last executing test programs:

1.800282961s ago: executing program 1 (id=445):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000003c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001000000b7050000f4ff00006a0a00fe000000008500000027000000b70000000000000095000000000000009cc6b3fcd62c7d37623802000000505f80fc88943c4f0cf0dd467b597811638883f6f698caf503a22f868ee30a0e8c1bf176db2a6b2feb4b6fd3d5707bfd2d84aaa3b1d4e984c46ea7e2a447a36f5662403e1b2be4cc7c2683908a0d411a9872971c7c56f0979bd10b6d0e196bf02f46c7953ab1abda45cbe8d0d24b5069f8a98f3dc8f76b74635fc9f9de9ca3c00cb9bf4e418d07fa22f0610a70f2bdf4000000000000b0c2940dd8e263aa743f7555193105000000b100400600e1ffff88208a2f7d25c32aac1c5d5b5be399f6609876b5887437a172fbc02a74067529194e533583412dff048f0000000000000000b2728a0481e9d6da43bb6cfb851cd364ff19ffcafe3e64be033c9d2f002cc93c1c13caec04a347903420336bec88c24a9fb6a6991ddb737d527d6acb15426415b6e8b14fdfa2c6e94bd0339454c13ad3e328a100000000b515a1000000000000000eb2e9c15b6c8f6198282df27badac8507bc7d202e0990e0000000008919b3efce02a602b4ad38098774d1feaf5f277a4462a2fff2d6ff4780f9a30a2a5f5f284c00ad35e0a6f6a0f9dae214546d24ef6a9b8ced90b508dc3b55a8259614b731af86503e5849dc87ab86ec0f6a48f0d32f0d4a5f6a03c33612320bb44f2d80363dee9163424ac31469266877942abdbbb3729fd59c0ff048ed5ab58c81b74ef4e159d4594396864a65422fe5f8c8181309becc88091dd6641c2d7e5a68ecbe778f2aae1742b92dc6854de98da66f8e38d1eca95809b738c8ddcf4cf1693c7b1c2ae0a9c27bd1a6f1738f8ba2908139fd653908ca0105e72550fbb1f1543a9bcd48de441c364f1cdb53a1ed4169434fc8f705e262fb793cf25bcd60310991f0b0634fa08308c7100000834cba801f76f820ed6def799116ce2336cd308544fbd3b74e0093968fce3c425729a77ecb090000654680e715f4ce5c1ad2b75aab390700000000000000ed7ebe34db25cbe169138c15a6013220bba55923f62849392cf4fb0327877e22a4dc617a5541a7fb89223888c76d65850dd99997e727557a477a1131d06f6f7360cfcf137ccd2e0d516bb31be413b0c7bd1bd24d3dc2d8e3f4cdfa872b66d89332e313934e9e9a3471f7170832a775bb2a8e4aa6321b1a6546a56e4121231380b04eb55337c7edc66d6e3400b06fcb31b659be19cff61cfac6f1b771967aa7bfcf7dba26e279ab9bef181cc917fca8941819445dd6fd171c4065a526c7000000000000ef570531e36dd9cf4da9a269b71e05463dfadff8401bc3202a9c393e9658d15dc20655abad7f9c54fc89176071bf7645d221696fa24e1310598f1f0bbd6ea058fdec63fab905ac925b16bd5cedf4ea2775d897897473dce8a339e340519df5dc3c8ab91b6b96b10cb05637dc6f4f24b2b0ba824028fa0fa29c9cf80443de08b3fc140082c8aa79d6324e9c609b0d9c2eeba3accb49fe851b6f56a425f70b3157443d2b05a883700b554738fd8453ed2ba5af37121ff47dc759000000000000000000000000000000000d78287bf7833841f7d49160b8bf2bd448e49c9ce544f0fafba633b694965606fa98f10c1c9f55eee1aaf03d30e61c9a468758c151ebf809efcda19b880c534bce505e14b65bb4185bf0614f23c38d106f77e407cac3cdff686370d091d453f7b8f8731eb70c3053fbb1a7d1ec764f9436489e84941336e56ccdba860901290a3d27b6330b85d52095c3b28718"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$AUDIT_TTY_GET(0xffffffffffffffff, &(0x7f0000000a80)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000a40)={&(0x7f0000000180)={0x10, 0x3f8, 0x10, 0x70bd26, 0x25dfdbff, "", ["", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x20040805}, 0x44001)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0xffff0000, 0xf0, 0x0, &(0x7f0000001a40)="2b206d074843b397737ea49da2aa", 0x0, 0xf000, 0x720e, 0x0, 0x0, 0x0, 0x0}, 0x48)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r3}, 0x18)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r4}, 0x10)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000100)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_buf(r5, 0x6, 0x13, 0x0, &(0x7f00000001c0)=0x46)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket(0x15, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'syz_tun\x00'})
prctl$PR_SCHED_CORE(0x4d, 0x1, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000ac0)=@newqdisc={0xbc, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xa}, {0x4, 0xffff}, {0x0, 0x1}}, [@TCA_STAB={0x98, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x8, 0x6, 0x2, 0x5, 0x1, 0x8, 0x6516, 0x2}}, {0x8, 0x2, [0x9, 0xfff9]}}, {{0x1c, 0x1, {0x2f, 0xe5, 0x47d, 0x4, 0x0, 0x3, 0x2, 0x2}}, {0x8, 0x2, [0x533, 0x9e]}}, {{0x1c, 0x1, {0xa6, 0x6, 0x400, 0x6, 0x5ce46e5ec4d4c8cc, 0x7f, 0x3, 0x1}}, {0x8, 0x2, [0xff, 0x80]}}, {{0x1c, 0x1, {0x3, 0x0, 0x6, 0x6, 0x2, 0x4, 0x100, 0x4}}, {0xc, 0x2, [0xc1, 0x3, 0x3, 0x6]}}]}]}, 0xbc}}, 0x0)
getsockopt$inet6_mptcp_buf(r5, 0x11c, 0x4, &(0x7f0000000940)=""/211, &(0x7f00000000c0)=0xd3)
sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)

633.89834ms ago: executing program 1 (id=468):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0x10, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018020000", @ANYRES32, @ANYBLOB="00000000000000006600020000000000180000000000000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

624.01792ms ago: executing program 3 (id=469):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x18, &(0x7f0000000200), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x10880, 0xc8, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x10}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r2}, 0x10)
perf_event_open$cgroup(&(0x7f0000000000)={0x6, 0x80, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB], 0xfdef)
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r5=>0xffffffffffffffff]}}], 0xffffffffffffffae}, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[], 0xfdef)

614.83937ms ago: executing program 1 (id=470):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r1 = socket(0x15, 0x5, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x14, &(0x7f0000000040)={0x0, 0x2710}, 0x10)

587.60638ms ago: executing program 4 (id=471):
r0 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r0, &(0x7f00000003c0)={'#! ', './file0'}, 0xb)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000088000000b704000000000000850000008200e4ff95000000000000002a4456"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_io_uring_setup(0x7c9d, &(0x7f0000000140)={0x0, 0x0, 0x8, 0x8003, 0x400}, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)
r3 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
ioctl$EVIOCGRAB(r3, 0x40044590, &(0x7f0000000200)=0x7ffffffc)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
ioctl$EVIOCGRAB(r3, 0x40044590, 0x0)

587.26113ms ago: executing program 3 (id=472):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x3, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r3, 0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2, 0x0, 0x5ef2d563}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1a, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2608064c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

512.118241ms ago: executing program 1 (id=474):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

511.492892ms ago: executing program 4 (id=475):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000010c200"/20], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="640100000001010400000000000000000a0000003c0001802c000180140003000000000000000000000000000000000014000400200100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe80000000000000000000000000000014000400ff0200000000000000000000000000010c00028005000100000000000800074000000000d0000d8008000100ac1414000800020000000000140005"], 0x164}}, 0x0)
ioctl$EVIOCSABS3F(0xffffffffffffffff, 0x401845ff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x601c2, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r3, 0x0, 0x60, &(0x7f0000000f40)={'filter\x00', 0x10, 0x4, 0x3f0, 0x110, 0x0, 0x0, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe0}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@random="e5fce0c960bc", @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x1e}, 0xf, 0xffffffff}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x2}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@remote, @broadcast, @loopback, 0x1, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0x81, 0x81, 0x5, 0x2060, r1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000040)={'macsec0\x00', @random="629ff7d394a2"})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'macsec0\x00', 0xca58c30f81b6079f})
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r6}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r7}, 0x10)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x8914, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCGMASK(r9, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"})
ioctl$EVIOCSABS2F(r9, 0x401845ef, 0x0)
remap_file_pages(&(0x7f0000ba1000/0x1000)=nil, 0x1000, 0x0, 0x4, 0x1c0000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)

454.585802ms ago: executing program 1 (id=477):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='mm_page_free\x00', r3, 0x0, 0xfffffffffffffffd}, 0x18)
syz_read_part_table(0x637, &(0x7f0000000000)="$eJzs3D9oXWUYB+DfSe8996aFpopTl1RnsdjZ1ICkl0qnSrcuVUFCxSFOFUtuNIsZMjg4uxQhS1sXDR0c1CJO4hQ6qBVXQYpKLdIj555z/0QQxLaD8DxDzvd95/3e93tzTsac8L82l25SjIa9dJIcf/lvERsZB6Rfxyepuu29czsrp05XVVUVdcz5dPPk54evJ+m0W/qTNFVVrU8mJ3Plw4M33iuG3Z1bddEvtw7Uy/PNMY4kTx8q+6M0MxlSVfsO1nuYvwf+m6tLN4tis2xnT/16fzm59svK2d0zW+9ff7FdXk++Surn/079Xoyj38rFYxc6o2H9lN+czftbcymnK9PHPZ/OvjMMN9cG28tLq3vjhaODnU9fe+6PYzdSncjXZWdufKOY5iuT4YO3X/e/UL/925eWVvcGl+cnN5744PEvsthO7lRVjtQlH8voT2fxIVQGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBRuLp0c+HdzbXBdrK6N+i1qytnd89slUleeHU0n8u147O7DrTXi7lwu76uZy358ZN0Z4OK+ke32d5dbtZ+WKyeGQ064/q9+WZwaWl1b3DvYHL72ftHB82u5LMT03Lrk8y7eb4d3a0ao8nGPzXZlqgWmrhv7s32X3SStcH2qP7ln4pOf7T+cTGcHLM+yOu9vNI0U90t271/TtsAAAAAAAAAAAAAAAAAAACAB7Jy6vQbd9rx+X6Sn9+eq8dVr/kv9+JgsS/+u14yfzK50k8xXE5y66Xfy28Pb33ffjpgmF6GSQ59tHGu3VLuSzD5RECRqnyUnfFv/BUAAP//PZZ8Jw==")
perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0xa0002, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xf3b27b37c16f77c4}, 0x1100, 0x5dd8, 0x0, 0x3, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket(0x15, 0x800, 0x10000)
connect$netlink(r4, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001500)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x0, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="3800000010000507000000000004000000000000", @ANYRES32=r5, @ANYBLOB="0000000a010000001800120008000100736974000c0002000800030036"], 0x38}}, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETSW2(r7, 0x5453, 0x0)
sync_file_range(r7, 0x2, 0x1, 0x3)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)=@newlink={0x40, 0x10, 0x439, 0x70bd2a, 0xffffffea, {0x0, 0x0, 0xe403, r6, 0x3, 0x610c3}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @remote}, @IFLA_IPTUN_FWMARK={0x8, 0x14, 0x10001}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x4008040)

427.436933ms ago: executing program 2 (id=479):
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f00000000c0), 0x4)
setsockopt$MRT_FLUSH(r1, 0x0, 0xd1, &(0x7f0000000480)=0x2, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xfde1)
sendto$inet6(r0, 0x0, 0x0, 0x200c8004, &(0x7f0000000280)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c)
sendto$inet6(r0, &(0x7f00000009c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d824082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c398be3bbddb23a1e", 0xffd6, 0xc001, 0x0, 0xffffffffffffff0c)
sendmsg$inet6(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000340)="2f6c62fdf406a1a0175bd356c35c10e4d1be87033978d275293527325d1cd47e250c", 0x22}], 0x1}, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f00000000c0), 0x4)

419.975233ms ago: executing program 0 (id=480):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r1, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20044000)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="010236bd7000ffdbdf2504000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r4, 0xffffffffffffffff, 0x0)

377.000354ms ago: executing program 3 (id=481):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100000100000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
pipe2(&(0x7f0000001cc0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB="2c756e616d653dd0"])
io_submit(0x0, 0x0, 0x0)

352.846824ms ago: executing program 2 (id=482):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x18, &(0x7f0000000200), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x10880, 0xc8, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x10}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r2}, 0x10)
perf_event_open$cgroup(&(0x7f0000000000)={0x6, 0x80, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB], 0xfdef)
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r5=>0xffffffffffffffff]}}], 0xffffffffffffffae}, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[], 0xfdef)

352.401664ms ago: executing program 2 (id=483):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000005000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x9, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='block_bio_remap\x00', r1, 0x0, 0x9}, 0x6e)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x54, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffc, @void, @value}, 0x94)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
recvmmsg(r2, &(0x7f0000000a00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002bc0)=""/4082, 0x1020, 0x27}, 0x80181}], 0x400000000000039, 0x10000, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a00000004000000f100000005"], 0x48)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000180)='kfree\x00', r4}, 0x18)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000280)=@generic={&(0x7f00000004c0)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r3}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file1\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x143042, 0x0)
sendfile(r5, r5, 0x0, 0x7a680003)

278.244005ms ago: executing program 0 (id=484):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=ANY=[@ANYRES64], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)

277.750465ms ago: executing program 4 (id=485):
r0 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r0, &(0x7f00000003c0)={'#! ', './file0'}, 0xb)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000088000000b704000000000000850000008200e4ff95000000000000002a4456"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_io_uring_setup(0x7c9d, &(0x7f0000000140)={0x0, 0x0, 0x8, 0x8003, 0x400}, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)
r3 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
ioctl$EVIOCGRAB(r3, 0x40044590, &(0x7f0000000200)=0x7ffffffc)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
ioctl$EVIOCGRAB(r3, 0x40044590, 0x0)

226.992156ms ago: executing program 4 (id=486):
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000400), 0xc2)
tkill(0x0, 0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f00000004c0)='kfree\x00'}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r3, 0xc02c5341, &(0x7f00000004c0))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000009f910000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x968762043f17994c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
sendmsg$nl_route(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c000280050001000600000008000a0079"], 0x44}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r5=>0x0})
r6 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080))
ioctl$PAGEMAP_SCAN(r6, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0xfffffffffffffffd, 0x0, 0x0, 0x3ff, 0x0, 0x2, 0x0, 0xe4})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x6}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x3, 0x4}}}]}, 0x3c}}, 0x4004050)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', r5, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='mm_page_free\x00', r7, 0x0, 0xfffffffff7fffffe}, 0x18)
setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000240)={0x5, 0x80, 0xb, 0x5, 0x5, 0x9, 0x0, 0x5, 0x1008, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000180), 0x8}, 0x0, 0x3ff, 0xff, 0x9, 0x5, 0x2, 0x2, 0x0, 0x60f, 0x0, 0x5})
close(0xffffffffffffffff)

224.008396ms ago: executing program 3 (id=487):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)

206.698856ms ago: executing program 1 (id=488):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
syz_open_dev$evdev(0x0, 0x3, 0x6800)
r2 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x1, 0x0, 0x0)
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0)
preadv2(r4, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1, 0x0, 0x4, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000002100)=0x1)
ioctl$TCFLSH(0xffffffffffffffff, 0x89f3, 0x4000000000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r5)
sendmsg$NLBL_MGMT_C_ADDDEF(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc000000000010800020007000000140006"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
r7 = accept$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x0, @local}, &(0x7f00000001c0)=0x1c)
setsockopt$inet6_opts(r7, 0x29, 0x3b, &(0x7f00000003c0)=@srh={0x4, 0xe, 0x4, 0x7, 0xfa, 0x40, 0xa, [@private2={0xfc, 0x2, '\x00', 0x1}, @loopback, @private2={0xfc, 0x2, '\x00', 0x1}, @remote, @loopback, @rand_addr=' \x01\x00', @mcast2]}, 0x78)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)

181.718467ms ago: executing program 2 (id=489):
syz_genetlink_get_family_id$devlink(&(0x7f00000002c0), 0xffffffffffffffff)

