last executing test programs:

1m6.876667286s ago: executing program 4 (id=99):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
pipe2(&(0x7f0000001cc0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x2204803, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@uname={'uname', 0x3d, '\xd0\xae\xde\xc1\xaa \xff\xd8\x1d\x1b\xf8\x93)!|\xb0X\xa3\x96\xed\xa2\xab@\xa2m\x93\xdd\b<\x00t\xdc\xabl\xab!\xae\x16\xc4\xcd\xf9{\xdc5_;A\xd2{eC\x014\\\xb3\xc4\xce\xc3yS2-\x01\xbe\xaarW\x96O\xd3\x0f\xe2\xd7/\x17\x1d\xa7.8\x9f8-\xea<\x8d\x91\x90j\xea\xd5\xd5\xae\xcc\xc0\x97\xef\x10\x92\xea\x98|+\x00\x00\x00\x00\x00\x00\x00\x00'}}]}})

1m6.798077787s ago: executing program 4 (id=101):
mkdir(&(0x7f0000000580)='./file0\x00', 0x92)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x800)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000400000000000000000000850000005000000085000000d000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
socket(0x40000000015, 0x5, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x5, 0x2000000000000213, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x800, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000040)=0x14)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TIOCVHANGUP(r5, 0x5437, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x104}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r7 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(r7, 0x0, 0x4000000a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0xe)
r8 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r9 = fcntl$dupfd(r8, 0x0, r8)
ioctl$SCSI_IOCTL_START_UNIT(r9, 0x5)

1m6.347753626s ago: executing program 4 (id=105):
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000104a5270b7357000000925e4a44", @ANYRES32, @ANYBLOB="0dfa130016000000240012000c00010000000000000000000c0002f60800000001180000080001"], 0x44}}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={r1, 0x7, 0x104, 0xfffffffe})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB='H'], 0x48}, 0x1, 0x0, 0x0, 0x20004810}, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1m6.17458707s ago: executing program 4 (id=108):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000000000001812", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
recvmsg$unix(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)

1m6.044632652s ago: executing program 4 (id=110):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x22d3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000340)={0x0, <r3=>0x0})
process_vm_readv(r3, &(0x7f0000000900)=[{&(0x7f00000003c0)=""/109, 0x6d}, {&(0x7f0000000200)=""/60, 0x3c}, {&(0x7f0000000280)=""/28, 0x1c}, {&(0x7f0000000580)=""/108, 0x6c}, {&(0x7f0000000600)=""/19, 0x13}, {&(0x7f0000000640)=""/242, 0xf2}, {&(0x7f0000000740)=""/213, 0xd5}, {&(0x7f0000000840)=""/151, 0x97}], 0x8, &(0x7f0000000980)=[{&(0x7f0000000a40)=""/223, 0xdf}], 0x1, 0x0)
r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x95, 0x3}, 0x100002, 0x4, 0xc7d, 0x9, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3f, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r6}, 0x10)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000b40)=@filter={'filter\x00', 0x4, 0x4, 0x370, 0xffffffff, 0x260, 0x260, 0xe8, 0xfeffffff, 0xffffffff, 0x3e8, 0x3e8, 0x3e8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xffffff00, 0xffffffff, 0xffffffff, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x2000010}}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3d0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a00)=ANY=[@ANYBLOB="442300003b0007010100000000000000017c00000400fc802b2301"], 0x2344}, 0x1, 0x0, 0x0, 0x20000000}, 0x4c000)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0x5, &(0x7f0000000000)=0x2, 0x4)
futimesat(0xffffffffffffffff, 0x0, 0x0)
lstat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180))

1m5.961771193s ago: executing program 4 (id=111):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$binfmt_elf64(r4, 0x0, 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

50.922931397s ago: executing program 32 (id=111):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$binfmt_elf64(r4, 0x0, 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

4.171829759s ago: executing program 3 (id=836):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_int(r1, 0x29, 0x4b, 0x0, &(0x7f0000001a80))
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000740)={0x9, 0xcf0d, 0x5, 0x7, 0x0, 0x4000})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x1, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, r0, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='nr_inodes=2'])
chdir(&(0x7f0000000140)='./file0\x00')
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')

4.148082629s ago: executing program 3 (id=837):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

4.11523954s ago: executing program 3 (id=839):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002100), 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x9, &(0x7f0000000800)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @call={0x85, 0x0, 0x0, 0x64}]}, &(0x7f0000000640)='syzkaller\x00', 0x7, 0xf9, &(0x7f0000000b00)=""/249}, 0x94)

4.08150851s ago: executing program 3 (id=840):
r0 = creat(0x0, 0x67)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x70, 0x103301)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82307201, &(0x7f0000000340)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x80000000}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008001500b7040000000000008500000058"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x3)
cachestat(r5, &(0x7f0000000140)={0x1, 0x7fc001}, &(0x7f0000000100), 0x0)

3.920572254s ago: executing program 3 (id=845):
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000000)='.\x00', 0xa4000021)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, &(0x7f0000000140)={0x3ff, <r1=>r0, 'id1\x00'})
r2 = socket$rds(0x15, 0x5, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r3, 0x1, &(0x7f0000000040)={{}, {0x0, 0x3938700}}, 0x0)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x300000b, 0x10010, 0xffffffffffffffff, 0xec776000)
write$RDMA_USER_CM_CMD_GET_EVENT(0xffffffffffffffff, &(0x7f0000000080)={0xc, 0x6, 0xfa00, {0xfffffffffffffffe}}, 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000080)={0x28, 0x0, 0x2711}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r4 = memfd_create(&(0x7f0000000200)='-&:\n-\xb2];\x0f`\xbf\xe6\xa96&\xb8=\x94Z}\xfaW~\xae\x87\x88\xea\xde\xd9=-s\xf0\xd6\xd1=\x1d\x8bl\xd5\xc3DZ\xbc0\x8e\xac\xf2\xf2#\xebI\xab\xf6\xab}\xa5\x18 \x8a\x8aG:\xacD-\x99JD/~\xd6\xb5m\xac\x8d\x1d\x1c\xe9\x80\xe5<\xfcP)E\xc1\x9f\xeb\xc9\x158Mq\x01\xe1\xf6-\xc3\xaa\x9a\x9be\xcd\xf2\xde\xccx\x1f\x0fne\xe8C\xe4Y\xc9\vR2MY\x8e\x9d\x97 \x00\x00\x00\x00\xe8W\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe5>6Wf\xdb\xddb\xd2\xa2*ZcA\x83\xb1\\S\xc6\xfa\x15*\xf0M,\x99\xc8\xf7[\x9ds\xa9\xbf\xd4\xa2+R\xb7Y\x1e\xb7rOp\x1b\xec@04\x14\xcc\xda\x8dM\xe1\x056,v\x88\xa6\x13\xa7\xcf\xffI\x99\xbcv\xb0\xc3\x8a\x16b\xa6\xbcm\x99\n\x84\xd3=m\xb5:8\x98\x19\x06D\xa4\x9d>/j\xa5Z\x12\x05\x9f\x89\xf7\x11\xb6\xe0\xb8\x1bOSd~/p\x11\xa0\x858\x03\xcaHrz\x01\xe3bb\xa2\x1eb\xca\x87g\xa1\xa9Y\x99\xecQ1UpgC\xfdx\x983}~\xa4\x9ca\xc6\x12=8\x80e\xb5o}\xe0\xae\n\x8cK`\xea~t\xba\xb8\x97K\x9f?\xd8\xb5\x7f\xe8M~\x19\xfb\xaflX\bA\xbd\xb7\bU\aM=\xca\f\xde\xda\xdf\xe3\x97\x0e_\xfe\xdb`\xac\x02\xfe\xc8_\x00\x8b )\x9d\x0f\x9fD\x1fw)\xf9\xb9\xbd,\x8c\xee\xf8r.\xa9\x95fz\xadLFz3;\x8f\xde\xbb\xb9\xa8\x8a\x06\x1b\x95\xbf\x18\xd9\xe6\xb2\x8a\xb2G\x9c\xf0h\x0f\xfa\xd1\xb6\b\x10[\x87\xe3x\xc2&d\xad\xef\xfd\x9f\xaa\xa1|\x1c*\x18\x103=\x03M\xe5n\x8c\xe1\xa5\xf6\x80&\xc3\xc4B\xe5\xd8\a\xf9<!\xdc\xd7t\x7f3bF\xc2P\xf1\xfe\xfcT\xf0\x88\x84u\x91n\xf4|fR\xca\xc9\xde\x84^f\xfc\xe4\x01\bQ,\x8c\xe0\x105pm6\xb3sDv\xb0\x05)\x95\xc4\xdc\xc2&\xf3\xa4V,\xa3\xf2;\xe7;\xdcW,\x13\xebv\xb6nl\xcf\fb5m\xe6\xe7\x90z\xd44\xd4\xdb\xd7\xacD\x0f\x8c\t\xe7\xd7\xc2\x10\xdd\x9b\xa8\v\'\x19\xf1\r\x8e\x0e\xcc\xe9\xb1\x8cP\x87\x00'/572, 0x5)
fallocate(r4, 0x0, 0x3c, 0x1)
read(r2, &(0x7f0000000040)=""/80, 0x50)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000000000050004000e0000000903020073797a32000000000500000300686173683a6e65742c6e657400000000000000000000000a00000000000000"], 0x4c}}, 0x0)
r6 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000100)=ANY=[@ANYRESDEC], 0x138)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x17, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x97}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000001c0)='syzkaller\x00', 0xb8, 0x44, &(0x7f0000000580)=""/68, 0x41100, 0x30, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000006c0)={0x3, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000700)=[r1, r1, r1, r1, r1], &(0x7f0000000740)=[{0x3, 0x1, 0xc, 0xa}, {0x4, 0x4, 0x7, 0x3}, {0x0, 0x4, 0x9, 0x3}, {0x3, 0x2, 0xd, 0x2}], 0x10, 0x8001}, 0x94)
write$UHID_INPUT2(r6, &(0x7f0000000500)=ANY=[@ANYBLOB="0c000000000094e4262988b97d7ff3e9e9c047f960442aaf47530858150ecde44800"/47], 0x6)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r2, 0x114, 0xa, &(0x7f0000000540)=ANY=[@ANYRESHEX=r3], 0x4)
gettid()
ppoll(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
prctl$PR_SET_THP_DISABLE(0x29, 0x0)

2.866382334s ago: executing program 0 (id=859):
r0 = io_uring_setup(0x4d3f, &(0x7f0000000200)={0x0, 0xca6a, 0x40, 0x3, 0x6})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, &(0x7f0000000480), 0x66)

2.834778705s ago: executing program 0 (id=860):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

2.817623385s ago: executing program 1 (id=861):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000040000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000040)='sys_enter\x00', r0, 0x0, 0x200}, 0x18)
rt_sigaction(0x19, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = gettid()
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r2, 0x545c, 0x200000000000000)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0x7, 0x7ffc, 0xcc, 0x0, 0xffffffffffffffff, 0x8000c}, 0x50)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@struct={0x0, 0x2, 0x0, 0x4, 0x0, 0x1000003, [{0x0, 0x2, 0x4}, {0x0, 0x2}]}]}}, 0x0, 0x3e}, 0x28)

2.621640659s ago: executing program 0 (id=862):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, 0x0, &(0x7f0000000280))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
lstat(&(0x7f00000006c0)='./file0\x00', &(0x7f0000000800))
mount$9p_rdma(&(0x7f00000013c0), 0x0, &(0x7f0000001440), 0x800, &(0x7f00000000c0)={'trans=rdma,', {'port', 0x3d, 0x4e20}})
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000000)=@fragment={0x5c, 0x0, 0x1, 0x0, 0x0, 0xd, 0x65}, 0x8)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xd68210}], 0x1, 0x0, 0x1f00000000000000, 0x200000}, 0x1f00)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r1}, 0x10)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x2, 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)

2.318887735s ago: executing program 3 (id=866):
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000000)='.\x00', 0xa4000021)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, &(0x7f0000000140)={0x3ff, <r1=>r0, 'id1\x00'})
r2 = socket$rds(0x15, 0x5, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r3, 0x1, &(0x7f0000000040)={{}, {0x0, 0x3938700}}, 0x0)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x300000b, 0x10010, 0xffffffffffffffff, 0xec776000)
write$RDMA_USER_CM_CMD_GET_EVENT(0xffffffffffffffff, &(0x7f0000000080)={0xc, 0x6, 0xfa00, {0xfffffffffffffffe}}, 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000080)={0x28, 0x0, 0x2711}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r4 = memfd_create(&(0x7f0000000200)='-&:\n-\xb2];\x0f`\xbf\xe6\xa96&\xb8=\x94Z}\xfaW~\xae\x87\x88\xea\xde\xd9=-s\xf0\xd6\xd1=\x1d\x8bl\xd5\xc3DZ\xbc0\x8e\xac\xf2\xf2#\xebI\xab\xf6\xab}\xa5\x18 \x8a\x8aG:\xacD-\x99JD/~\xd6\xb5m\xac\x8d\x1d\x1c\xe9\x80\xe5<\xfcP)E\xc1\x9f\xeb\xc9\x158Mq\x01\xe1\xf6-\xc3\xaa\x9a\x9be\xcd\xf2\xde\xccx\x1f\x0fne\xe8C\xe4Y\xc9\vR2MY\x8e\x9d\x97 \x00\x00\x00\x00\xe8W\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe5>6Wf\xdb\xddb\xd2\xa2*ZcA\x83\xb1\\S\xc6\xfa\x15*\xf0M,\x99\xc8\xf7[\x9ds\xa9\xbf\xd4\xa2+R\xb7Y\x1e\xb7rOp\x1b\xec@04\x14\xcc\xda\x8dM\xe1\x056,v\x88\xa6\x13\xa7\xcf\xffI\x99\xbcv\xb0\xc3\x8a\x16b\xa6\xbcm\x99\n\x84\xd3=m\xb5:8\x98\x19\x06D\xa4\x9d>/j\xa5Z\x12\x05\x9f\x89\xf7\x11\xb6\xe0\xb8\x1bOSd~/p\x11\xa0\x858\x03\xcaHrz\x01\xe3bb\xa2\x1eb\xca\x87g\xa1\xa9Y\x99\xecQ1UpgC\xfdx\x983}~\xa4\x9ca\xc6\x12=8\x80e\xb5o}\xe0\xae\n\x8cK`\xea~t\xba\xb8\x97K\x9f?\xd8\xb5\x7f\xe8M~\x19\xfb\xaflX\bA\xbd\xb7\bU\aM=\xca\f\xde\xda\xdf\xe3\x97\x0e_\xfe\xdb`\xac\x02\xfe\xc8_\x00\x8b )\x9d\x0f\x9fD\x1fw)\xf9\xb9\xbd,\x8c\xee\xf8r.\xa9\x95fz\xadLFz3;\x8f\xde\xbb\xb9\xa8\x8a\x06\x1b\x95\xbf\x18\xd9\xe6\xb2\x8a\xb2G\x9c\xf0h\x0f\xfa\xd1\xb6\b\x10[\x87\xe3x\xc2&d\xad\xef\xfd\x9f\xaa\xa1|\x1c*\x18\x103=\x03M\xe5n\x8c\xe1\xa5\xf6\x80&\xc3\xc4B\xe5\xd8\a\xf9<!\xdc\xd7t\x7f3bF\xc2P\xf1\xfe\xfcT\xf0\x88\x84u\x91n\xf4|fR\xca\xc9\xde\x84^f\xfc\xe4\x01\bQ,\x8c\xe0\x105pm6\xb3sDv\xb0\x05)\x95\xc4\xdc\xc2&\xf3\xa4V,\xa3\xf2;\xe7;\xdcW,\x13\xebv\xb6nl\xcf\fb5m\xe6\xe7\x90z\xd44\xd4\xdb\xd7\xacD\x0f\x8c\t\xe7\xd7\xc2\x10\xdd\x9b\xa8\v\'\x19\xf1\r\x8e\x0e\xcc\xe9\xb1\x8cP\x87\x00'/572, 0x5)
fallocate(r4, 0x0, 0x3c, 0x1)
read(r2, &(0x7f0000000040)=""/80, 0x50)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000000000050004000e0000000903020073797a32000000000500000300686173683a6e65742c6e657400000000000000000000000a00000000000000"], 0x4c}}, 0x0)
r6 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000100)=ANY=[@ANYRESDEC], 0x138)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x17, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x97}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000001c0)='syzkaller\x00', 0xb8, 0x44, &(0x7f0000000580)=""/68, 0x41100, 0x30, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000006c0)={0x3, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000700)=[r1, r1, r1, r1, r1], &(0x7f0000000740)=[{0x3, 0x1, 0xc, 0xa}, {0x4, 0x4, 0x7, 0x3}, {0x0, 0x4, 0x9, 0x3}, {0x3, 0x2, 0xd, 0x2}], 0x10, 0x8001}, 0x94)
write$UHID_INPUT2(r6, &(0x7f0000000500)=ANY=[@ANYBLOB="0c000000000094e4262988b97d7ff3e9e9c047f960442aaf47530858150ecde44800"/47], 0x6)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r2, 0x114, 0xa, &(0x7f0000000540)=ANY=[@ANYRESHEX=r3], 0x4)
gettid()
ppoll(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
prctl$PR_SET_THP_DISABLE(0x29, 0x0)

1.900426643s ago: executing program 5 (id=870):
socket$can_bcm(0x1d, 0x2, 0x2)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r1 = dup(r0)
write$UHID_INPUT(r1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x2a0471a, &(0x7f00000000c0)={[{@quota}, {@bsdgroups}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@oldalloc}, {@stripe={'stripe', 0x3d, 0x5}}]}, 0x2, 0x46b, &(0x7f0000000580)="$eJzs3M1vFOUfAPDvzLbw+/HWivgColaJsfGlpQWVgxeNJh4wmugB9VTbQgiFGloTIUSqMXgxMSR6Vo8m/gXevBj1ZGLiSe+GhCgX0FPNzM5Ad9ltt3TZrd3PJxl4nn2e7TzfPvPMPDPPbgPoWUPZP0nEtoj4LSIGqtnaCkPV/65dOTf595Vzk0ksLr72Z5LXu3rl3GRZtXzf1iIznEakHyXFTmrNnTl7YmJmZvp0kR+dP/nO6NyZs08ePzlxbPrY9KnxQ4cOHhh75unxp9oSZxbX1T3vz+7d/dIbF1+ePHLx7R+/ydq7rShfGsct2XTzS0NZ4H8t5urLHon/r2l36832Jemkr4sNYVUqEZF1V38+/geiEjc6byBe/LCrjQNuq+zatLl58cIisIEl0e0WAN1RXuiz+99y69DUY124/Fz1BiiL+1qxVUv6Ii3q9Nfd37bTUEQcWfjni2yLdjyHAABYwSeTnx+OJxrN/9K4e0m9HcUaymBE3BEROyPizojYFRF3ReR174mIe1e5//qloZvnP+mlWwqsRdn879libat2/lfO/mKwUuS25/H3J0ePz0zvL34nw9G/OcuPLbOP71745dNmZUvnf9mW7b+cCxbtuNRX94BuamJ+Ip+UtsHlDyL29DWKP7m+EpBExO6I2LO6H72jTBx/7Ou9zSqtHP8y2rDOtPhVxKPV/l+IuvhLyfLrk6P/i5np/aPlUXGzn36+8Gqz/a8p/jbI+n9L7fFflHx5pkgMvrV0vXYuVr1yeeH3j5ve09zq8b8peT0/H5XLru9NzM+fHovYlBzO8zWvj994b5kv62fxD+9rPP53Fu/J+v++iMgO4vsj4oGIeLBo+0MR8XBE7Fsm/h+eb162Hvp/quH57/rxP5jU9P/qE5UT33/bbP+t9f/BPDVcvJKf/1bQagPX8rsDAACA/4o0/wx8ko5cT6fpyEj1M/y7Yks6Mzs3//jR2XdPTVU/Kz8Y/Wn5pGtgyfPQsWSh+InV/HjxrLgsP1A8N/6sEnl+ZHJ2ZqrLsUOv29pk/Gf+qHS7dcBt12gdbbzBF9qAjad+/Ke12fOvdLIxQEf5vjb0rhXGf9qpdgCd5/oPvavR+D9fl7cWABuT6z/0LuMfepfxD72rbvxX4tdutQTooLV8r1+ilxORrotmtJRo/e9B3O7Em+ujGS0kun1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaI9/AwAA//9sbvBf")
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000f0000000000000c00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r4 = open(&(0x7f0000000080)='./file1\x00', 0xe4802, 0x6)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x140000}], 0x14, 0x7800, 0x0, 0x3)

