last executing test programs:

5m42.412157957s ago: executing program 4 (id=618):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="02000000040000000800000008"], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0)
r2 = msgget$private(0x0, 0xfffffffffffffffd)
msgrcv(r2, 0x0, 0x0, 0x1, 0x0)
msgsnd(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="0100000000"], 0x8, 0x0)
pipe2$watch_queue(&(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x18)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000006c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x8401)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x40000, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000040)=0x2)
readv(r8, &(0x7f0000000000)=[{&(0x7f0000000440)=""/244, 0xf4}], 0x1)
r9 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000c80)=@bpf_tracing={0x1a, 0xe, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc3c3, 0x0, 0x0, 0x0, 0x5}, [@map_idx={0x18, 0xa, 0x5, 0x0, 0xc}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x40000}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000880)='syzkaller\x00', 0x0, 0x6d, &(0x7f00000008c0)=""/109, 0x41100, 0xe, '\x00', 0x0, 0x1a, r3, 0x8, &(0x7f0000000940)={0x9, 0x5}, 0x8, 0x10, &(0x7f0000000980)={0x4, 0x1, 0x7ff, 0xffffdcc2}, 0x10, 0x2f420, 0xffffffffffffffff, 0xa, &(0x7f0000000a40)=[r3], &(0x7f0000000bc0)=[{0x0, 0x3, 0x5, 0x3}, {0x0, 0x4, 0x8, 0xa}, {0x1, 0x4, 0x5}, {0x5, 0x3, 0x3, 0x1}, {0x1, 0x5, 0x5, 0x1}, {0x2, 0x3, 0x6, 0x5}, {0x0, 0x3, 0x1, 0xb}, {0x3, 0x1, 0x2, 0x9}, {0x1, 0x5, 0xd, 0xb}, {0x4, 0x1, 0x8}], 0x10, 0x7fffffff}, 0x94)
r10 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r10, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r11}, 0x18)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={@map=r10, 0x26, 0x1, 0x86, &(0x7f0000000040)=[0x0, 0x0], 0x2, 0x0, &(0x7f0000000140)=[0x0], &(0x7f0000000180), &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r12=>0x0}, 0x40)
r13 = openat(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x200000, 0x100)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000300)={r11, 0xffffffffffffffff, 0x4, 0x0, @val=@netkit={@void, @value=r13, @void, @void, r12}}, 0x1c)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000a80)={@map=r5, r9, 0x1c, 0xa, r4, @void, @value=r4, @void, @void, r12}, 0x20)
ioctl$TIOCVHANGUP(r8, 0x5437, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000400)=0xffffffffffffffff, 0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000640)={0x726d}, 0x8)

5m41.547449487s ago: executing program 4 (id=624):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000400000008000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x3000003, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)

5m41.546866277s ago: executing program 4 (id=625):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x8404, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, @perf_bp={&(0x7f0000000080)}, 0x400, 0x0, 0x0, 0x0, 0x0, 0x1fffffff, 0x0, 0x0, 0x40, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

5m41.528717468s ago: executing program 4 (id=626):
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(0xffffffffffffffff, 0x4018f50b, &(0x7f0000000080)={0x0, 0xffffffffffff8001, 0x9})
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000100)='./file1\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x110)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0xc0185879, &(0x7f0000000000)={@desc={0x1, 0x0, @auto='\x00\x00&\x00'}})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)

5m41.129452921s ago: executing program 4 (id=631):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x97a3}, 0x18)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r5, 0x4b72, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x5, 0x200, &(0x7f0000000c00)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a73090000000000001b0f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)

5m40.538448819s ago: executing program 4 (id=637):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000280)={'wg2\x00'})
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='net/tcp6\x00')
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f00000001c0)=0x800001, 0x4)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0x8)
preadv(r1, &(0x7f00000000c0)=[{&(0x7f00000008c0)=""/4106, 0x1000}], 0x1000005a, 0x141, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffcaa, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000100)=ANY=[@ANYRES64=r3], &(0x7f0000000240)='GPL\x00', 0x2000000, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x2}, 0x20, 0xfffffffffffffffb, 0x0)
io_setup(0x8, &(0x7f0000002740)=<r4=>0x0)
io_getevents(r4, 0x4, 0x0, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
io_submit(r4, 0x1, &(0x7f0000000480)=[&(0x7f0000000880)={0x0, 0x0, 0x0, 0x7, 0x8, r5, 0x0, 0x0, 0x6}])
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000580)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x57, 0x7fc00100}]})
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r7, 0xc0502100, &(0x7f00000002c0)={<r8=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r7, 0xc0182101, &(0x7f00000000c0)={r8})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r7, 0xc0502100, &(0x7f0000002780)={<r9=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r7, 0x40182103, &(0x7f0000000080)={r9, 0x3, r6, 0x5})

5m40.511514801s ago: executing program 32 (id=637):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000280)={'wg2\x00'})
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='net/tcp6\x00')
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f00000001c0)=0x800001, 0x4)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0x8)
preadv(r1, &(0x7f00000000c0)=[{&(0x7f00000008c0)=""/4106, 0x1000}], 0x1000005a, 0x141, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffcaa, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000100)=ANY=[@ANYRES64=r3], &(0x7f0000000240)='GPL\x00', 0x2000000, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x2}, 0x20, 0xfffffffffffffffb, 0x0)
io_setup(0x8, &(0x7f0000002740)=<r4=>0x0)
io_getevents(r4, 0x4, 0x0, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
io_submit(r4, 0x1, &(0x7f0000000480)=[&(0x7f0000000880)={0x0, 0x0, 0x0, 0x7, 0x8, r5, 0x0, 0x0, 0x6}])
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000580)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x57, 0x7fc00100}]})
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r7, 0xc0502100, &(0x7f00000002c0)={<r8=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r7, 0xc0182101, &(0x7f00000000c0)={r8})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r7, 0xc0502100, &(0x7f0000002780)={<r9=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r7, 0x40182103, &(0x7f0000000080)={r9, 0x3, r6, 0x5})

7.630896993s ago: executing program 0 (id=4847):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x2704, &(0x7f0000000000)={0x0, 0x19, 0x4, 0x0, 0x136}, &(0x7f0000ff0000), 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000600"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1b, 0xd, &(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYBLOB], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000a00)=ANY=[@ANYRESDEC=r0], &(0x7f0000001380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x52, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000140)='bridge0\x00', 0x52c)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0})
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000080)={@initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010100, r4}, 0xc)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000380)={'sit0\x00', &(0x7f00000005c0)={'syztnl2\x00', <r5=>0x0, 0x7800, 0x700, 0x0, 0x0, {{0x32, 0x4, 0x0, 0x1b, 0xc8, 0x66, 0x9, 0xc, 0x2f, 0x0, @loopback, @loopback, {[@timestamp={0x44, 0x20, 0x7b, 0x0, 0x7, [0x6, 0x9, 0x1, 0x9, 0x8001, 0x40000, 0x9]}, @ssrr={0x89, 0x23, 0xd5, [@broadcast, @multicast2, @remote, @broadcast, @remote, @rand_addr=0x64010101, @remote, @empty]}, @ssrr={0x89, 0x23, 0x99, [@rand_addr=0x64010100, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, @loopback, @multicast1, @rand_addr=0x64010100]}, @timestamp_addr={0x44, 0xc, 0x1a, 0x1, 0x5, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x9}]}, @lsrr={0x83, 0x7, 0x4, [@multicast2]}, @timestamp_prespec={0x44, 0x24, 0xf7, 0x3, 0x9, [{@initdev={0xac, 0x1e, 0x1, 0x0}}, {@local, 0x81}, {@loopback, 0x3}, {@remote, 0x63}]}, @timestamp_prespec={0x44, 0xc, 0xe5, 0x3, 0x1, [{@multicast1, 0x6}]}, @rr={0x7, 0xb, 0x35, [@multicast2, @rand_addr=0x64010100]}]}}}}})
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000700)={<r6=>0x0, @multicast1, @remote}, &(0x7f0000000740)=0xc)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000800)={'sit0\x00', &(0x7f0000000780)={'tunl0\x00', <r7=>0x0, 0x10, 0x8, 0x4, 0x40, {{0xa, 0x4, 0x3, 0x2, 0x28, 0x64, 0x0, 0x40, 0x2f, 0x0, @empty, @remote, {[@generic={0x86, 0xe, "7407e389954ee276aceb4b55"}, @ra={0x94, 0x4}]}}}}})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000840)={'veth1_to_bond\x00', <r8=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000880)={'batadv0\x00', <r9=>0x0})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000980)={r0, 0x58, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r10=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000ac0)={'vxcan1\x00', <r11=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000f00)={'tunl0\x00', &(0x7f0000000b00)={'syztnl1\x00', <r12=>0x0, 0x20, 0x10, 0x2, 0x1, {{0x1c, 0x4, 0x1, 0x3, 0x70, 0x67, 0x0, 0x7, 0x0, 0x0, @private=0xa010100, @private=0xa010102, {[@lsrr={0x83, 0x13, 0xb8, [@loopback, @multicast2, @dev={0xac, 0x14, 0x14, 0x44}, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @timestamp_addr={0x44, 0x14, 0x67, 0x1, 0x9, [{@multicast2, 0x8}, {@multicast2, 0x8}]}, @timestamp_addr={0x44, 0x34, 0xf4, 0x1, 0x2, [{@remote, 0x7}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x5}, {@local, 0x9}, {@private=0xa010101, 0x1}, {@empty, 0x7}, {@broadcast}]}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000fc0)={'ip6gre0\x00', &(0x7f0000000f40)={'syztnl2\x00', <r13=>0x0, 0x4, 0xb4, 0xa, 0x7, 0x8, @private1, @private2={0xfc, 0x2, '\x00', 0x1}, 0x21, 0x7800, 0x8, 0x7}})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000001080)={'ip6tnl0\x00', &(0x7f0000001000)={'ip6_vti0\x00', <r14=>0x0, 0x29, 0xb, 0xf, 0x5585, 0x2, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xf880, 0x8000, 0x1, 0x4}})
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000001300)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000012c0)={&(0x7f00000010c0)={0x1e0, 0x0, 0x800, 0x70bd27, 0x25dfdbfc, {}, [@HEADER={0x90, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x78, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}]}]}, 0x1e0}, 0x1, 0x0, 0x0, 0x80}, 0x1010)
bind$rds(r2, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x41}}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, 0x0, 0x1000}}], 0x90}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x410, &(0x7f0000000140)=ANY=[@ANYBLOB="696f636861727365743d61736369692c636865636b3d7374726963742c008dc72788a4fd1d7a9e96f5af8b1e45accead19436f26d694969a11ba75120b4d62f34885979931a363c752e585ec3604e30dbe2a796fc821132b494dde1c10c9dd6e964a204d3419f8429a34ad0f9eef6d8e64551e180300000043f138d74174cf31003d8e2e285a38f0c00baa5f773735f6e6eb3d29d249635d3f5317a9cd809294ebc15b04d444ccb0c1a90e8e0587fae4eefddd7e3d5c20a076101fd7f3ee5634000000000000fda9bc4dbfe77e9b101986ec88"], 0xfe, 0x340, &(0x7f0000000bc0)="$eJzs3T9rZFUYB+B3Y5KRleykEEFBPGijzZDEwtZBdkEMKHEjq4Vw19ysw9ydCXOHlVnEtbP1E1hYLpZ2gvgF0tjb2aWx3EK8Mn82m8Qga3S8WfI8EM4L5/5yz5nhDm8zcw5ufH27u1u2drNhLLyZYiEiFh5ErE6qqUuzcWFSL8dRX8ZrzRu/vPj+hx+9097cvLqV0rX29dc3UkpXXvrxs8+/e/mn4TMffH/lh0bsr3588NvGr/vP7T9/8Mf1Tztl6pSp1x+mLN3s94fZzSJPO52y20rpvSLPyjx1emU+ODa/W/T39kYp6+2sXN4b5GWZst4odfNRGvbTcDBK2a2s00utViutXI6L5Sz73b6/tZW157AYzpHBoJ2Nn+HGX2a279eyIACgVues/3/YojxW/78UEVlvtDTLXPD+/yz+Tf9/6b9eDHMy7v+XZ8/vcfp/AAAAAAAAAAAAAAB4EjyoqmZVVc2H48m/utfHfHn/L7YjX9x7OqL46s72ne3pOJ1v70YnishjLZpLEVEdmtbX3t68upYmVmPl9r1pfjw+dTy/Hs1YPT2/nlKq7qV0PL80+UWLcX5xnN+IZjx7en5jev8T+eV49ZUj929FM37+JPpRxM5kH4/yX6yn9Na7myfyjcl1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwMrXToxPn9s/nW388fnq+/Fs34/fTz+ddOPZ9/MV5YrHXrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCoHN3tZkWRD85RUc2c/f/c+rb+XfyTImJWNB7j4m8aNa/5jYio+xVTzLuo+5MJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/n+PDv2ueyUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUqRzd7WZFkQ/mWNS9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCfJnwEAAP//cTwlMA==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x1f0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)

7.576120077s ago: executing program 0 (id=4848):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x9}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

7.390181632s ago: executing program 0 (id=4850):
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
writev(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0xf, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf090000000000005509010000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000300), 0x100, 0x0)
read$ptp(r3, &(0x7f0000000380)=""/104, 0x68)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x1, 0x91, 0x1ff, 0x801, 0x1}, 0x1c)
bind$tipc(r4, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
r6 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
ioctl$USBDEVFS_SUBMITURB(r6, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x9, 0x80, 0x0, 0x0, 0x101, 0x0})
close_range(r5, 0xffffffffffffffff, 0x0)

2.853385689s ago: executing program 0 (id=4927):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c)
unshare(0x22020400)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x9, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000180)={'sit0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x8, 0x81, 0x6, 0x3, {{0x7, 0x4, 0x0, 0x2, 0x1c, 0x64, 0x0, 0x5, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, {[@ra={0x94, 0x4}, @end]}}}}})
sendmsg$MPTCP_PM_CMD_ANNOUNCE(r3, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000400)=ANY=[], 0x40}, 0x1, 0x0, 0x0, 0x804}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000800000000101"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x18)
r6 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
read$usbmon(r6, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r3, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000300), 0x4)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x82, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffbfffff, 0x2, @perf_bp={&(0x7f0000000080)}, 0x400, 0x200000000000, 0x0, 0x0, 0x0, 0x1fffffff, 0x0, 0x0, 0x40, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='smaps_rollup\x00')
fchdir(r8)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000100)={0xa, 0x4e24, 0x8, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x21}}, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f0000000080)="88", 0x1}], 0x1}, 0x4048043)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xfffffff2, @empty, 0x2}}, 0x1000000, 0x31, 0xffff1896, 0x3, 0x26, 0x0, 0x1b}, 0x9c)