180.114176ms ago: executing program 0 (id=490):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{}, 0x0, 0x0}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0x10, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
close(0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0040, &(0x7f0000000200)={[{@noblock_validity}, {@resgid={'resgid', 0x3d, 0xee00}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7f}}, {@noload}, {@nobarrier}, {@nodiscard}]}, 0xfe, 0x472, &(0x7f0000000940)="$eJzs3MtvG8UfAPDvOk6a9PFLfyU8GloIFETEI2nSBz1wAYHEAQQSHIo4BSetQt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPR2rtp4tohDydO8ecjbTuzu+7Md2fHnp2xG0DHGkr/SCL2R8SvEdEfEcX6E4Zqf91cmi/9tTRfSqJSee3PJH1Z3FiaL2X/RHVL7avtqFSy/J4G5S6+GTFRLk9dzvKjcxffGZ29cvWp6YsT56fOT10aP3Pm5ImjPafHT7UkzjSuG4Pvzxw5/OIb114unb321o9fp/Xdnx3P42ilodrVbejRVhfWZgdWpJNiGyvChhzI+nt3tf/3R1f0LR/rjxc+amvlgG1VqVQqjT6fMwsV4D8siXbXAGiP/IM+ff7Ntx0aeuwKfzxbewBK476ZbbUjxShk53TXPd+2Um9EnF34+4t0i22ahwAAWOnbdPzzZKPxXyHuWXHe/7I1lIMR8f+IOBQRd0XEQETcHVE9996IuG+D5devkNw+/ilc31Rg65SO/57J1rZWj//y0V8c7MpyB6rxdyfnpstTx7NrMhzde9L82KqXrPbd8798Vr/v02yafWjF+C/d0vLzsWBWj+vFugm6yYm5iZYEn8b/YcRgsVH8yfI6YBIRhyNicJNlTD/+1ZFmx/49/jW0YJ2p8mXEY7X2X4i6+HNJ0/XJsadPj58a7Y3y1PHR/K643U8/L77arPwtxd8CafvvbXj/1+JPnxGT3ojZK1cvVNdrZzdexuJvH5eSJscGNnn/9ySvV9M92b73JubmLo9F9CQvpdm+VfvHb702z+fnp/EPH2vc/w/VHs+qV+L+iEhv4qMR8UBEPJi13UMR8XBEHFsj/h+ee+TtZseat/8as/ItlMY/uUb7p295aepW+2880XXh+2+alV9ZV/ufrKaGsz3ref9bbwW3cu0AAADgTlGofgc+KYwspwuFkZHad/gHYm+hPDM798S5mXcvTda+K38wugv5TFf/ivnQsWxuOM+P1+VPZPPGn3f1VfMjpZnyZLuDhw63r0n/T/3e1e7aAdvO77Wgc+n/0Ln0f+hc+j90Lv0fOlRP490f7HQ9gLbY+Od/77bUA9h5xv/QufR/6Fz6P3Skpr+NL2zpJ/93aqK4O6rRMNG3O6qRJ6KwK6rRusQrn9S6xG6pT54orvs/s9hkYk/DQ+1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGiNfwIAAP//RwfmeQ==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018020000", @ANYRES32, @ANYBLOB="00000000000000006600020000000000180000000000000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

155.937997ms ago: executing program 2 (id=491):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000e27f00000100000000000000", @ANYRES32, @ANYBLOB="0000001200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0xfffffffffffffffd}, 0x18)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f00000010c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f0, 0x0, 0x9403, 0x0, 0x0, 0x2c0, 0x320, 0x3d8, 0x3d8, 0x320, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x1c8, 0x210, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @inet=@rpfilter={{0x28}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x450)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000002c000000030a010800000000000000000100000b0900030073797a32000000000900010073797a300000000060000000060a010400000000000000000100000008000b40000000000900010073797a300000000038000480340001800a0001006d61746368000000240002800c000300b07346e358c219250b0001006367726f75700000080002"], 0xd4}}, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
close(r3)
r8 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f0000000140)={'batadv0\x00', &(0x7f0000000000)=@ethtool_stats})
r9 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r9, 0x6, 0x1, &(0x7f0000000000)={0x3, 0x1, 0x9, 0x54, 0x2, 0x20, 0x7}, 0xc)

147.430917ms ago: executing program 3 (id=492):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x101042, 0x45)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0xd, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, 0x0, &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
socket$inet_smc(0x2b, 0x1, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000440)=ANY=[], 0x9)
r6 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000140)=@generic={0x0, 0x0, 0xc}, 0x18)
sendmsg$SMC_PNETID_ADD(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000000000000000020000001400020062756e643000000000000000000000000900010073797a30000000000900030073797a3100000000"], 0x40}}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})

144.775947ms ago: executing program 0 (id=493):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x18, &(0x7f0000000200), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x10880, 0xc8, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x10}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r2}, 0x10)
perf_event_open$cgroup(&(0x7f0000000000)={0x6, 0x80, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB], 0xfdef)
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r5=>0xffffffffffffffff]}}], 0xffffffffffffffae}, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[], 0xfdef)

122.971828ms ago: executing program 0 (id=494):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10060, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xbb, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$DCCPDIAG_GETSOCK(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=ANY=[@ANYBLOB="fc1100001200010200"/56, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000f504010007c01c00"], 0x11fc}, 0x1, 0x0, 0x0, 0x20000010}, 0x4000000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="04000000040000000400000005", @ANYRES8=r0, @ANYRESDEC=r0, @ANYRES64=r1], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, @void, @value}, 0x94)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000480)={'wg2\x00', <r4=>0x0})
setsockopt$packet_int(r3, 0x107, 0x14, &(0x7f0000000000)=0xf3e, 0x4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
sendto$packet(r3, &(0x7f0000000240)='V', 0x1, 0x0, &(0x7f0000000080)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r7, &(0x7f00000003c0)={0x1d, r4}, 0x10)

47.484029ms ago: executing program 0 (id=495):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000010c200"/20], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="640100000001010400000000000000000a0000003c0001802c000180140003000000000000000000000000000000000014000400200100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe80000000000000000000000000000014000400ff0200000000000000000000000000010c00028005000100000000000800074000000000d0000d8008000100ac1414000800020000000000140005"], 0x164}}, 0x0)
ioctl$EVIOCSABS3F(0xffffffffffffffff, 0x401845ff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x601c2, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r3, 0x0, 0x60, &(0x7f0000000f40)={'filter\x00', 0x10, 0x4, 0x3f0, 0x110, 0x0, 0x0, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe0}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@random="e5fce0c960bc", @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x1e}, 0xf, 0xffffffff}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x2}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@remote, @broadcast, @loopback, 0x1, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0x81, 0x81, 0x5, 0x2060, r1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000040)={'macsec0\x00', @random="629ff7d394a2"})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'macsec0\x00', 0xca58c30f81b6079f})
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r6}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r7}, 0x10)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x8914, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCGMASK(r9, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"})
ioctl$EVIOCSABS2F(r9, 0x401845ef, 0x0)
remap_file_pages(&(0x7f0000ba1000/0x1000)=nil, 0x1000, 0x0, 0x4, 0x1c0000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)

47.202479ms ago: executing program 4 (id=496):
r0 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r0, &(0x7f00000003c0)={'#! ', './file0'}, 0xb)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000088000000b704000000000000850000008200e4ff95000000000000002a4456"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_io_uring_setup(0x7c9d, &(0x7f0000000140)={0x0, 0x0, 0x8, 0x8003, 0x400}, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)
r3 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
ioctl$EVIOCGRAB(r3, 0x40044590, &(0x7f0000000200)=0x7ffffffc)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
ioctl$EVIOCGRAB(r3, 0x40044590, 0x0)

30.28387ms ago: executing program 4 (id=497):
preadv2(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000240)=""/160, 0xa0}], 0x1, 0x863, 0x0, 0x30)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@newtaction={0xa8, 0x30, 0x100, 0x70bd2b, 0x25dfdbff, {}, [{0x94, 0x1, [@m_skbedit={0x60, 0x19, 0x0, 0x0, {{0xc}, {0x34, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x10, 0xa}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0xd}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x1}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x1, 0x1, 0xffffffffeffffffb, 0x7, 0x101}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_gact={0x30, 0xf, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0xa8}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
recvfrom$x25(r0, &(0x7f0000002080)=""/4096, 0x1000, 0x2000, &(0x7f0000000040)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x2}}, 0x12)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

608.59µs ago: executing program 2 (id=498):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000006000000080000000900000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00R\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000400), &(0x7f0000000340)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000680)='kfree\x00'}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000340), 0x1, 0x597, &(0x7f0000000b80)="$eJzs3U1sG2UaAOB3xvH2L9t0pV1pd9VDtYtUpKpO0h8onNorolKlHpC4lMhxoyhOHMUONFEO6b1C9IAA9VJucOAI4sABcUHiwpULiDNSRSOQmh7AyH9pm9jBKXWdxs8jjT3ffON5v2/G73hmNCMHMLCO1V7SiP9ExKUkYuShuqFoVh5rzLe+tpK/v7aST6JavfxzEklE3FtbybfmT5rvhyJiNSL+HRFfZSNOpFvjlpeWZyaKxcJCszxamZ0fLS8tn5yenZgqTBXmTr/40tlzZ86Onxrv3Pjszvp644ebb9/49pXbNz/+5Ohq/t2JJM7HcLPu4X48SY11ko3zm6af6UWwPkr63QAeS6aZ57VU+leMRKaZ9e1UR55q04Aeq+6LqO5Esrqj2YHdLNlZ/gN7Rus4oHb+2xoeOUDI9Pb4486FxglILe56c2jUDDWuTcT++rnJwV+SR85MauebR3rbNAbA6vWIGBsa2vr9T5rfv8c39iQaSE99eaGxobZu/3Rj/xNt9j/DrWunf1Fr/7e+Zf/3IH6mw/7vUpcxfnv9xw86xr8e8d+28ZON+Emb+GlEvNFl/FuvfX6uU131w4jj0T5+S7L99eHRq9PFwljjtW2ML44ffXm7/h/sEL9xzXZ//Wem3fqf77L/n3396f9Wt4n//P+33/7t1v+BiHiny/j/uPfRq53q7lxP7taOAna6/WvTbncZ/4Xzx77vUHWgy0UAAAAAAAAAAABtpPV72ZI0tzGeprlc4xnef8bBtFgqV05cLS3OTTbueTsS2bR1p9VIo5zUyuPN+3Fb5VObyqdb9xFnDtTLuXypONnnvgMAAAAAAAAAAAAAAAAAAMBucWjT8/+/ZurP/2/+u2pgr+r8l9/AXif/YXA9mv9JxL6+NQV4yvz+w8Cqyn8YXPIfBpf8h8El/2FwyX8YXPIfBpf8BwAAAAAAAAAAAAAAAAAAAAAAAACAnrh08WJtqN5fW8nXypNDS4szpTdPThbKM7nZxXwuX1qYz02VSlPFQi5fmv2z5RVLpfmxmFu8NloplCuj5aXlK7OlxbnKlenZianClUL2qfQKAAAAAAAAAAAAAAAAAAAAni3D9SFJcxGR1sfTNJeL+HtEHIlscnW6WBiLiMMR8V0mu69WHu93owEAAAAAAAAAAAAAAAAAAGCPKS8tz0wUi4WFARkZ2jLlm84zR8Tqk21GbYk7/lS2ua12yzp81kYObz9PJvrewt040ucdEwAAAAAAAAAAAAAAAAAADKAHD/12+4nfe9sgAAAAAAAAAAAAAAAAAAAAGEjpT0lE1IbjI88Nb679W7Keqb9HxFu3Lr93baJSWRivTb+7Mb3yfnP6qX60H+hWK09beQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8UF5anpkoFgsLPRzpdx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHscfAQAA//+aXtbd") (async)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000340), 0x1, 0x597, &(0x7f0000000b80)="$eJzs3U1sG2UaAOB3xvH2L9t0pV1pd9VDtYtUpKpO0h8onNorolKlHpC4lMhxoyhOHMUONFEO6b1C9IAA9VJucOAI4sABcUHiwpULiDNSRSOQmh7AyH9pm9jBKXWdxs8jjT3ffON5v2/G73hmNCMHMLCO1V7SiP9ExKUkYuShuqFoVh5rzLe+tpK/v7aST6JavfxzEklE3FtbybfmT5rvhyJiNSL+HRFfZSNOpFvjlpeWZyaKxcJCszxamZ0fLS8tn5yenZgqTBXmTr/40tlzZ86Onxrv3Pjszvp644ebb9/49pXbNz/+5Ohq/t2JJM7HcLPu4X48SY11ko3zm6af6UWwPkr63QAeS6aZ57VU+leMRKaZ9e1UR55q04Aeq+6LqO5Esrqj2YHdLNlZ/gN7Rus4oHb+2xoeOUDI9Pb4486FxglILe56c2jUDDWuTcT++rnJwV+SR85MauebR3rbNAbA6vWIGBsa2vr9T5rfv8c39iQaSE99eaGxobZu/3Rj/xNt9j/DrWunf1Fr/7e+Zf/3IH6mw/7vUpcxfnv9xw86xr8e8d+28ZON+Emb+GlEvNFl/FuvfX6uU131w4jj0T5+S7L99eHRq9PFwljjtW2ML44ffXm7/h/sEL9xzXZ//Wem3fqf77L/n3396f9Wt4n//P+33/7t1v+BiHiny/j/uPfRq53q7lxP7taOAna6/WvTbncZ/4Xzx77vUHWgy0UAAAAAAAAAAABtpPV72ZI0tzGeprlc4xnef8bBtFgqV05cLS3OTTbueTsS2bR1p9VIo5zUyuPN+3Fb5VObyqdb9xFnDtTLuXypONnnvgMAAAAAAAAAAAAAAAAAAMBucWjT8/+/ZurP/2/+u2pgr+r8l9/AXif/YXA9mv9JxL6+NQV4yvz+w8Cqyn8YXPIfBpf8h8El/2FwyX8YXPIfBpf8BwAAAAAAAAAAAAAAAAAAAAAAAACAnrh08WJtqN5fW8nXypNDS4szpTdPThbKM7nZxXwuX1qYz02VSlPFQi5fmv2z5RVLpfmxmFu8NloplCuj5aXlK7OlxbnKlenZianClUL2qfQKAAAAAAAAAAAAAAAAAAAAni3D9SFJcxGR1sfTNJeL+HtEHIlscnW6WBiLiMMR8V0mu69WHu93owEAAAAAAAAAAAAAAAAAAGCPKS8tz0wUi4WFARkZ2jLlm84zR8Tqk21GbYk7/lS2ua12yzp81kYObz9PJvrewt040ucdEwAAAAAAAAAAAAAAAAAADKAHD/12+4nfe9sgAAAAAAAAAAAAAAAAAAAAGEjpT0lE1IbjI88Nb679W7Keqb9HxFu3Lr93baJSWRivTb+7Mb3yfnP6qX60H+hWK09beQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8UF5anpkoFgsLPRzpdx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHscfAQAA//+aXtbd")
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0) (async)
r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a, @void, @value}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004"], 0x48)
socket(0x2b, 0x1, 0x1)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)) (async)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0))
r4 = socket$inet(0x2, 0x3, 0x9)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000007c0), 0x1, 0x73e, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvbJOmb9vXpODBimCgBwulu3ZbSwWRih6kWCnqzUO73d2Gkt1uyW5KEypaUQRPIsWzP07e/AdEEfTmUfDsSQpFSr0IQmS2s3Hb7KabNJtV9/OBCc8zM5tnvjszz/Mkz8NMAGNrNv2Ri9gfER8lEdPZ+iQiJtupiYiTd/e7c/taOV2SWFl5/bekvU+aj67PpPZkmcci4rv3Iw7l1pbbXFqeL9Vq1YUsX2jVLxeaS8uHL9ZLc9W56qXi8WePFk8UnzlR3LJY/3jv1fOnvnrpixvv/vjLa2+dejKJk7E329Ydx1aZjdnsO5lMv8J7vLjVhY1YMuoDYFPSW3PH3bs89sd07GinAID/srcjYgUAGDOJ9h8Axkzn/wCdsb1hjIP9k916ISJ29Yp/Ihuz29UeB919J7lnZCSJiJktKH82Iq6++cHX6RJDGocE6OWd6xFxbmZ2bf2XrJmzsFFPD7DP7H159R9sn2/T/s+JXv2f3Gr/J3r0f6Z63Lub8eD7P3dzC4rpK+3/Pdez/7s6aW1mR5b7f7vPN5lcuFirpnXbIxFxMCan0vyRdco49vHzP/Tb1t3/S5e0/E5fMDuOmxNT936mUmqVHibmbreuRzw+0Sv+ZPX8J336v2cGLKP1/ROf99v24PiHa+WziKd6nv+/Z7Ql689PLLSvh0Lnqlgr/+H0vn7ljzr+9PzvXj/+maR7vmZz42X89MmfL/fbttnrf2fyRju9M1t3tdRqLRyJ2Jm8snZ91xTSTr6zfxr/wQPr13+9rv/0b8JzA8Y//+mX5zcf/3Cl8Vc2dP43njjw8zd94xns/B9rpw5mawap/wY9wIf57gAAAAAAAAAAAAAAAAAAAAAAAABgULmI2BtJLr+azuXy+bvv8H40dudqjWbr0IXG4qVKtN+VPROTuc6TLqe7nod6JHsefidfvC9/NCL2RcSNqf+18/lyo1YZdfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkNnT5/3/qV+nRn10AMDQ7Br1AQAA2077DwDjR/sPAONH+w8A40f7DwDjR/sPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAkJ05fTpdVn6/fa2c5itXlhbnG1cOV6rN+Xx9sZwvNxYu5+cajblaNV9u1B/0+2qNxuXi8Vi8WmhVm61Cc2n5bL2xeKl19mK9NFc9W53clqgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGOaS8vzpVqtuiAhISGxmhh1zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw7/BXAAAA///R4B8B") (async)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000007c0), 0x1, 0x73e, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvbJOmb9vXpODBimCgBwulu3ZbSwWRih6kWCnqzUO73d2Gkt1uyW5KEypaUQRPIsWzP07e/AdEEfTmUfDsSQpFSr0IQmS2s3Hb7KabNJtV9/OBCc8zM5tnvjszz/Mkz8NMAGNrNv2Ri9gfER8lEdPZ+iQiJtupiYiTd/e7c/taOV2SWFl5/bekvU+aj67PpPZkmcci4rv3Iw7l1pbbXFqeL9Vq1YUsX2jVLxeaS8uHL9ZLc9W56qXi8WePFk8UnzlR3LJY/3jv1fOnvnrpixvv/vjLa2+dejKJk7E329Ydx1aZjdnsO5lMv8J7vLjVhY1YMuoDYFPSW3PH3bs89sd07GinAID/srcjYgUAGDOJ9h8Axkzn/wCdsb1hjIP9k916ISJ29Yp/Ihuz29UeB919J7lnZCSJiJktKH82Iq6++cHX6RJDGocE6OWd6xFxbmZ2bf2XrJmzsFFPD7DP7H159R9sn2/T/s+JXv2f3Gr/J3r0f6Z63Lub8eD7P3dzC4rpK+3/Pdez/7s6aW1mR5b7f7vPN5lcuFirpnXbIxFxMCan0vyRdco49vHzP/Tb1t3/S5e0/E5fMDuOmxNT936mUmqVHibmbreuRzw+0Sv+ZPX8J336v2cGLKP1/ROf99v24PiHa+WziKd6nv+/Z7Ql689PLLSvh0Lnqlgr/+H0vn7ljzr+9PzvXj/+maR7vmZz42X89MmfL/fbttnrf2fyRju9M1t3tdRqLRyJ2Jm8snZ91xTSTr6zfxr/wQPr13+9rv/0b8JzA8Y//+mX5zcf/3Cl8Vc2dP43njjw8zd94xns/B9rpw5mawap/wY9wIf57gAAAAAAAAAAAAAAAAAAAAAAAABgULmI2BtJLr+azuXy+bvv8H40dudqjWbr0IXG4qVKtN+VPROTuc6TLqe7nod6JHsefidfvC9/NCL2RcSNqf+18/lyo1YZdfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkNnT5/3/qV+nRn10AMDQ7Br1AQAA2077DwDjR/sPAONH+w8A40f7DwDjR/sPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAkJ05fTpdVn6/fa2c5itXlhbnG1cOV6rN+Xx9sZwvNxYu5+cajblaNV9u1B/0+2qNxuXi8Vi8WmhVm61Cc2n5bL2xeKl19mK9NFc9W53clqgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGOaS8vzpVqtuiAhISGxmhh1zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw7/BXAAAA///R4B8B")
sendmmsg$sock(r4, &(0x7f0000001280)=[{{&(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x1, 0xffffffff, 0x1, {0xa, 0x4e22, 0x4, @initdev={0xfe, 0x88, '\x00', 0x5, 0x0}, 0x5a5}}}, 0x80, 0x0}}], 0x1, 0x20000081)
set_robust_list(&(0x7f0000000580)={0x0, 0x5, &(0x7f0000000400)}, 0x18)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r5, &(0x7f0000001140)="5137aa73dc543c073c7dcab0638383ca73d2268ecf45f09882ce476b73bbae1f841017897407d35518f45157f361254b990527f8cd7369437b68017c1b2509a3219122ba0598f90ad05c5d4ac56e6b7fd99a35cd4687f81740cf53a78b856a8e01a715add7c3198cef2144f7ad020f10636bc80bd7bc940a61f3c6ac9fb697dee037fa2d3f146e7a05041b5f8135d388837b597c79622916a0b1884ef88a8756d776cd6c55487946a49f105125dbd79bb581087f0b5255d57226b7a0d9b364b6d44deeeea0", 0xc5, 0x200980)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x101042, 0x45) (async)
r6 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x45)
pwrite64(r6, 0x0, 0x0, 0x10007) (async)
pwrite64(r6, 0x0, 0x0, 0x10007)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ftruncate(r5, 0xf09)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xb, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000000000000000000023ed0000180100002820702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
io_setup(0x6, &(0x7f0000000240)=<r7=>0x0)
io_getevents(r7, 0x3, 0x3, &(0x7f0000000100)=[{}, {}, {}], &(0x7f00000001c0)={0x0, 0x3938700})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)

