  177.008561][ T9885]  do_syscall_64+0x1d6/0x200
[  177.008592][ T9885]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  177.008622][ T9885]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  177.008701][ T9885]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.008842][ T9885] RIP: 0033:0x7f79fd06eec7
[  177.008859][ T9885] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  177.008957][ T9885] RSP: 002b:00007f79fbad7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  177.009091][ T9885] RAX: 0000000000000113 RBX: 00007f79fd2c5fa0 RCX: 00007f79fd06eec9
[  177.009104][ T9885] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000003
[  177.009116][ T9885] RBP: 00007f79fbad7090 R08: 0000000000000007 R09: 0000000000000009
[  177.009130][ T9885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  177.009145][ T9885] R13: 00007f79fd2c6038 R14: 00007f79fd2c5fa0 R15: 00007ffff4b61598
[  177.009169][ T9885]  </TASK>
[  177.200809][   T29] audit: type=1400 audit(1760386209.517:6055): avc:  denied  { create } for  pid=9887 comm="syz.4.2237" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  177.221699][ T9888] IPVS: set_ctl: invalid protocol: 58 10.1.1.2:20004
[  177.243218][   T29] audit: type=1400 audit(1760386209.537:6056): avc:  denied  { write } for  pid=9887 comm="syz.4.2237" path="socket:[29858]" dev="sockfs" ino=29858 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  177.285900][ T9893] sctp: [Deprecated]: syz.3.2239 (pid 9893) Use of struct sctp_assoc_value in delayed_ack socket option.
[  177.285900][ T9893] Use struct sctp_sack_info instead
[  177.325375][ T9895] loop3: detected capacity change from 0 to 1024
[  177.333069][ T9895] EXT4-fs: Ignoring removed oldalloc option
[  177.339139][ T9895] EXT4-fs: Ignoring removed bh option
[  177.350701][ T9895] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  177.378531][   T29] audit: type=1400 audit(1760386209.697:6057): avc:  denied  { read write } for  pid=9901 comm="syz.4.2242" name="rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  177.402981][   T29] audit: type=1400 audit(1760386209.697:6058): avc:  denied  { open } for  pid=9901 comm="syz.4.2242" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  177.454648][ T9903] ==================================================================
[  177.462812][ T9903] BUG: KCSAN: data-race in __writeback_single_inode / generic_buffers_fsync_noflush
[  177.472273][ T9903] 
[  177.474612][ T9903] read-write to 0xffff88811a83ba18 of 4 bytes by task 9895 on cpu 0:
[  177.482688][ T9903]  __writeback_single_inode+0x1e3/0x7c0
[  177.488266][ T9903]  writeback_single_inode+0x16d/0x3f0
[  177.493664][ T9903]  sync_inode_metadata+0x5b/0x90
[  177.498631][ T9903]  generic_buffers_fsync_noflush+0xd9/0x120
[  177.504551][ T9903]  ext4_sync_file+0x1ab/0x690
[  177.509241][ T9903]  vfs_fsync_range+0x10d/0x130
[  177.514023][ T9903]  ext4_buffered_write_iter+0x34f/0x3c0
[  177.519605][ T9903]  ext4_file_write_iter+0x387/0xf60
[  177.524835][ T9903]  iter_file_splice_write+0x666/0xa60
[  177.530218][ T9903]  direct_splice_actor+0x156/0x2a0
[  177.535344][ T9903]  splice_direct_to_actor+0x312/0x680
[  177.540728][ T9903]  do_splice_direct+0xda/0x150
[  177.545504][ T9903]  do_sendfile+0x380/0x650
[  177.549947][ T9903]  __x64_sys_sendfile64+0x105/0x150
[  177.555165][ T9903]  x64_sys_call+0x2bb4/0x3000
[  177.559853][ T9903]  do_syscall_64+0xd2/0x200
[  177.564373][ T9903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.570283][ T9903] 
[  177.572615][ T9903] read to 0xffff88811a83ba18 of 4 bytes by task 9903 on cpu 1:
[  177.580168][ T9903]  generic_buffers_fsync_noflush+0x80/0x120
[  177.586171][ T9903]  ext4_sync_file+0x1ab/0x690
[  177.590860][ T9903]  vfs_fsync_range+0x10d/0x130
[  177.595643][ T9903]  ext4_buffered_write_iter+0x34f/0x3c0
[  177.601211][ T9903]  ext4_file_write_iter+0x387/0xf60
[  177.606442][ T9903]  iter_file_splice_write+0x666/0xa60
[  177.611828][ T9903]  direct_splice_actor+0x156/0x2a0
[  177.616954][ T9903]  splice_direct_to_actor+0x312/0x680
[  177.622344][ T9903]  do_splice_direct+0xda/0x150
[  177.627121][ T9903]  do_sendfile+0x380/0x650
[  177.631561][ T9903]  __x64_sys_sendfile64+0x105/0x150
[  177.636887][ T9903]  x64_sys_call+0x2bb4/0x3000
[  177.641580][ T9903]  do_syscall_64+0xd2/0x200
[  177.646100][ T9903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.652012][ T9903] 
[  177.654344][ T9903] value changed: 0x00000042 -> 0x00000000
[  177.660065][ T9903] 
[  177.662395][ T9903] Reported by Kernel Concurrency Sanitizer on:
[  177.668555][ T9903] CPU: 1 UID: 0 PID: 9903 Comm: syz.3.2240 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  177.678285][ T9903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  177.688359][ T9903] ==================================================================
[  178.173573][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.526822][ T3640] Bluetooth: hci0: command 0x1003 tx timeout
[  178.526803][ T3518] Bluetooth: hci0: Opcode 0x1003 failed: -110