last executing test programs:

2m51.311721378s ago: executing program 3 (id=344):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000002040)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000037c0)={0x0, 0x0, 0x0}, 0x0)

2m51.214520936s ago: executing program 3 (id=345):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004", @ANYRES32, @ANYBLOB="00000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r1)
sendmsg$NL80211_CMD_GET_WIPHY(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0103000000000000000001"], 0x30}}, 0x40)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r4}, 0x18)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x6000)

2m50.943960399s ago: executing program 3 (id=347):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)={0x2, 0x3, 0x0, 0x3, 0x11, 0x0, 0x70bd2c, 0x25dfdbfc, [@sadb_key={0x3, 0x9, 0x80, 0x0, "1cdc0dca1d9f68846960e56de42944af"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xc}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x7}}]}, 0x88}, 0x1, 0x7}, 0x0)

2m50.928654029s ago: executing program 3 (id=348):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$selinux_user(0xffffffffffffffff, &(0x7f0000000400)=ANY=[@ANYBLOB="e3616f1636ef084bbefe7a522f4b32f9aa97bf6aa938d0439730ccd396f3d25c7015", @ANYBLOB="a62f78521118198cfdf58f9724c7c3f4622bfcc71e2cd1d79d859f2a13990d124c716632b6996783195883b42fa7af997da54ef1f01c11a22e8067d7651d125e3d4959b07bbaf1632e68191a1d4a70e5e75d99", @ANYBLOB="d2", @ANYRESOCT=r0], 0x2e)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0x20)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x78, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x10040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0x7, 0xfffffffffffffffc}, 0x103200, 0x1, 0x840000, 0x5, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000040)={[{@noquota}]}, 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x3}, &(0x7f0000001fee)='R\x10rust\xe3c*s\xa8rVid:\xc4e', 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x1c5902, 0x2d)
write(r4, &(0x7f0000004200)='t', 0x1)
sendfile(r4, r3, 0x0, 0x7ffff000)
msgsnd(0xffffffffffffffff, &(0x7f0000000340)={0x2, "64c3a68ee30974cb4e65a0cdeb36709870864322bdd78fa9528f393b1821e5bed6b08e8d0069d4e64eefd82bfaa46bdd62a097e8137f996f799c93163a0b3e16b506ad579ac6e9c21c2741a4d9a6e65c829b4533d85f257ce27a0522c21fdf9f13bbc53189f5c1e99aaacad6c69386e9f47cb7d57143b54416654d8ca10a7102"}, 0x88, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x8, 0x80, 0x1, 0x14, 0x0, 0x7, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x9, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x804000, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3, 0x12, r5, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000300)=ANY=[@ANYRESOCT=r2, @ANYRES32=r2], 0x0, 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r6, 0x0, 0x20000000}, 0x18)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='devpts\x00', 0x1010401, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)

2m49.888174635s ago: executing program 3 (id=352):
socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000440)=ANY=[], 0x1, 0x1268, &(0x7f0000002500)="$eJzs3U9rI2UcB/Bf2vTv2qbquroL4oNeFCFue/DkpcguiAWl2gUVhFmbamialCYUIuLWkyfBlyHq0ZsgvoFevHgWBJFePO5BHGmT1aZJu7ptU5HP5zIPzzzfeWYyzMCE+TF7L32+sb7WLK9lrRgpFKK4ORbFuylSjMRodOzEc7d+/OnJN956+9XFpaUbyyndXHxz/sWU0uxT373z0ddPf9+6dOub2W8nYnfu3b3fFn7evbJ7de+Pr6LaTNVmqjdaKUu3G41WdrtWSavV5no5pddrlaxZSdV6s7LVs36t1tjcbKesvjozvblVaTZTVm+n9Uo7tQqptdVO2ftZtZ7K5XKamQ5OY+XLu3meR+T5WIxHnuf5VEzHpXgoZmI2SjEXD8cj8WhcjsfiSjweT8TVg1EXvd8AAAAAAAAAAAAAAAAAAADw/3Kf+v+C+n8AAAAAAAAAAAAAAAAAAAA4f0fr/4sRvv8PAAAAAAAAAAAAAAAAAAAAQ3af7/8fqf9/Xv0/AAAAAAAAAAAAAAAAAAAAnIfJzmI5pcmIjU+3V7ZXOstO/+JaVKMWlbgepfg9Dqr/Ozrtm68s3bieDszFCxt3uvk72yujvfn5sVLMFQbm5zv51JufiOnD+YUoxeXB8y8MzE/Gs8/s5z/p5MtRih/ei0bUYjWi0D36g/zH8ym9/NrSVG/+2v64Y42e82kBAACAs1ROf+l/ft/pDhq4vrOq+3yeuiMLJ/w/cOT5vBjXihd11NzTbH+4ntVqla0HbIwfv53x0225r1GIiCwO98xO/7K8P/mZTfGgjdGhTjp28phTnNMo/gd+zDNo/PrFoZ7JGO7sI91LIqvt3z//WSp28vxcd2zgxThxUur4e0ZhCPclhuPvk37RewIAAAAAAAAAAMC/MfDtv6mI6Hsf8IO+nnuvh/fG+7d8/OyfDeEIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mQHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD///ME0UM=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r3, &(0x7f0000000180)='./bus\x00', 0x0)
creat(&(0x7f0000000780)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x7e1ce440945e0ba7)
renameat2(r3, &(0x7f0000000140)='./file0\x00', r3, &(0x7f0000000200)='./bus\x00', 0x0)