0s ago: executing program 3 (id=499):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x3, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000002a80d163c1f3a77b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
close(r2)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kfree\x00', r4}, 0x18)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
r5 = mq_open(&(0x7f0000000480)='!sel\x00\x00\x00\x10\x00\x00\x00\x00\xd7\\P\xc1\xde.O\xcb]0y\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x196, &(0x7f0000000440)={0x2000000000002000, 0x1, 0x56, 0x3})
mq_timedsend(r5, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r5, &(0x7f0000000880)=""/202, 0x8f, 0x200000000004, 0x0)

kernel console output (not intermixed with test programs):

ded to keep mac addresses unique to avoid problems!
[   31.484965][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.492931][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.503441][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.513295][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.523886][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.533733][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.544230][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.564443][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.579332][ T3314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.589818][ T3314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.599702][ T3314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.610159][ T3314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.620049][ T3314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.630508][ T3314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.640325][ T3314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.650762][ T3314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.662030][ T3314] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.670666][ T3303] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.679559][ T3303] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.688251][ T3303] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.696978][ T3303] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.708666][ T3305] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.717493][ T3305] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.726198][ T3305] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.734900][ T3305] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.744286][ T3445] syz.1.2 (3445) used greatest stack depth: 10928 bytes left
[   31.757159][ T3452] vhci_hcd: invalid port number 23
[   31.758414][ T3314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.772718][ T3314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.782573][ T3314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.793033][ T3314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.802852][ T3314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.813330][ T3314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.823156][ T3314] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.833740][ T3314] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.844601][ T3314] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.858769][ T3451] netlink: 'syz.0.7': attribute type 3 has an invalid length.
[   31.870887][ T3314] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.879816][ T3314] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.888555][ T3314] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.897285][ T3314] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.988869][   T29] kauditd_printk_skb: 59 callbacks suppressed
[   31.988883][   T29] audit: type=1326 audit(1745046550.426:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3463 comm="syz.0.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd204ebe169 code=0x7ffc0000
[   32.018477][   T29] audit: type=1326 audit(1745046550.426:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3463 comm="syz.0.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd204ebe169 code=0x7ffc0000
[   32.042206][   T29] audit: type=1326 audit(1745046550.426:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3463 comm="syz.0.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7fd204ebe169 code=0x7ffc0000
[   32.065376][   T29] audit: type=1326 audit(1745046550.426:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3463 comm="syz.0.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd204ebe169 code=0x7ffc0000
[   32.088692][   T29] audit: type=1400 audit(1745046550.426:155): avc:  denied  { read } for  pid=3462 comm="syz.4.5" dev="nsfs" ino=4026532556 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   32.109527][   T29] audit: type=1400 audit(1745046550.426:156): avc:  denied  { open } for  pid=3462 comm="syz.4.5" path="net:[4026532556]" dev="nsfs" ino=4026532556 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   32.134873][   T29] audit: type=1326 audit(1745046550.456:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3467 comm="syz.4.13" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f578cf6e169 code=0x7ffc0000
[   32.158075][   T29] audit: type=1326 audit(1745046550.456:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3467 comm="syz.4.13" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f578cf6e169 code=0x7ffc0000
[   32.181415][   T29] audit: type=1326 audit(1745046550.456:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3467 comm="syz.4.13" exe="/root/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7f578cf6e169 code=0x7ffc0000
[   32.204609][   T29] audit: type=1326 audit(1745046550.456:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3467 comm="syz.4.13" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f578cf6e169 code=0x7ffc0000
[   32.277634][ T3469] loop0: detected capacity change from 0 to 128
[   32.349435][ T3469] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   32.357327][ T3469] FAT-fs (loop0): Filesystem has been set read-only
[   32.368041][ T3469] syz.0.12: attempt to access beyond end of device
[   32.368041][ T3469] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   32.381889][ T3469] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   32.387511][ T3479] ªªªªªª: renamed from vlan0 (while UP)
[   32.389762][ T3469] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   32.406110][ T3469] syz.0.12: attempt to access beyond end of device
[   32.406110][ T3469] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[   32.419727][ T3469] syz.0.12: attempt to access beyond end of device
[   32.419727][ T3469] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[   32.433539][ T3469] syz.0.12: attempt to access beyond end of device
[   32.433539][ T3469] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[   32.486616][ T3489] netlink: 'syz.2.18': attribute type 3 has an invalid length.
[   32.592489][ T3494] loop4: detected capacity change from 0 to 128
[   32.602745][ T3497] netlink: 'syz.2.20': attribute type 3 has an invalid length.
[   32.614501][ T3494] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   32.622335][ T3494] FAT-fs (loop4): Filesystem has been set read-only
[   32.650330][ T3494] syz.4.21: attempt to access beyond end of device
[   32.650330][ T3494] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   32.678969][ T3494] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   32.686911][ T3494] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   32.695243][ T3494] syz.4.21: attempt to access beyond end of device
[   32.695243][ T3494] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[   32.710547][ T3494] syz.4.21: attempt to access beyond end of device
[   32.710547][ T3494] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[   32.712099][ T3499] netlink: 'syz.2.23': attribute type 3 has an invalid length.
[   32.739698][ T3502] netlink: 'syz.1.24': attribute type 3 has an invalid length.
[   32.740943][ T3494] syz.4.21: attempt to access beyond end of device
[   32.740943][ T3494] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[   32.771871][ T3502] vhci_hcd: invalid port number 23
[   32.891419][ T3526] netlink: 'syz.4.29': attribute type 3 has an invalid length.
[   32.936255][ T3532] loop0: detected capacity change from 0 to 512
[   32.942825][ T3532] =======================================================
[   32.942825][ T3532] WARNING: The mand mount option has been deprecated and
[   32.942825][ T3532]          and is ignored by this kernel. Remove the mand
[   32.942825][ T3532]          option from the mount to silence this warning.
[   32.942825][ T3532] =======================================================
[   32.979554][ T3509] ªªªªªª: renamed from vlan0 (while UP)
[   33.012655][ T3542] loop4: detected capacity change from 0 to 1024
[   33.034695][ T3532] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.30: Invalid inode bitmap blk 4 in block_group 0
[   33.062361][ T3532] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   33.116622][ T3542] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   33.161709][ T3563] loop3: detected capacity change from 0 to 128
[   33.164205][ T3542] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.33: bg 0: block 88: padding at end of block bitmap is not set
[   33.190165][ T3563] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   33.198063][ T3563] FAT-fs (loop3): Filesystem has been set read-only
[   33.208778][ T3563] syz.3.37: attempt to access beyond end of device
[   33.208778][ T3563] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   33.209617][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.222508][ T3563] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   33.239371][ T3563] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   33.247859][ T3563] syz.3.37: attempt to access beyond end of device
[   33.247859][ T3563] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[   33.264495][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.341054][ T3574] loop0: detected capacity change from 0 to 1024
[   33.381438][ T3577] loop2: detected capacity change from 0 to 512
[   33.405666][ T3577] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.42: Invalid inode bitmap blk 4 in block_group 0
[   33.419274][ T3574] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   33.448989][ T3583] loop1: detected capacity change from 0 to 1024
[   33.457743][ T3577] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   33.473528][ T3574] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.39: bg 0: block 88: padding at end of block bitmap is not set
[   33.518652][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.547911][ T3583] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   33.584161][ T3575] syz.4.40 (3575) used greatest stack depth: 10824 bytes left
[   33.606446][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.632696][ T3583] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.43: bg 0: block 88: padding at end of block bitmap is not set
[   33.671579][ T3583] syz.1.43 (3583) used greatest stack depth: 10688 bytes left
[   33.698155][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.773343][    C1] hrtimer: interrupt took 43252 ns
[   33.860516][ T3607] loop4: detected capacity change from 0 to 1024
[   33.874343][ T3606] loop1: detected capacity change from 0 to 1024
[   33.936932][ T3606] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   33.957240][ T3607] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   33.976283][ T3606] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.51: bg 0: block 88: padding at end of block bitmap is not set
[   34.005149][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.014770][ T3607] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.52: bg 0: block 88: padding at end of block bitmap is not set
[   34.079727][ T3621] vhci_hcd: invalid port number 23
[   34.084056][ T3623] loop3: detected capacity change from 0 to 512
[   34.099422][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.114459][ T3626] tmpfs: Unknown parameter '/selinux/commit_pending_bools'
[   34.122314][ T3623] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.59: corrupted in-inode xattr: invalid ea_ino
[   34.164863][ T3630] loop4: detected capacity change from 0 to 128
[   34.173882][ T3623] EXT4-fs error (device loop3): ext4_orphan_get:1395: comm syz.3.59: couldn't read orphan inode 15 (err -117)
[   34.191754][ T3623] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.207424][ T3630] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   34.213131][ T3634] syz.2.64 uses obsolete (PF_INET,SOCK_PACKET)
[   34.215387][ T3630] FAT-fs (loop4): Filesystem has been set read-only
[   34.228342][ T3630] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   34.236187][ T3630] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   34.279440][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.534487][ T3673] vhci_hcd: invalid port number 23
[   34.607155][ T3685] netlink: 'syz.4.79': attribute type 3 has an invalid length.
[   34.626078][ T3677] ªªªªªª: renamed from vlan0 (while UP)
[   34.735255][ T3711] loop1: detected capacity change from 0 to 1024
[   34.761975][ T3711] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.782307][ T3711] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.85: bg 0: block 88: padding at end of block bitmap is not set
[   34.810893][ T3719] loop2: detected capacity change from 0 to 128
[   34.810972][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.834009][ T3719] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   34.842027][ T3719] FAT-fs (loop2): Filesystem has been set read-only
[   34.850030][ T3719] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   34.857886][ T3719] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   34.896896][ T3721] loop0: detected capacity change from 0 to 128
[   34.908107][ T3723] netlink: 'syz.1.88': attribute type 3 has an invalid length.
[   34.924163][ T3721] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   34.932106][ T3721] FAT-fs (loop0): Filesystem has been set read-only
[   34.943796][ T3721] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   34.951876][ T3721] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   35.047453][ T3739] netlink: 'syz.0.98': attribute type 13 has an invalid length.
[   35.157001][ T3749] loop4: detected capacity change from 0 to 512
[   35.173798][ T3739] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.177777][ T3749] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.99: Invalid inode bitmap blk 4 in block_group 0
[   35.181077][ T3739] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.200191][ T3749] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.220155][ T3754] loop1: detected capacity change from 0 to 512
[   35.238721][ T3754] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.101: Invalid inode bitmap blk 4 in block_group 0
[   35.270603][ T3754] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.276139][ T3739] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   35.292407][ T3739] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   35.324929][ T3739] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   35.334105][ T3739] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   35.342952][ T3739] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   35.352062][ T3739] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   35.365381][ T3747] smc: net device bond0 applied user defined pnetid SYZ0
[   35.388354][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.391095][ T3752] smc: net device bond0 erased user defined pnetid SYZ0
[   35.408828][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.435477][ T3764] smc: net device bond0 applied user defined pnetid SYZ0
[   35.442884][ T3764] smc: net device bond0 erased user defined pnetid SYZ0
[   35.467976][ T3766] netlink: 12 bytes leftover after parsing attributes in process `syz.1.105'.
[   35.487599][ T3768] vhci_hcd: invalid port number 23
[   35.505009][ T3772] loop3: detected capacity change from 0 to 512
[   35.526088][ T3772] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.108: corrupted in-inode xattr: invalid ea_ino
[   35.557398][ T3775] loop2: detected capacity change from 0 to 128
[   35.564515][ T3779] netlink: 'syz.4.111': attribute type 3 has an invalid length.
[   35.601816][ T3772] EXT4-fs error (device loop3): ext4_orphan_get:1395: comm syz.3.108: couldn't read orphan inode 15 (err -117)
[   35.614919][ T3772] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.668885][ T3775] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   35.676737][ T3775] FAT-fs (loop2): Filesystem has been set read-only
[   35.688743][ T3775] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   35.696630][ T3775] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   35.714682][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.745401][ T3789] smc: net device bond0 applied user defined pnetid SYZ0
[   35.745515][ T3788] tmpfs: Bad value for 'mpol'
[   35.766189][ T3789] smc: net device bond0 erased user defined pnetid SYZ0
[   35.792852][ T3792] loop0: detected capacity change from 0 to 512
[   35.812689][ T3792] EXT4-fs error (device loop0): ext4_iget_extra_inode:4693: inode #15: comm syz.0.116: corrupted in-inode xattr: invalid ea_ino
[   35.861788][ T3801] vhci_hcd: invalid port number 23
[   35.866158][ T3792] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.116: couldn't read orphan inode 15 (err -117)
[   35.883766][ T3792] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.929503][ T3804] loop3: detected capacity change from 0 to 512
[   35.943678][ T3804] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.121: corrupted in-inode xattr: invalid ea_ino
[   35.958485][ T3804] EXT4-fs error (device loop3): ext4_orphan_get:1395: comm syz.3.121: couldn't read orphan inode 15 (err -117)
[   35.959949][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.980731][ T3804] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.029505][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.073444][ T3813] loop2: detected capacity change from 0 to 512
[   36.104140][ T3813] EXT4-fs error (device loop2): ext4_iget_extra_inode:4693: inode #15: comm syz.2.126: corrupted in-inode xattr: invalid ea_ino
[   36.127736][ T3813] EXT4-fs error (device loop2): ext4_orphan_get:1395: comm syz.2.126: couldn't read orphan inode 15 (err -117)
[   36.157130][ T3824] loop4: detected capacity change from 0 to 512
[   36.168420][ T3826] loop0: detected capacity change from 0 to 512
