last executing test programs:

31.508506142s ago: executing program 0 (id=592):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000000)={{}, {0x0, 0x989680}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
io_setup(0x6, &(0x7f0000001000)=<r3=>0x0)
io_getevents(r3, 0x3, 0x3, &(0x7f00000010c0)=[{}, {}, {}], 0x0) (fail_nth: 2)

31.168646039s ago: executing program 0 (id=593):
r0 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)=',-\x15*\x00', &(0x7f0000000440)='$\b&U0\xb5i\x16\xca\xcd\x01\xf8\x13x\\\x16\x0e\x8c\x1b\xc1rv\xa5k|\x92*ON\x9d\xf21KH\xfcx\xdayx\xe4\xf8\x86\xc3\xf1\xb4\x94/9\',\xf7uX/W\xcc5\a\x9e^\x90\xa8\xaf\xda\x97\xe0M]\xcd\xe2\x17\'\xbf\x04i\xcakbA\xf6\xd2P\xa5H\xf0\xa0B=\x01\x00\x86%\x97\xcb\xbcWo\xf2\xa6', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000540)='\x00', &(0x7f0000001c80)='n', 0x1) (async)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f00000005c0)='\x00H\xeb', 0x0, r0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50) (async)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r2, 0x0, 0x11, 0x1afd) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000500000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) (async)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000040)='syzkaller\x00', &(0x7f0000001140)='\xf1\x95\xb3>-\x8c\xd4\r\x01\xfa\xe2{eED\x0e\xaaPV\x11\xff\xb6j\xd4~6\x82^\x9b b', 0x0) (async, rerun: 32)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='kfree\x00\xa5O\xfa\x1a\xaa8?', &(0x7f0000000100)='\x00.-&]\xe1\x19\t\xe88\xces`Z1\\\x98\x8b1\xb9\xc9\xe6\xf1\x94\x1e[\x8bs\x94\x80\x96\xf2\x02\x98+vv\x8a\xf7D\x19\x8cd\xa6\a\xe0S\xda2\b\xf1\x1d\xe5\x14\xba1x\x81\x1f0\x0fL\xc5\xba\xbb\x1di+Q~\xfa\x9a}m;\xe1\xcef8\xa0\x04\f\xa8\xe6?,\x91\x81\xac\xa3::\xc6\x9bdE\x1a\x96\xc4\x80\x8c\x15\x01\n\x81\xbf1\x96$\xeeQ\xe7\' RI\x1f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00v\x8d\xf5u\xcf\x8a\xc6\xcf\xd3d\xd1\xdd:\xa22\xf1\x8c\tL\x13\x1d\ap\x12\x1f\xe2\xf0\xdb\xc8\xa5\xad\xb7\a\xfe\xa5\xfbl\xda:>|d\xda\x8cV\xeaW\x05\x98J\xadH\x83\xf4\x93\xdeO\xe9\xf2\xad\xf3wv\xc8\xad\xcaf\x00\xe5\xfb\x8a\x0e\xaa\xfe\x7f\x1c\xfc\xec@j\xf7O\xdb\xdcaQ\xef\xe1W\x95\x10\x1a^72%~\xba\xcao:B\xa7\xcdN\x9a\x83\x82\xd9\x8a\xeb@\xc9\xa5\xff\xbe]\xbb\xa6]\xd6\xbf6\xb9\xabW\f\xdeD\xc1O\x81\a2\x9a\xe1\x1c\x81,e\xe7\x93NU\xdc\"\xdb\x06\x8b\xe2\xdbBf@\xb9\xd1\xfd\x9f#1\xba\x8a\x84r\xc6\xaa\xb2\xfd\xf0s\x90\x10\xc2L\xaf\xec\x97\xa4\x06\x00\xa10\xb5\xcd\x00\x17^\xa7|@\x02\xa3C.\xda\xa9\xeb\aZ?\x9a\x8c<4\xcb\xcd/1\xd3\r\xec\xedz\xf2\xbb\\\xb5}B([\r]\xe0\xdaI%\x1d\x11*\x96\xd2\x90Q\"@\xeb\x92Z\b\xdf\xd6Uy\x84\x04\xdc\x85\xebW\x98\xb7\xd5Zg\x05\xed\xe0\x0f\xa8}\xac\t\xe7\xb9\x1fIU\xb5\xe3\xb6\x92E%\xc9`\x1e\x1a\xdd^\xa3\x1d3\x94\x14).H\x85\xae\xd6\xbe\x96Q|\xc0E&?\xcc1\bC\xbf@#(1bhd\xbe-\x8fZ\x97\x16n/\xdd\x1f\xa0=H\xcc\x8b\x92%\xe1\x98\x98-TQP\x98[\x86\xff$\xa1\x15\x00\xb1(\x83\x9b\\.5\x93\x14\xf9\xf6-Ro\xdc\xea\x06s\xe5\x93\x174\r\x84?h\tVn\x82\x1dl\xc8^\xf1\x00\xa4\x82\x9fvn\xdbu\x9bJ\x11\xa8\xa8', 0x0) (async, rerun: 32)
close(r0) (async)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001340)={&(0x7f0000000040)='bcache_keyscan\x00', r4, 0x0, 0x6}, 0x18) (async)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1) (async)
setsockopt$inet6_tcp_int(r2, 0x6, 0x6, &(0x7f0000000340)=0x2, 0x4)
ioctl$KDSKBENT(r5, 0x4b47, &(0x7f0000000500)={0x2, 0xfc, 0x8})

31.152281171s ago: executing program 0 (id=594):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000001440)={0x1}, 0x8)
setsockopt$inet_tcp_int(r0, 0x6, 0x9, 0x0, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000000)={{}, {0x0, 0x989680}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0xb}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
acct(&(0x7f00000001c0)='./file0\x00')
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x18)
r6 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r6, 0x84, 0x10, &(0x7f0000000000)=r8, 0xc)
statx(0xffffffffffffff9c, &(0x7f0000000380)='\x00', 0x4000, 0x200, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, <r9=>0x0})
r10 = socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r10, &(0x7f0000001280)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="280000002d000100fcffffff0000000008000000", @ANYRES32, @ANYBLOB="10000080090000004f14aad206fca2c8"], 0x28}], 0x1, 0x0, 0x0, 0x4}, 0x0)
lstat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, <r11=>0x0})
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000340), 0x400, &(0x7f0000000800)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@ignoreqv}, {@loose}, {@afid}], [{@uid_lt={'uid<', r9}}, {@fsname}, {@flag='async'}, {@fowner_eq}, {@uid_gt={'uid>', r11}}, {@appraise_type}, {@pcr={'pcr', 0x3d, 0x3}}]}})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x2, 0x7ffc1ffb}]})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x41000004, 0x0)

30.290735431s ago: executing program 0 (id=601):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900), 0x0)
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x50, &(0x7f0000000440)={[{@usrquota}, {}, {@nobh}, {@resuid}, {@dioread_nolock}]}, 0x0, 0x3eb, &(0x7f0000000880)="$eJzs3M1uG0UcAPD/br5I+uEgcUCFQwQIgoCkDgQoQqJw5eMCPICVpKXCbarGSLTkUBAnThwQNw59AQ48QFUhJCRegRdAlSqU5gC3oLV3HTe2Qyw7der8ftLIM+txZv7ezWpmvTsBHFtzEXE+IsYiYikiSvn2NE9xs5Gyeve3Nle2tzZXktjZ+fjvJJJ8W/G3kvz1RF6YTyPSbyOeutne7sb1G59XqtW1a3l5sXb56uLG9RuvXLpcubh2ce1K+Y1z5fLy0pvl1wYW64/PvXhu7L3zZ376s3RneXJyOuvvyfy91jgGZS7mmt/JXsuDbmzIJofdAQAADiTNx/7j9fF/KcbquYZSLG4OtXMAAADAQOy8k78CAAAAIywx9wcAAIARV9wHcH9rc6VIB7pxoHRotyQ8VPfejYjZ3Webt5vxj8djeZ2JQ3y+dS4irj6flLIUh/QcMgBAqzvZ+Odsp/FfGk+21JuKqI+Hpgfc/tyecvv4J7074CYfkI3/3o6I7bbxX1pUmR3LS6fqQ8WJ5MKl6trZiDgdEfMxMZWVy/u08f4/P3/U7b0s/t+SU6eLlLWfve7WSO+OTz34mdVKrdJPzK3ufR1xZrxT/Elz/JtExEwfbYx9deutbu/9f/yHa+dWxAsd9//uyj3J/usTLdaPh8XiqGj37ze/fNit/WHHn+3/mf3jn01a12va6L2N25/98XQ90yGq1vlPL8f/ZPJJPV/My76s1GrXyhGTyQft25d2P1uUi/pZ/PPPdv7/L85/Sb6m1cn8HNCr777/9eX9azTiz1LWfjEXfBiy+Fd72v+9Z16//fun3dpv3f+d48/2f2MNsPl8y0HOfwftYD/fHQAAADwq0vp1jSRdaObTdGGhcb3jiZhJq+sbtZcurH9xZbVx/WM2JtLiSlep5XpoufEzerO8tKf8akQ8HhE/lKbr5YWV9erqsIMHAACAY+JEl/l/5q8RuccfAAAAyH+oBwAAAEab+T8AAACMtH7W9Tu+meybOwLdOPKZZ45GN4aQmYgj0Y0+MsM+MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADza/gsAAP//Bdqy/A==")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000300)=""/180}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r1, 0x4b67, &(0x7f00000006c0)={0x2, &(0x7f0000000000)=[{0xfff, 0x3}, {0x87f, 0x7}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000400)='io_uring_create\x00', r2}, 0x18)
io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r3 = socket$netlink(0x10, 0x3, 0x13)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x4000000}, 0xc)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000003c0)='powernv_throttle\x00', r4, 0x0, 0x200}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
sendmsg$L2TP_CMD_SESSION_GET(0xffffffffffffffff, 0x0, 0x48082)
r5 = socket$isdn(0x22, 0x3, 0x25)
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x24, 0x0, 0x4, 0x70bd26, 0x25dfdbfe, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x3}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x24}}, 0x40001)
ioctl$SIOCGSTAMPNS(r5, 0x8907, &(0x7f00000001c0))
pipe2(&(0x7f0000000040), 0x40)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ptrace$getregset(0x4204, r6, 0x202, &(0x7f0000000140)={0x0})

30.126770144s ago: executing program 0 (id=603):
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x2}}, './file0\x00'})
fcntl$setlease(r0, 0x400, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000003feffff720a00fef8ffffff71a4f1ff0000000071302000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00ff040400007203000000000000b500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0xd, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffeb4, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0xffffffffffffff20}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r4, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r6, 0x29, 0x3, &(0x7f0000000000)=0x1, 0x4)
bind$inet6(r6, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c)
connect$inet6(r6, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
sendmmsg$inet6(r6, &(0x7f0000004f00)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="65df", 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000004c0)="ad007c6425", 0x5}], 0x1}}, {{0x0, 0x0, &(0x7f0000002780)=[{&(0x7f00000006c0)='UA', 0x2}], 0x1}}], 0x3, 0x4000011)
close_range(r5, 0xffffffffffffffff, 0x0)

28.049056734s ago: executing program 0 (id=630):
r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0xc, 0x100)
ioctl$USBDEVFS_CLEAR_HALT(r0, 0x80045515, &(0x7f0000000180)={0x4, 0x1})
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r1=>r0, {r0}}, './file0\x00'})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f00000002c0)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', <r2=>0x0, 0x8000, 0x7, 0x8, 0x800000, {{0x1f, 0x4, 0x1, 0x31, 0x7c, 0x66, 0x0, 0x5, 0x4, 0x0, @broadcast, @local, {[@ssrr={0x89, 0x27, 0xbf, [@multicast1, @multicast2, @dev={0xac, 0x14, 0x14, 0x41}, @rand_addr=0x64010101, @empty, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, @private=0xa010102]}, @timestamp_prespec={0x44, 0x24, 0x42, 0x3, 0x2, [{@remote, 0x6d2b}, {@rand_addr=0x64010100, 0x1}, {@rand_addr=0x64010101, 0xe02}, {@broadcast, 0xa}]}, @generic={0x44, 0xd, "407aaeee9377a5fe7e9b84"}, @end, @ssrr={0x89, 0xf, 0x8a, [@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, @local]}]}}}}})
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000300)={0x3, 0x4, 0x4, 0xa, 0x0, r1, 0x0, '\x00', r2, 0xffffffffffffffff, 0x0, 0x5}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x8, &(0x7f0000000000)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}}]}, &(0x7f0000000640)='syzkaller\x00', 0x7, 0xf9, &(0x7f0000000080)=""/249}, 0x94)

28.048834464s ago: executing program 32 (id=630):
r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0xc, 0x100)
ioctl$USBDEVFS_CLEAR_HALT(r0, 0x80045515, &(0x7f0000000180)={0x4, 0x1})
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r1=>r0, {r0}}, './file0\x00'})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f00000002c0)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', <r2=>0x0, 0x8000, 0x7, 0x8, 0x800000, {{0x1f, 0x4, 0x1, 0x31, 0x7c, 0x66, 0x0, 0x5, 0x4, 0x0, @broadcast, @local, {[@ssrr={0x89, 0x27, 0xbf, [@multicast1, @multicast2, @dev={0xac, 0x14, 0x14, 0x41}, @rand_addr=0x64010101, @empty, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, @private=0xa010102]}, @timestamp_prespec={0x44, 0x24, 0x42, 0x3, 0x2, [{@remote, 0x6d2b}, {@rand_addr=0x64010100, 0x1}, {@rand_addr=0x64010101, 0xe02}, {@broadcast, 0xa}]}, @generic={0x44, 0xd, "407aaeee9377a5fe7e9b84"}, @end, @ssrr={0x89, 0xf, 0x8a, [@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, @local]}]}}}}})
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000300)={0x3, 0x4, 0x4, 0xa, 0x0, r1, 0x0, '\x00', r2, 0xffffffffffffffff, 0x0, 0x5}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x8, &(0x7f0000000000)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}}]}, &(0x7f0000000640)='syzkaller\x00', 0x7, 0xf9, &(0x7f0000000080)=""/249}, 0x94)

2.757622346s ago: executing program 1 (id=1012):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10)
ioctl$FIBMAP(0xffffffffffffffff, 0x1, 0x0)
setpriority(0x3, 0x0, 0xfffffffd)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1f, 0x0, &(0x7f0000000440)=ANY=[@ANYRES32=<r2=>r1], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x14010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16=r2], 0x1, 0x11ff, &(0x7f0000000d80)="$eJzs3E+LW1UYB+C342inGeePWqstiIe60c2lmYUb3QwyRWlAaTtCKwi3zh0Nc01CbhiIiNWVW935GcSlO0FcupmNn8HdbFx2IV4xydhGU1RkmjI8zyYvnPPjPYdA4IR7z+GrX3y4t1tlu/kgFk6dioVeRLqTIsVCHPk0Xnpl+cfnrt24eWWz1dq6mtLlzevNl1NKq89//87H31z8YbD89rer352Og/V3D3/Z+Png3MH5w9+uf9CuUrtKne4g5elWtzvIb5VF2mlXe1lKb5VFXhWp3amK/tT4btnt9YYp7+ysNHr9oqpS3hk294phGnTToD9M+ft5u5OyLEsrjeD/2P76Tl3XEXX9aDwWdV3XZ6IRy/F4rMRqrMV6PBFPxlNxNp6Oc/FMPBvnR7PmvW4AAAAAAAAAAAAAAAAAAAA4Wbz/DwAAAAAAAAAAAAAAAAAAAPN37cbNK5ut1tbVlJYiys/3t/e3x5/j8c3daEcZRVyKtfg1ov5qdAHA5NaAur78RmvrUhpZj8/K25P87f3tR6bzzdF1AkfhqXxznE/T+dPRuDe/EWtxdnZ+Y2Z+KV584Z58Fmvx03vRjTJ24o/s3fwnzZRee7P1l/yF0TwAAAA4CbL0p5nn9yy73/g4/7f/B2aczxeOmk3lF+PC4ty2zUQ1/GgvL8uifzxFY9LmGFv8Q7E01+7/vliMh2IZCsW4mPMPEw/E3S993isBAAAAAAAAAADgvzjepwi7X158/T6NzzzgjQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8zg4cCwAAAAAI87dOo2MDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKkAAAD//yqty1M=")
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040), 0x208e24b)

2.534668504s ago: executing program 1 (id=1013):
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
readv(r1, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)
sendto$inet(r2, &(0x7f0000000000), 0xfffffffffffffd74, 0x40004, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000400000"], 0x0, 0x0, 0x0, 0x0, 0x81e00}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
recvfrom$inet(r2, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

1.976920979s ago: executing program 2 (id=1022):
add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000004c0)="9a3bcb67be", 0x5, 0x1})
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x1, 0x800001, 0x0, 0x0, 0x0)
mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x12011, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f00000006c0)={<r0=>0xffffffffffffffff}, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200"/635], 0x310)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000003280)={0x0, 0x0, 0x0}, 0xc040)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000e40)={0x0, 0x0, 0x0}, 0x0)

1.913321324s ago: executing program 4 (id=1024):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000500)={[{@resgid={'resgid', 0x3d, 0xee00}}, {@user_xattr}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
socket$inet(0x2, 0x2, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000000240)=ANY=[], 0x835, 0x0)
truncate(&(0x7f0000000100)='./file0/file0\x00', 0x7)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
r3 = openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x0)
finit_module(r3, 0x0, 0x2)
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000d40), &(0x7f0000000c40)=ANY=[@ANYRES8=r2, @ANYRESHEX, @ANYRESHEX=r3, @ANYBLOB="a926ff9f1a9bfc9d692fb5fba9781b058f292132817bbb85fd76d20d3a024134a434b9ced20b95ff207667d8e77e20080f3ade4f25b1c1fb268e856b8e0f32363031be7ff2b696871aae8cf315ec855dca8303ccfff93bf43ac4b673ac8c4f134a1a2ee2df8ba27cc5aa9bad74f2e62d72fabf188dbba987fe52b08e25846cfb6633b1c61be38aff4f2f422a9f86f3f3b0ae9edc2b94313ff5e4401bf33b66e0364ed2fe5a7ecb6790551766f7f5060fa36011da02ca0293cfde90c68a58f1f8f0bf1b9044244c2c", @ANYRES8=r0], 0x835, 0x3)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
sendmmsg$inet6(r1, &(0x7f0000007080)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)='Ya', 0x2}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x48800)

1.863796758s ago: executing program 2 (id=1026):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000007080)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)='Ya', 0x2}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x48800)

1.854872629s ago: executing program 5 (id=1028):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000007080)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)='Ya', 0x2}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x48800) (fail_nth: 3)

1.491795899s ago: executing program 1 (id=1029):
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000004700))
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0x4002})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYBLOB=' \x00U\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.481954289s ago: executing program 2 (id=1030):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = dup(r4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000240)={'wlan1\x00'})
fsetxattr$security_selinux(r5, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)

1.425047304s ago: executing program 5 (id=1031):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r1, 0x0, 0x1, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={r0, &(0x7f0000000380)="f4d0c765b442ccb1cad993fd481412ee0a75e489cfda9165766b7e5f9bffd08df8f189e035ac32cb1aaed1d04ae4ec1db408f1fd499a4f8091a9375851e002b663170bd0f789f347b0f706986477415befa38a33c61f27926ee2c40cdcd9ecb45f74c4d75f205f972fe9b269ed58e3b7a6e08e5883acdc7ee294bb5a92bcb7114508a74e09cc98843248014cd78311508603b51a59e261e92a308d74127f59525c08c8af28b538194dc4413a419fb6ad367a78646a173ca29381dd8437df0928ca05c31975fca5d8344c2943d36bfd5a8900ab860d429334a8", &(0x7f0000000100)=@tcp=r1, 0x4}, 0x20)
write(0xffffffffffffffff, 0x0, 0x0)
write$P9_RATTACH(r1, &(0x7f0000000280)={0x14, 0x69, 0x1, {0x8, 0x1, 0x3}}, 0x14)