2m49.635851536s ago: executing program 3 (id=353):
socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000440)=ANY=[], 0x1, 0x1268, &(0x7f0000002500)="$eJzs3U9rI2UcB/Bf2vTv2qbquroL4oNeFCFue/DkpcguiAWl2gUVhFmbamialCYUIuLWkyfBlyHq0ZsgvoFevHgWBJFePO5BHGmT1aZJu7ptU5HP5zIPzzzfeWYyzMCE+TF7L32+sb7WLK9lrRgpFKK4ORbFuylSjMRodOzEc7d+/OnJN956+9XFpaUbyyndXHxz/sWU0uxT373z0ddPf9+6dOub2W8nYnfu3b3fFn7evbJ7de+Pr6LaTNVmqjdaKUu3G41WdrtWSavV5no5pddrlaxZSdV6s7LVs36t1tjcbKesvjozvblVaTZTVm+n9Uo7tQqptdVO2ftZtZ7K5XKamQ5OY+XLu3meR+T5WIxHnuf5VEzHpXgoZmI2SjEXD8cj8WhcjsfiSjweT8TVg1EXvd8AAAAAAAAAAAAAAAAAAADw/3Kf+v+C+n8AAAAAAAAAAAAAAAAAAAA4f0fr/4sRvv8PAAAAAAAAAAAAAAAAAAAAQ3af7/8fqf9/Xv0/AAAAAAAAAAAAAAAAAAAAnIfJzmI5pcmIjU+3V7ZXOstO/+JaVKMWlbgepfg9Dqr/Ozrtm68s3bieDszFCxt3uvk72yujvfn5sVLMFQbm5zv51JufiOnD+YUoxeXB8y8MzE/Gs8/s5z/p5MtRih/ei0bUYjWi0D36g/zH8ym9/NrSVG/+2v64Y42e82kBAACAs1ROf+l/ft/pDhq4vrOq+3yeuiMLJ/w/cOT5vBjXihd11NzTbH+4ntVqla0HbIwfv53x0225r1GIiCwO98xO/7K8P/mZTfGgjdGhTjp28phTnNMo/gd+zDNo/PrFoZ7JGO7sI91LIqvt3z//WSp28vxcd2zgxThxUur4e0ZhCPclhuPvk37RewIAAAAAAAAAAMC/MfDtv6mI6Hsf8IO+nnuvh/fG+7d8/OyfDeEIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mQHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD///ME0UM=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r4, &(0x7f0000000180)='./bus\x00', 0x0)
creat(&(0x7f0000000780)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x7e1ce440945e0ba7)
renameat2(r4, &(0x7f0000000140)='./file0\x00', r4, &(0x7f0000000200)='./bus\x00', 0x0)