1.777507555s ago: executing program 1 (id=871):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$usbmon(0x0, 0x7, 0x0)
ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000080)={0x0})
syz_open_dev$usbfs(&(0x7f0000000000), 0x205, 0x44680)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000080)=0x454a, 0x4)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$EBT_SO_SET_COUNTERS(r3, 0x0, 0x81, &(0x7f0000000800)={'nat\x00', 0x0, 0x0, 0x0, [0xbb, 0x8, 0x100000000, 0xfffffffffffffff4, 0x83, 0x4], 0x2, &(0x7f0000000340)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x0, [{}, {}]}, 0x98)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x44, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1=0xe0004001}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r2}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32], &(0x7f00000003c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES8, @ANYBLOB="0000000000000000b705000008000000850000006900000095a58a4db5a31bd9aa634c4e52cb13dfb631cc71a482894fce0853af5c27b2dc19f5c8bc880e36eb20e2cb3b0fad7bb83e996673717f2f74c7fcb94b19a90588c0475fcb106aefbbbbaa"], &(0x7f00000003c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01020400000a00120002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
open(&(0x7f0000000080)='./bus\x00', 0x66842, 0xa)

1.665542747s ago: executing program 0 (id=872):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x200, 0x1000, 0xd6e}})
ioctl$TIOCL_SETSEL(r1, 0x541c, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000000040)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000003c0)=""/6, 0x6}], 0x1}, 0x6}], 0x1, 0x100, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$sock(r4, &(0x7f00000044c0), 0x4000000000001c0, 0x0)
recvfrom(r5, &(0x7f0000000600)=""/55, 0x37, 0x2040, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r7}, &(0x7f0000000380), &(0x7f00000003c0)=r8}, 0x20)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a3100000000080005400000002b0900020073797a310000000008000a40fffffffc140000001100010000000000000000000100000a"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xc}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r9, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.483626891s ago: executing program 0 (id=873):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x18)
semop(0x0, 0x0, 0x0)

1.424016412s ago: executing program 1 (id=875):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0xb, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="241800000000000000181100008bda163e7cff278b39fc4e3bf3175d59052229b12fccdba17e896ba389", @ANYRES32=r0, @ANYBLOB="0000000000000010b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
socket$igmp6(0xa, 0x3, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e0000000800000000001800038014000380"], 0x44}}, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000380)={<r6=>0xffffffffffffffff}, 0x2, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000300)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000440)=0x1, r6, 0x0, 0x1, 0x4}}, 0x20)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'geneve1\x00'})
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x3, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000003c0], 0x0, 0x0, &(0x7f00000003c0)=ANY=[]}, 0x78)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000002480)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000000040)}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000002000000e27f000001"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})

1.420795232s ago: executing program 0 (id=876):
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000000)='.\x00', 0xa4000021)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, &(0x7f0000000140)={0x3ff, <r1=>r0, 'id1\x00'})
r2 = socket$rds(0x15, 0x5, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r3, 0x1, &(0x7f0000000040)={{}, {0x0, 0x3938700}}, 0x0)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x300000b, 0x10010, 0xffffffffffffffff, 0xec776000)
write$RDMA_USER_CM_CMD_GET_EVENT(0xffffffffffffffff, &(0x7f0000000080)={0xc, 0x6, 0xfa00, {0xfffffffffffffffe}}, 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000080)={0x28, 0x0, 0x2711}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r4 = memfd_create(&(0x7f0000000200)='-&:\n-\xb2];\x0f`\xbf\xe6\xa96&\xb8=\x94Z}\xfaW~\xae\x87\x88\xea\xde\xd9=-s\xf0\xd6\xd1=\x1d\x8bl\xd5\xc3DZ\xbc0\x8e\xac\xf2\xf2#\xebI\xab\xf6\xab}\xa5\x18 \x8a\x8aG:\xacD-\x99JD/~\xd6\xb5m\xac\x8d\x1d\x1c\xe9\x80\xe5<\xfcP)E\xc1\x9f\xeb\xc9\x158Mq\x01\xe1\xf6-\xc3\xaa\x9a\x9be\xcd\xf2\xde\xccx\x1f\x0fne\xe8C\xe4Y\xc9\vR2MY\x8e\x9d\x97 \x00\x00\x00\x00\xe8W\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe5>6Wf\xdb\xddb\xd2\xa2*ZcA\x83\xb1\\S\xc6\xfa\x15*\xf0M,\x99\xc8\xf7[\x9ds\xa9\xbf\xd4\xa2+R\xb7Y\x1e\xb7rOp\x1b\xec@04\x14\xcc\xda\x8dM\xe1\x056,v\x88\xa6\x13\xa7\xcf\xffI\x99\xbcv\xb0\xc3\x8a\x16b\xa6\xbcm\x99\n\x84\xd3=m\xb5:8\x98\x19\x06D\xa4\x9d>/j\xa5Z\x12\x05\x9f\x89\xf7\x11\xb6\xe0\xb8\x1bOSd~/p\x11\xa0\x858\x03\xcaHrz\x01\xe3bb\xa2\x1eb\xca\x87g\xa1\xa9Y\x99\xecQ1UpgC\xfdx\x983}~\xa4\x9ca\xc6\x12=8\x80e\xb5o}\xe0\xae\n\x8cK`\xea~t\xba\xb8\x97K\x9f?\xd8\xb5\x7f\xe8M~\x19\xfb\xaflX\bA\xbd\xb7\bU\aM=\xca\f\xde\xda\xdf\xe3\x97\x0e_\xfe\xdb`\xac\x02\xfe\xc8_\x00\x8b )\x9d\x0f\x9fD\x1fw)\xf9\xb9\xbd,\x8c\xee\xf8r.\xa9\x95fz\xadLFz3;\x8f\xde\xbb\xb9\xa8\x8a\x06\x1b\x95\xbf\x18\xd9\xe6\xb2\x8a\xb2G\x9c\xf0h\x0f\xfa\xd1\xb6\b\x10[\x87\xe3x\xc2&d\xad\xef\xfd\x9f\xaa\xa1|\x1c*\x18\x103=\x03M\xe5n\x8c\xe1\xa5\xf6\x80&\xc3\xc4B\xe5\xd8\a\xf9<!\xdc\xd7t\x7f3bF\xc2P\xf1\xfe\xfcT\xf0\x88\x84u\x91n\xf4|fR\xca\xc9\xde\x84^f\xfc\xe4\x01\bQ,\x8c\xe0\x105pm6\xb3sDv\xb0\x05)\x95\xc4\xdc\xc2&\xf3\xa4V,\xa3\xf2;\xe7;\xdcW,\x13\xebv\xb6nl\xcf\fb5m\xe6\xe7\x90z\xd44\xd4\xdb\xd7\xacD\x0f\x8c\t\xe7\xd7\xc2\x10\xdd\x9b\xa8\v\'\x19\xf1\r\x8e\x0e\xcc\xe9\xb1\x8cP\x87\x00'/572, 0x5)
fallocate(r4, 0x0, 0x3c, 0x1)
read(r2, &(0x7f0000000040)=""/80, 0x50)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000000000050004000e0000000903020073797a32000000000500000300686173683a6e65742c6e657400000000000000000000000a00000000000000"], 0x4c}}, 0x0)
r6 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000100)=ANY=[@ANYRESDEC], 0x138)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x17, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x97}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000001c0)='syzkaller\x00', 0xb8, 0x44, &(0x7f0000000580)=""/68, 0x41100, 0x30, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000006c0)={0x3, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000700)=[r1, r1, r1, r1, r1], &(0x7f0000000740)=[{0x3, 0x1, 0xc, 0xa}, {0x4, 0x4, 0x7, 0x3}, {0x0, 0x4, 0x9, 0x3}, {0x3, 0x2, 0xd, 0x2}], 0x10, 0x8001}, 0x94)
write$UHID_INPUT2(r6, &(0x7f0000000500)=ANY=[@ANYBLOB="0c000000000094e4262988b97d7ff3e9e9c047f960442aaf47530858150ecde44800"/47], 0x6)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r2, 0x114, 0xa, &(0x7f0000000540)=ANY=[@ANYRESHEX=r3], 0x4)
r7 = gettid()
tkill(r7, 0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
prctl$PR_SET_THP_DISABLE(0x29, 0x0)

1.339153284s ago: executing program 2 (id=877):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x200, 0x1000, 0xd6e}})
ioctl$TIOCL_SETSEL(r1, 0x541c, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000000040)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000003c0)=""/6, 0x6}], 0x1}, 0x6}], 0x1, 0x100, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$sock(r4, &(0x7f00000044c0), 0x4000000000001c0, 0x0)
recvfrom(r5, &(0x7f0000000600)=""/55, 0x37, 0x2040, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r7}, &(0x7f0000000380), &(0x7f00000003c0)=r8}, 0x20)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a3100000000080005400000002b0900020073797a310000000008000a40fffffffc140000001100010000000000000000000100000a"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xc}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r9, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.333179384s ago: executing program 1 (id=878):
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r2}, 0x18)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x108, 0x300, 0x100, 0x1, 0x4000}})

1.325002624s ago: executing program 5 (id=879):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002100), 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x5, &(0x7f0000000800)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x64}, @call={0x85, 0x0, 0x0, 0xc8}]}, &(0x7f0000000640)='syzkaller\x00', 0x7, 0xf9, &(0x7f0000000b00)=""/249}, 0x94)

1.273598715s ago: executing program 1 (id=880):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0xc4100)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000880)=ANY=[@ANYBLOB="1c000000030605000000000000000000000000060500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x24040800}, 0x8d0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000003c0)=0x1)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x18)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x2)
bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}, 0x3}}, 0x10)
ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(r1, 0x80083314, &(0x7f0000000200))
ioctl$EVIOCGBITKEY(0xffffffffffffffff, 0x80404521, &(0x7f00000008c0)=""/4096)
r6 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x3, 0x2}, 0x10)
sendmsg$tipc(r6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB='\n\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000400"/28], 0x50)
r7 = dup3(r1, r6, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r7, 0x6, 0x1, &(0x7f0000000400)={0x81, 0x5, 0x1, 0x0, 0x4, 0x9, 0x5}, 0xc)
sendmsg$tipc(r7, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40800}, 0x800)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000007c0)=ANY=[@ANYRES8], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r8, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f00800", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
write$UHID_INPUT(r7, &(0x7f00000018c0)={0x8, {"14dcf2a7b22509ea86e593c81c7d5d5984a4a38d51ebe3e8acd8315dfe11cecf705dcf71d4c21849126d9719d10b2282a38522dfc71f39cfb1a94fa2bbcf3f10426707499452622e4f386afa04e354853e0b1c3a1d3619372bb343eca37ce21cbc1187ca98f02d8f709f0a3e2b06e1800eaa2351677e9cd1b3295c368d870a563614a60b8729b073d87124773b7c486108675293939de97365bb24facb680ead8f1277c4a6f70fc69e3ba50ec2f636dabef50f01e9b111f183233bd95250843802c321a41dc0f2f9532ab0888d4ff63a783665a1c323c0cac4b2d32313fcc9d97d6289ea4b84a5d8e9cd2f149777585f5ea6dd6902cc09eac0fdbcea1785782e5d1869e745ae8ac81dc0abbf5c865c4375900db4a82de448758695fdb20c2cb2d05e6fbe1c1525ec353542fc527f585b3ef42ee9731851161eb151ab9c9ac542ab8bb3efa858cbf4db04e4b1d94b841ad4048ae20f85b0f3652bb3b4df82a6fccc0b63a4bb06e44b4b61c9ebfc76fbf61a85e7cb48574b0b9ac82970db569f33c0e0b11e405de8bc8c4704db4612ea468c862e41d51b931e578429e0a9edff1187bbb1c72c7c650883d8764ce3da3dae6e0b6ce9892aac7cffe8ae3754ba871bbea1420e4eaa36cef1a8981f05d27ffd201427c4af93eb1f3afeaf076621151883edd07069da8d0f17a96679737a0705736a98323272d40274dc9bd4905dad17af4ef5b293df61e473e025ea419fecdf9dccdd9f2638fc0448c72e23879229b17fa95b223172959c33adce809a5f06c1e924c31ad3b3c1fcd26c2cc03a61076db955a3f1885e398b44ea8226e8e1e398cb4cd05515577a48d1384bfc88a8a199f6c7ab3d07197037d9f8f3d0313cdb2aa06f99b4909fef91247cbfc7fcca456c53eaf7bb8e60a05d7831e1fa7cfdd942b9e3bf783e792c9965dbeabfaa86232cad93cfc2943749e357c27f2dc3fe733e1ca4f5cffe46b391bcc7c419c9c5f6f9c0f6d505dab6ba1c1b0926da3d353a96c5e2f2a98dea7be9f74dde26a61028b612c61fafed6006c4905e75eb84ae821d7fd680640d534df3cb3ba332e282279718ea2f3e2a4139733e19eb5dcac6386b0dbe4fdf64a4d0e508aeb9783ac5d7efa3be71fb6018314f2ff84fbc737dcda1e7e44a1e46f13c5a4e07d0e27c64388424720f0f9f798babc90181c33893c1651496bfa5be9149fa8900d499ac601040b1353316039f1f97097df8a882e5ec1629047b536aec61e5be6ff5a5dd5eeeac89102eb6cab58c24c7667811475525836082d36ad3df77be0ecadd7d95414085ce6dd267d0096d089d4a8cc30a2fa0f8303875de48442baf0e0b765faf69fa3f4a7f48b1d5e291fef286b2c18fc5bb117ea7c11d5c25c254e544790231dd69fb767701320675a60731fc2825389056b43c4008f4ca817f5e49b93e1fd983c00ad9309dade1725cd1cc4188860c1f3196a284d3b868d6bd385bed513f1752e1f70c4fcc9e899a73c18ea1cdbf4bbac2f803ca82218e4b376b4ede00b6dd8896508eb855b3f9d4015404b580445c846aacefbca54182747cff8864d61221e5aa70b40a4952852075bcdaafea1638993fae0c8ed55a4e00a3685e38a17f3aac976bbf8426acc6008895928def9004e420d8d04c2a01698bb15e91f327b3734ec3ded903735cc80d6bbba991f1c55f78da0bd29fc2e8bf4b523f40e947156bacc897bfdb757df8b87c04a701dba89b8b949aafe334d850c474b67bb24eaf8bd5310ffb7563507efc823a86c63ff6ff0a2022de36ef40ac330f0ce21bbbd3ab5cbd03470b039c2c1464d620c8e7011d4dc2dcaeceff9bf394031898915b524c0319f18c778aad6f23f2d94181c78f7552e9a7dafff8598805846b0f6dc774cf7370d5bf237a70819410c7c9c4ca846560a615260f1d620647c7cd90a8e763c7841b82961efacf82bce7ba1974c1a1d85a50b82e04e9adf755057e6b932825db1088e26c7d8935737f4fd261aef414fd084d7f500aa36d9e025bd69c636f6cf53d68454adf5cca7bf5377a5f13b75f4734b4d87599a931ed1107f5bc7e2a9d2570b98c4105b5c687dfe25cbc3991c9fb57c2f29b3a2fe06a5a9d3a739da6b9078a371daadd99fe8edce93b1cf4c49505b0599191cfdf3730f5bb91056344d4374090ee8fb19dc049193bad576fdfc6024c54ed3bbdea4be157c373e19628966b178c0c5cf780d57e8593f69e4b52eb17081598984e95e6d33177d71dbb83f86cde4d5f1edb32ffcf2f0cb567379200052528ad15c71844f100f2598108e4a308256a7f46c4bdfed46218940f192ff382f81abd076ad763a540f442a86ab4d9f3ba515d07fba273476a17941f395273df9e088cadef9f1781aaeb9eb16264d29d9358dc38a5bd9c42a0575f8b1da8cbf05fe95801ef20df3ef7f4c0df3625d945f2a568e2beeb2e5163cee2a4a7946336651ec61a166003c62b4841945db8cc7692c38277c2e7f5e1f3ef2fc7632eab9d2762086ad5df038a3f3a7b2e43a838e3c88f3395052ba8449bb16422f629a44c124b628e52995d0b9c587c969e854b73cbe314c9b13be3045e5c6b74bd3ec32200b23cf090d0d09af23b0ea8edfaddc04817110dfb9e13e3566cfe9e5db183038c012c950e1bde33de3cefd1220b3d5cc22870b81964445856d71222680a01f0cb01194e4660b193d87bb1256a6b7bf79ceaa73591184686981936c46ffa292cdc612b5c00552b79ccd52601e6ae22e65073c7af276020ab9172b5627ce6c93243a97fec5507c4e40a6de70873806f500be18077fcbea39b25b20e34a1d7fe3396aad46ccc6ce28357e13a75cccc6f73bf478b44a44bd38316feaaef8871b6d4c312138c1a3086f83cca8c9237cf24e8066dade8c79f5af8c2ba9a8fe6a3ef6d98a004cc3e3619b94c906ee24d944f14069e8d684318213cedf815b5286880a235bd7f4ff992a53da199cf091b76464e591d5c1a8a8f5ead832e58036d82008e1adaa9e0ed32cf099ee87162e331e9c3937b90dd33ce65f76e8b935fb0e90e8ab1b0642ea365459c1cc9b9a94aff75197dd75e10ce1bdf3626cf1afc775682830c3482f5ca77ec77fe7037f2486866077a3c80078e00255b85813c5e93e6b3470ffd898fc76c51219eeaf3bd461fefee9dc3ef43a954dc27fc9e7d00376603686ac9e8eb4e6064e390685a79e97bcbb884f3b1cf0f3fb44d9beb0173c83fac0e7c4bf47ae3bbcc7e6eb4b00c545a0f492da04ab84ab772264f9c56a93b02c083d25e6e9d08a6de52ed8299d1b4bfe9e1120183c3b76c887d882e351577b0cbb433ccb9a3c847de4d842e8c726ef4de1366b8344237ef73982dd0603337c7146db1628832f98d199de8ff5d9caba566c81d4d6fae0c96776bbb030a688b877efc0ff609e27790d90250ea2232e4fc5cd96dc67a16698669a3f8873e77e80e2175ccb9c8efe09fb5d172357707f75517cb9b1d417e94de5a42e3fd0e94a4cc6cf208a6d28e236c33039775535f6ad143767080b5a2f30bc5a8f9b00c5cc74810baf0b61235a45ae7b5a2aec4e86bb25e9f5212fe7a0394e6fcfcc72dca7312a7a81aaf50b2253ab88022c2ece721eb26fc8143fa1cdb03675ef123162cf31d8d52f3ac8ca0c00e9b7d9437a4c92aaa53cc6552d56b5cac410404fbb73ba8b2f27f8be66e4f2f9af0e05fc2a401e2e7248afcbf105def9ccaf44b2e1e14e424c9a12579454f72bde7b062ba6397025baf1ada5e4a4fd15485db58838e433f9a12fe692219ade52650c4fc29e657fddb9c849a9c5e4dfb98ccc7fa65a04a9a659e9297ed1574a80fc40a3cc8905aee2e5c7b9328d4527e3f4c3900ca38e489f7e431a545fe2fb163e7f92a555ff1c68e8f006d9983055d8864a18f2bd40449785bf527d5ae590838a7e172b25a575b3d628d924fc7e05183910e84bcab3c3eee366ad3d507c9f1ef0ce56c33b97533d91a21e49ab6deb24a953e025f2180ced53236f90ad3c2882d250648e4e05d4ce20c2b16e2f036f49d35981c1237db2f2d13bd954e3d23cbc08fd16c5f75a0b6746b77733db67d8fe3e88ccb60366d418ef5a0d6f039f319bc1a39a8fb3b726ff36ef6426f328f06e5e4374cb8639e9ac3df817949fb53f5b0a7735ef2544203297c24ffece5d11a6ea3d8f2313f5d08c88fd05153402694d9e551f686d80e3f7878044acc2f4c631ca8f2db9dfbc821029c0ddd1b5acddf98dc35385d67e489efc0027e15f30bc629cea3fc35beeb79448a9ff6777cfa95368ab58cb15db900a552c9bca2eb18df71dca068b12942657cb32e475a3ea88007550444fcc4a39255bad28815549ca74c32f0e27bc75e419fcc23c7b629d94be54e2db455bf8b51124ca2b6afadc6ce4dd51eb65541a8a65c9dfce228189491dc52d846e0faa38e8ecc65cf94c841b8b2bc8c989929e9b35e1c8526c4efdbb748630a4eb8485858688a76e4d10c15f7801a0b5cbf282e90fc4661a3ce0ff39ea263796ef0818e49ed8f44d44eb457ff36b4ab6e152dfdf5f5a9080a6d3c146b0a4e029b973321442c538b8f61b02fc35ece3180149bbc32091a9e7e8f1ba20a4acc0bac3f35fd24d11d776c276a2c22657335b8c6a0a67f9cee2a2498c3d93116edcacde28dbbc615c9243b54c4779362fe851b2cfbf81e9f38e9b6d1169427a47c1968f90b1770c1f746571bacbde7cd4055cf7de14d9b76876017864505ff8f455d46416c8eecd19f3abd4bbb8662b087dd5889590804ad0873776508b6ff762e48d010ac9ce608ea2f4ca909691823ebd695f11c3892c5f89f3ad75dba31c59728c0520f5cc2cd7f001fdda2a1264d86656a7039162d8a9e8381b79395421c8662f03d1d74119c275c4494050490d43a7f8ba5ccb1bb5cab2493127280178f08200ae4b6e471606c1d45c0ebcbf853961a63d10474af39cc2a7cc855c9ebdd97762dbb860ab0a0005c0db11f2288ee8119c310ded0c1035296c0687a5fdcc9d8d1270d09a3d0fbc0ed170a69dd47d5eee0fc0c3f958456e51a787b7b585179b4f40bf43a3b7097a483b6e61e79b1d09658b763c22d1a0ccfd462b2e98c55c40279b236616b3d5b7806750b920b2fce324192042de6d2767096b1394651bded65138eb64259ae5676c415637de828db1697f9fa531118993632898a528a706d272fd35995ae8e4c9781b58f73040663b57aa387b050fc8ff147b749b7ee87747a3bbb2afb8b297a2d54332f7d61e2173a3db831e5c3d0ae990a855c2996e1e3ac805f85495b3f87c27bb95b532b32d41ba0ba34cd69428de593e1359ca3135c5ee5d3ab295ddc3ab0b0fb89de4c4a05e9f43655ea1707f602a32b1da4bdc4eb68f00a459e28be504827e475bf7996907547e7540aff997904ca5b531fd5e795d88a772f2e84c2d8e2747c29ab3eb71faa3408a7b06d448b352212d28928c47ddb4297ec61e6fe37833bfbccdf0cf1c8f9bb4053dde1072b869d9e38e4c4211c99ff241fc0f3fb9c9babea75b1d9b4bb7281408aae61f9e6402d952bf8a58ca4f57e910411c3d30fe08e4e35483a57b1c2f6adb4a7302515acae08fa9473934bc0fbbc10169c229cc9ae9373cf1a9e0e51d3c41432003831eea5ba3be67cd8115f0a4e64cdcbcbbbdde5b38fc641b9ccba42727cbedb203827fd53161585f0cafcdbf2c9909037c28e057184d7c2f09ac2c9550cc257e87bbe32678f1e2068d168da3153c9fbb32f53463731223591fe6af396d6f759846975db3957f5d7089eb17f2c9e397b600696498b471f", 0x1000}}, 0x1006)

