last executing test programs:

1m26.350072451s ago: executing program 2 (id=1060):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x28}}, 0x10)
sendto$inet(r1, &(0x7f00000001c0)="f72bacc3ca1aaadf08e239411cbcf4b2ef908084f500db36e2ef38b56d756f041132ccc67bec238c21e52da753", 0x2d, 0x0, &(0x7f00000004c0)={0x2, 0x4e20, @multicast1}, 0x10)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r2, 0x11, 0x1, &(0x7f00000000c0)=""/211, &(0x7f0000000000)=0xd3)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0xaf}, 0x18)
r4 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r4, 0x0, 0x4, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0200000000000000000000000100000080000000", @ANYRES32, @ANYBLOB="a600"/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000003c0)={r5, <r6=>0xffffffffffffffff}, 0x4)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x18)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="38010000100063d10000000000000000fe8000000000000000000000000000aafe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc01000000000000000000000000000000000000330000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000b000000000000000000000000000000ffffffffffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003000000000000000a000000000000000000000048000100636d6163286165732900"], 0x138}, 0x1, 0x0, 0x0, 0x40000}, 0x4004) (fail_nth: 9)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x7c}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r6}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r10}, 0x10)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000340)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}], [{@fscontext={'fscontext', 0x3d, 'root'}}, {@obj_role={'obj_role', 0x3d, '/#[.-%[*-'}}, {@appraise}, {@context={'context', 0x3d, 'system_u'}}]}, 0x1, 0x503, &(0x7f0000000fc0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSG0EmKPILUhcaModhzFTmlCD+mZKxKVOMGRP4BzT9y5IHrjUg5I/IhADRIHoxlPUje1m6hJ7Gz8+UijeW/e1N/vazrvxS+NXwBD62pE7EbEWETcjojp7HouO+KT9pHc93Tv/tL+3v2lXLRan/0zl7Yn16LjzySuZK9ZjIgffS/ip7kX4za2d9YWq9XKZlafbdY2ZhvbOzdWa4srlZXKerm8ML8w99HND8tn1td3amNZ6atP/rj7rZ8naU1lVzr7cZbaXS8cxkmMRsQPziPYAIxk/RkbdCK8knxEvBkR76bP/3SMpF9NAOAya7WmozXdWQcALrt8ugaWy5eytYCpyOdLpfYa3lsxma/WG83rd+pb68vttbKZKOTvrFYrc9la4UwUckl9Pi0/q5eP1G9GxBsR8cvxibReWqpXlwf5jQ8ADLErR+b//4y3538A4JIrDjoBAKDvzP8AMHzM/wAwfMz/ADB82vP/xKDTAAD6yPt/ABg+5n8AGCo//PTT5GjtZ59/vXx3e2utfvfGcqWxVqptLZWW6psbpZV6fSX9zJ7aca9Xrdc35j+IrXsz395oNGcb2zu3avWt9eat9HO9b1UK6V27fegZANDLG+88epxLZuSPJ9IjOvZyKAw0M+C85QedADAwI4NOABgYu33B8DrFe3zLA3BJdNmi9znFbr8g1Gq1WueXEnDOrn3J+j8Mq471f/8LGIaM9X8YXtb/YXi1WrmT7vkfJ70RALjYrPEDPX7+/2Z2/l32w4GfLB+94+F5ZgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX28H+v6VsL/CpyOdLpYjXImImCrk7q9XKXES8HhF/Hi+MJ/X5AecMAJxW/m+5bP+va9PvTz3X9PaVw+JYRPzs15/96t5is7n5p4ix3L/GD643H2bXy/3PHgA43sE8nZ473sg/3bu/dHD0M5+/fzciiu34+3tjsX8YfzRG03MxChEx+e9cVm/LdaxdnMbug4j4Yrf+52IqXQNp73x6NH4S+7W+xs8/Fz+ftrXPyd/FF84gFxg2j5Lx55Nuz18+rqbn7s9/MR2hTi8b/5KXWtpPx8Bn8Q/Gv5Ee49/Vk8b44A/fb5cmXmx7EPHl0YiD2Psd489B/FyP+O+fMP5fvvL2u73aWr+JuBbd43fGmm3WNmYb2zs3VmuLK5WVynq5vDC/MPfRzQ/Ls+ka9Wzv2eAfH19/vVdb0v/JHvGLx/T/6yfs/2//d/vHX3tJ/G++1y1+Pt56SfxkTvzGCeMvTv6+2Kstib/co//Hff2vnzD+k7/uvLBtOAAwOI3tnbXFarWy+TkqPE6+pxl8Ggr9LyT/ZC9AGl0L3+lXrLHo3vSL99rP9JGmVuuVYvUaMc5i1Q24CA4f+oj476CTAQAAAAAAAAAAAAAAuurHbywNuo8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcXv8PAAD//+a4zis=")
readv(r2, &(0x7f0000000500)=[{&(0x7f0000000540)=""/4064, 0x1dcb}], 0x1)

1m26.014672496s ago: executing program 2 (id=1062):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='blkio.throttle.io_serviced\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x5, &(0x7f0000000140)={0x1, 0x1, 0x10800000})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x10001, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
setns(r4, 0x24020000)
syz_clone(0xd5ba2180, 0x0, 0x0, 0x0, 0x0, 0x0)

1m25.893052768s ago: executing program 2 (id=1067):
socket$nl_route(0x10, 0x3, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8002, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000300), 0x2d83, 0x0)
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
fchdir(r0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001100)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000b800000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f00000002c0)='kmem_cache_free\x00', r1}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r4=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r6}, &(0x7f0000000240), &(0x7f00000003c0)=r2}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r7, r4, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x1c)
syz_emit_ethernet(0xe, &(0x7f0000001980)={@remote, @empty, @void, {@generic={0x8884}}}, 0x0)

1m25.76422797s ago: executing program 2 (id=1073):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x4000, 0x0)
write$UHID_INPUT(r2, &(0x7f0000000cc0)={0x8, {"149e3c109992a9fcef1508979a736b0e089f456a99d2bd0346681dca63783b9472a67247f9c9860456aadd51a65b4cef6068a5ecfe9f11ffb8753e2d266fbd0b10bc4f882fcae0a2e904d46c51568164b78b3300538f08423d65c0c7c38225a6b1b45b39c351ae9eec03aba6e680851731e3d86c71508bf00f08b1994e64df52deb837b39a6b456a5f537dc3014f466f2d450c4e1cbb6c794c4f8d1b452cb0cc6e65a5a9b0c771c010e46f4b1fb53929a5cd0787621dc47931a4d9d9909378ca349632aa8ef22f665560317de58e95779a49e64ec10c01b684a6a63e4a252a7711637790e47a6a066c5aed4a97e8c711f00fd0f325f8a16ef40ee50528cf3cdc086667df6fd6035acc18bf4a834bfd316dd8a79f7eab838fab7df5bf1b6b15d448ca832270e0c4071c28e49da81ee7d95139cf06d7bbb125d29e6da5cc5e86cf75bd8138534ee9bd857a8e108ca7a4e1471e36deef607009abaf5047b4a4f19d00f63cb9b53e1fb72cab320af0d7276a516ec4c62fb76236db6a6c37834e4cd5f513303f424955f973d216f41543263783369bf6fdfa67692924954397992dc005a777199b60e5b7540eebf4a5ac24eeb2b5b6aef573637a380c13a93dac0fd29ccced0b84b52d31c497edc2f47286a5330bc56aa24717d8bea964e046ef1056b7d8b5e0a0409254a6a67b0b5a882a93e3e5f0a988369cbd1ecf7c86b45b9ea0afadae6c35b89ffc2fc92e98105df4a513ff3eecca4383fb7419dbbc72b1b2cb976e15ea33d7678bd4bb72182055cf3937ac90b8b0413a7261821e66e58ad747f7c68f9e69c603de6ac13588112dffdb59988485c0b3c03c626c78d6ec1f1bb97f842fd070995c601fb446eabb20b3fa3d4660d68c7241651f497696832c6b9910c3b6bd90b5bcb8e0b8bb1292cf3ead3d9a002ede53480e6eb1ff3c63d24e37f4d2bfcac0dd9c506dfd90e79a18fde54c39a7cba9a3a2221d15d6ae77cb53d5a30dee7affa311507de4b3fa2ac3c340b574385e5c10a63c3975303b27d4c5645d6bbf60d5e7b1772b3c6d652f8d5e3e9bc326d29c0cb9dea433c1c0380b5599f9898fa170faf6aca18e1b9c3bed85436db7341089f931d0a108a2bf2c8828283b46aaccdffaaad95ba596c14b08284c147ebdd7f7358deb317bfabd3e4bcce19caf3d75331b48a6cc4ecdb54fad9bc857c7b9b5960b34f7ec4fc65e574e0a0741c078f45bc40e8c5521b6fc21ea5088912623ad7bf42808dd14736255d0f5fbc4c069d0b7517a5e8e04e71fb46a05bcd3e0ca8d7941db8e574e5e8871189fb36bbed3537dc710cd89fdc28be408b396552ab0af2b31e748ffbd44458b8cb6fedb89f35d09c85acfce501fc6869e35a44467d41d3162d9edbaea1b37497698b853e6b37aa7b20a1a0e4f69457e4e0c489bf961bc5a3d50da9bc17f04ff5d4e63e513ddc23282c40eed8f28676d5cf9084eaf378414d3742fb9b53858484ac0210f5ac3b9c5b72af5688eca9731b22e5b3401b04c14f7d26882c085ddb05c5edf25ca5f5d1789893491ad87544569dfb0c78d58c5abcfd8677549d58111ed4d4a760533ef6e360863c01be7d7bb4bf41d077fad4237dfc082a531de29add4b5e8f7a7115785e27ffdc4502c93b7250a2da854781912f1c4dbe0ac6acca98cb2fc83637e33547c2045508dd670b570f4f84cef4394073d04733a02d3afaaffc1321a85fa2148889106fc46a8ff653e86f4443b607fd04b2e7a1945e6a3f3f1384567fa2464d3ee1bbaa575fdad068724d553531592cdf0c079cc0d8ccd18cd85001b5ac42299f78dbed82ba81a1dfc429b9c8ddf8666d5a4e123c33e9f32c0329c153c2a37282623f1136cb0621c0c8b769547b91fc96cf3646b99c9f26bf6178cc6f3618634c56efea4f026b56a0f9afaa34c9cfc69d1682d67536dbf5f9a02d83a572ec9bfa27c7af590e6106f9631bb02ab15bde9a007a96c63da1360e4742f63b24c8d3de2b81c283cf22931d620ca66b47e088c12ceb178be0e6adf8407a6dce5c9ab355b97912aad62ba79445509c43d18153f89740c9517eb2ebfc07835b8c4e39f5815ca5a95f0fef499fb8853583e32761570906f1a70a8fed05a394ab4ad0c17d04aa9bc7e00649b0df9ae0b2631889ea6ae7d720904fe6ec6a63b8f9326a7925addbd49768e9971d6cb63db2bcc09ef53813f8d7c1c7033a6d4fa1d248febe94fc1a47332438ac43e67647604ea5a5b990213dedb2fa4f9d9b4c5df5c49c161d1d48602b3d5de4740773fb38527afbcc385a00abf24f42512b973800d810ecf7e2edf55bd90bada1c59a3508871db439d33d2362f2de92f5b30b84016c564db7514956f3836fa0cc68e3fa93114ff6084104b3bdcad19a3858fb64694c611959215465f5eff1353d3be34ce3334aa757b0ec20ddbff2f74a7c78fcb0ff82c864c47ed35287deea77ab3de80b566071b7e19986f8b7319acc84ee37ffa6995b859946d54c047035f24da87e19f2dc71f0895268a69e9cd0d27c0f6316fa565dc1bc6f4cd00df75b3dfba9e877ed6baafd05e50f84b4a3d447198fd7e6026ed5277e5873cd3241cd6722cc83f59840fbb347d3bbeb818e77eb577adcc71294f2d4ab4bcb954d8ddab80fd89183372dc8f51914d521040a3f714c5785b0d494a49b351437835683e112255540f0eed0775a423100318fb2fed9b4ef6b98db2a90469c125e6a3df90053ce6a64e88cfe52e476978010801286603de1a059d929b3326f30ef02b036384b220895a9230c27b66fa43aeb3ccbf73eed6976e2561fe6a17f888b89ec1109f0bd882917724b6162653f1599803914e8beee3413202f344fe3735c0ac7d9d4b82e9184a34797222ca2745e613ceb2e2e42b8164c769d8fc7aa0265138cba346527dc9ba6e87baa4668fd38ae5ec0d347457f0574c627513c59ab9e5e84a3ed740f9ec56bd939c03c20855a2ac7c23ed31ac767cec669ce006de3ababe1db3f4776483d3fdf9c7f5dcc727c5be5247a351bc8c1c3fda04366c0fdbc3e0aab17ac278a1a42717399dcaf2debf95a69ce5e51d73799ff9d6573649964247a3c06e5400c5faa3e80e42067d9f011547d969b901c603984a31b602cd6b2bd7e74968de4291a02d4c4f5eb8c6fdce152029763e25a097dba10040a9464f003e6ea6dbcc91261fe001a59c9eea2eb8e587f16bcfc3199957dcff2b2abcc22990930f58dccb981456316378544973116ec52123da3830ac10450e04381187a4e5262285a118fab49972de540b3dad015168404b0ee149d8b29b0e06ec53c4fc07d39488e852d8a6bd537df42c5d0a445902f607252379e7c0534bf697305d15e9b0dc47c7b88e16a9b485a4752d69a3a38c2adbb56d95f27862d6e2bbd19527a53306265eef430bf3fa89d595bd07270d1eee2213c0f701ca1569b083522fb2e4b27c0e11ad5cccfeafb50bd472074f5a2f2175e501cc3624f21658f7c337f3d9f2f25a66431af97574d982484f1f7b6c7bde5e2e569e9fea779602b0fb3e333654314bcb9235ae84e316a463b94a68fc6e5b422ac34bb4d289050e5dc3d0d198758d2d527511a1693c0b4794a2becb2ab8f91336f7d035a7f164896b633a9e15d14ad4436492c2ddd2c175ff7bc03a70a499115b3887201697dcf64c93f54cc361074b249173c0fd69b2355addad5cff98211f76cc940aa9b1977c2c611db6c2f64d79f13e6dad603375161ddd1670e49b93c073491d557f82b100459b7ea26f47d27d587e28047933073c728f5c7a13b3687a7d4f478f6d690e4e704ea3f0724cf52e1cff17b49467182cb8d8f4db2f079fadba882a49329a8fbcea0f2cc66c0e2498d968d5c930ebe8f3201f88f54620964316f36059d37aaa4692241300251df5a1d7cffac5b6231561f58fbbd3d9d33917693e0cd5a85a3a4deefafc920cbcddb042efbeee9ce0cc0c8cfdc4e51871df472f1878a9ec9af30e14ffce95b37421d756c898fe82f6501d5069314fbe3e4788fae4fb6e64de126abb4f7cffa8178066a382576822bb337ae07b4bdad4b4cdd60f3d2acb9cfd94dcf11c063df00ff0feeb0fe0eb3c0c29ecc69f738b7ce31928b222ea7df36e38ad27a581fc96072134d96dfdb6c75dd6bc3df39dd00ab093e15ea157dba08839f390368b634da83b51cc56f505e2eb5e3aac7a92fcf268541b5295e6d707e05db05c16eedd8c0b4f6766499ed4fdb83f05e953b3d05297e9d9066f5a4d2c06cea4c4b5472e294c47f43359ff54545d4f3f04994b211f143f0861ced1c5da20d498b32442a08555e14ac5c50b0a845d660fbff64a57c12d32c2b20e26e2e1b239c4cfc3f19ed80bcb458b4911ee1ec51d3b5e347b3a1091d2502ef467827518f901188e9c68a3f08a131b2f9380517a82762405b8786e0459aa29ee372af128ca913eb04de45061e2204b20df9307a844287fb0e831f6e92227f6bb4488dda196944f003d895dc7b75d8c45e4c850b4e33728e8dff1a130187d6c608e134da4542350323f603211fbb773d261554452bd94d13d938afc6fc7b21d61609fb67a678a9cc93154f240e24659c043460a7cf67b8d7386d3791fccc2b0839e1d56afb984a168f52218251442572f73d48033424133202f5be291c6c5447ae96cbe62acbf8ea78abd6d15435b087882662cf34c8d71a70071a825039cd2ef0f3ea51419501eebbdb665e5c60b2b87d756cec9a659e358b837bf6e4ee139eba3e568c80caf5f7134a1580632aa2029ba1ea68b7aee90d462753bdd07f35127053cda8bc771712198c4344bb49b9ae7dcd40abe34568e039666552fa91139c4cacb2efbb659284e459ba618c079ef8fbac67f2dbee6fd8150fcc8a54fb14188b349a6621f9f86a5e788092197bc00c4c8b0cf811f349f9b0d1314ffe80af49e9efe52d82fafb0d77b839aed6eb3c1fd4c9dacdf672e291055ae380c699468443e36b543291e200f701dda9a54a530ad39667b2d6bf6783e3800d3ab0773e3af0a135cba27d277be847d031de3931b3a7fcc581c9d583a20a47c26c23096f1ee50894689a3a9a360858c7cf78c6ae571c30df6e51903a3d1bb0f4e4fbecd7b85d4045c9c6d6a0e2a86e2830663813b3840f743b8081049ab9253b6970e9478f2ee943e7a242d13d274e8cb1d27ccb95d32899a419b8767bb7859f1660e66aac0cabe87448303197fa16e712175345b4bb2e9914b36148da489562d7968ef6d571130df782fd67599eaf4ed52b86ae1d50804c429d943a53e1d568d62cbc1aa37efbad899125ee5ec805e75f71f342bd432a5a69701ae5f9909716dbd15656e0686293e4273b62e6799b275f069f6d94d0d8eea997a52060001114df218c106bec1870bd051bb29b79e6a12ce637a4645044f661a4ef8100b4981edcbd000f47cd93547c0a639226c7596bd09098a5634355b063d05311d2933ffac48ba3ced848e1abcb06aba6b99f4d435629116fcef5a55379fdea08b3e8669744acba8fc25a5fe59f07896b8d3690068f9f3170dfa581a888b0795d514431c0dcfb9fabcc99bd79eb491b9722472dd3eb87239ee821798872d9d665bd2b761ddc003af20fe301bb19dfa9685c245e15d602389182775b7bb5967bfaad80f25d1f5460a92e611e3908b9b4a643d0252a141fe66a9870cf9790cf0a1617c52d58e1e0858f8f69f60a15cf02afda535af892d3605f428cd0557fc2971387f646157c5a1ab7e8d96b4f1093801f7ee880a33e5ae1885cf6e91092a04f05737cbb36afad95719e44457", 0x1000}}, 0x1006)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3, 0x0, 0x2}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x20000000000000e3, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000002c0)={r2, 0x20, &(0x7f0000000180)={&(0x7f0000001ec0)=""/4096, 0x1000, <r4=>0x0, &(0x7f0000002ec0)=""/4096, 0x1000}}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYRESHEX=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r5}, 0x10)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000900)=ANY=[@ANYBLOB="48000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006261746164760000040002800800", @ANYRES32], 0x48}}, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000140)={'veth1_to_bond\x00', <r7=>0x0})
setsockopt$packet_add_memb(r6, 0x107, 0x1, &(0x7f0000000100)={r7, 0x2, 0x6, @local}, 0x10)
setsockopt$packet_add_memb(r6, 0x107, 0x1, &(0x7f0000000000)={r7, 0x1, 0x6, @multicast}, 0x10)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r9, 0x8946, &(0x7f0000000c80)={'ipvlan1\x00', &(0x7f0000000b80)=@ethtool_drvinfo={0x3, "b6a5a4c554b540f610881ddfc60c7c10be18a8a16e1fd36b19b498d996d2e6b1", "a0f5b5b9a6563713536a30f274de5a7be62afd1c93714b68f85659a4f8be4ae1", "53d063674ff30e6064e9f63d13bc359f93623f64dd4b0df3d38ef244e5eb57c4", "a6bceb100f1bcc066a312d29063a1ef04adedf160f1ab07016c4f7465c955a61", "4143967e44cb0bf2bffe750097e64bdeb49558d0cdb6a6324cf75d622f2be2d7", "e48958e49ee4338d590974d4", 0x7fff, 0x9, 0x8a, 0x5}})
close_range(r8, 0xffffffffffffffff, 0x0)