1.954412642s ago: executing program 0 (id=4936):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000300)=0x8)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000140)={r4, 0xe0d, 0x4, 0x7, 0x2, 0x8001}, 0x14)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$kcm(0x2a, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f00000001c0)={&(0x7f0000000140)=@qipcrtr, 0x80, 0x0}, 0x0)
sendmsg$kcm(r7, &(0x7f0000001540)={&(0x7f0000000000)=@qipcrtr={0x2a, 0xffffffff, 0xffff0002}, 0x80, 0x0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r6}, 0x10)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0x20, &(0x7f0000000300)={&(0x7f0000000200)=""/183, 0xb7, <r8=>0x0, &(0x7f00000003c0)=""/166, 0xa6}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0xe, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180200000300000000000000000000008500000027000000850000008a00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r8, 0x4)
gettid()
r9 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r9, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@local, @in, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x8000}, {0x800, 0x0, 0x8}}, {{@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3}}, 0xe8)
r10 = socket$key(0xf, 0x3, 0x2)
r11 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_mptcp_buf(r11, 0x11c, 0xcfa5f3b4d91b6c2b, 0x0, 0x0)
sendmsg$key(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000d40)=ANY=[@ANYBLOB="0212000005020000fcffffff0000000001020900008000006bdae99676f5d98b222c1d175b1bde5f2af814867595cca148f284845d6726daecb906b52bcbe4a0671f0cfe91064a71252070eab7b079faae2437c1c6375c071120ac3c3dfb0e5500269ca1cd7c4713a0369feb90311ab8556d5bac400f5ffbe90545162b4d370163c56d991d223d5da19c52bdbff65404e119035c710bccfff638d731934ecdd791b655adfc821d0887903e07df64c986fa6fb88f4a7d0b3f81044ac984488238d0f3c48cf099ab574e73f1a68d600ab06ec38d634b447f1d4aad0dd4f056494500bab1d7792480ea186568121117e75c05a8bde6476b7304bb2b64f14f54921845a91f868fa925cf0a818b9bba4ea375d10464e94cba1fefd1cf5efc16c2e5c1cf9adb172617d21d333c27c4554adf58cd7508fe0eed1a11186e77fce9e4518b7280db2fc8acac72e4934e0ae31d2132afdb95c105813b90284c0f3bd48d2bae45cd2d03aeb092f6ad45692fc26c26909b57d12e3bf2024de3edce03c2dd8cf1081fbc181cb24fb432907ee893125e386edee1e48b5fb72dc536fd879fc356b5bff8ae29afeda341fbb0fbba2d1a133f05b1cac0479743ca5c562d8a9d0ddb7bee5282f97fea614ca3aab3c10d6d6a81f495737f3787737ade4f9af413bc0298d7364c46dbcacedb88aba3b4add5e20c7927ca485152618468c3d23edc4d9cd368d4791e555fd2b8ec465a838f331950b862e23a9d8291dc879d7ea58209a3372319c8a5f2db16e3ebd1e349eb699a79faa391f8cee02ba5e9d1bc0f71b4e912681dfe4716c490dbf06199553c3bac487a1f2964d2f5fd7f064807dd11c3ca2f12c7a3ec79362c247f63d20d3ca52f0474b47c40a394ddfed196dce0259bf849bcb86f2d4919522d46f87443998f7ed5e40da41a80428d3b6e3845a9b377b3c6577add73ead5d1dc4d3620b53818be04d9f7ba74600cf5b462a7ed38b53b701465a152983c8fabe301fc42bebcb7c631e94afec308dee54b51e9c1df0f446fcd47612e90a275e51516310c59eb67c1e3b2da93bd52a7c9c4135fdc36027aad74c3cfd5c6ca6f5ae914a7cab1a3a5d397422163c49c609f53bd370fdecb126cea447defd3d448dadf5079430c058cba11fbb17c14ea71f96091f9a5d3a034ae9b34ac7a0b1d4eca440a51e4cd265911eeba260345b28ac84c065553e9aace53f1f29aa6b80ef7c4070192e4c12cb4389c3476b1f0a69825fdf4de60e9d02266fe9f50cba35775b2103bf85b312b04f3c6bec4b67e1b642a6b9bbef45d28ea1af055bf3c6cc62cb571cfbc4229c7d5aa62a2ed3ce2f42666fa295c71f44263c703d207fb6925f303a3facbd7afa4dccb0b6c37cf8e8a3fdc8ed1cfff049b48a94e50a5631a75589317dbcfd154f16e7dddac2945baf059a2aa4b14b9ac1d411c81dc600343abf5e9c4750e190a5116bab2258d8f1d5e0d3ab740423267be7e21c2eac41ae2aefead42fd71f91c4c3694617fb7fc265a48c3b82eea6e57c90824914847f857deb94c810b34ad53a9824127c2fef4cc5d7fd23307dd90c01bc32c79c2344459a58442b59260d8e21dc41f0b54d5d5433b9fd44ba4803766cacfec5bb5fd1ca3ccbc7c11cfd7274b526b9b61a231499a83831b9be1f708cde614165ce3bd0ccd42ab401bcd35143199d43395107e240e61c3abbcbad69a53ec9205bc2946dab619214ae55dfc6aad9a72683cb84f489efd02f1d439d6abfc4a9d2588c4db6419a7dd6c2387461298941a1d8d5bf4c0e35d0294014f217985cca434d557899c3090c236efe06bc9f2c5dc46f67896d56450a0aa4b6b6247ce45c12a1f547825cbac09f13bb48200ee1f85b00a0ce88723c19449fe2bbe500861bb03dbc2ae489e9b3f5ddaea3b4459be8aebd66cdc054affa87d60e0e86bb0ce56f604f697c5be3cb868e6dad28e3366ef5b6e9a26f8e1ba44d700eda13fa3f589ae638843a8a98c157f25c5e88c3df285e1e70d32110614c51d0e0a74abc7800006cf0d1d3d66e84ec726edc5c52f26f702d182e702be580bf74670201ebeffecc62630b637320626cbac4e9e98c608252e3932da36804e3e1e3ec3bee53bcf0071088c84f2a014b0122dcd9507d6003e63e34d7b59807dd24907e17ba43b83af0b734d9861870f137464be924a415a7607d7c2936c9156f6bc604c51600c558cdf18fe73fffa575443a4174311ecab11cd96572306b00a8998c20bb3879c37c9d400b06f03fd7b54ab24cefc134176df98af05086839f83eeaa9efa3e7629bdb0bc8377020b040e86cf36ff9f2bcc788091c9285b423cc7670a8290c394db287b24533b508a7df6786d571e6be8cd989ea2d1b846a03f24fcdae10333f55461716292e0589efbf61462943b8c8544ac128c8ce01e99ae5ba81cf037e86e1f35271c405c640a8429bc189a749033b831ef71bfb05fa72d2da716f2d86046296f481e4364f7e033dcb4fed15eb0937a66b62143ad51e76242f4cf425d662eeeb179a46a059489c2bbdee163cf5ac3d0fb6441bf171a7c34bbbcf2e3a59e637d35f32301d9d4a85b2a1db1a5cb6fffa7ebec998674711fdfd49297d7ac33f5c89d0999172bc3dad8e76ac1f081e4c1bb755562ff5715361000f56fb464881dfe6abb4f039a139f8fb2e2dca14b895ad3ee1d2835e0cd47051ea34d855b7c8387ef1a85d94b851602cbdb2242a2afb59d26292be2ebbd8ca3b2866b293c1ef2048dd65addb63230643502ab8e9548dfee031ee8306344f89973dc22712ae6896ab40c61e6093c026524da15ca192b1ecd14ec10cebfea7faed1a9bae2be7edf9c53182805fa4af868751ff3758b9c4f7e877dc8e16475592c85bda5a62c1b38938ac3b7031773c06c5eb5539baeb0588e6ede91d2da317a1a823045e375bb4ac29d6dc75d228a4ade916671eccd320ee5c0298650b541d98c4d1e09ed841f1cffbf0c7551c5ae725ad0f77f612829a409becb4e60ccc3cbb80d77e8d9bac59cfcac2c8a4c857f862747473148d9089dc56ed827784a63390eeb78f791c75c4eb3a1efad0f75e062cc4948e4b1b67a373494b88ff819a695ceac580bdd7b2c63222a663432e31b8531ee74d34afa70266ffe08d6ab6439c1b442df9195bd1b729d9ebfa25f326e48f7104303120046b2f1eb45c59a415b68d9cc3f6ca68dadf64748393f4c1f4a5876173ef0c95ea73c682b05e9e05c9a8a1d65500106a980f0a0effa10b93a03715f40f851d122a15fd4b60740a711b1121c146bb59b740ccf8db57b2eee36e4c5a3c6aadaca73b9637cb21f1d87acd9b76885b8694a5d036b6e3dde6ceb589575b6414bef68ae179973b5e04012a3ad10c55f9049ccd757185583633543f556967796eeebb8348e969860fdeb9166f1a431d44a2ae6e73c75d3b891ea014ce2be631c9d1eb301c7043aa03b66218095c0375ed12090e5bc32c44e3ddfbbcbe48f8d396e489db24cd7d8779d659b48193b96374e2937d3087e911b4d1c70cef3b984a72f80ed2f17ef50aab6f5931c897367aa6dd86e8e93de921c611f112f676e34b4ee720f46434b2c70742c1af99bee1b0c72683cd840bbba4e75e3a0128d0ebf1010dea64f896ef3cfd82a73fe329ce53b63697cb7bc0c03e127fd59d3241646f62a25ceb692d9e469c649dec8b693975d718d89394345b684ea2507d295422c88892de4e69c71e2dbf6bfd160a1c20b63e6e21b73d6bb14377ce3578664196f7ab33be87d3fe5772415361f857f6128b7ecd261638f4133f6384b1e2ba1c045985636e818e622460d4ef2af43267efb71168a92d22ec6b337158d3bcff2f0913ece4258ba89b5e19f8cae9c7f87ac8d051247f3635f398404f1d9fb1ace4082dd6897024070dddd7942b566d3f7f2a4fd9ec148397ddb814057c66b738f45ccb08f2f9ed8c5c8735a9c6938b7c5260a8cb0cbfd2bb9656592b4a70f368ecdcc8fdfcd52ad0ea0b9c3152147e9e441519eb1a69bc1b216fda362376ce23729bd384e8579c37aadf759b6c23ea54bfde28652d0b37cbcea221da9125919212cbad64e4aec3075bb70cc7eca71a25cb2a77c898fd775d74d61dcfcbff9d4d20102f3b5c804ccc3bb711b88140508a8802dcb205ebff54cbd9af252f36cf44b2337c382a7562ad6fc035313bff7f7d30a45fe01a083fb744460147a3a4b34b8dcc047607f38ba6b927c93872830e8d0c84031889b29afc2ef3944c4c0a3f3060f337bf0da8c7209e79a81f09330ecbf0024dcf85f7e4ec644867f5343f259825b1f421c51d30f3da87bbcb67946f133c6a4add120054b1b8a16a12a58352d37425f68d55e8e3a0391ed03085fef286214f51ab917906b2b9fcbf6ef85e04ba368f8811f9ec5a3a112c1b498f553e6659ed41b10ad141d921cca6878c7e1960380a2d0f86226f6b7e95a9639b41be4f73c392d3e7b133cfc2009f6a02edcfeb11bd2c84b3fcf50d4cb0d49f770ae2c71c73c766d327fb0c8d79c9908e1f7292eff8657f0ff0542df3127613c31cc2387d270b9510bd0a9709d80ed781b828d3a0f92df1be687206d572066d44b9afcf6b440b7298bf30f657fd9f986debea4f23032f37d711859854a134e7ad44613643eb7104e624e0bc34dddc2dd0ecee2bd04a87b03e06864710c51d561f28718c88ddc35dcbf23f1c5f0ef8149e24949e1d50572f039da9ef0fd29934fc6c7bcc9c44771b0d8c1dd739796eedd036abd78f4f26da1bb680138f9191eac4669d84e4866974257d8438f3253198b0478d33c325f633aaf85d9e6056766d1a17fa6cc1e1d639cf59dd06c1d8c1f4d48ea9ab2c3cc08fa812821eda5f32f17e808c14002aa846ee6f18177d27e6f715462e5562f0f7afbe6f5fa6ec031536b478733270175d928a46bc23cf14ed073854afd5032a8bef43d4c5664e159ffa7e9cdef4fe17c2c5ef36c6e6ddf342d16ce207cfe09b8067f2e48c6bae69b620d8be76725200b63522d766517203c6641e7d891469bf239c7a48d14f7c690e182c4f6a1fd02f2aa1b97dbecb8e120cc0fbd374ff598c53cb505698f94429466b97acb1a0232169e0e19e9ad7e3a41ee63e3b9ddcc0d40385c3d5acbb51e1987821de029bd9dc1fabd200a2e55bf786c52ae9ffc335d8a82e9156705ebfaff0992c1f5bca9d0d020834fea9163fcb691bf06deb6f92b76e2c21b3fa1625910846f3c715cbfb7de75209aec43c1a9acd2b4f833ac3a3883ba23349aa2a439871764c54ac8842a4a10280ff498072928aa1b4ced9ab3d9d27e4b5fab13bb979788848f7a4239896fe73a176a38766ed7fa1e84e88efb12a9c75c2e4431396b192b9dc4fa92343a702538feef01ae577fa443f4b50666bb87fc62577045963e8168981e1b6063b7454345a84dfdb278a4090d155220a18fd21e90a2c84943d947f5079aaa3e04364ffeb8a804df0f6e3c1b45782fcd5a4535940f26636ee79188ccb2ba071e0c832d9e9a9a391e0992e0f6965100ad2e6608d5db25847b2aa794ea6ee9b7687a1f9357320d073d06db8c38fbdc1be781bf53d05a5deeeb9e8d8ff66876b3a88b309d27bb83f8b3390947fd97c9f9ea41b215803088ac254cdab849291ed081e4a0cfd611fb7819d50753121bdda8770ad38d84bfadd9da9d7e9ffa5b9af3b9b8c13d7f73d920173137a6d4d17f2a2d0605926a68623947ee798dffe22746288195a718ae5dbfcc03b7da8a8ff0aa40c133b56c0c3ee95dd1dfaadafbdb37dc17ec84b0a0ce29ad46d50ef4fde31b6ba31c76498091fea2ef0c785be2daf492121dbc2101fd102000a"], 0x1028}}, 0x20000050)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095", @ANYBLOB="d2f678cae3df1c6a63324d38777e2d98e805e7abbca9fd9db25f00cc4538728150237d58dcccb515b5381ae0517adb8d5b3248e4863f7753"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r12}, 0x18)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0)

1.929747814s ago: executing program 0 (id=4937):
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
writev(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0xf, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf090000000000005509010000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000300), 0x100, 0x0)
read$ptp(r3, &(0x7f0000000380)=""/104, 0x68)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x1, 0x91, 0x1ff, 0x801, 0x1}, 0x1c)
bind$tipc(r4, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
r6 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
ioctl$USBDEVFS_SUBMITURB(r6, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x9, 0x80, 0x0, 0x0, 0x101, 0x0})
close_range(r5, 0xffffffffffffffff, 0x0)

1.793559055s ago: executing program 1 (id=4941):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000480)=@o_path={&(0x7f0000000440)='./file0\x00', r1, 0x4000, r2}, 0x18)

1.790746576s ago: executing program 1 (id=4942):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r0}, 0x38)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c010000100013070000000000000000ffffffff000000000000000000000000ff60000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000033000000ff0100000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000fdffffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000006a000000000000004c001400636d61632861657329"], 0x13c}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000019200)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18)
r3 = socket(0x1e, 0x1, 0x0)
shutdown(r3, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'syzkaller0\x00'})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000b80)={'tunl0\x00', &(0x7f0000000ac0)={'gretap0\x00', 0x0, 0x8, 0x10, 0x4, 0x2df, {{0x17, 0x4, 0x2, 0x38, 0x5c, 0x66, 0x0, 0x1, 0x29, 0x0, @rand_addr=0x64010101, @loopback, {[@cipso={0x86, 0x18, 0xffffffffffffffff, [{0x1, 0x12, "1e2d0b7e485e1e1e209f4575a8d103b0"}]}, @timestamp_addr={0x44, 0xc, 0xd4, 0x1, 0x6, [{@broadcast, 0x7fff}]}, @timestamp_prespec={0x44, 0x24, 0xfa, 0x3, 0xc, [{@broadcast, 0x6}, {@dev={0xac, 0x14, 0x14, 0x37}, 0x9}, {@multicast2, 0x8}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x9}]}]}}}}})
openat$rfkill(0xffffffffffffff9c, 0x0, 0x80100, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
umount2(&(0x7f0000000540)='.\x00', 0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r5=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522ec, 0x0, {0x0, 0x0, 0x74, r5, {0x10, 0xf}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

1.759560718s ago: executing program 1 (id=4943):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
syz_usbip_server_init(0x3)
r1 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040), 0x10)
perf_event_open(&(0x7f0000000000)={0x1, 0xffffffffffffffc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffc, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x10848a, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r1, 0x0)
r2 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080), 0x10)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x29, 0x41, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000340)={[0x2]}, 0x8)

1.537156746s ago: executing program 3 (id=4947):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x9}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

1.409861066s ago: executing program 3 (id=4948):
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={0xffffffffffffffff, 0x6, 0x9, 0x7fffffff})
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f0000000a00), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000800)=@ipv6_newrule={0x38, 0x20, 0x1, 0x70bd2d, 0x0, {0xa, 0x80, 0x20, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10017}, [@FRA_SRC={0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, @FIB_RULE_POLICY=@FRA_PRIORITY={0x8, 0x6, 0x800}]}, 0x38}}, 0x20040044)
socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="5c0000001000390400"/19, @ANYRES32=0x0, @ANYBLOB="00000000000000003c0012800b000100697036746e6c00002c0002", @ANYBLOB="3ae8ef4b5e4aad464f8c4f02971d3b663949b00f0d07144f43933960481abe116a71e9b07918dc3ac05360858a42d120d67f8cd265459bbc0ecdf7aa2c662f8d3bc7ea516eac7bad12c5f69bd8009859b9f771085a7b0e7ed9d6dd5dbc89affdcdaf79403424dd4dccb798f69642d63df94c9df759a1df1969de5ba741801d2404edf7144442ae6ea76c1552603ac354549eeabf0a17386a38482b786be5a1"], 0x5c}}, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, &(0x7f0000000040)=0x3, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
ptrace(0x10, 0x0)
ptrace$setregset(0x4205, 0x0, 0x1, &(0x7f00000001c0)={&(0x7f0000000000)="c945b941eb", 0x5})
r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x7, 0x0, 0x0, 0x0, 0x40008, 0x590, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x4c58, 0x1, 0x0, 0x0, 0x8, 0x4ac, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x6, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000680)={&(0x7f0000000500)={0x5c, 0x2, 0x6, 0x201, 0x0, 0x0, {0x1, 0x0, 0x7}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x7}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x1}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x28f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x88}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x58051}, 0x4004004)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, r1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x40040c0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(0xffffffffffffffff, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
rt_sigsuspend(&(0x7f00000002c0)={[0x225c17d03]}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xb, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000005000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)

1.177401305s ago: executing program 1 (id=4950):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x104, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r2 = socket$kcm(0x1e, 0x1, 0x0)
sendmsg$kcm(r2, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f00000015c0)=ANY=[], 0x11f0}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2)
shmget(0x0, 0x1000, 0x10, &(0x7f0000ffe000/0x1000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = socket(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
recvfrom$inet_nvme(r3, &(0x7f0000000540)=""/190, 0xbe, 0x20, &(0x7f0000000600)=@ieee802154, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x400252}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000300)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000500)=@IORING_OP_READ=@pass_buffer={0x16, 0x2, 0x2000, @fd, 0x9, 0x0, 0x0, 0x2})
io_uring_enter(r6, 0x627, 0x4c1, 0x43, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r5}, 0x10)

1.085424983s ago: executing program 5 (id=4953):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r0}, 0x38)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c010000100013070000000000000000ffffffff000000000000000000000000ff60000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000033000000ff0100000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000fdffffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000006a000000000000004c001400636d61632861657329"], 0x13c}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000019200)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18)
r3 = socket(0x1e, 0x1, 0x0)
shutdown(r3, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'syzkaller0\x00'})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000b80)={'tunl0\x00', &(0x7f0000000ac0)={'gretap0\x00', 0x0, 0x8, 0x10, 0x4, 0x2df, {{0x17, 0x4, 0x2, 0x38, 0x5c, 0x66, 0x0, 0x1, 0x29, 0x0, @rand_addr=0x64010101, @loopback, {[@cipso={0x86, 0x18, 0xffffffffffffffff, [{0x1, 0x12, "1e2d0b7e485e1e1e209f4575a8d103b0"}]}, @timestamp_addr={0x44, 0xc, 0xd4, 0x1, 0x6, [{@broadcast, 0x7fff}]}, @timestamp_prespec={0x44, 0x24, 0xfa, 0x3, 0xc, [{@broadcast, 0x6}, {@dev={0xac, 0x14, 0x14, 0x37}, 0x9}, {@multicast2, 0x8}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x9}]}]}}}}})
openat$rfkill(0xffffffffffffff9c, 0x0, 0x80100, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
umount2(&(0x7f0000000540)='.\x00', 0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r5=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522ec, 0x0, {0x0, 0x0, 0x74, r5, {0x10, 0xf}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

1.079056053s ago: executing program 5 (id=4954):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r0, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}}}, 0x24}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x11, &(0x7f0000000300)={&(0x7f00000003c0)=@delchain={0x3c, 0x2c, 0xf31, 0x600, 0x2000, {0x0, 0x0, 0x0, r5, {}, {0xfff2, 0xffff}, {0xffff, 0x1}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x2}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008844}, 0x4010)

1.030646196s ago: executing program 5 (id=4955):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x7, &(0x7f0000000100)=ANY=[@ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="0000002f252c1100b702000037620000850000008600000095"], &(0x7f0000000040)='syzkaller\x00', 0x10000, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xd, 0x4, &(0x7f0000000280)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x10000, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x246998b5f15d852, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2567}, 0x94)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sendmsg$netlink(r1, &(0x7f00000001c0), 0x40000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0600000c8abe1000ff0f00000775fca1e48e3cfea525f14ef1c05e85b842a1533315df2a0ad0763654c8556cdf29ce994462a8f7ec8ee2d2ad6da6be1b4220b192d3abaa1f41a8984d710411881dcdcd19f05abcbb11d5e35b91c7c0e2216d3c53907a92f199a4f14b9ec18e106a235e2e8975add6f8fc", @ANYRESOCT=r0], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x10, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000580)='sys_enter\x00', r3, 0x0, 0x3}, 0x18)
recvmsg(0xffffffffffffffff, 0x0, 0x40002002)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000e40)=0x100000001, 0x4)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000002c0), 0xffb2)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x2, &(0x7f0000000280)=@gcm_256={{0x304}, "3f60eb8f2777c39a", "5985e81ad0d9585bc175cbecd3f55eb699e3070cc206f3ba527c85bde06fbf19", "bc5ec28f", "b200"}, 0x38)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r5, 0x0)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x4, &(0x7f0000000000)=@gcm_256={{0x303}, "d053e8ef5e1518b7", "299e1529ffcde9e001be52f03dfb3d8dd2d7b241998107d4a776213e2e9db50c", "102a9dad", "e14c245372404f89"}, 0x38)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r6)