1.251603105s ago: executing program 2 (id=881):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000040000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000040)='sys_enter\x00', r0, 0x0, 0x200}, 0x18)
rt_sigaction(0x19, 0x0, 0x0, 0x0, 0x0)
r1 = gettid()
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r2, 0x545c, 0x200000000000000)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0x7, 0x7ffc, 0xcc, 0x0, 0xffffffffffffffff, 0x8000c}, 0x50)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@struct={0x0, 0x2, 0x0, 0x4, 0x0, 0x1000003, [{0x0, 0x2, 0x4}, {0x0, 0x2}]}]}}, 0x0, 0x3e}, 0x28)

1.187441917s ago: executing program 5 (id=882):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, 0x0, &(0x7f0000000280))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
lstat(&(0x7f00000006c0)='./file0\x00', &(0x7f0000000800))
mount$9p_rdma(&(0x7f00000013c0), 0x0, &(0x7f0000001440), 0x800, &(0x7f00000000c0)={'trans=rdma,', {'port', 0x3d, 0x4e20}})
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000000)=@fragment={0x5c, 0x0, 0x1, 0x0, 0x0, 0xd, 0x65}, 0x8)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xd68210}], 0x1, 0x0, 0x1f00000000000000, 0x200000}, 0x1f00)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r1}, 0x10)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x2, 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)

1.02807961s ago: executing program 2 (id=883):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804051, 0x0, 0x1, 0x0, &(0x7f0000000d40))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a300000000054000380080002400000000008000140000000004000038014000100"], 0xa8}}, 0x0) (fail_nth: 2)

716.563486ms ago: executing program 2 (id=884):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$usbmon(0x0, 0x7, 0x0)
ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000080)={0x0})
syz_open_dev$usbfs(&(0x7f0000000000), 0x205, 0x44680)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[], 0x50)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000080)=0x454a, 0x4)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$EBT_SO_SET_COUNTERS(r3, 0x0, 0x81, &(0x7f0000000800)={'nat\x00', 0x0, 0x0, 0x0, [0xbb, 0x8, 0x100000000, 0xfffffffffffffff4, 0x83, 0x4], 0x2, &(0x7f0000000340)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x0, [{}, {}]}, 0x98)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x44, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1=0xe0004001}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r2}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000", @ANYRES32], &(0x7f00000003c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES8, @ANYBLOB="0000000000000000b705000008000000850000006900000095a58a4db5a31bd9aa634c4e52cb13dfb631cc71a482894fce0853af5c27b2dc19f5c8bc880e36eb20e2cb3b0fad7bb83e996673717f2f74c7fcb94b19a90588c0475fcb106aefbbbbaa"], &(0x7f00000003c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01020400000a00120002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)

409.918132ms ago: executing program 1 (id=885):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$usbmon(0x0, 0x7, 0x0)
ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000080)={0x0})
syz_open_dev$usbfs(&(0x7f0000000000), 0x205, 0x44680)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000080)=0x454a, 0x4)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$EBT_SO_SET_COUNTERS(r3, 0x0, 0x81, &(0x7f0000000800)={'nat\x00', 0x0, 0x0, 0x0, [0xbb, 0x8, 0x100000000, 0xfffffffffffffff4, 0x83, 0x4], 0x2, &(0x7f0000000340)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x0, [{}, {}]}, 0x98)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x44, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1=0xe0004001}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r2}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32], &(0x7f00000003c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES8, @ANYBLOB="0000000000000000b705000008000000850000006900000095a58a4db5a31bd9aa634c4e52cb13dfb631cc71a482894fce0853af5c27b2dc19f5c8bc880e36eb20e2cb3b0fad7bb83e996673717f2f74c7fcb94b19a90588c0475fcb106aefbbbbaa"], &(0x7f00000003c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01020400000a00120002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
open(&(0x7f0000000080)='./bus\x00', 0x66842, 0xa)

362.938543ms ago: executing program 2 (id=886):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x18)
semop(0x0, 0x0, 0x0)

337.453833ms ago: executing program 2 (id=887):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000040000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000040)='sys_enter\x00', r0, 0x0, 0x200}, 0x18)
rt_sigaction(0x19, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = gettid()
prctl$PR_SCHED_CORE(0x2a, 0x0, 0x0, 0x0, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r3, 0x545c, 0x200000000000000)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00'}, 0x18)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r4}, 0x10)

172.183447ms ago: executing program 5 (id=888):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0xa, 0x4, 0x4, 0x5, 0x2, 0xffffffffffffffff, 0xfffffffc}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000280)='%ps    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in6=@dev={0xfe, 0x80, '\x00', 0x2f}, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3a55, 0x1, 0xffffffffffffffff}, {0x800, 0x0, 0x6, 0x80000000}}, {{@in=@multicast1, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3}}, 0xe8)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x0)

54.211209ms ago: executing program 5 (id=889):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0xfffffffffffffcc5)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x42073, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
syz_open_dev$usbfs(0x0, 0x20000007d, 0x2100)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002100), 0x48)
fgetxattr(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYBLOB='truk'], 0x0, 0x0)

0s ago: executing program 5 (id=890):
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r2}, 0x18)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x108, 0x300, 0x100, 0x1, 0x4000}})

kernel console output (not intermixed with test programs):