1m25.561640613s ago: executing program 2 (id=1081):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00'}, 0x10)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000001440)={{{@in=@dev, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in6=@private0}, 0x0, @in6=@dev}}, &(0x7f0000000900)=0xe8)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000440)=<r1=>0x0)
mount$9p_virtio(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x8010, &(0x7f0000000540)=ANY=[@ANYBLOB="511e0685bd4caa70041d5f8efe2852506ce4ceedad3cdca37b636761933120629670069822f8dae52145119065435e31cb03e9cbb9641bf7664d18729582d9f9d7308f4acf8a81d8f6563741a2de1ecd1c82486983bf151f05aaa6c96c87fdefa137a4889be2f731e6493ed15f7830fc776b0347d700c693b017aae442c064dd3709372a90bd2be45d0af842d4a62d9f09e2c1f638942c96d3b8e415f4f3e0d1ac947cc6da477eb991b6e5e3cafc30e9e41f20e2dc1574588f8795f61f1b417dabc2bbbb9ca9623e83", @ANYRESHEX=r0, @ANYBLOB=',cachetag=.@,noextend,access=any,access=', @ANYRESDEC=r1, @ANYBLOB="2c736d61636b66736861743d6b66726565002c736d61636b6673726f6f743dfe2c00"])
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r4 = dup(r3)
ioctl$PTP_EXTTS_REQUEST2(r4, 0x43403d05, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000a00)={{0x1, 0x1, 0x18, <r5=>r2}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x11, 0x1e, &(0x7f0000001100)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@ldst={0x0, 0x3, 0x4, 0x3, 0xa, 0x100, 0x8}, @map_val={0x18, 0xb, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x9}, @map_fd={0x18, 0x7, 0x1, 0x0, r4}, @map_fd={0x18, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0x2}, @jmp={0x5, 0x1, 0x4, 0x1, 0x7, 0x20, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x6}, @cb_func={0x18, 0x1, 0x4, 0x0, 0x7}, @call={0x85, 0x0, 0x0, 0x9d}, @call={0x85, 0x0, 0x0, 0xca}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000500)='syzkaller\x00', 0x200, 0xaf, &(0x7f0000001200)=""/175, 0x41000, 0xc, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x8, &(0x7f00000006c0)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000780)={0x5, 0x8, 0x1, 0x4}, 0x10, 0x0, r4, 0x2, &(0x7f0000002380)=[0xffffffffffffffff, r4, 0xffffffffffffffff, 0xffffffffffffffff, r4, r4, r5], &(0x7f00000023c0)=[{0x5, 0x2, 0xd, 0x1}, {0x5, 0x4, 0xa, 0x9}], 0x10, 0x4, @void, @value}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f00000012c0)=ANY=[@ANYBLOB="93fb571f8ee8ae6ee6dd508dc069a20a58fc6a29a2013751b28487a4ad751c82ed9970a138b8351299140bd5fafe9e8a7ead3c249c0025bb2dc6e64699231c46c56c82dc79f6f363d7eca870f079eff432d6365c9147c478fb1f243cf750bacea7845ca2bba414a86bda5205dd2c4cc9fca8d9e5018c7d788b5dd5f39519a1420cfbff4f9037e44bb1801af1914115d9267dc7e1f2864718a61df49163754c6dc6a78fd2593c855cd37c057ea2a5ffc94dad4734d9de24"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='contention_end\x00', r6, 0x0, 0x4}, 0x18)
r7 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r7, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1008082, &(0x7f0000001080)={[{@barrier}, {@barrier_val={'barrier', 0x3d, 0x1}}, {@abort}, {@dax_never}, {@block_validity}, {@acl}, {@bh}, {@block_validity}]}, 0x0, 0x5ef, &(0x7f0000000a80)="$eJzs3c9vVNUeAPDvnU5LS3m0kJf3Hm8hTYyBRGlpAUOMC9ga0uCPuHFjpQWRAg2t0aIJJcGNiXFjjIkrF+J/oUS2rHTlwo0rQ0LUsDRxzJ25t3TaO20Z2hnkfj7JMPeeM5dzbqff3nPPnHMmgNIaSf+pROyLiLkkYihZWs6rRpY50njd/T8+PJM+kqjVXv0tiSRLy1+fZM+D2cH9EfHD90ns7Vlb7vzi1QtTs7MzV7L9sYWLc2Pzi1cPnb84dW7m3Myliecnjh87euz4+OG2zutaQdqpG++8N/Tx5Btff/lnMv7Nz5NJnIiXsheuPI+tMhIj9Z9JsjZr8PhWF9YlPdnvycq3OKkWvbK3c5Vi0/L3L313/htD0RMP3ryh+OjlrlYO2Fa1JKIGlFQi/qGk8nZAfm+/+j640pVWCdAJ9042OgDWxn+10TcY/fW+gZ33k1jZrZNERHs9c812RcSd25M3zt6evBHb1A8HFFu6HhH/K4r/pB7/w9Efw/X4rzTFf9ouOJ09p+mvtFn+6q5i8Q+d04j//nXjP1rE/5sr4v+tNssfebD59kBT/A+0e0oAAAAAAABQWrdORsRzRZ//V5bH/0TB+J/BiDixBeWPrNpf+/l/5e4WFAMUuHcy4sXC8b+VfPTvcE+29a/6eIDe5Oz52ZnDEbE7Ig5G7450f3ydMg59sveLVnkj2fi//JGWfycbC5jV4251R/Mx01MLU4963kDEvesR/y8c/5ssX/+Tgut/+vdgbpNl7H3m5ulWeRvHP7Bdal9FHCi8/j9YtSJZf32OsXp7YCxvFaz11Aefftuq/Hbjv3CJCeChpNf/nevH/3DSWK9nd329nvmHL+PIYrXWKq/d9n9f8lp9yZm+LO39qYWFK+MRfcmpnjS1KX3i4esMT6I8HvJ4SeP/4NPr9/8Vtf8HImJp1f+d/N48pzj3n78Gf2lVH+1/6J40/qc3d/1vrNfXxsbEzeHvWpW/uev/0fq1/mCWov8PGj7Pw7SvOb0gHKtFWZ2uLwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CSoRsSuSyujydqUyOhoxGBH/jp2V2cvzC8+evfzupek0r/79/5X8m36HGvtJ/v3/wyv2J1btH4mIPRHxWc9AfX/0zOXZ6W6fPAAAAAAAAAAAAAAAAAAAADwmBlvM/0/92tPt2gHbrtp4Wup2PYDOq65N+rEb9QA6ryD+gZIQ/1Be4h/KS/xDeYl/KC/xD+Ul/qG8xD8AAAAAADxR9uy/9VMSEUsvDNQfqb4sr7erNQO2W6XbFQC6xhI/UF6G/kB5uccHkg3y+1setNGR65k78wgHAwAAAAAAAAAAAEDpHNhn/j+Ulfn/UF7m/0N55fP/93e5HkDnuccHYoOZ/IXz/zc8CgAAAAAAAAAAAADYSvOLVy9Mzc7OXLHx+uNRjU5u1Gq1a+lvweNSn3/YxsCqlHwofNcrVryRz/Xb3FHd+5sEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0+zsAAP//6hEkfQ==")
r8 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
socket$igmp6(0xa, 0x3, 0x2)
preadv(r8, &(0x7f0000000380)=[{&(0x7f0000000280)=""/240, 0xf0}], 0x1, 0x33, 0x2)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f00000004c0)={'wpan0\x00'})
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000480), r9)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r10, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000006000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000, @void, @value}, 0x94)

1m25.437906055s ago: executing program 2 (id=1085):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'erspan0\x00', <r1=>0x0, 0x10, 0x7, 0x4, 0x5, {{0xf, 0x4, 0x0, 0x3f, 0x3c, 0x65, 0x0, 0xa, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@end, @ssrr={0x89, 0xb, 0xd4, [@empty, @private=0xa010102]}, @timestamp_prespec={0x44, 0x1c, 0x9e, 0x3, 0x4, [{@broadcast, 0x6}, {@remote, 0xa6}, {@empty, 0x7fffffff}]}]}}}}})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3303}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}, @IFLA_MASTER={0x8, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40011}, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000100)='status\x00')
preadv(r5, &(0x7f0000000340)=[{&(0x7f0000000180)=""/112, 0x70}], 0x1, 0x0, 0x0)
r6 = syz_io_uring_setup(0x2349, &(0x7f00000003c0)={0x0, 0xf783, 0x80, 0x3, 0x360}, &(0x7f0000000300)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r6, 0x47f9, 0x0, 0x0, 0x0, 0x0)
pause()
setsockopt$sock_attach_bpf(r3, 0x1, 0x4c, &(0x7f0000000000), 0x4)
sendmsg$inet(r2, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r3, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@rights={{0x14, 0x1, 0x1, [<r9=>0xffffffffffffffff]}}], 0x18}, 0x0)
ioctl$SIOCSIFHWADDR(r9, 0xff08, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {r0}}, '.\x00'})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYRES8=r1], 0x50)
fcntl$notify(r2, 0x402, 0x0)
creat(&(0x7f0000000080)='./file0\x00', 0x20)
socket(0x10, 0x3, 0x9)
openat$rdma_cm(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
creat(&(0x7f0000000280)='./file0\x00', 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

1m10.278646565s ago: executing program 32 (id=1085):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'erspan0\x00', <r1=>0x0, 0x10, 0x7, 0x4, 0x5, {{0xf, 0x4, 0x0, 0x3f, 0x3c, 0x65, 0x0, 0xa, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@end, @ssrr={0x89, 0xb, 0xd4, [@empty, @private=0xa010102]}, @timestamp_prespec={0x44, 0x1c, 0x9e, 0x3, 0x4, [{@broadcast, 0x6}, {@remote, 0xa6}, {@empty, 0x7fffffff}]}]}}}}})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3303}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}, @IFLA_MASTER={0x8, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40011}, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000100)='status\x00')
preadv(r5, &(0x7f0000000340)=[{&(0x7f0000000180)=""/112, 0x70}], 0x1, 0x0, 0x0)
r6 = syz_io_uring_setup(0x2349, &(0x7f00000003c0)={0x0, 0xf783, 0x80, 0x3, 0x360}, &(0x7f0000000300)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r6, 0x47f9, 0x0, 0x0, 0x0, 0x0)
pause()
setsockopt$sock_attach_bpf(r3, 0x1, 0x4c, &(0x7f0000000000), 0x4)
sendmsg$inet(r2, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r3, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@rights={{0x14, 0x1, 0x1, [<r9=>0xffffffffffffffff]}}], 0x18}, 0x0)
ioctl$SIOCSIFHWADDR(r9, 0xff08, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {r0}}, '.\x00'})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYRES8=r1], 0x50)
fcntl$notify(r2, 0x402, 0x0)
creat(&(0x7f0000000080)='./file0\x00', 0x20)
socket(0x10, 0x3, 0x9)
openat$rdma_cm(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
creat(&(0x7f0000000280)='./file0\x00', 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

50.887138109s ago: executing program 4 (id=1547):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x61980, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000200)='kfree\x00', r0, 0x0, 0x80}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000002000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a31000000002c0003800800014000000000180003801400010076657468315f746f5f626f6e6400000008000240000000006c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000004000038008000140000000002c0003801400010067656e657665300000000000000000001400010076657468315f746f5f626f6e64000000080002"], 0x10c}}, 0x0)

50.846484259s ago: executing program 4 (id=1548):
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x105042, 0x189)

50.845949629s ago: executing program 4 (id=1549):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="c0020000100063d10000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa0000000000000000000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0], 0x2c0}, 0x1, 0x0, 0x0, 0x40000}, 0x4004)

50.81526667s ago: executing program 4 (id=1550):
r0 = syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0xc14002, &(0x7f0000000300)=ANY=[], 0x0, 0x729, &(0x7f0000001340)="$eJzs3V1v3FgZB/D/mZnMTLLQjQBVq6rbnKaslIoy9Uy2qUYBCeM5MzHMjEe2A4mEtCo0WUWddKEtEp2bNje8SMsHgLu94YILPsJKXHC13wKuQFqBkBArEDLysT2v9qRD0u6W/n/V7njsx+ccH7t+6sQ+BhEREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREUFYDcOoCrTt7u6ezGY1XKeTfMljZnlU2hKuRxPX59W5FNYLiPA/lMt4I5r9xpdGIRfD/63jcvTtMsrhRxmD1y6ubn+xkEvWn9Pg/wUWLfDh48G9O/3+wYNniM1DFy+wcC2fCuSeIailurbn2B2zpaTtObK+tWXc3Gl6smm3lbfv+aojLVflfMeVG9Z1Wa3XN6Wq7Du73VbDbKtk5u2v1gxjS36rFO1oABXP2rHbbbvb0jHh4jDmtnz/e1GAMjtSHh71DzbH2vMkrXPDoGpK43PjwWFQ7bTNrRm1WrVaq1W3btVv3TaMwswMIySMIcxEnPtBSy+Z8z2BE51Bzmr82/ijANooo4td7EGm/rHQgAsHnYzlsST/v3VTza13PP8nWX5ptPgSdP6/En27EqaFQkr+z2iLhNR5JG2JyJi/2J8lnagkHuIxBriHO+ijjwM8OIeyJeTamUsoGnFPnr01mFNSCwpd2PDgwEYHJlr4PGQ8R6KOLWzBwDvYQRMeJJqw0YaCh3148KHCI6oYlq9gwocDFxIbsHAdElXUUcfrkFCoYB8OdtFFCw2Y+GcQBIc40v2+GbfnaUpbkQRVMzawhEKyjQeozemJrPz//SfR2nH+N5j/X1XRcVCKPj6aF0P0GRDE1/8LWns+rSEiIiIiIiKi50Hon74L/Vv5NwEEaNptZYwtz/S73ItpIhERERERERGdkUBQwuXwMl/fffcmxOT1PxERERERERG9/IR+xk4AWNE39YvR41LP8kOA/AtoIhERERERERGdkb6//0oRCPSgFWsQC13/ExEREREREdFL4OdjY+wX8vEY+0Hya/0cgLU/lcSHfy3BXRInvb0vi2MzXGIexzEzdwD4zUviQjxQr/4oAtDfLHVZxLVJ4B/jowt8fJg+1v/TICKEcKcaUMxnDE8w3gAR1rxViL/hfVyNVrkajzN/d5CDXhKNKLzStNuqYjnt7SpM80LOV3v+j+8f/QRwh9t5eNQ/qPzgvf5d3ZaTcNbJcVjok4nm5NI7Y9SWR3q8Bf3MRdrbDZbRTKr8RbezInS9RrL9eZjHufGKMnfAr1a3t5aBaCt/ivVon60HUezKYDjivgDW9OAP1YreZRNb7y6JUSuq01uetiMytrysW3Etirm2cS36SPokLCcnyl/JA7XK7D6YaEVtvBWn94X421T/z28FRDnsi82wFb8PC5pqxXc/jFbe7O3Fo73Ob0XwejQ5fRQQEX1aDkdZSA9iPjPGfpIekpPas+adi6soAPFZLiO7j2oJ4vyRZPdHvw6iDJUHCvHvJtJrSfIKwjP6htDlFKMB3QuXUs7oRuWTIAjMC2WMn9H/EwTJBhkLZLeTIAimz+i/Hb0DKW72TCv+FQTBdlVnkl9OZdUPwhU+yKzXa9fyKKOER8c/1APgh949ePfgfq22uWW8bRi3aljS/1SIP/LI/BcIERG9uibfsZP2jj0dkZsTId7G1aiMq3f/8lY0NZHxvhDfUqDdBPp6qIH4FQJr6aWu4BBf/3t0G8KN6KoVWF+JPlcG8uLqdnhVO4w9EgX9hpcbmVd1OpdGsfr2htowNnnv0PQV4Ch28/nuBCIiohdsPSMPAxP5H5P5vzyR/29gI4rYuJR63b0ydkvhjeTqeHhJP3jtJDW2enrjv3HOnUFERPSKUO7HYsX/mXBdu/dOtV6vmv6Okq5jfVu6dqOlpN31lWvtmN2Wkj3X8R3Lacuei5K9rDzp7fZ6juvLpuPKnuPZe/rN7zJ+9bunOmbXty2v11amp6TldH3T8mXD9izZ2/1m2/Z2lKtX9nrKspu2Zfq205Wes+taqiKlp9RYoN1QXd9u2uFkV/Zcu2O6+/I7Tnu3o2RDeZZr93wnKjCpy+42Hbeji60gWPhFh0RERP+PHj4e3LvT7x88mJ5YDi/NozknyIiZnSimFJgHAo4TRERE9BkyStcLrFR+jg0iIiIiIiIiIiIiIiIiIiIiIiIiIiIiIqIZpz/St+DEUtrDgsBwzo8uxHPwFKNHDGfKEThrez5x/6AH9kuLKQKYt3pu0UqTRyIG9z6aE7w8nJN0/3jMySKVYhWYH/Ne9qI/fw54Tc9BNKdwjgfA7POj536MpU187TDq0awYvTB1UWm4Lwrn/9chnLj/m9lFIuz5IAiC+auXJvuwOGcDpyYKAB4U5+yC5VOOn9POHDPjfxPRS+a/AQAA//+63zmW")
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000001700)='./control\x00', 0x80002, &(0x7f00000016c0)=ANY=[@ANYRES16=r1, @ANYRES64, @ANYRESOCT=r1], 0xfd, 0x28a, &(0x7f0000001c40)="$eJzs3U9r03AYwPHH7l/XsbUHERTFB73oJWz1FRTZQCwocxX1IGQu1dDYjCROKuJ28+rrGB69Ceob2MWbd/EyBMGDO4iRJY1ra2FV1qVbvx8Y+SW/PMmz/ClPAv11+86rx7Wqb1TNQDJZlYzIhuyIFHZbTSea00zUHpdWG3J56vunc7fu3rteKpfnF1UXSktXiqo6c/7d0+evL3wIpm6/mXk7IVuF+9vfip+3Tm2d3v61lGzdDdTUZdcNzGXH0hXbrxmqNx3L9C21677ltfVXHXd1taFmfWU6t+pZvq9mvaE1q6GBq4HXUPOhadfVMAydzsmwGWmbm+whorK5uGiW+pYQDlvXk+55JXP32pg8+6Ojp7J5OGkBAIBBklb9/8j21fa1vl/9nxHq//6h/j9exrsu3a3/c837tx31PwAAAAAAAAAAAAAAAAAAAAAAR8FOGObDMMwn0+RvQkSyIhLPj6SdJvqkt/Mf5tPOE/3R8sW9rIjzcq2yVomncX+pKrY4YsnsmMjP6HpoitsL18rzsxopyHtnvRm/vlYZkYkkPlHoHj8Xx2t7/JjkWvdflLyc7B5f7Bo/LpcutsQbkpePD8QVR1ai63ov/sWc6tUb5Y74yWg9AAAAAACOA0P/+Ov5Peo3NBk2pKM/Xrj3fkDy+7wf6Hi+HpUzo+n93wAAAAAADBO/8axmOo7l0fi3Rm+HLisDkOpRbWREJKW9fxWRgTgIowe6wS9P4ru+l5XT/mQCAAAAcND2iv60MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYHj1OnhYsv7/jD3Wsjt+SBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABD7XcAAAD//6R3IAk=")
ptrace$setregs(0xd, r1, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
ptrace$getregset(0x4205, r1, 0x2, &(0x7f0000000080)={&(0x7f0000000000)=""/120, 0x78})
ptrace$getregset(0x4204, r1, 0x2, &(0x7f0000000740)={0x0})
getpriority(0x1, r1)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
futimesat(r0, &(0x7f0000000000)='./file1\x00', 0x0)

50.724563301s ago: executing program 4 (id=1553):
socket$nl_route(0x10, 0x3, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8002, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000300), 0x2d83, 0x0)
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001100)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000b800000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f00000002c0)='kmem_cache_free\x00', r0}, 0x18)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000020000008500000086000000181100", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000240), &(0x7f00000003c0)=r1}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r6, r3, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x1c)
syz_emit_ethernet(0xe, &(0x7f0000001980)={@remote, @empty, @void, {@generic={0x8884}}}, 0x0)

50.064441221s ago: executing program 4 (id=1572):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001fc0)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x101}, 0x18)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@access_uid}]}})

49.895356404s ago: executing program 33 (id=1572):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001fc0)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x101}, 0x18)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@access_uid}]}})

3.042233034s ago: executing program 0 (id=2255):
socket$nl_route(0x10, 0x3, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8002, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000300), 0x2d83, 0x0)
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001100)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000b800000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b7040000000000008500000033"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000240), &(0x7f00000003c0)=r0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r5, r2, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x1c)
syz_emit_ethernet(0xe, &(0x7f0000001980)={@remote, @empty, @void, {@generic={0x8884}}}, 0x0)

3.036003584s ago: executing program 0 (id=2257):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rt_sigaction(0x19, 0x0, 0x0, 0x8, &(0x7f0000000440))
r1 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r1, 0x0, 0x400000000000000, 0x2)

2.966939925s ago: executing program 0 (id=2259):
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000001cc0)=@raw={'raw\x00', 0x2, 0x3, 0x2b0, 0xf0, 0x0, 0xf0, 0x0, 0xf0, 0x218, 0x1f8, 0x1f8, 0x218, 0x1f8, 0x3, 0x0, {[{{@uncond, 0xb000000, 0xd0, 0xf0, 0x0, {}, [@common=@inet=@socket2={{0x28}, 0x2}, @common=@unspec=@quota={{0x38}}]}, @unspec=@NOTRACK={0x20}}, {{@ip={@rand_addr=0x64010102, @multicast1, 0xffffffff, 0xff, 'ip6tnl0\x00', 'batadv_slave_1\x00', {0xff}, {0xff}, 0x1, 0x3}, 0x0, 0xc0, 0x128, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00', 0x0, 0xd, 0x1, 0x2}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0xfffffffe, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x310)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vxcan0\x00'})
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)=@generic={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='mm_page_free\x00', r2, 0x0, 0xfffffffff7fffffc}, 0xc)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x169000, 0x3)
openat2(r3, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)={0x400000, 0x30, 0x14}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="18020000fcffffff00000000000000008500000041000000850000007d00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r5, 0x890b, &(0x7f0000000400)={0x0, {0x2, 0x4e23, @multicast1}, {0x2, 0x4e21, @rand_addr=0x64010102}, {0x2, 0x4e23, @loopback}, 0x220, 0x0, 0x0, 0x0, 0xa, 0x0, 0xf81f, 0x200, 0x8})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r6 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x902)
writev(r6, &(0x7f0000000000)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1)
read(r6, &(0x7f0000001400)=""/4074, 0x24)

2.597775461s ago: executing program 0 (id=2261):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}, 0xc104}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0xb76e}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000340)='mmap_lock_acquire_returned\x00', r2}, 0x18)
process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

2.463653453s ago: executing program 0 (id=2262):
r0 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r0, 0x29, 0x16, &(0x7f00000001c0)=0x7f, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
inotify_init()

2.406287233s ago: executing program 0 (id=2264):
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000"], &(0x7f00000001c0)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0xd, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r0, 0x0, 0x80001}, 0x18)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r2, 0x0, r1, 0x0, 0x6, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000100)=0x3ff)
fcntl$setstatus(r1, 0x4, 0x7c00)
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x6, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xb, 0x400}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0x20000261, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r5}, 0x10)
dup3(r2, r1, 0x80000)

2.315111014s ago: executing program 5 (id=2265):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_XFRM_DIR={0x5, 0x3, 0x1}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x3}]}}}]}]}], {0x14}}, 0xd4}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

1.192371112s ago: executing program 5 (id=2267):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)=0x3)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000080)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r1, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
ioctl$PPPIOCSPASS(r0, 0x40107447, 0x0)

1.097373023s ago: executing program 6 (id=2270):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}, 0xc104}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0xb76e}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000340)='mmap_lock_acquire_returned\x00', r2}, 0x18)
r3 = gettid()
process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1000000201005)

1.046664444s ago: executing program 5 (id=2271):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}, 0xc104}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0xb76e}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000340)='mmap_lock_acquire_returned\x00', r1}, 0x18)
r2 = gettid()
process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

1.046232004s ago: executing program 3 (id=2272):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}, 0xc104}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0xb76e}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = gettid()
process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

761.573848ms ago: executing program 5 (id=2276):
socket$unix(0x1, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
arch_prctl$ARCH_ENABLE_TAGGED_ADDR(0x4002, 0x3)
socket$packet(0x11, 0x3, 0x300)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x80)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x100000b, 0x13, r1, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b)

721.672979ms ago: executing program 1 (id=2277):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c00"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = syz_io_uring_setup(0x2, &(0x7f0000000380)={0x0, 0xe456, 0x400, 0x0, 0xfffffffd}, &(0x7f0000000000), &(0x7f0000001880))
io_uring_register$IORING_REGISTER_PROBE(r2, 0x8, &(0x7f00000005c0), 0x0)

667.834089ms ago: executing program 1 (id=2278):
socket$packet(0x11, 0x2, 0x300)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./bus\x00', 0x0, &(0x7f0000000140), 0xfd, 0x4fa, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x103042, 0x17e)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x6, [@typedef={0x4, 0x0, 0x0, 0x7}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x0, 0x8}, @union={0x0, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x0, 0x2}]}]}, {0x0, [0x0, 0x0, 0x0, 0xda]}}, &(0x7f0000000340)=""/142, 0x52, 0x35b, 0x1, 0x0, 0x0, @void, @value}, 0x20)
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./bus\x00', 0x420100, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x3)
r3 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
ppoll(&(0x7f0000000100)=[{r3, 0x180}], 0x1, 0x0, &(0x7f0000000180), 0x8)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000240)={0x3920e, r1, 0x18, 0x8, 0x3})
syz_emit_ethernet(0x5a, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6008120000242b0000000000000000000000ffffac1414bbfe8000000000000000000000000000aa3a020201"], 0x0)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_START(r4, 0x54a0)
readv(r4, &(0x7f0000000200)=[{&(0x7f0000003140)=""/4096, 0x8}], 0xe)