887.747748ms ago: executing program 5 (id=4956):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x1008a, &(0x7f00000000c0)={[{@nomblk_io_submit}, {@noquota, 0x22}, {@errors_continue}, {@noload}, {@mblk_io_submit}, {@grpjquota, 0x22}, {@errors_continue}, {@errors_remount}, {@jqfmt_vfsv1}]}, 0xfe, 0x455, &(0x7f0000000fc0)="$eJzs3M9PHFUcAPDv7rJQ2iJY649iq2g1En9AoT/swUuNJh40MdFDjScE2mC3xRRMbEMUPeDRNPFuPJr4F3ixXox6MvGqd2NCDBerpzWzO0O3sAssLGx1P59k4L19b/Ped2be7ts3OxtAxxpK/uQiDkbErxHRX83eWWGo+u/WysLk3ysLk7kol9/4M1ep99fKwmRWNXvegWqmXN6g3aW3IyZKpemraX50/vJ7o3PXrj83c3ni4vTF6SvjZ8+eOnms+8z46ZbE2Zf0dfDD2aNHXnnrxmuT52+88+PXSX8PpuW1cbTKUHXv1vVkqxtrs76adK6rjR2hKYWISA5XsTL++6MQvatl/fHyJ23tHLCryuV8uadx8WIZ+B9LJupAJ8re6JPPv9m2R1OPu8LyuVhdx7iVbtWSrsindYrpZ6TdMBQR5xf/+SLZYpfWIQAAat08FxHP1pv/5eOBmnr3pNeGBiLi3og4FBH3RcThiLg/olL3wYh4qMn2114hWT//KfdvK7AtSuZ/L6TXtu6c/2WzvxgopLm+SvzF3IWZ0vSJdJ8MR7EnyY9t0MZ3L/3yWaOy2vlfsiXtZ3PBtB9/dK1ZoJuamJ/YScy1lj+OGOyqF39udc6bzI+PRMTgNtuYefqro43KNo9/Ay2YlJe/jHiqevwXY038mVzD65Njz58ZPz26L0rTJ0azs2K9n35eer1R+zuKvwWWb5Zjf93zfzX+gdy+iLlr1y9VrtfONd/G0m+fNvxMs93zvzv3ZiXdnT72wcT8/NWxiO7cq+sfH7/93Cyf1U/O/+Hj9cf/obi9Jx6OiOQkPhYRj0TEo2nfH4uIxyPi+Abx//DiE+82H/8Gq/ItlMQ/tdnxj9rj33yicOn7b5qPP5Mc/1OV1HD6yFZe/7bawZ3sOwAAAPivyFe+A5/Lj6ym8/mRkep3+A/H/nxpdm7+mQuz71+Zqn5XfiCK+Wylq79mPXQsXRvO8uNr8ifTdePPC72V/MjkbGmq3cFDhzvQYPwnfi+0u3fArnO/FnQu4x86l/EPncv4h85l/EPnqjf+P2pDP4C9t8n7f+9e9QPYe+b/0LmMf+hcxj90pIb3xud3dMu/RJsS33bv7Lcatp6I/F0S8q4neiNiL9oqRjXRExE1RV1b/jGLbSZ66ha1+5UJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4NAAD//xwt370=")
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)

849.026502ms ago: executing program 5 (id=4957):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x104, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfc, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
pipe(&(0x7f0000000500)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
io_setup(0x2, &(0x7f0000002400)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000040)=[&(0x7f00000010c0)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x2}])
fcntl$setpipe(r3, 0x407, 0x401)
ptrace$setregs(0xd, r2, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x4004944)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(r7, &(0x7f0000000000)='map_files\x00')
mq_notify(0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0xa)
modify_ldt$write(0x1, &(0x7f0000000040)={0x806, 0x100000}, 0x10)
syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x400252}, &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000300)=<r9=>0x0)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0xc, 0x12, r10, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000002000000000000000000000d0205000000000000010000050000000000839a9d"], &(0x7f0000001f40)=""/4095, 0x3e, 0xfff, 0xa, 0xfffffffd}, 0x28)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f0000000500)=@IORING_OP_READ=@pass_buffer={0x16, 0x2, 0x2000, @fd, 0x9, 0x0, 0x0, 0x2})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)

538.110737ms ago: executing program 3 (id=4958):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r2, &(0x7f0000000380)=ANY=[@ANYBLOB="7f454c4600040000ff7f00000000000003003e00"], 0x78)
close(r2)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)

522.874828ms ago: executing program 3 (id=4959):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r2, &(0x7f0000000380)=ANY=[@ANYBLOB="7f454c4600040000ff7f00000000000003003e00"], 0x78)
close(r2)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)

508.532719ms ago: executing program 3 (id=4960):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_PEER_GET(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0d030000000000000000130000001c000980080002"], 0x30}}, 0x800)

482.578022ms ago: executing program 5 (id=4961):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
syz_usbip_server_init(0x3)
r1 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040), 0x10)
perf_event_open(&(0x7f0000000000)={0x1, 0xffffffffffffffc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffc, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x10848a, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r1, 0x0)
r2 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080), 0x10)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x29, 0x41, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000340)={[0x2]}, 0x8)

481.917911ms ago: executing program 3 (id=4962):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000240)={[{@resgid={'resgid', 0x3d, 0xee00}}, {@user_xattr}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@nogrpid}, {@barrier_val={'barrier', 0x3d, 0xb82}}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000340)='jbd2_end_commit\x00', r0, 0x0, 0x6}, 0x18)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r2=>0x0})
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@func={0xd, 0x0, 0x0, 0xc, 0x2}]}, {0x0, [0x2e]}}, &(0x7f0000000c40)=""/236, 0x27, 0xec, 0x1, 0x5, 0x10000}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x14, 0x8001, 0x6, 0x7, 0x40000, r1, 0x6, '\x00', r2, r3, 0x4, 0x1, 0x4}, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001900)=@base={0x9, 0x4, 0x7fe5, 0x1}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000b000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000950000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r5}, 0x18)
r6 = socket$netlink(0x10, 0x3, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x2, &(0x7f0000000200)=[{0x84, 0xfc, 0x7f, 0x8}, {0x6, 0x5, 0x1, 0x100}]})
setsockopt$sock_int(r6, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0x4, &(0x7f0000000100)=0x1800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r6)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d40)={&(0x7f0000000180)='kfree\x00', r6}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40))
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000040)=@ethtool_link_settings={0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20, 0x8, [0x0, 0x0, 0x0, 0xc, 0x5, 0x0, 0x0, 0xfffffffe]}})
truncate(&(0x7f0000000100)='./file0/file0\x00', 0x7)

406.734427ms ago: executing program 2 (id=4964):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4001, 0x0, @loopback}, 0x1c)

406.052028ms ago: executing program 2 (id=4965):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000300)=ANY=[@ANYRES16=0x0], &(0x7f0000000080)='GPL\x00', 0x617a, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095", @ANYRES64=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x12)
syz_clone3(&(0x7f0000000e00)={0xa204000, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0}, 0x58)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='sched_switch\x00', r2, 0x0, 0x2}, 0x18)
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="0c0100001000130428bd700000000000e000000100000000000000ff0f000000000000000000000000000000000000014e2100004e2400000200202000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000001000000003c0000000a0101000000000000000000000000000400000000000000060000000000000000000000000000000400000000004000ffffffffffffffff03000000000000007f00000000000000000000000000000000000000000000000000000001000000cc000000000000000000000000000000f600"/147], 0x10c}}, 0x804)
write$binfmt_aout(r3, &(0x7f00000000c0)=ANY=[], 0x20)
listen(0xffffffffffffffff, 0x6)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f00000002c0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x65, 0x0, 0xf, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000ad0800455c003c000000000006907864010101ac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="0003000b7800"], 0x0)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r6, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r6, &(0x7f0000007fc0), 0x800001d, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$MRT_PIM(r3, 0x0, 0xcf, &(0x7f0000000240)=0x1, 0x4)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x6, 0x4, 0x0, 0x7, 0x2, 0x0, 0xc0238, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

372.63368ms ago: executing program 1 (id=4966):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x7, &(0x7f0000000100)=ANY=[@ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="0000002f252c1100b702000037620000850000008600000095"], &(0x7f0000000040)='syzkaller\x00', 0x10000, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xd, 0x4, &(0x7f0000000280)=ANY=[@ANYRESOCT=r0], 0x0, 0x10000, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x246998b5f15d852, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2567}, 0x94)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sendmsg$netlink(r2, &(0x7f00000001c0), 0x40000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0600000c8abe1000ff0f00000775fca1e48e3cfea525f14ef1c05e85b842a1533315df2a0ad0763654c8556cdf29ce994462a8f7ec8ee2d2ad6da6be1b4220b192d3abaa1f41a8984d710411881dcdcd19f05abcbb11d5e35b91c7c0e2216d3c53907a92f199a4f14b9ec18e106a235e2e8975add6f8fc", @ANYRESOCT=r1], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x10, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000580)='sys_enter\x00', r4, 0x0, 0x3}, 0x18)
recvmsg(0xffffffffffffffff, 0x0, 0x40002002)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000e40)=0x100000001, 0x4)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f00000002c0), 0xffb2)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x2, &(0x7f0000000280)=@gcm_256={{0x304}, "3f60eb8f2777c39a", "5985e81ad0d9585bc175cbecd3f55eb699e3070cc206f3ba527c85bde06fbf19", "bc5ec28f", "b200"}, 0x38)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r6, 0x0)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x4, &(0x7f0000000000)=@gcm_256={{0x303}, "d053e8ef5e1518b7", "299e1529ffcde9e001be52f03dfb3d8dd2d7b241998107d4a776213e2e9db50c", "102a9dad", "e14c245372404f89"}, 0x38)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r7)

185.119755ms ago: executing program 1 (id=4967):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='nv\x00', 0x3)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYRESOCT], 0x48)
r3 = socket$packet(0x11, 0x2, 0x300)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r5}, 0x10)
setitimer(0x1, 0x0, 0x0)
setsockopt$packet_int(r3, 0x107, 0x8, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0x17}}], 0x400000000000179, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2, <r6=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)=r5}, 0x20)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000380)={'gretap0\x00', &(0x7f0000000600)={'erspan0\x00', <r7=>0x0, 0x10, 0x8, 0x10001, 0x6, {{0x13, 0x4, 0x0, 0x1d, 0x4c, 0x67, 0x0, 0x9, 0x4, 0x0, @empty, @remote, {[@ssrr={0x89, 0xb, 0xea, [@empty, @multicast1]}, @ra={0x94, 0x4}, @timestamp={0x44, 0x8, 0xc1, 0x0, 0x2, [0x8]}, @timestamp_prespec={0x44, 0xc, 0xd2, 0x3, 0x9, [{@empty, 0x9}]}, @ssrr={0x89, 0x13, 0xf4, [@dev={0xac, 0x14, 0x14, 0x43}, @initdev={0xac, 0x1e, 0x3, 0x0}, @remote, @rand_addr=0x64010100]}]}}}}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x6, 0x16, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xbab, 0x0, 0x0, 0x0, 0x4995}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}}, @map_idx_val={0x18, 0x6, 0x6, 0x0, 0xb, 0x0, 0x0, 0x0, 0x8}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}, @call={0x85, 0x0, 0x0, 0xb1}, @call={0x85, 0x0, 0x0, 0x8b}, @alu={0x4, 0x0, 0x8, 0x3, 0x3, 0x2, 0xfffffffffffffff0}, @exit]}, &(0x7f0000000240)='syzkaller\x00', 0x2, 0xd2, &(0x7f0000000500)=""/210, 0x41000, 0x10, '\x00', r7, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x0, 0x2}, 0x8, 0x10, &(0x7f00000006c0)={0x4, 0xf, 0x7, 0xfff}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000700)=[r2, r2, r2, r1, r4, r4], &(0x7f0000000740)=[{0x1, 0x2, 0x7, 0x3}, {0x4, 0x4, 0xd, 0x9}, {0x2, 0x4, 0x10, 0x1}, {0x5, 0x4, 0x10, 0x3}], 0x10, 0x6}, 0x94)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

89.535683ms ago: executing program 2 (id=4968):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_virt_wifi\x00'})
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8931, &(0x7f0000000080))
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r0}, 0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x3, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="2c2a9e1a7a9369b1ddfbc94597cc87e592bd94007c0fe269cd537bdb0763b36d6bbff425756235ffe3d4ada4a46d9a93c097", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
r4 = socket$inet(0x2, 0x1, 0x8)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e21, @loopback}, 0x10)
sendto$inet(r3, 0x0, 0xfffffffffffffe1a, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r3, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)

5.91958ms ago: executing program 2 (id=4969):
mincore(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x0)

5.71472ms ago: executing program 2 (id=4970):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r2, &(0x7f0000000380)=ANY=[@ANYBLOB="7f454c4600040000ff7f00000000000003003e00"], 0x78)
close(r2)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)

0s ago: executing program 2 (id=4971):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x1, 0x0) (async)
r1 = fsmount(r0, 0x1, 0x0)
unshare(0x28000600) (async)
unshare(0x28000600)
flock(r1, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="070000000400000020"], 0x50) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="070000000400000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="c50a0000000000007910480000000000610444000000000095000080"], 0x0, 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x9) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x9)
quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000000)=@sg0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b700000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000002569b8fd9a53c15ef5d991c78d20dfcf391f886553a7d07b494dcd7658ec0531ffc96daa0dd24fd8da369d8cf14ad8826031265f9ad7bf3958d69724301bbe28e0e13dd934e4cf2a7e202113df8b1d9539abef61b8cbd5a2ae3e1655369566b283a2bfe0adec4bde889e749b3aacdd0f248d54951e5c088cf0c61d920d10b817da779962a4c9072ada62f76589c0a651ccd8a5c0b2a42112ec77097261993176b0a5fb00f4c2f05726322ca2e0a9535c557c046f3c9d0ecce677980afd38c18ac6904721a6cff572e11bf872236590284d6715741b7a44f26a3aefe3a6769401ae13eeff4ff366e2bea842f888a0190ae89c45e68cb1cba1e325b5c392c09021d30406a25e92e8f0f170b04f35f8ffbed53c0cda6787d6303b14f16021e1cba328f3d6", @ANYRES16=r5, @ANYBLOB="010000000000000000001a000000"], 0x14}}, 0x0) (async)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000002569b8fd9a53c15ef5d991c78d20dfcf391f886553a7d07b494dcd7658ec0531ffc96daa0dd24fd8da369d8cf14ad8826031265f9ad7bf3958d69724301bbe28e0e13dd934e4cf2a7e202113df8b1d9539abef61b8cbd5a2ae3e1655369566b283a2bfe0adec4bde889e749b3aacdd0f248d54951e5c088cf0c61d920d10b817da779962a4c9072ada62f76589c0a651ccd8a5c0b2a42112ec77097261993176b0a5fb00f4c2f05726322ca2e0a9535c557c046f3c9d0ecce677980afd38c18ac6904721a6cff572e11bf872236590284d6715741b7a44f26a3aefe3a6769401ae13eeff4ff366e2bea842f888a0190ae89c45e68cb1cba1e325b5c392c09021d30406a25e92e8f0f170b04f35f8ffbed53c0cda6787d6303b14f16021e1cba328f3d6", @ANYRES16=r5, @ANYBLOB="010000000000000000001a000000"], 0x14}}, 0x0)
r6 = gettid()
process_vm_writev(r6, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) (async)
process_vm_writev(r6, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
pipe2(&(0x7f0000001cc0), 0x80000) (async)
pipe2(&(0x7f0000001cc0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r8, @ANYBLOB=',access=', @ANYRESDEC=0x0])
ioperm(0x8000, 0x4, 0x1)
kexec_load(0x9f5, 0x3, &(0x7f00000007c0)=[{&(0x7f0000000300)="1c7fecaa9b32fb51e91b04180373689ffbde894bfb3f332c86f13f850839b95803c4a93ffef5723a6afb822599e005d750d7a4b2813f23432effa0b5", 0x3c, 0x0, 0x9}, {&(0x7f0000000340)="385ea8b3edafb658f8456cb6802692d7e4f6201745928d28bb5ee3ad4bc6fc6a54a3568237344a9c0f4a4b8a9859afb02bd16ecf6d311c3ab756c64fe72b3a0155405371be3620dcf402b7659b3c33d7e47b9029fd6fa45ff88926a8c5fbd4dfffe8ba5c07f008a8db69d817fb7d561bf77c23a4eb4d824eb9dd780b820789e4af8cef29aad2ea2876d319df5dfa3e68ce56a587a34e1e5a104b9a7a89805f0c28b57e5d48d4693a8ecb7c7f6c48daa6", 0xb0, 0x5000000000000000, 0x6}, {&(0x7f0000000580)="0f3078ef5be44eb20a90442b8c08e07125802646fcac8c77ea5a55ea055a659ce4838c9246672f92e9ca51ca1fcd2f91c3cf4f2af6152953a5c73091b8b23fecb1d80c7305f2cd862baecc8f8ff120e25fbe428bace80f2e906a9cd13e4f73b921d054fb15bd0c49dd72c239695b361544050e4e0cd6f8db26a08220ff0c3352eab11bbcb810a4d82bf201fbc43a5f8ea9d572cdc6c310a21295c57554530e4f7dde34f205997fc24fe748a02b85958551b49201c8a2acc9ee554f206edeef4c6d2cc99fec41443e1104aa3725e832370be26c2e1a0f873742b9907768f87729581c36cec4f4ed50832db572fca4c59c", 0xf0, 0x5, 0x6}], 0x30000)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async)
timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
mq_open(&(0x7f0000000b40)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x0, 0x0) (async)
mq_open(&(0x7f0000000b40)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r6, r7, 0x0, 0x8, &(0x7f0000000000)='ethtool\x00'}, 0x30)
msync(&(0x7f0000389000/0x3000)=nil, 0x3000, 0x1)

kernel console output (not intermixed with test programs):