[   36.180692][ T3813] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.202222][ T3826] EXT4-fs error (device loop0): ext4_iget_extra_inode:4693: inode #15: comm syz.0.128: corrupted in-inode xattr: invalid ea_ino
[   36.219334][ T3824] journal_path: Non-blockdev passed as './bus'
[   36.225599][ T3824] EXT4-fs: error: could not find journal device path
[   36.242354][ T3826] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.128: couldn't read orphan inode 15 (err -117)
[   36.257567][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.287003][ T3826] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.373400][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.393233][ T3851] vhci_hcd: invalid port number 23
[   36.438170][ T3858] loop0: detected capacity change from 0 to 512
[   36.455175][ T3862] loop4: detected capacity change from 0 to 128
[   36.474545][ T3862] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   36.482464][ T3862] FAT-fs (loop4): Filesystem has been set read-only
[   36.492559][ T3858] EXT4-fs error (device loop0): ext4_iget_extra_inode:4693: inode #15: comm syz.0.133: corrupted in-inode xattr: invalid ea_ino
[   36.510597][ T3862] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   36.518589][ T3862] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   36.538113][ T3858] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.133: couldn't read orphan inode 15 (err -117)
[   36.555179][ T3858] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.607205][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.654180][ T3882] FAULT_INJECTION: forcing a failure.
[   36.654180][ T3882] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   36.667484][ T3882] CPU: 1 UID: 0 PID: 3882 Comm: syz.1.143 Not tainted 6.15.0-rc2-syzkaller-00400-g3088d26962e8 #0 PREEMPT(voluntary) 
[   36.667510][ T3882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   36.667573][ T3882] Call Trace:
[   36.667580][ T3882]  <TASK>
[   36.667587][ T3882]  dump_stack_lvl+0xf6/0x150
[   36.667611][ T3882]  dump_stack+0x15/0x1a
[   36.667624][ T3882]  should_fail_ex+0x261/0x270
[   36.667644][ T3882]  should_fail+0xb/0x10
[   36.667708][ T3882]  should_fail_usercopy+0x1a/0x20
[   36.667728][ T3882]  _copy_from_user+0x1c/0xa0
[   36.667788][ T3882]  copy_msghdr_from_user+0x54/0x2b0
[   36.667829][ T3882]  ? __fget_files+0x186/0x1c0
[   36.667853][ T3882]  __sys_sendmsg+0x141/0x240
[   36.667889][ T3882]  __x64_sys_sendmsg+0x46/0x50
[   36.667910][ T3882]  x64_sys_call+0x26f3/0x2e10
[   36.668000][ T3882]  do_syscall_64+0xc9/0x1a0
[   36.668020][ T3882]  ? clear_bhb_loop+0x25/0x80
[   36.668036][ T3882]  ? clear_bhb_loop+0x25/0x80
[   36.668052][ T3882]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   36.668071][ T3882] RIP: 0033:0x7f978e3fe169
[   36.668133][ T3882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   36.668151][ T3882] RSP: 002b:00007f978ca67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   36.668170][ T3882] RAX: ffffffffffffffda RBX: 00007f978e625fa0 RCX: 00007f978e3fe169
[   36.668180][ T3882] RDX: 0000000000000040 RSI: 0000200000000100 RDI: 0000000000000003
[   36.668189][ T3882] RBP: 00007f978ca67090 R08: 0000000000000000 R09: 0000000000000000
[   36.668198][ T3882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   36.668207][ T3882] R13: 0000000000000000 R14: 00007f978e625fa0 R15: 00007fff1c0d9758
[   36.668222][ T3882]  </TASK>
[   36.670368][ T3872] loop2: detected capacity change from 0 to 512
[   36.706666][ T3885] vhci_hcd: invalid port number 23
[   36.726809][ T3872] journal_path: Non-blockdev passed as './bus'
[   36.864107][ T3872] EXT4-fs: error: could not find journal device path
[   36.883257][ T3879] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.890748][ T3879] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.945351][ T3879] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   36.955960][ T3879] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   36.995570][ T3879] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   37.004611][ T3879] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   37.013508][ T3879] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   37.022482][ T3879] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   37.038622][ T3883] smc: net device bond0 applied user defined pnetid SYZ0
[   37.048448][ T3887] smc: net device bond0 erased user defined pnetid SYZ0
[   37.079208][   T29] kauditd_printk_skb: 366 callbacks suppressed
[   37.079220][   T29] audit: type=1400 audit(1745046555.526:527): avc:  denied  { read write } for  pid=3896 comm="syz.1.147" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   37.111013][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.118548][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.126046][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.133294][ T3900] validate_nla: 2 callbacks suppressed
[   37.133309][ T3900] netlink: 'syz.3.149': attribute type 13 has an invalid length.
[   37.133491][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.154590][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.161967][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.169472][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.169738][   T29] audit: type=1326 audit(1745046555.536:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3895 comm="syz.3.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae6fa9e169 code=0x7ffc0000
[   37.176893][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.176918][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.200107][   T29] audit: type=1326 audit(1745046555.536:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3895 comm="syz.3.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7fae6fa9e169 code=0x7ffc0000
[   37.207452][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.214910][   T29] audit: type=1326 audit(1745046555.536:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3895 comm="syz.3.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae6fa9e169 code=0x7ffc0000
[   37.214937][   T29] audit: type=1326 audit(1745046555.536:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3895 comm="syz.3.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae6fa9e169 code=0x7ffc0000
[   37.214958][   T29] audit: type=1400 audit(1745046555.556:532): avc:  denied  { open } for  pid=3896 comm="syz.1.147" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   37.258728][ T3904] loop4: detected capacity change from 0 to 1024
[   37.269395][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.269426][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.295638][   T29] audit: type=1400 audit(1745046555.746:533): avc:  denied  { setopt } for  pid=3896 comm="syz.1.147" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   37.315796][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.323700][   T10] IPVS: starting estimator thread 0...
[   37.329468][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.366259][ T3910] loop0: detected capacity change from 0 to 512
[   37.369861][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.391123][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.392953][ T3904] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.398656][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.415424][   T29] audit: type=1400 audit(1745046555.866:534): avc:  denied  { read write } for  pid=3903 comm="syz.4.150" name="file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   37.417869][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.417887][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.417904][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.440393][ T3906] IPVS: using max 2448 ests per chain, 122400 per kthread
[   37.447666][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.456218][   T29] audit: type=1400 audit(1745046555.916:535): avc:  denied  { open } for  pid=3903 comm="syz.4.150" path="/33/file1/file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   37.462478][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.477864][ T3904] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, 
[   37.499788][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.507167][ T3904] inode 15: 
[   37.514692][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.522040][ T3904] block 241:
[   37.525354][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.532580][ T3904] freeing already freed block (bit 15); block bitmap corrupt.
[   37.536091][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.547369][ T3910] EXT4-fs error (device loop0): ext4_iget_extra_inode:4693: inode #15: comm syz.0.151: corrupted in-inode xattr: invalid ea_ino
[   37.550825][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.558815][ T3910] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.151: couldn't read orphan inode 15 (err -117)
[   37.571228][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.571253][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.580216][ T3910] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.590339][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.625177][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.632602][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.640414][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.647877][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.655541][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.662913][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.670383][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.677774][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.685159][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.692556][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.700018][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.707391][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.714801][ T3363] hid-generic 0000:0400:0000.0001: unknown main item tag 0x0
[   37.724207][ T3363] hid-generic 0000:0400:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   37.726386][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.777065][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.809002][ T3915] loop4: detected capacity change from 0 to 1024
[   37.842784][ T3915] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.844266][ T3900] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.862056][   T29] audit: type=1326 audit(1745046556.316:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3920 comm="syz.2.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4299ae169 code=0x7ffc0000
[   37.862065][ T3900] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.883854][ T3915] FAULT_INJECTION: forcing a failure.
[   37.883854][ T3915] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   37.905687][ T3915] CPU: 1 UID: 0 PID: 3915 Comm: syz.4.152 Not tainted 6.15.0-rc2-syzkaller-00400-g3088d26962e8 #0 PREEMPT(voluntary) 
[   37.905713][ T3915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   37.905723][ T3915] Call Trace:
[   37.905727][ T3915]  <TASK>
[   37.905733][ T3915]  dump_stack_lvl+0xf6/0x150
[   37.905779][ T3915]  dump_stack+0x15/0x1a
[   37.905793][ T3915]  should_fail_ex+0x261/0x270
[   37.905813][ T3915]  should_fail_alloc_page+0xfd/0x110
[   37.905832][ T3915]  __alloc_frozen_pages_noprof+0x11d/0x360
[   37.905850][ T3915]  alloc_pages_mpol+0xb6/0x260
[   37.905938][ T3915]  folio_alloc_noprof+0xee/0x140
[   37.905971][ T3915]  filemap_alloc_folio_noprof+0x6d/0x220
[   37.905992][ T3915]  __filemap_get_folio+0x2ab/0x6b0
[   37.906057][ T3915]  ext4_convert_inline_data_to_extent+0x1fa/0x7d0
[   37.906170][ T3915]  ext4_try_to_write_inline_data+0x55/0x90
[   37.906202][ T3915]  ext4_write_begin+0x161/0xc30
[   37.906230][ T3915]  ext4_da_write_begin+0x1f8/0x590
[   37.906270][ T3915]  generic_perform_write+0x189/0x4b0
[   37.906350][ T3915]  ext4_buffered_write_iter+0x1ed/0x3c0
[   37.906374][ T3915]  ext4_file_write_iter+0x3b2/0xf80
[   37.906397][ T3915]  ? _parse_integer+0x27/0x30
[   37.906413][ T3915]  ? kstrtoull+0x115/0x140
[   37.906430][ T3915]  do_iter_readv_writev+0x40d/0x4b0
[   37.906494][ T3915]  vfs_writev+0x2da/0x880
[   37.906513][ T3915]  ? get_pid_task+0x94/0xd0
[   37.906535][ T3915]  __se_sys_pwritev2+0x103/0x1d0
[   37.906559][ T3915]  __x64_sys_pwritev2+0x78/0x90
[   37.906577][ T3915]  x64_sys_call+0x1c86/0x2e10
[   37.906594][ T3915]  do_syscall_64+0xc9/0x1a0
[   37.906621][ T3915]  ? clear_bhb_loop+0x25/0x80
[   37.906688][ T3915]  ? clear_bhb_loop+0x25/0x80
[   37.906710][ T3915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.906732][ T3915] RIP: 0033:0x7f578cf6e169
[   37.906744][ T3915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   37.906758][ T3915] RSP: 002b:00007f578b5d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   37.906773][ T3915] RAX: ffffffffffffffda RBX: 00007f578d195fa0 RCX: 00007f578cf6e169
[   37.906786][ T3915] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000004
[   37.906798][ T3915] RBP: 00007f578b5d7090 R08: 0000000000000000 R09: 0000000000000003
[   37.906813][ T3915] R10: 0000000000002000 R11: 0000000000000246 R12: 0000000000000001
[   37.906824][ T3915] R13: 0000000000000000 R14: 00007f578d195fa0 R15: 00007ffc75fb2b68
[   37.906838][ T3915]  </TASK>
[   38.173936][ T3922] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   38.191774][ T3922] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   38.206733][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.215569][ T3900] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   38.226074][ T3900] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   38.260503][ T3900] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   38.269435][ T3900] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   38.278566][ T3900] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   38.287697][ T3900] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   38.300289][ T3902] smc: net device bond0 applied user defined pnetid SYZ0
[   38.309158][ T3907] smc: net device bond0 erased user defined pnetid SYZ0
[   38.559713][ T3959] netlink: 28 bytes leftover after parsing attributes in process `syz.1.167'.
[   38.568791][ T3959] netlink: 28 bytes leftover after parsing attributes in process `syz.1.167'.
[   38.585316][ T3962] loop4: detected capacity change from 0 to 512
[   38.600346][ T3962] EXT4-fs error (device loop4): ext4_iget_extra_inode:4693: inode #15: comm syz.4.169: corrupted in-inode xattr: invalid ea_ino
[   38.619319][ T3963] FAULT_INJECTION: forcing a failure.
[   38.619319][ T3963] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   38.632518][ T3963] CPU: 1 UID: 0 PID: 3963 Comm: syz.2.168 Not tainted 6.15.0-rc2-syzkaller-00400-g3088d26962e8 #0 PREEMPT(voluntary) 
[   38.632546][ T3963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   38.632557][ T3963] Call Trace:
[   38.632562][ T3963]  <TASK>
[   38.632569][ T3963]  dump_stack_lvl+0xf6/0x150
[   38.632595][ T3963]  dump_stack+0x15/0x1a
[   38.632667][ T3963]  should_fail_ex+0x261/0x270
[   38.632698][ T3963]  should_fail+0xb/0x10
[   38.632723][ T3963]  should_fail_usercopy+0x1a/0x20
[   38.632807][ T3963]  strncpy_from_user+0x25/0x230
[   38.632847][ T3963]  ? getname_flags+0x81/0x3b0
[   38.632878][ T3963]  getname_flags+0xb0/0x3b0
[   38.632908][ T3963]  user_path_at+0x26/0x140
[   38.632984][ T3963]  __se_sys_mount+0x25e/0x2e0
[   38.633001][ T3963]  ? fput+0x99/0xd0
[   38.633027][ T3963]  __x64_sys_mount+0x67/0x80
[   38.633044][ T3963]  x64_sys_call+0xd11/0x2e10
[   38.633120][ T3963]  do_syscall_64+0xc9/0x1a0
[   38.633152][ T3963]  ? clear_bhb_loop+0x25/0x80
[   38.633176][ T3963]  ? clear_bhb_loop+0x25/0x80
[   38.633196][ T3963]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.633215][ T3963] RIP: 0033:0x7fe4299ae169
[   38.633312][ T3963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   38.633328][ T3963] RSP: 002b:00007fe428017038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   38.633345][ T3963] RAX: ffffffffffffffda RBX: 00007fe429bd5fa0 RCX: 00007fe4299ae169
[   38.633436][ T3963] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000000
[   38.633447][ T3963] RBP: 00007fe428017090 R08: 0000000000000000 R09: 0000000000000000
[   38.633460][ T3963] R10: 0000000000080020 R11: 0000000000000246 R12: 0000000000000001
[   38.633474][ T3963] R13: 0000000000000000 R14: 00007fe429bd5fa0 R15: 00007ffd662e53a8
[   38.633496][ T3963]  </TASK>
[   38.828128][ T3962] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.169: couldn't read orphan inode 15 (err -117)
[   38.842918][ T3962] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.861344][ T3967] loop3: detected capacity change from 0 to 512
[   38.879594][ T3972] loop2: detected capacity change from 0 to 512
[   38.897078][ T3968] ªªªªªª: renamed from vlan0 (while UP)
[   38.899919][ T3967] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.171: Invalid inode bitmap blk 4 in block_group 0
[   38.905399][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.924970][ T3967] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.936983][ T3972] EXT4-fs error (device loop2): ext4_iget_extra_inode:4693: inode #15: comm syz.2.172: corrupted in-inode xattr: invalid ea_ino
[   38.938982][ T3972] EXT4-fs error (device loop2): ext4_orphan_get:1395: comm syz.2.172: couldn't read orphan inode 15 (err -117)
[   38.990838][ T3972] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.013738][ T3981] loop0: detected capacity change from 0 to 128
[   39.040475][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.065611][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.108336][ T3989] loop4: detected capacity change from 0 to 512
[   39.175577][ T3996] netlink: 8 bytes leftover after parsing attributes in process `syz.2.183'.
[   39.194864][ T3989] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.180: Invalid inode bitmap blk 4 in block_group 0
[   39.220891][ T3996] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   39.222622][ T3989] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.245238][ T4000] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   39.302322][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.317397][ T3996] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   39.341969][ T4011] loop3: detected capacity change from 0 to 128
[   39.361331][ T4011] IPVS: Unknown mcast interface: ÿÿÿÿ
[   39.378443][ T3996] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   39.395771][ T3382] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x4
[   39.403465][ T3382] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x2