1.424664094s ago: executing program 5 (id=1032):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[], 0xa0}}, 0x0)

1.423500924s ago: executing program 2 (id=1033):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff0000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r4, {0xfff2, 0x4}, {}, {0x5, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x400c021}, 0x20040054)

1.392855757s ago: executing program 5 (id=1034):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000900)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfffffd9d)
sendfile(r0, r1, 0x0, 0x8000002b)

1.320431483s ago: executing program 2 (id=1035):
r0 = fsopen(&(0x7f0000000280)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = socket$kcm(0x11, 0xa, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
syz_usbip_server_init(0x1)
syz_usbip_server_init(0x1)
syz_usbip_server_init(0x2)
syz_usbip_server_init(0x0)
syz_usbip_server_init(0x3)
syz_usbip_server_init(0x5)
syz_usbip_server_init(0x0)
syz_usbip_server_init(0x3)
syz_usbip_server_init(0x0)
r2 = syz_io_uring_setup(0x12c2, &(0x7f0000000200)={0x0, 0x5eda, 0x10100, 0x1, 0x12a}, &(0x7f0000000140)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpu.stat\x00', 0x275a, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x10})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0))
write$UHID_CREATE2(r5, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x49, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r2, 0x7330, 0x0, 0x0, 0x0, 0x0)

1.272721647s ago: executing program 4 (id=1036):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r1}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat2(0xffffffffffffff9c, 0x0, &(0x7f0000000200)={0x80, 0x124}, 0x18)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
sync_file_range(0xffffffffffffffff, 0xe, 0x2, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000002001000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x3, 0x7ffc0001}]})
fstatfs(0xffffffffffffffff, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000009c0)={'ip6_vti0\x00', 0x0, 0x2f, 0xfd, 0x23, 0x400, 0x20, @loopback, @empty, 0x1, 0x80, 0x3, 0x7}})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000480)={'ip6tnl0\x00', &(0x7f0000000a40)={'ip6tnl0\x00', 0x0, 0x4, 0x3, 0x7, 0x3ff, 0x1, @loopback, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7, 0x10, 0x0, 0x81}})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x0)

1.202125352s ago: executing program 4 (id=1037):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='net/tcp6\x00')
socket$inet6_tcp(0xa, 0x1, 0x0)
sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0, 0x0, 0x2}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)

1.144748247s ago: executing program 4 (id=1038):
add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000004c0)="9a3bcb67be", 0x5, 0x1})
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x1, 0x800001, 0x0, 0x0, 0x0)
mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x12011, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f00000006c0)={<r0=>0xffffffffffffffff}, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200"/635], 0x310)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000003280)={0x0, 0x0, 0x0}, 0xc040)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000e40)={0x0, 0x0, 0x0}, 0x0)

998.887719ms ago: executing program 4 (id=1039):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_bp={0x0, 0x4}, 0x10200, 0x10000, 0x8, 0x1, 0xb, 0x20005, 0xfffd, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r3 = open(&(0x7f0000000240)='./file1\x00', 0x14d142, 0x0)
ftruncate(r3, 0x2007ffc)
sendfile(r3, r3, 0x0, 0x800000009)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)}, 0x20000800)
socket(0x2, 0x80805, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000001340)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
rt_tgsigqueueinfo(0x0, 0x0, 0x1a, &(0x7f0000000440)={0x30, 0x4, 0x4})

991.5013ms ago: executing program 3 (id=1040):
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
readv(r1, &(0x7f0000001340), 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)
sendto$inet(r2, &(0x7f0000000000), 0xfffffffffffffd74, 0x40004, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000400000"], 0x0, 0x0, 0x0, 0x0, 0x81e00}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
recvfrom$inet(r2, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

935.624644ms ago: executing program 5 (id=1041):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xc40a, &(0x7f0000000300)={[{@noblock_validity}, {@dioread_lock}, {@usrjquota}, {@nojournal_checksum}, {@noquota}, {@usrjquota, 0x2e}, {@grpquota}, {@barrier_val={'barrier', 0x3d, 0x8}}, {@jqfmt_vfsv0}, {@noload}], [], 0x2c}, 0x1, 0x464, &(0x7f0000000a40)="$eJzs28tvG8UfAPDv2nHaXx+/hFIeLQUM5RHxSJq0QA9cikDqBQkJDuUY0rQqdRvUBIlWFQ0cyhH1LwCOSPwFnOgFAScQV7gjpArlQuCAjNZeG9eOU8eJ46T+fKSNZ3ZnvfPd3YlnZ+wABlYx/ZNE7ImIXyJiJCLyzQWK1Zflpaszfy1dnUmiXH7zjyTdLf5cujpTK5pkr7uzzFiuvqrF/OUr56dLpdlLWX5i4cJ7E/OXrzx/7sL02dmzsxenjh8/dnTypRenXtiQOPemdT344dyhAyffvvH6zKkb73z/VVq5Pdn2xjiqRtd9zGIU256AJ9f97lvL3uy17QVnS0rb+lBEFCrtfyTylVzVSLz2cV8rB/RUuVwu72hZW+8BLJaBu1gS/a4B0B+1D/r0+be2bGL3o+9unag+AKVxL2dLdctQ5LIyhYbn241WjIhTi39/li6x4jgEAMDG+ibt/zy3Uv8vF/c3lPt/Njc0GhH3RMS+iLg3IvZHxH0RlbIPRMSDazx+sSnf2v/56X9dBdahWycieTmb27q9/1fr/cVoPsvtrcRfSM6cK80eyc7JWBR2pPnJVY5x89WfP223rbH/ly7p8Wt9wawevw81DdCdnl6YXk/MjW59VBkDvNYaf1KfCUgi4kBEHOzi/XdGxLlnvjzUsqFhoui2+COa4l/FUBcValL+IuLp6vVfjKb4G6u6yvzkxM4ozR6ZqN0VrX748fob7Y5/5+vfW+n137Xi/V+PfzRpnK+dX/sxrv/6Sdtnmm7v/+HkrUp6OFv3wfTCwqXJiOFksXX91H/71vK18mn8Y4dXbv/7Iv75PNvvoYhIb+KHI+KRiHg0q/tjEfF4RBxeJf7vXnni3e7j7600/tNruv5rT+TPf/t1u+N3dv2PVVJj2ZpO/v91WsH1nDsAAADYLnKV78AnufF6OpcbH69+h39/7MqV5uYXnj0z9/7F09Xvyo9GIVcb6RppGA+dzMaGa/mppvzRbCwwlebHZ+ZKvZpTBzqzu037T/2W73ftgJ5b0zyaX3jBXWUD5tGBbUr7h8Gl/cPg0v5hcK3U/q9FLPehKsAm8/kPg0v7h8Gl/cPg0v5hIK3nd/2rJfad7NU7b8fEzYhoVybf1xo+tbvb3SNXOjC8NU7vHROF7G6vr8ltkYpVEjsiotPC12KzKtbnf0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb5N8AAAD//6eJ4CE=")
sendto$inet(0xffffffffffffffff, 0x0, 0xffef, 0x20000000, &(0x7f0000000240)={0x2, 0x4e22, @remote}, 0x10)
acct(0x0)
open(&(0x7f0000000080)='./file0\x00', 0x2000, 0x392)
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f00000002c0)=ANY=[@ANYRESDEC], 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
r1 = shmget$private(0x0, 0x13000, 0x1, &(0x7f0000feb000/0x13000)=nil)
shmat(r1, &(0x7f0000ff1000/0x3000)=nil, 0x400c)

563.590515ms ago: executing program 4 (id=1042):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xc40a, &(0x7f0000000300)={[{@noblock_validity}, {@dioread_lock}, {@usrjquota}, {@nojournal_checksum}, {@noquota}, {@usrjquota, 0x2e}, {@grpquota}, {@barrier_val={'barrier', 0x3d, 0x8}}, {@jqfmt_vfsv0}, {@noload}], [], 0x2c}, 0x1, 0x464, &(0x7f0000000a40)="$eJzs28tvG8UfAPDv2nHaXx+/hFIeLQUM5RHxSJq0QA9cikDqBQkJDuUY0rQqdRvUBIlWFQ0cyhH1LwCOSPwFnOgFAScQV7gjpArlQuCAjNZeG9eOU8eJ46T+fKSNZ3ZnvfPd3YlnZ+wABlYx/ZNE7ImIXyJiJCLyzQWK1Zflpaszfy1dnUmiXH7zjyTdLf5cujpTK5pkr7uzzFiuvqrF/OUr56dLpdlLWX5i4cJ7E/OXrzx/7sL02dmzsxenjh8/dnTypRenXtiQOPemdT344dyhAyffvvH6zKkb73z/VVq5Pdn2xjiqRtd9zGIU256AJ9f97lvL3uy17QVnS0rb+lBEFCrtfyTylVzVSLz2cV8rB/RUuVwu72hZW+8BLJaBu1gS/a4B0B+1D/r0+be2bGL3o+9unag+AKVxL2dLdctQ5LIyhYbn241WjIhTi39/li6x4jgEAMDG+ibt/zy3Uv8vF/c3lPt/Njc0GhH3RMS+iLg3IvZHxH0RlbIPRMSDazx+sSnf2v/56X9dBdahWycieTmb27q9/1fr/cVoPsvtrcRfSM6cK80eyc7JWBR2pPnJVY5x89WfP223rbH/ly7p8Wt9wawevw81DdCdnl6YXk/MjW59VBkDvNYaf1KfCUgi4kBEHOzi/XdGxLlnvjzUsqFhoui2+COa4l/FUBcValL+IuLp6vVfjKb4G6u6yvzkxM4ozR6ZqN0VrX748fob7Y5/5+vfW+n137Xi/V+PfzRpnK+dX/sxrv/6Sdtnmm7v/+HkrUp6OFv3wfTCwqXJiOFksXX91H/71vK18mn8Y4dXbv/7Iv75PNvvoYhIb+KHI+KRiHg0q/tjEfF4RBxeJf7vXnni3e7j7600/tNruv5rT+TPf/t1u+N3dv2PVVJj2ZpO/v91WsH1nDsAAADYLnKV78AnufF6OpcbH69+h39/7MqV5uYXnj0z9/7F09Xvyo9GIVcb6RppGA+dzMaGa/mppvzRbCwwlebHZ+ZKvZpTBzqzu037T/2W73ftgJ5b0zyaX3jBXWUD5tGBbUr7h8Gl/cPg0v5hcK3U/q9FLPehKsAm8/kPg0v7h8Gl/cPg0v5hIK3nd/2rJfad7NU7b8fEzYhoVybf1xo+tbvb3SNXOjC8NU7vHROF7G6vr8ltkYpVEjsiotPC12KzKtbnf0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb5N8AAAD//6eJ4CE=")
sendto$inet(0xffffffffffffffff, 0x0, 0xffef, 0x20000000, &(0x7f0000000240)={0x2, 0x4e22, @remote}, 0x10)
acct(0x0)
open(&(0x7f0000000080)='./file0\x00', 0x2000, 0x392)
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f00000002c0)=ANY=[@ANYRESDEC], 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
r1 = shmget$private(0x0, 0x13000, 0x1, &(0x7f0000feb000/0x13000)=nil)
shmat(r1, &(0x7f0000ff1000/0x3000)=nil, 0x400c)

544.948906ms ago: executing program 1 (id=1043):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r1, 0x0, 0x1, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={r0, &(0x7f0000000380)="f4d0c765b442ccb1cad993fd481412ee0a75e489cfda9165766b7e5f9bffd08df8f189e035ac32cb1aaed1d04ae4ec1db408f1fd499a4f8091a9375851e002b663170bd0f789f347b0f706986477415befa38a33c61f27926ee2c40cdcd9ecb45f74c4d75f205f972fe9b269ed58e3b7a6e08e5883acdc7ee294bb5a92bcb7114508a74e09cc98843248014cd78311508603b51a59e261e92a308d74127f59525c08c8af28b538194dc4413a419fb6ad367a78646a173ca29381dd8437df0928ca05c31975fca5d8344c2943d36bfd5a8900ab860d429334a8", &(0x7f0000000100)=@tcp=r1, 0x4}, 0x20)
write(0xffffffffffffffff, 0x0, 0x0)
write$P9_RATTACH(r1, &(0x7f0000000280)={0x14, 0x69, 0x1, {0x8, 0x1, 0x3}}, 0x14)

492.20223ms ago: executing program 1 (id=1044):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = dup(r4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000240)={'wlan1\x00'})
fsetxattr$security_selinux(r5, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)

470.902312ms ago: executing program 1 (id=1045):
syz_usb_connect(0x6, 0x1fc, &(0x7f0000000780)=ANY=[@ANYBLOB="12015002b8005108101407a0683e010203010902ea01030e00300309040309027f54cc00090502040004040403800109661bede31b6d40ffd5a6457d3483a7c64a2cf09c6b30e3afe9caf13ed9a2924ed053d2b4b24aedb4035d4212c8a5f7df3b67916187c245f81035efe9b53a8d79988d4b00a8aa5926f8b9103fd0e543cebd14ca5d0825146c7ff12ef0b8fe612538542d6f5c9fdc7894374795b8ccb6bdb303b42aa86746d3370ad7a31c090504104000050209072501830200040725018101070009045b060c317135060905051008000600d30725018002000009050610200080ff0407250101060200090500100004090401090504104000ab0005090505022000060d0d48007672bf7524ef90e0a086de3562bf356642bc0201de8fa807c3b757b1c182c0f4c59af7c59293e1bc41956912be0eafd96bdf03aa6117bc3e50fbee59a6e5dfc7206516e091fce94c0c778a134b5368d1af31d240535b0725018002010009050b08000401a9050725010332f60b0725010206ac15090502140000c7070e0905010400020805800905051000020802ae07250103fbff0009050010400008000309050c040002030d07410f8c1ea652c620acd24cbf2bfeb921dfc3f2c147f7c05a53e4f7db6742a64c76fe8d2f319387c80165b1ad6b9054e93ae7385d785e1c040f2c4e5c2388ef87910905090020000108"], 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = openat2(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x4}, 0x18)
io_uring_enter(r0, 0x3fee, 0x6e52, 0x0, &(0x7f0000000500)={[0x6]}, 0x8)
r1 = socket(0x10, 0x3, 0x9)
connect$netlink(r1, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00'})
lsm_get_self_attr(0x66, &(0x7f0000000380)={0x0, 0x0, 0x65, 0x45, ""/69}, &(0x7f00000000c0)=0x65, 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32, @ANYBLOB="00000000000000001c001a800800028008000200080000003e127a510800020010"], 0x44}}, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0xab, &(0x7f0000000200)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x99, 0x2, 0x1, 0x7, 0x80, 0x80, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x8, 0x24, 0x6, 0x0, 0x1, "53cc6a"}, {0x5, 0x24, 0x0, 0xd}, {0xd, 0x24, 0xf, 0x1, 0xfc6, 0x1, 0xfff9, 0x4}, {0x6, 0x24, 0x1a, 0x5}, [@country_functional={0xe, 0x24, 0x7, 0x7, 0x207, [0x8, 0x7fff, 0x9, 0xcb]}, @country_functional={0x12, 0x24, 0x7, 0xff, 0x0, [0x7, 0x3, 0x995d, 0x8001, 0x7, 0x159b]}, @mbim_extended={0x8, 0x24, 0x1c, 0x7, 0x1, 0x7}, @acm={0x4, 0x24, 0x2, 0x7}, @dmm={0x7, 0x24, 0x14, 0x2, 0xd}, @network_terminal={0x7, 0x24, 0xa, 0x9, 0x5, 0x2d, 0x3}]}, {{0x9, 0x5, 0x81, 0x3, 0x10, 0xf7, 0x8}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x20, 0x1, 0x7, 0x2}}, {{0x9, 0x5, 0x3, 0x2, 0x0, 0x8, 0xff, 0x9}}}}}}}]}}, &(0x7f0000000140)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x250, 0x1, 0xc7, 0x6, 0x8, 0xcd}, 0xd9, &(0x7f0000000380)={0x5, 0xf, 0xd9, 0x6, [@ext_cap={0x7, 0x10, 0x2, 0x12, 0x5, 0x8, 0x8000}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x8, 0x2, 0x80, 0xfffd}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x0, 0x5, 0x7, 0x2}, @generic={0xa7, 0x10, 0x3, "46399951c72a42fd1e793f2e458677bb698eafdd82f428300b0a02fb54d71acb26d8cfcab0b4d7aed3361b9955841ccdfd53bdecdf668e2589d0aec8446a9220ac73cb6c3fd0eaa8c541c93ec720a47a1c988e15d3df46a5dd7a9744d729994e046e31ac72e04486c93022e81845908070bc2810d36c93c4ba4fd488bd12e733def8ede92e93f9ae93c768a38d8bdbf03b02cfda5bebcb684cb21f5ef03ee2f6c3721c71"}, @wireless={0xb, 0x10, 0x1, 0x4, 0xa0, 0xd, 0x9, 0x401, 0x8}, @ext_cap={0x7, 0x10, 0x2, 0x18, 0x2, 0x7, 0x4}]}, 0x1, [{0x42, &(0x7f00000002c0)=@string={0x42, 0x3, "fa9377d1edddc912161bdddb0fe6af297327bb01ea991127395d87fe0b0f18e03d58fc3a003a46f9eca9f81d6b339428c2ca15cb595404c30d89f2667229c929"}}]})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[], 0xa0}}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0xfff0)

330.540364ms ago: executing program 2 (id=1046):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000020680000000000000000000000e11711", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0xfe4a, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000500000095"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
r4 = socket(0x2b, 0x1, 0x1)
getsockopt$sock_buf(r4, 0x1, 0x1c, 0x0, &(0x7f0000000180))
io_setup(0x7, &(0x7f0000002400)=<r5=>0x0)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
io_submit(r5, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, r3, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}])
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
readv(r1, &(0x7f00000004c0)=[{&(0x7f00000001c0)=""/41, 0x29}, {&(0x7f0000000200)=""/18, 0x12}, {&(0x7f0000000280)=""/79, 0x4f}, {&(0x7f0000000300)=""/194, 0xc2}, {&(0x7f0000000400)=""/24, 0x18}], 0x5)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000040)=0x2)
readv(r7, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1)

138.185809ms ago: executing program 3 (id=1047):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x10, 0x803, 0x0)
sendto(r2, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000600)=""/191, 0xbf, 0xa1}}], 0x1, 0x2040000, &(0x7f0000003700)={0x77359400})

123.13157ms ago: executing program 3 (id=1048):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat2(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
sync_file_range(0xffffffffffffffff, 0xe, 0x2, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000002001000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x3, 0x7ffc0001}]})
fstatfs(0xffffffffffffffff, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000009c0)={'ip6_vti0\x00', 0x0, 0x2f, 0xfd, 0x23, 0x400, 0x20, @loopback, @empty, 0x1, 0x80, 0x3, 0x7}})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000480)={'ip6tnl0\x00', &(0x7f0000000a40)={'ip6tnl0\x00', 0x0, 0x4, 0x3, 0x7, 0x3ff, 0x1, @loopback, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7, 0x10, 0x0, 0x81}})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x0)

61.080165ms ago: executing program 3 (id=1049):
add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000004c0)="9a3bcb67be", 0x5, 0x1})
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x1, 0x800001, 0x0, 0x0, 0x0)
mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x12011, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f00000006c0)={<r0=>0xffffffffffffffff}, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200"/636], 0x310)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000003280)={0x0, 0x0, 0x0}, 0xc040)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000e40)={0x0, 0x0, 0x0}, 0x0)