000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  354.894438][T15092] loop3: detected capacity change from 0 to 1024
[  354.905905][T15092] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  354.927126][T15092] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  355.136388][T15105] lo speed is unknown, defaulting to 1000
[  355.237210][T15105] siw: device registration error -23
[  355.248507][T15104] __nla_validate_parse: 1 callbacks suppressed
[  355.248528][T15104] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4023'.
[  355.449611][T13777] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.496491][T15108] loop5: detected capacity change from 0 to 512
[  355.503627][T15108] EXT4-fs: Ignoring removed mblk_io_submit option
[  355.512535][T15108] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[  355.521657][T15108] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.4024: attempt to clear invalid blocks 2 len 1
[  355.535445][T15108] EXT4-fs (loop5): Remounting filesystem read-only
[  355.542748][T15108] EXT4-fs (loop5): 1 truncate cleaned up
[  355.549312][T15108] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  355.576671][T13777] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.736830][T11190] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  356.173635][T15130] loop2: detected capacity change from 0 to 512
[  356.185381][T15130] EXT4-fs: Ignoring removed mblk_io_submit option
[  356.194737][T15130] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13
[  356.204701][T15130] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.4032: attempt to clear invalid blocks 2 len 1
[  356.222706][T15130] EXT4-fs (loop2): Remounting filesystem read-only
[  356.230445][T15130] EXT4-fs (loop2): 1 truncate cleaned up
[  356.237924][T15130] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  356.268060][T13092] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  356.302207][T15136] loop2: detected capacity change from 0 to 1024
[  356.311268][T15136] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  356.328039][T15136] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  356.345685][   T29] kauditd_printk_skb: 152 callbacks suppressed
[  356.345704][   T29] audit: type=1326 audit(1754995116.988:18631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.2.4034" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fafa5dbebe9 code=0x0
[  356.901294][T15144] loop1: detected capacity change from 0 to 2364
[  356.908270][T15144] iso9660: Unknown parameter 'sh¨wassoc'
[  356.917132][ T3356] usb usb6-port1: attempt power cycle
[  356.920423][T15144] 9p: Unknown access argument a: -22
[  357.143139][T13092] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  357.289307][T15169] loop1: detected capacity change from 0 to 8192
[  357.346379][T15170] loop2: detected capacity change from 0 to 128
[  357.357235][T15170] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  357.370750][T15170] ext4 filesystem being mounted at /185/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  357.384006][   T29] audit: type=1400 audit(1754995118.018:18632): avc:  denied  { add_name } for  pid=15162 comm="syz.2.4043" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  357.406048][   T29] audit: type=1400 audit(1754995118.018:18633): avc:  denied  { create } for  pid=15162 comm="syz.2.4043" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  357.427529][   T29] audit: type=1400 audit(1754995118.018:18634): avc:  denied  { read write open } for  pid=15162 comm="syz.2.4043" path="/185/file1/file1" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  357.452529][   T29] audit: type=1400 audit(1754995118.018:18635): avc:  denied  { setattr } for  pid=15162 comm="syz.2.4043" path="/185/file1/file1" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  357.479374][T15170] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4043'.
[  357.492101][   T29] audit: type=1400 audit(1754995118.098:18636): avc:  denied  { ioctl } for  pid=15162 comm="syz.2.4043" path="/185/file1/file1" dev="loop2" ino=12 ioctlcmd=0x6609 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  357.517008][   T29] audit: type=1400 audit(1754995118.118:18637): avc:  denied  { append } for  pid=15162 comm="syz.2.4043" path="/185/file1/memory.events" dev="loop2" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  357.541327][T15186] loop1: detected capacity change from 0 to 1024
[  357.549808][T15186] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  357.567782][T15186] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  357.584540][   T29] audit: type=1326 audit(1754995118.218:18638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15185 comm="syz.1.4051" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f85e011ebe9 code=0x0
[  357.785778][   T29] audit: type=1400 audit(1754995118.428:18639): avc:  denied  { egress } for  pid=22 comm="ksoftirqd/1" saddr=fe80::1b daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  357.810626][   T29] audit: type=1400 audit(1754995118.428:18640): avc:  denied  { sendto } for  pid=22 comm="ksoftirqd/1" saddr=fe80::1b daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  358.115687][T13092] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  358.345375][T15195] lo speed is unknown, defaulting to 1000
[  358.446726][T12295] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.031385][T15208] loop1: detected capacity change from 0 to 1024
[  359.039167][T15208] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  359.057719][T15208] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  359.085567][ T3356] usb usb6-port1: unable to enumerate USB device
[  359.129720][T15219] loop3: detected capacity change from 0 to 128
[  359.219909][T15225] loop5: detected capacity change from 0 to 8192
[  359.307923][T15232] loop5: detected capacity change from 0 to 2048
[  359.375574][T15232]  loop5: p1 < > p4
[  359.385221][T15232] loop5: p4 size 8388608 extends beyond EOD, truncated
[  359.467072][T15236] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4068'.
[  359.583509][T15246] sg_write: data in/out 1048540/48 bytes for SCSI command 0x0-- guessing data in;
[  359.583509][T15246]    program syz.3.4071 not setting count and/or reply_len properly
[  359.724741][T15258] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4076'.
[  359.810925][T15261] lo speed is unknown, defaulting to 1000
[  359.886934][T12295] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.921256][T15266] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4080'.
[  360.047052][T15274] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4082'.
[  360.125707][T15274] lo speed is unknown, defaulting to 1000
[  360.145545][T15279] vcan0: tx drop: invalid sa for name 0x0000000000000002
[  360.460693][T15294] FAULT_INJECTION: forcing a failure.
[  360.460693][T15294] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  360.474130][T15294] CPU: 1 UID: 0 PID: 15294 Comm: syz.1.4088 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(voluntary) 
[  360.474163][T15294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  360.474175][T15294] Call Trace:
[  360.474183][T15294]  <TASK>
[  360.474193][T15294]  __dump_stack+0x1d/0x30
[  360.474246][T15294]  dump_stack_lvl+0xe8/0x140
[  360.474267][T15294]  dump_stack+0x15/0x1b
[  360.474282][T15294]  should_fail_ex+0x265/0x280
[  360.474331][T15294]  should_fail+0xb/0x20
[  360.474351][T15294]  should_fail_usercopy+0x1a/0x20
[  360.474373][T15294]  _copy_from_user+0x1c/0xb0
[  360.474420][T15294]  ___sys_sendmsg+0xc1/0x1d0
[  360.474477][T15294]  __x64_sys_sendmsg+0xd4/0x160
[  360.474499][T15294]  x64_sys_call+0x191e/0x2ff0
[  360.474523][T15294]  do_syscall_64+0xd2/0x200
[  360.474549][T15294]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  360.474631][T15294]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  360.474693][T15294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.474721][T15294] RIP: 0033:0x7f85e011ebe9
[  360.474740][T15294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  360.474763][T15294] RSP: 002b:00007f85deb7f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  360.474866][T15294] RAX: ffffffffffffffda RBX: 00007f85e0345fa0 RCX: 00007f85e011ebe9
[  360.474879][T15294] RDX: 0000000004048081 RSI: 0000200000000140 RDI: 0000000000000003
[  360.474906][T15294] RBP: 00007f85deb7f090 R08: 0000000000000000 R09: 0000000000000000
[  360.474919][T15294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  360.474935][T15294] R13: 00007f85e0346038 R14: 00007f85e0345fa0 R15: 00007ffdee977c28
[  360.475023][T15294]  </TASK>
[  360.671311][T15301] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4092'.
[  360.803635][T15308] loop5: detected capacity change from 0 to 512
[  360.889944][T15314] loop5: detected capacity change from 0 to 512
[  360.948341][T15317] lo speed is unknown, defaulting to 1000
[  361.048510][T15317] siw: device registration error -23
[  361.098321][T15314] EXT4-fs: Ignoring removed mblk_io_submit option
[  361.206434][T15314] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[  361.253836][T15314] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.4098: attempt to clear invalid blocks 2 len 1
[  361.325742][T15333] veth0: entered promiscuous mode
[  361.331338][T15314] EXT4-fs (loop5): Remounting filesystem read-only
[  361.343763][T15333] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4104'.
[  361.346399][T15314] EXT4-fs (loop5): 1 truncate cleaned up
[  361.359810][T15314] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  361.385643][   T29] kauditd_printk_skb: 198 callbacks suppressed
[  361.385682][   T29] audit: type=1400 audit(1754995122.028:18839): avc:  denied  { bind } for  pid=15336 comm="syz.0.4106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  361.413716][T13777] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.418111][   T29] audit: type=1400 audit(1754995122.028:18840): avc:  denied  { write } for  pid=15336 comm="syz.0.4106" path="socket:[61041]" dev="sockfs" ino=61041 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  361.484677][T15341] lo speed is unknown, defaulting to 1000
[  361.526165][   T29] audit: type=1326 audit(1754995122.168:18841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15346 comm="syz.5.4111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b00debe9 code=0x7ffc0000
[  361.550600][   T29] audit: type=1326 audit(1754995122.168:18842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15346 comm="syz.5.4111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fb8b00debe9 code=0x7ffc0000
[  361.574851][   T29] audit: type=1326 audit(1754995122.168:18843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15346 comm="syz.5.4111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb8b00dec23 code=0x7ffc0000
[  361.598912][   T29] audit: type=1326 audit(1754995122.168:18844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15346 comm="syz.5.4111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb8b00dec23 code=0x7ffc0000
[  361.667724][   T29] audit: type=1326 audit(1754995122.168:18845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15346 comm="syz.5.4111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b00debe9 code=0x7ffc0000
[  361.691687][   T29] audit: type=1326 audit(1754995122.168:18846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15346 comm="syz.5.4111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b00debe9 code=0x7ffc0000
[  361.715941][   T29] audit: type=1326 audit(1754995122.168:18847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15346 comm="syz.5.4111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b00debe9 code=0x7ffc0000
[  361.740284][   T29] audit: type=1326 audit(1754995122.168:18848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15346 comm="syz.5.4111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fb8b00debe9 code=0x7ffc0000
[  361.740514][ T3356] usb usb6-port1: attempt power cycle
[  361.915486][T15367] netlink: 'syz.1.4116': attribute type 3 has an invalid length.
[  361.923444][T15367] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4116'.
[  361.926342][T15369] FAULT_INJECTION: forcing a failure.
[  361.926342][T15369] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  361.945952][T15369] CPU: 0 UID: 0 PID: 15369 Comm: syz.5.4117 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(voluntary) 
[  361.946011][T15369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  361.946024][T15369] Call Trace:
[  361.946034][T15369]  <TASK>
[  361.946043][T15369]  __dump_stack+0x1d/0x30
[  361.946067][T15369]  dump_stack_lvl+0xe8/0x140
[  361.946167][T15369]  dump_stack+0x15/0x1b
[  361.946183][T15369]  should_fail_ex+0x265/0x280
[  361.946218][T15369]  should_fail+0xb/0x20
[  361.946238][T15369]  should_fail_usercopy+0x1a/0x20
[  361.946263][T15369]  _copy_from_user+0x1c/0xb0
[  361.946405][T15369]  __sys_sendto+0x19e/0x330
[  361.946450][T15369]  __x64_sys_sendto+0x76/0x90
[  361.946505][T15369]  x64_sys_call+0x2d05/0x2ff0
[  361.946527][T15369]  do_syscall_64+0xd2/0x200
[  361.946552][T15369]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  361.946620][T15369]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  361.946647][T15369]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  361.946716][T15369] RIP: 0033:0x7fb8b00debe9
[  361.946733][T15369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  361.946753][T15369] RSP: 002b:00007fb8aeb3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  361.946777][T15369] RAX: ffffffffffffffda RBX: 00007fb8b0305fa0 RCX: 00007fb8b00debe9
[  361.946793][T15369] RDX: 00000000000005c4 RSI: 0000000000000000 RDI: 0000000000000003
[  361.946808][T15369] RBP: 00007fb8aeb3f090 R08: 0000200000000540 R09: 000000000000001c
[  361.946824][T15369] R10: 000000000404c844 R11: 0000000000000246 R12: 0000000000000001
[  361.946874][T15369] R13: 00007fb8b0306038 R14: 00007fb8b0305fa0 R15: 00007ffdd85f61b8
[  361.946893][T15369]  </TASK>
[  362.137036][T15373] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4118'.
[  362.171462][T15378] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4120'.
[  362.246098][T15386] FAULT_INJECTION: forcing a failure.
[  362.246098][T15386] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  362.259748][T15386] CPU: 1 UID: 0 PID: 15386 Comm: syz.5.4122 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(voluntary) 
[  362.259785][T15386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  362.259799][T15386] Call Trace:
[  362.259807][T15386]  <TASK>
[  362.259815][T15386]  __dump_stack+0x1d/0x30
[  362.259842][T15386]  dump_stack_lvl+0xe8/0x140
[  362.259864][T15386]  dump_stack+0x15/0x1b
[  362.259953][T15386]  should_fail_ex+0x265/0x280
[  362.259976][T15386]  should_fail+0xb/0x20
[  362.260039][T15386]  should_fail_usercopy+0x1a/0x20
[  362.260064][T15386]  _copy_from_user+0x1c/0xb0
[  362.260148][T15386]  xsk_setsockopt+0x308/0x640
[  362.260192][T15386]  ? __pfx_xsk_setsockopt+0x10/0x10
[  362.260245][T15386]  __sys_setsockopt+0x184/0x200
[  362.260269][T15386]  __x64_sys_setsockopt+0x64/0x80
[  362.260293][T15386]  x64_sys_call+0x20ec/0x2ff0
[  362.260316][T15386]  do_syscall_64+0xd2/0x200
[  362.260391][T15386]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  362.260435][T15386]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  362.260523][T15386]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.260549][T15386] RIP: 0033:0x7fb8b00debe9
[  362.260567][T15386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  362.260588][T15386] RSP: 002b:00007fb8aeb3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  362.260643][T15386] RAX: ffffffffffffffda RBX: 00007fb8b0305fa0 RCX: 00007fb8b00debe9
[  362.260658][T15386] RDX: 0000000000000004 RSI: 000000000000011b RDI: 0000000000000006
[  362.260671][T15386] RBP: 00007fb8aeb3f090 R08: 0000000000000020 R09: 0000000000000000
[  362.260707][T15386] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  362.260722][T15386] R13: 00007fb8b0306038 R14: 00007fb8b0305fa0 R15: 00007ffdd85f61b8
[  362.260743][T15386]  </TASK>
[  362.468161][T15396] IPv6: Can't replace route, no match found
[  362.491039][T15398] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4127'.
[  362.741899][T15416] lo speed is unknown, defaulting to 1000
[  362.903038][T15414] loop2: detected capacity change from 0 to 8192
[  362.976100][T15414]  loop2: p2 p3 p4
[  362.980846][T15414] loop2: p2 start 2936012800 is beyond EOD, truncated
[  362.987720][T15414] loop2: p3 start 1912602624 is beyond EOD, truncated
[  362.994789][T15414] loop2: p4 size 656640 extends beyond EOD, truncated
[  363.101060][T15424] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4136'.
[  363.158230][T15428] FAULT_INJECTION: forcing a failure.
[  363.158230][T15428] name failslab, interval 1, probability 0, space 0, times 0
[  363.159717][T15424] lo speed is unknown, defaulting to 1000
[  363.171159][T15428] CPU: 0 UID: 0 PID: 15428 Comm: syz.2.4138 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(voluntary) 
[  363.171197][T15428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  363.171310][T15428] Call Trace:
[  363.171319][T15428]  <TASK>
[  363.171329][T15428]  __dump_stack+0x1d/0x30
[  363.171354][T15428]  dump_stack_lvl+0xe8/0x140
[  363.171385][T15428]  dump_stack+0x15/0x1b
[  363.171401][T15428]  should_fail_ex+0x265/0x280
[  363.171471][T15428]  should_failslab+0x8c/0xb0
[  363.171496][T15428]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  363.171528][T15428]  ? sidtab_sid2str_get+0xa0/0x130
[  363.171552][T15428]  kmemdup_noprof+0x2b/0x70
[  363.171649][T15428]  sidtab_sid2str_get+0xa0/0x130
[  363.171726][T15428]  security_sid_to_context_core+0x1eb/0x2e0
[  363.171749][T15428]  security_sid_to_context+0x27/0x40
[  363.171769][T15428]  selinux_lsmprop_to_secctx+0x67/0xf0
[  363.171791][T15428]  security_lsmprop_to_secctx+0x43/0x80
[  363.171819][T15428]  audit_log_task_context+0x77/0x190
[  363.171858][T15428]  audit_log_task+0xf4/0x250
[  363.171891][T15428]  audit_seccomp+0x61/0x100
[  363.171914][T15428]  ? __seccomp_filter+0x68c/0x10d0
[  363.171936][T15428]  __seccomp_filter+0x69d/0x10d0
[  363.171977][T15428]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  363.172004][T15428]  ? vfs_write+0x7e8/0x960
[  363.172041][T15428]  ? __rcu_read_unlock+0x4f/0x70
[  363.172063][T15428]  ? __fget_files+0x184/0x1c0
[  363.172090][T15428]  __secure_computing+0x82/0x150
[  363.172111][T15428]  syscall_trace_enter+0xcf/0x1e0
[  363.172214][T15428]  do_syscall_64+0xac/0x200
[  363.172317][T15428]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  363.172341][T15428]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  363.172401][T15428]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.172424][T15428] RIP: 0033:0x7fafa5dbebe9
[  363.172442][T15428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  363.172461][T15428] RSP: 002b:00007fafa4827038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fe
[  363.172539][T15428] RAX: ffffffffffffffda RBX: 00007fafa5fe5fa0 RCX: 00007fafa5dbebe9
[  363.172553][T15428] RDX: 00000000c0000009 RSI: 0000200000000140 RDI: ffffffffffffffff
[  363.172565][T15428] RBP: 00007fafa4827090 R08: 0000000000000000 R09: 0000000000000000
[  363.172578][T15428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  363.172650][T15428] R13: 00007fafa5fe6038 R14: 00007fafa5fe5fa0 R15: 00007ffdd4b02968
[  363.172667][T15428]  </TASK>
[  363.191439][T15430] loop2: detected capacity change from 0 to 128
[  363.255795][T15433] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4140'.
[  363.683311][T15454] loop1: detected capacity change from 0 to 1024
[  363.691648][T15454] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  363.712396][T15454] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  363.905329][ T3356] usb usb6-port1: unable to enumerate USB device
[  363.927933][T15468] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4150'.
[  363.997527][T15475] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4151'.
[  364.073346][T15480] lo speed is unknown, defaulting to 1000
[  364.217932][T15486] tipc: Started in network mode
[  364.223572][T15486] tipc: Node identity 727ad08552d4, cluster identity 4711
[  364.231551][T15486] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  364.239857][T15486] syzkaller0: entered promiscuous mode
[  364.245566][T15486] syzkaller0: entered allmulticast mode
[  364.256543][T15486] tipc: Resetting bearer <eth:syzkaller0>
[  364.268120][T15485] tipc: Resetting bearer <eth:syzkaller0>
[  364.275335][T15485] tipc: Disabling bearer <eth:syzkaller0>
[  364.379200][T15490] loop2: detected capacity change from 0 to 128
[  364.387081][T15490] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  364.400577][T15490] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  364.459079][T15498] lo speed is unknown, defaulting to 1000
[  364.498428][T15501] lo speed is unknown, defaulting to 1000
[  364.524988][T12295] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.614768][T15516] lo speed is unknown, defaulting to 1000
[  364.730887][T15519] lo speed is unknown, defaulting to 1000
[  364.742154][T15521] loop5: detected capacity change from 0 to 512
[  364.756512][T15521] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.4167: casefold flag without casefold feature
[  364.781991][T15521] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.4167: couldn't read orphan inode 15 (err -117)
[  364.800316][T15521] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  364.822503][T15526] loop3: detected capacity change from 0 to 128
[  364.830257][T15526] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  364.843589][T15526] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  364.854406][T15526] FAULT_INJECTION: forcing a failure.
[  364.854406][T15526] name failslab, interval 1, probability 0, space 0, times 0
[  364.867636][T15526] CPU: 0 UID: 0 PID: 15526 Comm: syz.3.4168 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(voluntary) 
[  364.867673][T15526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  364.867688][T15526] Call Trace:
[  364.867715][T15526]  <TASK>
[  364.867725][T15526]  __dump_stack+0x1d/0x30
[  364.867750][T15526]  dump_stack_lvl+0xe8/0x140
[  364.867768][T15526]  dump_stack+0x15/0x1b
[  364.867784][T15526]  should_fail_ex+0x265/0x280
[  364.867854][T15526]  should_failslab+0x8c/0xb0
[  364.867880][T15526]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  364.867910][T15526]  ? __d_alloc+0x3d/0x340
[  364.868014][T15526]  __d_alloc+0x3d/0x340
[  364.868041][T15526]  ? avc_has_perm_noaudit+0x1b1/0x200