618.31985ms ago: executing program 3 (id=2279):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c00"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = syz_io_uring_setup(0x2, &(0x7f0000000380)={0x0, 0xe456, 0x400, 0x0, 0xfffffffd}, &(0x7f0000000000), &(0x7f0000001880))
io_uring_register$IORING_REGISTER_PROBE(r2, 0x8, &(0x7f00000005c0), 0x0)

543.531862ms ago: executing program 3 (id=2280):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b000000050097c90fb0e200", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x13, &(0x7f0000000680)=ANY=[@ANYRESHEX=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x4, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r5}, 0x10)
setresgid(0x0, 0x0, 0x0)
waitid(0x0, r4, 0x0, 0x4, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r3, 0xe0, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000400)=[0x0], &(0x7f0000000300), <r7=>0x0, 0xdd, &(0x7f0000000440)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000500), &(0x7f00000004c0), 0x8, 0xdb, 0x8, 0x8, &(0x7f0000000300)}}, 0x10)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES16=0x0], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
r10 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r10, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000005304"], 0x14}, 0x1, 0x0, 0x0, 0x24000841}, 0x4008840)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r11}, 0x18)
r12 = openat(0xffffffffffffff9c, 0x0, 0x400, 0x0)
mkdirat(r12, &(0x7f0000000180)='./bus\x00', 0x0)
renameat2(r12, &(0x7f0000000380)='./file0\x00', r12, 0x0, 0x0)
r13 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r12, <r14=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f0000000640)=r13}, 0x20)
syz_emit_ethernet(0x6e, &(0x7f0000000240)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd60f4adf700382c00fe800000000000000000000000000000ff0200000000000000000000002e0404020228b500fe800000009c4d5834b16a1e314ef68ca800000000000000000000aafc00"/100], 0x0)
r15 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r15, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001c40)={0x9, 0xe, &(0x7f0000001d00)=ANY=[@ANYBLOB="180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000002000000850000000600000018120000", @ANYRES32=r14, @ANYBLOB="0000000000000000b7030000c5060000850000000c000000b70000000a0000cd8c5bf7d1bcd79300a0305c030dad5783ebbc2a7a39e0a2916133ab91cbaa27bb9b42f8d7b73b482f864602c6bc48e401b7798a50257ae1c8b3bffc68712200b58a05a6a21c85c3399cd5d0b195132c49de9d12d77e4ae3dc85e8148addd19140504405e7b96f5eb00e7a7eddd2a5d7f258fc74bf580da907247bc6e271e763daab9df17ebe8095e39dd1a6b70951f21428ae0b34a3004737ba7c353138ec53274a1c67110dc486c0b501b6ab6359b1f3a509ba1760eb41a6e3ec2699b6ddc48cc8494407d5abdc9b1e6240c832b3dff6ae337bcaf58d35d5475f6c845b5c42d32483713994498bc362d6679f2dfa9164b33b87fda266bdbf75b9beb9c2989ce3b6bbb829d3"], &(0x7f00000009c0)='GPL\x00', 0xffffff81, 0x1000, &(0x7f0000001e80)=""/4096, 0x41100, 0x0, '\x00', r6, @fallback=0x18, r12, 0x8, &(0x7f0000001c00)={0xa, 0x1}, 0x8, 0x10, &(0x7f00000003c0)={0x2, 0x2, 0x400, 0x1}, 0x10, r7, 0xffffffffffffffff, 0x2, &(0x7f0000000a80)=[r1, r0, r12, r0, r2, r15], &(0x7f0000000ac0)=[{0x5, 0x3, 0x14, 0x7}, {0x1, 0x2, 0x5, 0x9}], 0x10, 0x2, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r16 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000480)=ANY=[@ANYRES32=r8], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x2, r12, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r16}, 0x10)

531.989122ms ago: executing program 6 (id=2281):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}, 0xc104}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0xb76e}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000340)='mmap_lock_acquire_returned\x00', r2}, 0x18)
process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

416.266483ms ago: executing program 6 (id=2282):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c000000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = syz_io_uring_setup(0x2, &(0x7f0000000380)={0x0, 0xe456, 0x400, 0x0, 0xfffffffd}, &(0x7f0000000000), &(0x7f0000001880))
io_uring_register$IORING_REGISTER_PROBE(r2, 0x8, &(0x7f00000005c0), 0x0)

374.719304ms ago: executing program 6 (id=2283):
socket$unix(0x1, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
arch_prctl$ARCH_ENABLE_TAGGED_ADDR(0x4002, 0x3)
socket$packet(0x11, 0x3, 0x300)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x80)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x100000b, 0x13, r1, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b)

338.531475ms ago: executing program 3 (id=2284):
r0 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r0, 0x29, 0x16, &(0x7f00000001c0)=0x7f, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
inotify_init()

333.314935ms ago: executing program 5 (id=2285):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
io_uring_register$IORING_UNREGISTER_NAPI(0xffffffffffffffff, 0x1c, 0x0, 0x1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
fspick(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0)

291.010255ms ago: executing program 3 (id=2286):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}, 0xc104}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0xb76e}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000340)='mmap_lock_acquire_returned\x00', r1}, 0x18)
r2 = gettid()
process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

189.301437ms ago: executing program 1 (id=2287):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x5, r0}, 0x38)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x4000, 0x0)
write$UHID_INPUT(r1, &(0x7f0000000cc0)={0x8, {"149e3c109992a9fcef1508979a736b0e089f456a99d2bd0346681dca63783b9472a67247f9c9860456aadd51a65b4cef6068a5ecfe9f11ffb8753e2d266fbd0b10bc4f882fcae0a2e904d46c51568164b78b3300538f08423d65c0c7c38225a6b1b45b39c351ae9eec03aba6e680851731e3d86c71508bf00f08b1994e64df52deb837b39a6b456a5f537dc3014f466f2d450c4e1cbb6c794c4f8d1b452cb0cc6e65a5a9b0c771c010e46f4b1fb53929a5cd0787621dc47931a4d9d9909378ca349632aa8ef22f665560317de58e95779a49e64ec10c01b684a6a63e4a252a7711637790e47a6a066c5aed4a97e8c711f00fd0f325f8a16ef40ee50528cf3cdc086667df6fd6035acc18bf4a834bfd316dd8a79f7eab838fab7df5bf1b6b15d448ca832270e0c4071c28e49da81ee7d95139cf06d7bbb125d29e6da5cc5e86cf75bd8138534ee9bd857a8e108ca7a4e1471e36deef607009abaf5047b4a4f19d00f63cb9b53e1fb72cab320af0d7276a516ec4c62fb76236db6a6c37834e4cd5f513303f424955f973d216f41543263783369bf6fdfa67692924954397992dc005a777199b60e5b7540eebf4a5ac24eeb2b5b6aef573637a380c13a93dac0fd29ccced0b84b52d31c497edc2f47286a5330bc56aa24717d8bea964e046ef1056b7d8b5e0a0409254a6a67b0b5a882a93e3e5f0a988369cbd1ecf7c86b45b9ea0afadae6c35b89ffc2fc92e98105df4a513ff3eecca4383fb7419dbbc72b1b2cb976e15ea33d7678bd4bb72182055cf3937ac90b8b0413a7261821e66e58ad747f7c68f9e69c603de6ac13588112dffdb59988485c0b3c03c626c78d6ec1f1bb97f842fd070995c601fb446eabb20b3fa3d4660d68c7241651f497696832c6b9910c3b6bd90b5bcb8e0b8bb1292cf3ead3d9a002ede53480e6eb1ff3c63d24e37f4d2bfcac0dd9c506dfd90e79a18fde54c39a7cba9a3a2221d15d6ae77cb53d5a30dee7affa311507de4b3fa2ac3c340b574385e5c10a63c3975303b27d4c5645d6bbf60d5e7b1772b3c6d652f8d5e3e9bc326d29c0cb9dea433c1c0380b5599f9898fa170faf6aca18e1b9c3bed85436db7341089f931d0a108a2bf2c8828283b46aaccdffaaad95ba596c14b08284c147ebdd7f7358deb317bfabd3e4bcce19caf3d75331b48a6cc4ecdb54fad9bc857c7b9b5960b34f7ec4fc65e574e0a0741c078f45bc40e8c5521b6fc21ea5088912623ad7bf42808dd14736255d0f5fbc4c069d0b7517a5e8e04e71fb46a05bcd3e0ca8d7941db8e574e5e8871189fb36bbed3537dc710cd89fdc28be408b396552ab0af2b31e748ffbd44458b8cb6fedb89f35d09c85acfce501fc6869e35a44467d41d3162d9edbaea1b37497698b853e6b37aa7b20a1a0e4f69457e4e0c489bf961bc5a3d50da9bc17f04ff5d4e63e513ddc23282c40eed8f28676d5cf9084eaf378414d3742fb9b53858484ac0210f5ac3b9c5b72af5688eca9731b22e5b3401b04c14f7d26882c085ddb05c5edf25ca5f5d1789893491ad87544569dfb0c78d58c5abcfd8677549d58111ed4d4a760533ef6e360863c01be7d7bb4bf41d077fad4237dfc082a531de29add4b5e8f7a7115785e27ffdc4502c93b7250a2da854781912f1c4dbe0ac6acca98cb2fc83637e33547c2045508dd670b570f4f84cef4394073d04733a02d3afaaffc1321a85fa2148889106fc46a8ff653e86f4443b607fd04b2e7a1945e6a3f3f1384567fa2464d3ee1bbaa575fdad068724d553531592cdf0c079cc0d8ccd18cd85001b5ac42299f78dbed82ba81a1dfc429b9c8ddf8666d5a4e123c33e9f32c0329c153c2a37282623f1136cb0621c0c8b769547b91fc96cf3646b99c9f26bf6178cc6f3618634c56efea4f026b56a0f9afaa34c9cfc69d1682d67536dbf5f9a02d83a572ec9bfa27c7af590e6106f9631bb02ab15bde9a007a96c63da1360e4742f63b24c8d3de2b81c283cf22931d620ca66b47e088c12ceb178be0e6adf8407a6dce5c9ab355b97912aad62ba79445509c43d18153f89740c9517eb2ebfc07835b8c4e39f5815ca5a95f0fef499fb8853583e32761570906f1a70a8fed05a394ab4ad0c17d04aa9bc7e00649b0df9ae0b2631889ea6ae7d720904fe6ec6a63b8f9326a7925addbd49768e9971d6cb63db2bcc09ef53813f8d7c1c7033a6d4fa1d248febe94fc1a47332438ac43e67647604ea5a5b990213dedb2fa4f9d9b4c5df5c49c161d1d48602b3d5de4740773fb38527afbcc385a00abf24f42512b973800d810ecf7e2edf55bd90bada1c59a3508871db439d33d2362f2de92f5b30b84016c564db7514956f3836fa0cc68e3fa93114ff6084104b3bdcad19a3858fb64694c611959215465f5eff1353d3be34ce3334aa757b0ec20ddbff2f74a7c78fcb0ff82c864c47ed35287deea77ab3de80b566071b7e19986f8b7319acc84ee37ffa6995b859946d54c047035f24da87e19f2dc71f0895268a69e9cd0d27c0f6316fa565dc1bc6f4cd00df75b3dfba9e877ed6baafd05e50f84b4a3d447198fd7e6026ed5277e5873cd3241cd6722cc83f59840fbb347d3bbeb818e77eb577adcc71294f2d4ab4bcb954d8ddab80fd89183372dc8f51914d521040a3f714c5785b0d494a49b351437835683e112255540f0eed0775a423100318fb2fed9b4ef6b98db2a90469c125e6a3df90053ce6a64e88cfe52e476978010801286603de1a059d929b3326f30ef02b036384b220895a9230c27b66fa43aeb3ccbf73eed6976e2561fe6a17f888b89ec1109f0bd882917724b6162653f1599803914e8beee3413202f344fe3735c0ac7d9d4b82e9184a34797222ca2745e613ceb2e2e42b8164c769d8fc7aa0265138cba346527dc9ba6e87baa4668fd38ae5ec0d347457f0574c627513c59ab9e5e84a3ed740f9ec56bd939c03c20855a2ac7c23ed31ac767cec669ce006de3ababe1db3f4776483d3fdf9c7f5dcc727c5be5247a351bc8c1c3fda04366c0fdbc3e0aab17ac278a1a42717399dcaf2debf95a69ce5e51d73799ff9d6573649964247a3c06e5400c5faa3e80e42067d9f011547d969b901c603984a31b602cd6b2bd7e74968de4291a02d4c4f5eb8c6fdce152029763e25a097dba10040a9464f003e6ea6dbcc91261fe001a59c9eea2eb8e587f16bcfc3199957dcff2b2abcc22990930f58dccb981456316378544973116ec52123da3830ac10450e04381187a4e5262285a118fab49972de540b3dad015168404b0ee149d8b29b0e06ec53c4fc07d39488e852d8a6bd537df42c5d0a445902f607252379e7c0534bf697305d15e9b0dc47c7b88e16a9b485a4752d69a3a38c2adbb56d95f27862d6e2bbd19527a53306265eef430bf3fa89d595bd07270d1eee2213c0f701ca1569b083522fb2e4b27c0e11ad5cccfeafb50bd472074f5a2f2175e501cc3624f21658f7c337f3d9f2f25a66431af97574d982484f1f7b6c7bde5e2e569e9fea779602b0fb3e333654314bcb9235ae84e316a463b94a68fc6e5b422ac34bb4d289050e5dc3d0d198758d2d527511a1693c0b4794a2becb2ab8f91336f7d035a7f164896b633a9e15d14ad4436492c2ddd2c175ff7bc03a70a499115b3887201697dcf64c93f54cc361074b249173c0fd69b2355addad5cff98211f76cc940aa9b1977c2c611db6c2f64d79f13e6dad603375161ddd1670e49b93c073491d557f82b100459b7ea26f47d27d587e28047933073c728f5c7a13b3687a7d4f478f6d690e4e704ea3f0724cf52e1cff17b49467182cb8d8f4db2f079fadba882a49329a8fbcea0f2cc66c0e2498d968d5c930ebe8f3201f88f54620964316f36059d37aaa4692241300251df5a1d7cffac5b6231561f58fbbd3d9d33917693e0cd5a85a3a4deefafc920cbcddb042efbeee9ce0cc0c8cfdc4e51871df472f1878a9ec9af30e14ffce95b37421d756c898fe82f6501d5069314fbe3e4788fae4fb6e64de126abb4f7cffa8178066a382576822bb337ae07b4bdad4b4cdd60f3d2acb9cfd94dcf11c063df00ff0feeb0fe0eb3c0c29ecc69f738b7ce31928b222ea7df36e38ad27a581fc96072134d96dfdb6c75dd6bc3df39dd00ab093e15ea157dba08839f390368b634da83b51cc56f505e2eb5e3aac7a92fcf268541b5295e6d707e05db05c16eedd8c0b4f6766499ed4fdb83f05e953b3d05297e9d9066f5a4d2c06cea4c4b5472e294c47f43359ff54545d4f3f04994b211f143f0861ced1c5da20d498b32442a08555e14ac5c50b0a845d660fbff64a57c12d32c2b20e26e2e1b239c4cfc3f19ed80bcb458b4911ee1ec51d3b5e347b3a1091d2502ef467827518f901188e9c68a3f08a131b2f9380517a82762405b8786e0459aa29ee372af128ca913eb04de45061e2204b20df9307a844287fb0e831f6e92227f6bb4488dda196944f003d895dc7b75d8c45e4c850b4e33728e8dff1a130187d6c608e134da4542350323f603211fbb773d261554452bd94d13d938afc6fc7b21d61609fb67a678a9cc93154f240e24659c043460a7cf67b8d7386d3791fccc2b0839e1d56afb984a168f52218251442572f73d48033424133202f5be291c6c5447ae96cbe62acbf8ea78abd6d15435b087882662cf34c8d71a70071a825039cd2ef0f3ea51419501eebbdb665e5c60b2b87d756cec9a659e358b837bf6e4ee139eba3e568c80caf5f7134a1580632aa2029ba1ea68b7aee90d462753bdd07f35127053cda8bc771712198c4344bb49b9ae7dcd40abe34568e039666552fa91139c4cacb2efbb659284e459ba618c079ef8fbac67f2dbee6fd8150fcc8a54fb14188b349a6621f9f86a5e788092197bc00c4c8b0cf811f349f9b0d1314ffe80af49e9efe52d82fafb0d77b839aed6eb3c1fd4c9dacdf672e291055ae380c699468443e36b543291e200f701dda9a54a530ad39667b2d6bf6783e3800d3ab0773e3af0a135cba27d277be847d031de3931b3a7fcc581c9d583a20a47c26c23096f1ee50894689a3a9a360858c7cf78c6ae571c30df6e51903a3d1bb0f4e4fbecd7b85d4045c9c6d6a0e2a86e2830663813b3840f743b8081049ab9253b6970e9478f2ee943e7a242d13d274e8cb1d27ccb95d32899a419b8767bb7859f1660e66aac0cabe87448303197fa16e712175345b4bb2e9914b36148da489562d7968ef6d571130df782fd67599eaf4ed52b86ae1d50804c429d943a53e1d568d62cbc1aa37efbad899125ee5ec805e75f71f342bd432a5a69701ae5f9909716dbd15656e0686293e4273b62e6799b275f069f6d94d0d8eea997a52060001114df218c106bec1870bd051bb29b79e6a12ce637a4645044f661a4ef8100b4981edcbd000f47cd93547c0a639226c7596bd09098a5634355b063d05311d2933ffac48ba3ced848e1abcb06aba6b99f4d435629116fcef5a55379fdea08b3e8669744acba8fc25a5fe59f07896b8d3690068f9f3170dfa581a888b0795d514431c0dcfb9fabcc99bd79eb491b9722472dd3eb87239ee821798872d9d665bd2b761ddc003af20fe301bb19dfa9685c245e15d602389182775b7bb5967bfaad80f25d1f5460a92e611e3908b9b4a643d0252a141fe66a9870cf9790cf0a1617c52d58e1e0858f8f69f60a15cf02afda535af892d3605f428cd0557fc2971387f646157c5a1ab7e8d96b4f1093801f7ee880a33e5ae1885cf6e91092a04f05737cbb36afad95719e44457", 0x1000}}, 0x1006)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x20000000000000e3, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000002c0)={r1, 0x20, &(0x7f0000000180)={&(0x7f0000001ec0)=""/4096, 0x1000, 0x0, &(0x7f0000002ec0)=""/4096, 0x1000}}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00'}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000900)=ANY=[@ANYBLOB="48000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006261746164760000040002800800", @ANYRES32], 0x48}}, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000000)={0x0, 0x1, 0x6, @multicast}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000c80)={'ipvlan1\x00', &(0x7f0000000b80)=@ethtool_drvinfo={0x3, "b6a5a4c554b540f610881ddfc60c7c10be18a8a16e1fd36b19b498d996d2e6b1", "a0f5b5b9a6563713536a30f274de5a7be62afd1c93714b68f85659a4f8be4ae1", "53d063674ff30e6064e9f63d13bc359f93623f64dd4b0df3d38ef244e5eb57c4", "a6bceb100f1bcc066a312d29063a1ef04adedf160f1ab07016c4f7465c955a61", "4143967e44cb0bf2bffe750097e64bdeb49558d0cdb6a6324cf75d622f2be2d7", "e48958e49ee4338d590974d4", 0x7fff, 0x9, 0x8a, 0x5}})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

187.554357ms ago: executing program 5 (id=2288):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00'})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x40c5, 0x24)
r3 = perf_event_open(&(0x7f0000000380)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x7, 0x100}, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r3, 0x0)
r4 = socket(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x68, 0x30, 0x829, 0x0, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_PRIORITY={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
r5 = syz_io_uring_setup(0xd6, &(0x7f0000000480)={0x0, 0xd814, 0x8, 0x2, 0xfffffffc, 0x0, r2}, &(0x7f0000000000)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0xfffffffffffffffd, 0x0})
io_uring_enter(r5, 0x47ba, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
epoll_create1(0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
r9 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDSETKEYCODE(r9, 0x4b4d, &(0x7f0000004840)={0x2ff, 0xa})
r10 = syz_open_procfs(0x0, &(0x7f00000005c0)='smaps_rollup\x00')
lseek(r10, 0x2000, 0x0)
r11 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/kexec_loaded', 0x141383, 0x189)
lseek(r11, 0x1000, 0x3)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000012c0)={{0x14}, [@NFT_MSG_NEWRULE={0x44, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x18, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @redir={{0xa}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x6c}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r12 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, @perf_bp={0x0, 0x8}, 0x4c58, 0x0, 0x0, 0x1, 0x8, 0x2, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, r12, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, r12, 0xa)

116.688728ms ago: executing program 6 (id=2289):
socket$unix(0x1, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
arch_prctl$ARCH_ENABLE_TAGGED_ADDR(0x4002, 0x3)
socket$packet(0x11, 0x3, 0x300)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x80)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x100000b, 0x13, r1, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b)

87.312718ms ago: executing program 1 (id=2290):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket(0x10, 0x3, 0x0)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0xfffffffd}, 0xc)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000040)={&(0x7f0000001580)=@newtaction={0x18, 0x30, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x4000080)

44.256139ms ago: executing program 6 (id=2291):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}, 0xc104}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0xb76e}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = gettid()
process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

35.726759ms ago: executing program 1 (id=2292):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000000)={0x18, 0x0, {0x1, @local, 'ip_vti0\x00'}}, 0x1e)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000080)={0x18, 0x0, {0x2, @multicast, 'veth1_to_bond\x00'}}, 0x1e)
connect$pppoe(r2, &(0x7f0000000340)={0x18, 0x0, {0x0, @multicast, 'macvlan0\x00'}}, 0x1e)