[   39.413073][ T3382] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   39.420789][ T3382] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   39.428461][ T3382] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   39.436171][ T3382] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   39.443821][ T3382] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   39.451455][ T3382] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   39.459138][ T3382] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   39.466868][ T3382] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   39.474605][ T3382] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   39.482249][ T3382] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   39.489915][ T3382] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   39.497622][ T3382] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   39.505310][ T3382] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   39.513038][ T3382] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   39.521077][ T3382] hid-generic 0000:3000000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   39.587678][ T3996] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   39.650423][ T3996] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.661851][ T3996] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.673555][ T3996] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.686309][ T3996] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.702355][ T4029] loop4: detected capacity change from 0 to 512
[   39.712549][ T4029] EXT4-fs error (device loop4): ext4_iget_extra_inode:4693: inode #15: comm syz.4.195: corrupted in-inode xattr: invalid ea_ino
[   39.732347][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.733836][ T4029] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.195: couldn't read orphan inode 15 (err -117)
[   39.739909][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.753691][ T4029] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.758863][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.758882][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.758922][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.793461][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.800891][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.808375][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.815830][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.823267][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.830748][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.838134][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.845543][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.845878][ T3372] IPVS: starting estimator thread 0...
[   39.852915][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.865867][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.873232][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.880630][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.888018][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.895403][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.902781][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.910200][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.917637][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.925100][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.932548][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.940026][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.943709][ T4035] IPVS: using max 2400 ests per chain, 120000 per kthread
[   39.947404][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.962017][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.969406][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.976873][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.984285][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.991661][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   39.999046][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   40.006424][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   40.013917][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   40.021353][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   40.028733][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   40.036158][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   40.043626][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   40.051010][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   40.058470][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   40.065938][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   40.073326][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   40.080750][   T23] hid-generic 0000:0400:0000.0003: unknown main item tag 0x0
[   40.089274][   T23] hid-generic 0000:0400:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   40.110825][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.160534][ T4037] netlink: 'syz.4.197': attribute type 13 has an invalid length.
[   40.170703][ T4037] smc: net device bond0 applied user defined pnetid SYZ0
[   40.178623][ T4037] smc: net device bond0 erased user defined pnetid SYZ0
[   40.186972][ T4041] loop1: detected capacity change from 0 to 128
[   40.216342][ T4043] loop1: detected capacity change from 0 to 1024
[   40.244994][ T4043] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.257517][ T4043] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   40.280514][ T4049] mmap: syz.4.201 (4049) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   40.317198][ T4043] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.200: bg 0: block 393: padding at end of block bitmap is not set
[   40.333814][ T4043] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 28
[   40.346412][ T4043] EXT4-fs (loop1): This should not happen!! Data will be lost
[   40.346412][ T4043] 
[   40.356254][ T4043] EXT4-fs (loop1): Total free blocks count 0
[   40.362477][ T4043] EXT4-fs (loop1): Free/Dirty block details
[   40.368410][ T4043] EXT4-fs (loop1): free_blocks=0
[   40.373453][ T4043] EXT4-fs (loop1): dirty_blocks=16
[   40.378763][ T4043] EXT4-fs (loop1): Block reservation details
[   40.384770][ T4043] EXT4-fs (loop1): i_reserved_data_blocks=1
[   40.409909][ T4043] syz.1.200 (4043) used greatest stack depth: 10016 bytes left
[   40.431042][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.447823][ T4058] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[   40.561568][ T4069] loop4: detected capacity change from 0 to 512
[   40.627567][ T4069] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.209: Invalid inode bitmap blk 4 in block_group 0
[   40.642706][ T4069] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.690056][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.736358][ T4086] bond1: entered promiscuous mode
[   40.741417][ T4086] bond1: entered allmulticast mode
[   40.746759][ T4086] 8021q: adding VLAN 0 to HW filter on device bond1
[   40.766303][ T4086] bond1 (unregistering): Released all slaves
[   40.892110][ T4112] loop1: detected capacity change from 0 to 512
[   40.900363][ T4112] EXT4-fs error (device loop1): ext4_iget_extra_inode:4693: inode #15: comm syz.1.216: corrupted in-inode xattr: invalid ea_ino
[   40.914751][ T4112] EXT4-fs error (device loop1): ext4_orphan_get:1395: comm syz.1.216: couldn't read orphan inode 15 (err -117)
[   40.927195][ T4112] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.960937][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.983554][ T4116] loop1: detected capacity change from 0 to 1024
[   40.995489][ T4116] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.007759][ T4116] ext4 filesystem being mounted at /43/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.037513][ T4122] SELinux: failed to load policy
[   41.040756][ T4116] FAULT_INJECTION: forcing a failure.
[   41.040756][ T4116] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   41.055653][ T4116] CPU: 0 UID: 0 PID: 4116 Comm: syz.1.217 Not tainted 6.15.0-rc2-syzkaller-00400-g3088d26962e8 #0 PREEMPT(voluntary) 
[   41.055676][ T4116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   41.055686][ T4116] Call Trace:
[   41.055692][ T4116]  <TASK>
[   41.055697][ T4116]  dump_stack_lvl+0xf6/0x150
[   41.055786][ T4116]  dump_stack+0x15/0x1a
[   41.055800][ T4116]  should_fail_ex+0x261/0x270
[   41.055821][ T4116]  should_fail+0xb/0x10
[   41.055904][ T4116]  should_fail_usercopy+0x1a/0x20
[   41.055925][ T4116]  strncpy_from_user+0x25/0x230
[   41.055952][ T4116]  ? getname_flags+0x81/0x3b0
[   41.055974][ T4116]  getname_flags+0xb0/0x3b0
[   41.056073][ T4116]  __x64_sys_rename+0x40/0x70
[   41.056091][ T4116]  x64_sys_call+0x2cd9/0x2e10
[   41.056187][ T4116]  do_syscall_64+0xc9/0x1a0
[   41.056208][ T4116]  ? clear_bhb_loop+0x25/0x80
[   41.056302][ T4116]  ? clear_bhb_loop+0x25/0x80
[   41.056320][ T4116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.056337][ T4116] RIP: 0033:0x7f978e3fe169
[   41.056349][ T4116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.056374][ T4116] RSP: 002b:00007f978ca67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[   41.056395][ T4116] RAX: ffffffffffffffda RBX: 00007f978e625fa0 RCX: 00007f978e3fe169
[   41.056405][ T4116] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000200000000780
[   41.056415][ T4116] RBP: 00007f978ca67090 R08: 0000000000000000 R09: 0000000000000000
[   41.056424][ T4116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   41.056434][ T4116] R13: 0000000000000000 R14: 00007f978e625fa0 R15: 00007fff1c0d9758
[   41.056450][ T4116]  </TASK>
[   41.266486][   T47] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 393: padding at end of block bitmap is not set
[   41.284263][   T47] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 28
[   41.296775][   T47] EXT4-fs (loop1): This should not happen!! Data will be lost
[   41.296775][   T47] 
[   41.299954][ T4126] vhci_hcd: invalid port number 23
[   41.306450][   T47] EXT4-fs (loop1): Total free blocks count 0
[   41.306465][   T47] EXT4-fs (loop1): Free/Dirty block details
[   41.306476][   T47] EXT4-fs (loop1): free_blocks=0
[   41.306488][   T47] EXT4-fs (loop1): dirty_blocks=16
[   41.333657][   T47] EXT4-fs (loop1): Block reservation details
[   41.339632][   T47] EXT4-fs (loop1): i_reserved_data_blocks=1
[   41.345816][ T4128] loop3: detected capacity change from 0 to 512
[   41.355906][ T4128] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.222: corrupted in-inode xattr: invalid ea_ino
[   41.373264][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.390404][ T4128] EXT4-fs error (device loop3): ext4_orphan_get:1395: comm syz.3.222: couldn't read orphan inode 15 (err -117)
[   41.415809][ T4128] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.430809][ T4132] vhci_hcd: invalid port number 23
[   41.476724][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.694310][ T4152] netlink: 'syz.1.229': attribute type 3 has an invalid length.
[   41.718483][ T4167] FAULT_INJECTION: forcing a failure.
[   41.718483][ T4167] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   41.731640][ T4167] CPU: 0 UID: 0 PID: 4167 Comm: syz.2.237 Not tainted 6.15.0-rc2-syzkaller-00400-g3088d26962e8 #0 PREEMPT(voluntary) 
[   41.731667][ T4167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   41.731726][ T4167] Call Trace:
[   41.731732][ T4167]  <TASK>
[   41.731739][ T4167]  dump_stack_lvl+0xf6/0x150
[   41.731764][ T4167]  dump_stack+0x15/0x1a
[   41.731779][ T4167]  should_fail_ex+0x261/0x270
[   41.731801][ T4167]  should_fail+0xb/0x10
[   41.731820][ T4167]  should_fail_usercopy+0x1a/0x20
[   41.731889][ T4167]  _copy_to_user+0x20/0xa0
[   41.731918][ T4167]  simple_read_from_buffer+0xb2/0x130
[   41.731952][ T4167]  proc_fail_nth_read+0x103/0x140
[   41.732031][ T4167]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   41.732057][ T4167]  vfs_read+0x1b2/0x710
[   41.732070][ T4167]  ? __rcu_read_unlock+0x4e/0x70
[   41.732089][ T4167]  ? __fget_files+0x186/0x1c0
[   41.732114][ T4167]  ksys_read+0xeb/0x1b0
[   41.732191][ T4167]  __x64_sys_read+0x42/0x50
[   41.732214][ T4167]  x64_sys_call+0x2a3b/0x2e10
[   41.732241][ T4167]  do_syscall_64+0xc9/0x1a0
[   41.732347][ T4167]  ? clear_bhb_loop+0x25/0x80
[   41.732410][ T4167]  ? clear_bhb_loop+0x25/0x80
[   41.732436][ T4167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.732456][ T4167] RIP: 0033:0x7fe4299acb7c
[   41.732469][ T4167] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   41.732523][ T4167] RSP: 002b:00007fe428017030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   41.732541][ T4167] RAX: ffffffffffffffda RBX: 00007fe429bd5fa0 RCX: 00007fe4299acb7c
[   41.732552][ T4167] RDX: 000000000000000f RSI: 00007fe4280170a0 RDI: 0000000000000005
[   41.732563][ T4167] RBP: 00007fe428017090 R08: 0000000000000000 R09: 0000000000000000
[   41.732684][ T4167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   41.732696][ T4167] R13: 0000000000000000 R14: 00007fe429bd5fa0 R15: 00007ffd662e53a8
[   41.732716][ T4167]  </TASK>
[   41.947752][ T4168] loop3: detected capacity change from 0 to 512
[   41.954323][ T4172] netlink: 16 bytes leftover after parsing attributes in process `syz.0.239'.
[   41.964810][ T4175] FAULT_INJECTION: forcing a failure.
[   41.964810][ T4175] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   41.977943][ T4175] CPU: 1 UID: 0 PID: 4175 Comm: syz.2.240 Not tainted 6.15.0-rc2-syzkaller-00400-g3088d26962e8 #0 PREEMPT(voluntary) 
[   41.977970][ T4175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   41.978053][ T4175] Call Trace:
[   41.978059][ T4175]  <TASK>
[   41.978055][ T4168] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.236: corrupted in-inode xattr: invalid ea_ino
[   41.978073][ T4175]  dump_stack_lvl+0xf6/0x150
[   41.978098][ T4175]  dump_stack+0x15/0x1a
[   41.978115][ T4175]  should_fail_ex+0x261/0x270
[   41.978141][ T4175]  should_fail+0xb/0x10
[   41.978164][ T4175]  should_fail_usercopy+0x1a/0x20
[   41.978230][ T4175]  _copy_from_iter+0xd8/0xd10
[   41.978257][ T4175]  ? kmalloc_reserve+0x16e/0x190
[   41.978278][ T4175]  ? __build_skb_around+0x199/0x1f0
[   41.978315][ T4175]  ? __alloc_skb+0x227/0x320
[   41.978363][ T4175]  ? __virt_addr_valid+0x1ed/0x250
[   41.978459][ T4175]  ? __check_object_size+0x367/0x510
[   41.978568][ T4175]  netlink_sendmsg+0x492/0x720
[   41.978634][ T4175]  ? __pfx_netlink_sendmsg+0x10/0x10
[   41.978656][ T4175]  __sock_sendmsg+0x140/0x180
[   41.978710][ T4175]  ____sys_sendmsg+0x350/0x4e0
[   41.978825][ T4175]  __sys_sendmsg+0x1a0/0x240
[   41.978865][ T4175]  __x64_sys_sendmsg+0x46/0x50
[   41.978890][ T4175]  x64_sys_call+0x26f3/0x2e10
[   41.978913][ T4175]  do_syscall_64+0xc9/0x1a0
[   41.978987][ T4175]  ? clear_bhb_loop+0x25/0x80
[   41.979011][ T4175]  ? clear_bhb_loop+0x25/0x80
[   41.979032][ T4175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.979055][ T4175] RIP: 0033:0x7fe4299ae169
[   41.979085][ T4175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.979103][ T4175] RSP: 002b:00007fe428017038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   41.979138][ T4175] RAX: ffffffffffffffda RBX: 00007fe429bd5fa0 RCX: 00007fe4299ae169
[   41.979151][ T4175] RDX: 0000000004000000 RSI: 0000200000000000 RDI: 0000000000000003
[   41.979163][ T4175] RBP: 00007fe428017090 R08: 0000000000000000 R09: 0000000000000000
[   41.979176][ T4175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   41.979188][ T4175] R13: 0000000000000000 R14: 00007fe429bd5fa0 R15: 00007ffd662e53a8
[   41.979207][ T4175]  </TASK>
[   42.011296][ T4172] xt_CT: You must specify a L4 protocol and not use inversions on it
[   42.076825][ T4168] EXT4-fs error (device loop3): ext4_orphan_get:1395: comm syz.3.236: couldn't read orphan inode 15 (err -117)
[   42.088239][ T4178] netlink: 'syz.2.241': attribute type 13 has an invalid length.
[   42.096008][ T4168] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.097172][   T29] kauditd_printk_skb: 311 callbacks suppressed
[   42.097185][   T29] audit: type=1400 audit(1745046560.546:848): avc:  denied  { setopt } for  pid=4171 comm="syz.0.239" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   42.191043][ T4164] loop4: detected capacity change from 0 to 512
[   42.210467][   T29] audit: type=1400 audit(1745046560.556:849): avc:  denied  { create } for  pid=4165 comm="syz.3.236" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   42.317176][   T29] audit: type=1400 audit(1745046560.626:850): avc:  denied  { unmount } for  pid=3302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[   42.318635][ T4164] EXT4-fs error (device loop4): ext4_orphan_get:1390: inode #15: comm syz.4.235: casefold flag without casefold feature
[   42.352556][ T4164] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.235: couldn't read orphan inode 15 (err -117)
[   42.365128][ T4164] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.379646][   T29] audit: type=1400 audit(1745046560.836:851): avc:  denied  { read append open } for  pid=4161 comm="syz.4.235" path="/57/file0/blkio.bfq.avg_queue_size" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   42.396690][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.460393][ T4178] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.467633][ T4178] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.484402][   T29] audit: type=1400 audit(1745046560.926:852): avc:  denied  { name_bind } for  pid=4189 comm="syz.0.246" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   42.562249][   T29] audit: type=1400 audit(1745046561.006:853): avc:  denied  { remount } for  pid=4161 comm="syz.4.235" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   42.579353][ T4178] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   42.592880][ T4178] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   42.628290][ T4178] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   42.636712][ T4178] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   42.645124][ T4178] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   42.653473][ T4178] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   42.663317][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.690508][   T29] audit: type=1400 audit(1745046561.136:854): avc:  denied  { read write } for  pid=4195 comm="syz.4.248" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   42.715197][   T29] audit: type=1400 audit(1745046561.136:855): avc:  denied  { open } for  pid=4195 comm="syz.4.248" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   42.739755][   T29] audit: type=1400 audit(1745046561.136:856): avc:  denied  { ioctl } for  pid=4195 comm="syz.4.248" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   42.773158][ T4202] loop1: detected capacity change from 0 to 512