arch=c000003e syscall=202 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   48.877179][   T29] audit: type=1326 audit(1756947661.797:1081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4095 comm="syz.0.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   48.903663][   T29] audit: type=1326 audit(1756947661.807:1082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4095 comm="syz.0.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   48.928708][   T29] audit: type=1326 audit(1756947661.807:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4095 comm="syz.0.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   48.954009][   T29] audit: type=1326 audit(1756947661.807:1084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4095 comm="syz.0.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0de80a0b07 code=0x7ffc0000
[   48.956194][ T4108] netlink: 'syz.2.205': attribute type 2 has an invalid length.
[   48.978062][   T29] audit: type=1326 audit(1756947661.807:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4095 comm="syz.0.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f0de80a0a7c code=0x7ffc0000
[   48.978093][   T29] audit: type=1326 audit(1756947661.807:1086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4095 comm="syz.0.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f0de80a09b4 code=0x7ffc0000
[   49.035827][ T4108] netlink: 'syz.2.205': attribute type 1 has an invalid length.
[   49.044479][ T4108] netlink: 'syz.2.205': attribute type 2 has an invalid length.
[   49.077262][ T4108] hugetlbfs: Bad value for 'gid'
[   49.082916][ T4108] hugetlbfs: Bad value for 'gid'
[   49.088879][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.698975][ T4120] netlink: 'syz.0.211': attribute type 3 has an invalid length.
[   49.745624][ T4122] netlink: 'syz.0.212': attribute type 30 has an invalid length.
[   49.831111][ T4126] loop0: detected capacity change from 0 to 128
[   49.844521][ T4126] FAT-fs (loop0): bogus number of reserved sectors
[   49.851259][ T4126] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   49.860998][ T4126] FAT-fs (loop0): Can't find a valid FAT filesystem
[   50.130609][ T4143] netlink: 'syz.2.220': attribute type 2 has an invalid length.
[   50.138739][ T4143] netlink: 'syz.2.220': attribute type 1 has an invalid length.
[   50.146571][ T4143] netlink: 'syz.2.220': attribute type 2 has an invalid length.
[   50.157238][ T4143] hugetlbfs: Bad value for 'gid'
[   50.162431][ T4143] hugetlbfs: Bad value for 'gid'
[   50.224193][ T4150] netlink: 'syz.2.223': attribute type 3 has an invalid length.
[   50.281314][ T4154] ALSA: seq fatal error: cannot create timer (-22)
[   50.433645][ T4161] netlink: 12 bytes leftover after parsing attributes in process `syz.1.228'.
[   50.457344][ T4161] netlink: 16 bytes leftover after parsing attributes in process `syz.1.228'.
[   50.551715][ T4166] loop2: detected capacity change from 0 to 2048
[   50.608020][ T4166] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.768092][ T4171] hugetlbfs: Bad value for 'gid'
[   50.773200][ T4171] hugetlbfs: Bad value for 'gid'
[   50.940559][ T4181] netlink: 24 bytes leftover after parsing attributes in process `syz.1.236'.
[   50.989311][ T4181] loop1: detected capacity change from 0 to 512
[   50.996065][ T4181] EXT4-fs: Ignoring removed mblk_io_submit option
[   51.036339][ T4181] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   51.044897][ T4181] EXT4-fs (loop1): orphan cleanup on readonly fs
[   51.051741][ T4181] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   51.067330][ T4181] EXT4-fs (loop1): Cannot turn on quotas: error -117
[   51.074762][ T4181] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.236: bg 0: block 40: padding at end of block bitmap is not set
[   51.090089][ T4181] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   51.101109][ T4181] EXT4-fs (loop1): 1 truncate cleaned up
[   51.108018][ T4181] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   51.313636][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.387563][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.588454][ T4193] ALSA: seq fatal error: cannot create timer (-22)
[   51.595871][ T4189] loop2: detected capacity change from 0 to 128
[   51.619072][ T4189] FAT-fs (loop2): bogus number of reserved sectors
[   51.626013][ T4189] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   51.635867][ T4189] FAT-fs (loop2): Can't find a valid FAT filesystem
[   51.841429][ T4207] hugetlbfs: Bad value for 'gid'
[   51.847192][ T4207] hugetlbfs: Bad value for 'gid'
[   51.925501][ T4218] loop1: detected capacity change from 0 to 1024
[   51.945897][ T4218] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002]
[   51.968101][ T4221] loop0: detected capacity change from 0 to 1024
[   51.975568][ T4218] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.997077][ T4221] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.029150][ T4218] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.250: bg 0: block 88: padding at end of block bitmap is not set
[   52.049406][ T4218] netlink: 16 bytes leftover after parsing attributes in process `syz.1.250'.
[   52.059868][ T4218] netlink: 16 bytes leftover after parsing attributes in process `syz.1.250'.
[   52.101810][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.190868][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.246427][ T4231] netlink: 14 bytes leftover after parsing attributes in process `syz.0.252'.
[   52.464423][ T4240] netlink: 4 bytes leftover after parsing attributes in process `syz.2.256'.
[   52.514886][ T4240] team2: entered promiscuous mode
[   52.520272][ T4240] team2: entered allmulticast mode
[   52.567050][ T4244] hugetlbfs: Bad value for 'gid'
[   52.572724][ T4244] hugetlbfs: Bad value for 'gid'
[   52.692961][ T4251] loop1: detected capacity change from 0 to 512
[   52.744888][ T4251] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   52.782042][ T4251] EXT4-fs (loop1): orphan cleanup on readonly fs
[   52.816942][ T4251] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.260: Failed to acquire dquot type 1
[   52.851376][ T4235] loop0: detected capacity change from 0 to 2048
[   52.882877][ T4251] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.260: bg 0: block 40: padding at end of block bitmap is not set
[   52.937818][ T4251] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   52.950649][ T4235] EXT4-fs (loop0): failed to initialize system zone (-117)
[   52.964160][ T4251] EXT4-fs (loop1): 1 truncate cleaned up
[   52.970324][ T4251] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   53.003717][ T4235] EXT4-fs (loop0): mount failed
[   53.056534][ T4251] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #16: comm syz.1.260: corrupted xattr block 31: invalid header
[   53.103175][ T4251] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[   53.132612][ T4251] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #16: comm syz.1.260: corrupted xattr block 31: invalid header
[   53.202652][ T4251] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[   53.222800][ T4251] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz.1.260: bad symlink.
[   53.277332][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.291281][ T4274] netlink: 4 bytes leftover after parsing attributes in process `syz.3.265'.
[   53.323084][ T4274] team4: entered promiscuous mode
[   53.329590][ T4274] team4: entered allmulticast mode
[   53.382186][ T4283] validate_nla: 11 callbacks suppressed
[   53.382204][ T4283] netlink: 'syz.1.269': attribute type 2 has an invalid length.
[   53.396269][ T4283] netlink: 'syz.1.269': attribute type 1 has an invalid length.
[   53.404976][ T4283] netlink: 'syz.1.269': attribute type 2 has an invalid length.
[   53.420271][ T4283] hugetlbfs: Bad value for 'gid'
[   53.425506][ T4283] hugetlbfs: Bad value for 'gid'
[   53.479907][ T4287] loop1: detected capacity change from 0 to 128
[   53.489717][ T4287] FAT-fs (loop1): bogus number of reserved sectors
[   53.496831][ T4287] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   53.506955][ T4287] FAT-fs (loop1): Can't find a valid FAT filesystem
[   53.525075][ T3393] kernel write not supported for file bpf-prog (pid: 3393 comm: kworker/1:4)
[   53.545107][ T4289] netlink: 'syz.3.273': attribute type 10 has an invalid length.
[   53.558034][ T4289] ipvlan0: entered allmulticast mode
[   53.563532][ T4289] veth0_vlan: entered allmulticast mode
[   53.570731][ T4289] team0: Device ipvlan0 failed to register rx_handler
[   53.836480][ T4310] netlink: 20 bytes leftover after parsing attributes in process `syz.3.280'.
[   53.883515][ T4310] vhci_hcd: invalid port number 96
[   53.889060][ T4310] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[   53.898242][   T29] kauditd_printk_skb: 57 callbacks suppressed
[   53.898258][   T29] audit: type=1326 audit(1756947666.937:1141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4309 comm="syz.3.280" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f68ac0bebe9 code=0x0
[   54.161082][ T4313] netlink: 'syz.2.281': attribute type 2 has an invalid length.
[   54.169738][ T4313] netlink: 'syz.2.281': attribute type 1 has an invalid length.
[   54.177992][ T4313] netlink: 'syz.2.281': attribute type 2 has an invalid length.
[   54.191701][ T4313] hugetlbfs: Bad value for 'gid'
[   54.199059][ T4313] hugetlbfs: Bad value for 'gid'
[   54.219779][ T4315] netlink: 4 bytes leftover after parsing attributes in process `syz.2.282'.
[   54.234735][ T4315] team3: entered promiscuous mode
[   54.239924][ T4315] team3: entered allmulticast mode
[   54.264581][ T4317] netlink: 20 bytes leftover after parsing attributes in process `syz.2.283'.
[   54.275545][ T4317] vhci_hcd: invalid port number 96
[   54.281167][ T4317] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[   54.290097][   T29] audit: type=1326 audit(1756947667.317:1142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4316 comm="syz.2.283" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x0
[   54.398326][   T29] audit: type=1326 audit(1756947667.427:1143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4318 comm="syz.1.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95eae8ebe9 code=0x7ffc0000
[   54.424008][   T29] audit: type=1326 audit(1756947667.427:1144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4318 comm="syz.1.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95eae8ebe9 code=0x7ffc0000
[   54.453518][   T29] audit: type=1326 audit(1756947667.427:1145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4318 comm="syz.1.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f95eae8ebe9 code=0x7ffc0000
[   54.477485][   T29] audit: type=1326 audit(1756947667.427:1146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4318 comm="syz.1.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95eae8ebe9 code=0x7ffc0000
[   54.503880][   T29] audit: type=1326 audit(1756947667.427:1147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4318 comm="syz.1.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95eae8ebe9 code=0x7ffc0000
[   54.608955][ T4325] hub 2-0:1.0: USB hub found
[   54.614463][ T4325] hub 2-0:1.0: 8 ports detected
[   54.627868][ T4325] syz.1.286 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   54.649546][ T4325] loop1: detected capacity change from 0 to 2048
[   54.694027][ T4001]  loop1: p1 < > p4
[   54.699154][ T4001] loop1: p4 size 8388608 extends beyond EOD, truncated
[   54.710023][ T4325]  loop1: p1 < > p4
[   54.714596][ T4325] loop1: p4 size 8388608 extends beyond EOD, truncated
[   55.228971][ T4331] loop1: detected capacity change from 0 to 2048
[   55.363352][ T4331] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.632675][   T29] audit: type=1326 audit(1756947668.507:1148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4335 comm="syz.0.288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   55.660642][   T29] audit: type=1326 audit(1756947668.507:1149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4335 comm="syz.0.288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   55.689763][   T29] audit: type=1326 audit(1756947668.507:1150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4335 comm="syz.0.288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   55.772421][ T4342] ALSA: seq fatal error: cannot create timer (-22)
[   55.873036][ T4344] netlink: 'syz.0.292': attribute type 2 has an invalid length.
[   55.881969][ T4344] netlink: 'syz.0.292': attribute type 1 has an invalid length.
[   55.890637][ T4344] netlink: 'syz.0.292': attribute type 2 has an invalid length.
[   55.908927][ T4344] hugetlbfs: Bad value for 'gid'
[   55.914296][ T4344] hugetlbfs: Bad value for 'gid'
[   55.942765][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.990907][ T4348] loop1: detected capacity change from 0 to 256
[   56.000267][ T4348] vfat: Unknown parameter 'name'
[   56.010308][ T4348] 9pnet_fd: Insufficient options for proto=fd
[   56.138943][ T4355] bridge0: entered promiscuous mode
[   56.145017][ T4355] macvtap1: entered allmulticast mode
[   56.151202][ T4355] bridge0: entered allmulticast mode
[   56.191824][ T4356] loop0: detected capacity change from 0 to 2048
[   56.216257][ T4355] bridge0: port 3(macvtap1) entered blocking state
[   56.223832][ T4355] bridge0: port 3(macvtap1) entered disabled state
[   56.253723][ T4355] bridge0: left allmulticast mode
[   56.259035][ T4355] bridge0: left promiscuous mode
[   56.289146][ T4357] loop1: detected capacity change from 0 to 4096
[   56.347692][ T4356] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.417312][ T4357] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.580088][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.837929][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.976341][ T4362] chnl_net:caif_netlink_parms(): no params data found
[   57.074672][ T4377] loop0: detected capacity change from 0 to 512
[   57.093245][ T4362] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.101075][ T4362] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.108975][ T4362] bridge_slave_0: entered allmulticast mode
[   57.116283][ T4362] bridge_slave_0: entered promiscuous mode
[   57.121922][ T4377] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.126247][ T4362] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.146916][ T4362] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.154611][ T4362] bridge_slave_1: entered allmulticast mode
[   57.161523][ T4362] bridge_slave_1: entered promiscuous mode
[   57.161872][ T4394] hugetlbfs: Bad value for 'gid'
[   57.168398][ T4377] ext4 filesystem being mounted at /62/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.173159][ T4394] hugetlbfs: Bad value for 'gid'
[   57.206082][ T4362] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   57.227926][ T4362] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   57.290086][ T4362] team0: Port device team_slave_0 added
[   57.297565][ T4362] team0: Port device team_slave_1 added
[   57.369272][ T4362] batman_adv: batadv0: Adding interface: batadv_slave_0
[   57.377245][ T4362] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.404123][ T4362] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   57.436548][ T4401] loop1: detected capacity change from 0 to 512
[   57.458359][ T4362] batman_adv: batadv0: Adding interface: batadv_slave_1
[   57.465743][ T4362] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.492395][ T4362] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   57.563326][ T4402] loop3: detected capacity change from 0 to 2048
[   57.639845][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.696874][ T4401] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   57.719053][ T4402] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.772325][ T4401] EXT4-fs (loop1): orphan cleanup on readonly fs
[   57.850744][ T4401] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.307: Failed to acquire dquot type 1
[   57.866795][ T4362] hsr_slave_0: entered promiscuous mode
[   57.874653][ T4401] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.307: bg 0: block 40: padding at end of block bitmap is not set
[   57.892961][ T4362] hsr_slave_1: entered promiscuous mode
[   57.907587][ T4362] debugfs: 'hsr0' already exists in 'hsr'
[   57.913581][ T4362] Cannot create hsr debugfs directory
[   57.925741][ T4401] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   57.951566][ T4401] EXT4-fs (loop1): 1 truncate cleaned up
[   57.961641][ T4401] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   57.982292][ T4401] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #16: comm syz.1.307: corrupted xattr block 31: invalid header
[   58.128945][ T4401] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[   58.136860][ T4362] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   58.138813][ T4401] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #16: comm syz.1.307: corrupted xattr block 31: invalid header
[   58.148007][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.163112][ T4401] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[   58.173309][ T4362] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   58.255792][ T4419] loop0: detected capacity change from 0 to 2048
[   58.276156][ T4418] netlink: 20 bytes leftover after parsing attributes in process `syz.3.310'.
[   58.332655][ T4419] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.379986][ T4401] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz.1.307: bad symlink.
[   58.395382][ T4418] vhci_hcd: invalid port number 96
[   58.401085][ T4418] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[   58.442868][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.457134][ T4362] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   58.530810][ T4362] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   58.665146][ T4362] 8021q: adding VLAN 0 to HW filter on device bond0
[   58.690422][ T4362] 8021q: adding VLAN 0 to HW filter on device team0
[   58.707692][ T1924] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.715239][ T1924] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.729569][ T1924] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.736899][ T1924] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.775848][ T4362] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   58.866820][ T4438] hub 2-0:1.0: USB hub found
[   58.875175][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.877367][ T4438] hub 2-0:1.0: 8 ports detected
[   58.915272][   T29] kauditd_printk_skb: 126 callbacks suppressed
[   58.915287][   T29] audit: type=1326 audit(1756947671.947:1275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4444 comm="syz.0.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   58.950427][ T4362] 8021q: adding VLAN 0 to HW filter on device batadv0
[   58.976861][   T29] audit: type=1326 audit(1756947671.997:1276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4444 comm="syz.0.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   59.002858][   T29] audit: type=1326 audit(1756947671.997:1277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4444 comm="syz.0.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   59.027546][   T29] audit: type=1326 audit(1756947671.997:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4444 comm="syz.0.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   59.027707][ T4438] loop1: detected capacity change from 0 to 2048
[   59.089397][   T29] audit: type=1326 audit(1756947672.087:1279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4447 comm="syz.0.316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   59.113804][   T29] audit: type=1326 audit(1756947672.087:1280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4447 comm="syz.0.316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   59.137618][   T29] audit: type=1326 audit(1756947672.087:1281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4447 comm="syz.0.316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   59.162419][   T29] audit: type=1326 audit(1756947672.087:1282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4447 comm="syz.0.316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   59.187476][   T29] audit: type=1326 audit(1756947672.087:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4447 comm="syz.0.316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   59.211438][   T29] audit: type=1326 audit(1756947672.087:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4447 comm="syz.0.316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   59.276060][ T4000]  loop1: p1 < > p4
[   59.285532][ T4463] loop0: detected capacity change from 0 to 512
[   59.298673][ T4000] loop1: p4 size 8388608 extends beyond EOD, truncated
[   59.337579][ T4463] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   59.351567][ T4463] EXT4-fs (loop0): orphan cleanup on readonly fs
[   59.356131][ T4438]  loop1: p1 < > p4
[   59.379183][ T4463] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.320: Failed to acquire dquot type 1
[   59.402684][ T4463] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.320: bg 0: block 40: padding at end of block bitmap is not set
[   59.419114][ T4438] loop1: p4 size 8388608 extends beyond EOD, truncated
[   59.426538][ T4463] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   59.446457][ T4463] EXT4-fs (loop0): 1 truncate cleaned up
[   59.457067][ T4463] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   59.481580][ T4463] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #16: comm syz.0.320: corrupted xattr block 31: invalid header
[   59.510077][ T4463] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=16
[   59.522818][ T4362] veth0_vlan: entered promiscuous mode
[   59.528531][ T4478] hub 2-0:1.0: USB hub found
[   59.535127][ T4478] hub 2-0:1.0: 8 ports detected
[   59.541504][ T4463] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #16: comm syz.0.320: corrupted xattr block 31: invalid header
[   59.552520][ T4362] veth1_vlan: entered promiscuous mode
[   59.579951][ T4478] loop2: detected capacity change from 0 to 2048
[   59.588585][ T4463] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=16
[   59.600297][ T4463] EXT4-fs error (device loop0): ext4_get_link:106: inode #16: comm syz.0.320: bad symlink.
[   59.636001][ T4362] veth0_macvtap: entered promiscuous mode
[   59.646916][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.659899][ T3297]  loop2: p1 < > p4
[   59.665553][ T3297] loop2: p4 size 8388608 extends beyond EOD, truncated
[   59.680186][ T4478]  loop2: p1 < > p4
[   59.684909][ T4478] loop2: p4 size 8388608 extends beyond EOD, truncated
[   59.693874][ T4362] veth1_macvtap: entered promiscuous mode
[   59.732505][ T4362] batman_adv: batadv0: Interface activated: batadv_slave_0
[   59.756790][ T4362] batman_adv: batadv0: Interface activated: batadv_slave_1