41.114067ms ago: executing program 3 (id=1050):
r0 = syz_io_uring_setup(0x49a, &(0x7f0000000140)={0x0, 0xa065, 0x3180, 0x2, 0x240024e}, &(0x7f0000000080)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x11, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x1, 0x40, 0x1})
io_uring_enter(r0, 0x628, 0xc88d, 0x43, 0x0, 0x0)

25.499889ms ago: executing program 3 (id=1051):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000900)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfffffd9d)
sendfile(r0, r1, 0x0, 0x8000002b)

0s ago: executing program 5 (id=1052):
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
statfs(&(0x7f0000001000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r2 = dup3(r0, r1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000140)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3, 0x12, r4, 0x0)
lstat(&(0x7f0000002600)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000005c0))
ioctl$MON_IOCG_STATS(r2, 0xc0109207, &(0x7f00000001c0))
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000201000085000000430000"], 0x0, 0x200, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_io_uring_complete(0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r7}}, 0x24}, 0x1, 0x0, 0x0, 0x8080}, 0x0)

kernel console output (not intermixed with test programs):

 set [1, 0] type 2 family 0 port 6081 - 0
[   77.664625][ T5947] usb 3-1: enqueue for inactive port 0
[   77.687248][ T6130] nfs: Bad value for 'source'
[   77.692976][ T5947] usb 3-1: enqueue for inactive port 0
[   77.707747][ T6130] netlink: 48 bytes leftover after parsing attributes in process `syz.0.575'.
[   77.766390][ T5947] vhci_hcd: vhci_device speed not set
[   78.059265][ T6134] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6134 comm=syz.1.577
[   78.071805][ T6134] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6134 comm=syz.1.577
[   78.172637][ T3531] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   78.181166][ T3531] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.193503][ T3545] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   78.201999][ T3545] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.214455][ T3545] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   78.222896][ T3545] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.234251][ T3531] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   78.242731][ T3531] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.432667][ T6144] macvtap0: refused to change device tx_queue_len
[   78.532208][ T6154] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(14)
[   78.539538][ T6154] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   78.547292][ T6154] vhci_hcd vhci_hcd.0: Device attached
[   78.563243][ T6154] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(16)
[   78.565897][ T6161] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=58904 sclass=netlink_route_socket pid=6161 comm=syz.0.588
[   78.569933][ T6154] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   78.570056][ T6154] vhci_hcd vhci_hcd.0: Device attached
[   78.570690][ T6154] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   78.610513][ T6154] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(20)
[   78.617183][ T6154] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   78.625113][ T6154] vhci_hcd vhci_hcd.0: Device attached
[   78.639641][ T6168] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   78.649725][ T6168] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.662125][ T6154] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(22)
[   78.668852][ T6154] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   78.677093][ T6154] vhci_hcd vhci_hcd.0: Device attached
[   78.683321][ T6154] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   78.695484][ T6154] vhci_hcd vhci_hcd.0: pdev(4) rhport(5) sockfd(26)
[   78.702508][ T6154] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   78.710532][ T6154] vhci_hcd vhci_hcd.0: Device attached
[   78.716983][ T6154] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   78.724474][ T6178] FAULT_INJECTION: forcing a failure.
[   78.724474][ T6178] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   78.727834][ T6164] vhci_hcd: connection closed
[   78.739192][ T6178] CPU: 1 UID: 0 PID: 6178 Comm: syz.0.592 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   78.739248][ T6178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   78.739260][ T6178] Call Trace:
[   78.739268][ T6178]  <TASK>
[   78.739276][ T6178]  __dump_stack+0x1d/0x30
[   78.739301][ T6178]  dump_stack_lvl+0xe8/0x140
[   78.739319][ T6178]  dump_stack+0x15/0x1b
[   78.739571][ T6178]  should_fail_ex+0x265/0x280
[   78.739599][ T6178]  should_fail+0xb/0x20
[   78.739616][ T6178]  should_fail_usercopy+0x1a/0x20
[   78.739637][ T6178]  _copy_to_user+0x20/0xa0
[   78.739670][ T6178]  copy_siginfo_to_user+0x22/0xb0
[   78.739692][ T6178]  x64_setup_rt_frame+0x2b5/0x580
[   78.739715][ T6178]  arch_do_signal_or_restart+0x27c/0x480
[   78.739738][ T6178]  exit_to_user_mode_loop+0x7a/0x100
[   78.739806][ T6178]  do_syscall_64+0x1d6/0x200
[   78.739835][ T6178]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   78.739876][ T6178]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   78.739905][ T6178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.739953][ T6178] RIP: 0033:0x7f42dfd2ebe9
[   78.739973][ T6178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.739994][ T6178] RSP: 002b:00007f42de78f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d0
[   78.740016][ T6178] RAX: fffffffffffffffc RBX: 00007f42dff55fa0 RCX: 00007f42dfd2ebe9
[   78.740029][ T6178] RDX: 0000000000000003 RSI: 0000000000000003 RDI: 00007f42e0a94000
[   78.740040][ T6178] RBP: 00007f42de78f090 R08: 0000000000000000 R09: 0000000000000000
[   78.740052][ T6178] R10: 00002000000010c0 R11: 0000000000000246 R12: 0000000000000001
[   78.740087][ T6178] R13: 00007f42dff56038 R14: 00007f42dff55fa0 R15: 00007ffd5e678be8
[   78.740106][ T6178]  </TASK>
[   78.740506][ T6162] vhci_hcd: connection closed
[   78.741356][ T6175] vhci_hcd: connection closed
[   78.745409][ T6157] vhci_hcd: connection closed
[   78.750022][ T6167] vhci_hcd: connection closed
[   78.776577][ T3528] vhci_hcd: stop threads
[   78.908593][ T3408] usb 1-1: enqueue for inactive port 0
[   78.914932][ T3528] vhci_hcd: release socket
[   78.914951][ T3528] vhci_hcd: disconnect device
[   78.924802][ T3408] usb 1-1: enqueue for inactive port 0
[   78.926856][ T3409] usb 9-1: new low-speed USB device number 2 using vhci_hcd
[   78.931559][ T3528] vhci_hcd: stop threads
[   78.935945][ T6158] vhci_hcd: sendmsg failed!, ret=-32 for 48
[   78.940374][ T3528] vhci_hcd: release socket
[   78.991941][ T3528] vhci_hcd: disconnect device
[   78.996950][ T3408] vhci_hcd: vhci_device speed not set
[   78.997586][ T3528] vhci_hcd: stop threads
[   79.006759][ T3528] vhci_hcd: release socket
[   79.011339][ T3528] vhci_hcd: disconnect device
[   79.016914][ T3528] vhci_hcd: stop threads
[   79.017976][ T6168] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   79.021184][ T3528] vhci_hcd: release socket
[   79.021205][ T3528] vhci_hcd: disconnect device
[   79.021606][ T3528] vhci_hcd: stop threads
[   79.032093][ T6168] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.037142][ T3528] vhci_hcd: release socket
[   79.037167][ T3528] vhci_hcd: disconnect device
[   79.098357][ T6168] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   79.108546][ T6168] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.148229][ T6168] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   79.158744][ T6168] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.176102][ T6187] netlink: 4 bytes leftover after parsing attributes in process `syz.0.594'.
[   79.202675][ T3545] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   79.211264][ T3545] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   79.222951][ T3545] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   79.231475][ T3545] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   79.243519][ T3528] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   79.252330][ T3528] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   79.265053][ T3545] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   79.273946][ T3545] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   79.454411][ T6202] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6202 comm=syz.1.600
[   79.467167][ T6202] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6202 comm=syz.1.600
[   79.972344][ T6204] loop0: detected capacity change from 0 to 512
[   79.979305][ T6204] EXT4-fs: Ignoring removed nobh option
[   79.994021][ T6204] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.029862][   T29] kauditd_printk_skb: 326 callbacks suppressed
[   80.029932][   T29] audit: type=1400 audit(1754954307.728:2829): avc:  denied  { create } for  pid=6203 comm="syz.0.601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   80.039307][ T3307] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz-executor: iget: bad i_size value: 15393162788874
[   80.055965][   T29] audit: type=1400 audit(1754954307.738:2830): avc:  denied  { remove_name } for  pid=3307 comm="syz-executor" name="file2" dev="loop0" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   80.081169][ T3307] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz-executor: iget: bad i_size value: 15393162788874
[   80.091588][   T29] audit: type=1400 audit(1754954307.738:2831): avc:  denied  { unlink } for  pid=3307 comm="syz-executor" name="file2" dev="loop0" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   80.104123][ T3468] usb 6-1: device descriptor read/8, error -110
[   80.127393][   T29] audit: type=1400 audit(1754954307.778:2832): avc:  denied  { relabelfrom } for  pid=6208 comm="syz.1.602" name="NETLINK" dev="sockfs" ino=12871 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[   80.157667][   T29] audit: type=1400 audit(1754954307.778:2833): avc:  denied  { relabelto } for  pid=6208 comm="syz.1.602" name="NETLINK" dev="sockfs" ino=12871 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=netlink_route_socket permissive=1
[   80.198556][   T29] audit: type=1326 audit(1754954307.898:2834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6214 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cf34febe9 code=0x7ffc0000
[   80.222181][   T29] audit: type=1326 audit(1754954307.908:2835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6214 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cf34febe9 code=0x7ffc0000
[   80.247775][ T3468] usb 6-1: new SuperSpeed USB device number 8 using vhci_hcd
[   80.251087][   T29] audit: type=1326 audit(1754954307.958:2836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6214 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3cf34febe9 code=0x7ffc0000
[   80.279136][   T29] audit: type=1326 audit(1754954307.958:2837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6214 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cf34febe9 code=0x7ffc0000
[   80.302615][   T29] audit: type=1326 audit(1754954307.958:2838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6214 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cf34febe9 code=0x7ffc0000
[   80.304025][ T3468] usb 6-1: enqueue for inactive port 0
[   80.331991][ T6217] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(14)
[   80.338743][ T6217] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   80.346424][ T6217] vhci_hcd vhci_hcd.0: Device attached
[   80.352304][ T3468] usb 6-1: enqueue for inactive port 0
[   80.358409][ T3468] usb 6-1: enqueue for inactive port 0
[   80.359203][ T6220] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(17)
[   80.370625][ T6220] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   80.378384][ T6220] vhci_hcd vhci_hcd.0: Device attached
[   80.387685][ T6217] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   80.397609][ T6217] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(20)
[   80.404444][ T6217] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   80.412412][ T6217] vhci_hcd vhci_hcd.0: Device attached
[   80.418801][ T6217] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(22)
[   80.425409][ T6217] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   80.433141][ T6217] vhci_hcd vhci_hcd.0: Device attached
[   80.439338][ T6217] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   80.448167][ T6217] vhci_hcd vhci_hcd.0: pdev(4) rhport(5) sockfd(26)
[   80.454791][ T6217] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   80.462533][ T6217] vhci_hcd vhci_hcd.0: Device attached
[   80.468678][ T6217] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   80.479188][ T6230] vhci_hcd: connection closed
[   80.479343][ T3531] vhci_hcd: stop threads
[   80.484274][ T6221] vhci_hcd: connection closed
[   80.488358][ T3531] vhci_hcd: release socket
[   80.488972][ T6218] vhci_hcd: connection closed
[   80.493246][ T3531] vhci_hcd: disconnect device
[   80.494113][ T6227] vhci_hcd: connection closed
[   80.498795][ T3531] vhci_hcd: stop threads
[   80.503132][ T6225] vhci_hcd: connection closed
[   80.507468][ T3531] vhci_hcd: release socket
[   80.507497][ T3531] vhci_hcd: disconnect device
[   80.513254][ T3531] vhci_hcd: stop threads
[   80.535130][ T3531] vhci_hcd: release socket
[   80.539648][ T3531] vhci_hcd: disconnect device
[   80.544591][ T3531] vhci_hcd: stop threads
[   80.548962][ T3531] vhci_hcd: release socket
[   80.553478][ T3531] vhci_hcd: disconnect device
[   80.558508][ T3531] vhci_hcd: stop threads
[   80.563306][ T3531] vhci_hcd: release socket
[   80.567964][ T3531] vhci_hcd: disconnect device
[   80.920723][ T6247] netlink: 32 bytes leftover after parsing attributes in process `syz.2.614'.
[   81.029471][ T6253] FAULT_INJECTION: forcing a failure.
[   81.029471][ T6253] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   81.042683][ T6253] CPU: 0 UID: 0 PID: 6253 Comm: syz.4.616 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   81.042715][ T6253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   81.042728][ T6253] Call Trace:
[   81.042737][ T6253]  <TASK>
[   81.042745][ T6253]  __dump_stack+0x1d/0x30
[   81.042818][ T6253]  dump_stack_lvl+0xe8/0x140
[   81.042835][ T6253]  dump_stack+0x15/0x1b
[   81.042850][ T6253]  should_fail_ex+0x265/0x280
[   81.042870][ T6253]  should_fail+0xb/0x20
[   81.042909][ T6253]  should_fail_usercopy+0x1a/0x20
[   81.042957][ T6253]  strncpy_from_user+0x25/0x230
[   81.042983][ T6253]  ? 0xffffffff81000000
[   81.042995][ T6253]  ? __rcu_read_unlock+0x4f/0x70
[   81.043015][ T6253]  strncpy_from_user_nofault+0x68/0xf0
[   81.043088][ T6253]  bpf_probe_read_compat_str+0xb4/0x130
[   81.043119][ T6253]  bpf_prog_7242d7cc3d1c57d9+0x62/0x68
[   81.043135][ T6253]  bpf_trace_run2+0x104/0x1c0
[   81.043158][ T6253]  __bpf_trace_sys_enter+0x10/0x30
[   81.043178][ T6253]  trace_sys_enter+0x86/0xf0
[   81.043256][ T6253]  syscall_trace_enter+0x13e/0x1e0
[   81.043277][ T6253]  do_syscall_64+0xac/0x200
[   81.043301][ T6253]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   81.043337][ T6253]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   81.043359][ T6253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.043433][ T6253] RIP: 0033:0x7fcac300ebe9
[   81.043447][ T6253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.043464][ T6253] RSP: 002b:00007fcac1a77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   81.043483][ T6253] RAX: ffffffffffffffda RBX: 00007fcac3235fa0 RCX: 00007fcac300ebe9
[   81.043554][ T6253] RDX: 00002000000002c0 RSI: 0000000000005423 RDI: 0000000000000005
[   81.043566][ T6253] RBP: 00007fcac1a77090 R08: 0000000000000000 R09: 0000000000000000
[   81.043577][ T6253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.043588][ T6253] R13: 00007fcac3236038 R14: 00007fcac3235fa0 R15: 00007ffc09275b68
[   81.043654][ T6253]  </TASK>
[   81.278417][ T6256] syzkaller1: entered promiscuous mode
[   81.283975][ T6256] syzkaller1: entered allmulticast mode
[   81.355768][ T6258] +}[@ uses obsolete (PF_INET,SOCK_PACKET)
[   81.456778][ T3468] usb usb6-port1: unable to enumerate USB device
[   81.536345][   T36] vhci_hcd: vhci_device speed not set
[   81.815628][ T6278] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(14)
[   81.822622][ T6278] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   81.831086][ T6278] vhci_hcd vhci_hcd.0: Device attached
[   82.074819][ T4331] usb usb2-port1: attempt power cycle
[   82.090708][ T6211] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.100759][ T6283] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(17)
[   82.107497][ T6283] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   82.115463][ T6283] vhci_hcd vhci_hcd.0: Device attached
[   82.165210][ T6290] FAULT_INJECTION: forcing a failure.
[   82.165210][ T6290] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   82.178611][ T6290] CPU: 0 UID: 0 PID: 6290 Comm: syz.2.629 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   82.178677][ T6290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   82.178691][ T6290] Call Trace:
[   82.178700][ T6290]  <TASK>
[   82.178708][ T6290]  __dump_stack+0x1d/0x30
[   82.178733][ T6290]  dump_stack_lvl+0xe8/0x140
[   82.178751][ T6290]  dump_stack+0x15/0x1b
[   82.178768][ T6290]  should_fail_ex+0x265/0x280
[   82.178791][ T6290]  should_fail+0xb/0x20
[   82.178835][ T6290]  should_fail_usercopy+0x1a/0x20
[   82.178857][ T6290]  _copy_from_user+0x1c/0xb0
[   82.178889][ T6290]  ___sys_recvmsg+0xaa/0x370
[   82.178992][ T6290]  ? _parse_integer+0x27/0x40
[   82.179091][ T6290]  do_recvmmsg+0x1ef/0x540
[   82.179118][ T6290]  ? fput+0x8f/0xc0
[   82.179145][ T6290]  __x64_sys_recvmmsg+0xe5/0x170
[   82.179169][ T6290]  x64_sys_call+0x27a6/0x2ff0
[   82.179205][ T6290]  do_syscall_64+0xd2/0x200
[   82.179234][ T6290]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   82.179311][ T6290]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   82.179335][ T6290]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.179399][ T6290] RIP: 0033:0x7f527968ebe9
[   82.179416][ T6290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.179497][ T6290] RSP: 002b:00007f52780ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[   82.179522][ T6290] RAX: ffffffffffffffda RBX: 00007f52798b5fa0 RCX: 00007f527968ebe9
[   82.179535][ T6290] RDX: 0000000000000002 RSI: 0000200000004e80 RDI: 0000000000000006
[   82.179547][ T6290] RBP: 00007f52780ef090 R08: 0000000000000000 R09: 0000000000000000
[   82.179559][ T6290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.179570][ T6290] R13: 00007f52798b6038 R14: 00007f52798b5fa0 R15: 00007ffcba22a328
[   82.179587][ T6290]  </TASK>
[   82.180899][ T6278] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   82.281930][ T6300] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(24)
[   82.382753][ T6300] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   82.390710][ T6300] vhci_hcd vhci_hcd.0: Device attached
[   82.406105][ T6283] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(21)
[   82.406452][ T6278] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   82.412812][ T6283] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   82.428968][ T6283] vhci_hcd vhci_hcd.0: Device attached
[   82.453219][ T6278] vhci_hcd vhci_hcd.0: pdev(4) rhport(5) sockfd(23)
[   82.459898][ T6278] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   82.467991][ T6278] vhci_hcd vhci_hcd.0: Device attached
[   82.479506][ T6278] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   82.502249][ T6285] vhci_hcd: connection closed
[   82.502434][ T6301] vhci_hcd: connection closed
[   82.502441][ T3563] vhci_hcd: stop threads
[   82.502453][ T3563] vhci_hcd: release socket
[   82.507516][ T6306] vhci_hcd: connection closed
[   82.512015][ T3563] vhci_hcd: disconnect device