[   42.811126][ T4202] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.251: Invalid inode bitmap blk 4 in block_group 0
[   42.839663][ T4208] loop2: detected capacity change from 0 to 512
[   42.848985][ T4208] EXT4-fs error (device loop2): ext4_iget_extra_inode:4693: inode #15: comm syz.2.252: corrupted in-inode xattr: invalid ea_ino
[   42.854304][ T4202] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.865348][ T4208] EXT4-fs error (device loop2): ext4_orphan_get:1395: comm syz.2.252: couldn't read orphan inode 15 (err -117)
[   42.923007][ T4208] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.942169][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.999985][ T4229] Zero length message leads to an empty skb
[   43.027162][   T29] audit: type=1400 audit(1745046561.476:857): avc:  denied  { create } for  pid=4210 comm="syz.3.255" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   43.048238][ T4228] 
: renamed from bond0
[   43.068210][ T4236] loop1: detected capacity change from 0 to 128
[   43.094591][ T4236] FAULT_INJECTION: forcing a failure.
[   43.094591][ T4236] name failslab, interval 1, probability 0, space 0, times 1
[   43.107270][ T4236] CPU: 0 UID: 0 PID: 4236 Comm: syz.1.256 Not tainted 6.15.0-rc2-syzkaller-00400-g3088d26962e8 #0 PREEMPT(voluntary) 
[   43.107298][ T4236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   43.107309][ T4236] Call Trace:
[   43.107315][ T4236]  <TASK>
[   43.107381][ T4236]  dump_stack_lvl+0xf6/0x150
[   43.107405][ T4236]  dump_stack+0x15/0x1a
[   43.107420][ T4236]  should_fail_ex+0x261/0x270
[   43.107443][ T4236]  should_failslab+0x8f/0xb0
[   43.107464][ T4236]  __kmalloc_cache_noprof+0x55/0x320
[   43.107529][ T4236]  ? vfat_add_entry+0xd4/0x1c20
[   43.107561][ T4236]  vfat_add_entry+0xd4/0x1c20
[   43.107590][ T4236]  ? avc_has_perm_noaudit+0x1cc/0x210
[   43.107658][ T4236]  ? avc_has_perm+0xd6/0x150
[   43.107679][ T4236]  ? ktime_get_coarse_real_ts64_mg+0x1a2/0x1c0
[   43.107711][ T4236]  ? current_time+0x17e/0x230
[   43.107775][ T4236]  vfat_create+0xab/0x190
[   43.107814][ T4236]  vfs_create+0x19c/0x2b0
[   43.107927][ T4236]  do_mknodat+0x29b/0x430
[   43.107960][ T4236]  __x64_sys_mknod+0x51/0x60
[   43.108080][ T4236]  x64_sys_call+0x1713/0x2e10
[   43.108107][ T4236]  do_syscall_64+0xc9/0x1a0
[   43.108250][ T4236]  ? clear_bhb_loop+0x25/0x80
[   43.108277][ T4236]  ? clear_bhb_loop+0x25/0x80
[   43.108358][ T4236]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.108448][ T4236] RIP: 0033:0x7f978e3fe169
[   43.108462][ T4236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.108515][ T4236] RSP: 002b:00007f978ca67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[   43.108538][ T4236] RAX: ffffffffffffffda RBX: 00007f978e625fa0 RCX: 00007f978e3fe169
[   43.108553][ T4236] RDX: 0000000000000703 RSI: 0000000000000000 RDI: 0000200000000000
[   43.108567][ T4236] RBP: 00007f978ca67090 R08: 0000000000000000 R09: 0000000000000000
[   43.108581][ T4236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   43.108595][ T4236] R13: 0000000000000000 R14: 00007f978e625fa0 R15: 00007fff1c0d9758
[   43.108663][ T4236]  </TASK>
[   43.114179][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.325768][ T4242] netlink: 'syz.4.258': attribute type 3 has an invalid length.
[   43.352308][ T4254] vhci_hcd: invalid port number 23
[   43.466951][ T4262] FAULT_INJECTION: forcing a failure.
[   43.466951][ T4262] name failslab, interval 1, probability 0, space 0, times 0
[   43.479647][ T4262] CPU: 0 UID: 0 PID: 4262 Comm: syz.1.263 Not tainted 6.15.0-rc2-syzkaller-00400-g3088d26962e8 #0 PREEMPT(voluntary) 
[   43.479724][ T4262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   43.479735][ T4262] Call Trace:
[   43.479741][ T4262]  <TASK>
[   43.479748][ T4262]  dump_stack_lvl+0xf6/0x150
[   43.479819][ T4262]  dump_stack+0x15/0x1a
[   43.479835][ T4262]  should_fail_ex+0x261/0x270
[   43.479858][ T4262]  should_failslab+0x8f/0xb0
[   43.479880][ T4262]  __kmalloc_cache_noprof+0x55/0x320
[   43.479907][ T4262]  ? __hw_addr_add_ex+0x15a/0x430
[   43.480006][ T4262]  __hw_addr_add_ex+0x15a/0x430
[   43.480070][ T4262]  dev_addr_init+0xb7/0x130
[   43.480088][ T4262]  ? __pfx_caifdev_setup+0x10/0x10
[   43.480107][ T4262]  alloc_netdev_mqs+0x225/0xac0
[   43.480131][ T4262]  ldisc_open+0x105/0x530
[   43.480174][ T4262]  ? __kmalloc_cache_noprof+0x18d/0x320
[   43.480210][ T4262]  tty_ldisc_reinit+0x214/0x310
[   43.480270][ T4262]  tty_reopen+0x186/0x1b0
[   43.480363][ T4262]  tty_open+0x90a/0xb10
[   43.480425][ T4262]  chrdev_open+0x2fc/0x380
[   43.480446][ T4262]  ? __pfx_chrdev_open+0x10/0x10
[   43.480519][ T4262]  do_dentry_open+0x621/0xa20
[   43.480547][ T4262]  vfs_open+0x38/0x1e0
[   43.480573][ T4262]  path_openat+0x1b1c/0x2000
[   43.480603][ T4262]  ? _parse_integer_limit+0x167/0x180
[   43.480665][ T4262]  do_filp_open+0x115/0x240
[   43.480750][ T4262]  do_sys_openat2+0xaa/0x110
[   43.480779][ T4262]  __x64_sys_openat+0xf8/0x120
[   43.480808][ T4262]  x64_sys_call+0x1ac/0x2e10
[   43.480906][ T4262]  do_syscall_64+0xc9/0x1a0
[   43.480931][ T4262]  ? clear_bhb_loop+0x25/0x80
[   43.480954][ T4262]  ? clear_bhb_loop+0x25/0x80
[   43.481001][ T4262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.481022][ T4262] RIP: 0033:0x7f978e3fe169
[   43.481037][ T4262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.481055][ T4262] RSP: 002b:00007f978ca67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   43.481074][ T4262] RAX: ffffffffffffffda RBX: 00007f978e625fa0 RCX: 00007f978e3fe169
[   43.481142][ T4262] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[   43.481155][ T4262] RBP: 00007f978ca67090 R08: 0000000000000000 R09: 0000000000000000
[   43.481167][ T4262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   43.481179][ T4262] R13: 0000000000000000 R14: 00007f978e625fa0 R15: 00007fff1c0d9758
[   43.481204][ T4262]  </TASK>
[   43.860039][ T4293] FAULT_INJECTION: forcing a failure.
[   43.860039][ T4293] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   43.873217][ T4293] CPU: 1 UID: 0 PID: 4293 Comm: syz.3.269 Not tainted 6.15.0-rc2-syzkaller-00400-g3088d26962e8 #0 PREEMPT(voluntary) 
[   43.873274][ T4293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   43.873301][ T4293] Call Trace:
[   43.873308][ T4293]  <TASK>
[   43.873314][ T4293]  dump_stack_lvl+0xf6/0x150
[   43.873350][ T4293]  dump_stack+0x15/0x1a
[   43.873378][ T4293]  should_fail_ex+0x261/0x270
[   43.873482][ T4293]  should_fail+0xb/0x10
[   43.873568][ T4293]  should_fail_usercopy+0x1a/0x20
[   43.873651][ T4293]  _copy_to_user+0x20/0xa0
[   43.873675][ T4293]  simple_read_from_buffer+0xb2/0x130
[   43.873736][ T4293]  proc_fail_nth_read+0x103/0x140
[   43.873771][ T4293]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   43.873854][ T4293]  vfs_read+0x1b2/0x710
[   43.873871][ T4293]  ? __rcu_read_unlock+0x4e/0x70
[   43.873905][ T4293]  ? __fget_files+0x186/0x1c0
[   43.873923][ T4293]  ksys_read+0xeb/0x1b0
[   43.873938][ T4293]  __x64_sys_read+0x42/0x50
[   43.873953][ T4293]  x64_sys_call+0x2a3b/0x2e10
[   43.873972][ T4293]  do_syscall_64+0xc9/0x1a0
[   43.874046][ T4293]  ? clear_bhb_loop+0x25/0x80
[   43.874063][ T4293]  ? clear_bhb_loop+0x25/0x80
[   43.874085][ T4293]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.874106][ T4293] RIP: 0033:0x7fae6fa9cb7c
[   43.874120][ T4293] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   43.874144][ T4293] RSP: 002b:00007fae6e107030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   43.874217][ T4293] RAX: ffffffffffffffda RBX: 00007fae6fcc5fa0 RCX: 00007fae6fa9cb7c
[   43.874229][ T4293] RDX: 000000000000000f RSI: 00007fae6e1070a0 RDI: 0000000000000004
[   43.874241][ T4293] RBP: 00007fae6e107090 R08: 0000000000000000 R09: 0000000000000000
[   43.874253][ T4293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   43.874264][ T4293] R13: 0000000000000000 R14: 00007fae6fcc5fa0 R15: 00007ffffd57ff18
[   43.874316][ T4293]  </TASK>
[   44.140042][ T4323] ªªªªªª: renamed from vlan0
[   44.158837][ T4331] loop3: detected capacity change from 0 to 512
[   44.171578][ T4331] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   44.257765][ T4340] loop4: detected capacity change from 0 to 128
[   44.281045][ T4340] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   44.288946][ T4340] FAT-fs (loop4): Filesystem has been set read-only
[   44.307939][ T4344] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   44.322268][ T4340] bio_check_eod: 17 callbacks suppressed
[   44.322280][ T4340] syz.4.275: attempt to access beyond end of device
[   44.322280][ T4340] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   44.370804][ T4340] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   44.378673][ T4340] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   44.394590][ T4340] syz.4.275: attempt to access beyond end of device
[   44.394590][ T4340] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[   44.408863][ T3303] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[   44.411790][ T4340] syz.4.275: attempt to access beyond end of device
[   44.411790][ T4340] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[   44.431444][ T4354] netlink: 4156 bytes leftover after parsing attributes in process `syz.0.279'.
[   44.518662][ T4368] FAULT_INJECTION: forcing a failure.
[   44.518662][ T4368] name failslab, interval 1, probability 0, space 0, times 0
[   44.531420][ T4368] CPU: 1 UID: 0 PID: 4368 Comm: syz.3.283 Not tainted 6.15.0-rc2-syzkaller-00400-g3088d26962e8 #0 PREEMPT(voluntary) 
[   44.531448][ T4368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   44.531504][ T4368] Call Trace:
[   44.531508][ T4368]  <TASK>
[   44.531514][ T4368]  dump_stack_lvl+0xf6/0x150
[   44.531533][ T4368]  dump_stack+0x15/0x1a
[   44.531598][ T4368]  should_fail_ex+0x261/0x270
[   44.531663][ T4368]  should_failslab+0x8f/0xb0
[   44.531696][ T4368]  kmem_cache_alloc_node_noprof+0x5c/0x340
[   44.531736][ T4368]  ? __alloc_skb+0x10d/0x320
[   44.531750][ T4368]  ? xa_load+0xbd/0xe0
[   44.531825][ T4368]  __alloc_skb+0x10d/0x320
[   44.531847][ T4368]  __pskb_copy_fclone+0x6a/0x870
[   44.531890][ T4368]  ? kmem_cache_alloc_node_noprof+0x197/0x340
[   44.531919][ T4368]  ? kmalloc_reserve+0x7e/0x190
[   44.531939][ T4368]  tipc_msg_reassemble+0xc6/0x2a0
[   44.531997][ T4368]  ? kmalloc_reserve+0x16e/0x190
[   44.532014][ T4368]  tipc_mcast_xmit+0xc5/0xcf0
[   44.532034][ T4368]  ? tipc_msg_build+0x316/0x870
[   44.532063][ T4368]  tipc_send_group_bcast+0x620/0x700
[   44.532165][ T4368]  ? __pfx_woken_wake_function+0x10/0x10
[   44.532192][ T4368]  __tipc_sendmsg+0x1a0/0x1c90
[   44.532244][ T4368]  ? selinux_socket_sendmsg+0x18a/0x1c0
[   44.532279][ T4368]  ? _raw_spin_unlock_bh+0x36/0x40
[   44.532316][ T4368]  ? lock_sock_nested+0x114/0x140
[   44.532381][ T4368]  ? __pfx_tipc_sendmsg+0x10/0x10
[   44.532445][ T4368]  tipc_sendmsg+0x3e/0x60
[   44.532496][ T4368]  __sock_sendmsg+0x140/0x180
[   44.532598][ T4368]  ____sys_sendmsg+0x350/0x4e0
[   44.532634][ T4368]  __sys_sendmsg+0x1a0/0x240
[   44.532681][ T4368]  __x64_sys_sendmsg+0x46/0x50
[   44.532710][ T4368]  x64_sys_call+0x26f3/0x2e10
[   44.532737][ T4368]  do_syscall_64+0xc9/0x1a0
[   44.532837][ T4368]  ? clear_bhb_loop+0x25/0x80
[   44.532863][ T4368]  ? clear_bhb_loop+0x25/0x80
[   44.532890][ T4368]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.532991][ T4368] RIP: 0033:0x7fae6fa9e169
[   44.533009][ T4368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.533032][ T4368] RSP: 002b:00007fae6e107038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   44.533055][ T4368] RAX: ffffffffffffffda RBX: 00007fae6fcc5fa0 RCX: 00007fae6fa9e169
[   44.533070][ T4368] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000007
[   44.533091][ T4368] RBP: 00007fae6e107090 R08: 0000000000000000 R09: 0000000000000000
[   44.533156][ T4368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   44.533171][ T4368] R13: 0000000000000000 R14: 00007fae6fcc5fa0 R15: 00007ffffd57ff18
[   44.533193][ T4368]  </TASK>
[   44.552837][ T4373] vhci_hcd: invalid port number 23
[   44.691378][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691466][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691522][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691544][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691566][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691586][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691606][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691625][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691667][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691686][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691705][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691724][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691744][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691763][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691782][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691853][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691874][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691893][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691912][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691931][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691950][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691969][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.691987][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692007][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692023][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692040][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692058][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692077][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692121][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692141][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692180][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692250][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692271][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692312][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692335][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692356][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692375][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692395][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692415][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692438][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692461][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692492][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692512][   T23] hid-generic 0000:0400:0000.0004: unknown main item tag 0x0
[   44.692908][   T23] hid-generic 0000:0400:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   44.733911][ T4399] syz.0.295 (4399): /proc/4398/oom_adj is deprecated, please use /proc/4398/oom_score_adj instead.
[   45.429552][ T4412] loop4: detected capacity change from 0 to 512
[   45.446359][ T4412] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   45.502962][ T4412] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.517418][ T4423] netlink: 168 bytes leftover after parsing attributes in process `syz.1.303'.
[   45.519512][ T4412] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.538211][ T4423] veth1_macvtap: left promiscuous mode
[   45.539905][ T4421] netlink: 'syz.3.302': attribute type 13 has an invalid length.
[   45.544215][ T4423] macsec0: entered promiscuous mode
[   45.556753][ T4423] macsec0: entered allmulticast mode
[   45.573638][ T4421] smc: net device bond0 applied user defined pnetid SYZ0
[   45.583213][ T4423] veth1_macvtap: entered promiscuous mode
[   45.589036][ T4423] veth1_macvtap: entered allmulticast mode
[   45.678230][ T4431] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   45.706155][ T4431] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   45.829089][ T4433] loop0: detected capacity change from 0 to 8192
[   46.148299][ T4453] netlink: 'syz.0.313': attribute type 3 has an invalid length.
[   46.159241][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.166727][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.174174][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.181707][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.189156][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.196599][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.204018][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.211470][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.218891][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.226437][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.233830][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.241198][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.248587][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.256037][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.263410][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.270835][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.278241][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.285705][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.293172][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.300563][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.308009][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.315405][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.322798][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.330267][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.337759][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.345248][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.352623][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.360201][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.367634][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.375054][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.382459][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.389884][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.392667][ T4455] netlink: 'syz.1.315': attribute type 13 has an invalid length.
[   46.397296][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.397322][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.419915][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.427354][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.434845][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.442271][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.449771][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.457297][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.464728][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.472126][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.479604][   T10] hid-generic 0000:0400:0000.0005: unknown main item tag 0x0