[   59.781309][ T1924] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   59.825034][ T1924] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   59.880140][ T1924] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   59.976249][ T2040] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   60.011060][ T4490] validate_nla: 4 callbacks suppressed
[   60.011164][ T4490] netlink: 'syz.1.326': attribute type 30 has an invalid length.
[   60.110715][ T4491] loop5: detected capacity change from 0 to 2048
[   60.147128][ T4491] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   60.284189][ T4496] ALSA: seq fatal error: cannot create timer (-22)
[   60.454426][ T4498] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.668691][ T4503] netlink: 14 bytes leftover after parsing attributes in process `syz.1.330'.
[   60.685062][ T4498] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.760880][ T4362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.778057][ T4498] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.903930][ T4498] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.999406][ T4511] loop2: detected capacity change from 0 to 512
[   61.032646][ T2040] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.046146][ T2040] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.083226][ T2040] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.156672][ T4513] loop5: detected capacity change from 0 to 2048
[   61.219639][ T4511] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   61.260189][ T4513] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   61.330820][ T4511] EXT4-fs (loop2): orphan cleanup on readonly fs
[   61.355735][ T2040] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.431717][ T4511] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.333: Failed to acquire dquot type 1
[   61.596730][ T4511] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.333: bg 0: block 40: padding at end of block bitmap is not set
[   61.616298][ T4511] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   61.626148][ T4511] EXT4-fs (loop2): 1 truncate cleaned up
[   61.634955][ T4511] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   61.708726][ T4511] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #16: comm syz.2.333: corrupted xattr block 31: invalid header
[   61.741352][ T4362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.756228][ T4511] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=16
[   61.774680][ T4511] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #16: comm syz.2.333: corrupted xattr block 31: invalid header
[   61.790154][ T4511] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=16
[   61.819444][ T4511] EXT4-fs error (device loop2): ext4_get_link:106: inode #16: comm syz.2.333: bad symlink.
[   61.851406][ T4527] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[   61.858302][ T4527] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   61.866315][ T4527] vhci_hcd vhci_hcd.0: Device attached
[   61.878631][ T4527] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(5)
[   61.885816][ T4527] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   61.894000][ T4527] vhci_hcd vhci_hcd.0: Device attached
[   61.995274][ T4527] vhci_hcd vhci_hcd.0: pdev(0) rhport(2) sockfd(7)
[   62.001930][ T4527] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   62.009765][ T4527] vhci_hcd vhci_hcd.0: Device attached
[   62.130907][ T4539] loop5: detected capacity change from 0 to 2048
[   62.381377][ T4548] ALSA: seq fatal error: cannot create timer (-22)
[   62.399216][ T4531] vhci_hcd: connection closed
[   62.399604][ T4533] vhci_hcd: connection closed
[   62.416018][   T31] vhci_hcd: stop threads
[   62.426183][   T31] vhci_hcd: release socket
[   62.430822][   T31] vhci_hcd: disconnect device
[   62.479899][ T4529] vhci_hcd: connection closed
[   62.480022][   T23] vhci_hcd: vhci_device speed not set
[   62.493468][   T31] vhci_hcd: stop threads
[   62.498993][   T31] vhci_hcd: release socket
[   62.504657][   T31] vhci_hcd: disconnect device
[   62.509740][   T31] vhci_hcd: stop threads
[   62.514086][   T31] vhci_hcd: release socket
[   62.519385][   T31] vhci_hcd: disconnect device
[   62.554266][   T23] usb 1-1: new full-speed USB device number 2 using vhci_hcd
[   62.575906][   T23] usb 1-1: enqueue for inactive port 0
[   62.582292][   T23] usb 1-1: enqueue for inactive port 0
[   62.602701][   T23] usb 1-1: enqueue for inactive port 0
[   62.643439][ T4506] loop1: detected capacity change from 0 to 2048
[   62.656367][ T4554] hub 2-0:1.0: USB hub found
[   62.664068][ T4554] hub 2-0:1.0: 8 ports detected
[   62.672893][   T23] vhci_hcd: vhci_device speed not set
[   62.696053][ T4553] loop3: detected capacity change from 0 to 2048
[   62.720341][ T4554] loop2: detected capacity change from 0 to 2048
[   62.749607][ T4506] EXT4-fs (loop1): failed to initialize system zone (-117)
[   62.757835][ T4001]  loop3: p1 < > p4
[   62.764973][ T4000]  loop2: p1 < > p4
[   62.770154][ T4001] loop3: p4 size 8388608 extends beyond EOD, truncated
[   62.781586][ T4000] loop2: p4 size 8388608 extends beyond EOD, truncated
[   62.804167][ T4560] netlink: 14 bytes leftover after parsing attributes in process `syz.0.347'.
[   62.830082][ T4553]  loop3: p1 < > p4
[   62.838273][ T4554]  loop2: p1 < > p4
[   62.846221][ T4553] loop3: p4 size 8388608 extends beyond EOD, truncated
[   62.854706][ T4554] loop2: p4 size 8388608 extends beyond EOD, truncated
[   62.872789][ T4506] EXT4-fs (loop1): mount failed
[   62.889593][ T2995]  loop2: p1 < > p4
[   62.901922][ T2995] loop2: p4 size 8388608 extends beyond EOD, truncated
[   63.035852][ T4001] udevd[4001]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   63.047125][ T4563] hub 2-0:1.0: USB hub found
[   63.061739][ T4568] udevd[4568]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   63.062713][ T4563] hub 2-0:1.0: 8 ports detected
[   63.164132][ T4568] udevd[4568]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   63.184886][ T4001] udevd[4001]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   63.217025][ T4561] loop0: detected capacity change from 0 to 2048
[   63.312194][ T4561] EXT4-fs (loop0): failed to initialize system zone (-117)
[   63.320888][ T4575] hub 2-0:1.0: USB hub found
[   63.342653][ T4561] EXT4-fs (loop0): mount failed
[   63.348361][ T4575] hub 2-0:1.0: 8 ports detected
[   63.463835][ T4575] loop3: detected capacity change from 0 to 2048
[   63.543333][ T4581] netlink: 4 bytes leftover after parsing attributes in process `syz.5.353'.
[   63.553666][ T4568]  loop3: p1 < > p4
[   63.592904][ T4568] loop3: p4 size 8388608 extends beyond EOD, truncated
[   63.605924][ T4581] team1: entered promiscuous mode
[   63.611125][ T4581] team1: entered allmulticast mode
[   63.644298][ T4575]  loop3: p1 < > p4
[   63.649015][ T4575] loop3: p4 size 8388608 extends beyond EOD, truncated
[   63.734785][ T2995]  loop3: p1 < > p4
[   63.745983][ T2995] loop3: p4 size 8388608 extends beyond EOD, truncated
[   63.840357][ T4001] udevd[4001]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   63.867174][ T4568] udevd[4568]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   64.004715][ T4568] udevd[4568]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   64.017259][ T4001] udevd[4001]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   64.087557][ T4568] udevd[4568]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   64.098872][ T4001] udevd[4001]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   64.173285][ T4595] ALSA: seq fatal error: cannot create timer (-22)
[   64.240851][   T29] kauditd_printk_skb: 139 callbacks suppressed
[   64.240869][   T29] audit: type=1326 audit(1756947677.267:1420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4598 comm="syz.2.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   64.271315][   T29] audit: type=1326 audit(1756947677.267:1421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4598 comm="syz.2.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   64.295527][   T29] audit: type=1326 audit(1756947677.267:1422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4598 comm="syz.2.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   64.319738][   T29] audit: type=1326 audit(1756947677.267:1423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4598 comm="syz.2.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   64.344860][   T29] audit: type=1326 audit(1756947677.267:1424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4598 comm="syz.2.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   64.500823][ T4602] loop5: detected capacity change from 0 to 1024
[   64.530907][ T4603] netlink: 'syz.2.363': attribute type 30 has an invalid length.
[   64.584589][ T4602] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002]
[   64.607263][ T4602] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.362: bg 0: block 88: padding at end of block bitmap is not set
[   64.688697][ T4602] netlink: 16 bytes leftover after parsing attributes in process `syz.5.362'.
[   64.699110][ T4602] netlink: 16 bytes leftover after parsing attributes in process `syz.5.362'.
[   64.736396][ T4608] ALSA: seq fatal error: cannot create timer (-22)
[   64.789384][ T4610] netlink: 4 bytes leftover after parsing attributes in process `syz.3.365'.
[   64.888085][ T4610] team5: entered promiscuous mode
[   64.893857][ T4610] team5: entered allmulticast mode
[   64.904146][ T4613] netlink: 'syz.2.366': attribute type 2 has an invalid length.
[   64.912001][ T4613] netlink: 'syz.2.366': attribute type 1 has an invalid length.
[   64.921168][ T4613] netlink: 'syz.2.366': attribute type 2 has an invalid length.
[   64.962614][   T29] audit: type=1326 audit(1756947677.967:1425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4612 comm="syz.5.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[   64.987535][   T29] audit: type=1326 audit(1756947677.967:1426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4612 comm="syz.5.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[   65.012265][   T29] audit: type=1326 audit(1756947677.967:1427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4612 comm="syz.5.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[   65.037026][   T29] audit: type=1326 audit(1756947677.967:1428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4612 comm="syz.5.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[   65.061941][   T29] audit: type=1326 audit(1756947677.967:1429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4612 comm="syz.5.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[   65.124331][ T4613] hugetlbfs: Bad value for 'gid'
[   65.129676][ T4613] hugetlbfs: Bad value for 'gid'
[   65.245680][ T4623] netlink: 'syz.5.370': attribute type 2 has an invalid length.
[   65.254939][ T4623] netlink: 'syz.5.370': attribute type 1 has an invalid length.
[   65.263853][ T4623] netlink: 'syz.5.370': attribute type 2 has an invalid length.
[   65.332901][ T4625] netlink: 20 bytes leftover after parsing attributes in process `syz.2.372'.
[   65.366563][ T4623] hugetlbfs: Bad value for 'gid'
[   65.366658][ T4623] hugetlbfs: Bad value for 'gid'
[   65.403312][ T4625] vhci_hcd: invalid port number 96
[   65.409953][ T4625] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[   65.552986][ T4635] netlink: 14 bytes leftover after parsing attributes in process `syz.3.376'.
[   65.850221][ T4638] loop3: detected capacity change from 0 to 2048
[   65.906305][ T4638] EXT4-fs (loop3): failed to initialize system zone (-117)
[   65.924808][ T4638] EXT4-fs (loop3): mount failed
[   66.069370][ T4642] ALSA: seq fatal error: cannot create timer (-22)
[   66.201179][ T3305] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[   66.213158][ T3305] CPU: 1 UID: 0 PID: 3305 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[   66.213228][ T3305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   66.213238][ T3305] Call Trace:
[   66.213245][ T3305]  <TASK>
[   66.213254][ T3305]  __dump_stack+0x1d/0x30
[   66.213314][ T3305]  dump_stack_lvl+0xe8/0x140
[   66.213335][ T3305]  dump_stack+0x15/0x1b
[   66.213420][ T3305]  dump_header+0x81/0x220
[   66.213448][ T3305]  oom_kill_process+0x342/0x400
[   66.213478][ T3305]  out_of_memory+0x979/0xb80
[   66.213512][ T3305]  try_charge_memcg+0x5e6/0x9e0
[   66.213574][ T3305]  charge_memcg+0x51/0xc0
[   66.213595][ T3305]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[   66.213742][ T3305]  __read_swap_cache_async+0x1df/0x350
[   66.213788][ T3305]  swap_cluster_readahead+0x277/0x3e0
[   66.213826][ T3305]  swapin_readahead+0xde/0x6f0
[   66.213931][ T3305]  ? __filemap_get_folio+0x4f7/0x6b0
[   66.213961][ T3305]  ? swap_cache_get_folio+0x77/0x200
[   66.213992][ T3305]  do_swap_page+0x301/0x2430
[   66.214018][ T3305]  ? css_rstat_updated+0xb7/0x240
[   66.214072][ T3305]  ? __pfx_default_wake_function+0x10/0x10
[   66.214098][ T3305]  handle_mm_fault+0x9a5/0x2c20
[   66.214131][ T3305]  do_user_addr_fault+0x636/0x1090
[   66.214236][ T3305]  exc_page_fault+0x62/0xa0
[   66.214262][ T3305]  asm_exc_page_fault+0x26/0x30
[   66.214283][ T3305] RIP: 0033:0x7f95ead65bf7
[   66.214298][ T3305] Code: 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 a8 fb e8 00 48 69 8c 24 90 00 00 00 e8 03 00 00 8b 78 08 <48> 8b 44 24 18 48 c1 ea 12 4c 8b 0d b9 fa e8 00 48 01 d1 39 7c 24
[   66.214383][ T3305] RSP: 002b:00007ffca670a6c0 EFLAGS: 00010206
[   66.214409][ T3305] RAX: 0000001b33124000 RBX: 00000000000000d0 RCX: 000000000000fa00
[   66.214423][ T3305] RDX: 00000000015da5b1 RSI: 00007ffca670a750 RDI: 000000000000001e
[   66.214436][ T3305] RBP: 00007ffca670a6fc R08: 000000000535cc61 R09: 7fffffffffffffff
[   66.214450][ T3305] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[   66.214463][ T3305] R13: 00000000000927c0 R14: 000000000000f66a R15: 00007ffca670a750
[   66.214482][ T3305]  </TASK>
[   66.214489][ T3305] memory: usage 307200kB, limit 307200kB, failcnt 830
[   66.444056][ T3305] memory+swap: usage 307400kB, limit 9007199254740988kB, failcnt 0
[   66.454133][ T3305] kmem: usage 299748kB, limit 9007199254740988kB, failcnt 0
[   66.463702][ T3305] Memory cgroup stats for /syz1:
[   66.548684][ T3305] cache 0
[   66.557142][ T3305] rss 7614464
[   66.560622][ T3305] shmem 0
[   66.563654][ T3305] mapped_file 0
[   66.567172][ T3305] dirty 0
[   66.570111][ T3305] writeback 0
[   66.573537][ T3305] workingset_refault_anon 166
[   66.578231][ T3305] workingset_refault_file 1616
[   66.583059][ T3305] swap 204800
[   66.586352][ T3305] swapcached 0
[   66.589728][ T3305] pgpgin 46564
[   66.593251][ T3305] pgpgout 44701
[   66.596802][ T3305] pgfault 50193
[   66.600388][ T3305] pgmajfault 132
[   66.604052][ T3305] inactive_anon 0
[   66.607909][ T3305] active_anon 0
[   66.611549][ T3305] inactive_file 7630848
[   66.615944][ T3305] active_file 0
[   66.619540][ T3305] unevictable 0
[   66.623376][ T3305] hierarchical_memory_limit 314572800
[   66.628859][ T3305] hierarchical_memsw_limit 9223372036854771712
[   66.635065][ T3305] total_cache 0
[   66.638884][ T3305] total_rss 7614464
[   66.642743][ T3305] total_shmem 0
[   66.647115][ T3305] total_mapped_file 0
[   66.651387][ T3305] total_dirty 0
[   66.655248][ T3305] total_writeback 0
[   66.659331][ T3305] total_workingset_refault_anon 166
[   66.665455][ T3305] total_workingset_refault_file 1616
[   66.671406][ T3305] total_swap 204800
[   66.676094][ T3305] total_swapcached 0
[   66.680132][ T3305] total_pgpgin 46564
[   66.685260][ T3305] total_pgpgout 44701
[   66.689772][ T3305] total_pgfault 50193
[   66.694267][ T3305] total_pgmajfault 132
[   66.698735][ T3305] total_inactive_anon 0
[   66.703212][ T3305] total_active_anon 0
[   66.707305][ T3305] total_inactive_file 7630848
[   66.712252][ T3305] total_active_file 0
[   66.716289][ T3305] total_unevictable 0
[   66.720739][ T3305] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.330,pid=4502,uid=0
[   66.735751][ T3305] Memory cgroup out of memory: Killed process 4502 (syz.1.330) total-vm:96008kB, anon-rss:8560kB, file-rss:22444kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000
[   67.619012][ T4666] netlink: 14 bytes leftover after parsing attributes in process `syz.2.387'.
[   67.945895][ T4666] loop2: detected capacity change from 0 to 2048
[   68.110123][ T4670] netlink: 'syz.5.388': attribute type 2 has an invalid length.
[   68.118816][ T4670] netlink: 'syz.5.388': attribute type 1 has an invalid length.
[   68.127133][ T4670] netlink: 'syz.5.388': attribute type 2 has an invalid length.
[   68.162977][ T4666] EXT4-fs (loop2): failed to initialize system zone (-117)
[   68.213751][ T4666] EXT4-fs (loop2): mount failed
[   68.273873][ T4670] hugetlbfs: Bad value for 'gid'
[   68.279108][ T4670] hugetlbfs: Bad value for 'gid'
[   68.563275][ T4674] hub 2-0:1.0: USB hub found
[   68.588897][ T4674] hub 2-0:1.0: 8 ports detected
[   68.824562][   T30] oom_reaper: reaped process 4502 (syz.1.330), now anon-rss:96kB, file-rss:21384kB, shmem-rss:0kB
[   69.125748][ T4682] netlink: 4 bytes leftover after parsing attributes in process `syz.5.393'.
[   69.176408][ T4682] team2: entered promiscuous mode
[   69.181558][ T4682] team2: entered allmulticast mode
[   69.389966][ T4694] loop5: detected capacity change from 0 to 128
[   69.397720][ T4694] FAT-fs (loop5): bogus number of reserved sectors
[   69.405114][ T4694] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   69.415657][ T4694] FAT-fs (loop5): Can't find a valid FAT filesystem
[   69.421468][ T4689] hub 2-0:1.0: USB hub found
[   69.436650][ T4689] hub 2-0:1.0: 8 ports detected
[   69.777804][ T4715] loop3: detected capacity change from 0 to 2048
[   69.963513][ T4715] EXT4-fs mount: 5 callbacks suppressed
[   69.963530][ T4715] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.258641][ T4720] netlink: 14 bytes leftover after parsing attributes in process `syz.0.406'.
[   70.281966][   T29] kauditd_printk_skb: 206 callbacks suppressed
[   70.281981][   T29] audit: type=1326 audit(1756947683.307:1636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4721 comm="syz.5.407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[   70.342455][ T4725] FAULT_INJECTION: forcing a failure.
[   70.342455][ T4725] name failslab, interval 1, probability 0, space 0, times 0
[   70.344398][   T29] audit: type=1326 audit(1756947683.347:1637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4721 comm="syz.5.407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[   70.355824][ T4725] CPU: 1 UID: 0 PID: 4725 Comm: syz.5.408 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   70.355851][ T4725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   70.355863][ T4725] Call Trace:
[   70.355870][ T4725]  <TASK>
[   70.355879][ T4725]  __dump_stack+0x1d/0x30
[   70.355902][ T4725]  dump_stack_lvl+0xe8/0x140
[   70.356026][ T4725]  dump_stack+0x15/0x1b
[   70.356043][ T4725]  should_fail_ex+0x265/0x280
[   70.356069][ T4725]  should_failslab+0x8c/0xb0
[   70.356120][ T4725]  kmem_cache_alloc_noprof+0x50/0x310
[   70.356146][ T4725]  ? getname_flags+0x80/0x3b0
[   70.356173][ T4725]  getname_flags+0x80/0x3b0
[   70.356199][ T4725]  user_path_create+0x27/0x130
[   70.356269][ T4725]  bpf_obj_pin_user+0xe0/0x230
[   70.356289][ T4725]  bpf_obj_pin+0xac/0xd0
[   70.356316][ T4725]  __sys_bpf+0x6cb/0x7b0
[   70.356467][ T4725]  __x64_sys_bpf+0x41/0x50
[   70.356490][ T4725]  x64_sys_call+0x2aea/0x2ff0
[   70.356511][ T4725]  do_syscall_64+0xd2/0x200
[   70.356538][ T4725]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   70.356561][ T4725]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   70.356660][ T4725]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.356689][ T4725] RIP: 0033:0x7f11d968ebe9
[   70.356704][ T4725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.356721][ T4725] RSP: 002b:00007f11d80ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   70.356756][ T4725] RAX: ffffffffffffffda RBX: 00007f11d98c5fa0 RCX: 00007f11d968ebe9
[   70.356769][ T4725] RDX: 0000000000000018 RSI: 0000200000000180 RDI: 0000000000000006
[   70.356803][ T4725] RBP: 00007f11d80ef090 R08: 0000000000000000 R09: 0000000000000000
[   70.356815][ T4725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   70.356827][ T4725] R13: 00007f11d98c6038 R14: 00007f11d98c5fa0 R15: 00007fff0964d5d8
[   70.356844][ T4725]  </TASK>
[   70.576292][   T29] audit: type=1326 audit(1756947683.347:1638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4721 comm="syz.5.407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[   70.600847][   T29] audit: type=1326 audit(1756947683.347:1639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4721 comm="syz.5.407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[   70.755508][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.027812][   T29] audit: type=1400 audit(1756947684.047:1640): avc:  denied  { create } for  pid=4736 comm="syz.5.413" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   71.048064][   T29] audit: type=1400 audit(1756947684.047:1641): avc:  denied  { read } for  pid=4736 comm="syz.5.413" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   71.211910][   T29] audit: type=1326 audit(1756947684.107:1642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.3.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68ac0bebe9 code=0x7ffc0000
[   71.236787][   T29] audit: type=1326 audit(1756947684.107:1643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.3.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68ac0bebe9 code=0x7ffc0000
[   71.261428][   T29] audit: type=1326 audit(1756947684.107:1644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.3.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f68ac0bebe9 code=0x7ffc0000
[   71.286222][   T29] audit: type=1326 audit(1756947684.107:1645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.3.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68ac0bebe9 code=0x7ffc0000
[   71.637495][ T4720] loop0: detected capacity change from 0 to 2048
[   71.706533][ T4720] EXT4-fs (loop0): failed to initialize system zone (-117)
[   71.732612][ T4720] EXT4-fs (loop0): mount failed
[   72.138349][ T4760] hub 2-0:1.0: USB hub found
[   72.145552][ T4760] hub 2-0:1.0: 8 ports detected
[   72.216431][ T4768] netlink: 'syz.3.423': attribute type 30 has an invalid length.
[   72.454284][ T4779] hub 2-0:1.0: USB hub found
[   72.461337][ T4781] loop2: detected capacity change from 0 to 1024
[   72.468604][ T4779] hub 2-0:1.0: 8 ports detected
[   72.495082][ T4781] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002]
[   72.531503][ T4781] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.533547][ T4788] netlink: 14 bytes leftover after parsing attributes in process `syz.3.429'.
[   72.568285][ T4781] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.427: bg 0: block 88: padding at end of block bitmap is not set
[   72.601600][ T4791] loop1: detected capacity change from 0 to 512
[   72.608664][ T4791] ext4: Unknown parameter './bus'