[   82.530840][ T6314] netlink: 'syz.2.632': attribute type 13 has an invalid length.
[   82.532105][ T6295] vhci_hcd: connection closed
[   82.538716][ T6314] netlink: 'syz.2.632': attribute type 17 has an invalid length.
[   82.552330][ T6280] vhci_hcd: connection closed
[   82.562713][ T3563] vhci_hcd: stop threads
[   82.572082][ T3563] vhci_hcd: release socket
[   82.576709][ T3563] vhci_hcd: disconnect device
[   82.587362][ T3563] vhci_hcd: stop threads
[   82.591750][ T3563] vhci_hcd: release socket
[   82.596368][ T3563] vhci_hcd: disconnect device
[   82.603236][ T3563] vhci_hcd: stop threads
[   82.607676][ T3563] vhci_hcd: release socket
[   82.612214][ T3563] vhci_hcd: disconnect device
[   82.617562][ T3563] vhci_hcd: stop threads
[   82.621890][ T3563] vhci_hcd: release socket
[   82.626518][ T3563] vhci_hcd: disconnect device
[   82.645945][ T6314] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   82.671047][ T3531] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   82.681105][ T3531] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.730802][ T3531] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   82.740908][ T3531] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.777980][ T6292] chnl_net:caif_netlink_parms(): no params data found
[   82.826693][ T3531] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   82.836695][ T3531] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.847348][ T6336] loop3: detected capacity change from 0 to 1024
[   82.855082][ T6336] ext4: Unknown parameter 'nom'
[   82.921666][ T6292] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.929374][ T6292] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.937140][ T6292] bridge_slave_0: entered allmulticast mode
[   82.943959][ T6292] bridge_slave_0: entered promiscuous mode
[   82.951176][ T6292] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.954743][ T6348] FAULT_INJECTION: forcing a failure.
[   82.954743][ T6348] name fail_futex, interval 1, probability 0, space 0, times 1
[   82.958679][ T6292] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.959710][ T6292] bridge_slave_1: entered allmulticast mode
[   82.972208][ T6348] CPU: 0 UID: 0 PID: 6348 Comm: syz.2.645 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   82.972238][ T6348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   82.972250][ T6348] Call Trace:
[   82.972259][ T6348]  <TASK>
[   82.972269][ T6348]  __dump_stack+0x1d/0x30
[   82.972294][ T6348]  dump_stack_lvl+0xe8/0x140
[   82.972315][ T6348]  dump_stack+0x15/0x1b
[   82.972374][ T6348]  should_fail_ex+0x265/0x280
[   82.972406][ T6348]  should_fail+0xb/0x20
[   82.972424][ T6348]  get_futex_key+0x130/0xbd0
[   82.972450][ T6348]  futex_lock_pi+0xf3/0x780
[   82.972477][ T6348]  ? _parse_integer_limit+0x170/0x190
[   82.972509][ T6348]  ? __pfx_futex_wake_mark+0x10/0x10
[   82.972545][ T6348]  do_futex+0x21f/0x380
[   82.972570][ T6348]  __se_sys_futex+0x2ed/0x360
[   82.972597][ T6348]  __x64_sys_futex+0x78/0x90
[   82.972644][ T6348]  x64_sys_call+0x2e39/0x2ff0
[   82.972666][ T6348]  do_syscall_64+0xd2/0x200
[   82.972692][ T6348]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   82.972769][ T6348]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   82.972793][ T6348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.972816][ T6348] RIP: 0033:0x7f527968ebe9
[   82.972834][ T6348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.972886][ T6348] RSP: 002b:00007f52780ce038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[   82.972907][ T6348] RAX: ffffffffffffffda RBX: 00007f52798b6090 RCX: 00007f527968ebe9
[   82.972920][ T6348] RDX: 00000000000000f0 RSI: 0000000000000006 RDI: 000020000000cffc
[   82.972950][ T6348] RBP: 00007f52780ce090 R08: 0000000000000000 R09: 0000000000000000
[   82.972962][ T6348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.972974][ T6348] R13: 00007f52798b6128 R14: 00007f52798b6090 R15: 00007ffcba22a328
[   82.972993][ T6348]  </TASK>
[   83.017672][ T6347] loop3: detected capacity change from 0 to 8192
[   83.019379][ T6292] bridge_slave_1: entered promiscuous mode
[   83.052065][ T6347] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   83.202630][ T3531] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   83.212847][ T3531] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.287418][ T6348] loop2: detected capacity change from 0 to 1764
[   83.321529][ T6347] syz.3.646 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   83.373015][ T6347] netlink: 36 bytes leftover after parsing attributes in process `syz.3.646'.
[   83.382071][ T6347] netlink: 16 bytes leftover after parsing attributes in process `syz.3.646'.
[   83.391138][ T6347] netlink: 36 bytes leftover after parsing attributes in process `syz.3.646'.
[   83.406474][ T6347] netlink: 36 bytes leftover after parsing attributes in process `syz.3.646'.
[   83.418814][ T6292] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.429303][ T6292] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.454524][ T6347] netlink: 24 bytes leftover after parsing attributes in process `syz.3.646'.
[   83.578665][ T3531] bond0 (unregistering): (slave dummy0): Releasing backup interface
[   83.589320][ T3531] bond0 (unregistering): Released all slaves
[   83.598308][ T6292] team0: Port device team_slave_0 added
[   83.615407][ T6292] team0: Port device team_slave_1 added
[   83.659928][ T3531] hsr_slave_0: left promiscuous mode
[   83.672488][ T3531] hsr_slave_1: left promiscuous mode
[   83.686656][ T3531] veth1_macvtap: left promiscuous mode
[   83.694548][ T3531] veth0_macvtap: left promiscuous mode
[   83.706322][ T3531] veth1_vlan: left promiscuous mode
[   83.711608][ T3531] veth0_vlan: left promiscuous mode
[   83.842285][ T6374] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(14)
[   83.848966][ T6374] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   83.856866][ T6374] vhci_hcd vhci_hcd.0: Device attached
[   83.865112][ T6373] loop4: detected capacity change from 0 to 1764
[   83.883450][ T6374] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(16)
[   83.890125][ T6374] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   83.898110][ T6374] vhci_hcd vhci_hcd.0: Device attached
[   83.905965][ T6292] batman_adv: batadv0: Adding interface: batadv_slave_0
[   83.913151][ T6292] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.940099][ T6292] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   83.960557][ T3409] usb 9-1: enqueue for inactive port 0
[   83.967069][ T3409] usb 9-1: enqueue for inactive port 0
[   83.972262][ T6374] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   83.992900][ T6292] batman_adv: batadv0: Adding interface: batadv_slave_1
[   84.000371][ T6292] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.026939][ T6292] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   84.038883][ T6374] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(20)
[   84.046109][ T6374] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   84.054390][ T6374] vhci_hcd vhci_hcd.0: Device attached
[   84.056293][ T3409] vhci_hcd: vhci_device speed not set
[   84.062494][ T4331] usb usb2-port1: unable to enumerate USB device
[   84.081318][ T6392] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(23)
[   84.088162][ T6392] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   84.096261][ T6392] vhci_hcd vhci_hcd.0: Device attached
[   84.120322][ T6400] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   84.129080][   T10] usb 5-1: new low-speed USB device number 6 using vhci_hcd
[   84.138734][ T6374] vhci_hcd vhci_hcd.0: pdev(2) rhport(5) sockfd(26)
[   84.145401][ T6374] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   84.153269][ T6374] vhci_hcd vhci_hcd.0: Device attached
[   84.154309][ T6292] hsr_slave_0: entered promiscuous mode
[   84.175191][ T6409] loop4: detected capacity change from 0 to 1024
[   84.183693][ T6292] hsr_slave_1: entered promiscuous mode
[   84.190155][ T6292] debugfs: 'hsr0' already exists in 'hsr'
[   84.195975][ T6292] Cannot create hsr debugfs directory
[   84.202853][ T6392] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   84.229159][ T6407] vhci_hcd: connection closed
[   84.229457][ T6381] vhci_hcd: connection closed
[   84.230661][ T6379] vhci_hcd: connection reset by peer
[   84.234563][ T6394] vhci_hcd: connection closed
[   84.249859][ T6389] vhci_hcd: connection closed
[   84.250978][ T3545] vhci_hcd: stop threads
[   84.264199][ T3545] vhci_hcd: release socket
[   84.269199][ T3545] vhci_hcd: disconnect device
[   84.278616][ T6409] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.281841][ T3545] vhci_hcd: stop threads
[   84.296101][ T3545] vhci_hcd: release socket
[   84.300735][ T3545] vhci_hcd: disconnect device
[   84.306990][ T3545] vhci_hcd: stop threads
[   84.311610][ T3545] vhci_hcd: release socket
[   84.316200][ T3545] vhci_hcd: disconnect device
[   84.321540][ T3545] vhci_hcd: stop threads
[   84.322739][ T6409] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.325895][ T3545] vhci_hcd: release socket
[   84.341255][ T3545] vhci_hcd: disconnect device
[   84.355330][ T3545] vhci_hcd: stop threads
[   84.359915][ T3545] vhci_hcd: release socket
[   84.364526][ T3545] vhci_hcd: disconnect device
[   84.377633][ T6425] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.432635][ T6425] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.450111][ T6292] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   84.459626][ T6292] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   84.468934][ T6292] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   84.479199][ T6292] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   84.490397][ T6425] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.531937][ T6292] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.540612][ T6425] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.557456][ T6292] 8021q: adding VLAN 0 to HW filter on device team0
[   84.568115][ T3531] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.575583][ T3531] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.588812][ T3531] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.596200][ T3531] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.621521][ T3530] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.639312][ T3530] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.656400][ T3530] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.665466][ T3530] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.710591][ T6292] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.754493][ T6454] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6454 comm=syz.3.678
[   84.767556][ T6454] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6454 comm=syz.3.678
[   84.785827][ T6454] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   84.805731][ T6454] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   84.807487][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.919297][ T6292] veth0_vlan: entered promiscuous mode
[   84.927901][ T6292] veth1_vlan: entered promiscuous mode
[   84.943071][ T6292] veth0_macvtap: entered promiscuous mode
[   84.952495][ T6292] veth1_macvtap: entered promiscuous mode
[   84.963887][ T6292] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.974806][ T6292] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.986121][ T3531] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.995435][ T3531] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.004649][ T3531] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.015078][ T3531] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.038861][   T29] kauditd_printk_skb: 279 callbacks suppressed
[   85.038963][   T29] audit: type=1400 audit(1754954312.748:3118): avc:  denied  { mounton } for  pid=6292 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   85.070031][   T29] audit: type=1400 audit(1754954312.748:3119): avc:  denied  { mount } for  pid=6292 comm="syz-executor" name="/" dev="gadgetfs" ino=3927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[   85.191208][   T29] audit: type=1326 audit(1754954312.898:3120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.5.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7403ebe9 code=0x7ffc0000
[   85.224329][   T29] audit: type=1326 audit(1754954312.928:3121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.5.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7403ebe9 code=0x7ffc0000
[   85.247901][   T29] audit: type=1326 audit(1754954312.928:3122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.5.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8d7403ebe9 code=0x7ffc0000
[   85.271348][   T29] audit: type=1326 audit(1754954312.928:3123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.5.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7403ebe9 code=0x7ffc0000
[   85.294813][   T29] audit: type=1326 audit(1754954312.928:3124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.5.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7403ebe9 code=0x7ffc0000
[   85.318204][   T29] audit: type=1326 audit(1754954312.928:3125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.5.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8d7403ebe9 code=0x7ffc0000
[   85.341768][   T29] audit: type=1326 audit(1754954312.928:3126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.5.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7403ebe9 code=0x7ffc0000
[   85.365259][   T29] audit: type=1326 audit(1754954312.928:3127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.5.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f8d7403ebe9 code=0x7ffc0000
[   85.391452][ T6483] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.471116][ T6483] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.537534][ T6492] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(14)
[   85.544174][ T6492] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   85.551798][ T6492] vhci_hcd vhci_hcd.0: Device attached
[   85.559755][ T6492] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(16)
[   85.566387][ T6492] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   85.574020][ T6492] vhci_hcd vhci_hcd.0: Device attached
[   85.582713][ T6483] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.619014][ T6492] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   85.695958][ T6498] netlink: 'syz.1.687': attribute type 4 has an invalid length.
[   85.724066][ T6499] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(23)
[   85.730703][ T6499] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   85.738497][ T6499] vhci_hcd vhci_hcd.0: Device attached
[   85.768588][ T6483] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.807960][ T6492] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(20)
[   85.814686][ T6492] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   85.822389][ T6492] vhci_hcd vhci_hcd.0: Device attached
[   85.922783][ T6499] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   85.961346][ T6499] vhci_hcd vhci_hcd.0: pdev(4) rhport(5) sockfd(27)
[   85.968276][ T6499] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   85.975987][ T6499] vhci_hcd vhci_hcd.0: Device attached
[   85.995117][ T6492] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   86.019991][ T6506] vhci_hcd: connection closed
[   86.020348][ T3528] vhci_hcd: stop threads
[   86.029612][ T3528] vhci_hcd: release socket
[   86.034080][ T3528] vhci_hcd: disconnect device
[   86.038829][ T5125] usb 10-1: SetAddress Request (2) to port 0
[   86.040547][ T6500] vhci_hcd: connection closed
[   86.044891][ T5125] usb 10-1: new SuperSpeed USB device number 2 using vhci_hcd
[   86.045274][ T6501] vhci_hcd: connection closed
[   86.058380][ T6494] vhci_hcd: connection closed
[   86.059009][ T6496] vhci_hcd: connection closed
[   86.063183][ T3528] vhci_hcd: stop threads
[   86.077023][ T3528] vhci_hcd: release socket
[   86.081531][ T3528] vhci_hcd: disconnect device
[   86.086349][ T6503] vhci_hcd: sendmsg failed!, ret=-32 for 48
[   86.092444][ T3528] vhci_hcd: stop threads
[   86.096837][ T3528] vhci_hcd: release socket
[   86.101487][ T3528] vhci_hcd: disconnect device
[   86.108555][ T3528] vhci_hcd: stop threads
[   86.112965][ T3528] vhci_hcd: release socket
[   86.117471][ T3528] vhci_hcd: disconnect device
[   86.122345][ T3528] vhci_hcd: stop threads
[   86.126762][ T3528] vhci_hcd: release socket
[   86.131278][ T3528] vhci_hcd: disconnect device
[   86.173893][ T6510] loop5: detected capacity change from 0 to 1024
[   86.181474][ T6510] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   86.192434][ T6510] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   86.202813][ T6510] JBD2: no valid journal superblock found
[   86.208595][ T6510] EXT4-fs (loop5): Could not load journal inode
[   86.368001][ T6520] capability: warning: `syz.1.694' uses deprecated v2 capabilities in a way that may be insecure
[   86.391408][ T6522] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6522 comm=syz.1.695
[   86.403994][ T6522] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6522 comm=syz.1.695
[   86.693455][ T6531] netlink: 32 bytes leftover after parsing attributes in process `syz.2.699'.
[   87.521612][ T6627] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6627 comm=syz.4.713
[   87.534593][ T6627] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6627 comm=syz.4.713
[   87.599318][ T6639] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6639 comm=syz.4.715
[   87.612277][ T6639] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6639 comm=syz.4.715
[   87.639783][ T6639] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   87.650305][ T6639] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   87.749187][ T6666] netlink: 32 bytes leftover after parsing attributes in process `syz.2.720'.
[   87.811535][ T6680] FAULT_INJECTION: forcing a failure.
[   87.811535][ T6680] name failslab, interval 1, probability 0, space 0, times 0
[   87.824535][ T6680] CPU: 0 UID: 0 PID: 6680 Comm: syz.2.722 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   87.824637][ T6680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   87.824711][ T6680] Call Trace:
[   87.824720][ T6680]  <TASK>
[   87.824728][ T6680]  __dump_stack+0x1d/0x30
[   87.824753][ T6680]  dump_stack_lvl+0xe8/0x140
[   87.824775][ T6680]  dump_stack+0x15/0x1b
[   87.824846][ T6680]  should_fail_ex+0x265/0x280
[   87.825006][ T6680]  ? xdp_umem_create+0x3c/0x5c0
[   87.825040][ T6680]  should_failslab+0x8c/0xb0
[   87.825068][ T6680]  __kmalloc_cache_noprof+0x4c/0x320
[   87.825103][ T6680]  xdp_umem_create+0x3c/0x5c0
[   87.825189][ T6680]  ? should_fail_ex+0xdb/0x280
[   87.825299][ T6680]  xsk_setsockopt+0x5ea/0x640
[   87.825346][ T6680]  ? __pfx_xsk_setsockopt+0x10/0x10
[   87.825375][ T6680]  __sys_setsockopt+0x184/0x200
[   87.825396][ T6680]  __x64_sys_setsockopt+0x64/0x80
[   87.825453][ T6680]  x64_sys_call+0x20ec/0x2ff0
[   87.825476][ T6680]  do_syscall_64+0xd2/0x200
[   87.825505][ T6680]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   87.825593][ T6680]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   87.825622][ T6680]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.825648][ T6680] RIP: 0033:0x7f527968ebe9
[   87.825687][ T6680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.825708][ T6680] RSP: 002b:00007f52780ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   87.825733][ T6680] RAX: ffffffffffffffda RBX: 00007f52798b5fa0 RCX: 00007f527968ebe9
[   87.825748][ T6680] RDX: 0000000000000004 RSI: 000000000000011b RDI: 0000000000000003
[   87.825762][ T6680] RBP: 00007f52780ef090 R08: 0000000000000020 R09: 0000000000000000
[   87.825776][ T6680] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[   87.825814][ T6680] R13: 00007f52798b6038 R14: 00007f52798b5fa0 R15: 00007ffcba22a328
[   87.825834][ T6680]  </TASK>