[   46.487541][   T10] hid-generic 0000:0400:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   46.579744][ T4455] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.586977][ T4455] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.638026][ T4455] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   46.654698][ T4455] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   46.698360][ T4455] veth1_macvtap: left allmulticast mode
[   46.709108][ T4455] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   46.718508][ T4455] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   46.727431][ T4455] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   46.736418][ T4455] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   46.975904][ T4501] pim6reg1: entered promiscuous mode
[   46.981365][ T4501] pim6reg1: entered allmulticast mode
[   46.990930][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.030989][ T4503] infiniband syz!: set down
[   47.035601][ T4503] infiniband syz!: added team_slave_0
[   47.035646][ T4509] loop4: detected capacity change from 0 to 128
[   47.062838][ T4503] RDS/IB: syz!: added
[   47.064632][ T4509] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   47.067088][ T4503] smc: adding ib device syz! with port count 1
[   47.074761][ T4509] FAT-fs (loop4): Filesystem has been set read-only
[   47.091247][ T4509] syz.4.329: attempt to access beyond end of device
[   47.091247][ T4509] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   47.093769][ T4512] bond1: entered promiscuous mode
[   47.106321][ T4509] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   47.109868][ T4512] bond1: entered allmulticast mode
[   47.117680][ T4509] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   47.123950][ T4503] smc:    ib device syz! port 1 has pnetid 
[   47.133304][ T4509] syz.4.329: attempt to access beyond end of device
[   47.133304][ T4509] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[   47.137232][ T4512] 8021q: adding VLAN 0 to HW filter on device bond1
[   47.156698][ T4509] syz.4.329: attempt to access beyond end of device
[   47.156698][ T4509] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[   47.180716][ T4512] bond1 (unregistering): Released all slaves
[   47.213821][ T4520] ip6gretap1: entered allmulticast mode
[   47.241675][ T4522] loop4: detected capacity change from 0 to 512
[   47.255731][ T4522] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.334: Invalid inode bitmap blk 4 in block_group 0
[   47.270114][ T4522] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   47.306661][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.346750][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.354285][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.361745][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.369297][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.376758][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.384254][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.391757][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.399179][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.406602][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.414019][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.421400][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.428790][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.436171][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.443598][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.450994][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.458436][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.465888][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.473274][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.480714][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.488117][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.495507][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.502892][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.510332][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.517721][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.525200][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.532645][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.540070][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.547502][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.554938][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.562328][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.569742][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.576352][ T4534] netlink: 'syz.2.338': attribute type 3 has an invalid length.
[   47.577221][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.592167][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.594243][ T3382] IPVS: starting estimator thread 0...
[   47.599611][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.612410][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.619979][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.627548][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.635078][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.642708][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.650131][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.657541][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.665037][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.672455][ T3363] hid-generic 0000:0400:0000.0006: unknown main item tag 0x0
[   47.690100][ T3363] hid-generic 0000:0400:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   47.693821][ T4536] IPVS: using max 2352 ests per chain, 117600 per kthread
[   47.728549][ T4538] loop0: detected capacity change from 0 to 512
[   47.747014][ T4538] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.339: Invalid inode bitmap blk 4 in block_group 0
[   47.760514][ T4538] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   47.776825][ T4544] loop2: detected capacity change from 0 to 512
[   47.803324][ T4544] EXT4-fs error (device loop2): ext4_iget_extra_inode:4693: inode #15: comm syz.2.341: corrupted in-inode xattr: invalid ea_ino
[   47.813025][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.818949][ T4544] EXT4-fs error (device loop2): ext4_orphan_get:1395: comm syz.2.341: couldn't read orphan inode 15 (err -117)
[   47.837993][ T4544] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   47.872711][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.933846][   T29] kauditd_printk_skb: 196 callbacks suppressed
[   47.933860][   T29] audit: type=1326 audit(1745046566.376:1054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4554 comm="syz.0.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd204ebe169 code=0x7ffc0000
[   47.963543][   T29] audit: type=1326 audit(1745046566.376:1055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4554 comm="syz.0.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fd204ebe169 code=0x7ffc0000
[   47.986995][   T29] audit: type=1326 audit(1745046566.376:1056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4554 comm="syz.0.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd204ebe169 code=0x7ffc0000
[   48.010371][   T29] audit: type=1326 audit(1745046566.376:1057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4554 comm="syz.0.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd204ebe169 code=0x7ffc0000
[   48.033702][   T29] audit: type=1326 audit(1745046566.376:1058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4554 comm="syz.0.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd204ebe169 code=0x7ffc0000
[   48.057133][   T29] audit: type=1326 audit(1745046566.376:1059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4554 comm="syz.0.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=306 compat=0 ip=0x7fd204ebe169 code=0x7ffc0000
[   48.080539][   T29] audit: type=1326 audit(1745046566.376:1060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4554 comm="syz.0.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd204ebe169 code=0x7ffc0000
[   48.103844][   T29] audit: type=1326 audit(1745046566.376:1061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4554 comm="syz.0.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd204ebe169 code=0x7ffc0000
[   48.127193][   T29] audit: type=1326 audit(1745046566.376:1062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4554 comm="syz.0.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd204ebe169 code=0x7ffc0000
[   48.150542][   T29] audit: type=1326 audit(1745046566.376:1063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4554 comm="syz.0.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd204ebe169 code=0x7ffc0000
[   48.300220][ T4571] loop4: detected capacity change from 0 to 512
[   48.332563][ T4581] FAULT_INJECTION: forcing a failure.
[   48.332563][ T4581] name failslab, interval 1, probability 0, space 0, times 0
[   48.338866][ T4571] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.345219][ T4581] CPU: 1 UID: 0 PID: 4581 Comm: syz.2.355 Not tainted 6.15.0-rc2-syzkaller-00400-g3088d26962e8 #0 PREEMPT(voluntary) 
[   48.345248][ T4581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   48.345262][ T4581] Call Trace:
[   48.345269][ T4581]  <TASK>
[   48.345277][ T4581]  dump_stack_lvl+0xf6/0x150
[   48.345304][ T4581]  dump_stack+0x15/0x1a
[   48.345323][ T4581]  should_fail_ex+0x261/0x270
[   48.345347][ T4581]  should_failslab+0x8f/0xb0
[   48.345370][ T4581]  kmem_cache_alloc_noprof+0x59/0x340
[   48.345400][ T4581]  ? vm_area_dup+0x32/0x260
[   48.345420][ T4581]  vm_area_dup+0x32/0x260
[   48.345439][ T4581]  __split_vma+0xf9/0x630
[   48.345465][ T4581]  ? vm_area_free+0x4d/0x60
[   48.345488][ T4581]  vms_gather_munmap_vmas+0x171/0x790
[   48.345521][ T4581]  ? do_vmi_align_munmap+0x379/0x3c0
[   48.345550][ T4581]  do_vmi_align_munmap+0x1a5/0x3c0
[   48.345581][ T4581]  do_vmi_munmap+0x1eb/0x230
[   48.345604][ T4581]  __se_sys_mremap+0xae5/0x1200
[   48.345645][ T4581]  __x64_sys_mremap+0x67/0x80
[   48.345675][ T4581]  x64_sys_call+0x29c3/0x2e10
[   48.345698][ T4581]  do_syscall_64+0xc9/0x1a0
[   48.345724][ T4581]  ? clear_bhb_loop+0x25/0x80
[   48.345749][ T4581]  ? clear_bhb_loop+0x25/0x80
[   48.345771][ T4581]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.345792][ T4581] RIP: 0033:0x7fe4299ae169
[   48.345807][ T4581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.345826][ T4581] RSP: 002b:00007fe428017038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[   48.345845][ T4581] RAX: ffffffffffffffda RBX: 00007fe429bd5fa0 RCX: 00007fe4299ae169
[   48.345856][ T4581] RDX: 0000000000002000 RSI: 0000000000004000 RDI: 00002000001d3000
[   48.345869][ T4581] RBP: 00007fe428017090 R08: 00002000009ad000 R09: 0000000000000000
[   48.345881][ T4581] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[   48.345893][ T4581] R13: 0000000000000001 R14: 00007fe429bd5fa0 R15: 00007ffd662e53a8
[   48.345912][ T4581]  </TASK>
[   48.408498][ T4584] netlink: 48 bytes leftover after parsing attributes in process `syz.0.356'.
[   48.430626][ T4571] ext4 filesystem being mounted at /73/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.459591][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.584810][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.592210][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.599671][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.607064][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.615058][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.622448][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.629915][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.637327][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.644798][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.652259][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.659697][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.667188][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.674701][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.682074][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.689498][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.696887][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.704269][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.711711][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.719227][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.726618][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.734017][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.741397][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.748867][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.756365][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.763775][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.771190][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.778603][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.785996][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.793383][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.800779][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.808215][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.815859][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.823352][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.830819][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.838214][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.845630][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.853095][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.860559][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.867945][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.875393][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.882772][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.890182][ T3363] hid-generic 0000:0400:0000.0007: unknown main item tag 0x0
[   48.898037][ T3363] hid-generic 0000:0400:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   48.917707][ T4599] vhci_hcd: default hub control req: 6011 v02ff i0000 l0
[   48.952499][ T4603] netlink: 'syz.1.362': attribute type 13 has an invalid length.
[   48.962243][ T4603] smc: net device bond0 erased user defined pnetid SYZ0
[   49.058271][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.094333][ T4611] hub 2-0:1.0: USB hub found
[   49.099047][ T4611] hub 2-0:1.0: 8 ports detected
[   49.128080][ T4613] loop0: detected capacity change from 0 to 1024
[   49.141510][ T4613] EXT4-fs: Ignoring removed i_version option
[   49.147662][ T4613] EXT4-fs: Ignoring removed mblk_io_submit option
[   49.154198][ T4613] EXT4-fs: Ignoring removed nobh option
[   49.159751][ T4613] EXT4-fs: Ignoring removed bh option
[   49.166717][ T4608] netlink: 'syz.1.363': attribute type 3 has an invalid length.
[   49.185575][ T4613] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.309697][ T4625] loop4: detected capacity change from 0 to 1024
[   49.316312][ T4625] EXT4-fs: Ignoring removed i_version option
[   49.322461][ T4625] EXT4-fs: Ignoring removed mblk_io_submit option
[   49.329432][ T4625] EXT4-fs: Ignoring removed nobh option
[   49.335064][ T4625] EXT4-fs: Ignoring removed bh option
[   49.346126][ T4625] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.359906][ T4625] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.371: Allocating blocks 385-513 which overlap fs metadata
[   49.374578][ T4625] EXT4-fs (loop4): pa ffff888103668230: logic 16, phys. 129, len 24
[   49.382585][ T4625] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[   49.400558][ T4625] syz.4.371 (4625) used greatest stack depth: 9528 bytes left
[   49.408749][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.467938][ T4642] netlink: 'syz.4.375': attribute type 3 has an invalid length.
[   49.623356][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.630830][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.638324][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.645738][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.653125][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.660547][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.667966][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.675362][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.682742][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.690266][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.697679][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.705083][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.712476][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.719919][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.727414][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.734828][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.742247][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.749657][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.757063][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.764437][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.771827][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.779303][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.786750][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.794159][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.801631][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.809078][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.816464][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.824006][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.831376][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.838775][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.846165][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.853528][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.860998][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.868588][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.875979][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.883369][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.890758][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.898148][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.905540][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.912971][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.920392][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.927793][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.935201][ T3382] hid-generic 0000:0400:0000.0008: unknown main item tag 0x0