2m49.635106616s ago: executing program 32 (id=353):
socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000440)=ANY=[], 0x1, 0x1268, &(0x7f0000002500)="$eJzs3U9rI2UcB/Bf2vTv2qbquroL4oNeFCFue/DkpcguiAWl2gUVhFmbamialCYUIuLWkyfBlyHq0ZsgvoFevHgWBJFePO5BHGmT1aZJu7ptU5HP5zIPzzzfeWYyzMCE+TF7L32+sb7WLK9lrRgpFKK4ORbFuylSjMRodOzEc7d+/OnJN956+9XFpaUbyyndXHxz/sWU0uxT373z0ddPf9+6dOub2W8nYnfu3b3fFn7evbJ7de+Pr6LaTNVmqjdaKUu3G41WdrtWSavV5no5pddrlaxZSdV6s7LVs36t1tjcbKesvjozvblVaTZTVm+n9Uo7tQqptdVO2ftZtZ7K5XKamQ5OY+XLu3meR+T5WIxHnuf5VEzHpXgoZmI2SjEXD8cj8WhcjsfiSjweT8TVg1EXvd8AAAAAAAAAAAAAAAAAAADw/3Kf+v+C+n8AAAAAAAAAAAAAAAAAAAA4f0fr/4sRvv8PAAAAAAAAAAAAAAAAAAAAQ3af7/8fqf9/Xv0/AAAAAAAAAAAAAAAAAAAAnIfJzmI5pcmIjU+3V7ZXOstO/+JaVKMWlbgepfg9Dqr/Ozrtm68s3bieDszFCxt3uvk72yujvfn5sVLMFQbm5zv51JufiOnD+YUoxeXB8y8MzE/Gs8/s5z/p5MtRih/ei0bUYjWi0D36g/zH8ym9/NrSVG/+2v64Y42e82kBAACAs1ROf+l/ft/pDhq4vrOq+3yeuiMLJ/w/cOT5vBjXihd11NzTbH+4ntVqla0HbIwfv53x0225r1GIiCwO98xO/7K8P/mZTfGgjdGhTjp28phTnNMo/gd+zDNo/PrFoZ7JGO7sI91LIqvt3z//WSp28vxcd2zgxThxUur4e0ZhCPclhuPvk37RewIAAAAAAAAAAMC/MfDtv6mI6Hsf8IO+nnuvh/fG+7d8/OyfDeEIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mQHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD///ME0UM=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r4, &(0x7f0000000180)='./bus\x00', 0x0)
creat(&(0x7f0000000780)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x7e1ce440945e0ba7)
renameat2(r4, &(0x7f0000000140)='./file0\x00', r4, &(0x7f0000000200)='./bus\x00', 0x0)

1m44.770759714s ago: executing program 5 (id=1117):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000791048000000000071000c000000000095000300"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/devices.allow\x00', 0x2, 0x48)
write$cgroup_devices(r0, &(0x7f00000014c0)=ANY=[], 0xe)
mkdirat(r0, &(0x7f0000002040)='./file0\x00', 0xe7)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
ioctl$EXT4_IOC_GETFSUUID(r1, 0x8008662c, &(0x7f0000010280))
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000160a03020000000000000000020000000900020073797a30dc6400000900010073797a3000000000140003800800024000000000080001400000000014000000110001"], 0x68}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000102c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a30000000160a7b781b6f000000000000020000000900010001000000000000000900010073797a300000000004000380140000001100010000000000000000000000000a5a8bb9b2e59b27aab3754487961a9412e777906b1ac1cec88e575d9f4863158b62a6d0f9cca7e01c950e4aba6683c9311bdbea24ba9548365f552beb3086106da189efcd3b82692fd6bfd8d496d6a81a07bdf207c159484b81c743ae3ec5b838a32de5e86175170a044ebf1b47e526b8885f6974830eed22bad82193fbe9114ebbf405fa4e39ff2acc10d85b3aed0e59"], 0x58}}, 0x24040880)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff})
r3 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0xc, 0x288}, &(0x7f0000000100)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r2, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='0'], 0x30}})
io_uring_enter(r3, 0x3516, 0x0, 0x4, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x400, &(0x7f0000000100)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c757466383d302c636865636b3d7374726963742c646973636172642c757466383d312c757466383d312c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c757466383d312c00ef5c3556"], 0xfd, 0x2a8, &(0x7f0000000280)="$eJzs3E9rE08YwPGnaZOmKW1y+PEDBfFBL3pZ2vgKgrQgBpTaiHoQpnajIWtSsjESEdubV19H8ehNsL6BXrx5Fy9FELz0IF3pbrfZ1qW2te3W5vuBstOdeTKzfxKeXZhZu/fmab3qWlXTllRWJSXZJVkXKUhKQgNb25RfzkjUklwd/fH5wp37D26WyuWpGdXp0uy1oqqOX/zw/OXbSx/bo3ffjb8fltXCw7XvxS+r/6+eW9uYDT+92Vajc81m28w5ts7X3LqletuxjWtrreHarR31Vae5sNBV05gfyy20bNdV0+hq3e5qu6ntVlfNY1NrqGVZOpaTOJnYvWfD4IEjKsszM6Z0LINBEkbidrZaJTMYW1lZPolBAQCA0+X3/F9OJP9/UnO15mrjT/l/So42/0eUn/9vxCaNOBvSmw8AJZPb+v7uRP4PAAAAAAAAAAAAAAAAAAAAAMC/YN3z8p7n5cNt+DcsIlkRCf9Pepw4Hoe4/gMJDhdHLDJxLyvivO5UOpVgG9SXqlITR2yZSPtzibxtQXn6RnlqQn0FWXEWt+L9SYLDYXyoEB8/GcRrJH6xU0lLLtp/UfLyX3x8cVd8WkQ6lYxcuRyJtyQvnx5JUxyZ9+/rXvyrSdXrt8q7+h/x2wEAAAAAcBZYuq2w8/k3WE3SsjRcNmRXfbCz935A8vJzz/cDKisZ6cUPyfmh5I4bAAAAAIB+4nZf1I3j2K1+LozIwaP68dRZ2eCm2bOx53mLm43+vtOUiCR0pN9E5BSc8KMufH0WXMD9NE7yVwkAAADAcegl/UmPBAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/rXfxcPC9odZeyzS3WAyRwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcDr8CAAD//4DOGY4=")
shutdown(r2, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000103c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x417}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r7, &(0x7f0000000000), 0x10)
sendmsg$can_bcm(r7, &(0x7f0000001540)={&(0x7f0000000340), 0x10, &(0x7f00000000c0)={&(0x7f00000014c0)=ANY=[@ANYBLOB="01000000d7fe68ca0000000000000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="00000000040000000000000000000000b8ee0816756b62187804752330b2b539bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909000000000000000000"], 0x20000600}}, 0x0)