720.08µs ago: executing program 1 (id=2293):
r0 = syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000000)='./file1\x00', 0x280809a, &(0x7f0000000f40)=ANY=[], 0x1, 0x2b2, &(0x7f00000006c0)="$eJzs3U9rY1UUAPDz0jR9OosUcaMIPtCFqzJ166ZRRhC7UiKoCw3ODEgSBqYQmArGruYTuPR7+BHcuPEbDLgV3E0XlSfvX/7ga402VXR+v9Xh3nfuPXm3TbLJeZ+/Mh3ffZDE2dMnkaZJdI7iKM6T2I9ONL6JbgAA/x/neR6/5mWY5JUNM7udGy0MALgx1ef/X/rgBwD+4z78+JP3B8fHdz7IsjRe6j+eDZOImD6eDav5wf34MiZxL25HPy4i8oUqfve94zvRzQr78fp0PhsWmdPPfqzXH/wSUeYfRj/22/MPs8pK/nw23I3nI4vB/d2m1H682J7/Zkt+DHvxxmsr9R9EP376Ih7EJO5GkbvM//owy97Jv3361afFNkV+0onhXnldKfcFCQAAAAAAAAAAAAAAAAAAAACA7TrIsqRq31P27ymG6v47Oxfl/EHW2F/vz1PlJ81CVX+gvOmWM8/ju6a/zu0sy/L6wmV+N17uerAAAAAAAAAAAAAAAAAAAAAAFE4ePbk1mkzuPTx5dDq+dtB0A2h+1v931zlaGXk1TsejncsX3Nt8r9VuA0WtV14c3W5s6ba0B2eLkeeKera+xV4sRj6KKmgOZqt7vfB2tejpeJTVU81NHo+SP9srbQ7u+9WpXly3sLz8k7jI1880XZS6ntXb0t3o3Wqd+i3P883Weevn6ozqkaRssbHZ7rt10PoCiyAtziJd/OMXUz9cvuClbxk7137TAQAAAAAAAAAAAAAAAAAAWi1/9NsyeXZlaufGigIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf9jy+f9NkEbE+sgfgnmdfNU1ddCLhyf/8ksEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgGfB7AAAA//8rlFqg")
r1 = syz_io_uring_setup(0x31c5, &(0x7f0000000140)={0x0, 0xd73c, 0x2}, &(0x7f00000001c0), &(0x7f00000003c0))
syz_io_uring_setup(0x263f, &(0x7f0000000840)={0x0, 0xb8da, 0x186a, 0x0, 0x0, 0x0, r1}, 0x0, 0x0)
syz_io_uring_setup(0x3c5f, &(0x7f0000000240)={0x0, 0x0, 0x27, 0x2, 0x0, 0x0, r1}, &(0x7f00000002c0), &(0x7f0000000300))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
r3 = open(&(0x7f00000000c0)='./file1\x00', 0x66842, 0x19)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000080)={0x1, [0x0]})
pwritev2(r2, &(0x7f00000000c0)=[{&(0x7f00000001c0)="df", 0x1}], 0x1, 0x442, 0x0, 0x0)

0s ago: executing program 3 (id=2294):
mlock(&(0x7f0000626000/0x5000)=nil, 0x5000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180), 0x8a080, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="e0925693cfc74c05f726838916c65667ca8b6efbe77c08e9bff00761630f0668d51021f66d12e3024023ac2c45706ef4102b1535beaac5a266968823086aa472b3e1303724ee45028c1d6964818fe804d4cdd70712723e1806c7f492c62838e32011acb720d91b3f6633e406b7f0ef52eb0bec073c602cad0c632e63d1c93ed9e247da40c75a6b1b2c2559dda43922f85c767fce9b623de8585dd95dc197ab983df5bb6ae369cc4a701a49ee462f0d5f7fe52d524718be2116", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0xc8, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0xfc04, 0xc01, 0x8000, 0x40024e}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
io_uring_enter(r2, 0x627, 0x4c1, 0x9, 0x0, 0x18)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
lsetxattr$system_posix_acl(&(0x7f0000000680)='./file0\x00', &(0x7f0000000700)='system.posix_acl_access\x00', &(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES32=r2], 0x24, 0x2)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x3, 0x80512, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x4172, 0x0, &(0x7f0000000100), &(0x7f0000000040))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000300)='io_uring_link\x00', r1}, 0x18)
io_cancel(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x7e)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="4c000000020601080000000000000000000000400500010006000000050005000200000005000400000000000900020073797a310000000011000300686173683a69702c6d61726b00"], 0x4c}}, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a00)=ANY=[@ANYBLOB="480000000906010200000000000000000700ffff200007800c00018008000140e000000208000a400000000105000300020010000900020073797a31000000000500010007000000b752ed6fdce36883cfc7b83b0e654e9886550cc57b10fb4674e73115a7ad2d2950f12a5d4bebe4ac306529df0b3ff99f56b0f847be12faa6a626"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001440)={0x11, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10020, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f687372"], 0xfc}}, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x20182)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r7, 0x29, 0x39, 0x0, 0x8)

kernel console output (not intermixed with test programs):