[  364.868118][T15526]  d_alloc_parallel+0x53/0xc60
[  364.868149][T15526]  ? selinux_inode_permission+0x62d/0x740
[  364.868223][T15526]  ? __d_lookup_rcu_op_compare+0x23b/0x270
[  364.868258][T15526]  ? lockref_get_not_dead+0x120/0x1c0
[  364.868289][T15526]  ? __rcu_read_unlock+0x4f/0x70
[  364.868380][T15526]  __lookup_slow+0x8c/0x250
[  364.868416][T15526]  lookup_slow+0x3c/0x60
[  364.868447][T15526]  walk_component+0x1ec/0x220
[  364.868476][T15526]  path_lookupat+0xfe/0x2a0
[  364.868510][T15526]  filename_lookup+0x147/0x340
[  364.868546][T15526]  filename_getxattr+0x54/0x180
[  364.868571][T15526]  __x64_sys_lgetxattr+0x10f/0x140
[  364.868652][T15526]  x64_sys_call+0x2fa4/0x2ff0
[  364.868675][T15526]  do_syscall_64+0xd2/0x200
[  364.868795][T15526]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  364.868819][T15526]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  364.868842][T15526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.868864][T15526] RIP: 0033:0x7f444cf8ebe9
[  364.868884][T15526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  364.868920][T15526] RSP: 002b:00007f444b9ef038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c0
[  364.868946][T15526] RAX: ffffffffffffffda RBX: 00007f444d1b5fa0 RCX: 00007f444cf8ebe9
[  364.868960][T15526] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000200000000000
[  364.868974][T15526] RBP: 00007f444b9ef090 R08: 0000000000000000 R09: 0000000000000000
[  364.868987][T15526] R10: 00000000000001ee R11: 0000000000000246 R12: 0000000000000001
[  364.869001][T15526] R13: 00007f444d1b6038 R14: 00007f444d1b5fa0 R15: 00007ffe4ae271f8
[  364.869057][T15526]  </TASK>
[  365.262652][T15540] loop1: detected capacity change from 0 to 1024
[  365.271887][T15540] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  365.290707][T15540] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  365.545750][T15553] lo speed is unknown, defaulting to 1000
[  365.650901][T15553] siw: device registration error -23
[  365.720676][T13777] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.144387][T15559] FAULT_INJECTION: forcing a failure.
[  366.144387][T15559] name failslab, interval 1, probability 0, space 0, times 0
[  366.157892][T15559] CPU: 0 UID: 0 PID: 15559 Comm: syz.0.4180 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(voluntary) 
[  366.157991][T15559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  366.158034][T15559] Call Trace:
[  366.158042][T15559]  <TASK>
[  366.158078][T15559]  __dump_stack+0x1d/0x30
[  366.158104][T15559]  dump_stack_lvl+0xe8/0x140
[  366.158126][T15559]  dump_stack+0x15/0x1b
[  366.158144][T15559]  should_fail_ex+0x265/0x280
[  366.158169][T15559]  should_failslab+0x8c/0xb0
[  366.158197][T15559]  kmem_cache_alloc_noprof+0x50/0x310
[  366.158234][T15559]  ? security_file_alloc+0x32/0x100
[  366.158275][T15559]  security_file_alloc+0x32/0x100
[  366.158318][T15559]  init_file+0x5c/0x1d0
[  366.158419][T15559]  alloc_empty_file+0x8b/0x200
[  366.158450][T15559]  path_openat+0x68/0x2170
[  366.158531][T15559]  ? _parse_integer_limit+0x170/0x190
[  366.158555][T15559]  ? kstrtoull+0x111/0x140
[  366.158573][T15559]  ? kstrtouint+0x76/0xc0
[  366.158594][T15559]  do_filp_open+0x109/0x230
[  366.158621][T15559]  do_sys_openat2+0xa6/0x110
[  366.158721][T15559]  __x64_sys_openat+0xf2/0x120
[  366.158833][T15559]  x64_sys_call+0x2e9c/0x2ff0
[  366.158857][T15559]  do_syscall_64+0xd2/0x200
[  366.158886][T15559]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  366.158956][T15559]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  366.158983][T15559]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.159018][T15559] RIP: 0033:0x7f69ff8cebe9
[  366.159037][T15559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  366.159057][T15559] RSP: 002b:00007f69fe337038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  366.159122][T15559] RAX: ffffffffffffffda RBX: 00007f69ffaf5fa0 RCX: 00007f69ff8cebe9
[  366.159137][T15559] RDX: 0000000000105480 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  366.159152][T15559] RBP: 00007f69fe337090 R08: 0000000000000000 R09: 0000000000000000
[  366.159166][T15559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  366.159178][T15559] R13: 00007f69ffaf6038 R14: 00007f69ffaf5fa0 R15: 00007ffd4a3fd118
[  366.159197][T15559]  </TASK>
[  366.469439][T12295] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.657227][   T29] kauditd_printk_skb: 280 callbacks suppressed
[  366.657248][   T29] audit: type=1400 audit(1754995127.298:19128): avc:  denied  { name_connect } for  pid=15564 comm="syz.1.4181" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  366.686837][   T29] audit: type=1400 audit(1754995127.328:19129): avc:  denied  { ioctl } for  pid=15564 comm="syz.1.4181" path="socket:[62532]" dev="sockfs" ino=62532 ioctlcmd=0x48c8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  366.721057][T15565] loop3: detected capacity change from 0 to 8192
[  366.763100][   T29] audit: type=1326 audit(1754995127.398:19130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15573 comm="syz.0.4188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  366.787316][   T29] audit: type=1326 audit(1754995127.398:19131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15573 comm="syz.0.4188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  366.812920][   T29] audit: type=1326 audit(1754995127.448:19132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15573 comm="syz.0.4188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  366.836887][   T29] audit: type=1326 audit(1754995127.448:19133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15573 comm="syz.0.4188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  366.860820][   T29] audit: type=1326 audit(1754995127.448:19134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15573 comm="syz.0.4188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  366.929282][   T29] audit: type=1326 audit(1754995127.528:19135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15573 comm="syz.0.4188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  366.953870][   T29] audit: type=1326 audit(1754995127.528:19136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15573 comm="syz.0.4188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  366.978211][   T29] audit: type=1326 audit(1754995127.528:19137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15573 comm="syz.0.4188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  367.067905][T15584] lo speed is unknown, defaulting to 1000
[  367.115084][T15584] siw: device registration error -23
[  367.139604][T15581] lo speed is unknown, defaulting to 1000
[  367.333230][T15581] __nla_validate_parse: 5 callbacks suppressed
[  367.333324][T15581] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4190'.
[  367.524521][T15602] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4196'.
[  367.558857][T15610] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4198'.
[  367.559563][T15605] ˙˙˙˙˙˙: renamed from bond_slave_0 (while UP)
[  367.705397][ T3356] usb usb6-port1: attempt power cycle
[  367.739353][T15631] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4203'.
[  367.772360][T15631] lo speed is unknown, defaulting to 1000
[  367.907172][T15638] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4209'.
[  367.953235][T15644] ˙˙˙˙˙˙: renamed from bond_slave_0 (while UP)
[  368.215150][T15662] lo speed is unknown, defaulting to 1000
[  368.677069][T15668] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4218'.
[  368.698356][T15668] lo speed is unknown, defaulting to 1000
[  368.900841][T15675] loop1: detected capacity change from 0 to 1024
[  368.909615][T15675] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  368.933278][T15675] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  369.101099][T15688] loop5: detected capacity change from 0 to 8192
[  369.129211][T15691] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.4226'.
[  369.139725][T15690] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.4226'.
[  369.309266][T15694] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4227'.
[  369.420862][T15696] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15696 comm=syz.5.4227
[  369.806414][T12295] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.912637][T15709] lo speed is unknown, defaulting to 1000
[  370.140823][ T3356] usb usb6-port1: unable to enumerate USB device
[  370.184137][T15496] vhci_hcd: invalid port number 96
[  370.189554][T15496] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  370.488483][T15736] lo speed is unknown, defaulting to 1000
[  370.631031][T15744] loop5: detected capacity change from 0 to 512
[  370.648233][T15744] EXT4-fs: Ignoring removed mblk_io_submit option
[  370.827720][T15744] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[  370.906504][T15744] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.4244: attempt to clear invalid blocks 2 len 1
[  370.931692][T15744] EXT4-fs (loop5): Remounting filesystem read-only
[  370.939078][T15744] EXT4-fs (loop5): 1 truncate cleaned up
[  370.947169][T15744] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  371.011296][T15745] lo speed is unknown, defaulting to 1000
[  371.085990][T13777] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  371.240266][T15763] FAULT_INJECTION: forcing a failure.
[  371.240266][T15763] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  371.253795][T15763] CPU: 1 UID: 0 PID: 15763 Comm: syz.2.4249 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(voluntary) 
[  371.253830][T15763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  371.253842][T15763] Call Trace:
[  371.253848][T15763]  <TASK>
[  371.253857][T15763]  __dump_stack+0x1d/0x30
[  371.253886][T15763]  dump_stack_lvl+0xe8/0x140
[  371.253972][T15763]  dump_stack+0x15/0x1b
[  371.253988][T15763]  should_fail_ex+0x265/0x280
[  371.254074][T15763]  should_fail+0xb/0x20
[  371.254096][T15763]  should_fail_usercopy+0x1a/0x20
[  371.254123][T15763]  _copy_from_user+0x1c/0xb0
[  371.254150][T15763]  __sys_sendto+0x19e/0x330
[  371.254229][T15763]  __x64_sys_sendto+0x76/0x90
[  371.254277][T15763]  x64_sys_call+0x2d05/0x2ff0
[  371.254303][T15763]  do_syscall_64+0xd2/0x200
[  371.254330][T15763]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  371.254354][T15763]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  371.254437][T15763]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.254463][T15763] RIP: 0033:0x7fafa5dbebe9
[  371.254482][T15763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  371.254524][T15763] RSP: 002b:00007fafa4827038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  371.254568][T15763] RAX: ffffffffffffffda RBX: 00007fafa5fe5fa0 RCX: 00007fafa5dbebe9
[  371.254634][T15763] RDX: 0000000000034000 RSI: 0000200000847fff RDI: 0000000000000003
[  371.254650][T15763] RBP: 00007fafa4827090 R08: 000020000005ffe4 R09: 000000000000001c
[  371.254664][T15763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  371.254676][T15763] R13: 00007fafa5fe6038 R14: 00007fafa5fe5fa0 R15: 00007ffdd4b02968
[  371.254772][T15763]  </TASK>
[  371.529482][T15764] lo speed is unknown, defaulting to 1000
[  371.646253][T15773] lo speed is unknown, defaulting to 1000
[  371.683820][   T29] kauditd_printk_skb: 272 callbacks suppressed
[  371.683846][   T29] audit: type=1326 audit(1754995132.318:19410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15772 comm="syz.3.4251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  371.763056][   T29] audit: type=1326 audit(1754995132.358:19411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15779 comm="syz.0.4253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  371.787675][   T29] audit: type=1326 audit(1754995132.358:19412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15779 comm="syz.0.4253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  371.812661][   T29] audit: type=1326 audit(1754995132.358:19413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15779 comm="syz.0.4253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  371.836796][   T29] audit: type=1326 audit(1754995132.358:19414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15779 comm="syz.0.4253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  371.862112][   T29] audit: type=1326 audit(1754995132.358:19415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15779 comm="syz.0.4253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  371.865796][T15784] lo speed is unknown, defaulting to 1000
[  371.886586][   T29] audit: type=1326 audit(1754995132.358:19416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15779 comm="syz.0.4253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  371.918249][   T29] audit: type=1326 audit(1754995132.358:19417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15779 comm="syz.0.4253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  371.943125][   T29] audit: type=1326 audit(1754995132.358:19418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15779 comm="syz.0.4253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  371.968443][   T29] audit: type=1326 audit(1754995132.358:19419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15779 comm="syz.0.4253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  372.574642][T15796] loop2: detected capacity change from 0 to 2048
[  372.631009][T15796]  loop2: p1 < > p4
[  372.645462][T15796] loop2: p4 size 8388608 extends beyond EOD, truncated
[  372.703125][T15814] lo speed is unknown, defaulting to 1000
[  372.813217][T15824] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4271'.
[  372.951961][T15824] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15824 comm=syz.3.4271
[  372.989989][T15826] lo speed is unknown, defaulting to 1000
[  373.332634][T15830] lo speed is unknown, defaulting to 1000
[  373.405646][ T3410] usb usb6-port1: attempt power cycle
[  373.598060][T15837] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4274'.
[  373.686883][T15844] netlink: 96 bytes leftover after parsing attributes in process `syz.3.4275'.
[  374.538885][T15870] lo speed is unknown, defaulting to 1000
[  375.259648][T15879] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4286'.
[  375.512991][T15887] siw: device registration error -23
[  375.541234][T15883] lo speed is unknown, defaulting to 1000
[  376.175962][T15890] lo speed is unknown, defaulting to 1000
[  376.264802][T15884] lo speed is unknown, defaulting to 1000
[  376.438490][T15904] loop2: detected capacity change from 0 to 2048
[  376.486856][T15904]  loop2: p1 < > p4
[  376.491890][T15904] loop2: p4 size 8388608 extends beyond EOD, truncated
[  376.608921][T15915] loop2: detected capacity change from 0 to 512
[  376.881887][   T29] kauditd_printk_skb: 171 callbacks suppressed
[  376.881909][   T29] audit: type=1326 audit(1754995137.518:19591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15930 comm="syz.3.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  376.947385][T15934] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15934 comm=syz.2.4304
[  376.977746][T15935] lo speed is unknown, defaulting to 1000
[  377.245618][ T3410] usb usb6-port1: unable to enumerate USB device
[  377.255851][T15752] vhci_hcd: invalid port number 96
[  377.261016][T15752] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  377.324942][   T29] audit: type=1326 audit(1754995137.548:19592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15930 comm="syz.3.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  377.349299][   T29] audit: type=1326 audit(1754995137.548:19593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15930 comm="syz.3.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  377.373769][   T29] audit: type=1326 audit(1754995137.548:19594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15930 comm="syz.3.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  377.397846][   T29] audit: type=1326 audit(1754995137.548:19595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15930 comm="syz.3.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  377.422154][   T29] audit: type=1326 audit(1754995137.548:19596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15930 comm="syz.3.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  377.426420][T15951] loop5: detected capacity change from 0 to 512
[  377.446752][   T29] audit: type=1326 audit(1754995137.548:19597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15930 comm="syz.3.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  377.454811][T15951] EXT4-fs: Ignoring removed mblk_io_submit option
[  377.477862][   T29] audit: type=1326 audit(1754995137.548:19598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15930 comm="syz.3.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  377.477900][   T29] audit: type=1326 audit(1754995137.548:19599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15930 comm="syz.3.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  377.533096][   T29] audit: type=1326 audit(1754995137.548:19600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15930 comm="syz.3.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  377.559788][T15951] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[  377.569579][T15951] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.4312: attempt to clear invalid blocks 2 len 1
[  377.591969][T15951] EXT4-fs (loop5): Remounting filesystem read-only
[  377.606513][T15951] EXT4-fs (loop5): 1 truncate cleaned up
[  377.618740][T15951] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  377.658409][T15963] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4316'.
[  377.718983][T15963] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15963 comm=syz.0.4316
[  377.756000][T15969] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4319'.
[  377.803475][T13777] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.847451][T15975] netlink: 8 bytes leftover after parsing attributes in process `gtp'.
[  377.871173][T15979] loop5: detected capacity change from 0 to 2048
[  377.874052][T15977] loop2: detected capacity change from 0 to 2364
[  377.895350][T15977] iso9660: Unknown parameter 'sh¨wassoc'
[  377.937535][T15979]  loop5: p1 < > p4
[  377.949049][T15979] loop5: p4 size 8388608 extends beyond EOD, truncated
[  377.983648][T15985] vhci_hcd: invalid port number 96
[  377.988919][T15985] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  378.069626][T15989] lo speed is unknown, defaulting to 1000
[  378.152621][T15999] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4331'.
[  378.228821][T15994] lo speed is unknown, defaulting to 1000
[  378.281023][T15999] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15999 comm=syz.5.4331
[  378.298770][T16000] siw: device registration error -23
[  378.318157][T16005] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4332'.
[  378.603669][T16015] netlink: 8 bytes leftover after parsing attributes in process `gtp'.
[  378.632647][T16017] FAULT_INJECTION: forcing a failure.
[  378.632647][T16017] name failslab, interval 1, probability 0, space 0, times 0
[  378.645834][T16017] CPU: 1 UID: 0 PID: 16017 Comm: syz.5.4337 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(voluntary) 
[  378.645868][T16017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  378.645917][T16017] Call Trace:
[  378.645926][T16017]  <TASK>
[  378.645936][T16017]  __dump_stack+0x1d/0x30
[  378.646015][T16017]  dump_stack_lvl+0xe8/0x140
[  378.646036][T16017]  dump_stack+0x15/0x1b
[  378.646160][T16017]  should_fail_ex+0x265/0x280
[  378.646196][T16017]  ? alloc_fs_context+0x44/0x4e0
[  378.646220][T16017]  should_failslab+0x8c/0xb0
[  378.646246][T16017]  __kmalloc_cache_noprof+0x4c/0x320
[  378.646545][T16017]  alloc_fs_context+0x44/0x4e0
[  378.646575][T16017]  fs_context_for_mount+0x22/0x30
[  378.646594][T16017]  do_new_mount+0xe9/0x5e0
[  378.646617][T16017]  ? security_capable+0x83/0x90
[  378.646643][T16017]  path_mount+0x4a4/0xb20
[  378.646693][T16017]  ? user_path_at+0x109/0x130
[  378.646828][T16017]  __se_sys_mount+0x28f/0x2e0
[  378.646854][T16017]  ? fput+0x8f/0xc0
[  378.646945][T16017]  __x64_sys_mount+0x67/0x80
[  378.646972][T16017]  x64_sys_call+0x2b4d/0x2ff0
[  378.646999][T16017]  do_syscall_64+0xd2/0x200
[  378.647031][T16017]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  378.647107][T16017]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  378.647135][T16017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  378.647238][T16017] RIP: 0033:0x7fb8b00debe9
[  378.647258][T16017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  378.647281][T16017] RSP: 002b:00007fb8aeb3f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  378.647306][T16017] RAX: ffffffffffffffda RBX: 00007fb8b0305fa0 RCX: 00007fb8b00debe9
[  378.647320][T16017] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 0000000000000000
[  378.647335][T16017] RBP: 00007fb8aeb3f090 R08: 0000200000000080 R09: 0000000000000000
[  378.647419][T16017] R10: 0000000002004000 R11: 0000000000000246 R12: 0000000000000001
[  378.647432][T16017] R13: 00007fb8b0306038 R14: 00007fb8b0305fa0 R15: 00007ffdd85f61b8
[  378.647454][T16017]  </TASK>
[  379.030475][T16031] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4342'.
[  379.057427][T16033] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4344'.
[  379.079238][T16033] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16033 comm=syz.5.4344
[  379.153151][T16039] netlink: 8 bytes leftover after parsing attributes in process `gtp'.
[  379.219065][T16042] lo speed is unknown, defaulting to 1000
[  379.268779][T16042] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4349'.
[  379.416694][T16052] lo speed is unknown, defaulting to 1000
[  379.803009][T16059] lo speed is unknown, defaulting to 1000
[  379.834094][T16059] siw: device registration error -23
[  380.157022][T16067] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4358'.
[  380.175804][T16067] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16067 comm=syz.5.4358
[  380.276854][T16073] netlink: 8 bytes leftover after parsing attributes in process `gtp'.
[  380.623925][T16097] lo speed is unknown, defaulting to 1000
[  380.983031][ T7199] usb usb6-port1: attempt power cycle
[  381.056520][T16096] lo speed is unknown, defaulting to 1000
[  381.091717][T16096] siw: device registration error -23
[  381.105548][T16103] loop2: detected capacity change from 0 to 2048
[  381.155543][T16103]  loop2: p1 < > p4
[  381.160668][T16103] loop2: p4 size 8388608 extends beyond EOD, truncated
[  381.191694][T16106] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16106 comm=syz.3.4371