[   72.654660][ T4781] netlink: 16 bytes leftover after parsing attributes in process `syz.2.427'.
[   72.664089][ T4781] netlink: 16 bytes leftover after parsing attributes in process `syz.2.427'.
[   72.726845][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.738688][ T4799] FAULT_INJECTION: forcing a failure.
[   72.738688][ T4799] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   72.751811][ T4799] CPU: 1 UID: 0 PID: 4799 Comm: syz.5.432 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   72.751894][ T4799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   72.751906][ T4799] Call Trace:
[   72.751913][ T4799]  <TASK>
[   72.751923][ T4799]  __dump_stack+0x1d/0x30
[   72.751943][ T4799]  dump_stack_lvl+0xe8/0x140
[   72.751962][ T4799]  dump_stack+0x15/0x1b
[   72.751981][ T4799]  should_fail_ex+0x265/0x280
[   72.752004][ T4799]  should_fail+0xb/0x20
[   72.752039][ T4799]  should_fail_usercopy+0x1a/0x20
[   72.752063][ T4799]  _copy_to_user+0x20/0xa0
[   72.752136][ T4799]  simple_read_from_buffer+0xb5/0x130
[   72.752189][ T4799]  proc_fail_nth_read+0x10e/0x150
[   72.752219][ T4799]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   72.752246][ T4799]  vfs_read+0x1a5/0x770
[   72.752277][ T4799]  ? __rcu_read_unlock+0x4f/0x70
[   72.752299][ T4799]  ? __fget_files+0x184/0x1c0
[   72.752328][ T4799]  ksys_read+0xda/0x1a0
[   72.752348][ T4799]  __x64_sys_read+0x40/0x50
[   72.752431][ T4799]  x64_sys_call+0x27bc/0x2ff0
[   72.752454][ T4799]  do_syscall_64+0xd2/0x200
[   72.752483][ T4799]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   72.752567][ T4799]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   72.752595][ T4799]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.752618][ T4799] RIP: 0033:0x7f11d968d5fc
[   72.752689][ T4799] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   72.752709][ T4799] RSP: 002b:00007f11d80ef030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   72.752779][ T4799] RAX: ffffffffffffffda RBX: 00007f11d98c5fa0 RCX: 00007f11d968d5fc
[   72.752793][ T4799] RDX: 000000000000000f RSI: 00007f11d80ef0a0 RDI: 0000000000000009
[   72.752807][ T4799] RBP: 00007f11d80ef090 R08: 0000000000000000 R09: 0000000000000000
[   72.752820][ T4799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   72.752833][ T4799] R13: 00007f11d98c6038 R14: 00007f11d98c5fa0 R15: 00007fff0964d5d8
[   72.752932][ T4799]  </TASK>
[   73.471647][ T4819] loop2: detected capacity change from 0 to 2048
[   73.505762][ T4819] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.849287][ T4797] loop3: detected capacity change from 0 to 2048
[   73.874897][ T4797] EXT4-fs (loop3): failed to initialize system zone (-117)
[   73.897283][ T4797] EXT4-fs (loop3): mount failed
[   74.078337][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.115582][ T4826] hub 2-0:1.0: USB hub found
[   74.122752][ T4826] hub 2-0:1.0: 8 ports detected
[   74.177890][ T4831] loop2: detected capacity change from 0 to 1024
[   74.212364][ T4831] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002]
[   74.235895][ T4831] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.289639][ T4837] loop1: detected capacity change from 0 to 512
[   74.303721][ T4837] EXT4-fs: Ignoring removed orlov option
[   74.336755][ T4837] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   74.346911][ T4831] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.441: bg 0: block 88: padding at end of block bitmap is not set
[   74.372449][ T4837] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.443: corrupted in-inode xattr: e_value size too large
[   74.389018][ T4837] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.443: couldn't read orphan inode 15 (err -117)
[   74.409986][ T4831] netlink: 16 bytes leftover after parsing attributes in process `syz.2.441'.
[   74.415167][ T4837] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.419227][ T4831] netlink: 16 bytes leftover after parsing attributes in process `syz.2.441'.
[   74.440201][ T4837] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[   74.441102][ T4846] netlink: 'syz.5.446': attribute type 2 has an invalid length.
[   74.459314][ T4847] netlink: 132 bytes leftover after parsing attributes in process `syz.0.444'.
[   74.464019][ T4846] netlink: 'syz.5.446': attribute type 1 has an invalid length.
[   74.481182][ T4846] netlink: 'syz.5.446': attribute type 2 has an invalid length.
[   74.517673][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.559330][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.567472][ T4849] netlink: 'syz.3.447': attribute type 30 has an invalid length.
[   74.583249][ T4846] hugetlbfs: Bad value for 'gid'
[   74.588637][ T4846] hugetlbfs: Bad value for 'gid'
[   74.725600][ T4860] hub 2-0:1.0: USB hub found
[   74.730343][ T4860] hub 2-0:1.0: 8 ports detected
[   74.750648][ T4868] FAULT_INJECTION: forcing a failure.
[   74.750648][ T4868] name failslab, interval 1, probability 0, space 0, times 0
[   74.763798][ T4868] CPU: 0 UID: 0 PID: 4868 Comm: syz.1.456 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   74.763829][ T4868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   74.763842][ T4868] Call Trace:
[   74.763848][ T4868]  <TASK>
[   74.763856][ T4868]  __dump_stack+0x1d/0x30
[   74.763880][ T4868]  dump_stack_lvl+0xe8/0x140
[   74.763900][ T4868]  dump_stack+0x15/0x1b
[   74.763918][ T4868]  should_fail_ex+0x265/0x280
[   74.763965][ T4868]  should_failslab+0x8c/0xb0
[   74.763993][ T4868]  kmem_cache_alloc_node_noprof+0x57/0x320
[   74.764079][ T4868]  ? __alloc_skb+0x101/0x320
[   74.764100][ T4868]  __alloc_skb+0x101/0x320
[   74.764117][ T4868]  ? audit_log_start+0x365/0x6c0
[   74.764144][ T4868]  audit_log_start+0x380/0x6c0
[   74.764173][ T4868]  audit_seccomp+0x48/0x100
[   74.764267][ T4868]  ? __seccomp_filter+0x68c/0x10d0
[   74.764305][ T4868]  __seccomp_filter+0x69d/0x10d0
[   74.764327][ T4868]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   74.764354][ T4868]  ? vfs_write+0x7e8/0x960
[   74.764379][ T4868]  __secure_computing+0x82/0x150
[   74.764450][ T4868]  syscall_trace_enter+0xcf/0x1e0
[   74.764518][ T4868]  do_syscall_64+0xac/0x200
[   74.764621][ T4868]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   74.764657][ T4868]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   74.764686][ T4868]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.764780][ T4868] RIP: 0033:0x7f95eae8ebe9
[   74.764797][ T4868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.764815][ T4868] RSP: 002b:00007f95e98f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   74.764834][ T4868] RAX: ffffffffffffffda RBX: 00007f95eb0c5fa0 RCX: 00007f95eae8ebe9
[   74.764846][ T4868] RDX: 00000000000001ff RSI: 0000200000000000 RDI: ffffffffffffff9c
[   74.764858][ T4868] RBP: 00007f95e98f7090 R08: 0000000000000000 R09: 0000000000000000
[   74.764869][ T4868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.764882][ T4868] R13: 00007f95eb0c6038 R14: 00007f95eb0c5fa0 R15: 00007ffca670a338
[   74.764940][ T4868]  </TASK>
[   74.998652][ T4872] loop2: detected capacity change from 0 to 1024
[   75.018554][ T4872] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002]
[   75.031615][ T4872] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.061683][ T4872] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.459: bg 0: block 88: padding at end of block bitmap is not set
[   75.085853][ T4872] netlink: 16 bytes leftover after parsing attributes in process `syz.2.459'.
[   75.094955][ T4872] netlink: 16 bytes leftover after parsing attributes in process `syz.2.459'.
[   75.115592][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.305502][ T4895] hub 2-0:1.0: USB hub found
[   75.310936][ T4895] hub 2-0:1.0: 8 ports detected
[   75.421988][ T4901] loop2: detected capacity change from 0 to 2048
[   75.525782][ T4901] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.775531][ T4907] loop3: detected capacity change from 0 to 2048
[   75.797128][ T4907] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.838431][   T29] kauditd_printk_skb: 442 callbacks suppressed
[   75.838449][   T29] audit: type=1326 audit(1756947688.867:2086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4910 comm="syz.1.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95eae8ebe9 code=0x7ffc0000
[   75.871006][   T29] audit: type=1326 audit(1756947688.907:2087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4910 comm="syz.1.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95eae8ebe9 code=0x7ffc0000
[   75.895801][   T29] audit: type=1326 audit(1756947688.907:2088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4910 comm="syz.1.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95eae8ebe9 code=0x7ffc0000
[   75.920275][   T29] audit: type=1326 audit(1756947688.907:2089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4910 comm="syz.1.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95eae8ebe9 code=0x7ffc0000
[   75.944455][   T29] audit: type=1326 audit(1756947688.907:2090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4910 comm="syz.1.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f95eae8ebe9 code=0x7ffc0000
[   75.968280][   T29] audit: type=1326 audit(1756947688.907:2091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4910 comm="syz.1.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95eae8ebe9 code=0x7ffc0000
[   76.011120][   T29] audit: type=1326 audit(1756947689.027:2092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4913 comm="syz.5.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[   76.034828][   T29] audit: type=1326 audit(1756947689.027:2093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4913 comm="syz.5.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[   76.059013][   T29] audit: type=1326 audit(1756947689.027:2094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4913 comm="syz.5.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[   76.083421][   T29] audit: type=1326 audit(1756947689.027:2095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4913 comm="syz.5.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[   76.084234][ T4917] FAULT_INJECTION: forcing a failure.
[   76.084234][ T4917] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   76.121218][ T4917] CPU: 1 UID: 0 PID: 4917 Comm: syz.1.473 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   76.121248][ T4917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   76.121315][ T4917] Call Trace:
[   76.121323][ T4917]  <TASK>
[   76.121332][ T4917]  __dump_stack+0x1d/0x30
[   76.121355][ T4917]  dump_stack_lvl+0xe8/0x140
[   76.121396][ T4917]  dump_stack+0x15/0x1b
[   76.121426][ T4917]  should_fail_ex+0x265/0x280
[   76.121448][ T4917]  should_fail+0xb/0x20
[   76.121499][ T4917]  should_fail_usercopy+0x1a/0x20
[   76.121522][ T4917]  strncpy_from_user+0x25/0x230
[   76.121552][ T4917]  ? kmem_cache_alloc_noprof+0x186/0x310
[   76.121660][ T4917]  ? getname_flags+0x80/0x3b0
[   76.121700][ T4917]  getname_flags+0xae/0x3b0
[   76.121785][ T4917]  user_path_at+0x28/0x130
[   76.121842][ T4917]  __se_sys_mount+0x25b/0x2e0
[   76.121865][ T4917]  ? fput+0x8f/0xc0
[   76.121896][ T4917]  __x64_sys_mount+0x67/0x80
[   76.121927][ T4917]  x64_sys_call+0x2b4d/0x2ff0
[   76.121985][ T4917]  do_syscall_64+0xd2/0x200
[   76.122013][ T4917]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   76.122038][ T4917]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   76.122066][ T4917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.122108][ T4917] RIP: 0033:0x7f95eae8ebe9
[   76.122124][ T4917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.122191][ T4917] RSP: 002b:00007f95e98d6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   76.122213][ T4917] RAX: ffffffffffffffda RBX: 00007f95eb0c6090 RCX: 00007f95eae8ebe9
[   76.122226][ T4917] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000000
[   76.122239][ T4917] RBP: 00007f95e98d6090 R08: 0000000000000000 R09: 0000000000000000
[   76.122250][ T4917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.122263][ T4917] R13: 00007f95eb0c6128 R14: 00007f95eb0c6090 R15: 00007ffca670a338
[   76.122281][ T4917]  </TASK>
[   76.325049][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.375181][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.625467][ T4930] hub 2-0:1.0: USB hub found
[   76.630471][ T4930] hub 2-0:1.0: 8 ports detected
[   76.646330][ T4934] netlink: 132 bytes leftover after parsing attributes in process `syz.2.475'.
[   76.930491][ T4940] loop1: detected capacity change from 0 to 2048
[   77.045011][ T4940] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.406650][ T4956] tipc: Started in network mode
[   77.411904][ T4956] tipc: Node identity ac14140f, cluster identity 4711
[   77.446417][ T4956] tipc: New replicast peer: 255.255.255.255
[   77.453137][ T4956] tipc: Enabled bearer <udp:syz2>, priority 10
[   77.576102][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.600966][ T4963] loop3: detected capacity change from 0 to 2048
[   77.634298][ T4963] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.783778][ T4973] loop1: detected capacity change from 0 to 1024
[   77.855499][ T4973] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002]
[   77.871364][ T4973] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.886940][ T4973] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.492: bg 0: block 88: padding at end of block bitmap is not set
[   77.904857][ T4973] netlink: 16 bytes leftover after parsing attributes in process `syz.1.492'.
[   77.914063][ T4973] netlink: 16 bytes leftover after parsing attributes in process `syz.1.492'.
[   77.953518][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.050451][ T4981] netlink: 14 bytes leftover after parsing attributes in process `syz.1.494'.
[   78.208553][ T4987] netlink: 132 bytes leftover after parsing attributes in process `syz.2.496'.
[   78.249856][ T4990] loop5: detected capacity change from 0 to 512
[   78.296724][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.313401][ T4990] EXT4-fs: Ignoring removed oldalloc option
[   78.323065][ T4990] EXT4-fs (loop5): 1 truncate cleaned up
[   78.329314][ T4990] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.352848][ T4990] sd 0:0:1:0: device reset
[   78.582569][ T3400] tipc: Node number set to 2886997007
[   78.653155][ T4993] netlink: 'syz.3.500': attribute type 30 has an invalid length.
[   78.893414][ T4989] loop1: detected capacity change from 0 to 2048
[   78.985667][ T4989] EXT4-fs (loop1): failed to initialize system zone (-117)
[   79.003147][ T4989] EXT4-fs (loop1): mount failed
[   79.145936][ T5018] netlink: 'syz.3.506': attribute type 30 has an invalid length.
[   79.167640][ T4362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.309501][ T5030] netlink: 'syz.3.512': attribute type 2 has an invalid length.
[   79.318762][ T5030] netlink: 'syz.3.512': attribute type 1 has an invalid length.
[   79.328095][ T5030] netlink: 'syz.3.512': attribute type 2 has an invalid length.
[   79.342055][ T5030] hugetlbfs: Bad value for 'gid'
[   79.347379][ T5030] hugetlbfs: Bad value for 'gid'
[   79.434215][ T5038] netlink: 14 bytes leftover after parsing attributes in process `syz.2.516'.
[   79.484867][ T5042] netlink: 4 bytes leftover after parsing attributes in process `syz.1.513'.
[   79.502707][ T5044] ALSA: seq fatal error: cannot create timer (-22)
[   79.538990][ T5034] netlink: 132 bytes leftover after parsing attributes in process `syz.3.514'.
[   79.745348][ T5057] netlink: 'syz.1.523': attribute type 30 has an invalid length.
[   79.745540][ T5059] netlink: 14 bytes leftover after parsing attributes in process `syz.5.524'.
[   79.959955][ T5060] loop5: detected capacity change from 0 to 2048
[   80.020205][ T5060] EXT4-fs (loop5): failed to initialize system zone (-117)
[   80.036220][ T5060] EXT4-fs (loop5): mount failed
[   80.220854][ T5076] ALSA: seq fatal error: cannot create timer (-22)
[   80.475433][ T5085] loop3: detected capacity change from 0 to 2048
[   80.597094][ T5085] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.013227][ T5091] loop0: detected capacity change from 0 to 2048
[   81.204934][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.276201][ T5091] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.399364][ T5095] hub 2-0:1.0: USB hub found
[   81.410250][ T5095] hub 2-0:1.0: 8 ports detected
[   81.455318][ T5095] loop3: detected capacity change from 0 to 2048
[   81.587397][   T29] kauditd_printk_skb: 427 callbacks suppressed
[   81.587415][   T29] audit: type=1326 audit(1756947694.617:2523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5099 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   81.618239][   T29] audit: type=1326 audit(1756947694.617:2524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5099 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   81.707911][ T5101] loop5: detected capacity change from 0 to 2048
[   81.748928][ T5095]  loop3: p1 < > p4
[   81.755540][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.769524][ T5095] loop3: p4 size 8388608 extends beyond EOD, truncated
[   81.794053][ T2995]  loop3: p1 < > p4
[   81.809773][ T5101] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.828065][ T2995] loop3: p4 size 8388608 extends beyond EOD, truncated
[   81.941501][ T5108] loop2: detected capacity change from 0 to 512
[   81.967509][   T29] audit: type=1326 audit(1756947694.777:2525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5099 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   81.982369][ T4568] udevd[4568]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   81.991490][   T29] audit: type=1326 audit(1756947694.777:2526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5099 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   81.991525][   T29] audit: type=1326 audit(1756947694.777:2527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5099 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   82.024144][ T4567] udevd[4567]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   82.026547][   T29] audit: type=1326 audit(1756947694.777:2528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5099 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   82.084855][   T29] audit: type=1326 audit(1756947694.777:2529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5099 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   82.110277][   T29] audit: type=1326 audit(1756947694.777:2530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5099 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   82.134253][   T29] audit: type=1326 audit(1756947694.777:2531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5099 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   82.158623][   T29] audit: type=1326 audit(1756947694.777:2532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5099 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   82.191437][ T5108] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   82.208208][ T5108] EXT4-fs (loop2): orphan cleanup on readonly fs
[   82.241684][ T5108] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.538: Failed to acquire dquot type 1
[   82.266078][ T5108] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.538: bg 0: block 40: padding at end of block bitmap is not set
[   82.280896][ T5108] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   82.293106][ T5108] EXT4-fs (loop2): 1 truncate cleaned up
[   82.336361][ T4362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.336454][ T5108] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   82.368224][ T5108] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #16: comm syz.2.538: corrupted xattr block 31: invalid header
[   82.387057][ T5108] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=16
[   82.396758][ T5108] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #16: comm syz.2.538: corrupted xattr block 31: invalid header
[   82.417463][ T5108] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=16
[   82.427108][ T5120] ALSA: seq fatal error: cannot create timer (-22)
[   82.458568][ T5108] EXT4-fs error (device loop2): ext4_get_link:106: inode #16: comm syz.2.538: bad symlink.
[   82.484710][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.507596][ T5118] netlink: 24 bytes leftover after parsing attributes in process `syz.3.540'.
[   82.516801][ T5118] netlink: 64 bytes leftover after parsing attributes in process `syz.3.540'.
[   82.656054][ T5136] IPVS: length: 113 != 24
[   82.778831][ T5141] loop1: detected capacity change from 0 to 2048
[   82.906249][ T5141] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.053285][ T5140] hub 2-0:1.0: USB hub found
[   83.108785][ T5140] hub 2-0:1.0: 8 ports detected
[   83.217341][ T5155] loop2: detected capacity change from 0 to 512
[   83.240345][ T5155] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   83.261231][ T5155] EXT4-fs (loop2): orphan cleanup on readonly fs
[   83.301663][ T5155] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.555: Failed to acquire dquot type 1
[   83.319567][ T5155] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.555: bg 0: block 40: padding at end of block bitmap is not set
[   83.338322][ T5153] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.349834][ T5155] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   83.385352][ T5155] EXT4-fs (loop2): 1 truncate cleaned up
[   83.402481][ T5155] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   83.427500][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.440369][ T5153] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.492170][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.509293][ T5164] __nla_validate_parse: 1 callbacks suppressed
[   83.509315][ T5164] netlink: 4 bytes leftover after parsing attributes in process `syz.0.558'.
[   83.528956][ T5153] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.549483][ T5164] team2: entered promiscuous mode
[   83.554638][ T5164] team2: entered allmulticast mode
[   83.595108][ T5153] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.707475][ T5172] netlink: 14 bytes leftover after parsing attributes in process `syz.1.560'.
[   83.726758][  T292] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.735360][ T5167] loop2: detected capacity change from 0 to 2048
[   83.814158][  T292] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.844704][ T5167] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.858142][  T292] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.916423][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.962658][  T292] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.098001][ T5175] loop1: detected capacity change from 0 to 2048
[   84.124367][ T5175] EXT4-fs (loop1): failed to initialize system zone (-117)
[   84.155039][ T5175] EXT4-fs (loop1): mount failed
[   84.412945][ T5187] netlink: 14 bytes leftover after parsing attributes in process `syz.5.564'.