i_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  144.432520][ T8122] vhci_hcd vhci_hcd.0: Device attached
[  144.527031][ T8111] netlink: 'syz.1.1624': attribute type 10 has an invalid length.
[  144.535106][ T8111] netlink: 'syz.1.1624': attribute type 19 has an invalid length.
[  144.542955][ T8111] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1624'.
[  144.607290][ T8123] vhci_hcd: connection closed
[  144.607656][ T5281] vhci_hcd: stop threads
[  144.612309][ T8135] loop1: detected capacity change from 0 to 512
[  144.612419][ T5281] vhci_hcd: release socket
[  144.612434][ T5281] vhci_hcd: disconnect device
[  144.633870][ T8135] journal_path: Non-blockdev passed as './file0'
[  144.640426][ T8135] EXT4-fs: error: could not find journal device path
[  144.781082][ T8138] Invalid ELF header magic: != ELF
[  144.858708][ T8144] vlan2: entered promiscuous mode
[  144.863903][ T8144] vlan2: entered allmulticast mode
[  144.869171][ T8144] hsr_slave_1: entered allmulticast mode
[  144.876914][ T8144] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1635'.
[  145.053208][   T29] kauditd_printk_skb: 277 callbacks suppressed
[  145.053225][   T29] audit: type=1326 audit(1750045733.119:8339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8145 comm="syz.3.1636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  145.083107][ T8146] loop3: detected capacity change from 0 to 2048
[  145.084096][   T29] audit: type=1326 audit(1750045733.119:8340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8145 comm="syz.3.1636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  145.113219][   T29] audit: type=1326 audit(1750045733.119:8341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8145 comm="syz.3.1636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  145.136692][   T29] audit: type=1326 audit(1750045733.119:8342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8145 comm="syz.3.1636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  145.160229][   T29] audit: type=1326 audit(1750045733.119:8343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8145 comm="syz.3.1636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  145.183822][   T29] audit: type=1326 audit(1750045733.119:8344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8145 comm="syz.3.1636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  145.207373][   T29] audit: type=1326 audit(1750045733.119:8345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8145 comm="syz.3.1636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  145.231138][   T29] audit: type=1326 audit(1750045733.119:8346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8145 comm="syz.3.1636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  145.254671][   T29] audit: type=1326 audit(1750045733.119:8347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8145 comm="syz.3.1636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  145.278225][   T29] audit: type=1326 audit(1750045733.119:8348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8145 comm="syz.3.1636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  145.337279][ T8146]  loop3: p1 < > p4
[  145.342615][ T8146] loop3: p4 size 8388608 extends beyond EOD, truncated
[  145.413121][ T8152] lo speed is unknown, defaulting to 1000
[  145.484003][ T8150] loop0: detected capacity change from 0 to 512
[  145.492278][ T8150] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  145.502262][ T8150] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  145.526610][ T8155] netlink: 464 bytes leftover after parsing attributes in process `syz.3.1639'.
[  145.552912][ T8157] FAULT_INJECTION: forcing a failure.
[  145.552912][ T8157] name failslab, interval 1, probability 0, space 0, times 0
[  145.565779][ T8157] CPU: 0 UID: 0 PID: 8157 Comm: syz.3.1640 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  145.565808][ T8157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  145.565821][ T8157] Call Trace:
[  145.565827][ T8157]  <TASK>
[  145.565844][ T8157]  __dump_stack+0x1d/0x30
[  145.565869][ T8157]  dump_stack_lvl+0xe8/0x140
[  145.565887][ T8157]  dump_stack+0x15/0x1b
[  145.565902][ T8157]  should_fail_ex+0x265/0x280
[  145.565947][ T8157]  should_failslab+0x8c/0xb0
[  145.565969][ T8157]  __kmalloc_noprof+0xa5/0x3e0
[  145.565993][ T8157]  ? process_preds+0x2ce/0x2bb0
[  145.566084][ T8157]  process_preds+0x2ce/0x2bb0
[  145.566103][ T8157]  ? terminate_walk+0x27f/0x2a0
[  145.566125][ T8157]  ? strnchr+0x1e/0x40
[  145.566144][ T8157]  ? bpf_bprintf_prepare+0xbb1/0xd50
[  145.566174][ T8157]  ? avc_has_perm_noaudit+0x1b1/0x200
[  145.566260][ T8157]  ? should_fail_ex+0xdb/0x280
[  145.566290][ T8157]  ? ftrace_profile_set_filter+0xc2/0x190
[  145.566310][ T8157]  ? should_failslab+0x8c/0xb0
[  145.566421][ T8157]  ? __kmalloc_cache_noprof+0x189/0x320
[  145.566450][ T8157]  ftrace_profile_set_filter+0xff/0x190
[  145.566472][ T8157]  perf_ioctl+0x7b3/0x12e0
[  145.566560][ T8157]  ? ioctl_has_perm+0x289/0x2a0
[  145.566585][ T8157]  ? do_vfs_ioctl+0xd1e/0x11d0
[  145.566615][ T8157]  ? selinux_file_ioctl+0x2e3/0x370
[  145.566690][ T8157]  ? __fget_files+0x184/0x1c0
[  145.566736][ T8157]  ? __pfx_perf_ioctl+0x10/0x10
[  145.566825][ T8157]  __se_sys_ioctl+0xcb/0x140
[  145.566875][ T8157]  __x64_sys_ioctl+0x43/0x50
[  145.566903][ T8157]  x64_sys_call+0x19a8/0x2fb0
[  145.566923][ T8157]  do_syscall_64+0xd2/0x200
[  145.567008][ T8157]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  145.567034][ T8157]  ? clear_bhb_loop+0x40/0x90
[  145.567055][ T8157]  ? clear_bhb_loop+0x40/0x90
[  145.567076][ T8157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.567120][ T8157] RIP: 0033:0x7f2050e3e929
[  145.567135][ T8157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.567152][ T8157] RSP: 002b:00007f204f4a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  145.567170][ T8157] RAX: ffffffffffffffda RBX: 00007f2051065fa0 RCX: 00007f2050e3e929
[  145.567259][ T8157] RDX: 00002000000001c0 RSI: 0000000040082406 RDI: 0000000000000005
[  145.567271][ T8157] RBP: 00007f204f4a7090 R08: 0000000000000000 R09: 0000000000000000
[  145.567282][ T8157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  145.567361][ T8157] R13: 0000000000000000 R14: 00007f2051065fa0 R15: 00007ffc6bac46a8
[  145.567380][ T8157]  </TASK>
[  145.912274][ T8165] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8165 comm=syz.3.1645
[  145.925127][ T8165] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=8165 comm=syz.3.1645
[  145.976279][ T8169] binfmt_misc: register: failed to install interpreter file ./file0
[  146.098905][ T8181] loop1: detected capacity change from 0 to 8192
[  146.107394][ T8181] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  146.226403][ T8185] netlink: 'syz.1.1651': attribute type 10 has an invalid length.
[  146.241000][ T8185] netlink: 'syz.1.1651': attribute type 10 has an invalid length.
[  146.248944][ T8185] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1651'.
[  146.258507][ T8185] team0: entered promiscuous mode
[  146.263561][ T8185] team_slave_0: entered promiscuous mode
[  146.269378][ T8185] team_slave_1: entered promiscuous mode
[  146.275260][ T8185] geneve1: entered promiscuous mode
[  146.282143][ T8185] 8021q: adding VLAN 0 to HW filter on device team0
[  146.289462][ T8185] bridge0: port 3(team0) entered blocking state
[  146.296064][ T8185] bridge0: port 3(team0) entered disabled state
[  146.302634][ T8185] team0: entered allmulticast mode
[  146.309480][ T8185] team_slave_0: entered allmulticast mode
[  146.315285][ T8185] team_slave_1: entered allmulticast mode
[  146.321087][ T8185] geneve1: entered allmulticast mode
[  146.333640][ T8185] bridge0: port 3(team0) entered blocking state
[  146.340014][ T8185] bridge0: port 3(team0) entered forwarding state
[  146.416702][ T8179] lo speed is unknown, defaulting to 1000
[  146.690652][ T8200] FAULT_INJECTION: forcing a failure.
[  146.690652][ T8200] name failslab, interval 1, probability 0, space 0, times 0
[  146.703447][ T8200] CPU: 1 UID: 0 PID: 8200 Comm: syz.5.1656 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  146.703479][ T8200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  146.703494][ T8200] Call Trace:
[  146.703502][ T8200]  <TASK>
[  146.703571][ T8200]  __dump_stack+0x1d/0x30
[  146.703591][ T8200]  dump_stack_lvl+0xe8/0x140
[  146.703609][ T8200]  dump_stack+0x15/0x1b
[  146.703626][ T8200]  should_fail_ex+0x265/0x280
[  146.703732][ T8200]  should_failslab+0x8c/0xb0
[  146.703767][ T8200]  kmem_cache_alloc_node_noprof+0x57/0x320
[  146.703799][ T8200]  ? __alloc_skb+0x101/0x320
[  146.703902][ T8200]  __alloc_skb+0x101/0x320
[  146.703932][ T8200]  ? selinux_file_permission+0x1e4/0x320
[  146.703974][ T8200]  ppp_write+0x87/0x330
[  146.703995][ T8200]  ? vfs_write+0x250/0x8e0
[  146.704061][ T8200]  ? __pfx_ppp_write+0x10/0x10
[  146.704090][ T8200]  vfs_write+0x269/0x8e0
[  146.704123][ T8200]  ? __rcu_read_unlock+0x4f/0x70
[  146.704143][ T8200]  ? __fget_files+0x184/0x1c0
[  146.704165][ T8200]  ksys_write+0xda/0x1a0
[  146.704247][ T8200]  __x64_sys_write+0x40/0x50
[  146.704265][ T8200]  x64_sys_call+0x2cdd/0x2fb0
[  146.704292][ T8200]  do_syscall_64+0xd2/0x200
[  146.704377][ T8200]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  146.704401][ T8200]  ? clear_bhb_loop+0x40/0x90
[  146.704427][ T8200]  ? clear_bhb_loop+0x40/0x90
[  146.704455][ T8200]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.704482][ T8200] RIP: 0033:0x7f3d1cb6e929
[  146.704508][ T8200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.704531][ T8200] RSP: 002b:00007f3d1b1d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  146.704582][ T8200] RAX: ffffffffffffffda RBX: 00007f3d1cd95fa0 RCX: 00007f3d1cb6e929
[  146.704597][ T8200] RDX: 0000000000000002 RSI: 0000200000000300 RDI: 0000000000000003
[  146.704613][ T8200] RBP: 00007f3d1b1d7090 R08: 0000000000000000 R09: 0000000000000000
[  146.704626][ T8200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.704637][ T8200] R13: 0000000000000000 R14: 00007f3d1cd95fa0 R15: 00007ffc48e71618
[  146.704723][ T8200]  </TASK>
[  146.971289][ T8206] loop0: detected capacity change from 0 to 256
[  146.978786][ T8206] vfat: Unknown parameter 'shortnáme'
[  146.986377][ T8206] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1658'.
[  147.149662][ T8225] IPv6: Can't replace route, no match found
[  147.248595][ T4829] hid-generic 0000:0000:0000.0053: unknown main item tag 0x0
[  147.263991][ T4829] hid-generic 0000:0000:0000.0053: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  147.533857][ T8241] loop3: detected capacity change from 0 to 8192
[  147.547204][ T8241] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  147.627773][ T8241] netlink: 'syz.3.1671': attribute type 10 has an invalid length.
[  147.637739][ T8241] batman_adv: batadv0: Adding interface: team0
[  147.643954][ T8241] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.669424][ T8241] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  147.672545][ T8245] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1672'.
[  147.688310][ T8245] netlink: 'syz.1.1672': attribute type 30 has an invalid length.
[  147.701081][ T8245] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  147.709431][ T8245] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  147.717770][ T8245] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  147.726077][ T8245] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  147.783164][ T4829] hid-generic 0000:0000:0000.0054: unknown main item tag 0x0
[  147.793643][ T4829] hid-generic 0000:0000:0000.0054: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  147.793670][ T8257] loop1: detected capacity change from 0 to 1024
[  147.811229][ T8257] EXT4-fs: dax option not supported
[  147.820102][ T8259] netlink: 464 bytes leftover after parsing attributes in process `syz.5.1678'.
[  147.903018][ T8264] lo speed is unknown, defaulting to 1000
[  148.426563][ T8288] loop3: detected capacity change from 0 to 512
[  148.437525][ T8288] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.1689: iget: bad i_size value: 38620345925642
[  148.467734][ T8288] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.1689: couldn't read orphan inode 15 (err -117)
[  148.485795][ T8288] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.690610][ T8296] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1691'.
[  148.882840][ T8302] lo speed is unknown, defaulting to 1000
[  148.976159][ T8307] netlink: 'syz.6.1694': attribute type 39 has an invalid length.
[  148.985680][ T5284] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm kworker/u8:8: bg 0: block 5: invalid block bitmap
[  149.015352][ T5284] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  149.028013][ T5284] EXT4-fs (loop3): This should not happen!! Data will be lost
[  149.028013][ T5284] 
[  149.037874][ T5284] EXT4-fs (loop3): Total free blocks count 0
[  149.043890][ T5284] EXT4-fs (loop3): Free/Dirty block details
[  149.049908][ T5284] EXT4-fs (loop3): free_blocks=0
[  149.054890][ T5284] EXT4-fs (loop3): dirty_blocks=16000
[  149.060277][ T5284] EXT4-fs (loop3): Block reservation details
[  149.066332][ T5284] EXT4-fs (loop3): i_reserved_data_blocks=16000
[  149.096414][ T5284] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  149.216725][ T8317] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1700'.
[  149.362138][ T8329] FAULT_INJECTION: forcing a failure.
[  149.362138][ T8329] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  149.375815][ T8329] CPU: 1 UID: 0 PID: 8329 Comm: syz.6.1705 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  149.375845][ T8329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  149.375857][ T8329] Call Trace:
[  149.375923][ T8329]  <TASK>
[  149.375932][ T8329]  __dump_stack+0x1d/0x30
[  149.375955][ T8329]  dump_stack_lvl+0xe8/0x140
[  149.375977][ T8329]  dump_stack+0x15/0x1b
[  149.375996][ T8329]  should_fail_ex+0x265/0x280
[  149.376056][ T8329]  should_fail+0xb/0x20
[  149.376176][ T8329]  should_fail_usercopy+0x1a/0x20
[  149.376224][ T8329]  _copy_from_user+0x1c/0xb0
[  149.376313][ T8329]  __sys_bpf+0x178/0x790
[  149.376351][ T8329]  __x64_sys_bpf+0x41/0x50
[  149.376383][ T8329]  x64_sys_call+0x2478/0x2fb0
[  149.376456][ T8329]  do_syscall_64+0xd2/0x200
[  149.376479][ T8329]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  149.376595][ T8329]  ? clear_bhb_loop+0x40/0x90
[  149.376622][ T8329]  ? clear_bhb_loop+0x40/0x90
[  149.376648][ T8329]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.376745][ T8329] RIP: 0033:0x7f9f7200e929
[  149.376763][ T8329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.376781][ T8329] RSP: 002b:00007f9f70677038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  149.376798][ T8329] RAX: ffffffffffffffda RBX: 00007f9f72235fa0 RCX: 00007f9f7200e929
[  149.376813][ T8329] RDX: 0000000000000028 RSI: 0000200000000280 RDI: 0000000000000012
[  149.376902][ T8329] RBP: 00007f9f70677090 R08: 0000000000000000 R09: 0000000000000000
[  149.376939][ T8329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.376950][ T8329] R13: 0000000000000000 R14: 00007f9f72235fa0 R15: 00007ffcafdb1ba8
[  149.376980][ T8329]  </TASK>
[  149.641352][ T8341] loop6: detected capacity change from 0 to 512
[  149.678041][ T8341] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.718306][ T8341] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.855442][ T8350] loop5: detected capacity change from 0 to 512
[  149.879048][ T8350] EXT4-fs (loop5): 1 orphan inode deleted
[  149.886246][ T8350] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.902781][   T31] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  149.919174][ T8350] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.989359][ T8355] loop0: detected capacity change from 0 to 512
[  150.002794][ T8355] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.1712: iget: bad i_size value: 38620345925642
[  150.026550][ T7926] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.036816][ T8355] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.1712: couldn't read orphan inode 15 (err -117)
[  150.056171][   T29] kauditd_printk_skb: 228 callbacks suppressed
[  150.056188][   T29] audit: type=1326 audit(1750045738.129:8576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8349 comm="syz.5.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f3d1cb6e929 code=0x7ffc0000
[  150.098978][ T8350] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  150.120962][ T8355] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.165452][   T29] audit: type=1326 audit(1750045738.239:8577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8349 comm="syz.5.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d1cb6e929 code=0x7ffc0000
[  150.188942][   T29] audit: type=1326 audit(1750045738.239:8578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8349 comm="syz.5.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d1cb6e929 code=0x7ffc0000
[  150.199183][   T29] audit: type=1326 audit(1750045738.259:8579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8349 comm="syz.5.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f3d1cb6e929 code=0x7ffc0000
[  150.236825][   T29] audit: type=1326 audit(1750045738.259:8580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8349 comm="syz.5.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d1cb6e929 code=0x7ffc0000
[  150.260337][   T29] audit: type=1326 audit(1750045738.259:8581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8349 comm="syz.5.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d1cb6e929 code=0x7ffc0000
[  150.471517][ T8366] lo speed is unknown, defaulting to 1000
[  150.574728][ T7023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.615565][ T8372] loop3: detected capacity change from 0 to 512
[  150.647681][   T29] audit: type=1326 audit(1750045738.489:8582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8349 comm="syz.5.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d1cb6e929 code=0x7ffc0000
[  150.671242][   T29] audit: type=1326 audit(1750045738.489:8583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8349 comm="syz.5.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d1cb6e929 code=0x7ffc0000
[  150.694752][   T29] audit: type=1326 audit(1750045738.489:8584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8349 comm="syz.5.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d1cb6e929 code=0x7ffc0000
[  150.718204][   T29] audit: type=1326 audit(1750045738.519:8585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8349 comm="syz.5.1711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7f3d1cb6e929 code=0x7ffc0000
[  150.812384][ T8375] FAULT_INJECTION: forcing a failure.
[  150.812384][ T8375] name failslab, interval 1, probability 0, space 0, times 0
[  150.825191][ T8375] CPU: 0 UID: 0 PID: 8375 Comm: syz.6.1718 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  150.825224][ T8375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  150.825239][ T8375] Call Trace:
[  150.825247][ T8375]  <TASK>
[  150.825256][ T8375]  __dump_stack+0x1d/0x30
[  150.825358][ T8375]  dump_stack_lvl+0xe8/0x140
[  150.825375][ T8375]  dump_stack+0x15/0x1b
[  150.825398][ T8375]  should_fail_ex+0x265/0x280
[  150.825432][ T8375]  should_failslab+0x8c/0xb0
[  150.825491][ T8375]  __kmalloc_noprof+0xa5/0x3e0
[  150.825522][ T8375]  ? kobject_get_path+0x92/0x1c0
[  150.825547][ T8375]  kobject_get_path+0x92/0x1c0
[  150.825569][ T8375]  kobject_uevent_env+0x1da/0x570
[  150.825708][ T8375]  kobject_uevent+0x1d/0x30
[  150.825740][ T8375]  device_del+0x710/0x790
[  150.825848][ T8375]  ? __try_to_del_timer_sync+0x152/0x170
[  150.825888][ T8375]  device_unregister+0x15/0x40
[  150.825911][ T8375]  wakeup_source_sysfs_remove+0x25/0x30
[  150.825956][ T8375]  wakeup_source_unregister+0xf0/0x330
[  150.825978][ T8375]  ep_clear_and_put+0x26f/0x2c0
[  150.826043][ T8375]  ? __pfx_ep_eventpoll_release+0x10/0x10
[  150.826135][ T8375]  ep_eventpoll_release+0x2c/0x40
[  150.826155][ T8375]  __fput+0x298/0x650
[  150.826197][ T8375]  ____fput+0x1c/0x30
[  150.826257][ T8375]  task_work_run+0x12e/0x1a0
[  150.826281][ T8375]  exit_to_user_mode_loop+0xe4/0x100
[  150.826338][ T8375]  do_syscall_64+0x1d6/0x200
[  150.826358][ T8375]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  150.826436][ T8375]  ? clear_bhb_loop+0x40/0x90
[  150.826460][ T8375]  ? clear_bhb_loop+0x40/0x90
[  150.826482][ T8375]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.826500][ T8375] RIP: 0033:0x7f9f7200e929
[  150.826513][ T8375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.826589][ T8375] RSP: 002b:00007f9f70677038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  150.826610][ T8375] RAX: 0000000000000000 RBX: 00007f9f72235fa0 RCX: 00007f9f7200e929
[  150.826625][ T8375] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000005
[  150.826655][ T8375] RBP: 00007f9f70677090 R08: 0000000000000000 R09: 0000000000000000
[  150.826670][ T8375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  150.826703][ T8375] R13: 0000000000000000 R14: 00007f9f72235fa0 R15: 00007ffcafdb1ba8
[  150.826722][ T8375]  </TASK>
[  150.895917][ T8372] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  151.091049][   T37] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm kworker/u8:2: bg 0: block 5: invalid block bitmap
[  151.118713][   T37] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  151.131249][   T37] EXT4-fs (loop0): This should not happen!! Data will be lost
[  151.131249][   T37] 
[  151.141086][   T37] EXT4-fs (loop0): Total free blocks count 0
[  151.147191][   T37] EXT4-fs (loop0): Free/Dirty block details
[  151.153173][   T37] EXT4-fs (loop0): free_blocks=0
[  151.158224][   T37] EXT4-fs (loop0): dirty_blocks=2700
[  151.163542][   T37] EXT4-fs (loop0): Block reservation details
[  151.169632][   T37] EXT4-fs (loop0): i_reserved_data_blocks=2700
[  151.228346][   T37] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 644 with error 28
[  151.265079][ T8387] xt_hashlimit: max too large, truncated to 1048576
[  151.421175][ T8400] loop5: detected capacity change from 0 to 1024
[  151.439295][ T8401] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1720'.
[  151.460499][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.465362][ T8400] EXT4-fs: Ignoring removed nomblk_io_submit option
[  151.485147][ T8400] ext4: Unknown parameter 'uid<00000000000000000000'
[  152.080866][ T8379] Set syz1 is full, maxelem 65536 reached
[  152.242625][ T3410] hid-generic 0000:0000:0000.0055: unknown main item tag 0x0
[  152.250523][ T3410] hid-generic 0000:0000:0000.0055: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  152.264045][ T8419] loop6: detected capacity change from 0 to 128
[  152.368937][ T8421] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1734'.
[  152.422736][ T8428] loop1: detected capacity change from 0 to 2048
[  152.483089][ T8428]  loop1: p1 < > p4
[  152.491127][ T8428] loop1: p4 size 8388608 extends beyond EOD, truncated
[  152.699901][ T8440] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1739'.
[  152.710419][ T8441] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1738'.
[  152.714203][ T8440] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1739'.
[  152.739469][ T8440] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1739'.
[  152.760622][ T8440] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1739'.
[  153.053079][ T4829] hid-generic 0000:0000:0000.0056: unknown main item tag 0x0
[  153.061054][ T4829] hid-generic 0000:0000:0000.0056: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  153.077744][ T8461] loop3: detected capacity change from 0 to 1024
[  153.084516][ T8467] loop0: detected capacity change from 0 to 512
[  153.086917][ T8461] EXT4-fs: dax option not supported
[  153.107982][ T8467] EXT4-fs (loop0): 1 orphan inode deleted
[  153.114084][ T8467] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.126823][   T31] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  153.127874][ T8467] ext4 filesystem being mounted at /380/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.175739][ T8467] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  153.199361][ T8477] loop3: detected capacity change from 0 to 512
[  153.199389][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.200276][ T8477] EXT4-fs: Ignoring removed mblk_io_submit option
[  153.222056][ T8477] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  153.233393][ T8478] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1751'.
[  153.235340][ T8477] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  153.255010][ T8477] System zones: 1-12
[  153.264190][ T8477] EXT4-fs (loop3): 1 truncate cleaned up
[  153.285338][ T8477] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.449621][ T8504] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=38 sclass=netlink_audit_socket pid=8504 comm=syz.3.1754
[  153.515020][ T8510] loop0: detected capacity change from 0 to 512
[  153.547467][ T8510] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.1763: iget: bad i_size value: 38620345925642
[  153.575995][ T8510] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.1763: couldn't read orphan inode 15 (err -117)
[  153.607231][ T8510] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.825845][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.868737][ T8520] loop3: detected capacity change from 0 to 512
[  153.878523][ T8521] loop6: detected capacity change from 0 to 512
[  153.917826][ T8520] EXT4-fs (loop3): 1 orphan inode deleted
[  153.923913][ T8520] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.942372][ T8520] ext4 filesystem being mounted at /409/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.953043][   T37] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 1
[  154.097234][ T8521] EXT4-fs (loop6): 1 orphan inode deleted
[  154.103708][ T8521] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.125653][ T8521] ext4 filesystem being mounted at /28/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.207323][   T37] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 1
[  154.221000][ T4815] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0
[  154.229008][ T8521] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  154.237371][ T4815] hid-generic 0000:0000:0000.0057: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  154.247113][ T8520] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  154.300849][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.321514][ T7926] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.344105][ T8532] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1769'.
[  154.417062][   T31] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm kworker/u8:1: bg 0: block 5: invalid block bitmap
[  154.445981][   T31] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  154.458570][   T31] EXT4-fs (loop0): This should not happen!! Data will be lost
[  154.458570][   T31] 
[  154.468253][   T31] EXT4-fs (loop0): Total free blocks count 0
[  154.474246][   T31] EXT4-fs (loop0): Free/Dirty block details
[  154.480235][   T31] EXT4-fs (loop0): free_blocks=0
[  154.485225][   T31] EXT4-fs (loop0): dirty_blocks=16032
[  154.487923][ T8541] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1772'.
[  154.490664][   T31] EXT4-fs (loop0): Block reservation details
[  154.490680][   T31] EXT4-fs (loop0): i_reserved_data_blocks=16032
[  154.524740][ T8541] netlink: 'syz.6.1772': attribute type 10 has an invalid length.
[  154.532792][ T8542] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1768'.
[  154.542979][ T8541] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  154.575267][   T31] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  154.722446][ T8548] FAULT_INJECTION: forcing a failure.
[  154.722446][ T8548] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  154.735598][ T8548] CPU: 0 UID: 0 PID: 8548 Comm: syz.1.1775 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  154.735651][ T8548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  154.735666][ T8548] Call Trace:
[  154.735673][ T8548]  <TASK>
[  154.735682][ T8548]  __dump_stack+0x1d/0x30
[  154.735706][ T8548]  dump_stack_lvl+0xe8/0x140
[  154.735737][ T8548]  dump_stack+0x15/0x1b
[  154.735770][ T8548]  should_fail_ex+0x265/0x280
[  154.735808][ T8548]  should_fail+0xb/0x20
[  154.735898][ T8548]  should_fail_usercopy+0x1a/0x20
[  154.735938][ T8548]  _copy_from_user+0x1c/0xb0
[  154.735963][ T8548]  kstrtouint_from_user+0x69/0xf0
[  154.735991][ T8548]  ? 0xffffffff81000000