[   88.081337][ T6718] netlink: 28 bytes leftover after parsing attributes in process `syz.1.724'.
[   88.242197][ T6731] SELinux: security_context_str_to_sid (ð_šwµ[ëÆ¡ûœ‹‰°ê†#Zˆ§”lhù§«ÆAÖéȲ+t3Ù5šu È˜½o
¡
.*€ô) failed with errno=-22
[   88.328476][ T6747] netlink: 36 bytes leftover after parsing attributes in process `syz.4.737'.
[   88.337645][ T6747] netlink: 16 bytes leftover after parsing attributes in process `syz.4.737'.
[   88.347302][ T6747] netlink: 36 bytes leftover after parsing attributes in process `syz.4.737'.
[   88.426404][ T6747] netlink: 36 bytes leftover after parsing attributes in process `syz.4.737'.
[   89.075386][ T6819] netlink: 8 bytes leftover after parsing attributes in process `syz.4.745'.
[   89.203586][ T6834] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[   89.214879][ T6833] IPVS: stopping master sync thread 6834 ...
[   89.222273][   T10] usb 5-1: enqueue for inactive port 0
[   89.228249][   T10] usb 5-1: enqueue for inactive port 0
[   89.296641][   T10] vhci_hcd: vhci_device speed not set
[   89.422423][ T3545] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.466330][ T3545] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.506729][ T3545] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.529553][ T3545] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.567170][ T6883] FAULT_INJECTION: forcing a failure.
[   89.567170][ T6883] name failslab, interval 1, probability 0, space 0, times 0
[   89.580075][ T6883] CPU: 0 UID: 0 PID: 6883 Comm: syz.3.750 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   89.580110][ T6883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   89.580123][ T6883] Call Trace:
[   89.580130][ T6883]  <TASK>
[   89.580214][ T6883]  __dump_stack+0x1d/0x30
[   89.580241][ T6883]  dump_stack_lvl+0xe8/0x140
[   89.580264][ T6883]  dump_stack+0x15/0x1b
[   89.580283][ T6883]  should_fail_ex+0x265/0x280
[   89.580306][ T6883]  should_failslab+0x8c/0xb0
[   89.580370][ T6883]  __kvmalloc_node_noprof+0x123/0x4e0
[   89.580402][ T6883]  ? io_sqe_buffers_register+0xc2/0x530
[   89.580483][ T6883]  io_sqe_buffers_register+0xc2/0x530
[   89.580515][ T6883]  ? get_pid_task+0x96/0xd0
[   89.580542][ T6883]  ? should_fail_ex+0xdb/0x280
[   89.580566][ T6883]  io_register_rsrc+0x1b2/0x1e0
[   89.580598][ T6883]  __se_sys_io_uring_register+0x9e5/0xeb0
[   89.580649][ T6883]  ? fput+0x8f/0xc0
[   89.580675][ T6883]  ? ksys_write+0x192/0x1a0
[   89.580698][ T6883]  __x64_sys_io_uring_register+0x55/0x70
[   89.580729][ T6883]  x64_sys_call+0x18a3/0x2ff0
[   89.580802][ T6883]  do_syscall_64+0xd2/0x200
[   89.580832][ T6883]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   89.580922][ T6883]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   89.580948][ T6883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.580988][ T6883] RIP: 0033:0x7f304e0aebe9
[   89.581006][ T6883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.581043][ T6883] RSP: 002b:00007f304cb17038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[   89.581063][ T6883] RAX: ffffffffffffffda RBX: 00007f304e2d5fa0 RCX: 00007f304e0aebe9
[   89.581076][ T6883] RDX: 0000200000001580 RSI: 000000000000000f RDI: 0000000000000003
[   89.581087][ T6883] RBP: 00007f304cb17090 R08: 0000000000000000 R09: 0000000000000000
[   89.581171][ T6883] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000001
[   89.581183][ T6883] R13: 00007f304e2d6038 R14: 00007f304e2d5fa0 R15: 00007ffd28115a88
[   89.581217][ T6883]  </TASK>
[   89.878048][ T6829] syz.4.745 (6829) used greatest stack depth: 9976 bytes left
[   90.058599][   T29] kauditd_printk_skb: 386 callbacks suppressed
[   90.058616][   T29] audit: type=1400 audit(1754954317.768:3514): avc:  denied  { ioctl } for  pid=6910 comm="syz.4.760" path="/dev/nvram" dev="devtmpfs" ino=98 ioctlcmd=0x1501 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   90.115746][   T29] audit: type=1400 audit(1754954317.818:3515): avc:  denied  { mount } for  pid=6912 comm="syz.4.761" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   90.242724][   T29] audit: type=1400 audit(1754954317.928:3516): avc:  denied  { write } for  pid=6912 comm="syz.4.761" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   90.264215][   T29] audit: type=1400 audit(1754954317.928:3517): avc:  denied  { open } for  pid=6912 comm="syz.4.761" path="/163/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   90.292917][   T29] audit: type=1400 audit(1754954317.998:3518): avc:  denied  { unmount } for  pid=3310 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   90.513220][   T29] audit: type=1400 audit(1754954318.208:3519): avc:  denied  { write } for  pid=6919 comm="syz.4.763" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   90.549148][ T6922] FAULT_INJECTION: forcing a failure.
[   90.549148][ T6922] name failslab, interval 1, probability 0, space 0, times 0
[   90.561923][ T6922] CPU: 0 UID: 0 PID: 6922 Comm: syz.1.764 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   90.561952][ T6922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   90.561964][ T6922] Call Trace:
[   90.561971][ T6922]  <TASK>
[   90.561981][ T6922]  __dump_stack+0x1d/0x30
[   90.562088][ T6922]  dump_stack_lvl+0xe8/0x140
[   90.562108][ T6922]  dump_stack+0x15/0x1b
[   90.562202][ T6922]  should_fail_ex+0x265/0x280
[   90.562271][ T6922]  should_failslab+0x8c/0xb0
[   90.562300][ T6922]  kmem_cache_alloc_node_noprof+0x57/0x320
[   90.562406][ T6922]  ? __alloc_skb+0x101/0x320
[   90.562521][ T6922]  __alloc_skb+0x101/0x320
[   90.562557][ T6922]  netlink_alloc_large_skb+0xba/0xf0
[   90.562617][ T6922]  netlink_sendmsg+0x3cf/0x6b0
[   90.562707][ T6922]  ? __pfx_netlink_sendmsg+0x10/0x10
[   90.562767][ T6922]  __sock_sendmsg+0x145/0x180
[   90.562864][ T6922]  ____sys_sendmsg+0x31e/0x4e0
[   90.562892][ T6922]  ___sys_sendmsg+0x17b/0x1d0
[   90.562924][ T6922]  __x64_sys_sendmsg+0xd4/0x160
[   90.563012][ T6922]  x64_sys_call+0x191e/0x2ff0
[   90.563034][ T6922]  do_syscall_64+0xd2/0x200
[   90.563064][ T6922]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   90.563091][ T6922]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   90.563179][ T6922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.563204][ T6922] RIP: 0033:0x7f3cf34febe9
[   90.563223][ T6922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.563245][ T6922] RSP: 002b:00007f3cf1f5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   90.563327][ T6922] RAX: ffffffffffffffda RBX: 00007f3cf3725fa0 RCX: 00007f3cf34febe9
[   90.563349][ T6922] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[   90.563363][ T6922] RBP: 00007f3cf1f5f090 R08: 0000000000000000 R09: 0000000000000000
[   90.563434][ T6922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.563456][ T6922] R13: 00007f3cf3726038 R14: 00007f3cf3725fa0 R15: 00007ffd72834888
[   90.563477][ T6922]  </TASK>
[   90.918127][ T6931] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6931 comm=syz.2.769
[   90.931037][ T6931] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6931 comm=syz.2.769
[   90.958512][ T6933] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13)
[   90.965523][ T6933] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   90.973108][ T6933] vhci_hcd vhci_hcd.0: Device attached
[   90.989250][ T6931] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   90.998647][ T6936] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(16)
[   91.005290][ T6936] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   91.006530][ T6931] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   91.012997][ T6936] vhci_hcd vhci_hcd.0: Device attached
[   91.040428][ T6933] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(15)
[   91.047129][ T6933] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   91.055436][ T6933] vhci_hcd vhci_hcd.0: Device attached
[   91.079429][ T6933] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   91.106445][ T6933] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(21)
[   91.113213][ T6933] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   91.120990][ T6933] vhci_hcd vhci_hcd.0: Device attached
[   91.126717][   T29] audit: type=1400 audit(1754954318.818:3520): avc:  denied  { write } for  pid=6942 comm="syz.4.770" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   91.141238][ T6947] @: renamed from vlan0 (while UP)
[   91.147516][   T29] audit: type=1400 audit(1754954318.838:3521): avc:  denied  { create } for  pid=6946 comm="syz.1.771" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   91.151679][ T5125] usb 10-1: device descriptor read/8, error -110
[   91.170892][   T29] audit: type=1326 audit(1754954318.838:3522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6946 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cf34febe9 code=0x7ffc0000
[   91.200811][   T29] audit: type=1326 audit(1754954318.838:3523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6946 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cf34febe9 code=0x7ffc0000
[   91.204297][ T6933] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(23)
[   91.230828][ T6933] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   91.238593][ T6933] vhci_hcd vhci_hcd.0: Device attached
[   91.244753][ T6936] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   91.253602][ T6936] vhci_hcd vhci_hcd.0: pdev(3) rhport(6) sockfd(28)
[   91.260322][ T6936] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   91.268028][ T6936] vhci_hcd vhci_hcd.0: Device attached
[   91.286940][ T6933] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   91.296501][ T3387] usb 7-1: new low-speed USB device number 6 using vhci_hcd
[   91.297281][ T5125] usb 10-1: new SuperSpeed USB device number 2 using vhci_hcd
[   91.315537][ T6952] vhci_hcd: connection closed
[   91.315744][ T3545] vhci_hcd: stop threads
[   91.315846][ T6950] vhci_hcd: connection closed
[   91.320550][ T3545] vhci_hcd: release socket
[   91.326116][ T6939] vhci_hcd: connection closed
[   91.329627][ T3545] vhci_hcd: disconnect device
[   91.334343][ T6943] vhci_hcd: connection closed
[   91.339065][ T5125] usb 10-1: enqueue for inactive port 0
[   91.345860][ T3545] vhci_hcd: stop threads
[   91.348497][ T6934] vhci_hcd: connection reset by peer
[   91.354378][ T3545] vhci_hcd: release socket
[   91.359699][ T6937] vhci_hcd: connection closed
[   91.363853][ T3545] vhci_hcd: disconnect device
[   91.373381][ T3545] vhci_hcd: stop threads
[   91.378273][ T5125] usb 10-1: enqueue for inactive port 0
[   91.382436][ T3545] vhci_hcd: release socket
[   91.390075][ T5125] usb 10-1: enqueue for inactive port 0
[   91.392753][ T3545] vhci_hcd: disconnect device
[   91.393050][ T3545] vhci_hcd: stop threads
[   91.407547][ T3545] vhci_hcd: release socket
[   91.412085][ T3545] vhci_hcd: disconnect device
[   91.417248][ T3545] vhci_hcd: stop threads
[   91.421804][ T3545] vhci_hcd: release socket
[   91.426367][ T3545] vhci_hcd: disconnect device
[   91.431328][ T3545] vhci_hcd: stop threads
[   91.435612][ T3545] vhci_hcd: release socket
[   91.440293][ T3545] vhci_hcd: disconnect device
[   91.455901][ T6959] lo speed is unknown, defaulting to 1000
[   91.468160][ T6959] lo speed is unknown, defaulting to 1000
[   91.477844][ T6959] lo speed is unknown, defaulting to 1000
[   91.492684][ T6959] infiniband sy: RDMA CMA: cma_listen_on_dev, error -98
[   91.503960][ T6961] netlink: 32 bytes leftover after parsing attributes in process `syz.1.775'.
[   91.532744][ T6959] lo speed is unknown, defaulting to 1000
[   91.541488][ T6959] lo speed is unknown, defaulting to 1000
[   91.552683][ T6959] lo speed is unknown, defaulting to 1000
[   91.561758][ T6959] lo speed is unknown, defaulting to 1000
[   91.571191][ T6959] lo speed is unknown, defaulting to 1000
[   91.637416][ T6963] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   91.646123][ T6963] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   91.914019][ T6974] lo speed is unknown, defaulting to 1000
[   91.978787][ T6984] netlink: 32 bytes leftover after parsing attributes in process `syz.3.784'.
[   92.143065][ T6997] FAULT_INJECTION: forcing a failure.
[   92.143065][ T6997] name failslab, interval 1, probability 0, space 0, times 0
[   92.156021][ T6997] CPU: 1 UID: 0 PID: 6997 Comm: syz.4.790 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   92.156054][ T6997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   92.156171][ T6997] Call Trace:
[   92.156177][ T6997]  <TASK>
[   92.156184][ T6997]  __dump_stack+0x1d/0x30
[   92.156201][ T6997]  dump_stack_lvl+0xe8/0x140
[   92.156214][ T6997]  dump_stack+0x15/0x1b
[   92.156237][ T6997]  should_fail_ex+0x265/0x280
[   92.156262][ T6997]  ? percpu_ref_init+0x9c/0x250
[   92.156386][ T6997]  should_failslab+0x8c/0xb0
[   92.156406][ T6997]  ? __pfx_free_ioctx_users+0x10/0x10
[   92.156424][ T6997]  __kmalloc_cache_noprof+0x4c/0x320
[   92.156445][ T6997]  ? __pfx_free_ioctx_users+0x10/0x10
[   92.156461][ T6997]  percpu_ref_init+0x9c/0x250
[   92.156483][ T6997]  ioctx_alloc+0x1be/0x4e0
[   92.156499][ T6997]  ? fput+0x8f/0xc0
[   92.156519][ T6997]  __se_sys_io_setup+0x6b/0x1b0
[   92.156596][ T6997]  __x64_sys_io_setup+0x31/0x40
[   92.156610][ T6997]  x64_sys_call+0x2eff/0x2ff0
[   92.156624][ T6997]  do_syscall_64+0xd2/0x200
[   92.156677][ T6997]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   92.156693][ T6997]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   92.156709][ T6997]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.156724][ T6997] RIP: 0033:0x7fcac300ebe9
[   92.156736][ T6997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.156790][ T6997] RSP: 002b:00007fcac1a77038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[   92.156805][ T6997] RAX: ffffffffffffffda RBX: 00007fcac3235fa0 RCX: 00007fcac300ebe9
[   92.156814][ T6997] RDX: 0000000000000000 RSI: 0000200000000680 RDI: 0000000000002004
[   92.156822][ T6997] RBP: 00007fcac1a77090 R08: 0000000000000000 R09: 0000000000000000
[   92.156831][ T6997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   92.156839][ T6997] R13: 00007fcac3236038 R14: 00007fcac3235fa0 R15: 00007ffc09275b68
[   92.156852][ T6997]  </TASK>
[   92.176717][ T4331] usb usb6-port1: attempt power cycle
[   92.606266][ T5125] usb usb10-port1: attempt power cycle
[   92.676293][ T3409] vhci_hcd: vhci_device speed not set
[   93.084846][ T7107] loop2: detected capacity change from 0 to 1764
[   93.197227][ T7126] netlink: 'syz.1.801': attribute type 10 has an invalid length.
[   93.310549][ T7138] bridge1: entered promiscuous mode
[   93.316560][ T7138] bridge1: entered allmulticast mode
[   93.349397][ T7139] bridge2: entered promiscuous mode
[   93.354656][ T7139] bridge2: entered allmulticast mode
[   93.728395][ T7138] loop4: detected capacity change from 0 to 32768
[   93.766955][ T3294]  loop4: p1 p2 p3 < p5 p6 >
[   93.778586][ T3294] loop4: p2 size 16775168 extends beyond EOD, truncated
[   93.810260][ T3294] loop4: p5 start 4294970168 is beyond EOD, truncated
[   93.834865][ T7138]  loop4: p1 p2 p3 < p5 p6 >
[   93.852286][ T7138] loop4: p2 size 16775168 extends beyond EOD, truncated
[   93.873315][ T7138] loop4: p5 start 4294970168 is beyond EOD, truncated
[   94.062390][ T7155] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7155 comm=syz.1.810
[   94.075079][ T7155] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7155 comm=syz.1.810
[   94.117926][ T4912] udevd[4912]: inotify_add_watch(7, /dev/loop4p6, 10) failed: No such file or directory
[   94.119462][ T4307] udevd[4307]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[   94.129342][ T3292] udevd[3292]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   94.139203][ T3294] udevd[3294]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   94.187686][ T4331] usb usb6-port1: unable to enumerate USB device
[   94.205941][ T4912] udevd[4912]: inotify_add_watch(7, /dev/loop4p6, 10) failed: No such file or directory
[   94.217957][ T4307] udevd[4307]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[   94.229812][ T3292] udevd[3292]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   94.241191][ T3294] udevd[3294]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   94.284517][ T7174] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(13)
[   94.291710][ T7174] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   94.299771][ T7174] vhci_hcd vhci_hcd.0: Device attached
[   94.309006][ T7174] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(15)
[   94.315761][ T7174] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   94.323530][ T7174] vhci_hcd vhci_hcd.0: Device attached
[   94.329415][ T7184] netlink: 16 bytes leftover after parsing attributes in process `syz.2.819'.
[   94.329951][ T7182] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7182 comm=syz.1.817
[   94.352798][ T7182] netlink: 4 bytes leftover after parsing attributes in process `syz.1.817'.
[   94.362752][ T7182] netlink: 16 bytes leftover after parsing attributes in process `syz.1.817'.
[   94.380138][ T7174] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(17)
[   94.387314][ T7174] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   94.395043][ T7174] vhci_hcd vhci_hcd.0: Device attached
[   94.402551][ T7174] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   94.412393][ T7174] vhci_hcd vhci_hcd.0: pdev(4) rhport(4) sockfd(21)
[   94.419199][ T7174] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   94.426912][ T7174] vhci_hcd vhci_hcd.0: Device attached
[   94.435571][ T7174] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(23)
[   94.442213][ T7174] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   94.450127][ T7174] vhci_hcd vhci_hcd.0: Device attached
[   94.458270][ T7174] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   94.468058][ T7174] vhci_hcd vhci_hcd.0: pdev(4) rhport(6) sockfd(27)
[   94.474865][ T7174] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   94.482640][ T7174] vhci_hcd vhci_hcd.0: Device attached
[   94.490470][ T7174] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   94.503303][ T7194] vhci_hcd: connection closed
[   94.503388][ T7190] vhci_hcd: connection closed
[   94.503414][ T7185] vhci_hcd: connection closed
[   94.509525][ T7192] vhci_hcd: connection closed
[   94.516454][ T7180] vhci_hcd: connection closed
[   94.517903][ T7175] vhci_hcd: connection closed
[   94.522300][ T3528] vhci_hcd: stop threads
[   94.536393][ T3528] vhci_hcd: release socket
[   94.540991][ T3528] vhci_hcd: disconnect device
[   94.545915][ T3528] vhci_hcd: stop threads
[   94.550287][ T3528] vhci_hcd: release socket
[   94.554815][ T3528] vhci_hcd: disconnect device
[   94.561354][ T3528] vhci_hcd: stop threads
[   94.565700][ T3528] vhci_hcd: release socket
[   94.570322][ T3528] vhci_hcd: disconnect device
[   94.571325][ T7196] lo speed is unknown, defaulting to 1000
[   94.576207][ T3528] vhci_hcd: stop threads
[   94.585316][ T3528] vhci_hcd: release socket
[   94.589979][ T3528] vhci_hcd: disconnect device
[   94.596955][ T3528] vhci_hcd: stop threads
[   94.601299][ T3528] vhci_hcd: release socket
[   94.605744][ T3528] vhci_hcd: disconnect device
[   94.610650][ T3528] vhci_hcd: stop threads
[   94.615000][ T3528] vhci_hcd: release socket
[   94.619537][ T3528] vhci_hcd: disconnect device
[   94.646331][ T5125] usb 10-1: enqueue for inactive port 0
[   94.857244][ T5125] usb 10-1: enqueue for inactive port 0
[   95.098411][   T29] kauditd_printk_skb: 182 callbacks suppressed
[   95.098446][   T29] audit: type=1400 audit(1754954322.808:3706): avc:  denied  { create } for  pid=7199 comm="syz.4.822" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[   95.125574][   T29] audit: type=1326 audit(1754954322.818:3707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7199 comm="syz.4.822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcac300ebe9 code=0x7ffc0000