[   84.666237][ T5197] hub 2-0:1.0: USB hub found
[   84.682654][ T5197] hub 2-0:1.0: 8 ports detected
[   84.715684][ T5201] loop5: detected capacity change from 0 to 2048
[   84.756002][ T5201] EXT4-fs (loop5): failed to initialize system zone (-117)
[   84.756578][ T5197] loop3: detected capacity change from 0 to 2048
[   84.780705][ T5201] EXT4-fs (loop5): mount failed
[   84.817692][ T4568]  loop3: p1 < > p4
[   84.826765][ T4568] loop3: p4 size 8388608 extends beyond EOD, truncated
[   84.858579][ T5197]  loop3: p1 < > p4
[   84.863263][ T5197] loop3: p4 size 8388608 extends beyond EOD, truncated
[   84.882407][ T5210] netlink: 8 bytes leftover after parsing attributes in process `syz.2.572'.
[   84.905379][ T5210] netlink: 4 bytes leftover after parsing attributes in process `syz.2.572'.
[   84.998698][ T4568] udevd[4568]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   85.022761][ T4000] udevd[4000]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   85.096044][ T4001] udevd[4001]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   85.107591][ T4568] udevd[4568]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   85.141600][ T5225] loop3: detected capacity change from 0 to 512
[   85.169714][ T5225] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   85.200880][ T5228] hub 2-0:1.0: USB hub found
[   85.207475][ T5225] EXT4-fs (loop3): orphan cleanup on readonly fs
[   85.217789][ T5228] hub 2-0:1.0: 8 ports detected
[   85.234766][ T5225] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.579: Failed to acquire dquot type 1
[   85.265491][ T5230] ALSA: seq fatal error: cannot create timer (-22)
[   85.272510][ T5228] loop1: detected capacity change from 0 to 2048
[   85.279631][ T5225] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.579: bg 0: block 40: padding at end of block bitmap is not set
[   85.296455][ T5225] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   85.313574][ T5225] EXT4-fs (loop3): 1 truncate cleaned up
[   85.321692][ T5225] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   85.324326][ T4568]  loop1: p1 < > p4
[   85.357003][ T4568] loop1: p4 size 8388608 extends beyond EOD, truncated
[   85.383846][ T5228]  loop1: p1 < > p4
[   85.392175][ T5228] loop1: p4 size 8388608 extends beyond EOD, truncated
[   85.423949][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.534869][ T4001] udevd[4001]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   85.545793][ T4568] udevd[4568]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   85.711509][ T5248] loop2: detected capacity change from 0 to 2048
[   85.725600][ T5256] loop3: detected capacity change from 0 to 512
[   85.734017][ T5256] EXT4-fs: Ignoring removed oldalloc option
[   85.755142][ T5256] EXT4-fs (loop3): 1 truncate cleaned up
[   85.766900][ T5259] loop5: detected capacity change from 0 to 1024
[   85.776462][ T5256] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.811864][ T5256] sd 0:0:1:0: device reset
[   85.817716][ T5248] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.835199][ T5259] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002]
[   85.844871][ T5259] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.867113][ T5259] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.593: bg 0: block 88: padding at end of block bitmap is not set
[   85.882061][ T5260] loop1: detected capacity change from 0 to 2048
[   85.905425][ T5260] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.924774][ T5259] netlink: 16 bytes leftover after parsing attributes in process `syz.5.593'.
[   85.933873][ T5259] netlink: 16 bytes leftover after parsing attributes in process `syz.5.593'.
[   85.957907][ T4362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.101741][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.141951][ T5279] netlink: 4 bytes leftover after parsing attributes in process `syz.3.601'.
[   86.177689][ T5279] team6: entered promiscuous mode
[   86.183071][ T5279] team6: entered allmulticast mode
[   86.260506][ T5286] netlink: 'syz.3.604': attribute type 30 has an invalid length.
[   86.399719][ T5288] loop0: detected capacity change from 0 to 2048
[   86.521148][ T5289] loop5: detected capacity change from 0 to 2048
[   86.627625][ T5289] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.648910][ T5288] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.680991][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.691559][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.706699][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.729201][ T5297] netlink: 14 bytes leftover after parsing attributes in process `syz.2.606'.
[   86.736100][ T5296] netlink: 14 bytes leftover after parsing attributes in process `syz.1.607'.
[   86.829730][ T5301] ALSA: seq fatal error: cannot create timer (-22)
[   86.848985][   T29] kauditd_printk_skb: 373 callbacks suppressed
[   86.849002][   T29] audit: type=1326 audit(1756947699.877:2900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5302 comm="syz.0.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   86.892831][   T29] audit: type=1326 audit(1756947699.877:2901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5302 comm="syz.0.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   86.916788][   T29] audit: type=1326 audit(1756947699.877:2902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5302 comm="syz.0.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   86.938175][ T5306] loop3: detected capacity change from 0 to 512
[   86.940978][   T29] audit: type=1326 audit(1756947699.877:2903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5302 comm="syz.0.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   86.964082][ T5306] EXT4-fs: Ignoring removed oldalloc option
[   86.971426][   T29] audit: type=1326 audit(1756947699.877:2904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5302 comm="syz.0.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   87.004182][   T29] audit: type=1326 audit(1756947699.877:2905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5302 comm="syz.0.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   87.029923][   T29] audit: type=1326 audit(1756947699.917:2906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5302 comm="syz.0.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   87.054084][   T29] audit: type=1326 audit(1756947699.917:2907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5302 comm="syz.0.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   87.074458][ T5304] loop1: detected capacity change from 0 to 2048
[   87.081881][   T29] audit: type=1326 audit(1756947700.107:2908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5302 comm="syz.0.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   87.109775][   T29] audit: type=1326 audit(1756947700.107:2909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5302 comm="syz.0.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de809ebe9 code=0x7ffc0000
[   87.161779][ T5306] EXT4-fs (loop3): 1 truncate cleaned up
[   87.168141][ T5304] EXT4-fs (loop1): failed to initialize system zone (-117)
[   87.181283][ T5304] EXT4-fs (loop1): mount failed
[   87.181378][ T4362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.204110][ T5306] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.582402][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.896498][ T5332] netlink: 'syz.5.620': attribute type 30 has an invalid length.
[   87.930551][ T5334] ALSA: seq fatal error: cannot create timer (-22)
[   87.973791][ T5337] loop2: detected capacity change from 0 to 2048
[   88.164442][ T5337] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.276436][ T5346] loop5: detected capacity change from 0 to 2048
[   88.305017][ T5346] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.640753][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.727705][ T5366] netlink: 'syz.1.632': attribute type 2 has an invalid length.
[   88.736247][ T5366] netlink: 'syz.1.632': attribute type 1 has an invalid length.
[   88.744749][ T5366] netlink: 'syz.1.632': attribute type 2 has an invalid length.
[   88.756940][ T5366] hugetlbfs: Bad value for 'gid'
[   88.762203][ T5366] hugetlbfs: Bad value for 'gid'
[   88.909679][ T4362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.068197][ T5395] loop3: detected capacity change from 0 to 2048
[   89.154857][ T5395] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.562097][ T5415] loop0: detected capacity change from 0 to 512
[   89.569137][ T5415] EXT4-fs: Ignoring removed oldalloc option
[   89.578117][ T5415] EXT4-fs (loop0): 1 truncate cleaned up
[   89.584561][ T5415] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.751152][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.852147][ T5430] loop3: detected capacity change from 0 to 1024
[   89.905207][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.923033][ T5430] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002]
[   89.934303][ T5430] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.962455][ T5430] netlink: 16 bytes leftover after parsing attributes in process `syz.3.657'.
[   89.971724][ T5430] netlink: 16 bytes leftover after parsing attributes in process `syz.3.657'.
[   90.004274][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.048387][ T5439] loop1: detected capacity change from 0 to 2048
[   90.263608][ T5449] netlink: 'syz.0.666': attribute type 30 has an invalid length.
[   90.471929][ T5462] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.497591][ T5464] loop1: detected capacity change from 0 to 164
[   90.521664][ T5464] rock: directory entry would overflow storage
[   90.528533][ T5464] rock: sig=0x66, size=4, remaining=3
[   90.545281][ T5464] rock: directory entry would overflow storage
[   90.551952][ T5464] rock: sig=0x66, size=4, remaining=3
[   90.566838][ T5464] netlink: 12 bytes leftover after parsing attributes in process `syz.1.673'.
[   90.578802][ T5462] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.603118][ T5468] loop5: detected capacity change from 0 to 2048
[   90.805466][ T5478] netlink: 'syz.1.676': attribute type 2 has an invalid length.
[   90.813432][ T5478] netlink: 'syz.1.676': attribute type 1 has an invalid length.
[   90.821249][ T5478] netlink: 'syz.1.676': attribute type 2 has an invalid length.
[   90.887111][ T5462] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.899700][ T5478] hugetlbfs: Bad value for 'gid'
[   90.905185][ T5478] hugetlbfs: Bad value for 'gid'
[   90.944977][ T5462] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.000432][   T37] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.022962][  T160] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.031777][  T160] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.044619][  T160] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.180930][ T5510] netlink: 'syz.1.691': attribute type 2 has an invalid length.
[   91.224971][ T5510] hugetlbfs: Bad value for 'gid'
[   91.230376][ T5510] hugetlbfs: Bad value for 'gid'
[   91.275758][ T5515] netlink: 14 bytes leftover after parsing attributes in process `syz.1.693'.
[   91.494919][ T5524] hub 2-0:1.0: USB hub found
[   91.499981][ T5524] hub 2-0:1.0: 8 ports detected
[   91.852621][   T29] kauditd_printk_skb: 530 callbacks suppressed
[   91.852638][   T29] audit: type=1326 audit(1756947704.877:3440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5540 comm="syz.2.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   91.883643][   T29] audit: type=1326 audit(1756947704.877:3441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5540 comm="syz.2.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   91.913235][ T5539] validate_nla: 2 callbacks suppressed
[   91.913378][ T5539] netlink: 'syz.3.703': attribute type 2 has an invalid length.
[   91.928955][ T5539] netlink: 'syz.3.703': attribute type 1 has an invalid length.
[   91.937026][ T5539] netlink: 'syz.3.703': attribute type 2 has an invalid length.
[   92.005542][ T5539] hugetlbfs: Bad value for 'gid'
[   92.010574][ T5539] hugetlbfs: Bad value for 'gid'
[   92.215015][   T29] audit: type=1326 audit(1756947705.247:3442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5556 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68ac0bebe9 code=0x7ffc0000
[   92.239271][   T29] audit: type=1326 audit(1756947705.247:3443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5556 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68ac0bebe9 code=0x7ffc0000
[   92.263262][   T29] audit: type=1326 audit(1756947705.247:3444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5556 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68ac0bebe9 code=0x7ffc0000
[   92.286973][   T29] audit: type=1326 audit(1756947705.247:3445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5556 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68ac0bebe9 code=0x7ffc0000
[   92.311156][   T29] audit: type=1326 audit(1756947705.247:3446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5556 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68ac0bebe9 code=0x7ffc0000
[   92.335405][   T29] audit: type=1326 audit(1756947705.247:3447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5556 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68ac0bebe9 code=0x7ffc0000
[   92.359669][   T29] audit: type=1326 audit(1756947705.247:3448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5556 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68ac0bebe9 code=0x7ffc0000
[   92.383884][   T29] audit: type=1326 audit(1756947705.247:3449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5556 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68ac0bebe9 code=0x7ffc0000
[   92.464407][ T5520] loop1: detected capacity change from 0 to 2048
[   92.552791][ T5520] EXT4-fs (loop1): failed to initialize system zone (-117)
[   92.560677][ T5520] EXT4-fs (loop1): mount failed
[   93.397551][ T5578] netlink: 'syz.2.717': attribute type 2 has an invalid length.
[   93.405967][ T5578] netlink: 'syz.2.717': attribute type 1 has an invalid length.
[   93.413777][ T5578] netlink: 'syz.2.717': attribute type 2 has an invalid length.
[   93.452403][ T5578] hugetlbfs: Bad value for 'gid'
[   93.457464][ T5578] hugetlbfs: Bad value for 'gid'
[   93.491867][ T5582] loop2: detected capacity change from 0 to 1024
[   93.538540][ T5582] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002]
[   93.609974][ T5582] netlink: 16 bytes leftover after parsing attributes in process `syz.2.719'.
[   93.619294][ T5582] netlink: 16 bytes leftover after parsing attributes in process `syz.2.719'.
[   93.906687][ T5590] hub 2-0:1.0: USB hub found
[   93.934746][ T5590] hub 2-0:1.0: 8 ports detected
[   94.780833][ T5610] netlink: 'syz.5.729': attribute type 2 has an invalid length.
[   94.788652][ T5610] netlink: 'syz.5.729': attribute type 1 has an invalid length.
[   94.796452][ T5610] netlink: 'syz.5.729': attribute type 2 has an invalid length.
[   94.834372][ T5611] hugetlbfs: Bad value for 'gid'
[   94.839678][ T5611] hugetlbfs: Bad value for 'gid'
[   95.275931][ T5636] netlink: 'syz.2.740': attribute type 2 has an invalid length.
[   95.304867][ T5638] netlink: 14 bytes leftover after parsing attributes in process `syz.5.742'.
[   95.314691][ T5636] hugetlbfs: Bad value for 'gid'
[   95.319668][ T5636] hugetlbfs: Bad value for 'gid'
[   95.517167][ T5643] loop2: detected capacity change from 0 to 2048
[   95.684457][ T5638] loop5: detected capacity change from 0 to 2048
[   95.727381][ T5638] EXT4-fs (loop5): failed to initialize system zone (-117)
[   95.750728][ T5638] EXT4-fs (loop5): mount failed
[   96.011834][ T5654] loop2: detected capacity change from 0 to 164
[   96.050443][ T5654] rock: directory entry would overflow storage
[   96.056829][ T5654] rock: sig=0x66, size=4, remaining=3
[   96.089335][ T5654] rock: directory entry would overflow storage
[   96.095590][ T5654] rock: sig=0x66, size=4, remaining=3
[   96.096188][ T5514] syz.1.693 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[   96.112212][ T5514] CPU: 0 UID: 0 PID: 5514 Comm: syz.1.693 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   96.112240][ T5514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   96.112251][ T5514] Call Trace:
[   96.112257][ T5514]  <TASK>
[   96.112265][ T5514]  __dump_stack+0x1d/0x30
[   96.112288][ T5514]  dump_stack_lvl+0xe8/0x140
[   96.112342][ T5514]  dump_stack+0x15/0x1b
[   96.112359][ T5514]  dump_header+0x81/0x220
[   96.112389][ T5514]  oom_kill_process+0x342/0x400
[   96.112527][ T5514]  out_of_memory+0x979/0xb80
[   96.112565][ T5514]  try_charge_memcg+0x5e6/0x9e0
[   96.112593][ T5514]  charge_memcg+0x51/0xc0
[   96.112613][ T5514]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[   96.112663][ T5514]  __read_swap_cache_async+0x1df/0x350
[   96.112693][ T5514]  swap_cluster_readahead+0x277/0x3e0
[   96.112753][ T5514]  swapin_readahead+0xde/0x6f0
[   96.112797][ T5514]  ? __filemap_get_folio+0x4f7/0x6b0
[   96.112899][ T5514]  ? __rcu_read_unlock+0x34/0x70
[   96.112918][ T5514]  ? swap_cache_get_folio+0x77/0x200
[   96.113016][ T5514]  do_swap_page+0x301/0x2430
[   96.113038][ T5514]  ? css_rstat_updated+0xb7/0x240
[   96.113070][ T5514]  ? __pfx_default_wake_function+0x10/0x10
[   96.113165][ T5514]  handle_mm_fault+0x9a5/0x2c20
[   96.113198][ T5514]  do_user_addr_fault+0x636/0x1090
[   96.113280][ T5514]  exc_page_fault+0x62/0xa0
[   96.113306][ T5514]  asm_exc_page_fault+0x26/0x30
[   96.113334][ T5514] RIP: 0033:0x7f95ead6f507
[   96.113350][ T5514] Code: c0 08 89 43 28 4c 89 62 f8 41 8d 56 01 41 39 ee 0f 83 8d 00 00 00 41 89 d6 48 8b 3c 24 89 ea 4d 8b 65 40 44 29 f2 4c 03 24 d7 <48> 83 7b 50 07 77 08 48 c7 43 50 08 00 00 00 41 89 c7 49 f7 df 4c
[   96.113487][ T5514] RSP: 002b:00007ffca670a3e0 EFLAGS: 00010282
[   96.113502][ T5514] RAX: 0000000000013790 RBX: 00007f95ebbf5720 RCX: ffffffff8567464c
[   96.113515][ T5514] RDX: 000000000000059c RSI: ffffffff812792fd RDI: 00007f95ea8ff008
[   96.113537][ T5514] RBP: 000000000000059d R08: 00007f95ea8ff050 R09: 00007f95eb0b2000
[   96.113549][ T5514] R10: 00007f95ea8ff008 R11: 0000000000000005 R12: ffffffff8567464c
[   96.113560][ T5514] R13: 00007f95eb0c6038 R14: 0000000000000001 R15: 0000000000000000
[   96.113572][ T5514]  ? xa_load+0xac/0xe0
[   96.113603][ T5514]  ? xa_load+0xac/0xe0
[   96.113697][ T5514]  ? get_gate_vma+0xd/0x90
[   96.113721][ T5514]  </TASK>
[   96.338849][ T5514] memory: usage 307200kB, limit 307200kB, failcnt 1556
[   96.346012][ T5514] memory+swap: usage 307400kB, limit 9007199254740988kB, failcnt 0
[   96.354157][ T5514] kmem: usage 299044kB, limit 9007199254740988kB, failcnt 0
[   96.361453][ T5514] Memory cgroup stats for /syz1:
[   96.536608][ T5657] hub 2-0:1.0: USB hub found
[   96.562837][ T5657] hub 2-0:1.0: 8 ports detected
[   96.578937][ T5514] cache 0
[   96.582037][ T5514] rss 8335360
[   96.585375][ T5514] shmem 0
[   96.588508][ T5514] mapped_file 0
[   96.592681][ T5514] dirty 0
[   96.596109][ T5514] writeback 0
[   96.599701][ T5514] workingset_refault_anon 337
[   96.605033][ T5514] workingset_refault_file 2077
[   96.610202][ T5514] swap 204800
[   96.613666][ T5514] swapcached 0
[   96.617059][ T5514] pgpgin 76124
[   96.620506][ T5514] pgpgout 74085
[   96.624101][ T5514] pgfault 84874
[   96.627668][ T5514] pgmajfault 245
[   96.631292][ T5514] inactive_anon 0
[   96.635238][ T5514] active_anon 0
[   96.638884][ T5514] inactive_file 8351744
[   96.643140][ T5514] active_file 0
[   96.647039][ T5514] unevictable 0
[   96.650633][ T5514] hierarchical_memory_limit 314572800
[   96.656545][ T5514] hierarchical_memsw_limit 9223372036854771712
[   96.663224][ T5514] total_cache 0
[   96.667079][ T5514] total_rss 8335360
[   96.671153][ T5514] total_shmem 0
[   96.674756][ T5514] total_mapped_file 0
[   96.678963][ T5514] total_dirty 0
[   96.682471][ T5514] total_writeback 0
[   96.686631][ T5514] total_workingset_refault_anon 337
[   96.692282][ T5514] total_workingset_refault_file 2077
[   96.698329][ T5514] total_swap 204800
[   96.702191][ T5514] total_swapcached 0
[   96.706314][ T5514] total_pgpgin 76124
[   96.710414][ T5514] total_pgpgout 74085
[   96.714794][ T5514] total_pgfault 84874
[   96.718942][ T5514] total_pgmajfault 245
[   96.723853][ T5514] total_inactive_anon 0
[   96.728270][ T5514] total_active_anon 0
[   96.732686][ T5514] total_inactive_file 8351744
[   96.737663][ T5514] total_active_file 0
[   96.741998][ T5514] total_unevictable 0
[   96.746446][ T5514] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.693,pid=5514,uid=0
[   96.761528][ T5514] Memory cgroup out of memory: Killed process 5514 (syz.1.693) total-vm:96008kB, anon-rss:9072kB, file-rss:22572kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000
[   96.935934][   T29] kauditd_printk_skb: 348 callbacks suppressed
[   96.935951][   T29] audit: type=1326 audit(1756947709.967:3798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5667 comm="syz.2.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   97.052581][   T29] audit: type=1326 audit(1756947709.967:3799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5667 comm="syz.2.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   97.077663][   T29] audit: type=1326 audit(1756947709.967:3800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5667 comm="syz.2.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   97.101673][   T29] audit: type=1326 audit(1756947709.967:3801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5667 comm="syz.2.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   97.125971][   T29] audit: type=1326 audit(1756947709.967:3802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5667 comm="syz.2.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   97.367302][   T29] audit: type=1400 audit(1756947710.327:3803): avc:  denied  { lock } for  pid=5673 comm="syz.2.754" path="socket:[12117]" dev="sockfs" ino=12117 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   97.392332][   T29] audit: type=1326 audit(1756947710.327:3804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5673 comm="syz.2.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   97.416293][   T29] audit: type=1326 audit(1756947710.327:3805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5673 comm="syz.2.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   97.440256][   T29] audit: type=1326 audit(1756947710.327:3806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5673 comm="syz.2.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   97.464975][   T29] audit: type=1326 audit(1756947710.327:3807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5673 comm="syz.2.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[   97.648937][ T5681] loop2: detected capacity change from 0 to 2048
[   97.719084][ T5683] netlink: 14 bytes leftover after parsing attributes in process `syz.3.757'.
[   97.741207][ T4568]  loop2: p1 < > p4
[   97.750655][ T4568] loop2: p4 size 8388608 extends beyond EOD, truncated