[  154.736003][ T8548]  ? selinux_file_permission+0x1e4/0x320
[  154.736066][ T8548]  proc_fail_nth_write+0x50/0x160
[  154.736085][ T8548]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  154.736105][ T8548]  vfs_write+0x269/0x8e0
[  154.736210][ T8548]  ? vfs_read+0x47f/0x6f0
[  154.736246][ T8548]  ? __rcu_read_unlock+0x4f/0x70
[  154.736273][ T8548]  ? __fget_files+0x184/0x1c0
[  154.736313][ T8548]  ksys_write+0xda/0x1a0
[  154.736335][ T8548]  __x64_sys_write+0x40/0x50
[  154.736398][ T8548]  x64_sys_call+0x2cdd/0x2fb0
[  154.736441][ T8548]  do_syscall_64+0xd2/0x200
[  154.736462][ T8548]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  154.736491][ T8548]  ? clear_bhb_loop+0x40/0x90
[  154.736537][ T8548]  ? clear_bhb_loop+0x40/0x90
[  154.736563][ T8548]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.736587][ T8548] RIP: 0033:0x7ff3258bd3df
[  154.736601][ T8548] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  154.736617][ T8548] RSP: 002b:00007ff323f27030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  154.736633][ T8548] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff3258bd3df
[  154.736676][ T8548] RDX: 0000000000000001 RSI: 00007ff323f270a0 RDI: 0000000000000004
[  154.736691][ T8548] RBP: 00007ff323f27090 R08: 0000000000000000 R09: 0000000000000000
[  154.736705][ T8548] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  154.736719][ T8548] R13: 0000000000000000 R14: 00007ff325ae5fa0 R15: 00007ffd5db64188
[  154.736777][ T8548]  </TASK>
[  155.004407][ T8541] lo speed is unknown, defaulting to 1000
[  155.110373][   T29] kauditd_printk_skb: 487 callbacks suppressed
[  155.110392][   T29] audit: type=1326 audit(1750045743.179:9070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8560 comm="syz.1.1779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3258be929 code=0x7ffc0000
[  155.114077][ T8561] loop1: detected capacity change from 0 to 512
[  155.116763][   T29] audit: type=1326 audit(1750045743.179:9071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8560 comm="syz.1.1779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3258be929 code=0x7ffc0000
[  155.169832][   T29] audit: type=1326 audit(1750045743.179:9072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8560 comm="syz.1.1779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff3258be929 code=0x7ffc0000
[  155.193489][   T29] audit: type=1326 audit(1750045743.179:9073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8560 comm="syz.1.1779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3258be929 code=0x7ffc0000
[  155.216904][   T29] audit: type=1326 audit(1750045743.179:9074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8560 comm="syz.1.1779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3258be929 code=0x7ffc0000
[  155.240442][   T29] audit: type=1326 audit(1750045743.179:9075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8560 comm="syz.1.1779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff3258be929 code=0x7ffc0000
[  155.264143][   T29] audit: type=1326 audit(1750045743.179:9076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8560 comm="syz.1.1779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3258be929 code=0x7ffc0000
[  155.268665][ T8561] EXT4-fs (loop1): 1 orphan inode deleted
[  155.288418][   T29] audit: type=1326 audit(1750045743.179:9077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8560 comm="syz.1.1779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ff3258be929 code=0x7ffc0000
[  155.294204][   T31] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  155.316879][   T29] audit: type=1326 audit(1750045743.179:9078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8560 comm="syz.1.1779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff3258be963 code=0x7ffc0000
[  155.326692][   T31] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  155.367718][ T8561] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.370931][ T8553] lo speed is unknown, defaulting to 1000
[  155.381786][ T8561] ext4 filesystem being mounted at /393/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.419635][ T8561] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  155.438149][ T3410] hid-generic 0000:0000:0000.0058: unknown main item tag 0x0
[  155.447456][ T3410] hid-generic 0000:0000:0000.0058: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  155.463029][ T8570] loop5: detected capacity change from 0 to 1024
[  155.470148][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.482491][ T8570] EXT4-fs: dax option not supported
[  155.835142][ T8598] loop6: detected capacity change from 0 to 512
[  155.870023][ T8600] loop3: detected capacity change from 0 to 164
[  155.899710][ T8600] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  155.932167][ T8598] EXT4-fs (loop6): 1 orphan inode deleted
[  155.945681][ T8600] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  155.965034][ T5284] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 1
[  155.966567][ T8598] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.986884][ T8600] Symlink component flag not implemented
[  155.995771][ T8600] Symlink component flag not implemented
[  156.004954][ T8598] ext4 filesystem being mounted at /34/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  156.048266][ T8600] Symlink component flag not implemented (7)
[  156.055239][ T8600] Symlink component flag not implemented (116)
[  156.069773][ T8598] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  156.106893][ T7926] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.185115][ T4815] hid-generic 0000:0000:0000.0059: unknown main item tag 0x0
[  156.192811][ T4815] hid-generic 0000:0000:0000.0059: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  156.208657][ T8610] loop5: detected capacity change from 0 to 1024
[  156.216130][ T8610] EXT4-fs: dax option not supported
[  156.434435][ T8632] loop3: detected capacity change from 0 to 512
[  156.451317][ T8632] EXT4-fs: Ignoring removed oldalloc option
[  156.541422][ T8633] lo speed is unknown, defaulting to 1000
[  156.824661][ T8632] EXT4-fs: Ignoring removed orlov option
[  156.918734][ T8638] loop1: detected capacity change from 0 to 1024
[  157.003818][ T8638] netlink: 'syz.1.1805': attribute type 9 has an invalid length.
[  157.164224][ T8641] loop1: detected capacity change from 0 to 1024
[  157.272358][ T8641] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  157.288118][ T8632] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  157.306273][ T8641] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  157.329132][ T8639] netlink: 'syz.0.1801': attribute type 10 has an invalid length.
[  157.337106][ T8639] netlink: 'syz.0.1801': attribute type 19 has an invalid length.
[  157.352273][ T8641] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e01c, mo2=0000]
[  157.378725][ T8648] loop5: detected capacity change from 0 to 512
[  157.386469][ T8648] EXT4-fs: Ignoring removed oldalloc option
[  157.392567][ T8648] EXT4-fs: Ignoring removed orlov option
[  157.399472][ T8648] ext2: Unknown parameter 'appraise_type'
[  157.405694][ T8632] EXT4-fs (loop3): orphan cleanup on readonly fs
[  157.414420][ T8641] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 2: comm syz.1.1805: lblock 2 mapped to illegal pblock 2 (length 1)
[  157.448817][ T8641] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 48: comm syz.1.1805: lblock 0 mapped to illegal pblock 48 (length 1)
[  157.474588][ T8657] loop5: detected capacity change from 0 to 1024
[  157.483103][ T4828] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0
[  157.506533][ T8632] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1804: bg 0: block 248: padding at end of block bitmap is not set
[  157.543826][ T4828] hid-generic 0000:0000:0000.005A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  157.555054][ T8641] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1805: Failed to acquire dquot type 0
[  157.569141][ T8657] EXT4-fs: dax option not supported
[  157.575045][ T8641] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  157.584808][ T8641] EXT4-fs error (device loop1): ext4_evict_inode:254: inode #11: comm syz.1.1805: mark_inode_dirty error
[  157.597556][ T8641] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  157.598359][ T8632] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1804: Failed to acquire dquot type 1
[  157.615958][ T8641] EXT4-fs (loop1): 1 orphan inode deleted
[  157.626375][ T8641] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.638584][   T51] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  157.665900][   T51] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0
[  157.690818][ T8641] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.700232][ T8641] EXT4-fs error (device loop1): __ext4_get_inode_loc:4792: comm syz.1.1805: Invalid inode table block 1 in block_group 0
[  157.727132][ T4828] hid-generic 0000:0000:0000.005B: unknown main item tag 0x0
[  157.733512][ T8641] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  157.746219][ T4828] hid-generic 0000:0000:0000.005B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  157.774090][ T8641] EXT4-fs error (device loop1): ext4_quota_off:7217: inode #3: comm syz.1.1805: mark_inode_dirty error
[  157.789799][ T8632] EXT4-fs (loop3): 1 truncate cleaned up
[  157.815507][ T8632] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  157.885439][ T8632] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.059813][ T8682] __nla_validate_parse: 7 callbacks suppressed
[  158.059833][ T8682] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1815'.
[  158.204606][ T8691] loop5: detected capacity change from 0 to 764
[  158.426396][ T8715] vhci_hcd: default hub control req: c607 vfffe i0000 l0
[  158.570016][ T8723] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1833'.
[  158.600303][ T3410] hid-generic 0000:0000:0000.005C: unknown main item tag 0x0
[  158.608110][ T8727] loop0: detected capacity change from 0 to 1024
[  158.609321][ T3410] hid-generic 0000:0000:0000.005C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  158.614995][ T8727] EXT4-fs: dax option not supported
[  158.686555][ T8730] FAULT_INJECTION: forcing a failure.
[  158.686555][ T8730] name failslab, interval 1, probability 0, space 0, times 0
[  158.699861][ T8730] CPU: 1 UID: 0 PID: 8730 Comm: syz.0.1837 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  158.699943][ T8730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  158.699954][ T8730] Call Trace:
[  158.699959][ T8730]  <TASK>
[  158.699965][ T8730]  __dump_stack+0x1d/0x30
[  158.699982][ T8730]  dump_stack_lvl+0xe8/0x140
[  158.700000][ T8730]  dump_stack+0x15/0x1b
[  158.700058][ T8730]  should_fail_ex+0x265/0x280
[  158.700088][ T8730]  should_failslab+0x8c/0xb0
[  158.700113][ T8730]  kmem_cache_alloc_node_noprof+0x57/0x320
[  158.700146][ T8730]  ? __alloc_skb+0x101/0x320
[  158.700191][ T8730]  __alloc_skb+0x101/0x320
[  158.700213][ T8730]  ? audit_log_start+0x365/0x6c0
[  158.700241][ T8730]  audit_log_start+0x380/0x6c0
[  158.700358][ T8730]  audit_seccomp+0x48/0x100
[  158.700444][ T8730]  ? __seccomp_filter+0x68c/0x10d0
[  158.700463][ T8730]  __seccomp_filter+0x69d/0x10d0
[  158.700483][ T8730]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  158.700512][ T8730]  ? sysvec_apic_timer_interrupt+0x44/0x80
[  158.700543][ T8730]  __secure_computing+0x82/0x150
[  158.700562][ T8730]  syscall_trace_enter+0xcf/0x1e0
[  158.700642][ T8730]  do_syscall_64+0xac/0x200
[  158.700658][ T8730]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  158.700698][ T8730]  ? clear_bhb_loop+0x40/0x90
[  158.700797][ T8730]  ? clear_bhb_loop+0x40/0x90
[  158.700817][ T8730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.700834][ T8730] RIP: 0033:0x7fc072d0e929
[  158.700846][ T8730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.700862][ T8730] RSP: 002b:00007fc071377038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  158.700936][ T8730] RAX: ffffffffffffffda RBX: 00007fc072f35fa0 RCX: 00007fc072d0e929
[  158.700946][ T8730] RDX: 000000000000007b RSI: 0000000000000084 RDI: 0000000000000008
[  158.700956][ T8730] RBP: 00007fc071377090 R08: 0000000000000008 R09: 0000000000000000
[  158.700966][ T8730] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[  158.700977][ T8730] R13: 0000000000000000 R14: 00007fc072f35fa0 R15: 00007ffc32a3b4e8
[  158.701043][ T8730]  </TASK>
[  158.948802][ T8732] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[  158.957190][ T8732] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[  159.179692][ T8757] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  159.188030][ T8757] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  159.319855][ T8763] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1846'.
[  159.511658][ T8769] lo speed is unknown, defaulting to 1000
[  160.212225][ T8786] FAULT_INJECTION: forcing a failure.
[  160.212225][ T8786] name failslab, interval 1, probability 0, space 0, times 0
[  160.224924][ T8786] CPU: 1 UID: 0 PID: 8786 Comm: syz.6.1853 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  160.225018][ T8786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  160.225034][ T8786] Call Trace:
[  160.225042][ T8786]  <TASK>
[  160.225051][ T8786]  __dump_stack+0x1d/0x30
[  160.225072][ T8786]  dump_stack_lvl+0xe8/0x140
[  160.225090][ T8786]  dump_stack+0x15/0x1b
[  160.225105][ T8786]  should_fail_ex+0x265/0x280
[  160.225187][ T8786]  should_failslab+0x8c/0xb0
[  160.225238][ T8786]  kmem_cache_alloc_noprof+0x50/0x310
[  160.225271][ T8786]  ? getname_flags+0x80/0x3b0
[  160.225300][ T8786]  getname_flags+0x80/0x3b0
[  160.225322][ T8786]  user_path_at+0x28/0x130
[  160.225348][ T8786]  __se_sys_mount+0x25b/0x2e0
[  160.225466][ T8786]  ? __schedule+0x6a8/0xb30
[  160.225538][ T8786]  __x64_sys_mount+0x67/0x80
[  160.225613][ T8786]  x64_sys_call+0xd36/0x2fb0
[  160.225700][ T8786]  do_syscall_64+0xd2/0x200
[  160.225717][ T8786]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  160.225834][ T8786]  ? clear_bhb_loop+0x40/0x90
[  160.225862][ T8786]  ? clear_bhb_loop+0x40/0x90
[  160.225890][ T8786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.225915][ T8786] RIP: 0033:0x7f9f7200e929
[  160.225929][ T8786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.226088][ T8786] RSP: 002b:00007f9f70677038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  160.226109][ T8786] RAX: ffffffffffffffda RBX: 00007f9f72235fa0 RCX: 00007f9f7200e929
[  160.226125][ T8786] RDX: 0000200000000640 RSI: 0000200000000600 RDI: 0000000000000000
[  160.226183][ T8786] RBP: 00007f9f70677090 R08: 0000200000000840 R09: 0000000000000000
[  160.226199][ T8786] R10: 0000000002008000 R11: 0000000000000246 R12: 0000000000000001
[  160.226288][ T8786] R13: 0000000000000000 R14: 00007f9f72235fa0 R15: 00007ffcafdb1ba8
[  160.226308][ T8786]  </TASK>
[  160.454822][ T8780] Process accounting resumed
[  160.461889][ T8772] lo speed is unknown, defaulting to 1000
[  160.500842][   T29] kauditd_printk_skb: 308 callbacks suppressed
[  160.500865][   T29] audit: type=1326 audit(1750045748.569:9377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8790 comm="syz.1.1855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3258be929 code=0x7ffc0000
[  160.530607][   T29] audit: type=1326 audit(1750045748.569:9378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8790 comm="syz.1.1855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3258be929 code=0x7ffc0000
[  160.554105][   T29] audit: type=1326 audit(1750045748.569:9379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8790 comm="syz.1.1855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff3258be929 code=0x7ffc0000
[  160.577572][   T29] audit: type=1326 audit(1750045748.569:9380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8790 comm="syz.1.1855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3258be929 code=0x7ffc0000
[  160.601061][   T29] audit: type=1326 audit(1750045748.569:9381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8790 comm="syz.1.1855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3258be929 code=0x7ffc0000
[  160.630081][ T8791] loop1: detected capacity change from 0 to 512
[  160.670906][   T29] audit: type=1326 audit(1750045748.699:9382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8790 comm="syz.1.1855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff3258be929 code=0x7ffc0000
[  160.694472][   T29] audit: type=1326 audit(1750045748.699:9383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8790 comm="syz.1.1855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3258be929 code=0x7ffc0000
[  160.702541][ T8791] EXT4-fs (loop1): 1 orphan inode deleted
[  160.718102][   T29] audit: type=1326 audit(1750045748.699:9384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8790 comm="syz.1.1855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ff3258be929 code=0x7ffc0000
[  160.724455][ T8791] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.747307][   T29] audit: type=1326 audit(1750045748.699:9385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8790 comm="syz.1.1855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff3258be963 code=0x7ffc0000
[  160.761111][  T310] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  160.792945][  T310] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 1
[  160.812557][ T8791] ext4 filesystem being mounted at /409/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  160.868446][ T8808] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1860'.
[  160.907203][ T8791] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  160.933725][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.216098][ T8820] lo speed is unknown, defaulting to 1000
[  162.008790][ T8804] netlink: 'syz.3.1858': attribute type 10 has an invalid length.
[  162.016707][ T8804] netlink: 'syz.3.1858': attribute type 19 has an invalid length.
[  162.024598][ T8804] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1858'.
[  162.120893][ T8815] lo speed is unknown, defaulting to 1000
[  162.384815][ T8838] FAULT_INJECTION: forcing a failure.
[  162.384815][ T8838] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  162.398006][ T8838] CPU: 1 UID: 0 PID: 8838 Comm: syz.5.1870 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  162.398042][ T8838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  162.398127][ T8838] Call Trace:
[  162.398134][ T8838]  <TASK>
[  162.398141][ T8838]  __dump_stack+0x1d/0x30
[  162.398167][ T8838]  dump_stack_lvl+0xe8/0x140
[  162.398191][ T8838]  dump_stack+0x15/0x1b
[  162.398230][ T8838]  should_fail_ex+0x265/0x280
[  162.398264][ T8838]  should_fail+0xb/0x20
[  162.398301][ T8838]  should_fail_usercopy+0x1a/0x20
[  162.398342][ T8838]  _copy_from_user+0x1c/0xb0
[  162.398366][ T8838]  ___sys_sendmsg+0xc1/0x1d0
[  162.398417][ T8838]  __x64_sys_sendmsg+0xd4/0x160
[  162.398491][ T8838]  x64_sys_call+0x2999/0x2fb0
[  162.398516][ T8838]  do_syscall_64+0xd2/0x200
[  162.398618][ T8838]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  162.398651][ T8838]  ? clear_bhb_loop+0x40/0x90
[  162.398752][ T8838]  ? clear_bhb_loop+0x40/0x90
[  162.398776][ T8838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.398857][ T8838] RIP: 0033:0x7f3d1cb6e929
[  162.398874][ T8838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.398892][ T8838] RSP: 002b:00007f3d1b1d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  162.398916][ T8838] RAX: ffffffffffffffda RBX: 00007f3d1cd95fa0 RCX: 00007f3d1cb6e929
[  162.398932][ T8838] RDX: 000000000000c000 RSI: 0000200000000080 RDI: 0000000000000003
[  162.398946][ T8838] RBP: 00007f3d1b1d7090 R08: 0000000000000000 R09: 0000000000000000
[  162.398984][ T8838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  162.399000][ T8838] R13: 0000000000000000 R14: 00007f3d1cd95fa0 R15: 00007ffc48e71618
[  162.399023][ T8838]  </TASK>
[  162.704300][ T8851] loop0: detected capacity change from 0 to 512
[  162.767172][ T8851] EXT4-fs (loop0): 1 orphan inode deleted
[  162.773301][ T8851] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.786002][   T37] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 1
[  162.815617][ T4815] hid-generic 0000:0000:0000.005D: unknown main item tag 0x0
[  162.853744][ T4815] hid-generic 0000:0000:0000.005D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  162.882599][ T8851] ext4 filesystem being mounted at /405/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  162.902383][ T8851] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  162.913146][ T8865] netlink: 'syz.6.1879': attribute type 1 has an invalid length.
[  162.921066][ T8865] netlink: 'syz.6.1879': attribute type 4 has an invalid length.
[  162.928844][ T8865] netlink: 9462 bytes leftover after parsing attributes in process `syz.6.1879'.
[  162.950428][ T8864] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1879'.
[  162.978838][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.093844][ T8874] xt_CT: You must specify a L4 protocol and not use inversions on it
[  163.097375][ T8876] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1884'.
[  163.130389][ T8876] loop0: detected capacity change from 0 to 2048
[  163.158308][ T8876] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.222607][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.251896][ T8884] netlink: 4 bytes leftover after parsing attributes in process `'.
[  163.271390][ T8884] batman_adv: batadv0: Removing interface: team0
[  163.287343][ T8884] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  163.294782][ T8884] batman_adv: batadv0: Removing interface: batadv_slave_0
[  163.360577][ T8884] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  163.368198][ T8884] batman_adv: batadv0: Removing interface: batadv_slave_1
[  163.542296][ T8908] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1895'.
[  163.643304][ T8917] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1898'.
[  163.709544][ T4815] hid-generic 0000:0000:0000.005E: unknown main item tag 0x0
[  163.717542][ T4815] hid-generic 0000:0000:0000.005E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  163.736004][ T8924] loop3: detected capacity change from 0 to 1024
[  163.763930][ T8924] EXT4-fs: dax option not supported
[  163.866552][ T4815] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[  163.874560][ T4815] hid-generic 0000:0000:0000.005F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  163.897541][ T8932] loop6: detected capacity change from 0 to 1024
[  163.904393][ T8932] EXT4-fs: dax option not supported
[  163.912198][ T8936] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1904'.
[  163.921142][ T8936] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1904'.
[  163.937921][ T8938] FAULT_INJECTION: forcing a failure.
[  163.937921][ T8938] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.951037][ T8938] CPU: 0 UID: 0 PID: 8938 Comm: syz.3.1907 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  163.951067][ T8938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  163.951152][ T8938] Call Trace:
[  163.951159][ T8938]  <TASK>
[  163.951236][ T8938]  __dump_stack+0x1d/0x30
[  163.951311][ T8938]  dump_stack_lvl+0xe8/0x140
[  163.951335][ T8938]  dump_stack+0x15/0x1b
[  163.951421][ T8938]  should_fail_ex+0x265/0x280
[  163.951514][ T8938]  should_fail+0xb/0x20
[  163.951577][ T8938]  should_fail_usercopy+0x1a/0x20
[  163.951673][ T8938]  strncpy_from_user+0x25/0x230
[  163.951700][ T8938]  ? _raw_spin_lock_irqsave+0x3a/0x90
[  163.951738][ T8938]  strncpy_from_user_nofault+0x68/0xf0
[  163.951760][ T8938]  bpf_probe_read_user_str+0x2a/0x70
[  163.951842][ T8938]  bpf_prog_6fb7ada547f278f2+0x3e/0x44
[  163.951860][ T8938]  bpf_trace_run2+0x104/0x1c0
[  163.951957][ T8938]  ? kobject_uevent_env+0x28d/0x570
[  163.951986][ T8938]  ? kobject_uevent_env+0x28d/0x570
[  163.952029][ T8938]  __traceiter_kfree+0x2b/0x50
[  163.952048][ T8938]  ? kobject_uevent_env+0x28d/0x570
[  163.952079][ T8938]  kfree+0x27b/0x320
[  163.952104][ T8938]  ? kobject_uevent_net_broadcast+0x3eb/0x410
[  163.952155][ T8938]  kobject_uevent_env+0x28d/0x570
[  163.952245][ T8938]  kobject_uevent+0x1d/0x30
[  163.952347][ T8938]  __kobject_del+0x88/0x190
[  163.952374][ T8938]  kobject_put+0x127/0x190
[  163.952401][ T8938]  netdev_queue_update_kobjects+0x45f/0x4d0
[  163.952454][ T8938]  netif_set_real_num_tx_queues+0x1da/0x570
[  163.952493][ T8938]  __tun_detach+0x6c2/0xad0
[  163.952608][ T8938]  __tun_chr_ioctl+0x880/0x14c0
[  163.952641][ T8938]  ? __pfx_tun_chr_ioctl+0x10/0x10
[  163.952693][ T8938]  tun_chr_ioctl+0x27/0x40
[  163.952762][ T8938]  __se_sys_ioctl+0xcb/0x140
[  163.952790][ T8938]  __x64_sys_ioctl+0x43/0x50
[  163.952821][ T8938]  x64_sys_call+0x19a8/0x2fb0
[  163.952914][ T8938]  do_syscall_64+0xd2/0x200
[  163.952936][ T8938]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  163.952982][ T8938]  ? clear_bhb_loop+0x40/0x90
[  163.953004][ T8938]  ? clear_bhb_loop+0x40/0x90
[  163.953022][ T8938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.953052][ T8938] RIP: 0033:0x7f2050e3e929
[  163.953068][ T8938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.953089][ T8938] RSP: 002b:00007f204f4a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  163.953129][ T8938] RAX: ffffffffffffffda RBX: 00007f2051065fa0 RCX: 00007f2050e3e929
[  163.953144][ T8938] RDX: 0000200000000100 RSI: 00000000400454d9 RDI: 0000000000000008
[  163.953159][ T8938] RBP: 00007f204f4a7090 R08: 0000000000000000 R09: 0000000000000000
[  163.953176][ T8938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.953191][ T8938] R13: 0000000000000000 R14: 00007f2051065fa0 R15: 00007ffc6bac46a8
[  163.953214][ T8938]  </TASK>
[  164.238026][ T8936] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1904'.
[  164.247156][ T8936] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1904'.
[  164.259748][ T8914] netlink: 'syz.5.1890': attribute type 10 has an invalid length.
[  164.267702][ T8914] netlink: 'syz.5.1890': attribute type 19 has an invalid length.
[  164.275580][ T8914] netlink: 156 bytes leftover after parsing attributes in process `syz.5.1890'.
[  164.293935][ T8940] sg_write: data in/out 2012/14 bytes for SCSI command 0x0-- guessing data in;
[  164.293935][ T8940]    program syz.6.1908 not setting count and/or reply_len properly
[  164.414921][ T8945] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(7)
[  164.421547][ T8945] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  164.429223][ T8945] vhci_hcd vhci_hcd.0: Device attached
[  164.488790][ T8958] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[  164.516530][ T8950] vhci_hcd: connection closed
[  164.516745][ T5281] vhci_hcd: stop threads
[  164.525760][ T5281] vhci_hcd: release socket
[  164.530276][ T5281] vhci_hcd: disconnect device
[  164.578394][ T8961] lo speed is unknown, defaulting to 1000
[  164.909992][ T8973] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1918'.
[  165.264163][ T8994] loop0: detected capacity change from 0 to 128
[  165.294161][ T8994] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  165.333356][ T8994] ext4 filesystem being mounted at /417/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  165.414803][ T3311] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  165.451070][ T9003] vlan2: entered promiscuous mode
[  165.456210][ T9003] hsr_slave_1: entered promiscuous mode
[  165.462071][ T9003] vlan2: entered allmulticast mode
[  165.467372][ T9003] hsr_slave_1: entered allmulticast mode
[  165.748700][ T3410] hid-generic 0000:0000:0000.0060: unknown main item tag 0x0
[  165.756711][ T3410] hid-generic 0000:0000:0000.0060: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  165.771160][ T9014] loop5: detected capacity change from 0 to 1024
[  165.789232][ T9014] EXT4-fs: dax option not supported
[  165.896011][   T29] kauditd_printk_skb: 166 callbacks suppressed
[  165.896028][   T29] audit: type=1400 audit(1750045753.969:9551): avc:  denied  { shutdown } for  pid=9020 comm="syz.3.1938" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  165.954501][   T29] audit: type=1400 audit(1750045753.999:9552): avc:  denied  { getopt } for  pid=9020 comm="syz.3.1938" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  165.974146][   T29] audit: type=1400 audit(1750045753.999:9553): avc:  denied  { connect } for  pid=9020 comm="syz.3.1938" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  165.993878][   T29] audit: type=1400 audit(1750045753.999:9554): avc:  denied  { name_connect } for  pid=9020 comm="syz.3.1938" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  166.027457][   T29] audit: type=1326 audit(1750045754.089:9555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9025 comm="syz.6.1940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f7200e929 code=0x7ffc0000