[   49.949038][ T3382] hid-generic 0000:0400:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   49.968660][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.019572][ T4668] FAULT_INJECTION: forcing a failure.
[   50.019572][ T4668] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   50.032788][ T4668] CPU: 0 UID: 0 PID: 4668 Comm: syz.1.386 Not tainted 6.15.0-rc2-syzkaller-00400-g3088d26962e8 #0 PREEMPT(voluntary) 
[   50.032821][ T4668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   50.032837][ T4668] Call Trace:
[   50.032844][ T4668]  <TASK>
[   50.032853][ T4668]  dump_stack_lvl+0xf6/0x150
[   50.032882][ T4668]  dump_stack+0x15/0x1a
[   50.032909][ T4668]  should_fail_ex+0x261/0x270
[   50.032939][ T4668]  should_fail+0xb/0x10
[   50.032964][ T4668]  should_fail_usercopy+0x1a/0x20
[   50.032995][ T4668]  _copy_to_user+0x20/0xa0
[   50.033031][ T4668]  simple_read_from_buffer+0xb2/0x130
[   50.033122][ T4668]  proc_fail_nth_read+0x103/0x140
[   50.033158][ T4668]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   50.033197][ T4668]  vfs_read+0x1b2/0x710
[   50.033216][ T4668]  ? fput+0x99/0xd0
[   50.033275][ T4668]  ? __rcu_read_unlock+0x4e/0x70
[   50.033319][ T4668]  ? __fget_files+0x186/0x1c0
[   50.033343][ T4668]  ksys_read+0xeb/0x1b0
[   50.033406][ T4668]  __x64_sys_read+0x42/0x50
[   50.033425][ T4668]  x64_sys_call+0x2a3b/0x2e10
[   50.033443][ T4668]  do_syscall_64+0xc9/0x1a0
[   50.033469][ T4668]  ? clear_bhb_loop+0x25/0x80
[   50.033504][ T4668]  ? clear_bhb_loop+0x25/0x80
[   50.033598][ T4668]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.033620][ T4668] RIP: 0033:0x7f978e3fcb7c
[   50.033635][ T4668] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   50.033653][ T4668] RSP: 002b:00007f978ca67030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   50.033672][ T4668] RAX: ffffffffffffffda RBX: 00007f978e625fa0 RCX: 00007f978e3fcb7c
[   50.033685][ T4668] RDX: 000000000000000f RSI: 00007f978ca670a0 RDI: 0000000000000008
[   50.033697][ T4668] RBP: 00007f978ca67090 R08: 0000000000000000 R09: 0000000000000000
[   50.033752][ T4668] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001
[   50.033764][ T4668] R13: 0000000000000000 R14: 00007f978e625fa0 R15: 00007fff1c0d9758
[   50.033783][ T4668]  </TASK>
[   50.354834][ T4692] loop1: detected capacity change from 0 to 128
[   50.354939][ T4691] loop3: detected capacity change from 0 to 512
[   50.363892][ T4692] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[   50.375277][ T4692] FAT-fs (loop1): Filesystem has been set read-only
[   50.375458][ T4691] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   50.382181][ T4692] syz.1.394: attempt to access beyond end of device
[   50.382181][ T4692] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   50.408764][ T4692] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[   50.416609][ T4692] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[   50.424571][ T4692] syz.1.394: attempt to access beyond end of device
[   50.424571][ T4692] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   50.426287][ T4691] EXT4-fs (loop3): 1 orphan inode deleted
[   50.444062][ T4691] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.457293][ T4691] ext4 filesystem being mounted at /61/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.465455][ T4692] syz.1.394: attempt to access beyond end of device
[   50.465455][ T4692] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   50.481545][  T378] EXT4-fs error (device loop3): ext4_release_dquot:6971: comm kworker/u8:5: Failed to release dquot type 1
[   50.510528][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.595201][ T4709] vhci_hcd: invalid port number 23
[   50.641762][ T4713] openvswitch: netlink: Message has 6 unknown bytes.
[   50.689721][ T4710] netlink: 'syz.3.395': attribute type 3 has an invalid length.
[   50.693076][ T4713] hub 2-0:1.0: USB hub found
[   50.708688][ T4713] hub 2-0:1.0: 8 ports detected
[   50.726601][ T4723] netlink: 'syz.2.403': attribute type 13 has an invalid length.
[   50.736976][ T4723] smc: net device bond0 applied user defined pnetid SYZ0
[   50.742416][ T4727] netlink: 'syz.0.405': attribute type 3 has an invalid length.
[   50.744773][ T4723] smc: net device bond0 erased user defined pnetid SYZ0
[   50.792104][ T4732] loop4: detected capacity change from 0 to 1024
[   50.800533][ T4732] EXT4-fs: Ignoring removed nobh option
[   50.806270][ T4732] EXT4-fs: Ignoring removed bh option
[   50.886301][ T4732] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.905023][ T4742] bond1: entered promiscuous mode
[   50.905557][ T4732] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.408: Allocating blocks 385-513 which overlap fs metadata
[   50.910224][ T4742] bond1: entered allmulticast mode
[   50.929897][ T4742] 8021q: adding VLAN 0 to HW filter on device bond1
[   50.946078][ T4742] bond1 (unregistering): Released all slaves
[   51.525356][ T4760] tmpfs: Bad value for 'mpol'
[   51.530480][ T4760] 9pnet_fd: Insufficient options for proto=fd
[   51.569905][ T4766] netlink: 168 bytes leftover after parsing attributes in process `syz.1.418'.
[   51.580966][ T4766] veth1_macvtap: entered allmulticast mode
[   51.607980][ T4768] loop3: detected capacity change from 0 to 512
[   51.622101][ T4731] EXT4-fs (loop4): pa ffff888103668230: logic 16, phys. 129, len 24
[   51.630252][ T4731] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[   51.673324][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.694745][ T4768] EXT4-fs warning (device loop3): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   51.720455][ T4768] EXT4-fs (loop3): mount failed
[   51.795681][ T4786] loop4: detected capacity change from 0 to 512
[   51.803618][ T4786] EXT4-fs (loop4): orphan cleanup on readonly fs
[   51.811773][ T4786] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.420: bg 0: block 248: padding at end of block bitmap is not set
[   51.851599][ T4786] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.420: Failed to acquire dquot type 1
[   51.863367][ T4786] EXT4-fs (loop4): 1 truncate cleaned up
[   51.870621][ T4786] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   51.913731][ T4786] syz.4.420 (4786) used greatest stack depth: 9208 bytes left
[   51.922796][ T4796] bond1: entered promiscuous mode
[   51.927929][ T4796] bond1: entered allmulticast mode
[   51.935219][ T4796] 8021q: adding VLAN 0 to HW filter on device bond1
[   51.945445][ T4796] bond1 (unregistering): Released all slaves
[   51.960262][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.032111][ T4806] tmpfs: Bad value for 'mpol'
[   52.039992][ T4806] 9pnet_fd: Insufficient options for proto=fd
[   52.211015][ T4818] netlink: 'syz.0.429': attribute type 3 has an invalid length.
[   52.249396][ T4823] loop1: detected capacity change from 0 to 128
[   52.259000][ T4823] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[   52.266901][ T4823] FAT-fs (loop1): Filesystem has been set read-only
[   52.283771][ T4823] syz.1.432: attempt to access beyond end of device
[   52.283771][ T4823] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   52.302498][ T4823] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[   52.310490][ T4823] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[   52.320336][ T4823] syz.1.432: attempt to access beyond end of device
[   52.320336][ T4823] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   52.322237][ T4825] vhci_hcd: invalid port number 23
[   52.333928][ T4823] syz.1.432: attempt to access beyond end of device
[   52.333928][ T4823] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[   52.397030][ T4828] bond1: entered promiscuous mode
[   52.402110][ T4828] bond1: entered allmulticast mode
[   52.407841][ T4828] 8021q: adding VLAN 0 to HW filter on device bond1
[   52.440091][ T4828] bond1 (unregistering): Released all slaves
[   52.582813][ T4843] netlink: 'syz.1.440': attribute type 3 has an invalid length.
[   52.622011][ T4847] vhci_hcd: invalid port number 23
[   52.773183][ T4858] loop4: detected capacity change from 0 to 512
[   52.790820][ T4858] EXT4-fs error (device loop4): ext4_iget_extra_inode:4693: inode #15: comm syz.4.447: corrupted in-inode xattr: invalid ea_ino
[   52.825111][ T4858] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.447: couldn't read orphan inode 15 (err -117)
[   52.827368][ T4853] capability: warning: `syz.1.445' uses deprecated v2 capabilities in a way that may be insecure
[   52.864970][ T4858] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.952228][ T4868] netlink: 'syz.2.451': attribute type 3 has an invalid length.
[   52.977298][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.991122][ T4870] loop2: detected capacity change from 0 to 512
[   52.998717][ T4870] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   53.009962][ T4870] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   53.023756][ T4870] EXT4-fs (loop2): 1 truncate cleaned up
[   53.044110][ T4870] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.079209][ T4866] netlink: 56 bytes leftover after parsing attributes in process `syz.3.450'.
[   53.094126][ T4876] tmpfs: Bad value for 'mpol'
[   53.117477][ T4878] vhci_hcd: invalid port number 23
[   53.125394][   T29] kauditd_printk_skb: 485 callbacks suppressed
[   53.125408][   T29] audit: type=1400 audit(1745046571.576:1545): avc:  denied  { bind } for  pid=4869 comm="syz.2.453" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   53.204760][ T4884] vhci_hcd: invalid port number 23
[   53.235427][ T4888] loop2: detected capacity change from 0 to 512
[   53.253751][ T4888] EXT4-fs error (device loop2): ext4_iget_extra_inode:4693: inode #15: comm syz.2.460: corrupted in-inode xattr: invalid ea_ino
[   53.267488][ T4888] EXT4-fs error (device loop2): ext4_orphan_get:1395: comm syz.2.460: couldn't read orphan inode 15 (err -117)
[   53.303245][ T4893] loop2: detected capacity change from 0 to 512
[   53.319691][ T4895] loop4: detected capacity change from 0 to 512
[   53.326679][ T4895] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   53.337201][ T4893] EXT4-fs error (device loop2): ext4_iget_extra_inode:4693: inode #15: comm syz.2.462: corrupted in-inode xattr: invalid ea_ino
[   53.358981][ T4898] loop0: detected capacity change from 0 to 1024
[   53.366765][ T4893] EXT4-fs error (device loop2): ext4_orphan_get:1395: comm syz.2.462: couldn't read orphan inode 15 (err -117)
[   53.383352][   T29] audit: type=1326 audit(1745046571.826:1546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4894 comm="syz.4.463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f578cf6e169 code=0x7ffc0000
[   53.384971][ T4898] ext4: Unknown parameter 'fowner>00000000000000000000'
[   53.406986][   T29] audit: type=1326 audit(1745046571.826:1547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4894 comm="syz.4.463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f578cf6e169 code=0x7ffc0000
[   53.449730][   T29] audit: type=1326 audit(1745046571.826:1548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4894 comm="syz.4.463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f578cf6e169 code=0x7ffc0000
[   53.473182][   T29] audit: type=1326 audit(1745046571.826:1549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4894 comm="syz.4.463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f578cf6e169 code=0x7ffc0000
[   53.496514][   T29] audit: type=1326 audit(1745046571.826:1550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4894 comm="syz.4.463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f578cf6e169 code=0x7ffc0000
[   53.519887][   T29] audit: type=1326 audit(1745046571.826:1551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4894 comm="syz.4.463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f578cf6e169 code=0x7ffc0000
[   53.543218][   T29] audit: type=1326 audit(1745046571.826:1552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4894 comm="syz.4.463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f578cf6e169 code=0x7ffc0000
[   53.566616][   T29] audit: type=1326 audit(1745046571.826:1553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4894 comm="syz.4.463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f578cf6e169 code=0x7ffc0000
[   53.589972][   T29] audit: type=1326 audit(1745046571.826:1554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4894 comm="syz.4.463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f578cf6e169 code=0x7ffc0000
[   53.632185][ T4910] FAULT_INJECTION: forcing a failure.
[   53.632185][ T4910] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   53.645357][ T4910] CPU: 1 UID: 0 PID: 4910 Comm: syz.3.467 Not tainted 6.15.0-rc2-syzkaller-00400-g3088d26962e8 #0 PREEMPT(voluntary) 
[   53.645382][ T4910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   53.645489][ T4910] Call Trace:
[   53.645495][ T4910]  <TASK>
[   53.645502][ T4910]  dump_stack_lvl+0xf6/0x150
[   53.645523][ T4910]  dump_stack+0x15/0x1a
[   53.645538][ T4910]  should_fail_ex+0x261/0x270
[   53.645558][ T4910]  should_fail+0xb/0x10
[   53.645573][ T4910]  should_fail_usercopy+0x1a/0x20
[   53.645597][ T4910]  _copy_to_user+0x20/0xa0
[   53.645623][ T4910]  simple_read_from_buffer+0xb2/0x130
[   53.645679][ T4910]  proc_fail_nth_read+0x103/0x140
[   53.645768][ T4910]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   53.645802][ T4910]  vfs_read+0x1b2/0x710
[   53.645816][ T4910]  ? __rcu_read_unlock+0x4e/0x70
[   53.645832][ T4910]  ? __fget_files+0x186/0x1c0
[   53.645852][ T4910]  ksys_read+0xeb/0x1b0
[   53.645907][ T4910]  __x64_sys_read+0x42/0x50
[   53.645925][ T4910]  x64_sys_call+0x2a3b/0x2e10
[   53.645947][ T4910]  do_syscall_64+0xc9/0x1a0
[   53.645966][ T4910]  ? clear_bhb_loop+0x25/0x80
[   53.645983][ T4910]  ? clear_bhb_loop+0x25/0x80
[   53.646072][ T4910]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.646089][ T4910] RIP: 0033:0x7fae6fa9cb7c
[   53.646100][ T4910] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   53.646183][ T4910] RSP: 002b:00007fae6e107030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   53.646199][ T4910] RAX: ffffffffffffffda RBX: 00007fae6fcc5fa0 RCX: 00007fae6fa9cb7c
[   53.646212][ T4910] RDX: 000000000000000f RSI: 00007fae6e1070a0 RDI: 0000000000000006
[   53.646224][ T4910] RBP: 00007fae6e107090 R08: 0000000000000000 R09: 0000000000000000
[   53.646312][ T4910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.646322][ T4910] R13: 0000000000000000 R14: 00007fae6fcc5fa0 R15: 00007ffffd57ff18
[   53.646337][ T4910]  </TASK>
[   53.963567][ T4924] loop2: detected capacity change from 0 to 512
[   53.976337][ T4929] netlink: 168 bytes leftover after parsing attributes in process `syz.4.475'.
[   53.986700][ T4929] macsec0: entered promiscuous mode
[   53.991929][ T4929] macsec0: entered allmulticast mode
[   53.997564][ T4924] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.466: Invalid inode bitmap blk 4 in block_group 0
[   54.001018][ T4931] netlink: 12 bytes leftover after parsing attributes in process `syz.0.476'.
[   54.021685][ T4929] veth1_macvtap: entered allmulticast mode
[   54.089696][ T4933] loop1: detected capacity change from 0 to 2048
[   54.140646][ T4946] loop2: detected capacity change from 0 to 128
[   54.156000][ T4946] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   54.163930][ T4946] FAT-fs (loop2): Filesystem has been set read-only
[   54.172009][ T4933]  loop1: p1 < > p3
[   54.172554][ T4946] syz.2.483: attempt to access beyond end of device
[   54.172554][ T4946] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   54.190974][ T4933] loop1: p3 size 134217728 extends beyond EOD, truncated
[   54.191112][ T4946] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   54.206090][ T4946] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   54.214849][ T4946] syz.2.483: attempt to access beyond end of device
[   54.214849][ T4946] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   54.228678][ T4946] syz.2.483: attempt to access beyond end of device
[   54.228678][ T4946] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   54.243900][ T4946] syz.2.483: attempt to access beyond end of device
[   54.243900][ T4946] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[   54.282341][ T4956] bond0: entered promiscuous mode
[   54.287480][ T4956] bond0: entered allmulticast mode
[   54.293193][ T4956] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.345245][ T4966] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[   54.355378][ T4956] bond0 (unregistering): Released all slaves
[   54.363815][ T4971] netlink: 8 bytes leftover after parsing attributes in process `syz.1.488'.
[   54.398455][ T4976] netlink: 168 bytes leftover after parsing attributes in process `syz.0.495'.
[   54.408568][ T4976] macsec0: entered promiscuous mode
[   54.413847][ T4976] macsec0: entered allmulticast mode
[   54.421331][ T4976] veth1_macvtap: entered allmulticast mode
[   54.493614][ T4983] ==================================================================
[   54.501713][ T4983] BUG: KCSAN: data-race in mas_walk / mas_wmb_replace
[   54.508487][ T4983] 
[   54.510804][ T4983] write to 0xffff88811937e500 of 8 bytes by task 4982 on cpu 0:
[   54.518428][ T4983]  mas_wmb_replace+0x224/0x1510
[   54.523296][ T4983]  mas_wr_store_entry+0x158c/0x2460
[   54.528510][ T4983]  mas_store_prealloc+0x6d5/0x960
[   54.533554][ T4983]  vma_iter_store_new+0x1d3/0x210
[   54.538578][ T4983]  mmap_region+0xe0c/0x1490
[   54.543084][ T4983]  do_mmap+0x9ef/0xc80
[   54.547153][ T4983]  vm_mmap_pgoff+0x16d/0x2d0
[   54.551747][ T4983]  ksys_mmap_pgoff+0xd0/0x340
[   54.556424][ T4983]  x64_sys_call+0x1945/0x2e10
[   54.561103][ T4983]  do_syscall_64+0xc9/0x1a0
[   54.565696][ T4983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.571585][ T4983] 
[   54.573925][ T4983] read to 0xffff88811937e500 of 8 bytes by task 4983 on cpu 1:
[   54.581458][ T4983]  mas_walk+0x123/0x320
[   54.585610][ T4983]  lock_vma_under_rcu+0xa7/0x340
[   54.590546][ T4983]  exc_page_fault+0x150/0x6a0
[   54.595218][ T4983]  asm_exc_page_fault+0x26/0x30
[   54.600065][ T4983] 
[   54.602385][ T4983] value changed: 0xffff888108339bc1 -> 0xffff88811937e500
[   54.609497][ T4983] 
[   54.611814][ T4983] Reported by Kernel Concurrency Sanitizer on:
[   54.617961][ T4983] CPU: 1 UID: 0 PID: 4983 Comm: syz.2.498 Not tainted 6.15.0-rc2-syzkaller-00400-g3088d26962e8 #0 PREEMPT(voluntary) 
[   54.630287][ T4983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   54.640338][ T4983] ==================================================================