[   95.125609][   T29] audit: type=1326 audit(1754954322.818:3708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7199 comm="syz.4.822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcac300ebe9 code=0x7ffc0000
[   95.125715][   T29] audit: type=1326 audit(1754954322.818:3709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7199 comm="syz.4.822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcac300ebe9 code=0x7ffc0000
[   95.125742][   T29] audit: type=1326 audit(1754954322.818:3710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7199 comm="syz.4.822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcac300d550 code=0x7ffc0000
[   95.149668][ T5947] vhci_hcd: vhci_device speed not set
[   95.225292][ T7207] FAULT_INJECTION: forcing a failure.
[   95.225292][ T7207] name failslab, interval 1, probability 0, space 0, times 0
[   95.225329][ T7207] CPU: 0 UID: 0 PID: 7207 Comm: syz.1.824 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   95.225357][ T7207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   95.225371][ T7207] Call Trace:
[   95.225380][ T7207]  <TASK>
[   95.225389][ T7207]  __dump_stack+0x1d/0x30
[   95.225487][ T7207]  dump_stack_lvl+0xe8/0x140
[   95.225509][ T7207]  dump_stack+0x15/0x1b
[   95.225527][ T7207]  should_fail_ex+0x265/0x280
[   95.225580][ T7207]  should_failslab+0x8c/0xb0
[   95.225606][ T7207]  kmem_cache_alloc_node_noprof+0x57/0x320
[   95.225703][ T7207]  ? __alloc_skb+0x101/0x320
[   95.225748][ T7207]  __alloc_skb+0x101/0x320
[   95.225777][ T7207]  netlink_alloc_large_skb+0xba/0xf0
[   95.225808][ T7207]  netlink_sendmsg+0x3cf/0x6b0
[   95.225830][ T7207]  ? __pfx_netlink_sendmsg+0x10/0x10
[   95.225918][ T7207]  __sock_sendmsg+0x145/0x180
[   95.225947][ T7207]  ____sys_sendmsg+0x31e/0x4e0
[   95.225972][ T7207]  ___sys_sendmsg+0x17b/0x1d0
[   95.226089][ T7207]  __x64_sys_sendmsg+0xd4/0x160
[   95.226133][ T7207]  x64_sys_call+0x191e/0x2ff0
[   95.226157][ T7207]  do_syscall_64+0xd2/0x200
[   95.226184][ T7207]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   95.226209][ T7207]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   95.226268][ T7207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.226293][ T7207] RIP: 0033:0x7f3cf34febe9
[   95.226311][ T7207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.226332][ T7207] RSP: 002b:00007f3cf1f5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   95.226353][ T7207] RAX: ffffffffffffffda RBX: 00007f3cf3725fa0 RCX: 00007f3cf34febe9
[   95.226439][ T7207] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004
[   95.226452][ T7207] RBP: 00007f3cf1f5f090 R08: 0000000000000000 R09: 0000000000000000
[   95.226466][ T7207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.226481][ T7207] R13: 00007f3cf3726038 R14: 00007f3cf3725fa0 R15: 00007ffd72834888
[   95.226501][ T7207]  </TASK>
[   95.424328][ T7228] FAULT_INJECTION: forcing a failure.
[   95.424328][ T7228] name failslab, interval 1, probability 0, space 0, times 0
[   95.426129][   T29] audit: type=1326 audit(1754954323.128:3711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7227 comm="syz.2.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f527968ebe9 code=0x7ffc0000
[   95.426173][   T29] audit: type=1326 audit(1754954323.128:3712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7227 comm="syz.2.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f527968ebe9 code=0x7ffc0000
[   95.432215][ T7228] CPU: 1 UID: 0 PID: 7228 Comm: syz.2.833 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   95.432242][ T7228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   95.432255][ T7228] Call Trace:
[   95.432264][ T7228]  <TASK>
[   95.432273][ T7228]  __dump_stack+0x1d/0x30
[   95.432298][ T7228]  dump_stack_lvl+0xe8/0x140
[   95.432348][ T7228]  dump_stack+0x15/0x1b
[   95.432409][ T7228]  should_fail_ex+0x265/0x280
[   95.432431][ T7228]  should_failslab+0x8c/0xb0
[   95.432456][ T7228]  kmem_cache_alloc_node_noprof+0x57/0x320
[   95.432496][ T7228]  ? __alloc_skb+0x101/0x320
[   95.432527][ T7228]  __alloc_skb+0x101/0x320
[   95.432555][ T7228]  ? audit_log_start+0x365/0x6c0
[   95.432585][ T7228]  audit_log_start+0x380/0x6c0
[   95.432689][ T7228]  audit_seccomp+0x48/0x100
[   95.432715][ T7228]  ? __seccomp_filter+0x68c/0x10d0
[   95.432737][ T7228]  __seccomp_filter+0x69d/0x10d0
[   95.432759][ T7228]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   95.432792][ T7228]  ? vfs_write+0x7e8/0x960
[   95.432814][ T7228]  ? __rcu_read_unlock+0x4f/0x70
[   95.432903][ T7228]  ? __fget_files+0x184/0x1c0
[   95.432929][ T7228]  __secure_computing+0x82/0x150
[   95.432984][ T7228]  syscall_trace_enter+0xcf/0x1e0
[   95.433009][ T7228]  do_syscall_64+0xac/0x200
[   95.433068][ T7228]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   95.433091][ T7228]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   95.433130][ T7228]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.433152][ T7228] RIP: 0033:0x7f527968ebe9
[   95.433169][ T7228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.433187][ T7228] RSP: 002b:00007f52780ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000111
[   95.433208][ T7228] RAX: ffffffffffffffda RBX: 00007f52798b5fa0 RCX: 00007f527968ebe9
[   95.433221][ T7228] RDX: 0000000000000000 RSI: 0000000000000018 RDI: 0000200000000300
[   95.433262][ T7228] RBP: 00007f52780ef090 R08: 0000000000000000 R09: 0000000000000000
[   95.433276][ T7228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.433288][ T7228] R13: 00007f52798b6038 R14: 00007f52798b5fa0 R15: 00007ffcba22a328
[   95.433306][ T7228]  </TASK>
[   95.433314][ T7228] audit: audit_lost=4 audit_rate_limit=0 audit_backlog_limit=64
[   95.436617][   T29] audit: type=1326 audit(1754954323.128:3713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7227 comm="syz.2.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f527968d550 code=0x7ffc0000
[   95.456440][ T7228] audit: out of memory in audit_log_start
[   95.972462][ T7232] loop3: detected capacity change from 0 to 1764
[   96.145045][ T7256] loop4: detected capacity change from 0 to 1024
[   96.156111][ T7256] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   96.176865][ T7233] loop3: detected capacity change from 0 to 128
[   96.192200][ T7256] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   96.246441][ T7256] EXT4-fs (loop4): mount failed
[   96.277083][ T7232] netlink: 14593 bytes leftover after parsing attributes in process `syz.3.830'.
[   96.311428][ T7256] loop4: detected capacity change from 0 to 512
[   96.330717][ T7256] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[   96.346306][ T3387] usb 7-1: enqueue for inactive port 0
[   96.352165][ T3387] usb 7-1: enqueue for inactive port 0
[   96.369291][ T7256] EXT4-fs error (device loop4): __ext4_fill_super:5500: inode #2: comm syz.4.843: casefold flag without casefold feature
[   96.407526][ T7256] EXT4-fs (loop4): get root inode failed
[   96.413316][ T7256] EXT4-fs (loop4): mount failed
[   96.445366][ T7256] loop4: detected capacity change from 0 to 512
[   96.452899][ T3387] vhci_hcd: vhci_device speed not set
[   96.458736][ T3409] usb usb6-port1: attempt power cycle
[   96.478585][ T7256] msdos: Unknown parameter 'ÿÿ'
[   96.639589][ T7276] netlink: 16 bytes leftover after parsing attributes in process `syz.4.849'.
[   96.759892][ T7282] mmap: syz.3.851 (7282) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   96.839119][ T7296] FAULT_INJECTION: forcing a failure.
[   96.839119][ T7296] name failslab, interval 1, probability 0, space 0, times 0
[   96.852125][ T7296] CPU: 0 UID: 0 PID: 7296 Comm: syz.3.857 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   96.852160][ T7296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   96.852187][ T7296] Call Trace:
[   96.852196][ T7296]  <TASK>
[   96.852205][ T7296]  __dump_stack+0x1d/0x30
[   96.852239][ T7296]  dump_stack_lvl+0xe8/0x140
[   96.852260][ T7296]  dump_stack+0x15/0x1b
[   96.852277][ T7296]  should_fail_ex+0x265/0x280
[   96.852298][ T7296]  should_failslab+0x8c/0xb0
[   96.852322][ T7296]  kmem_cache_alloc_node_noprof+0x57/0x320
[   96.852366][ T7296]  ? __alloc_skb+0x101/0x320
[   96.852402][ T7296]  __alloc_skb+0x101/0x320
[   96.852431][ T7296]  netlink_alloc_large_skb+0xba/0xf0
[   96.852516][ T7296]  netlink_sendmsg+0x3cf/0x6b0
[   96.852537][ T7296]  ? __pfx_netlink_sendmsg+0x10/0x10
[   96.852556][ T7296]  __sock_sendmsg+0x145/0x180
[   96.852580][ T7296]  ____sys_sendmsg+0x31e/0x4e0
[   96.852681][ T7296]  ___sys_sendmsg+0x17b/0x1d0
[   96.852715][ T7296]  __x64_sys_sendmsg+0xd4/0x160
[   96.852779][ T7296]  x64_sys_call+0x191e/0x2ff0
[   96.852799][ T7296]  do_syscall_64+0xd2/0x200
[   96.852828][ T7296]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   96.852855][ T7296]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   96.852883][ T7296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.853002][ T7296] RIP: 0033:0x7f304e0aebe9
[   96.853021][ T7296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.853096][ T7296] RSP: 002b:00007f304cb17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   96.853117][ T7296] RAX: ffffffffffffffda RBX: 00007f304e2d5fa0 RCX: 00007f304e0aebe9
[   96.853130][ T7296] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004
[   96.853144][ T7296] RBP: 00007f304cb17090 R08: 0000000000000000 R09: 0000000000000000
[   96.853158][ T7296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.853179][ T7296] R13: 00007f304e2d6038 R14: 00007f304e2d5fa0 R15: 00007ffd28115a88
[   96.853193][ T7296]  </TASK>
[   97.114854][ T7304] netlink: 8 bytes leftover after parsing attributes in process `syz.3.861'.
[   97.388385][ T7314] loop2: detected capacity change from 0 to 2048
[   97.405859][ T7314] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.427388][ T7314] FAULT_INJECTION: forcing a failure.
[   97.427388][ T7314] name failslab, interval 1, probability 0, space 0, times 0
[   97.435274][ T7307] syz.3.861 (7307) used greatest stack depth: 9720 bytes left
[   97.440261][ T7314] CPU: 1 UID: 0 PID: 7314 Comm: syz.2.865 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   97.440291][ T7314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   97.440304][ T7314] Call Trace:
[   97.440312][ T7314]  <TASK>
[   97.440321][ T7314]  __dump_stack+0x1d/0x30
[   97.440344][ T7314]  dump_stack_lvl+0xe8/0x140
[   97.440438][ T7314]  dump_stack+0x15/0x1b
[   97.440454][ T7314]  should_fail_ex+0x265/0x280
[   97.440476][ T7314]  should_failslab+0x8c/0xb0
[   97.440516][ T7314]  __kmalloc_noprof+0xa5/0x3e0
[   97.440548][ T7314]  ? ext4_find_extent+0x16b/0x7a0
[   97.440571][ T7314]  ext4_find_extent+0x16b/0x7a0
[   97.440594][ T7314]  ? blk_mq_dispatch_queue_requests+0x201/0x350
[   97.440619][ T7314]  ext4_ext_map_blocks+0x11f/0x38a0
[   97.440670][ T7314]  ? blk_mq_submit_bio+0xbaa/0xf50
[   97.440694][ T7314]  ? __rcu_read_unlock+0x4f/0x70
[   97.440805][ T7314]  ? filemap_get_entry+0x34b/0x390
[   97.440836][ T7314]  ? folio_mark_accessed+0x240/0x3d0
[   97.440870][ T7314]  ? folio_unlock+0xd9/0x120
[   97.440980][ T7314]  ? number+0x9ae/0xab0
[   97.441011][ T7314]  ext4_map_query_blocks+0xa8/0x480
[   97.441045][ T7314]  ext4_map_blocks+0x330/0xd00
[   97.441070][ T7314]  ? ext4_get_group_desc+0x16b/0x190
[   97.441160][ T7314]  ? __ext4_journal_start_sb+0x131/0x300
[   97.441180][ T7314]  ? folio_mark_accessed+0x240/0x3d0
[   97.441227][ T7314]  ext4_iomap_begin+0x88d/0xe00
[   97.441267][ T7314]  ? __pfx_ext4_iomap_begin+0x10/0x10
[   97.441295][ T7314]  iomap_iter+0x332/0x730
[   97.441390][ T7314]  ? should_failslab+0x8c/0xb0
[   97.441417][ T7314]  __iomap_dio_rw+0x708/0x1250
[   97.441450][ T7314]  ? ext4_journal_check_start+0x11a/0x1b0
[   97.441472][ T7314]  iomap_dio_rw+0x40/0x90
[   97.441598][ T7314]  ext4_file_write_iter+0xad9/0xf00
[   97.441634][ T7314]  do_iter_readv_writev+0x49c/0x540
[   97.441662][ T7314]  vfs_writev+0x2df/0x8b0
[   97.441721][ T7314]  __se_sys_pwritev2+0xfc/0x1c0
[   97.441748][ T7314]  __x64_sys_pwritev2+0x67/0x80
[   97.441788][ T7314]  x64_sys_call+0x2c55/0x2ff0
[   97.441863][ T7314]  do_syscall_64+0xd2/0x200
[   97.441889][ T7314]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.441913][ T7314]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   97.441980][ T7314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.442003][ T7314] RIP: 0033:0x7f527968ebe9
[   97.442019][ T7314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.442037][ T7314] RSP: 002b:00007f52780ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   97.442058][ T7314] RAX: ffffffffffffffda RBX: 00007f52798b5fa0 RCX: 00007f527968ebe9
[   97.442137][ T7314] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000007
[   97.442150][ T7314] RBP: 00007f52780ef090 R08: 0000000000000000 R09: 0000000000000003
[   97.442162][ T7314] R10: 0000000000007c00 R11: 0000000000000246 R12: 0000000000000001
[   97.442175][ T7314] R13: 00007f52798b6038 R14: 00007f52798b5fa0 R15: 00007ffcba22a328
[   97.442203][ T7314]  </TASK>
[   97.538162][ T7320] lo speed is unknown, defaulting to 1000
[   97.677712][ T7324] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(12)
[   97.760081][ T7324] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   97.767685][ T7324] vhci_hcd vhci_hcd.0: Device attached
[   97.770754][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.780254][ T7327] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(15)
[   97.789019][ T7327] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   97.796596][ T7327] vhci_hcd vhci_hcd.0: Device attached
[   97.841184][ T7324] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(14)
[   97.847974][ T7324] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   97.855646][ T7324] vhci_hcd vhci_hcd.0: Device attached
[   97.866029][ T7324] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   97.878608][ T7324] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(20)
[   97.885450][ T7324] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   97.893089][ T7324] vhci_hcd vhci_hcd.0: Device attached
[   97.904194][ T7324] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(22)
[   97.911014][ T7324] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   97.919148][ T7324] vhci_hcd vhci_hcd.0: Device attached
[   97.928406][ T7324] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   97.938438][ T7324] vhci_hcd vhci_hcd.0: pdev(3) rhport(6) sockfd(26)
[   97.945371][ T7324] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   97.953382][ T7324] vhci_hcd vhci_hcd.0: Device attached
[   97.960723][ T7324] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   97.973114][ T7345] vhci_hcd: connection closed
[   97.973297][   T12] vhci_hcd: stop threads
[   97.973391][ T7342] vhci_hcd: connection closed
[   97.978182][   T12] vhci_hcd: release socket
[   97.983744][ T7328] vhci_hcd: connection closed
[   97.987548][   T12] vhci_hcd: disconnect device
[   97.992526][ T7325] vhci_hcd: connection closed
[   97.996891][ T7338] vhci_hcd: connection closed
[   98.008203][ T7334] vhci_hcd: connection closed
[   98.017803][   T12] vhci_hcd: stop threads
[   98.027261][   T12] vhci_hcd: release socket
[   98.031697][   T12] vhci_hcd: disconnect device
[   98.036880][   T12] vhci_hcd: stop threads
[   98.041632][   T12] vhci_hcd: release socket
[   98.046549][   T12] vhci_hcd: disconnect device
[   98.051867][   T12] vhci_hcd: stop threads
[   98.056161][   T12] vhci_hcd: release socket
[   98.060847][   T12] vhci_hcd: disconnect device
[   98.066185][   T12] vhci_hcd: stop threads
[   98.070510][   T12] vhci_hcd: release socket
[   98.075049][   T12] vhci_hcd: disconnect device
[   98.080616][   T12] vhci_hcd: stop threads
[   98.085174][   T12] vhci_hcd: release socket
[   98.089791][   T12] vhci_hcd: disconnect device
[   98.172417][ T7350] loop4: detected capacity change from 0 to 512
[   98.192287][ T7350] EXT4-fs (loop4): orphan cleanup on readonly fs
[   98.200136][ T7350] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.874: bg 0: block 248: padding at end of block bitmap is not set
[   98.216081][ T7350] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.874: Failed to acquire dquot type 1
[   98.231874][ T7350] EXT4-fs (loop4): 1 truncate cleaned up
[   98.238689][ T7350] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   98.257951][ T7350] syz.4.874 (7350) used greatest stack depth: 9208 bytes left
[   98.274068][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.294640][ T7355] netlink: 32 bytes leftover after parsing attributes in process `syz.4.875'.
[   98.326598][ T7353] lo speed is unknown, defaulting to 1000
[   98.456604][ T3409] usb usb6-port1: unable to enumerate USB device
[   98.472985][ T7374] batman_adv: batadv0: Adding interface: dummy0
[   98.479349][ T7374] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   98.508439][ T7374] batman_adv: batadv0: Interface activated: dummy0
[   98.519831][ T7374] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[   98.610153][ T7381] loop5: detected capacity change from 0 to 8192
[   98.611406][ T7385] netlink: 32 bytes leftover after parsing attributes in process `syz.3.887'.
[   99.082017][ T7400] loop2: detected capacity change from 0 to 8192
[   99.299130][ T7406] FAULT_INJECTION: forcing a failure.
[   99.299130][ T7406] name failslab, interval 1, probability 0, space 0, times 0
[   99.312575][ T7406] CPU: 0 UID: 0 PID: 7406 Comm: syz.1.895 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   99.312629][ T7406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   99.312643][ T7406] Call Trace:
[   99.312651][ T7406]  <TASK>
[   99.312723][ T7406]  __dump_stack+0x1d/0x30
[   99.312748][ T7406]  dump_stack_lvl+0xe8/0x140
[   99.312779][ T7406]  dump_stack+0x15/0x1b
[   99.312795][ T7406]  should_fail_ex+0x265/0x280
[   99.312814][ T7406]  ? __se_sys_memfd_create+0x1cc/0x590
[   99.312878][ T7406]  should_failslab+0x8c/0xb0
[   99.312905][ T7406]  __kmalloc_cache_noprof+0x4c/0x320
[   99.312936][ T7406]  ? fput+0x8f/0xc0
[   99.312991][ T7406]  __se_sys_memfd_create+0x1cc/0x590
[   99.313015][ T7406]  __x64_sys_memfd_create+0x31/0x40
[   99.313076][ T7406]  x64_sys_call+0x2abe/0x2ff0
[   99.313099][ T7406]  do_syscall_64+0xd2/0x200
[   99.313147][ T7406]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   99.313172][ T7406]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   99.313212][ T7406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.313235][ T7406] RIP: 0033:0x7f3cf34febe9
[   99.313317][ T7406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.313334][ T7406] RSP: 002b:00007f3cf1f5ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   99.313356][ T7406] RAX: ffffffffffffffda RBX: 00000000000004f2 RCX: 00007f3cf34febe9
[   99.313433][ T7406] RDX: 00007f3cf1f5eef0 RSI: 0000000000000000 RDI: 00007f3cf35827e8
[   99.313445][ T7406] RBP: 0000200000000600 R08: 00007f3cf1f5ebb7 R09: 00007f3cf1f5ee40
[   99.313459][ T7406] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[   99.313474][ T7406] R13: 00007f3cf1f5eef0 R14: 00007f3cf1f5eeb0 R15: 00002000000002c0
[   99.313495][ T7406]  </TASK>
[   99.626362][ T7421] netlink: 32 bytes leftover after parsing attributes in process `syz.5.898'.
[   99.755470][ T7436] netlink: 8 bytes leftover after parsing attributes in process `syz.1.904'.
[  100.094426][ T7473] FAULT_INJECTION: forcing a failure.
[  100.094426][ T7473] name failslab, interval 1, probability 0, space 0, times 0
[  100.107172][ T7473] CPU: 0 UID: 0 PID: 7473 Comm: syz.2.907 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  100.107206][ T7473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  100.107218][ T7473] Call Trace:
[  100.107226][ T7473]  <TASK>
[  100.107233][ T7473]  __dump_stack+0x1d/0x30
[  100.107258][ T7473]  dump_stack_lvl+0xe8/0x140
[  100.107280][ T7473]  dump_stack+0x15/0x1b
[  100.107299][ T7473]  should_fail_ex+0x265/0x280
[  100.107322][ T7473]  should_failslab+0x8c/0xb0