[  166.067594][ T9026] loop6: detected capacity change from 0 to 1024
[  166.070967][   T29] audit: type=1326 audit(1750045754.119:9556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9025 comm="syz.6.1940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9f7200e929 code=0x7ffc0000
[  166.087062][ T9026] EXT4-fs: Ignoring removed i_version option
[  166.097388][   T29] audit: type=1326 audit(1750045754.119:9557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9025 comm="syz.6.1940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f7200e929 code=0x7ffc0000
[  166.126903][   T29] audit: type=1326 audit(1750045754.119:9558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9025 comm="syz.6.1940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9f7200e929 code=0x7ffc0000
[  166.150447][   T29] audit: type=1326 audit(1750045754.119:9559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9025 comm="syz.6.1940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f7200e929 code=0x7ffc0000
[  166.173900][   T29] audit: type=1326 audit(1750045754.119:9560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9025 comm="syz.6.1940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f9f7200e929 code=0x7ffc0000
[  166.198335][ T9033] FAULT_INJECTION: forcing a failure.
[  166.198335][ T9033] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  166.211613][ T9033] CPU: 0 UID: 0 PID: 9033 Comm: syz.1.1942 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  166.211646][ T9033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  166.211658][ T9033] Call Trace:
[  166.211665][ T9033]  <TASK>
[  166.211699][ T9033]  __dump_stack+0x1d/0x30
[  166.211775][ T9033]  dump_stack_lvl+0xe8/0x140
[  166.211794][ T9033]  dump_stack+0x15/0x1b
[  166.211810][ T9033]  should_fail_ex+0x265/0x280
[  166.211841][ T9033]  should_fail_alloc_page+0xf2/0x100
[  166.211936][ T9033]  __alloc_frozen_pages_noprof+0xff/0x360
[  166.211974][ T9033]  alloc_pages_mpol+0xb3/0x250
[  166.212041][ T9033]  alloc_pages_noprof+0x90/0x130
[  166.212077][ T9033]  pte_alloc_one+0x2d/0x120
[  166.212098][ T9033]  __pte_alloc+0x32/0x2b0
[  166.212125][ T9033]  ? mas_state_walk+0x574/0x650
[  166.212223][ T9033]  handle_mm_fault+0x1c16/0x2be0
[  166.212247][ T9033]  ? mas_walk+0xf2/0x120
[  166.212377][ T9033]  do_user_addr_fault+0x636/0x1090
[  166.212412][ T9033]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  166.212498][ T9033]  exc_page_fault+0x62/0xa0
[  166.212553][ T9033]  asm_exc_page_fault+0x26/0x30
[  166.212572][ T9033] RIP: 0033:0x7ff325780d46
[  166.212586][ T9033] Code: f0 72 6e 48 63 cd 48 01 c1 49 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 49 89 c1 49 29 f1 <47> 0f b6 0c 08 45 84 c9 74 08 45 88 0c 00 49 8b 47 10 48 83 c0 01
[  166.212604][ T9033] RSP: 002b:00007ff323f054a0 EFLAGS: 00010246
[  166.212619][ T9033] RAX: 0000000000000001 RBX: 00007ff323f05540 RCX: 0000000000000101
[  166.212631][ T9033] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00007ff323f055e0
[  166.212651][ T9033] RBP: 0000000000000102 R08: 00007ff31bae6000 R09: 0000000000000000
[  166.212663][ T9033] R10: 0000000000000000 R11: 00007ff323f05550 R12: 0000000000000001
[  166.212674][ T9033] R13: 00007ff32595c020 R14: 0000000000000000 R15: 00007ff323f055e0
[  166.212694][ T9033]  </TASK>
[  166.212708][ T9033] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  166.270039][ T9026] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  166.280902][ T9033] loop1: detected capacity change from 0 to 512
[  166.305861][ T9026] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  166.317227][ T9033] EXT4-fs: Ignoring removed nomblk_io_submit option
[  166.437914][ T9033] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  166.453396][ T9033] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  166.454598][ T9026] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.1940: Invalid block bitmap block 0 in block_group 0
[  166.468540][ T9033] EXT4-fs (loop1): 1 truncate cleaned up
[  166.487514][ T9033] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.512118][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.523058][ T9026] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.1940: Failed to acquire dquot type 0
[  166.535679][ T9026] EXT4-fs error (device loop6): ext4_free_blocks:6587: comm syz.6.1940: Freeing blocks not in datazone - block = 0, count = 4096
[  166.588318][ T9026] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.1940: Invalid inode bitmap blk 0 in block_group 0
[  166.605341][ T5281] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 0
[  166.638627][ T9026] EXT4-fs error (device loop6) in ext4_free_inode:361: Corrupt filesystem
[  166.673973][ T9026] EXT4-fs (loop6): 1 orphan inode deleted
[  166.680742][ T9026] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.814631][ T7926] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.830766][ T3410] hid-generic 0000:0000:0000.0061: unknown main item tag 0x0
[  166.845434][ T3410] hid-generic 0000:0000:0000.0061: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  166.862286][ T9072] loop0: detected capacity change from 0 to 512
[  166.937429][ T9072] EXT4-fs (loop0): 1 orphan inode deleted
[  166.956347][ T5284] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 1
[  166.957655][ T9072] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.995720][ T9072] ext4 filesystem being mounted at /424/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.036253][ T9072] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  167.101404][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.248146][ T9097] FAULT_INJECTION: forcing a failure.
[  167.248146][ T9097] name failslab, interval 1, probability 0, space 0, times 0
[  167.260971][ T9097] CPU: 1 UID: 0 PID: 9097 Comm: syz.5.1966 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  167.261076][ T9097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  167.261088][ T9097] Call Trace:
[  167.261093][ T9097]  <TASK>
[  167.261101][ T9097]  __dump_stack+0x1d/0x30
[  167.261130][ T9097]  dump_stack_lvl+0xe8/0x140
[  167.261147][ T9097]  dump_stack+0x15/0x1b
[  167.261162][ T9097]  should_fail_ex+0x265/0x280
[  167.261196][ T9097]  should_failslab+0x8c/0xb0
[  167.261226][ T9097]  kmem_cache_alloc_noprof+0x50/0x310
[  167.261258][ T9097]  ? skb_clone+0x151/0x1f0
[  167.261281][ T9097]  skb_clone+0x151/0x1f0
[  167.261297][ T9097]  __netlink_deliver_tap+0x2c9/0x500
[  167.261374][ T9097]  netlink_unicast+0x64c/0x670
[  167.261403][ T9097]  netlink_sendmsg+0x58b/0x6b0
[  167.261508][ T9097]  ? __pfx_netlink_sendmsg+0x10/0x10
[  167.261530][ T9097]  __sock_sendmsg+0x142/0x180
[  167.261559][ T9097]  ____sys_sendmsg+0x31e/0x4e0
[  167.261671][ T9097]  ___sys_sendmsg+0x17b/0x1d0
[  167.261707][ T9097]  __x64_sys_sendmsg+0xd4/0x160
[  167.261728][ T9097]  x64_sys_call+0x2999/0x2fb0
[  167.261746][ T9097]  do_syscall_64+0xd2/0x200
[  167.261901][ T9097]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  167.261926][ T9097]  ? clear_bhb_loop+0x40/0x90
[  167.261985][ T9097]  ? clear_bhb_loop+0x40/0x90
[  167.262060][ T9097]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.262078][ T9097] RIP: 0033:0x7f3d1cb6e929
[  167.262090][ T9097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.262106][ T9097] RSP: 002b:00007f3d1b1d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  167.262123][ T9097] RAX: ffffffffffffffda RBX: 00007f3d1cd95fa0 RCX: 00007f3d1cb6e929
[  167.262137][ T9097] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000009
[  167.262188][ T9097] RBP: 00007f3d1b1d7090 R08: 0000000000000000 R09: 0000000000000000
[  167.262201][ T9097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.262215][ T9097] R13: 0000000000000000 R14: 00007f3d1cd95fa0 R15: 00007ffc48e71618
[  167.262238][ T9097]  </TASK>
[  167.483546][ T9103] loop3: detected capacity change from 0 to 128
[  167.709030][ T9116] loop6: detected capacity change from 0 to 512
[  167.727960][ T9116] EXT4-fs (loop6): 1 orphan inode deleted
[  167.734184][ T9116] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.735686][ T9121] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[  167.747069][ T5284] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 1
[  167.754913][ T9121] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[  167.767330][ T9116] ext4 filesystem being mounted at /69/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.790399][ T9116] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  167.920037][ T7926] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.110077][ T9118] lo speed is unknown, defaulting to 1000
[  168.223812][ T9133] xt_hashlimit: size too large, truncated to 1048576
[  168.230696][ T9133] xt_hashlimit: Unknown mode mask 80FF, kernel too old?
[  168.750329][ T9095] netlink: 'syz.0.1964': attribute type 10 has an invalid length.
[  168.758257][ T9095] netlink: 'syz.0.1964': attribute type 19 has an invalid length.
[  168.766101][ T9095] __nla_validate_parse: 6 callbacks suppressed
[  168.766116][ T9095] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1964'.
[  168.816537][ T9142] sctp: [Deprecated]: syz.5.1977 (pid 9142) Use of struct sctp_assoc_value in delayed_ack socket option.
[  168.816537][ T9142] Use struct sctp_sack_info instead
[  168.848242][ T9148] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1979'.
[  168.857218][ T9148] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1979'.
[  168.871202][ T9148] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1979'.
[  168.894432][ T9148] IPv4: Oversized IP packet from 127.202.26.0
[  168.900748][ T9150] loop0: detected capacity change from 0 to 256
[  168.909700][ T9150] loop0: detected capacity change from 0 to 256
[  168.949351][ T9155] loop3: detected capacity change from 0 to 764
[  168.976690][ T9154] Symlink component flag not implemented
[  168.989808][ T9161] loop6: detected capacity change from 0 to 512
[  168.998284][ T9154] Symlink component flag not implemented (7)
[  169.040479][ T9161] EXT4-fs (loop6): 1 orphan inode deleted
[  169.047117][ T9161] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.067632][   T37] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 1
[  169.079279][ T9161] ext4 filesystem being mounted at /72/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  169.107235][ T9161] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  169.205535][ T7926] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.233582][ T9172] syzkaller0: entered promiscuous mode
[  169.239244][ T9172] syzkaller0: entered allmulticast mode
[  169.277285][ T9181] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1991'.
[  169.514116][ T4830] hid-generic 0000:0000:0000.0062: unknown main item tag 0x0
[  169.528505][ T9195] loop6: detected capacity change from 0 to 1024
[  169.573000][ T4830] hid-generic 0000:0000:0000.0062: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  169.595009][ T9195] EXT4-fs: dax option not supported
[  169.708707][ T9196] infiniband syz!: set down
[  169.710701][ T9200] loop6: detected capacity change from 0 to 256
[  169.713320][ T9196] infiniband syz!: added team_slave_0
[  169.740570][ T9196] RDS/IB: syz!: added
[  169.744718][ T9196] smc: adding ib device syz! with port count 1
[  169.751192][ T9196] smc:    ib device syz! port 1 has pnetid 
[  169.759188][ T9200] loop6: detected capacity change from 0 to 256
[  169.792145][ T9205] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1997'.
[  169.822898][ T9186] netlink: 'syz.5.1992': attribute type 10 has an invalid length.
[  169.830845][ T9186] netlink: 'syz.5.1992': attribute type 19 has an invalid length.
[  169.838792][ T9186] netlink: 156 bytes leftover after parsing attributes in process `syz.5.1992'.
[  169.853693][ T9205] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1997'.
[  169.962858][ T4830] hid-generic 0000:0000:0000.0063: unknown main item tag 0x0
[  169.979093][ T4830] hid-generic 0000:0000:0000.0063: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  170.076290][ T9219] random: crng reseeded on system resumption
[  170.469143][ T9228] loop3: detected capacity change from 0 to 512
[  170.492543][ T9228] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  170.511964][ T9230] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2006'.
[  170.546379][ T9228] EXT4-fs (loop3): 1 truncate cleaned up
[  170.570638][ T9228] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.592808][ T9230] hsr_slave_1 (unregistering): left promiscuous mode
[  170.679221][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.734376][ T9245] loop3: detected capacity change from 0 to 2048
[  170.756593][ T9245] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.773241][ T9245] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 24 with max blocks 1 with error 28
[  170.785942][ T9245] EXT4-fs (loop3): This should not happen!! Data will be lost
[  170.785942][ T9245] 
[  170.795722][ T9245] EXT4-fs (loop3): Total free blocks count 0
[  170.801797][ T9245] EXT4-fs (loop3): Free/Dirty block details
[  170.807854][ T9245] EXT4-fs (loop3): free_blocks=0
[  170.812817][ T9245] EXT4-fs (loop3): dirty_blocks=0
[  170.817876][ T9245] EXT4-fs (loop3): Block reservation details
[  170.823890][ T9245] EXT4-fs (loop3): i_reserved_data_blocks=0
[  170.849213][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.110028][ T9259] lo speed is unknown, defaulting to 1000
[  171.534970][   T29] kauditd_printk_skb: 417 callbacks suppressed
[  171.534986][   T29] audit: type=1400 audit(1750045759.449:9972): avc:  denied  { read } for  pid=9261 comm="syz.6.2016" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  171.565633][   T29] audit: type=1400 audit(1750045759.449:9973): avc:  denied  { open } for  pid=9261 comm="syz.6.2016" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  171.631512][ T9266] FAULT_INJECTION: forcing a failure.
[  171.631512][ T9266] name failslab, interval 1, probability 0, space 0, times 0
[  171.644320][ T9266] CPU: 0 UID: 0 PID: 9266 Comm: syz.1.2018 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  171.644346][ T9266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  171.644359][ T9266] Call Trace:
[  171.644366][ T9266]  <TASK>
[  171.644373][ T9266]  __dump_stack+0x1d/0x30
[  171.644395][ T9266]  dump_stack_lvl+0xe8/0x140
[  171.644452][ T9266]  dump_stack+0x15/0x1b
[  171.644508][ T9266]  should_fail_ex+0x265/0x280
[  171.644535][ T9266]  should_failslab+0x8c/0xb0
[  171.644624][ T9266]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  171.644650][ T9266]  ? proc_alloc_inode+0x34/0x90
[  171.644682][ T9266]  ? __pfx_proc_alloc_inode+0x10/0x10
[  171.644699][ T9266]  proc_alloc_inode+0x34/0x90
[  171.644715][ T9266]  alloc_inode+0x3d/0x170
[  171.644747][ T9266]  new_inode+0x1d/0xe0
[  171.644768][ T9266]  proc_pid_make_inode+0x1f/0xd0
[  171.644808][ T9266]  proc_map_files_instantiate+0x81/0x130
[  171.644828][ T9266]  proc_fill_cache+0x1c4/0x240
[  171.644853][ T9266]  ? __pfx_proc_map_files_instantiate+0x10/0x10
[  171.644893][ T9266]  proc_map_files_readdir+0x500/0x680
[  171.644932][ T9266]  iterate_dir+0x111/0x330
[  171.644961][ T9266]  ? mutex_lock+0xd/0x30
[  171.644992][ T9266]  __se_sys_getdents+0x88/0x1b0
[  171.645079][ T9266]  ? __pfx_filldir+0x10/0x10
[  171.645108][ T9266]  __x64_sys_getdents+0x43/0x50
[  171.645191][ T9266]  x64_sys_call+0x292b/0x2fb0
[  171.645214][ T9266]  do_syscall_64+0xd2/0x200
[  171.645233][ T9266]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  171.645288][ T9266]  ? clear_bhb_loop+0x40/0x90
[  171.645310][ T9266]  ? clear_bhb_loop+0x40/0x90
[  171.645400][ T9266]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.645425][ T9266] RIP: 0033:0x7ff3258be929
[  171.645512][ T9266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.645532][ T9266] RSP: 002b:00007ff323f27038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[  171.645572][ T9266] RAX: ffffffffffffffda RBX: 00007ff325ae5fa0 RCX: 00007ff3258be929
[  171.645586][ T9266] RDX: 000000000000100a RSI: 0000200000000dc0 RDI: 0000000000000005
[  171.645600][ T9266] RBP: 00007ff323f27090 R08: 0000000000000000 R09: 0000000000000000
[  171.645614][ T9266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  171.645627][ T9266] R13: 0000000000000000 R14: 00007ff325ae5fa0 R15: 00007ffd5db64188
[  171.645647][ T9266]  </TASK>
[  171.957421][   T29] audit: type=1400 audit(1750045760.029:9974): avc:  denied  { mount } for  pid=9270 comm="syz.1.2019" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  172.020010][   T29] audit: type=1400 audit(1750045760.089:9975): avc:  denied  { cpu } for  pid=9276 comm="syz.6.2022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  172.044157][ T9277] tun0: tun_chr_ioctl cmd 1074025678
[  172.049692][ T9277] tun0: group set to 1
[  172.060036][   T29] audit: type=1400 audit(1750045760.119:9976): avc:  denied  { unmount } for  pid=3307 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  172.080214][   T29] audit: type=1400 audit(1750045760.119:9977): avc:  denied  { write } for  pid=9276 comm="syz.6.2022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  172.099723][   T29] audit: type=1400 audit(1750045760.129:9978): avc:  denied  { create } for  pid=9276 comm="syz.6.2022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  172.112301][ T9281] loop1: detected capacity change from 0 to 512
[  172.128598][   T29] audit: type=1400 audit(1750045760.179:9979): avc:  denied  { bind } for  pid=9280 comm="syz.1.2024" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  172.149403][   T29] audit: type=1400 audit(1750045760.179:9980): avc:  denied  { setopt } for  pid=9280 comm="syz.1.2024" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  172.173728][ T9281] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.187091][ T9281] ext4 filesystem being mounted at /437/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  172.247374][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.296179][   T29] audit: type=1400 audit(1750045760.369:9981): avc:  denied  { create } for  pid=9295 comm="syz.1.2030" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  172.444067][ T9296] loop1: detected capacity change from 0 to 8192
[  172.570374][ T3410] hid-generic 0000:0000:0000.0064: unknown main item tag 0x0
[  172.583265][ T9305] loop5: detected capacity change from 0 to 1024
[  172.590996][ T9305] EXT4-fs: dax option not supported
[  172.625103][ T3410] hid-generic 0000:0000:0000.0064: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  172.682811][ T9293] netlink: 'syz.3.2029': attribute type 10 has an invalid length.
[  172.690793][ T9293] netlink: 'syz.3.2029': attribute type 19 has an invalid length.
[  172.698691][ T9293] netlink: 156 bytes leftover after parsing attributes in process `syz.3.2029'.
[  172.839015][ T9313] lo speed is unknown, defaulting to 1000
[  173.241578][ T9310] loop5: detected capacity change from 0 to 8192
[  173.379807][ T9323] loop3: detected capacity change from 0 to 1024
[  173.433832][ T9327] support for the xor transformation has been removed.
[  173.453299][ T9329] loop5: detected capacity change from 0 to 256
[  173.469093][ T9323] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.483527][ T9329] loop5: detected capacity change from 0 to 256
[  173.552027][ T9323] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.2038: Allocating blocks 449-513 which overlap fs metadata
[  173.569532][ T9343] FAULT_INJECTION: forcing a failure.
[  173.569532][ T9343] name failslab, interval 1, probability 0, space 0, times 0
[  173.582229][ T9343] CPU: 1 UID: 0 PID: 9343 Comm: syz.6.2046 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  173.582313][ T9343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  173.582328][ T9343] Call Trace:
[  173.582335][ T9343]  <TASK>
[  173.582344][ T9343]  __dump_stack+0x1d/0x30
[  173.582370][ T9343]  dump_stack_lvl+0xe8/0x140
[  173.582392][ T9343]  dump_stack+0x15/0x1b
[  173.582431][ T9343]  should_fail_ex+0x265/0x280
[  173.582470][ T9343]  ? audit_log_d_path+0x8d/0x150
[  173.582573][ T9343]  should_failslab+0x8c/0xb0
[  173.582601][ T9343]  __kmalloc_cache_noprof+0x4c/0x320
[  173.582637][ T9343]  audit_log_d_path+0x8d/0x150
[  173.582698][ T9343]  audit_log_d_path_exe+0x42/0x70
[  173.582748][ T9343]  audit_log_task+0x1e9/0x250
[  173.582786][ T9343]  audit_seccomp+0x61/0x100
[  173.582810][ T9343]  ? __seccomp_filter+0x68c/0x10d0
[  173.582882][ T9343]  __seccomp_filter+0x69d/0x10d0
[  173.582985][ T9343]  ? up_write+0x18/0x60
[  173.583005][ T9343]  ? chown_common+0x39e/0x3f0
[  173.583037][ T9343]  __secure_computing+0x82/0x150
[  173.583066][ T9343]  syscall_trace_enter+0xcf/0x1e0
[  173.583098][ T9343]  do_syscall_64+0xac/0x200
[  173.583202][ T9343]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  173.583229][ T9343]  ? clear_bhb_loop+0x40/0x90
[  173.583250][ T9343]  ? clear_bhb_loop+0x40/0x90
[  173.583277][ T9343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.583329][ T9343] RIP: 0033:0x7f9f7200d33c
[  173.583347][ T9343] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  173.583409][ T9343] RSP: 002b:00007f9f70677030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  173.583433][ T9343] RAX: ffffffffffffffda RBX: 00007f9f72235fa0 RCX: 00007f9f7200d33c
[  173.583449][ T9343] RDX: 000000000000000f RSI: 00007f9f706770a0 RDI: 0000000000000004
[  173.583464][ T9343] RBP: 00007f9f70677090 R08: 0000000000000000 R09: 0000000000000000
[  173.583479][ T9343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  173.583493][ T9343] R13: 0000000000000000 R14: 00007f9f72235fa0 R15: 00007ffcafdb1ba8
[  173.583512][ T9343]  </TASK>
[  173.836967][ T9322] EXT4-fs (loop3): pa ffff888106aa5b60: logic 48, phys. 177, len 21
[  173.845063][ T9322] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 4
[  173.871441][ T4829] hid-generic 0000:0000:0000.0065: unknown main item tag 0x0
[  173.884086][ T9350] loop6: detected capacity change from 0 to 1024
[  173.892130][ T9350] EXT4-fs: dax option not supported
[  173.892153][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.897779][ T4829] hid-generic 0000:0000:0000.0065: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  173.983910][ T9360] 8021q: adding VLAN 0 to HW filter on device bond1
[  174.099667][ T9368] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  174.130103][ T9368] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  174.297732][ T9381] lo speed is unknown, defaulting to 1000
[  175.042652][ T9408] __nla_validate_parse: 2 callbacks suppressed
[  175.042665][ T9408] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2068'.
[  175.228025][ T9423] loop0: detected capacity change from 0 to 1024
[  175.247379][ T9423] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.282161][ T9423] netlink: 332 bytes leftover after parsing attributes in process `syz.0.2075'.
[  175.308575][ T9423] netlink: 'syz.0.2075': attribute type 9 has an invalid length.
[  175.316472][ T9423] netlink: 108 bytes leftover after parsing attributes in process `syz.0.2075'.
[  175.325698][ T9423] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2075'.
[  175.378272][ T3410] hid-generic 0000:0000:0000.0066: unknown main item tag 0x0
[  175.398221][ T3410] hid-generic 0000:0000:0000.0066: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  175.586842][ T9437] netlink: 165 bytes leftover after parsing attributes in process `syz.3.2078'.
[  175.612265][ T9425] lo speed is unknown, defaulting to 1000
[  176.320506][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.605692][ T9469] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2086'.
[  176.930079][ T9468] lo speed is unknown, defaulting to 1000
[  177.082179][ T9482] FAULT_INJECTION: forcing a failure.
[  177.082179][ T9482] name failslab, interval 1, probability 0, space 0, times 0
[  177.094922][ T9482] CPU: 1 UID: 0 PID: 9482 Comm: syz.6.2094 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  177.094960][ T9482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  177.094973][ T9482] Call Trace:
[  177.094981][ T9482]  <TASK>
[  177.094991][ T9482]  __dump_stack+0x1d/0x30
[  177.095017][ T9482]  dump_stack_lvl+0xe8/0x140
[  177.095037][ T9482]  dump_stack+0x15/0x1b
[  177.095052][ T9482]  should_fail_ex+0x265/0x280
[  177.095147][ T9482]  should_failslab+0x8c/0xb0
[  177.095177][ T9482]  __kmalloc_noprof+0xa5/0x3e0
[  177.095209][ T9482]  ? tipc_nl_compat_doit+0xfa/0x360
[  177.095250][ T9482]  tipc_nl_compat_doit+0xfa/0x360
[  177.095373][ T9482]  tipc_nl_compat_recv+0x689/0x800
[  177.095403][ T9482]  ? __pfx___tipc_nl_net_set+0x10/0x10
[  177.095426][ T9482]  ? __pfx_tipc_nl_compat_net_set+0x10/0x10
[  177.095456][ T9482]  genl_family_rcv_msg_doit+0x140/0x1b0
[  177.095497][ T9482]  genl_rcv_msg+0x422/0x460
[  177.095559][ T9482]  ? __pfx_tipc_nl_compat_recv+0x10/0x10
[  177.095615][ T9482]  netlink_rcv_skb+0x123/0x220
[  177.095682][ T9482]  ? __pfx_genl_rcv_msg+0x10/0x10
[  177.095744][ T9482]  genl_rcv+0x28/0x40
[  177.095765][ T9482]  netlink_unicast+0x59e/0x670
[  177.095872][ T9482]  netlink_sendmsg+0x58b/0x6b0
[  177.095914][ T9482]  ? __pfx_netlink_sendmsg+0x10/0x10
[  177.095932][ T9482]  __sock_sendmsg+0x142/0x180
[  177.095956][ T9482]  ____sys_sendmsg+0x31e/0x4e0
[  177.095999][ T9482]  ___sys_sendmsg+0x17b/0x1d0
[  177.096039][ T9482]  __x64_sys_sendmsg+0xd4/0x160
[  177.096065][ T9482]  x64_sys_call+0x2999/0x2fb0
[  177.096162][ T9482]  do_syscall_64+0xd2/0x200
[  177.096184][ T9482]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  177.096251][ T9482]  ? clear_bhb_loop+0x40/0x90
[  177.096309][ T9482]  ? clear_bhb_loop+0x40/0x90
[  177.096336][ T9482]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.096451][ T9482] RIP: 0033:0x7f9f7200e929
[  177.096465][ T9482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  177.096602][ T9482] RSP: 002b:00007f9f70656038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  177.096625][ T9482] RAX: ffffffffffffffda RBX: 00007f9f72236080 RCX: 00007f9f7200e929
[  177.096664][ T9482] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000008
[  177.096680][ T9482] RBP: 00007f9f70656090 R08: 0000000000000000 R09: 0000000000000000
[  177.096761][ T9482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  177.096777][ T9482] R13: 0000000000000000 R14: 00007f9f72236080 R15: 00007ffcafdb1ba8
[  177.096802][ T9482]  </TASK>
[  177.905602][ T9495] loop3: detected capacity change from 0 to 1024
[  177.912793][ T9495] EXT4-fs: Ignoring removed nomblk_io_submit option
[  177.922271][ T9490] netlink: 'syz.5.2091': attribute type 10 has an invalid length.
[  177.930170][ T9490] netlink: 'syz.5.2091': attribute type 19 has an invalid length.
[  177.938036][ T9490] netlink: 156 bytes leftover after parsing attributes in process `syz.5.2091'.
[  177.952382][ T9495] EXT4-fs: Ignoring removed nomblk_io_submit option
[  177.978278][   T29] kauditd_printk_skb: 64 callbacks suppressed
[  177.978295][   T29] audit: type=1400 audit(1750045765.959:10046): avc:  denied  { create } for  pid=9497 comm="syz.0.2100" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  178.003985][   T29] audit: type=1400 audit(1750045766.029:10047): avc:  denied  { ioctl } for  pid=9497 comm="syz.0.2100" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  178.057858][ T9501] lo speed is unknown, defaulting to 1000
[  178.393684][ T9495] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.498592][ T4829] hid-generic 0000:0000:0000.0067: unknown main item tag 0x0
[  178.558857][ T9516] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2102'.
[  178.573372][ T9517] loop5: detected capacity change from 0 to 1024
[  178.612967][ T9517] EXT4-fs: dax option not supported
[  178.626355][   T29] audit: type=1400 audit(1750045766.659:10048): avc:  denied  { create } for  pid=9518 comm="syz.0.2104" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  178.645945][   T29] audit: type=1400 audit(1750045766.659:10049): avc:  denied  { remove_name } for  pid=9494 comm="syz.3.2099" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  178.668699][   T29] audit: type=1400 audit(1750045766.659:10050): avc:  denied  { rename } for  pid=9494 comm="syz.3.2099" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  178.691130][   T29] audit: type=1400 audit(1750045766.659:10051): avc:  denied  { setattr } for  pid=9494 comm="syz.3.2099" name="file1" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[  178.713719][   T29] audit: type=1400 audit(1750045766.659:10052): avc:  denied  { mounton } for  pid=9494 comm="syz.3.2099" path="/475/file1/file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  178.737279][   T29] audit: type=1400 audit(1750045766.659:10053): avc:  denied  { write } for  pid=9518 comm="syz.0.2104" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  178.744728][ T9525] usb usb1: usbfs: process 9525 (syz.0.2104) did not claim interface 63 before use