[   97.774435][ T5681]  loop2: p1 < > p4
[   97.793724][ T5681] loop2: p4 size 8388608 extends beyond EOD, truncated
[   97.925840][ T4568] udevd[4568]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   97.933701][ T4001] udevd[4001]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   98.111527][ T5691] hub 2-0:1.0: USB hub found
[   98.121709][ T5691] hub 2-0:1.0: 8 ports detected
[   98.417438][ T5696] validate_nla: 3 callbacks suppressed
[   98.417562][ T5696] netlink: 'syz.2.763': attribute type 30 has an invalid length.
[   98.823433][   T30] oom_reaper: reaped process 5514 (syz.1.693), now anon-rss:20kB, file-rss:21408kB, shmem-rss:0kB
[   99.376234][ T5704] netlink: 'syz.1.765': attribute type 13 has an invalid length.
[   99.445602][ T5704] net_ratelimit: 33 callbacks suppressed
[   99.445693][ T5704] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   99.923685][ T5735] hub 2-0:1.0: USB hub found
[   99.929981][ T5735] hub 2-0:1.0: 8 ports detected
[  100.112503][ T5755] loop0: detected capacity change from 0 to 512
[  100.134156][ T5755] EXT4-fs: Ignoring removed oldalloc option
[  100.194651][ T5755] EXT4-fs (loop0): 1 truncate cleaned up
[  100.205087][ T5766] netlink: 20 bytes leftover after parsing attributes in process `syz.3.793'.
[  100.211510][ T5755] EXT4-fs mount: 8 callbacks suppressed
[  100.211526][ T5755] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.281226][ T5769] loop2: detected capacity change from 0 to 2048
[  100.306352][ T5769] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.333642][ T5769] FAULT_INJECTION: forcing a failure.
[  100.333642][ T5769] name failslab, interval 1, probability 0, space 0, times 0
[  100.346827][ T5769] CPU: 0 UID: 0 PID: 5769 Comm: syz.2.795 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  100.346865][ T5769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  100.346923][ T5769] Call Trace:
[  100.346930][ T5769]  <TASK>
[  100.346939][ T5769]  __dump_stack+0x1d/0x30
[  100.346982][ T5769]  dump_stack_lvl+0xe8/0x140
[  100.347004][ T5769]  dump_stack+0x15/0x1b
[  100.347048][ T5769]  should_fail_ex+0x265/0x280
[  100.347113][ T5769]  should_failslab+0x8c/0xb0
[  100.347139][ T5769]  __kmalloc_noprof+0xa5/0x3e0
[  100.347169][ T5769]  ? ext4_find_extent+0x16b/0x7a0
[  100.347197][ T5769]  ext4_find_extent+0x16b/0x7a0
[  100.347246][ T5769]  ext4_ext_map_blocks+0x11f/0x38a0
[  100.347270][ T5769]  ? prep_new_page+0x5c/0x200
[  100.347297][ T5769]  ? css_rstat_updated+0xb7/0x240
[  100.347370][ T5769]  ? mod_memcg_lruvec_state+0x1fc/0x2c0
[  100.347402][ T5769]  ? __rcu_read_unlock+0x4f/0x70
[  100.347428][ T5769]  ? __account_obj_stock+0x2d6/0x350
[  100.347536][ T5769]  ? __rcu_read_unlock+0x4f/0x70
[  100.347561][ T5769]  ext4_map_query_blocks+0xa8/0x480
[  100.347617][ T5769]  ext4_da_get_block_prep+0x25b/0xbb0
[  100.347643][ T5769]  ? alloc_buffer_head+0x1c3/0x1f0
[  100.347664][ T5769]  ? folio_alloc_buffers+0x2e5/0x310
[  100.347689][ T5769]  ext4_block_write_begin+0x5e5/0xc00
[  100.347799][ T5769]  ? __pfx_ext4_da_get_block_prep+0x10/0x10
[  100.347855][ T5769]  ext4_da_write_begin+0x48f/0x6e0
[  100.347886][ T5769]  generic_perform_write+0x181/0x490
[  100.347913][ T5769]  ext4_buffered_write_iter+0x1ee/0x3c0
[  100.347947][ T5769]  ? ext4_file_write_iter+0xfe/0xf00
[  100.348103][ T5769]  ext4_file_write_iter+0x383/0xf00
[  100.348139][ T5769]  ? kstrtouint_from_user+0x9f/0xf0
[  100.348184][ T5769]  ? avc_policy_seqno+0x15/0x30
[  100.348206][ T5769]  ? selinux_file_permission+0x1e4/0x320
[  100.348227][ T5769]  ? __pfx_ext4_file_write_iter+0x10/0x10
[  100.348301][ T5769]  vfs_write+0x527/0x960
[  100.348326][ T5769]  ksys_write+0xda/0x1a0
[  100.348350][ T5769]  __x64_sys_write+0x40/0x50
[  100.348376][ T5769]  x64_sys_call+0x27fe/0x2ff0
[  100.348401][ T5769]  do_syscall_64+0xd2/0x200
[  100.348486][ T5769]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.348514][ T5769]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  100.348541][ T5769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.348593][ T5769] RIP: 0033:0x7fda7298ebe9
[  100.348611][ T5769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.348629][ T5769] RSP: 002b:00007fda713f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  100.348652][ T5769] RAX: ffffffffffffffda RBX: 00007fda72bc5fa0 RCX: 00007fda7298ebe9
[  100.348667][ T5769] RDX: 00000000fffffd26 RSI: 0000200000000000 RDI: 0000000000000004
[  100.348682][ T5769] RBP: 00007fda713f7090 R08: 0000000000000000 R09: 0000000000000000
[  100.348714][ T5769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.348727][ T5769] R13: 00007fda72bc6038 R14: 00007fda72bc5fa0 R15: 00007ffd159ea6e8
[  100.348745][ T5769]  </TASK>
[  100.697538][ T5778] ALSA: seq fatal error: cannot create timer (-22)
[  100.706154][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.831813][ T5783] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.876369][ T5783] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.906536][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.924150][ T5793] FAULT_INJECTION: forcing a failure.
[  100.924150][ T5793] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.938778][ T5793] CPU: 1 UID: 0 PID: 5793 Comm: syz.2.805 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  100.938810][ T5793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  100.938822][ T5793] Call Trace:
[  100.938876][ T5793]  <TASK>
[  100.938884][ T5793]  __dump_stack+0x1d/0x30
[  100.938988][ T5793]  dump_stack_lvl+0xe8/0x140
[  100.939009][ T5793]  dump_stack+0x15/0x1b
[  100.939025][ T5793]  should_fail_ex+0x265/0x280
[  100.939122][ T5793]  should_fail+0xb/0x20
[  100.939143][ T5793]  should_fail_usercopy+0x1a/0x20
[  100.939166][ T5793]  _copy_to_user+0x20/0xa0
[  100.939194][ T5793]  simple_read_from_buffer+0xb5/0x130
[  100.939219][ T5793]  proc_fail_nth_read+0x10e/0x150
[  100.939275][ T5793]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  100.939301][ T5793]  vfs_read+0x1a5/0x770
[  100.939348][ T5793]  ? __rcu_read_unlock+0x4f/0x70
[  100.939371][ T5793]  ? __fget_files+0x184/0x1c0
[  100.939459][ T5793]  ksys_read+0xda/0x1a0
[  100.939482][ T5793]  __x64_sys_read+0x40/0x50
[  100.939542][ T5793]  x64_sys_call+0x27bc/0x2ff0
[  100.939566][ T5793]  do_syscall_64+0xd2/0x200
[  100.939593][ T5793]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.939617][ T5793]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  100.939681][ T5793]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.939703][ T5793] RIP: 0033:0x7fda7298d5fc
[  100.939721][ T5793] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  100.939741][ T5793] RSP: 002b:00007fda713f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  100.939764][ T5793] RAX: ffffffffffffffda RBX: 00007fda72bc5fa0 RCX: 00007fda7298d5fc
[  100.939860][ T5793] RDX: 000000000000000f RSI: 00007fda713f70a0 RDI: 0000000000000007
[  100.939873][ T5793] RBP: 00007fda713f7090 R08: 0000000000000000 R09: 0000000000000000
[  100.939887][ T5793] R10: 0000000000000833 R11: 0000000000000246 R12: 0000000000000001
[  100.939900][ T5793] R13: 00007fda72bc6038 R14: 00007fda72bc5fa0 R15: 00007ffd159ea6e8
[  100.939921][ T5793]  </TASK>
[  101.171063][ T5783] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.237057][ T5803] FAULT_INJECTION: forcing a failure.
[  101.237057][ T5803] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.250847][ T5803] CPU: 0 UID: 0 PID: 5803 Comm: syz.2.809 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  101.250877][ T5803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  101.250908][ T5803] Call Trace:
[  101.250913][ T5803]  <TASK>
[  101.250920][ T5803]  __dump_stack+0x1d/0x30
[  101.250937][ T5803]  dump_stack_lvl+0xe8/0x140
[  101.251028][ T5803]  dump_stack+0x15/0x1b
[  101.251039][ T5803]  should_fail_ex+0x265/0x280
[  101.251055][ T5803]  should_fail+0xb/0x20
[  101.251066][ T5803]  should_fail_usercopy+0x1a/0x20
[  101.251207][ T5803]  strncpy_from_user+0x25/0x230
[  101.251493][ T5803]  ? __kmalloc_cache_noprof+0x189/0x320
[  101.251517][ T5803]  __se_sys_memfd_create+0x1ff/0x590
[  101.251607][ T5803]  __x64_sys_memfd_create+0x31/0x40
[  101.251620][ T5803]  x64_sys_call+0x2abe/0x2ff0
[  101.251634][ T5803]  do_syscall_64+0xd2/0x200
[  101.251652][ T5803]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.251722][ T5803]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  101.251739][ T5803]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.251753][ T5803] RIP: 0033:0x7fda7298ebe9
[  101.251765][ T5803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.251777][ T5803] RSP: 002b:00007fda713f6d68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  101.251791][ T5803] RAX: ffffffffffffffda RBX: 000000000000062c RCX: 00007fda7298ebe9
[  101.251840][ T5803] RDX: 00007fda713f6dec RSI: 0000000000000000 RDI: 00007fda72a127e8
[  101.251854][ T5803] RBP: 0000200000000640 R08: 00007fda713f6b07 R09: 0000000000000000
[  101.251916][ T5803] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[  101.251925][ T5803] R13: 00007fda713f6dec R14: 00007fda713f6df0 R15: 00007ffd159ea6e8
[  101.251937][ T5803]  </TASK>
[  101.439618][ T5783] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.541511][  T160] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.568311][  T160] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.582449][  T160] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.594546][  T160] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.698345][ T5818] loop5: detected capacity change from 0 to 512
[  101.706460][ T5818] EXT4-fs: Ignoring removed oldalloc option
[  101.721323][ T5818] EXT4-fs (loop5): 1 truncate cleaned up
[  101.732484][ T5818] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.778391][ T5825] loop2: detected capacity change from 0 to 164
[  101.789623][ T5825] rock: directory entry would overflow storage
[  101.796070][ T5825] rock: sig=0x66, size=4, remaining=3
[  101.805359][ T5825] rock: directory entry would overflow storage
[  101.811634][ T5825] rock: sig=0x66, size=4, remaining=3
[  101.966969][ T4362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.042261][ T5829] loop2: detected capacity change from 0 to 2048
[  102.054911][ T5829] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.234897][   T29] kauditd_printk_skb: 542 callbacks suppressed
[  102.234916][   T29] audit: type=1326 audit(1756947715.267:4350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5840 comm="syz.5.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[  102.297526][   T29] audit: type=1326 audit(1756947715.307:4351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5840 comm="syz.5.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[  102.321337][   T29] audit: type=1326 audit(1756947715.307:4352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5840 comm="syz.5.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[  102.346231][   T29] audit: type=1326 audit(1756947715.307:4353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5840 comm="syz.5.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[  102.370114][   T29] audit: type=1326 audit(1756947715.307:4354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5840 comm="syz.5.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[  102.394602][   T29] audit: type=1326 audit(1756947715.307:4355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5840 comm="syz.5.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[  102.418315][   T29] audit: type=1326 audit(1756947715.307:4356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5840 comm="syz.5.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[  102.442488][   T29] audit: type=1326 audit(1756947715.307:4357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5840 comm="syz.5.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[  102.744732][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.786041][   T29] audit: type=1326 audit(1756947715.817:4358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5862 comm="syz.2.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[  102.788951][ T5863] loop2: detected capacity change from 0 to 128
[  102.811058][   T29] audit: type=1326 audit(1756947715.817:4359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5862 comm="syz.2.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7298ebe9 code=0x7ffc0000
[  102.846990][ T5863] vfat: Bad value for 'uid'
[  102.848142][ T5861] FAULT_INJECTION: forcing a failure.
[  102.848142][ T5861] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  102.851757][ T5863] vfat: Bad value for 'uid'
[  102.865423][ T5861] CPU: 0 UID: 0 PID: 5861 Comm: syz.1.831 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  102.865529][ T5861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  102.865541][ T5861] Call Trace:
[  102.865546][ T5861]  <TASK>
[  102.865554][ T5861]  __dump_stack+0x1d/0x30
[  102.865576][ T5861]  dump_stack_lvl+0xe8/0x140
[  102.865596][ T5861]  dump_stack+0x15/0x1b
[  102.865612][ T5861]  should_fail_ex+0x265/0x280
[  102.865707][ T5861]  should_fail+0xb/0x20
[  102.865795][ T5861]  should_fail_usercopy+0x1a/0x20
[  102.865853][ T5861]  _copy_from_user+0x1c/0xb0
[  102.865898][ T5861]  memdup_user+0x5e/0xd0
[  102.865923][ T5861]  strndup_user+0x68/0xb0
[  102.865980][ T5861]  __se_sys_mount+0x4d/0x2e0
[  102.866033][ T5861]  ? fput+0x8f/0xc0
[  102.866060][ T5861]  ? ksys_write+0x192/0x1a0
[  102.866082][ T5861]  __x64_sys_mount+0x67/0x80
[  102.866165][ T5861]  x64_sys_call+0x2b4d/0x2ff0
[  102.866186][ T5861]  do_syscall_64+0xd2/0x200
[  102.866212][ T5861]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  102.866246][ T5861]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  102.866313][ T5861]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.866334][ T5861] RIP: 0033:0x7f95eae8ebe9
[  102.866350][ T5861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.866368][ T5861] RSP: 002b:00007f95e98f7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  102.866388][ T5861] RAX: ffffffffffffffda RBX: 00007f95eb0c5fa0 RCX: 00007f95eae8ebe9
[  102.866401][ T5861] RDX: 00002000000002c0 RSI: 0000200000000080 RDI: 0000000000000000
[  102.866488][ T5861] RBP: 00007f95e98f7090 R08: 0000200000000240 R09: 0000000000000000
[  102.866501][ T5861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.866513][ T5861] R13: 00007f95eb0c6038 R14: 00007f95eb0c5fa0 R15: 00007ffca670a338
[  102.866531][ T5861]  </TASK>
[  103.244480][ T5870] netlink: 'syz.3.834': attribute type 30 has an invalid length.
[  103.450978][ T5890] netlink: 14 bytes leftover after parsing attributes in process `syz.5.843'.
[  103.465768][ T5885] hub 2-0:1.0: USB hub found
[  103.470658][ T5885] hub 2-0:1.0: 8 ports detected
[  103.756870][ T5893] loop5: detected capacity change from 0 to 2048
[  103.817944][ T5893] EXT4-fs (loop5): failed to initialize system zone (-117)
[  103.826360][ T5893] EXT4-fs (loop5): mount failed
[  104.248117][ T5922] hub 2-0:1.0: USB hub found
[  104.253946][ T5922] hub 2-0:1.0: 8 ports detected
[  104.390156][ T5927] ALSA: seq fatal error: cannot create timer (-22)
[  104.759500][ T5937] loop2: detected capacity change from 0 to 2048
[  104.839125][ T5937] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.204566][ T5954] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.246334][ T5954] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.286009][ T5954] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.325835][ T5954] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.390173][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.420513][ T5959] ALSA: seq fatal error: cannot create timer (-22)
[  105.438272][  T160] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.588739][  T160] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.599299][  T160] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.604210][ T5965] loop5: detected capacity change from 0 to 512
[  105.609717][  T160] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.633029][ T5965] EXT4-fs: Ignoring removed oldalloc option
[  105.646658][ T5965] EXT4-fs (loop5): 1 truncate cleaned up
[  105.678250][ T5965] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.850801][ T5974] netlink: 'syz.0.872': attribute type 30 has an invalid length.
[  106.137367][ T5984] netlink: 'syz.2.877': attribute type 30 has an invalid length.
[  106.166679][ T4362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.477609][ T6009] FAULT_INJECTION: forcing a failure.
[  106.477609][ T6009] name failslab, interval 1, probability 0, space 0, times 0
[  106.490885][ T6009] CPU: 1 UID: 0 PID: 6009 Comm: syz.2.883 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  106.490912][ T6009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  106.490923][ T6009] Call Trace:
[  106.490930][ T6009]  <TASK>
[  106.490938][ T6009]  __dump_stack+0x1d/0x30
[  106.491003][ T6009]  dump_stack_lvl+0xe8/0x140
[  106.491026][ T6009]  dump_stack+0x15/0x1b
[  106.491053][ T6009]  should_fail_ex+0x265/0x280
[  106.491078][ T6009]  should_failslab+0x8c/0xb0
[  106.491101][ T6009]  kmem_cache_alloc_node_noprof+0x57/0x320
[  106.491174][ T6009]  ? __alloc_skb+0x101/0x320
[  106.491197][ T6009]  __alloc_skb+0x101/0x320
[  106.491220][ T6009]  netlink_alloc_large_skb+0xba/0xf0
[  106.491256][ T6009]  netlink_sendmsg+0x3cf/0x6b0
[  106.491304][ T6009]  ? __pfx_netlink_sendmsg+0x10/0x10
[  106.491332][ T6009]  __sock_sendmsg+0x142/0x180
[  106.491366][ T6009]  ____sys_sendmsg+0x31e/0x4e0
[  106.491394][ T6009]  ___sys_sendmsg+0x17b/0x1d0
[  106.491507][ T6009]  __x64_sys_sendmsg+0xd4/0x160
[  106.491537][ T6009]  x64_sys_call+0x191e/0x2ff0
[  106.491562][ T6009]  do_syscall_64+0xd2/0x200
[  106.491659][ T6009]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  106.491680][ T6009]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  106.491765][ T6009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.491786][ T6009] RIP: 0033:0x7fda7298ebe9
[  106.491801][ T6009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.491867][ T6009] RSP: 002b:00007fda713f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  106.491890][ T6009] RAX: ffffffffffffffda RBX: 00007fda72bc5fa0 RCX: 00007fda7298ebe9
[  106.491905][ T6009] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000006
[  106.491918][ T6009] RBP: 00007fda713f7090 R08: 0000000000000000 R09: 0000000000000000
[  106.491938][ T6009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.491952][ T6009] R13: 00007fda72bc6038 R14: 00007fda72bc5fa0 R15: 00007ffd159ea6e8
[  106.492017][ T6009]  </TASK>
[  107.402004][   T29] kauditd_printk_skb: 216 callbacks suppressed
[  107.402019][   T29] audit: type=1326 audit(1756947720.427:4576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.5.889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[  107.502609][    C1] ==================================================================
[  107.510975][    C1] BUG: KCSAN: data-race in kick_pool / wq_worker_running
[  107.518160][    C1] 
[  107.520666][    C1] read-write to 0xffff888237c29d64 of 4 bytes by task 3569 on cpu 0:
[  107.529165][    C1]  wq_worker_running+0x95/0x120
[  107.534440][    C1]  schedule_timeout+0xb7/0x170
[  107.539320][    C1]  msleep+0x50/0x90
[  107.543410][    C1]  nsim_fib_event_work+0x1ebc/0x21a0
[  107.548883][    C1]  process_scheduled_works+0x4ce/0x9d0
[  107.554631][    C1]  worker_thread+0x582/0x770
[  107.559499][    C1]  kthread+0x486/0x510
[  107.563865][    C1]  ret_from_fork+0xda/0x150
[  107.568485][    C1]  ret_from_fork_asm+0x1a/0x30
[  107.573555][    C1] 
[  107.575888][    C1] read to 0xffff888237c29d64 of 4 bytes by interrupt on cpu 1:
[  107.584649][    C1]  kick_pool+0x49/0x2d0
[  107.588812][    C1]  __queue_work+0x8cb/0xb50
[  107.593829][    C1]  queue_work_on+0xd1/0x160
[  107.598319][    C1]  wg_packet_send_staged_packets+0x83d/0xab0
[  107.604380][    C1]  wg_packet_send_keepalive+0xeb/0x100
[  107.610103][    C1]  wg_expired_send_persistent_keepalive+0x3c/0x50
[  107.616598][    C1]  call_timer_fn+0x38/0x2c0
[  107.621357][    C1]  __run_timer_base+0x415/0x610
[  107.626293][    C1]  run_timer_softirq+0x31/0x70
[  107.631127][    C1]  handle_softirqs+0xb7/0x290
[  107.635939][    C1]  __irq_exit_rcu+0x3a/0xc0
[  107.640602][    C1]  sysvec_apic_timer_interrupt+0x74/0x80
[  107.646429][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  107.652598][    C1]  _raw_spin_unlock_irq+0x2f/0x50
[  107.657720][    C1]  set_current_blocked+0x9d/0xb0
[  107.662860][    C1]  __ia32_sys_rt_sigreturn+0xd3/0x350
[  107.668338][    C1]  x64_sys_call+0x2d3c/0x2ff0
[  107.673080][    C1]  do_syscall_64+0xd2/0x200
[  107.677656][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.683758][    C1] 
[  107.686214][    C1] value changed: 0x00000000 -> 0x00000001
[  107.692148][    C1] 
[  107.694668][    C1] Reported by Kernel Concurrency Sanitizer on:
[  107.700987][    C1] CPU: 1 UID: 0 PID: 5957 Comm: syz.3.866 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  107.710632][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  107.720808][    C1] ==================================================================
[  107.729289][   T29] audit: type=1326 audit(1756947720.427:4577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6034 comm="syz.1.885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95eae8ebe9 code=0x7ffc0000
[  107.752972][   T29] audit: type=1326 audit(1756947720.427:4578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6034 comm="syz.1.885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f95eae8ebe9 code=0x7ffc0000
[  107.777138][   T29] audit: type=1326 audit(1756947720.427:4579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6034 comm="syz.1.885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95eae8ebe9 code=0x7ffc0000
[  107.803993][   T29] audit: type=1326 audit(1756947720.427:4580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6034 comm="syz.1.885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95eae8ebe9 code=0x7ffc0000
[  107.830082][   T29] audit: type=1326 audit(1756947720.427:4581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6034 comm="syz.1.885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95eae8ebe9 code=0x7ffc0000
[  107.855759][   T29] audit: type=1326 audit(1756947720.487:4582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.5.889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[  107.879998][   T29] audit: type=1326 audit(1756947720.487:4583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.5.889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[  107.904024][   T29] audit: type=1326 audit(1756947720.487:4584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.5.889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d968ebe9 code=0x7ffc0000
[  107.928521][   T29] audit: type=1326 audit(1756947720.487:4585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.5.889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f11d9690b07 code=0x7ffc0000