[  381.467715][T16118] lo speed is unknown, defaulting to 1000
[  381.818756][T16138] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16138 comm=syz.2.4383
[  381.895198][   T29] kauditd_printk_skb: 283 callbacks suppressed
[  381.895231][   T29] audit: type=1326 audit(1754995142.538:19884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16139 comm="syz.3.4384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  381.942057][   T29] audit: type=1326 audit(1754995142.538:19885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16139 comm="syz.3.4384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  382.005440][   T29] audit: type=1326 audit(1754995142.598:19886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16139 comm="syz.3.4384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  382.084434][   T29] audit: type=1326 audit(1754995142.718:19887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16139 comm="syz.3.4384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  382.135611][   T29] audit: type=1326 audit(1754995142.758:19888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16139 comm="syz.3.4384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  382.529580][T16169] lo speed is unknown, defaulting to 1000
[  382.600995][T16172] siw: device registration error -23
[  382.799340][   T29] audit: type=1326 audit(1754995143.438:19889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16182 comm="syz.0.4398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  382.861865][   T29] audit: type=1326 audit(1754995143.468:19890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16182 comm="syz.0.4398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  382.886463][   T29] audit: type=1326 audit(1754995143.468:19891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16182 comm="syz.0.4398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  382.911021][   T29] audit: type=1326 audit(1754995143.468:19892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16182 comm="syz.0.4398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  382.935496][   T29] audit: type=1326 audit(1754995143.468:19893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16182 comm="syz.0.4398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  382.987537][ T7199] usb usb6-port1: unable to enumerate USB device
[  383.196139][T16197] loop2: detected capacity change from 0 to 1024
[  383.236124][T16197] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  383.286787][T16197] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  383.499801][T16216] __nla_validate_parse: 8 callbacks suppressed
[  383.499824][T16216] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4407'.
[  383.681205][T16234] netlink: 'syz.3.4414': attribute type 1 has an invalid length.
[  383.718232][T16238] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4415'.
[  383.768387][T16243] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4416'.
[  384.183669][T16251] lo speed is unknown, defaulting to 1000
[  384.291228][T16249] lo speed is unknown, defaulting to 1000
[  384.392211][T13092] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.607782][T16256] loop5: detected capacity change from 0 to 512
[  384.617043][T16256] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  384.762029][T16256] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  384.778099][T16256] ext4 filesystem being mounted at /192/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  384.797961][T16256] FAULT_INJECTION: forcing a failure.
[  384.797961][T16256] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  384.811775][T16256] CPU: 0 UID: 0 PID: 16256 Comm: syz.5.4422 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(voluntary) 
[  384.811820][T16256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  384.811833][T16256] Call Trace:
[  384.811890][T16256]  <TASK>
[  384.811900][T16256]  __dump_stack+0x1d/0x30
[  384.811928][T16256]  dump_stack_lvl+0xe8/0x140
[  384.811950][T16256]  dump_stack+0x15/0x1b
[  384.811968][T16256]  should_fail_ex+0x265/0x280
[  384.812046][T16256]  should_fail_alloc_page+0xf2/0x100
[  384.812153][T16256]  __alloc_frozen_pages_noprof+0xff/0x360
[  384.812228][T16256]  alloc_pages_mpol+0xb3/0x250
[  384.812353][T16256]  folio_alloc_noprof+0x97/0x150
[  384.812450][T16256]  filemap_alloc_folio_noprof+0x66/0x210
[  384.812509][T16256]  __filemap_get_folio+0x28f/0x6b0
[  384.812541][T16256]  ? ext4_chunk_trans_extent+0x178/0x1a0
[  384.812649][T16256]  ext4_write_begin+0x2e9/0xe70
[  384.812677][T16256]  ext4_da_write_begin+0x1fb/0x6e0
[  384.812703][T16256]  ? balance_dirty_pages_ratelimited_flags+0x40b/0x5e0
[  384.812766][T16256]  generic_perform_write+0x184/0x490
[  384.812795][T16256]  ext4_buffered_write_iter+0x1ee/0x3c0
[  384.812863][T16256]  ? ext4_file_write_iter+0xfe/0xf00
[  384.812890][T16256]  ext4_file_write_iter+0x383/0xf00
[  384.813011][T16256]  ? 0xffffffff81000000
[  384.813029][T16256]  ? __rcu_read_unlock+0x4f/0x70
[  384.813049][T16256]  ? avc_policy_seqno+0x15/0x30
[  384.813085][T16256]  ? selinux_file_permission+0x1e4/0x320
[  384.813143][T16256]  ? __pfx_ext4_file_write_iter+0x10/0x10
[  384.813182][T16256]  vfs_write+0x52a/0x960
[  384.813283][T16256]  __x64_sys_pwrite64+0xfd/0x150
[  384.813385][T16256]  x64_sys_call+0xc4d/0x2ff0
[  384.813444][T16256]  do_syscall_64+0xd2/0x200
[  384.813473][T16256]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  384.813499][T16256]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  384.813535][T16256]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.813558][T16256] RIP: 0033:0x7fb8b00debe9
[  384.813576][T16256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  384.813596][T16256] RSP: 002b:00007fb8aeb3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  384.813621][T16256] RAX: ffffffffffffffda RBX: 00007fb8b0305fa0 RCX: 00007fb8b00debe9
[  384.813635][T16256] RDX: 00000000200000c1 RSI: 00002000000000c0 RDI: 0000000000000008
[  384.813696][T16256] RBP: 00007fb8aeb3f090 R08: 0000000000000000 R09: 0000000000000000
[  384.813711][T16256] R10: 0000000000009000 R11: 0000000000000246 R12: 0000000000000001
[  384.813779][T16256] R13: 00007fb8b0306038 R14: 00007fb8b0305fa0 R15: 00007ffdd85f61b8
[  384.813801][T16256]  </TASK>
[  385.111944][T16275] lo speed is unknown, defaulting to 1000
[  385.208063][T13777] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.262722][T16284] loop5: detected capacity change from 0 to 2364
[  385.270272][T16284] iso9660: Unknown parameter 'sh¨wassoc'
[  385.448836][T16290] lo speed is unknown, defaulting to 1000
[  385.734826][T16292] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4434'.
[  385.871971][T16299] lo speed is unknown, defaulting to 1000
[  386.382849][T16312] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4439'.
[  386.396288][T16313] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4438'.
[  386.561339][T16324] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4445'.
[  386.573912][T16305] lo speed is unknown, defaulting to 1000
[  386.588232][T16321] loop2: detected capacity change from 0 to 2048
[  386.626048][T16321]  loop2: p1 < > p4
[  386.636463][T16321] loop2: p4 size 8388608 extends beyond EOD, truncated
[  386.700545][T16331] netlink: 8 bytes leftover after parsing attributes in process `gtp'.
[  387.007567][T16343] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4453'.
[  387.061479][T16347] loop5: detected capacity change from 0 to 2364
[  387.070393][T16347] iso9660: Unknown parameter 'sh¨wassoc'
[  387.076485][   T29] kauditd_printk_skb: 162 callbacks suppressed
[  387.076550][   T29] audit: type=1326 audit(1754995147.708:20056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16348 comm="syz.0.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  387.106602][   T29] audit: type=1326 audit(1754995147.708:20057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16348 comm="syz.0.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  387.132293][   T29] audit: type=1326 audit(1754995147.708:20058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16348 comm="syz.0.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  387.157621][   T29] audit: type=1326 audit(1754995147.708:20059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16348 comm="syz.0.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  387.182141][   T29] audit: type=1326 audit(1754995147.708:20060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16348 comm="syz.0.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  387.206958][   T29] audit: type=1326 audit(1754995147.708:20061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16348 comm="syz.0.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  387.232065][   T29] audit: type=1326 audit(1754995147.708:20062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16348 comm="syz.0.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  387.257054][   T29] audit: type=1326 audit(1754995147.708:20063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16348 comm="syz.0.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  387.281504][   T29] audit: type=1326 audit(1754995147.708:20064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16348 comm="syz.0.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  387.305997][   T29] audit: type=1326 audit(1754995147.708:20065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16348 comm="syz.0.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  387.396629][T16353] lo speed is unknown, defaulting to 1000
[  387.602474][T16355] loop5: detected capacity change from 0 to 512
[  387.632229][T16355] EXT4-fs: Ignoring removed mblk_io_submit option
[  387.643001][T16357] netlink: 8 bytes leftover after parsing attributes in process `gtp'.
[  387.656229][T16355] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[  387.784051][T16355] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.4458: attempt to clear invalid blocks 2 len 1
[  387.816047][T16355] EXT4-fs (loop5): Remounting filesystem read-only
[  387.823223][T16355] EXT4-fs (loop5): 1 truncate cleaned up
[  387.830019][T16355] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  387.882771][T13777] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  388.035734][T16379] lo speed is unknown, defaulting to 1000
[  388.357604][T16396] lo speed is unknown, defaulting to 1000
[  388.791714][T16401] loop1: detected capacity change from 0 to 512
[  388.798872][T16401] EXT4-fs: Ignoring removed mblk_io_submit option
[  388.814305][T16401] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  388.823820][T16401] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.4473: attempt to clear invalid blocks 2 len 1
[  388.840447][T16401] EXT4-fs (loop1): Remounting filesystem read-only
[  388.847691][T16401] EXT4-fs (loop1): 1 truncate cleaned up
[  388.854048][T16401] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  388.882676][T12295] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  388.895457][   T10] usb usb6-port1: attempt power cycle
[  388.905054][T16409] loop1: detected capacity change from 0 to 164
[  388.918793][T16409] syz.1.4476: attempt to access beyond end of device
[  388.918793][T16409] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  388.933519][T16409] syz.1.4476: attempt to access beyond end of device
[  388.933519][T16409] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[  389.054400][T16417] lo speed is unknown, defaulting to 1000
[  389.088619][T16424] __nla_validate_parse: 1 callbacks suppressed
[  389.088639][T16424] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4479'.
[  389.104579][T16424] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  389.112271][T16424] batman_adv: batadv0: Removing interface: batadv_slave_0
[  389.130623][T16424] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  389.138642][T16424] batman_adv: batadv0: Removing interface: batadv_slave_1
[  389.274102][T16440] loop1: detected capacity change from 0 to 512
[  389.282113][T16440] EXT4-fs: Ignoring removed mblk_io_submit option
[  389.290307][T16440] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  389.299935][T16440] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.4486: attempt to clear invalid blocks 2 len 1
[  389.323520][T16440] EXT4-fs (loop1): Remounting filesystem read-only
[  389.378569][T16443] lo speed is unknown, defaulting to 1000
[  389.496941][T16440] EXT4-fs (loop1): 1 truncate cleaned up
[  389.553877][T16440] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  389.774847][T12295] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  390.321125][T16478] lo speed is unknown, defaulting to 1000
[  390.722719][T16480] loop5: detected capacity change from 0 to 8192
[  390.785308][T16480]  loop5: p2 p3 p4
[  390.789166][T16480] loop5: p2 start 2936012800 is beyond EOD, truncated
[  390.796138][T16480] loop5: p3 start 1912602624 is beyond EOD, truncated
[  390.803021][T16480] loop5: p4 size 656640 extends beyond EOD, truncated
[  390.830862][T16487] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.4503'.
[  390.857426][   T10] usb usb6-port1: unable to enumerate USB device
[  390.913093][T16491] loop2: detected capacity change from 0 to 1024
[  390.923604][T16491] ext4: Unknown parameter 'appraise_type'
[  391.050570][T16502] loop1: detected capacity change from 0 to 512
[  391.057844][T16497] vhci_hcd: invalid port number 96
[  391.064006][T16497] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  391.065689][T16502] EXT4-fs: Ignoring removed mblk_io_submit option
[  391.095900][T16502] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  391.116145][T16502] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.4507: attempt to clear invalid blocks 2 len 1
[  391.155509][T16502] EXT4-fs (loop1): Remounting filesystem read-only
[  391.164557][T16502] EXT4-fs (loop1): 1 truncate cleaned up
[  391.178202][T16502] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  391.207455][T12295] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  391.321401][T16519] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4514'.
[  391.421023][T16521] lo speed is unknown, defaulting to 1000
[  391.695967][T16524] loop1: detected capacity change from 0 to 8192
[  391.725580][T16524]  loop1: p2 p3 p4
[  391.731853][T16524] loop1: p2 start 2936012800 is beyond EOD, truncated
[  391.738991][T16524] loop1: p3 start 1912602624 is beyond EOD, truncated
[  391.746283][T16524] loop1: p4 size 656640 extends beyond EOD, truncated
[  391.841024][T16529] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4517'.
[  391.853036][T16529] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4517'.
[  391.864105][T16529] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4517'.
[  392.146122][T16543] lo speed is unknown, defaulting to 1000
[  392.380494][T16547] loop1: detected capacity change from 0 to 512
[  392.438151][T16547] EXT4-fs: Ignoring removed mblk_io_submit option
[  392.517702][T16547] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  392.528365][T16547] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.4523: attempt to clear invalid blocks 2 len 1
[  392.544548][T16547] EXT4-fs (loop1): Remounting filesystem read-only
[  392.553413][T16547] EXT4-fs (loop1): 1 truncate cleaned up
[  392.555319][T16556] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16556 comm=syz.0.4526
[  392.559865][T16547] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  392.587840][   T29] kauditd_printk_skb: 412 callbacks suppressed
[  392.587860][   T29] audit: type=1400 audit(1754995153.228:20478): avc:  denied  { ioctl } for  pid=16553 comm="syz.5.4525" path="socket:[65280]" dev="sockfs" ino=65280 ioctlcmd=0x9367 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  392.629833][T12295] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  392.657105][   T29] audit: type=1326 audit(1754995153.298:20479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16560 comm="syz.0.4529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  392.681889][   T29] audit: type=1326 audit(1754995153.298:20480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16560 comm="syz.0.4529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  392.706375][   T29] audit: type=1326 audit(1754995153.298:20481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16560 comm="syz.0.4529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  392.730251][   T29] audit: type=1326 audit(1754995153.298:20482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16560 comm="syz.0.4529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  392.755468][   T29] audit: type=1326 audit(1754995153.298:20483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16560 comm="syz.0.4529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  392.824705][   T29] audit: type=1326 audit(1754995153.298:20484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16560 comm="syz.0.4529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  392.849035][   T29] audit: type=1326 audit(1754995153.298:20485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16560 comm="syz.0.4529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  392.873598][   T29] audit: type=1326 audit(1754995153.298:20486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16560 comm="syz.0.4529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  392.897979][   T29] audit: type=1326 audit(1754995153.298:20487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16560 comm="syz.0.4529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  392.926431][T16561] loop1: detected capacity change from 0 to 512
[  392.936233][ T3384] usb usb6-port1: attempt power cycle
[  392.942050][T16561] EXT4-fs: user quota file already specified
[  392.988643][T16572] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4530'.
[  393.010477][   T10] hid_parser_main: 29 callbacks suppressed
[  393.010500][   T10] hid-generic 0000:0004:0000.0005: unknown main item tag 0x0
[  393.012259][T16572] lo speed is unknown, defaulting to 1000
[  393.017071][   T10] hid-generic 0000:0004:0000.0005: unknown main item tag 0x0
[  393.038119][   T10] hid-generic 0000:0004:0000.0005: unknown main item tag 0x0
[  393.090432][   T10] hid-generic 0000:0004:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  393.209156][T16590] loop1: detected capacity change from 0 to 512
[  393.218402][T16590] EXT4-fs: Ignoring removed mblk_io_submit option
[  393.231680][T16595] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16595 comm=syz.3.4539
[  393.249085][T16590] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  393.258910][T16590] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.4537: attempt to clear invalid blocks 2 len 1
[  393.285738][T16590] EXT4-fs (loop1): Remounting filesystem read-only
[  393.305126][T16590] EXT4-fs (loop1): 1 truncate cleaned up
[  393.313288][T16590] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  393.349099][T12295] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  393.381696][T16604] loop1: detected capacity change from 0 to 1024
[  393.390787][T16604] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  393.418069][T16604] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  394.018836][T16633] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16633 comm=syz.0.4550
[  394.044616][T16634] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4548'.
[  394.071647][T16634] lo speed is unknown, defaulting to 1000
[  394.170184][T16642] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4553'.
[  394.209098][T16648] loop5: detected capacity change from 0 to 2048
[  394.232703][T12295] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  394.276132][T16648]  loop5: p1 < > p4
[  394.342007][T16648] loop5: p4 size 8388608 extends beyond EOD, truncated
[  394.413739][T16664] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4561'.
[  394.424213][T16664] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16664 comm=syz.5.4561
[  394.491574][T16666] lo speed is unknown, defaulting to 1000
[  394.785104][T16669] loop5: detected capacity change from 0 to 512
[  394.811397][T16669] EXT4-fs: Ignoring removed mblk_io_submit option
[  394.835800][ T3384] usb usb6-port1: unable to enumerate USB device
[  394.897719][T16669] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[  394.906998][T16669] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.4562: attempt to clear invalid blocks 2 len 1
[  394.930134][T16669] EXT4-fs (loop5): Remounting filesystem read-only
[  394.937234][T16669] EXT4-fs (loop5): 1 truncate cleaned up
[  394.943632][T16669] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  394.964847][T16676] loop2: detected capacity change from 0 to 736
[  394.972767][T16676] iso9660: Unknown parameter 'syzkaller'
[  394.972906][T13777] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  395.004421][T16676] loop2: detected capacity change from 0 to 1024
[  395.017231][T16681] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4566'.
[  395.153838][T16691] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4572'.
[  395.163748][T16687] loop2: detected capacity change from 0 to 2048
[  395.172466][T16691] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16691 comm=syz.5.4572
[  395.228218][T16687]  loop2: p1 < > p4
[  395.232960][T16687] loop2: p4 size 8388608 extends beyond EOD, truncated
[  395.265645][T16696] vhci_hcd: invalid port number 96
[  395.271193][T16696] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  395.337497][T16705] loop2: detected capacity change from 0 to 512
[  395.350009][T16705] EXT4-fs: Ignoring removed mblk_io_submit option
[  395.374271][T16705] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13
[  395.387190][T16710] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4579'.
[  395.406386][T16705] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.4576: attempt to clear invalid blocks 2 len 1
[  395.431396][T16705] EXT4-fs (loop2): Remounting filesystem read-only
[  395.438996][T16705] EXT4-fs (loop2): 1 truncate cleaned up
[  395.445841][T16705] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  395.486886][T13092] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  395.497563][T16716] loop5: detected capacity change from 0 to 1024
[  395.504602][T16716] EXT4-fs: Ignoring removed nobh option
[  395.521624][T16716] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  395.529540][T16719] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16719 comm=syz.3.4584
[  395.531063][T16716] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  395.554271][T16716] EXT4-fs (loop5): filesystem has both journal inode and journal device!