[  100.107347][ T7473]  kmem_cache_alloc_noprof+0x50/0x310
[  100.107371][ T7473]  ? vm_area_dup+0x33/0x2c0
[  100.107399][ T7473]  vm_area_dup+0x33/0x2c0
[  100.107427][ T7473]  __split_vma+0xe9/0x650
[  100.107457][ T7473]  ? mas_find+0x5d5/0x700
[  100.107486][ T7473]  vms_gather_munmap_vmas+0x2b2/0x7b0
[  100.107517][ T7473]  do_vmi_align_munmap+0x1a4/0x3d0
[  100.107551][ T7473]  do_vmi_munmap+0x1db/0x220
[  100.107573][ T7473]  do_munmap+0x8a/0xc0
[  100.107593][ T7473]  mremap_to+0x1a4/0x440
[  100.107615][ T7473]  ? check_prep_vma+0x5d6/0x660
[  100.107645][ T7473]  __se_sys_mremap+0x652/0xc60
[  100.107680][ T7473]  ? fput+0x8f/0xc0
[  100.107711][ T7473]  ? ksys_write+0x192/0x1a0
[  100.107733][ T7473]  __x64_sys_mremap+0x67/0x80
[  100.107763][ T7473]  x64_sys_call+0x2a24/0x2ff0
[  100.107787][ T7473]  do_syscall_64+0xd2/0x200
[  100.107815][ T7473]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.107837][ T7473]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  100.107859][ T7473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.107882][ T7473] RIP: 0033:0x7f527968ebe9
[  100.107900][ T7473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.107920][ T7473] RSP: 002b:00007f52780ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  100.107944][ T7473] RAX: ffffffffffffffda RBX: 00007f52798b5fa0 RCX: 00007f527968ebe9
[  100.107958][ T7473] RDX: 0000000000400000 RSI: 0000000000001000 RDI: 0000200000a96000
[  100.107972][ T7473] RBP: 00007f52780ef090 R08: 0000200000000000 R09: 0000000000000000
[  100.107983][ T7473] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  100.107994][ T7473] R13: 00007f52798b6038 R14: 00007f52798b5fa0 R15: 00007ffcba22a328
[  100.108011][ T7473]  </TASK>
[  100.361314][ T7477] loop2: detected capacity change from 0 to 512
[  100.466991][ T7477] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.517774][ T7477] ext4 filesystem being mounted at /186/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  100.537183][   T29] kauditd_printk_skb: 227 callbacks suppressed
[  100.537203][   T29] audit: type=1326 audit(1754954328.248:3938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7507 comm="syz.5.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7403ebe9 code=0x7ffc0000
[  100.567407][   T29] audit: type=1326 audit(1754954328.248:3939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7507 comm="syz.5.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7403ebe9 code=0x7ffc0000
[  100.591632][   T29] audit: type=1326 audit(1754954328.248:3940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7507 comm="syz.5.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8d7403ebe9 code=0x7ffc0000
[  100.608601][ T7477] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.908: corrupted inode contents
[  100.615212][   T29] audit: type=1326 audit(1754954328.248:3941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7507 comm="syz.5.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7403ebe9 code=0x7ffc0000
[  100.650486][   T29] audit: type=1326 audit(1754954328.248:3942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7507 comm="syz.5.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7403ebe9 code=0x7ffc0000
[  100.686606][   T29] audit: type=1326 audit(1754954328.278:3943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7507 comm="syz.5.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8d7403ebe9 code=0x7ffc0000
[  100.686772][ T7477] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #2: comm syz.2.908: mark_inode_dirty error
[  100.710054][   T29] audit: type=1326 audit(1754954328.278:3944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7507 comm="syz.5.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7403ebe9 code=0x7ffc0000
[  100.744593][   T29] audit: type=1326 audit(1754954328.278:3945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7507 comm="syz.5.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7403ebe9 code=0x7ffc0000
[  100.766557][ T7477] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.908: corrupted inode contents
[  100.768197][   T29] audit: type=1326 audit(1754954328.278:3946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7507 comm="syz.5.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8d7403ebe9 code=0x7ffc0000
[  100.803540][   T29] audit: type=1326 audit(1754954328.278:3947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7507 comm="syz.5.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7403ebe9 code=0x7ffc0000
[  100.852506][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.924534][ T7527] Driver unsupported XDP return value 0 on prog  (id 463) dev N/A, expect packet loss!
[  100.957374][ T7527] loop2: detected capacity change from 0 to 512
[  100.999660][ T7527] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: inode #11: comm syz.2.915: missing EA_INODE flag
[  101.027806][ T7527] EXT4-fs error (device loop2): ext4_xattr_inode_iget:442: comm syz.2.915: error while reading EA inode 11 err=-117
[  101.055153][ T7527] EXT4-fs (loop2): 1 orphan inode deleted
[  101.071879][ T7527] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.114751][ T7535] netlink: 8 bytes leftover after parsing attributes in process `syz.5.918'.
[  101.129071][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.190004][ T7541] FAULT_INJECTION: forcing a failure.
[  101.190004][ T7541] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.203254][ T7541] CPU: 0 UID: 0 PID: 7541 Comm: syz.2.919 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  101.203291][ T7541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  101.203306][ T7541] Call Trace:
[  101.203316][ T7541]  <TASK>
[  101.203326][ T7541]  __dump_stack+0x1d/0x30
[  101.203363][ T7541]  dump_stack_lvl+0xe8/0x140
[  101.203389][ T7541]  dump_stack+0x15/0x1b
[  101.203410][ T7541]  should_fail_ex+0x265/0x280
[  101.203432][ T7541]  should_fail+0xb/0x20
[  101.203520][ T7541]  should_fail_usercopy+0x1a/0x20
[  101.203544][ T7541]  _copy_from_user+0x1c/0xb0
[  101.203588][ T7541]  ___sys_sendmsg+0xc1/0x1d0
[  101.203628][ T7541]  __x64_sys_sendmsg+0xd4/0x160
[  101.203658][ T7541]  x64_sys_call+0x191e/0x2ff0
[  101.203684][ T7541]  do_syscall_64+0xd2/0x200
[  101.203745][ T7541]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.203769][ T7541]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  101.203794][ T7541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.203819][ T7541] RIP: 0033:0x7f527968ebe9
[  101.203870][ T7541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.203892][ T7541] RSP: 002b:00007f52780ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  101.203917][ T7541] RAX: ffffffffffffffda RBX: 00007f52798b5fa0 RCX: 00007f527968ebe9
[  101.203930][ T7541] RDX: 0000000000000880 RSI: 0000200000000500 RDI: 0000000000000003
[  101.203943][ T7541] RBP: 00007f52780ef090 R08: 0000000000000000 R09: 0000000000000000
[  101.203955][ T7541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.203967][ T7541] R13: 00007f52798b6038 R14: 00007f52798b5fa0 R15: 00007ffcba22a328
[  101.204032][ T7541]  </TASK>
[  101.602266][ T7551] netlink: 4 bytes leftover after parsing attributes in process `syz.1.923'.
[  101.635667][ T7554] netlink: 8 bytes leftover after parsing attributes in process `syz.2.924'.
[  101.691667][ T7556] FAULT_INJECTION: forcing a failure.
[  101.691667][ T7556] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.705208][ T7556] CPU: 1 UID: 0 PID: 7556 Comm: syz.2.924 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  101.705245][ T7556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  101.705258][ T7556] Call Trace:
[  101.705265][ T7556]  <TASK>
[  101.705273][ T7556]  __dump_stack+0x1d/0x30
[  101.705296][ T7556]  dump_stack_lvl+0xe8/0x140
[  101.705343][ T7556]  dump_stack+0x15/0x1b
[  101.705363][ T7556]  should_fail_ex+0x265/0x280
[  101.705421][ T7556]  should_fail+0xb/0x20
[  101.705437][ T7556]  should_fail_usercopy+0x1a/0x20
[  101.705458][ T7556]  _copy_from_user+0x1c/0xb0
[  101.705486][ T7556]  ___sys_sendmsg+0xc1/0x1d0
[  101.705522][ T7556]  __x64_sys_sendmsg+0xd4/0x160
[  101.705619][ T7556]  x64_sys_call+0x191e/0x2ff0
[  101.705642][ T7556]  do_syscall_64+0xd2/0x200
[  101.705666][ T7556]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.705703][ T7556]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  101.705729][ T7556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.705754][ T7556] RIP: 0033:0x7f527968ebe9
[  101.705773][ T7556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.705795][ T7556] RSP: 002b:00007f52780ce038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  101.705819][ T7556] RAX: ffffffffffffffda RBX: 00007f52798b6090 RCX: 00007f527968ebe9
[  101.705885][ T7556] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000004
[  101.705900][ T7556] RBP: 00007f52780ce090 R08: 0000000000000000 R09: 0000000000000000
[  101.705987][ T7556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.705998][ T7556] R13: 00007f52798b6128 R14: 00007f52798b6090 R15: 00007ffcba22a328
[  101.706018][ T7556]  </TASK>
[  102.260000][ T7586] lo speed is unknown, defaulting to 1000
[  102.395048][ T7590] loop3: detected capacity change from 0 to 128
[  102.458670][ T7590] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  102.509315][ T7590] ext4 filesystem being mounted at /201/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.642893][ T7584] loop2: detected capacity change from 0 to 764
[  102.652473][ T3304] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  102.661019][ T7593] FAULT_INJECTION: forcing a failure.
[  102.661019][ T7593] name failslab, interval 1, probability 0, space 0, times 0
[  102.662507][ T7584] iso9660: Unknown parameter '@'
[  102.674739][ T7593] CPU: 0 UID: 0 PID: 7593 Comm: syz.5.939 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  102.674770][ T7593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  102.674782][ T7593] Call Trace:
[  102.674790][ T7593]  <TASK>
[  102.674799][ T7593]  __dump_stack+0x1d/0x30
[  102.674822][ T7593]  dump_stack_lvl+0xe8/0x140
[  102.674842][ T7593]  dump_stack+0x15/0x1b
[  102.674859][ T7593]  should_fail_ex+0x265/0x280
[  102.674880][ T7593]  should_failslab+0x8c/0xb0
[  102.674904][ T7593]  kmem_cache_alloc_noprof+0x50/0x310
[  102.674931][ T7593]  ? __mpol_dup+0x42/0x1b0
[  102.674961][ T7593]  __mpol_dup+0x42/0x1b0
[  102.674990][ T7593]  mbind_range+0x1e8/0x440
[  102.675008][ T7593]  ? mas_find+0x5d5/0x700
[  102.675034][ T7593]  __se_sys_mbind+0x648/0xac0
[  102.675067][ T7593]  __x64_sys_mbind+0x78/0x90
[  102.675104][ T7593]  x64_sys_call+0x2932/0x2ff0
[  102.675124][ T7593]  do_syscall_64+0xd2/0x200
[  102.675148][ T7593]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  102.675172][ T7593]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  102.675195][ T7593]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.675216][ T7593] RIP: 0033:0x7f8d7403ebe9
[  102.675233][ T7593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.675251][ T7593] RSP: 002b:00007f8d72a9f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  102.675272][ T7593] RAX: ffffffffffffffda RBX: 00007f8d74265fa0 RCX: 00007f8d7403ebe9
[  102.675284][ T7593] RDX: 0000000000000001 RSI: 0000000000600000 RDI: 0000200000000000
[  102.675297][ T7593] RBP: 00007f8d72a9f090 R08: 0000000000000000 R09: 0000000000000002
[  102.675309][ T7593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.675321][ T7593] R13: 00007f8d74266038 R14: 00007f8d74265fa0 R15: 00007ffd79b9fbe8
[  102.675339][ T7593]  </TASK>
[  102.935168][ T7584] netlink: 12 bytes leftover after parsing attributes in process `syz.2.936'.
[  102.985559][ T7623] FAULT_INJECTION: forcing a failure.
[  102.985559][ T7623] name failslab, interval 1, probability 0, space 0, times 0
[  102.998334][ T7623] CPU: 1 UID: 0 PID: 7623 Comm: syz.4.946 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  102.998443][ T7623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  102.998457][ T7623] Call Trace:
[  102.998466][ T7623]  <TASK>
[  102.998475][ T7623]  __dump_stack+0x1d/0x30
[  102.998497][ T7623]  dump_stack_lvl+0xe8/0x140
[  102.998520][ T7623]  dump_stack+0x15/0x1b
[  102.998539][ T7623]  should_fail_ex+0x265/0x280
[  102.998565][ T7623]  should_failslab+0x8c/0xb0
[  102.998663][ T7623]  kmem_cache_alloc_noprof+0x50/0x310
[  102.998688][ T7623]  ? alloc_empty_file+0x76/0x200
[  102.998714][ T7623]  ? mntput+0x4b/0x80
[  102.998775][ T7623]  alloc_empty_file+0x76/0x200
[  102.998883][ T7623]  path_openat+0x68/0x2170
[  102.998905][ T7623]  ? _parse_integer_limit+0x170/0x190
[  102.998968][ T7623]  ? kstrtoull+0x111/0x140
[  102.998986][ T7623]  ? kstrtouint+0x76/0xc0
[  102.999008][ T7623]  do_filp_open+0x109/0x230
[  102.999068][ T7623]  do_sys_openat2+0xa6/0x110
[  102.999139][ T7623]  __x64_sys_openat+0xf2/0x120
[  102.999174][ T7623]  x64_sys_call+0x2e9c/0x2ff0
[  102.999199][ T7623]  do_syscall_64+0xd2/0x200
[  102.999287][ T7623]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  102.999333][ T7623]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  102.999407][ T7623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.999432][ T7623] RIP: 0033:0x7fcac300ebe9
[  102.999450][ T7623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.999468][ T7623] RSP: 002b:00007fcac1a77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  102.999522][ T7623] RAX: ffffffffffffffda RBX: 00007fcac3235fa0 RCX: 00007fcac300ebe9
[  102.999558][ T7623] RDX: 0000000000414f02 RSI: 0000200000000200 RDI: 0000000000000004
[  102.999573][ T7623] RBP: 00007fcac1a77090 R08: 0000000000000000 R09: 0000000000000000
[  102.999663][ T7623] R10: 52abe154ad664fa4 R11: 0000000000000246 R12: 0000000000000001
[  102.999714][ T7623] R13: 00007fcac3236038 R14: 00007fcac3235fa0 R15: 00007ffc09275b68
[  102.999732][ T7623]  </TASK>
[  103.261217][ T7629] netlink: 36 bytes leftover after parsing attributes in process `syz.4.948'.
[  103.305069][ T7634] serio: Serial port ptm0
[  103.711810][ T7704] lo speed is unknown, defaulting to 1000
[  103.859541][ T7706] netlink: 16 bytes leftover after parsing attributes in process `syz.2.959'.
[  103.870282][ T7707] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  103.973179][ T7707] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  103.988345][ T7706] netlink: 'syz.2.959': attribute type 2 has an invalid length.
[  103.996317][ T7706] netlink: 40 bytes leftover after parsing attributes in process `syz.2.959'.
[  104.114665][ T7711] loop2: detected capacity change from 0 to 1024
[  104.131366][ T7717] FAULT_INJECTION: forcing a failure.
[  104.131366][ T7717] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.138708][ T7711] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  104.144684][ T7717] CPU: 1 UID: 0 PID: 7717 Comm: syz.5.962 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  104.144762][ T7717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  104.144774][ T7717] Call Trace:
[  104.144783][ T7717]  <TASK>
[  104.144792][ T7717]  __dump_stack+0x1d/0x30
[  104.144817][ T7717]  dump_stack_lvl+0xe8/0x140
[  104.144913][ T7717]  dump_stack+0x15/0x1b
[  104.144930][ T7717]  should_fail_ex+0x265/0x280
[  104.145011][ T7717]  should_fail+0xb/0x20
[  104.145028][ T7717]  should_fail_usercopy+0x1a/0x20
[  104.145050][ T7717]  _copy_from_user+0x1c/0xb0
[  104.145078][ T7717]  __x64_sys_setrlimit+0x5e/0xc0
[  104.145147][ T7717]  x64_sys_call+0x2c13/0x2ff0
[  104.145177][ T7717]  do_syscall_64+0xd2/0x200
[  104.145202][ T7717]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  104.145282][ T7717]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  104.145306][ T7717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.145328][ T7717] RIP: 0033:0x7f8d7403ebe9
[  104.145345][ T7717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.145383][ T7717] RSP: 002b:00007f8d72a9f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a0
[  104.145439][ T7717] RAX: ffffffffffffffda RBX: 00007f8d74265fa0 RCX: 00007f8d7403ebe9
[  104.145452][ T7717] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0040000000000008
[  104.145465][ T7717] RBP: 00007f8d72a9f090 R08: 0000000000000000 R09: 0000000000000000
[  104.145477][ T7717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.145554][ T7717] R13: 00007f8d74266038 R14: 00007f8d74265fa0 R15: 00007ffd79b9fbe8
[  104.145573][ T7717]  </TASK>
[  104.325795][ T7711] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  104.415769][ T7711] JBD2: no valid journal superblock found
[  104.421658][ T7711] EXT4-fs (loop2): Could not load journal inode
[  104.546871][ T7744] FAULT_INJECTION: forcing a failure.
[  104.546871][ T7744] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.560100][ T7744] CPU: 1 UID: 0 PID: 7744 Comm: syz.4.971 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  104.560146][ T7744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  104.560205][ T7744] Call Trace:
[  104.560214][ T7744]  <TASK>
[  104.560224][ T7744]  __dump_stack+0x1d/0x30
[  104.560249][ T7744]  dump_stack_lvl+0xe8/0x140
[  104.560291][ T7744]  dump_stack+0x15/0x1b
[  104.560309][ T7744]  should_fail_ex+0x265/0x280
[  104.560358][ T7744]  should_fail+0xb/0x20
[  104.560378][ T7744]  should_fail_usercopy+0x1a/0x20
[  104.560401][ T7744]  _copy_from_user+0x1c/0xb0
[  104.560433][ T7744]  ___bpf_copy_key+0xa5/0x110
[  104.560498][ T7744]  map_update_elem+0x165/0x520
[  104.560531][ T7744]  __sys_bpf+0x571/0x7b0
[  104.560566][ T7744]  __x64_sys_bpf+0x41/0x50
[  104.560594][ T7744]  x64_sys_call+0x2aea/0x2ff0
[  104.560639][ T7744]  do_syscall_64+0xd2/0x200
[  104.560669][ T7744]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  104.560696][ T7744]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  104.560723][ T7744]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.560747][ T7744] RIP: 0033:0x7fcac300ebe9
[  104.560808][ T7744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.560827][ T7744] RSP: 002b:00007fcac1a77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  104.560849][ T7744] RAX: ffffffffffffffda RBX: 00007fcac3235fa0 RCX: 00007fcac300ebe9
[  104.560863][ T7744] RDX: 0000000000000020 RSI: 0000200000000200 RDI: 0000000000000002
[  104.560879][ T7744] RBP: 00007fcac1a77090 R08: 0000000000000000 R09: 0000000000000000
[  104.560893][ T7744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.560906][ T7744] R13: 00007fcac3236038 R14: 00007fcac3235fa0 R15: 00007ffc09275b68
[  104.560945][ T7744]  </TASK>
[  105.020872][ T7812] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7812 comm=syz.2.974
[  105.036991][ T7812] netlink: 4 bytes leftover after parsing attributes in process `syz.2.974'.
[  105.046360][ T7812] netlink: 16 bytes leftover after parsing attributes in process `syz.2.974'.
[  105.070552][ T7817] 9pnet_fd: Insufficient options for proto=fd
[  105.104809][ T7824] loop4: detected capacity change from 0 to 512
[  105.119527][ T7824] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  105.129102][ T7824] EXT4-fs (loop4): orphan cleanup on readonly fs
[  105.143618][ T7824] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  105.159880][ T7824] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  105.167503][ T7824] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.981: bg 0: block 40: padding at end of block bitmap is not set
[  105.183235][ T7824] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  105.192392][ T7824] EXT4-fs (loop4): 1 truncate cleaned up
[  105.199662][ T7824] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  105.224812][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.259991][ T7848] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(13)
[  105.266657][ T7848] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  105.274386][ T7848] vhci_hcd vhci_hcd.0: Device attached
[  105.282456][ T7848] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(15)
[  105.289423][ T7848] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  105.297213][ T7848] vhci_hcd vhci_hcd.0: Device attached