[  178.756748][   T29] audit: type=1400 audit(1750045766.659:10054): avc:  denied  { append } for  pid=9518 comm="syz.0.2104" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  178.756791][   T29] audit: type=1400 audit(1750045766.669:10055): avc:  denied  { mount } for  pid=9494 comm="syz.3.2099" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  178.813832][ T4829] hid-generic 0000:0000:0000.0067: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  178.817883][ T9523] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2105'.
[  178.882462][ T9532] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2109'.
[  178.894173][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.920206][ T9538] xt_hashlimit: max too large, truncated to 1048576
[  179.007325][ T9550] serio: Serial port ttyS3
[  179.026827][ T4828] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  179.034584][ T4828] hid-generic 0000:0000:0000.0068: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  179.050134][ T9555] loop1: detected capacity change from 0 to 1024
[  179.057408][ T9555] EXT4-fs: dax option not supported
[  179.322845][ T4829] hid-generic 0000:0000:0000.0069: unknown main item tag 0x0
[  179.331029][ T4829] hid-generic 0000:0000:0000.0069: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  179.352358][ T9590] loop6: detected capacity change from 0 to 1024
[  179.370575][ T9590] EXT4-fs: dax option not supported
[  179.501807][ T9605] loop6: detected capacity change from 0 to 512
[  179.518502][ T9605] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  179.543528][ T9605] EXT4-fs (loop6): 1 truncate cleaned up
[  179.549896][ T9605] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.638333][ T7926] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.748154][ T9629] loop6: detected capacity change from 0 to 512
[  179.789098][ T9629] EXT4-fs (loop6): 1 orphan inode deleted
[  179.802177][ T9629] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.817079][ T5281] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[  179.830285][ T9629] ext4 filesystem being mounted at /112/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.874199][ T9629] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  179.931242][ T7926] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.947508][ T9641] loop3: detected capacity change from 0 to 512
[  179.980791][ T9641] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.2155: iget: bad i_size value: 38620345925642
[  179.996208][ T9641] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.2155: couldn't read orphan inode 15 (err -117)
[  180.035851][ T9641] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  180.273840][ T9667] __nla_validate_parse: 3 callbacks suppressed
[  180.273860][ T9667] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2160'.
[  180.324466][ T9673] loop6: detected capacity change from 0 to 256
[  180.343245][ T9673] loop6: detected capacity change from 0 to 256
[  180.556320][ T9681] loop6: detected capacity change from 0 to 128
[  180.566342][ T9681] bio_check_eod: 104 callbacks suppressed
[  180.566359][ T9681] syz.6.2168: attempt to access beyond end of device
[  180.566359][ T9681] loop6: rw=0, sector=2065, nr_sectors = 1 limit=128
[  180.584090][  T310] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm kworker/u8:5: bg 0: block 5: invalid block bitmap
[  180.585421][ T9681] Buffer I/O error on dev loop6, logical block 2065, async page read
[  180.598675][  T310] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  180.606646][ T9681] syz.6.2168: attempt to access beyond end of device
[  180.606646][ T9681] loop6: rw=0, sector=2066, nr_sectors = 1 limit=128
[  180.618505][  T310] EXT4-fs (loop3): This should not happen!! Data will be lost
[  180.618505][  T310] 
[  180.631727][ T9681] Buffer I/O error on dev loop6, logical block 2066, async page read
[  180.634635][ T9681] syz.6.2168: attempt to access beyond end of device
[  180.634635][ T9681] loop6: rw=0, sector=2067, nr_sectors = 1 limit=128
[  180.641575][  T310] EXT4-fs (loop3): Total free blocks count 0
[  180.649669][ T9681] Buffer I/O error on dev loop6, logical block 2067, async page read
[  180.662893][  T310] EXT4-fs (loop3): Free/Dirty block details
[  180.670242][ T9681] syz.6.2168: attempt to access beyond end of device
[  180.670242][ T9681] loop6: rw=0, sector=2068, nr_sectors = 1 limit=128
[  180.677068][  T310] EXT4-fs (loop3): free_blocks=0
[  180.682961][ T9681] Buffer I/O error on dev loop6, logical block 2068, async page read
[  180.683098][ T9681] syz.6.2168: attempt to access beyond end of device
[  180.683098][ T9681] loop6: rw=0, sector=2069, nr_sectors = 1 limit=128
[  180.696197][  T310] EXT4-fs (loop3): dirty_blocks=16000
[  180.696215][  T310] EXT4-fs (loop3): Block reservation details
[  180.696226][  T310] EXT4-fs (loop3): i_reserved_data_blocks=16000
[  180.740441][ T9681] Buffer I/O error on dev loop6, logical block 2069, async page read
[  180.755099][ T9681] syz.6.2168: attempt to access beyond end of device
[  180.755099][ T9681] loop6: rw=0, sector=2070, nr_sectors = 1 limit=128
[  180.768432][ T9681] Buffer I/O error on dev loop6, logical block 2070, async page read
[  180.825451][ T9685] lo speed is unknown, defaulting to 1000
[  181.221670][ T9681] syz.6.2168: attempt to access beyond end of device
[  181.221670][ T9681] loop6: rw=0, sector=2071, nr_sectors = 1 limit=128
[  181.235132][ T9681] Buffer I/O error on dev loop6, logical block 2071, async page read
[  181.261840][  T383] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  181.292399][ T9681] syz.6.2168: attempt to access beyond end of device
[  181.292399][ T9681] loop6: rw=0, sector=2072, nr_sectors = 1 limit=128
[  181.305775][ T9681] Buffer I/O error on dev loop6, logical block 2072, async page read
[  181.330419][ T9682] syz.6.2168: attempt to access beyond end of device
[  181.330419][ T9682] loop6: rw=0, sector=2065, nr_sectors = 1 limit=128
[  181.343756][ T9682] Buffer I/O error on dev loop6, logical block 2065, async page read
[  181.355201][ T9682] syz.6.2168: attempt to access beyond end of device
[  181.355201][ T9682] loop6: rw=0, sector=2066, nr_sectors = 1 limit=128
[  181.368769][ T9682] Buffer I/O error on dev loop6, logical block 2066, async page read
[  181.452025][ T4828] hid-generic 0000:0000:0000.006A: unknown main item tag 0x0
[  181.462116][ T4828] hid-generic 0000:0000:0000.006A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  181.496749][ T9703] loop0: detected capacity change from 0 to 1024
[  181.503588][ T9703] EXT4-fs: dax option not supported
[  181.532812][ T9681] lo speed is unknown, defaulting to 1000
[  181.673580][ T9710] loop1: detected capacity change from 0 to 512
[  181.707148][ T9710] EXT4-fs (loop1): 1 orphan inode deleted
[  181.707458][  T383] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:6: Failed to release dquot type 1
[  181.726449][ T9710] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.739551][ T9710] ext4 filesystem being mounted at /478/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  181.776639][ T9710] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  181.841841][ T9699] netlink: 'syz.5.2175': attribute type 10 has an invalid length.
[  181.849783][ T9699] netlink: 'syz.5.2175': attribute type 19 has an invalid length.
[  181.857743][ T9699] netlink: 156 bytes leftover after parsing attributes in process `syz.5.2175'.
[  181.867747][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.949081][ T9725] netlink: 'syz.5.2184': attribute type 21 has an invalid length.
[  181.957023][ T9725] IPv6: NLM_F_CREATE should be specified when creating new route
[  182.101533][ T4829] hid-generic 0000:0000:0000.006B: unknown main item tag 0x0
[  182.109824][ T4829] hid-generic 0000:0000:0000.006B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  182.173546][ T9746] lo speed is unknown, defaulting to 1000
[  182.359414][ T9743] loop1: detected capacity change from 0 to 1024
[  182.416892][ T9743] EXT4-fs: dax option not supported
[  182.986570][   T29] kauditd_printk_skb: 250 callbacks suppressed
[  182.986590][   T29] audit: type=1326 audit(1750045771.039:10302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9773 comm="syz.3.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  183.016523][   T29] audit: type=1326 audit(1750045771.039:10303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9773 comm="syz.3.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  183.040132][   T29] audit: type=1326 audit(1750045771.039:10304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9773 comm="syz.3.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  183.063746][   T29] audit: type=1326 audit(1750045771.039:10305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9773 comm="syz.3.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  183.087449][   T29] audit: type=1326 audit(1750045771.039:10306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9773 comm="syz.3.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  183.111125][   T29] audit: type=1326 audit(1750045771.039:10307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9773 comm="syz.3.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  183.113062][ T4815] hid-generic 0000:0000:0000.006C: unknown main item tag 0x0
[  183.134737][   T29] audit: type=1326 audit(1750045771.039:10308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9773 comm="syz.3.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  183.165813][   T29] audit: type=1326 audit(1750045771.039:10309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9773 comm="syz.3.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  183.189493][   T29] audit: type=1326 audit(1750045771.039:10310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9773 comm="syz.3.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  183.213073][   T29] audit: type=1326 audit(1750045771.039:10311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9773 comm="syz.3.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  183.226538][ T4815] hid-generic 0000:0000:0000.006C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  183.299770][ T9776] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2198'.
[  183.345797][ T4829] hid-generic 0000:0000:0000.006D: unknown main item tag 0x0
[  183.365140][ T4829] hid-generic 0000:0000:0000.006D: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  183.478760][ T9791] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2205'.
[  183.504315][ T9800] loop1: detected capacity change from 0 to 512
[  183.553847][ T4815] hid-generic 0000:0000:0000.006E: unknown main item tag 0x0
[  183.565778][ T4815] hid-generic 0000:0000:0000.006E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  183.586911][ T9802] loop5: detected capacity change from 0 to 1024
[  183.594381][ T9802] EXT4-fs: dax option not supported
[  183.599881][ T9800] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.2210: iget: bad i_size value: 38620345925642
[  183.644072][ T9800] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.2210: couldn't read orphan inode 15 (err -117)
[  183.706336][ T9800] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.747508][ T9812] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2214'.
[  183.893119][ T9821] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2213'.
[  183.902918][ T9820] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22
[  183.911398][ T9820] netdevsim netdevsim6: Direct firmware load for . failed with error -22
[  184.283450][ T9838] FAULT_INJECTION: forcing a failure.
[  184.283450][ T9838] name failslab, interval 1, probability 0, space 0, times 0
[  184.296177][ T9838] CPU: 1 UID: 0 PID: 9838 Comm: syz.3.2223 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  184.296222][ T9838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  184.296236][ T9838] Call Trace:
[  184.296244][ T9838]  <TASK>
[  184.296252][ T9838]  __dump_stack+0x1d/0x30
[  184.296285][ T9838]  dump_stack_lvl+0xe8/0x140
[  184.296306][ T9838]  dump_stack+0x15/0x1b
[  184.296324][ T9838]  should_fail_ex+0x265/0x280
[  184.296361][ T9838]  ? audit_log_d_path+0x8d/0x150
[  184.296404][ T9838]  should_failslab+0x8c/0xb0
[  184.296428][ T9838]  __kmalloc_cache_noprof+0x4c/0x320
[  184.296459][ T9838]  audit_log_d_path+0x8d/0x150
[  184.296509][ T9838]  audit_log_d_path_exe+0x42/0x70
[  184.296544][ T9838]  audit_log_task+0x1e9/0x250
[  184.296626][ T9838]  ? __perf_event_task_sched_in+0xa5b/0xac0
[  184.296710][ T9838]  audit_seccomp+0x61/0x100
[  184.296809][ T9838]  ? __seccomp_filter+0x68c/0x10d0
[  184.296833][ T9838]  __seccomp_filter+0x69d/0x10d0
[  184.296860][ T9838]  ? mnt_put_write_access+0x48/0x60
[  184.296886][ T9838]  ? touch_atime+0x2a8/0x340
[  184.296916][ T9838]  __secure_computing+0x82/0x150
[  184.296986][ T9838]  syscall_trace_enter+0xcf/0x1e0
[  184.297012][ T9838]  do_syscall_64+0xac/0x200
[  184.297082][ T9838]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  184.297109][ T9838]  ? clear_bhb_loop+0x40/0x90
[  184.297131][ T9838]  ? clear_bhb_loop+0x40/0x90
[  184.297280][ T9838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.297302][ T9838] RIP: 0033:0x7f2050e3d33c
[  184.297331][ T9838] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  184.297380][ T9838] RSP: 002b:00007f204f4a7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  184.297406][ T9838] RAX: ffffffffffffffda RBX: 00007f2051065fa0 RCX: 00007f2050e3d33c
[  184.297419][ T9838] RDX: 000000000000000f RSI: 00007f204f4a70a0 RDI: 0000000000000004
[  184.297572][ T9838] RBP: 00007f204f4a7090 R08: 0000000000000000 R09: 0000000000000000
[  184.297585][ T9838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  184.297598][ T9838] R13: 0000000000000000 R14: 00007f2051065fa0 R15: 00007ffc6bac46a8
[  184.297619][ T9838]  </TASK>
[  184.525928][ T5284] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm kworker/u8:8: bg 0: block 5: invalid block bitmap
[  184.548687][ T5284] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  184.561337][ T5284] EXT4-fs (loop1): This should not happen!! Data will be lost
[  184.561337][ T5284] 
[  184.571149][ T5284] EXT4-fs (loop1): Total free blocks count 0
[  184.577312][ T5284] EXT4-fs (loop1): Free/Dirty block details
[  184.583337][ T5284] EXT4-fs (loop1): free_blocks=0
[  184.588672][ T5284] EXT4-fs (loop1): dirty_blocks=16000
[  184.594088][ T5284] EXT4-fs (loop1): Block reservation details
[  184.600271][ T5284] EXT4-fs (loop1): i_reserved_data_blocks=16000
[  184.608429][ T9843] loop0: detected capacity change from 0 to 256
[  184.647319][ T5284] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  184.662448][ T4828] hid-generic 0000:0000:0000.006F: unknown main item tag 0x0
[  184.670362][ T9844] loop3: detected capacity change from 0 to 1024
[  184.677218][ T4828] hid-generic 0000:0000:0000.006F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  184.689967][ T9844] EXT4-fs: dax option not supported
[  184.727057][ T9836] lo speed is unknown, defaulting to 1000
[  184.882541][ T9855] loop0: detected capacity change from 0 to 128
[  185.000946][ T9855] lo speed is unknown, defaulting to 1000
[  185.077242][ T9869] netlink: 11 bytes leftover after parsing attributes in process `syz.3.2236'.
[  185.116995][ T9875] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2227'.
[  185.148495][ T9878] loop6: detected capacity change from 0 to 512
[  185.162035][ T9878] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #15: comm syz.6.2237: iget: bad i_size value: 38620345925642
[  185.181067][ T9878] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.2237: couldn't read orphan inode 15 (err -117)
[  185.205174][ T9878] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.265878][ T9885] loop1: detected capacity change from 0 to 512
[  185.266567][ T9885] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  185.267701][ T9885] EXT4-fs (loop1): 1 truncate cleaned up
[  185.268083][ T9885] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  185.340732][ T4815] hid-generic 0000:0000:0000.0070: unknown main item tag 0x0
[  185.350480][ T9892] loop0: detected capacity change from 0 to 1024
[  185.350963][ T9892] EXT4-fs: dax option not supported
[  185.405043][ T4815] hid-generic 0000:0000:0000.0070: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  185.471284][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.611550][ T9901] lo speed is unknown, defaulting to 1000
[  186.318210][   T37] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm kworker/u8:2: bg 0: block 5: invalid block bitmap
[  186.365797][   T37] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  186.378351][   T37] EXT4-fs (loop6): This should not happen!! Data will be lost
[  186.378351][   T37] 
[  186.388130][   T37] EXT4-fs (loop6): Total free blocks count 0
[  186.394136][   T37] EXT4-fs (loop6): Free/Dirty block details
[  186.400084][   T37] EXT4-fs (loop6): free_blocks=0
[  186.405080][   T37] EXT4-fs (loop6): dirty_blocks=4944
[  186.410447][   T37] EXT4-fs (loop6): Block reservation details
[  186.416497][   T37] EXT4-fs (loop6): i_reserved_data_blocks=4944
[  186.423698][ T9927] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.444422][ T9928] FAULT_INJECTION: forcing a failure.
[  186.444422][ T9928] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  186.457945][ T9928] CPU: 0 UID: 0 PID: 9928 Comm: syz.1.2256 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  186.457979][ T9928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  186.457996][ T9928] Call Trace:
[  186.458004][ T9928]  <TASK>
[  186.458013][ T9928]  __dump_stack+0x1d/0x30
[  186.458110][ T9928]  dump_stack_lvl+0xe8/0x140
[  186.458136][ T9928]  dump_stack+0x15/0x1b
[  186.458158][ T9928]  should_fail_ex+0x265/0x280
[  186.458198][ T9928]  should_fail_alloc_page+0xf2/0x100
[  186.458231][ T9928]  __alloc_frozen_pages_noprof+0xff/0x360
[  186.458399][ T9928]  alloc_pages_mpol+0xb3/0x250
[  186.458446][ T9928]  vma_alloc_folio_noprof+0x1aa/0x300
[  186.458490][ T9928]  handle_mm_fault+0xec2/0x2be0
[  186.458579][ T9928]  ? __rcu_read_unlock+0x4f/0x70
[  186.458622][ T9928]  do_user_addr_fault+0x3fe/0x1090
[  186.458756][ T9928]  ? xfd_validate_state+0x45/0xf0
[  186.458930][ T9928]  exc_page_fault+0x62/0xa0
[  186.458976][ T9928]  asm_exc_page_fault+0x26/0x30
[  186.459001][ T9928] RIP: 0010:rep_movs_alternative+0x33/0x90
[  186.459033][ T9928] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb
[  186.459056][ T9928] RSP: 0018:ffffc9000bfdbc30 EFLAGS: 00050246
[  186.459096][ T9928] RAX: 0000000200989680 RBX: 0000000000000008 RCX: 0000000000000008
[  186.459113][ T9928] RDX: 0000000000000000 RSI: ffff88811f160800 RDI: 0000200000003140
[  186.459129][ T9928] RBP: ffff888118417920 R08: 0000000000000098 R09: 0000000000000000
[  186.459146][ T9928] R10: 000188811f160800 R11: 000188811f160807 R12: 0000200000003148
[  186.459163][ T9928] R13: 00007ffffffff000 R14: 0000200000003140 R15: ffff88811f160800
[  186.459255][ T9928]  _copy_to_user+0x7c/0xa0
[  186.459280][ T9928]  snd_timer_user_read+0x48f/0x640
[  186.459323][ T9928]  ? __pfx_default_wake_function+0x10/0x10
[  186.459357][ T9928]  ? __pfx_snd_timer_user_read+0x10/0x10
[  186.459472][ T9928]  vfs_readv+0x3fb/0x690
[  186.459577][ T9928]  ? __pfx_snd_timer_user_read+0x10/0x10
[  186.459622][ T9928]  do_readv+0xe7/0x210
[  186.459658][ T9928]  __x64_sys_readv+0x45/0x50
[  186.459681][ T9928]  x64_sys_call+0x29af/0x2fb0
[  186.459766][ T9928]  do_syscall_64+0xd2/0x200
[  186.459789][ T9928]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  186.459822][ T9928]  ? clear_bhb_loop+0x40/0x90
[  186.459848][ T9928]  ? clear_bhb_loop+0x40/0x90
[  186.459885][ T9928]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.459910][ T9928] RIP: 0033:0x7ff3258be929
[  186.459925][ T9928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.459942][ T9928] RSP: 002b:00007ff323f27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  186.459998][ T9928] RAX: ffffffffffffffda RBX: 00007ff325ae5fa0 RCX: 00007ff3258be929
[  186.460014][ T9928] RDX: 000000000000000e RSI: 0000200000000200 RDI: 0000000000000003
[  186.460036][ T9928] RBP: 00007ff323f27090 R08: 0000000000000000 R09: 0000000000000000
[  186.460047][ T9928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  186.460058][ T9928] R13: 0000000000000000 R14: 00007ff325ae5fa0 R15: 00007ffd5db64188
[  186.460077][ T9928]  </TASK>
[  186.778615][ T4828] page_pool_release_retry() stalled pool shutdown: id 38, 1 inflight 61 sec
[  186.784521][   T37] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  186.801016][ T9927] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.858255][ T9927] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.987046][ T9927] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.175452][ T9934] lo speed is unknown, defaulting to 1000
[  188.247144][ T9927] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  188.270030][ T9927] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  188.281758][ T9927] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  188.293707][ T9927] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  188.553884][ T9975] loop1: detected capacity change from 0 to 256
[  188.681983][ T9979] loop5: detected capacity change from 0 to 128
[  188.717596][ T9979] bio_check_eod: 86 callbacks suppressed
[  188.717616][ T9979] syz.5.2276: attempt to access beyond end of device
[  188.717616][ T9979] loop5: rw=0, sector=2065, nr_sectors = 1 limit=128
[  188.736570][ T9979] buffer_io_error: 86 callbacks suppressed
[  188.736611][ T9979] Buffer I/O error on dev loop5, logical block 2065, async page read
[  188.758977][ T9979] syz.5.2276: attempt to access beyond end of device
[  188.758977][ T9979] loop5: rw=0, sector=2066, nr_sectors = 1 limit=128
[  188.772391][ T9979] Buffer I/O error on dev loop5, logical block 2066, async page read
[  188.774512][ T9984] loop1: detected capacity change from 0 to 512
[  188.783026][ T9979] syz.5.2276: attempt to access beyond end of device
[  188.783026][ T9979] loop5: rw=0, sector=2067, nr_sectors = 1 limit=128
[  188.800144][ T9979] Buffer I/O error on dev loop5, logical block 2067, async page read
[  188.810862][ T9979] syz.5.2276: attempt to access beyond end of device
[  188.810862][ T9979] loop5: rw=0, sector=2068, nr_sectors = 1 limit=128
[  188.824191][ T9979] Buffer I/O error on dev loop5, logical block 2068, async page read
[  188.835416][ T9979] syz.5.2276: attempt to access beyond end of device
[  188.835416][ T9979] loop5: rw=0, sector=2069, nr_sectors = 1 limit=128
[  188.848748][ T9979] Buffer I/O error on dev loop5, logical block 2069, async page read
[  188.857621][ T9979] syz.5.2276: attempt to access beyond end of device
[  188.857621][ T9979] loop5: rw=0, sector=2070, nr_sectors = 1 limit=128
[  188.870982][ T9979] Buffer I/O error on dev loop5, logical block 2070, async page read
[  188.899339][ T9979] syz.5.2276: attempt to access beyond end of device
[  188.899339][ T9979] loop5: rw=0, sector=2071, nr_sectors = 1 limit=128
[  188.912753][ T9979] Buffer I/O error on dev loop5, logical block 2071, async page read
[  188.921995][ T9979] syz.5.2276: attempt to access beyond end of device
[  188.921995][ T9979] loop5: rw=0, sector=2072, nr_sectors = 1 limit=128
[  188.935426][ T9979] Buffer I/O error on dev loop5, logical block 2072, async page read
[  188.944677][ T9985] syz.5.2276: attempt to access beyond end of device
[  188.944677][ T9985] loop5: rw=0, sector=2065, nr_sectors = 1 limit=128
[  188.958034][ T9985] Buffer I/O error on dev loop5, logical block 2065, async page read
[  188.967550][ T9985] syz.5.2276: attempt to access beyond end of device
[  188.967550][ T9985] loop5: rw=0, sector=2066, nr_sectors = 1 limit=128
[  188.980996][ T9985] Buffer I/O error on dev loop5, logical block 2066, async page read
[  188.997739][ T9984] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.011915][   T29] kauditd_printk_skb: 308 callbacks suppressed
[  189.011934][   T29] audit: type=1400 audit(1750045777.059:10620): avc:  denied  { audit_write } for  pid=9989 comm="syz.3.2280" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  189.035243][ T9984] ext4 filesystem being mounted at /499/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  189.039675][   T29] audit: type=1107 audit(1750045777.059:10621): pid=9989 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  189.059839][T10000] loop6: detected capacity change from 0 to 128
[  189.097524][   T29] audit: type=1326 audit(1750045777.169:10622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.3.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  189.140675][   T29] audit: type=1326 audit(1750045777.199:10623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.3.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  189.164352][   T29] audit: type=1326 audit(1750045777.199:10624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.3.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  189.188080][   T29] audit: type=1326 audit(1750045777.199:10625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.3.2284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2050e3e929 code=0x7ffc0000
[  189.211852][   T29] audit: type=1400 audit(1750045777.209:10626): avc:  denied  { ioctl } for  pid=9983 comm="syz.1.2278" path="/499/bus/file2" dev="loop1" ino=16 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  189.248938][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.260648][   T29] audit: type=1400 audit(1750045777.329:10627): avc:  denied  { read } for  pid=10007 comm="syz.5.2288" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  189.342563][T10012] loop6: detected capacity change from 0 to 128
[  189.412879][T10020] loop1: detected capacity change from 0 to 256
[  189.462567][   T29] audit: type=1400 audit(1750045777.529:10628): avc:  denied  { sqpoll } for  pid=10019 comm="syz.1.2293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  189.493100][T10023] ==================================================================
[  189.501222][T10023] BUG: KCSAN: data-race in getrusage / vms_clear_ptes
[  189.508018][T10023] 
[  189.510367][T10023] write to 0xffff8881043dd1b0 of 8 bytes by task 10020 on cpu 0:
[  189.518098][T10023]  vms_clear_ptes+0x18f/0x2d0
[  189.522796][T10023]  mmap_region+0x6e8/0x1580
[  189.527317][T10023]  do_mmap+0x9b3/0xbe0
[  189.531409][T10023]  vm_mmap_pgoff+0x17a/0x2e0
[  189.536020][T10023]  ksys_mmap_pgoff+0x268/0x310
[  189.540830][T10023]  x64_sys_call+0x1602/0x2fb0
[  189.545521][T10023]  do_syscall_64+0xd2/0x200
[  189.550040][T10023]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.555949][T10023] 
[  189.558286][T10023] read to 0xffff8881043dd1b0 of 8 bytes by task 10023 on cpu 1:
[  189.565926][T10023]  getrusage+0xa52/0xbb0
[  189.570186][T10023]  io_sq_thread+0x5dd/0x1180
[  189.574881][T10023]  ret_from_fork+0xda/0x150
[  189.579395][T10023]  ret_from_fork_asm+0x1a/0x30
[  189.584177][T10023] 
[  189.586508][T10023] value changed: 0x00000000000015f3 -> 0x0000000000001af3
[  189.593618][T10023] 
[  189.595950][T10023] Reported by Kernel Concurrency Sanitizer on:
[  189.602113][T10023] CPU: 1 UID: 0 PID: 10023 Comm: iou-sqp-10020 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  189.614892][T10023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  189.624963][T10023] ==================================================================
[  189.636115][T10020] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  189.644891][T10020] FAT-fs (loop1): Filesystem has been set read-only
[  189.665526][T10020] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  189.730126][T10020] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  189.755140][T10020] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  189.763946][T10020] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  189.772745][T10020] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  189.781766][T10020] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  189.790597][T10020] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  189.799627][T10020] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  189.808427][T10020] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196)