[  395.556052][T16719] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4584'.
[  395.593319][T16723] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4585'.
[  395.604856][T16723] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16723 comm=syz.2.4585
[  395.869856][T16732] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4587'.
[  396.054628][T16732] lo speed is unknown, defaulting to 1000
[  396.736895][T16783] loop2: detected capacity change from 0 to 8192
[  396.812892][T16788] lo speed is unknown, defaulting to 1000
[  396.862585][T16788] siw: device registration error -23
[  397.480771][T16817] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4619'.
[  397.510933][T16821] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4617'.
[  397.650711][   T29] kauditd_printk_skb: 255 callbacks suppressed
[  397.650733][   T29] audit: type=1326 audit(1754995158.288:20743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16825 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f444cf8d69f code=0x7ffc0000
[  397.697362][   T29] audit: type=1326 audit(1754995158.338:20744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16825 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f444cf8ec77 code=0x7ffc0000
[  397.729397][   T29] audit: type=1326 audit(1754995158.338:20745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16825 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f444cf8d550 code=0x7ffc0000
[  397.754300][   T29] audit: type=1326 audit(1754995158.338:20746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16825 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f444cf8d84a code=0x7ffc0000
[  397.778518][   T29] audit: type=1326 audit(1754995158.338:20747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16825 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  397.803513][   T29] audit: type=1326 audit(1754995158.338:20748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16825 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  397.836011][ T3383] usb usb6-port1: attempt power cycle
[  397.863674][   T29] audit: type=1326 audit(1754995158.468:20749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16825 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  397.888392][   T29] audit: type=1326 audit(1754995158.468:20750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16825 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  397.913339][   T29] audit: type=1326 audit(1754995158.468:20751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16825 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444cf8ebe9 code=0x7ffc0000
[  397.927398][T16827] lo speed is unknown, defaulting to 1000
[  398.018678][T16811] Set syz1 is full, maxelem 65536 reached
[  398.095267][T16834] siw: device registration error -23
[  398.149465][T16831] lo speed is unknown, defaulting to 1000
[  398.214959][   T29] audit: type=1326 audit(1754995158.848:20752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16841 comm="syz.0.4627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69ff8cebe9 code=0x7ffc0000
[  398.526733][T16850] lo speed is unknown, defaulting to 1000
[  398.575496][T16850] siw: device registration error -23
[  399.121030][T16868] loop5: detected capacity change from 0 to 512
[  399.272826][T16874] lo speed is unknown, defaulting to 1000
[  399.378067][T16874] __nla_validate_parse: 2 callbacks suppressed
[  399.378089][T16874] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4633'.
[  399.502500][T16871] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4638'.
[  399.646612][T16875] lo speed is unknown, defaulting to 1000
[  399.815391][ T3383] usb usb6-port1: unable to enumerate USB device
[  400.110287][T16900] lo speed is unknown, defaulting to 1000
[  400.541520][T16911] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4651'.
[  400.622355][T16917] loop5: detected capacity change from 0 to 8192
[  400.742985][T16921] netlink: 80 bytes leftover after parsing attributes in process `syz.2.4657'.
[  400.768963][T16928] loop1: detected capacity change from 0 to 512
[  400.776882][T16928] EXT4-fs: Ignoring removed mblk_io_submit option
[  400.792074][T16928] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  400.801325][T16928] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.4659: attempt to clear invalid blocks 2 len 1
[  400.817399][T16928] EXT4-fs (loop1): Remounting filesystem read-only
[  400.824905][T16928] EXT4-fs (loop1): 1 truncate cleaned up
[  400.847356][T16928] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  400.876648][T16941] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4663'.
[  400.892644][T12295] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  401.014064][T16963] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4670'.
[  401.025103][T16963] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  401.032584][T16963] batman_adv: batadv0: Removing interface: batadv_slave_0
[  401.053060][T16963] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  401.061245][T16963] batman_adv: batadv0: Removing interface: batadv_slave_1
[  401.425763][T16973] lo speed is unknown, defaulting to 1000
[  401.476229][T16973] siw: device registration error -23
[  401.871685][T16983] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4674'.
[  401.882616][T16982] loop2: detected capacity change from 0 to 8192
[  401.897499][T16983] lo speed is unknown, defaulting to 1000
[  401.915569][T16982]  loop2: p2 p3 p4
[  401.919575][T16982] loop2: p2 start 2936012800 is beyond EOD, truncated
[  401.927255][T16982] loop2: p3 start 1912602624 is beyond EOD, truncated
[  401.934406][T16982] loop2: p4 size 656640 extends beyond EOD, truncated
[  402.014639][T16987] loop2: detected capacity change from 0 to 8192
[  402.116164][T16997] loop2: detected capacity change from 0 to 512
[  402.123002][T16997] EXT4-fs: Ignoring removed nobh option
[  402.131079][T16997] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.4679: iget: bad i_size value: 38620345925642
[  402.144280][T16997] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.4679: couldn't read orphan inode 15 (err -117)
[  402.157772][T16997] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  402.178662][T16997] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz.2.4679: iget: bad i_size value: 38620345925642
[  402.193945][T17003] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4682'.
[  402.219259][T13092] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  402.309150][T17006] lo speed is unknown, defaulting to 1000
[  402.411440][T17008] loop2: detected capacity change from 0 to 8192
[  402.610459][T17019] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4687'.
[  402.646344][T17019] lo speed is unknown, defaulting to 1000
[  403.001936][ T3383] usb usb6-port1: attempt power cycle
[  403.703305][T17035] lo speed is unknown, defaulting to 1000
[  403.873263][T17040] FAULT_INJECTION: forcing a failure.
[  403.873263][T17040] name failslab, interval 1, probability 0, space 0, times 0
[  403.886501][T17040] CPU: 0 UID: 0 PID: 17040 Comm: syz.1.4693 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(voluntary) 
[  403.886538][T17040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  403.886554][T17040] Call Trace:
[  403.886564][T17040]  <TASK>
[  403.886574][T17040]  __dump_stack+0x1d/0x30
[  403.886655][T17040]  dump_stack_lvl+0xe8/0x140
[  403.886677][T17040]  dump_stack+0x15/0x1b
[  403.886709][T17040]  should_fail_ex+0x265/0x280
[  403.886734][T17040]  should_failslab+0x8c/0xb0
[  403.886772][T17040]  __kmalloc_noprof+0xa5/0x3e0
[  403.886811][T17040]  ? sk_prot_alloc+0xa8/0x190
[  403.886834][T17040]  ? should_fail_ex+0xdb/0x280
[  403.886907][T17040]  sk_prot_alloc+0xa8/0x190
[  403.886929][T17040]  sk_alloc+0x34/0x360
[  403.886951][T17040]  bpf_prog_test_run_skb+0x234/0xbd0
[  403.886988][T17040]  ? __rcu_read_unlock+0x4f/0x70
[  403.887020][T17040]  ? __fget_files+0x184/0x1c0
[  403.887048][T17040]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  403.887160][T17040]  bpf_prog_test_run+0x227/0x390
[  403.887193][T17040]  __sys_bpf+0x4b9/0x7b0
[  403.887284][T17040]  __x64_sys_bpf+0x41/0x50
[  403.887390][T17040]  x64_sys_call+0x2aea/0x2ff0
[  403.887416][T17040]  do_syscall_64+0xd2/0x200
[  403.887515][T17040]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  403.887542][T17040]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  403.887629][T17040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.887657][T17040] RIP: 0033:0x7f85e011ebe9
[  403.887677][T17040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  403.887707][T17040] RSP: 002b:00007f85deb7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  403.887732][T17040] RAX: ffffffffffffffda RBX: 00007f85e0345fa0 RCX: 00007f85e011ebe9
[  403.887747][T17040] RDX: 0000000000000050 RSI: 0000200000000240 RDI: 000000000000000a
[  403.887762][T17040] RBP: 00007f85deb7f090 R08: 0000000000000000 R09: 0000000000000000
[  403.887777][T17040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  403.887791][T17040] R13: 00007f85e0346038 R14: 00007f85e0345fa0 R15: 00007ffdee977c28
[  403.887821][T17040]  </TASK>
[  404.245198][T17046] loop2: detected capacity change from 0 to 2364
[  404.250318][T17024] Set syz1 is full, maxelem 65536 reached
[  404.252594][T17046] iso9660: Unknown parameter 'sh¨wassoc'
[  404.275428][T17042] loop1: detected capacity change from 0 to 8192
[  404.289057][T17046] 9pnet_fd: Insufficient options for proto=fd
[  404.304542][   T29] kauditd_printk_skb: 230 callbacks suppressed
[  404.304561][   T29] audit: type=1326 audit(1754995164.938:20983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17049 comm="syz.3.4698" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f444cf8ebe9 code=0x0
[  404.360014][T17053] loop2: detected capacity change from 0 to 1024
[  404.368151][T17053] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  404.388107][T17056] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4700'.
[  404.404441][T17053] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  404.430930][T17056] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17056 comm=syz.1.4700
[  404.471352][T13092] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  404.487694][T17062] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4703'.
[  404.513129][T17062] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17062 comm=syz.0.4703
[  404.598410][T17083] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4704'.
[  404.632168][T17085] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4708'.
[  404.640806][T17083] lo speed is unknown, defaulting to 1000
[  404.641824][T17085] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  404.655296][T17085] batman_adv: batadv0: Removing interface: batadv_slave_0
[  404.663424][T17085] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  404.671449][T17085] batman_adv: batadv0: Removing interface: batadv_slave_1
[  404.805667][T17095] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4712'.
[  404.815920][T17097] FAULT_INJECTION: forcing a failure.
[  404.815920][T17097] name failslab, interval 1, probability 0, space 0, times 0
[  404.829237][T17097] CPU: 0 UID: 0 PID: 17097 Comm: syz.2.4713 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(voluntary) 
[  404.829297][T17097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  404.829313][T17097] Call Trace:
[  404.829322][T17097]  <TASK>
[  404.829331][T17097]  __dump_stack+0x1d/0x30
[  404.829358][T17097]  dump_stack_lvl+0xe8/0x140
[  404.829376][T17097]  dump_stack+0x15/0x1b
[  404.829470][T17097]  should_fail_ex+0x265/0x280
[  404.829490][T17097]  should_failslab+0x8c/0xb0
[  404.829517][T17097]  __kmalloc_noprof+0xa5/0x3e0
[  404.829544][T17097]  ? sk_prot_alloc+0xa8/0x190
[  404.829586][T17097]  ? should_fail_ex+0xdb/0x280
[  404.829604][T17097]  sk_prot_alloc+0xa8/0x190
[  404.829622][T17097]  sk_alloc+0x34/0x360
[  404.829639][T17097]  bpf_prog_test_run_skb+0x234/0xbd0
[  404.829740][T17097]  ? __rcu_read_unlock+0x4f/0x70
[  404.829761][T17097]  ? __fget_files+0x184/0x1c0
[  404.829841][T17097]  ? __rcu_read_unlock+0x4f/0x70
[  404.829862][T17097]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  404.829890][T17097]  bpf_prog_test_run+0x227/0x390
[  404.829952][T17097]  __sys_bpf+0x4b9/0x7b0
[  404.829989][T17097]  __x64_sys_bpf+0x41/0x50
[  404.830011][T17097]  x64_sys_call+0x2aea/0x2ff0
[  404.830030][T17097]  do_syscall_64+0xd2/0x200
[  404.830115][T17097]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  404.830157][T17097]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  404.830236][T17097]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.830304][T17097] RIP: 0033:0x7fafa5dbebe9
[  404.830320][T17097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  404.830358][T17097] RSP: 002b:00007fafa4827038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  404.830379][T17097] RAX: ffffffffffffffda RBX: 00007fafa5fe5fa0 RCX: 00007fafa5dbebe9
[  404.830391][T17097] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[  404.830404][T17097] RBP: 00007fafa4827090 R08: 0000000000000000 R09: 0000000000000000
[  404.830491][T17097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  404.830502][T17097] R13: 00007fafa5fe6038 R14: 00007fafa5fe5fa0 R15: 00007ffdd4b02968
[  404.830520][T17097]  </TASK>
[  405.068886][T17099] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4714'.
[  405.160658][T17109] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17109 comm=syz.0.4716
[  405.197700][T17109] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4716'.
[  405.207290][T17109] netlink: 'syz.0.4716': attribute type 2 has an invalid length.
[  405.215551][T17109] netlink: 'syz.0.4716': attribute type 1 has an invalid length.
[  405.223492][T17109] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4716'.
[  405.324485][   T29] audit: type=1400 audit(1754995165.958:20984): avc:  denied  { setopt } for  pid=17102 comm="syz.0.4716" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  405.400342][T17120] loop2: detected capacity change from 0 to 2364
[  405.411467][T17120] iso9660: Unknown parameter 'sh¨wassoc'
[  405.422173][T17120] 9pnet_fd: Insufficient options for proto=fd
[  405.455098][   T29] audit: type=1326 audit(1754995166.058:20985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17123 comm="syz.1.4723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85e011ebe9 code=0x7ffc0000
[  405.480034][   T29] audit: type=1326 audit(1754995166.068:20986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17123 comm="syz.1.4723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85e011ebe9 code=0x7ffc0000
[  405.506525][   T29] audit: type=1326 audit(1754995166.068:20987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17123 comm="syz.1.4723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85e011ebe9 code=0x7ffc0000
[  405.533054][   T29] audit: type=1326 audit(1754995166.068:20988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17123 comm="syz.1.4723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85e011ebe9 code=0x7ffc0000
[  405.559700][   T29] audit: type=1326 audit(1754995166.078:20989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17123 comm="syz.1.4723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85e011ebe9 code=0x7ffc0000
[  405.625416][   T29] audit: type=1326 audit(1754995166.088:20990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17123 comm="syz.1.4723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85e011ebe9 code=0x7ffc0000
[  405.650630][   T29] audit: type=1326 audit(1754995166.098:20991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17123 comm="syz.1.4723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85e011ebe9 code=0x7ffc0000
[  405.676158][   T29] audit: type=1326 audit(1754995166.098:20992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17123 comm="syz.1.4723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85e011ebe9 code=0x7ffc0000
[  405.729484][T17130] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4726'.
[  405.925441][ T3383] usb usb6-port1: unable to enumerate USB device
[  405.932459][T16923] vhci_hcd: invalid port number 96
[  405.937982][T16923] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  406.061141][T17144] lo speed is unknown, defaulting to 1000
[  406.390616][T17149] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4730'.
[  406.576443][T17147] lo speed is unknown, defaulting to 1000
[  407.841590][T17193] lo speed is unknown, defaulting to 1000
[  408.199176][T17202] loop5: detected capacity change from 0 to 2364
[  408.206399][T17202] iso9660: Unknown parameter 'sh¨wassoc'
[  408.216458][T17202] 9pnet_fd: Insufficient options for proto=fd
[  408.291678][T17206] mmap: syz.2.4743 (17206) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  408.333119][T17210] lo speed is unknown, defaulting to 1000
[  408.807208][T17247] lo speed is unknown, defaulting to 1000
[  408.938033][T17252] netlink: 'syz.5.4760': attribute type 3 has an invalid length.
[  409.629529][T17271] lo speed is unknown, defaulting to 1000
[  410.239046][T17277] lo speed is unknown, defaulting to 1000
[  410.274911][T17273] lo speed is unknown, defaulting to 1000
[  410.366357][   T29] kauditd_printk_skb: 101 callbacks suppressed
[  410.366376][   T29] audit: type=1326 audit(1754995171.008:21094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17286 comm="syz.2.4771" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fafa5dbebe9 code=0x0
[  410.375750][T17279] loop1: detected capacity change from 0 to 8192
[  410.611178][T17314] __nla_validate_parse: 3 callbacks suppressed
[  410.611197][T17314] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4773'.
[  410.626771][T17314] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4773'.
[  410.665260][T17314] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  410.693770][   T29] audit: type=1400 audit(1754995171.328:21095): avc:  denied  { read } for  pid=17293 comm="syz.3.4773" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  410.722854][T17314] bond1: entered allmulticast mode
[  410.734351][T17314] 8021q: adding VLAN 0 to HW filter on device bond1
[  410.739139][T17319] loop5: detected capacity change from 0 to 2048
[  410.767877][   T29] audit: type=1326 audit(1754995171.338:21096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.5.4779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b00debe9 code=0x7ffc0000
[  410.792669][   T29] audit: type=1326 audit(1754995171.338:21097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.5.4779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b00debe9 code=0x7ffc0000
[  410.816835][   T29] audit: type=1326 audit(1754995171.338:21098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.5.4779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fb8b00debe9 code=0x7ffc0000
[  410.841224][   T29] audit: type=1326 audit(1754995171.338:21099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.5.4779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b00debe9 code=0x7ffc0000
[  410.865581][   T29] audit: type=1326 audit(1754995171.338:21100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.5.4779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb8b00debe9 code=0x7ffc0000
[  410.889872][   T29] audit: type=1326 audit(1754995171.338:21101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.5.4779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b00debe9 code=0x7ffc0000
[  410.914629][   T29] audit: type=1326 audit(1754995171.338:21102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.5.4779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb8b00debe9 code=0x7ffc0000
[  410.939165][   T29] audit: type=1326 audit(1754995171.338:21103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17318 comm="syz.5.4779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8b00debe9 code=0x7ffc0000
[  410.978516][T17319]  loop5: p1 < > p4
[  410.990202][T17319] loop5: p4 size 8388608 extends beyond EOD, truncated
[  411.449861][T17357] lo speed is unknown, defaulting to 1000
[  411.498247][T17357] siw: device registration error -23
[  411.505705][T17358] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4789'.
[  411.708281][T17356] lo speed is unknown, defaulting to 1000
[  411.800312][T17366] netlink: 'syz.3.4790': attribute type 3 has an invalid length.
[  411.903872][T17370] FAULT_INJECTION: forcing a failure.
[  411.903872][T17370] name failslab, interval 1, probability 0, space 0, times 0
[  411.917372][T17370] CPU: 0 UID: 0 PID: 17370 Comm: syz.5.4793 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(voluntary) 
[  411.917406][T17370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  411.917422][T17370] Call Trace:
[  411.917431][T17370]  <TASK>
[  411.917440][T17370]  __dump_stack+0x1d/0x30
[  411.917464][T17370]  dump_stack_lvl+0xe8/0x140
[  411.917484][T17370]  dump_stack+0x15/0x1b
[  411.917503][T17370]  should_fail_ex+0x265/0x280
[  411.917528][T17370]  should_failslab+0x8c/0xb0
[  411.917557][T17370]  kmem_cache_alloc_noprof+0x50/0x310
[  411.917584][T17370]  ? mas_alloc_nodes+0x265/0x520
[  411.917611][T17370]  mas_alloc_nodes+0x265/0x520
[  411.917638][T17370]  mas_preallocate+0x33e/0x520
[  411.917670][T17370]  mmap_region+0xbdd/0x1630
[  411.917716][T17370]  do_mmap+0x9b3/0xbe0
[  411.917755][T17370]  vm_mmap_pgoff+0x17a/0x2e0
[  411.917784][T17370]  ksys_mmap_pgoff+0xc2/0x310
[  411.917811][T17370]  ? __x64_sys_mmap+0x49/0x70
[  411.917835][T17370]  x64_sys_call+0x14a3/0x2ff0
[  411.917864][T17370]  do_syscall_64+0xd2/0x200
[  411.917888][T17370]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  411.917911][T17370]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  411.917933][T17370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  411.917955][T17370] RIP: 0033:0x7fb8b00dec23
[  411.917973][T17370] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  411.917993][T17370] RSP: 002b:00007fb8aeb3ee18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  411.918018][T17370] RAX: ffffffffffffffda RBX: 000000000000055b RCX: 00007fb8b00dec23
[  411.918033][T17370] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  411.918047][T17370] RBP: 0000200000000582 R08: 00000000ffffffff R09: 0000000000000000
[  411.918060][T17370] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000006
[  411.918072][T17370] R13: 00007fb8aeb3eef0 R14: 00007fb8aeb3eeb0 R15: 0000200000000000
[  411.918089][T17370]  </TASK>
[  412.200883][T17382] usb usb1: usbfs: process 17382 (syz.5.4798) did not claim interface 23 before use
[  412.240112][T17384] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4799'.