[  105.305909][ T7848] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(17)
[  105.312629][ T7848] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  105.320673][ T7848] vhci_hcd vhci_hcd.0: Device attached
[  105.327172][ T7848] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  105.335923][ T7848] vhci_hcd vhci_hcd.0: pdev(4) rhport(4) sockfd(21)
[  105.342565][ T7848] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  105.350278][ T7848] vhci_hcd vhci_hcd.0: Device attached
[  105.358363][ T7848] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(23)
[  105.365142][ T7848] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  105.373173][ T7848] vhci_hcd vhci_hcd.0: Device attached
[  105.419421][ T7886] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  105.453369][ T7878] netlink: 8 bytes leftover after parsing attributes in process `syz.5.983'.
[  105.470174][ T7848] vhci_hcd vhci_hcd.0: pdev(4) rhport(6) sockfd(25)
[  105.476828][ T7848] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  105.484551][ T7848] vhci_hcd vhci_hcd.0: Device attached
[  105.490904][ T7848] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  105.501545][ T7891] vhci_hcd: connection closed
[  105.501703][ T7869] vhci_hcd: connection closed
[  105.506777][ T7854] vhci_hcd: connection closed
[  105.511594][ T7850] vhci_hcd: connection closed
[  105.516518][ T3382] usb 9-1: new low-speed USB device number 5 using vhci_hcd
[  105.529266][ T3436] vhci_hcd: stop threads
[  105.529319][ T7864] vhci_hcd: connection closed
[  105.533693][ T3436] vhci_hcd: release socket
[  105.535301][ T7860] vhci_hcd: connection closed
[  105.538542][ T3436] vhci_hcd: disconnect device
[  105.555168][ T7851] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  105.557620][ T3436] vhci_hcd: stop threads
[  105.565453][ T3436] vhci_hcd: release socket
[  105.570117][ T3436] vhci_hcd: disconnect device
[  105.576206][ T3436] vhci_hcd: stop threads
[  105.580543][ T3436] vhci_hcd: release socket
[  105.585102][ T3436] vhci_hcd: disconnect device
[  105.595784][ T3436] vhci_hcd: stop threads
[  105.600206][ T3436] vhci_hcd: release socket
[  105.604844][ T3436] vhci_hcd: disconnect device
[  105.612722][ T3436] vhci_hcd: stop threads
[  105.617138][ T3436] vhci_hcd: release socket
[  105.621599][ T3436] vhci_hcd: disconnect device
[  105.627887][ T3436] vhci_hcd: stop threads
[  105.632166][ T3436] vhci_hcd: release socket
[  105.636814][ T3436] vhci_hcd: disconnect device
[  105.819542][   T29] kauditd_printk_skb: 247 callbacks suppressed
[  105.819561][   T29] audit: type=1400 audit(1754954333.528:4194): avc:  denied  { write } for  pid=7905 comm="syz.2.987" path="socket:[18044]" dev="sockfs" ino=18044 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  105.920778][ T7897] netlink: 4 bytes leftover after parsing attributes in process `syz.5.983'.
[  105.937892][ T7897] bridge_slave_1: left allmulticast mode
[  105.943813][ T7897] bridge_slave_1: left promiscuous mode
[  105.949713][ T7897] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.964512][   T29] audit: type=1326 audit(1754954333.668:4195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7910 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f527968ebe9 code=0x7ffc0000
[  105.988455][   T29] audit: type=1326 audit(1754954333.668:4196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7910 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f527968ebe9 code=0x7ffc0000
[  106.036425][ T7897] bridge_slave_0: left allmulticast mode
[  106.042319][ T7897] bridge_slave_0: left promiscuous mode
[  106.048327][ T7897] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.068376][ T7916] loop2: detected capacity change from 0 to 128
[  106.075399][   T29] audit: type=1326 audit(1754954333.728:4197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7910 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7f527968ebe9 code=0x7ffc0000
[  106.099024][   T29] audit: type=1326 audit(1754954333.728:4198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7910 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f527968ebe9 code=0x7ffc0000
[  106.122772][   T29] audit: type=1326 audit(1754954333.728:4199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7910 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f527968ebe9 code=0x7ffc0000
[  106.146509][   T29] audit: type=1326 audit(1754954333.728:4200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7910 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f527968ebe9 code=0x7ffc0000
[  106.170012][   T29] audit: type=1326 audit(1754954333.728:4201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7910 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f527968ebe9 code=0x7ffc0000
[  106.193728][   T29] audit: type=1326 audit(1754954333.728:4202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7910 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f527968ebe9 code=0x7ffc0000
[  106.217318][   T29] audit: type=1326 audit(1754954333.728:4203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7910 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f527968ebe9 code=0x7ffc0000
[  106.228871][ T7919] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  106.254813][ T7919] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  106.265960][ T7916] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  106.290717][ T7916] ext4 filesystem being mounted at /207/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  106.425993][ T7932] netlink: 8 bytes leftover after parsing attributes in process `syz.3.997'.
[  107.096872][ T7949] FAULT_INJECTION: forcing a failure.
[  107.096872][ T7949] name failslab, interval 1, probability 0, space 0, times 0
[  107.110142][ T7949] CPU: 0 UID: 0 PID: 7949 Comm: syz.3.1000 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  107.110175][ T7949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  107.110189][ T7949] Call Trace:
[  107.110265][ T7949]  <TASK>
[  107.110272][ T7949]  __dump_stack+0x1d/0x30
[  107.110294][ T7949]  dump_stack_lvl+0xe8/0x140
[  107.110312][ T7949]  dump_stack+0x15/0x1b
[  107.110328][ T7949]  should_fail_ex+0x265/0x280
[  107.110415][ T7949]  should_failslab+0x8c/0xb0
[  107.110438][ T7949]  kmem_cache_alloc_noprof+0x50/0x310
[  107.110469][ T7949]  ? audit_log_start+0x365/0x6c0
[  107.110501][ T7949]  audit_log_start+0x365/0x6c0
[  107.110578][ T7949]  audit_seccomp+0x48/0x100
[  107.110602][ T7949]  ? __seccomp_filter+0x68c/0x10d0
[  107.110622][ T7949]  __seccomp_filter+0x69d/0x10d0
[  107.110646][ T7949]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  107.110733][ T7949]  ? vfs_write+0x7e8/0x960
[  107.110799][ T7949]  ? __rcu_read_unlock+0x4f/0x70
[  107.110819][ T7949]  ? __fget_files+0x184/0x1c0
[  107.110849][ T7949]  __secure_computing+0x82/0x150
[  107.110871][ T7949]  syscall_trace_enter+0xcf/0x1e0
[  107.110898][ T7949]  do_syscall_64+0xac/0x200
[  107.110949][ T7949]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  107.110973][ T7949]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  107.111001][ T7949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.111147][ T7949] RIP: 0033:0x7f304e0aebe9
[  107.111166][ T7949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.111184][ T7949] RSP: 002b:00007f304cb17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[  107.111206][ T7949] RAX: ffffffffffffffda RBX: 00007f304e2d5fa0 RCX: 00007f304e0aebe9
[  107.111220][ T7949] RDX: 000000000000001a RSI: 0000000000000000 RDI: 0000000000000000
[  107.111233][ T7949] RBP: 00007f304cb17090 R08: 0000000000000000 R09: 0000000000000000
[  107.111280][ T7949] R10: 0000200000000440 R11: 0000000000000246 R12: 0000000000000001
[  107.111373][ T7949] R13: 00007f304e2d6038 R14: 00007f304e2d5fa0 R15: 00007ffd28115a88
[  107.111392][ T7949]  </TASK>
[  107.114898][ T3301] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  107.225027][ T7955] netlink: 'syz.4.1006': attribute type 1 has an invalid length.
[  107.413730][ T7963] netlink: 14593 bytes leftover after parsing attributes in process `syz.5.1008'.
[  107.448621][ T7965] lo speed is unknown, defaulting to 1000
[  107.478772][ T7965] lo speed is unknown, defaulting to 1000
[  107.519076][ T7965] lo speed is unknown, defaulting to 1000
[  107.545315][ T7965] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  107.573830][ T7965] lo speed is unknown, defaulting to 1000
[  107.596401][ T7965] lo speed is unknown, defaulting to 1000
[  107.622894][ T7965] lo speed is unknown, defaulting to 1000
[  107.636718][ T7965] lo speed is unknown, defaulting to 1000
[  107.664255][ T7965] lo speed is unknown, defaulting to 1000
[  108.047860][ T7989] lo speed is unknown, defaulting to 1000
[  108.061369][ T7989] lo speed is unknown, defaulting to 1000
[  108.368523][ T8005] netlink: 14593 bytes leftover after parsing attributes in process `syz.3.1025'.
[  108.421707][ T8008] loop2: detected capacity change from 0 to 1024
[  108.430087][ T8011] loop5: detected capacity change from 0 to 1024
[  108.438157][ T8008] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  108.449478][ T8008] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  108.461509][ T8011] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  108.472484][ T8011] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  108.473724][ T8013] loop4: detected capacity change from 0 to 1024
[  108.483745][ T8008] JBD2: no valid journal superblock found
[  108.494445][ T8008] EXT4-fs (loop2): Could not load journal inode
[  108.502280][ T8011] JBD2: no valid journal superblock found
[  108.508142][ T8011] EXT4-fs (loop5): Could not load journal inode
[  108.517050][ T8013] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  108.517734][ T8011] FAULT_INJECTION: forcing a failure.
[  108.517734][ T8011] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  108.540317][ T8011] CPU: 0 UID: 0 PID: 8011 Comm: syz.5.1028 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  108.540350][ T8011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  108.540362][ T8011] Call Trace:
[  108.540370][ T8011]  <TASK>
[  108.540379][ T8011]  __dump_stack+0x1d/0x30
[  108.540401][ T8011]  dump_stack_lvl+0xe8/0x140
[  108.540457][ T8011]  dump_stack+0x15/0x1b
[  108.540475][ T8011]  should_fail_ex+0x265/0x280
[  108.540498][ T8011]  should_fail+0xb/0x20
[  108.540518][ T8011]  should_fail_usercopy+0x1a/0x20
[  108.540574][ T8011]  _copy_from_iter+0xcf/0xe40
[  108.540602][ T8011]  ? __sk_mem_raise_allocated+0x6f8/0x9c0
[  108.540756][ T8011]  ? __sk_mem_schedule+0x80/0xc0
[  108.540778][ T8011]  mptcp_sendmsg+0x8cd/0xde0
[  108.540812][ T8011]  ? __pfx_mptcp_sendmsg+0x10/0x10
[  108.540939][ T8011]  inet6_sendmsg+0xc5/0xd0
[  108.540966][ T8011]  __sock_sendmsg+0x8b/0x180
[  108.540991][ T8011]  ____sys_sendmsg+0x345/0x4e0
[  108.541013][ T8011]  ___sys_sendmsg+0x17b/0x1d0
[  108.541224][ T8011]  __sys_sendmmsg+0x178/0x300
[  108.541290][ T8011]  __x64_sys_sendmmsg+0x57/0x70
[  108.541309][ T8011]  x64_sys_call+0x1c4a/0x2ff0
[  108.541328][ T8011]  do_syscall_64+0xd2/0x200
[  108.541374][ T8011]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  108.541415][ T8011]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  108.541437][ T8011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.541458][ T8011] RIP: 0033:0x7f8d7403ebe9
[  108.541475][ T8011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.541492][ T8011] RSP: 002b:00007f8d72a9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  108.541575][ T8011] RAX: ffffffffffffffda RBX: 00007f8d74265fa0 RCX: 00007f8d7403ebe9
[  108.541587][ T8011] RDX: 0000000000000002 RSI: 0000200000007080 RDI: 0000000000000004
[  108.541599][ T8011] RBP: 00007f8d72a9f090 R08: 0000000000000000 R09: 0000000000000000
[  108.541656][ T8011] R10: 0000000000048800 R11: 0000000000000246 R12: 0000000000000001
[  108.541712][ T8011] R13: 00007f8d74266038 R14: 00007f8d74265fa0 R15: 00007ffd79b9fbe8
[  108.541729][ T8011]  </TASK>
[  108.786365][ T8013] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.816780][ T8013] Invalid ELF header magic: != ELF
[  108.914994][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.963422][ T8036] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(13)
[  108.970365][ T8036] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  108.978273][ T8036] vhci_hcd vhci_hcd.0: Device attached
[  109.015930][ T8041] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(16)
[  109.022810][ T8041] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  109.030401][ T8041] vhci_hcd vhci_hcd.0: Device attached
[  109.060178][ T8036] vhci_hcd vhci_hcd.0: pdev(2) rhport(2) sockfd(15)
[  109.066865][ T8036] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  109.074920][ T8036] vhci_hcd vhci_hcd.0: Device attached
[  109.113641][ T8041] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  109.145414][ T8036] vhci_hcd vhci_hcd.0: pdev(2) rhport(4) sockfd(20)
[  109.152177][ T8036] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  109.160020][ T8036] vhci_hcd vhci_hcd.0: Device attached
[  109.194841][ T8041] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(24)
[  109.201927][ T8041] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  109.209736][ T8041] vhci_hcd vhci_hcd.0: Device attached
[  109.226762][ T4331] usb 5-1: new low-speed USB device number 7 using vhci_hcd
[  109.244931][ T8036] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  109.277363][ T8036] vhci_hcd vhci_hcd.0: pdev(2) rhport(6) sockfd(26)
[  109.284261][ T8036] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  109.292150][ T8036] vhci_hcd vhci_hcd.0: Device attached
[  109.312784][ T8057] loop4: detected capacity change from 0 to 1024
[  109.330591][ T8041] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  109.341982][ T8057] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.385244][ T8066] loop5: detected capacity change from 0 to 512
[  109.386819][ T8053] vhci_hcd: connection closed
[  109.391752][ T8060] vhci_hcd: connection closed
[  109.392652][ T8051] vhci_hcd: connection closed
[  109.396843][ T8042] vhci_hcd: connection closed
[  109.405007][ T8046] vhci_hcd: connection closed
[  109.412252][ T8037] vhci_hcd: connection reset by peer
[  109.440317][ T3571] vhci_hcd: stop threads
[  109.444664][ T3571] vhci_hcd: release socket
[  109.449159][ T3571] vhci_hcd: disconnect device
[  109.464532][ T8066] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -117
[  109.490337][ T8057] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.1039: Allocating blocks 449-513 which overlap fs metadata
[  109.509949][ T8066] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.1041: invalid indirect mapped block 256 (level 1)
[  109.531055][ T3571] vhci_hcd: stop threads
[  109.535568][ T3571] vhci_hcd: release socket
[  109.540129][ T3571] vhci_hcd: disconnect device
[  109.546677][ T3571] vhci_hcd: stop threads
[  109.551115][ T3571] vhci_hcd: release socket
[  109.555638][ T3571] vhci_hcd: disconnect device
[  109.563024][ T8066] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.1041: invalid indirect mapped block 2683928664 (level 1)
[  109.589310][ T8056] EXT4-fs (loop4): pa ffff888106dfc8c0: logic 48, phys. 177, len 21
[  109.597615][ T8056] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  109.609219][ T3571] vhci_hcd: stop threads
[  109.613527][ T3571] vhci_hcd: release socket
[  109.618291][ T3571] vhci_hcd: disconnect device
[  109.623379][ T3571] vhci_hcd: stop threads
[  109.627789][ T3571] vhci_hcd: release socket
[  109.632432][ T3571] vhci_hcd: disconnect device
[  109.637768][ T8066] EXT4-fs (loop5): 1 truncate cleaned up
[  109.643853][ T8066] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.659001][ T3571] vhci_hcd: stop threads
[  109.663352][ T3571] vhci_hcd: release socket
[  109.667966][ T3571] vhci_hcd: disconnect device
[  109.681874][ T8066] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  109.691647][ T8066] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  109.692937][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.729097][ T8073] loop4: detected capacity change from 0 to 512
[  109.738899][ T8073] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117
[  109.748031][ T8073] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1042: invalid indirect mapped block 256 (level 1)
[  109.764791][ T8073] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1042: invalid indirect mapped block 2683928664 (level 1)
[  109.788587][ T8073] EXT4-fs (loop4): 1 truncate cleaned up
[  109.791231][ T8080] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  109.795917][ T8073] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.802876][ T8080] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  109.840056][ T8073] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  109.848630][ T8073] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  109.934285][ T8083] serio: Serial port ptm0
[  110.243603][ T6292] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.256004][ T2992] ==================================================================
[  110.264136][ T2992] BUG: KCSAN: data-race in block_uevent / inc_diskseq
[  110.270925][ T2992] 
[  110.273252][ T2992] write to 0xffff8881002a3218 of 8 bytes by task 6292 on cpu 0:
[  110.280976][ T2992]  inc_diskseq+0x2d/0x40
[  110.285240][ T2992]  disk_force_media_change+0x9e/0xe0
[  110.290770][ T2992]  lo_release+0x2cb/0x400
[  110.295129][ T2992]  bdev_release+0x370/0x3d0
[  110.299731][ T2992]  blkdev_release+0x15/0x20
[  110.304341][ T2992]  __fput+0x298/0x650
[  110.308341][ T2992]  fput_close_sync+0x6e/0x120
[  110.313050][ T2992]  __x64_sys_close+0x56/0xf0
[  110.317744][ T2992]  x64_sys_call+0x2738/0x2ff0
[  110.322428][ T2992]  do_syscall_64+0xd2/0x200
[  110.326944][ T2992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.332842][ T2992] 
[  110.335180][ T2992] read to 0xffff8881002a3218 of 8 bytes by task 2992 on cpu 1:
[  110.342899][ T2992]  block_uevent+0x31/0x50
[  110.347240][ T2992]  dev_uevent+0x375/0x400
[  110.351668][ T2992]  uevent_show+0x11a/0x200
[  110.356092][ T2992]  dev_attr_show+0x3f/0xa0
[  110.360515][ T2992]  sysfs_kf_seq_show+0x1a3/0x280
[  110.365457][ T2992]  kernfs_seq_show+0x7f/0xa0
[  110.370146][ T2992]  seq_read_iter+0x316/0x940
[  110.374833][ T2992]  kernfs_fop_read_iter+0xc4/0x300
[  110.380040][ T2992]  vfs_read+0x649/0x770
[  110.384200][ T2992]  ksys_read+0xda/0x1a0
[  110.388359][ T2992]  __x64_sys_read+0x40/0x50
[  110.392966][ T2992]  x64_sys_call+0x27bc/0x2ff0
[  110.397668][ T2992]  do_syscall_64+0xd2/0x200
[  110.402356][ T2992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.408251][ T2992] 
[  110.410577][ T2992] value changed: 0x000000000000009a -> 0x000000000000009d
[  110.417690][ T2992] 
[  110.420014][ T2992] Reported by Kernel Concurrency Sanitizer on:
[  110.426253][ T2992] CPU: 1 UID: 0 PID: 2992 Comm: udevd Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  110.436510][ T2992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  110.446567][ T2992] ==================================================================
[  110.493476][ T8096] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1052'.
[  110.586378][ T3382] usb 9-1: enqueue for inactive port 0
[  110.597451][ T3382] usb 9-1: enqueue for inactive port 0
[  110.605557][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.668127][ T3382] vhci_hcd: vhci_device speed not set
[  113.207082][ T5947] usb usb10-port1: attempt power cycle
[  114.337526][ T4331] usb 5-1: enqueue for inactive port 0
[  114.343051][ T4331] usb 5-1: enqueue for inactive port 0
[  114.417045][ T4331] vhci_hcd: vhci_device speed not set
[  115.046515][ T5947] usb usb10-port1: unable to enumerate USB device
[  116.946579][ T3468] usb usb6-port1: attempt power cycle
[  118.776506][ T3468] usb usb6-port1: unable to enumerate USB device