[  412.395195][T17396] lo speed is unknown, defaulting to 1000
[  412.459609][T17399] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4803'.
[  412.470156][T17399] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17399 comm=syz.5.4803
[  412.504679][T17401] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4804'.
[  412.542788][T17405] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  412.549503][T17405] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  412.557558][T17405] vhci_hcd vhci_hcd.0: Device attached
[  412.571590][T17406] vhci_hcd: connection closed
[  412.572195][ T3810] vhci_hcd: stop threads
[  412.581717][ T3810] vhci_hcd: release socket
[  412.586586][ T3810] vhci_hcd: disconnect device
[  413.017156][T17410] loop1: detected capacity change from 0 to 512
[  413.090908][T17414] loop1: detected capacity change from 0 to 8192
[  413.094782][T17418] usb usb1: usbfs: process 17418 (syz.5.4810) did not claim interface 23 before use
[  413.185794][T17430] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4815'.
[  413.196453][T17430] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17430 comm=syz.1.4815
[  413.253664][T17432] lo speed is unknown, defaulting to 1000
[  413.397083][T17442] loop5: detected capacity change from 0 to 512
[  413.435918][T17447] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4820'.
[  413.468963][T17452] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.4821'.
[  413.695698][ T3356] usb usb6-port1: attempt power cycle
[  414.249505][T17463] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17463 comm=syz.3.4826
[  414.457948][T17474] lo speed is unknown, defaulting to 1000
[  414.943515][T17480] lo speed is unknown, defaulting to 1000
[  415.043951][T17485] usb usb7: usbfs: process 17485 (syz.1.4832) did not claim interface 0 before use
[  415.167795][T17490] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  415.174607][T17490] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  415.182361][T17490] vhci_hcd vhci_hcd.0: Device attached
[  415.194541][T17492] vhci_hcd: connection closed
[  415.194841][ T3810] vhci_hcd: stop threads
[  415.204354][ T3810] vhci_hcd: release socket
[  415.205806][T17494] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4833'.
[  415.209492][ T3810] vhci_hcd: disconnect device
[  415.575345][ T3356] usb usb6-port1: unable to enumerate USB device
[  415.582307][T17364] vhci_hcd: invalid port number 96
[  415.587738][T17364] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  415.609428][   T29] kauditd_printk_skb: 191 callbacks suppressed
[  415.609451][   T29] audit: type=1326 audit(1754995176.248:21295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17508 comm="syz.2.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafa5dbebe9 code=0x7ffc0000
[  415.640683][   T29] audit: type=1326 audit(1754995176.248:21296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17508 comm="syz.2.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafa5dbebe9 code=0x7ffc0000
[  415.665016][   T29] audit: type=1326 audit(1754995176.248:21297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17508 comm="syz.2.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fafa5dbebe9 code=0x7ffc0000
[  415.665721][T17509] loop2: detected capacity change from 0 to 2048
[  415.689683][   T29] audit: type=1326 audit(1754995176.248:21298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17508 comm="syz.2.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafa5dbebe9 code=0x7ffc0000
[  415.720594][   T29] audit: type=1326 audit(1754995176.258:21299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17508 comm="syz.2.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafa5dbebe9 code=0x7ffc0000
[  415.745127][   T29] audit: type=1326 audit(1754995176.258:21300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17508 comm="syz.2.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fafa5dbebe9 code=0x7ffc0000
[  415.769184][   T29] audit: type=1326 audit(1754995176.258:21301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17508 comm="syz.2.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafa5dbebe9 code=0x7ffc0000
[  415.794099][   T29] audit: type=1326 audit(1754995176.258:21302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17508 comm="syz.2.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fafa5dbebe9 code=0x7ffc0000
[  415.818116][   T29] audit: type=1326 audit(1754995176.258:21303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17508 comm="syz.2.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafa5dbebe9 code=0x7ffc0000
[  415.842246][   T29] audit: type=1326 audit(1754995176.258:21304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17508 comm="syz.2.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fafa5dbebe9 code=0x7ffc0000
[  415.895500][T17509]  loop2: p1 < > p4
[  415.900124][T17509] loop2: p4 size 8388608 extends beyond EOD, truncated
[  415.979141][T17517] bond_slave_1: entered promiscuous mode
[  415.986120][T17517] bond_slave_1: left promiscuous mode
[  416.050550][T17521] serio: Serial port ptm0
[  416.986479][T17554] loop2: detected capacity change from 0 to 512
[  417.200609][T17556] __nla_validate_parse: 1 callbacks suppressed
[  417.200632][T17556] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4853'.
[  417.309161][T17561] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4855'.
[  417.435742][T17571] FAULT_INJECTION: forcing a failure.
[  417.435742][T17571] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  417.449906][T17571] CPU: 1 UID: 0 PID: 17571 Comm: syz.1.4858 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(voluntary) 
[  417.450032][T17571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  417.450064][T17571] Call Trace:
[  417.450073][T17571]  <TASK>
[  417.450084][T17571]  __dump_stack+0x1d/0x30
[  417.450192][T17571]  dump_stack_lvl+0xe8/0x140
[  417.450214][T17571]  dump_stack+0x15/0x1b
[  417.450242][T17571]  should_fail_ex+0x265/0x280
[  417.450268][T17571]  should_fail+0xb/0x20
[  417.450290][T17571]  should_fail_usercopy+0x1a/0x20
[  417.450343][T17571]  _copy_from_user+0x1c/0xb0
[  417.450377][T17571]  do_fcntl+0x5a3/0xdf0
[  417.450457][T17571]  ? selinux_file_fcntl+0x1cb/0x1e0
[  417.450480][T17571]  __se_sys_fcntl+0xb1/0x120
[  417.450508][T17571]  __x64_sys_fcntl+0x43/0x50
[  417.450580][T17571]  x64_sys_call+0x29a0/0x2ff0
[  417.450601][T17571]  do_syscall_64+0xd2/0x200
[  417.450642][T17571]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  417.450739][T17571]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  417.450817][T17571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.450878][T17571] RIP: 0033:0x7f85e011ebe9
[  417.450898][T17571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  417.451015][T17571] RSP: 002b:00007f85deb7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  417.451038][T17571] RAX: ffffffffffffffda RBX: 00007f85e0345fa0 RCX: 00007f85e011ebe9
[  417.451116][T17571] RDX: 0000200000000000 RSI: 0000000000000026 RDI: 0000000000000004
[  417.451175][T17571] RBP: 00007f85deb7f090 R08: 0000000000000000 R09: 0000000000000000
[  417.451187][T17571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  417.451200][T17571] R13: 00007f85e0346038 R14: 00007f85e0345fa0 R15: 00007ffdee977c28
[  417.451222][T17571]  </TASK>
[  417.452436][T17571] IPv6: Can't replace route, no match found
[  417.673875][T17581] loop1: detected capacity change from 0 to 1024
[  417.681399][T17581] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  417.707280][T17581] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  417.872776][T17591] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17591 comm=syz.5.4862
[  417.918237][T17593] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  417.924946][T17593] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  417.932942][T17593] vhci_hcd vhci_hcd.0: Device attached
[  417.941352][T17594] vhci_hcd: connection closed
[  417.941570][ T3861] vhci_hcd: stop threads
[  417.950780][ T3861] vhci_hcd: release socket
[  417.955284][ T3861] vhci_hcd: disconnect device
[  418.190767][T17597] SELinux: ebitmap: truncated map
[  418.206788][T17597] SELinux: failed to load policy
[  418.213791][T17597] FAULT_INJECTION: forcing a failure.
[  418.213791][T17597] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  418.227510][T17597] CPU: 0 UID: 0 PID: 17597 Comm: syz.2.4864 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(voluntary) 
[  418.227547][T17597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  418.227562][T17597] Call Trace:
[  418.227573][T17597]  <TASK>
[  418.227584][T17597]  __dump_stack+0x1d/0x30
[  418.227611][T17597]  dump_stack_lvl+0xe8/0x140
[  418.227632][T17597]  dump_stack+0x15/0x1b
[  418.227718][T17597]  should_fail_ex+0x265/0x280
[  418.227808][T17597]  should_fail+0xb/0x20
[  418.227829][T17597]  should_fail_usercopy+0x1a/0x20
[  418.227869][T17597]  _copy_from_user+0x1c/0xb0
[  418.227965][T17597]  ___sys_sendmsg+0xc1/0x1d0
[  418.228076][T17597]  __x64_sys_sendmsg+0xd4/0x160
[  418.228100][T17597]  x64_sys_call+0x191e/0x2ff0
[  418.228136][T17597]  do_syscall_64+0xd2/0x200
[  418.228205][T17597]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  418.228228][T17597]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  418.228252][T17597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.228284][T17597] RIP: 0033:0x7fafa5dbebe9
[  418.228304][T17597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  418.228325][T17597] RSP: 002b:00007fafa4827038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  418.228349][T17597] RAX: ffffffffffffffda RBX: 00007fafa5fe5fa0 RCX: 00007fafa5dbebe9
[  418.228434][T17597] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 000000000000000b
[  418.228449][T17597] RBP: 00007fafa4827090 R08: 0000000000000000 R09: 0000000000000000
[  418.228515][T17597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  418.228529][T17597] R13: 00007fafa5fe6038 R14: 00007fafa5fe5fa0 R15: 00007ffdd4b02968
[  418.228546][T17597]  </TASK>
[  418.256593][T17605] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4868'.
[  418.493188][T17617] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17617 comm=syz.2.4873
[  418.536640][T12295] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  418.600909][T17624] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4876'.
[  418.626300][T17623] loop1: detected capacity change from 0 to 2048
[  418.686642][T17623]  loop1: p1 < > p4
[  418.691154][T17623] loop1: p4 size 8388608 extends beyond EOD, truncated
[  418.780122][T17630] loop1: detected capacity change from 0 to 512
[  418.832099][T17634] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4880'.
[  418.891681][T17646] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17646 comm=syz.5.4886
[  418.969384][T17652] loop5: detected capacity change from 0 to 2048
[  419.016548][T17652]  loop5: p1 < > p4
[  419.021202][T17652] loop5: p4 size 8388608 extends beyond EOD, truncated
[  419.040632][T17655] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4890'.
[  419.093987][T17659] loop1: detected capacity change from 0 to 512
[  419.101036][    T9] usb usb6-port1: attempt power cycle
[  419.234098][T17671] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4895'.
[  419.288796][T17675] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  419.295650][T17675] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  419.303877][T17675] vhci_hcd vhci_hcd.0: Device attached
[  419.314635][T17676] vhci_hcd: connection closed
[  419.314920][ T3861] vhci_hcd: stop threads
[  419.324276][ T3861] vhci_hcd: release socket
[  419.324565][T17678] loop1: detected capacity change from 0 to 512
[  419.329169][ T3861] vhci_hcd: disconnect device
[  419.475942][T17682] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17682 comm=syz.2.4899
[  419.613329][T17688] FAULT_INJECTION: forcing a failure.
[  419.613329][T17688] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  419.626793][T17688] CPU: 1 UID: 0 PID: 17688 Comm: syz.2.4902 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(voluntary) 
[  419.626817][T17688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  419.626877][T17688] Call Trace:
[  419.626882][T17688]  <TASK>
[  419.626887][T17688]  __dump_stack+0x1d/0x30
[  419.626915][T17688]  dump_stack_lvl+0xe8/0x140
[  419.626959][T17688]  dump_stack+0x15/0x1b
[  419.626970][T17688]  should_fail_ex+0x265/0x280
[  419.626985][T17688]  should_fail+0xb/0x20
[  419.626997][T17688]  should_fail_usercopy+0x1a/0x20
[  419.627065][T17688]  _copy_from_user+0x1c/0xb0
[  419.627084][T17688]  __sys_bpf+0x178/0x7b0
[  419.627106][T17688]  __x64_sys_bpf+0x41/0x50
[  419.627122][T17688]  x64_sys_call+0x2aea/0x2ff0
[  419.627148][T17688]  do_syscall_64+0xd2/0x200
[  419.627165][T17688]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  419.627182][T17688]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  419.627199][T17688]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.627263][T17688] RIP: 0033:0x7fafa5dbebe9
[  419.627275][T17688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  419.627287][T17688] RSP: 002b:00007fafa4827038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  419.627302][T17688] RAX: ffffffffffffffda RBX: 00007fafa5fe5fa0 RCX: 00007fafa5dbebe9
[  419.627311][T17688] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000001f
[  419.627320][T17688] RBP: 00007fafa4827090 R08: 0000000000000000 R09: 0000000000000000
[  419.627367][T17688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  419.627375][T17688] R13: 00007fafa5fe6038 R14: 00007fafa5fe5fa0 R15: 00007ffdd4b02968
[  419.627388][T17688]  </TASK>
[  419.873446][T17699] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4906'.
[  419.954558][T17708] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4909'.
[  420.044886][T17712] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17712 comm=syz.2.4910
[  420.187155][T17720] loop1: detected capacity change from 0 to 1024
[  420.199080][T17720] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  420.226463][T17720] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  420.528286][T17733] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4917'.
[  420.840440][T17741] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17741 comm=syz.5.4921
[  420.901504][T17745] FAULT_INJECTION: forcing a failure.
[  420.901504][T17745] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  420.915288][T17745] CPU: 1 UID: 0 PID: 17745 Comm: syz.5.4923 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(voluntary) 
[  420.915322][T17745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  420.915342][T17745] Call Trace:
[  420.915349][T17745]  <TASK>
[  420.915358][T17745]  __dump_stack+0x1d/0x30
[  420.915383][T17745]  dump_stack_lvl+0xe8/0x140
[  420.915403][T17745]  dump_stack+0x15/0x1b
[  420.915420][T17745]  should_fail_ex+0x265/0x280
[  420.915444][T17745]  should_fail+0xb/0x20
[  420.915611][T17745]  should_fail_usercopy+0x1a/0x20
[  420.915628][T17745]  _copy_from_user+0x1c/0xb0
[  420.915647][T17745]  do_fcntl+0x5a3/0xdf0
[  420.915771][T17745]  ? selinux_file_fcntl+0x1cb/0x1e0
[  420.915793][T17745]  __se_sys_fcntl+0xb1/0x120
[  420.915873][T17745]  __x64_sys_fcntl+0x43/0x50
[  420.915898][T17745]  x64_sys_call+0x29a0/0x2ff0
[  420.915941][T17745]  do_syscall_64+0xd2/0x200
[  420.915960][T17745]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  420.916043][T17745]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  420.916100][T17745]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  420.916115][T17745] RIP: 0033:0x7fb8b00debe9
[  420.916127][T17745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  420.916140][T17745] RSP: 002b:00007fb8aeb3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  420.916156][T17745] RAX: ffffffffffffffda RBX: 00007fb8b0305fa0 RCX: 00007fb8b00debe9
[  420.916165][T17745] RDX: 0000200000000000 RSI: 0000000000000026 RDI: 0000000000000003
[  420.916236][T17745] RBP: 00007fb8aeb3f090 R08: 0000000000000000 R09: 0000000000000000
[  420.916245][T17745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  420.916253][T17745] R13: 00007fb8b0306038 R14: 00007fb8b0305fa0 R15: 00007ffdd85f61b8
[  420.916266][T17745]  </TASK>
[  421.116870][    T9] usb usb6-port1: unable to enumerate USB device
[  421.142136][   T29] kauditd_printk_skb: 234 callbacks suppressed
[  421.142156][   T29] audit: type=1400 audit(1754995181.778:21539): avc:  denied  { create } for  pid=17746 comm="syz.5.4924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  421.168594][   T29] audit: type=1400 audit(1754995181.778:21540): avc:  denied  { ioctl } for  pid=17746 comm="syz.5.4924" path="socket:[70524]" dev="sockfs" ino=70524 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  421.170794][T12295] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  421.193679][   T29] audit: type=1400 audit(1754995181.778:21541): avc:  denied  { connect } for  pid=17746 comm="syz.5.4924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  421.302402][T17767] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17767 comm=syz.3.4932
[  421.316459][   T29] audit: type=1326 audit(1754995181.938:21542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17764 comm="syz.1.4931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85e011ebe9 code=0x7ffc0000
[  421.341427][   T29] audit: type=1326 audit(1754995181.938:21543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17764 comm="syz.1.4931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85e011ebe9 code=0x7ffc0000
[  421.365786][   T29] audit: type=1326 audit(1754995181.938:21544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17764 comm="syz.1.4931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85e011ebe9 code=0x7ffc0000
[  421.392766][   T29] audit: type=1326 audit(1754995181.938:21545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17764 comm="syz.1.4931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85e011ebe9 code=0x7ffc0000
[  421.416671][   T29] audit: type=1326 audit(1754995181.958:21546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17764 comm="syz.1.4931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85e011ebe9 code=0x7ffc0000
[  421.440740][   T29] audit: type=1326 audit(1754995181.958:21547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17764 comm="syz.1.4931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85e011ebe9 code=0x7ffc0000
[  421.465037][   T29] audit: type=1326 audit(1754995181.958:21548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17764 comm="syz.1.4931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85e011ebe9 code=0x7ffc0000
[  421.979443][T17779] sch_fq: defrate 0 ignored.
[  422.160572][T17793] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  422.167142][T17793] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  422.174971][T17793] vhci_hcd vhci_hcd.0: Device attached
[  422.183631][T17794] vhci_hcd: connection closed
[  422.183796][ T3795] vhci_hcd: stop threads
[  422.193081][ T3795] vhci_hcd: release socket
[  422.197554][ T3795] vhci_hcd: disconnect device
[  422.241233][T17803] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  422.247863][T17803] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  422.256453][T17803] vhci_hcd vhci_hcd.0: Device attached
[  422.264369][T17804] vhci_hcd: connection closed
[  422.264707][ T3866] vhci_hcd: stop threads
[  422.274061][ T3866] vhci_hcd: release socket
[  422.279004][ T3866] vhci_hcd: disconnect device
[  422.380696][T17807] netlink: 'syz.3.4944': attribute type 29 has an invalid length.
[  422.604637][T17816] __nla_validate_parse: 1 callbacks suppressed
[  422.604668][T17816] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4948'.
[  422.922852][T17837] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17837 comm=syz.5.4954
[  423.113367][T17843] loop5: detected capacity change from 0 to 512
[  423.120147][T17843] EXT4-fs: Ignoring removed nomblk_io_submit option
[  423.127120][T17843] ext4: Unknown parameter 'noquota"errors'
[  423.491212][T17855] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4960'.
[  423.523712][T17859] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  423.530327][T17859] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  423.538810][T17859] vhci_hcd vhci_hcd.0: Device attached
[  423.552499][T17860] vhci_hcd: connection closed
[  423.552891][ T3795] vhci_hcd: stop threads
[  423.562662][ T3795] vhci_hcd: release socket
[  423.567326][ T3795] vhci_hcd: disconnect device
[  423.645718][T17872] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4965'.
[  423.724957][T17873] lo speed is unknown, defaulting to 1000
[  423.819073][T17878] syz.1.4967 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  423.935435][   T10] usb usb6-port1: attempt power cycle
[  424.025455][T17890] ==================================================================
[  424.034255][T17890] BUG: KCSAN: data-race in _copy_from_iter / _copy_from_iter
[  424.041891][T17890] 
[  424.044333][T17890] write to 0xffff88811ad64000 of 4096 bytes by task 17889 on cpu 0:
[  424.052669][T17890]  _copy_from_iter+0x130/0xe40
[  424.057540][T17890]  copy_page_from_iter+0x178/0x2a0
[  424.062847][T17890]  process_vm_rw+0x659/0x960
[  424.067678][T17890]  __x64_sys_process_vm_writev+0x78/0x90
[  424.073329][T17890]  x64_sys_call+0x2a7c/0x2ff0
[  424.078035][T17890]  do_syscall_64+0xd2/0x200
[  424.082560][T17890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  424.088830][T17890] 
[  424.091179][T17890] write to 0xffff88811ad64000 of 4096 bytes by task 17890 on cpu 1:
[  424.099699][T17890]  _copy_from_iter+0x130/0xe40
[  424.104652][T17890]  copy_page_from_iter+0x178/0x2a0
[  424.109882][T17890]  process_vm_rw+0x659/0x960
[  424.114663][T17890]  __x64_sys_process_vm_writev+0x78/0x90
[  424.120596][T17890]  x64_sys_call+0x2a7c/0x2ff0
[  424.125645][T17890]  do_syscall_64+0xd2/0x200
[  424.130359][T17890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  424.136526][T17890] 
[  424.138859][T17890] Reported by Kernel Concurrency Sanitizer on:
[  424.145134][T17890] CPU: 1 UID: 0 PID: 17890 Comm: syz.2.4971 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(voluntary) 
[  424.157867][T17890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  424.168344][T17890] ==================================================================
[  425.765200][   T10] usb usb6-port1: unable to enumerate USB device
[  425.771951][T17785] vhci_hcd: invalid port number 96
[  425.777326][T17785] vhci_hcd: default hub control req: 0000 vfffc i0060 l0