1m44.45234413s ago: executing program 5 (id=1121):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB], &(0x7f0000001480)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000380)='kfree\x00', r0}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000003000), r2)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000003040)={'batadv0\x00', <r4=>0x0})
sendmsg$BATADV_CMD_TP_METER(r2, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002bbd7000fbdbdf25020000000a000900aaaaaaaaaa44000008000300", @ANYRES32=r4, @ANYBLOB='\b\x00\v'], 0x30}, 0x1, 0x0, 0x0, 0x20000050}, 0x20040084)

1m44.451222141s ago: executing program 5 (id=1122):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1}, &(0x7f00000004c0), &(0x7f0000001c40)=r2}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x5c399000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r6)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r7, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r8}, 0x10)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3e9rHGkdAPDvTLK5tM2ZPRWpB94d3kl7aHeTi3eNIm0F0VcFtb6vMdmEkE02ZDe1CUVT/AMEERX8A3wj+AcI0j9BhIK+FxVFtNWX2pHdnWh+7CZLssnWzecDT/Z55pmZ7/MM2dn58TATwIX1VkTciYiRiHg3Iibz6WmeYqedmvM9f/ZovpmSyLJ7f0siyafFnmVGI+JKvth4RHz9KxHfSg7HrW9tr8xVq5WNvFxurK6X61vbN5ZX55YqS5W1mZnpD2Zvzr4/O5XlTtXPYkTc+tKffvT9n3351q8+8+3f3//L9e80m/WFj0XkzZs/VYAu2usutLbFruY22jiLYAPS7E9hZNCtAACgF81j9g9HxCdbx/+TMdI6mgMAAACGSXZ7Iv6VRGQAAADA0EojYiKStJSPBZiINC2V2mN4PxqX02qt3vj0Ym1zbaFZF1GMQrq4XK1M5WOFi1FImuXpfIztbvm9A+WZiHgtIn44ealVLs3XqguDvvgBAAAAF8SVN/ef//9zMm3lAQAAgCFT7FoAAAAAhoVTfgAAABh+zv8BAABgqH317t1mynbf473wYGtzpfbgxkKlvlJa3Zwvzdc21ktLtdpS65l9q8etr1qrrX821jYflhuVeqNc39q+v1rbXGvcX973CmwAAADgHL325pPfJRGx8/lLrRT5cwAB9vnjoBsA9NPIoBsADMzooBsADEzh2DnsIWDYJcfUHx68075WGL8+m/YAAAD9d+3jh+//j+V1x18bAP6fGesDABePu3twcRVOOgLwar9bAgzKh9ofr3Sr7/rwjh7u/7evMWTZiRoGAAD0zUQrJWkpP06fiDQtlSJebb0WoJAsLlcrU/n5wW8nC680y9OtJZNjxwwDAAAAAAAAAAAAAAAAAAAAAAAAAG1ZlkQGAAAADLWI9M9J62n+Edcm35nYf3XgwFu/fnrvxw/nGo2N6Yix5O+TzUljEdH4ST79vcwrAQAAAOAl0D5Pzz+nB90aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbN82eP5nfTecb96xcjotgp/miMtz7HoxARl/+RxOie5ZKIGOlD/J3HEXG1U/wkXmRZVsxb0Sn+pTOOX2xtms7x04i40of4cJE9ae5/7nT6/qXxVuuz8/dvNE+n1X3/l/53/zfSZf/z6oFyN68//UW5a/zHEa+Pdt7/7MZP2vH3hWgW3u6xj9/8xvZ2x4o9q+wUf2+scmN1vVzf2r6xvDq3VFmqrM3MTH8we3P2/dmp8uJytZL/7RjmB5/45Yuj+n+5S/zi/v4f2v7v9NT7LP799OGzj7QLhU7xr7/d+ff3apf4af7b96k836y/tpvfaef3euPnv3njqP4vdOn/+DH9v95T/+Nz737te3/oWHNoawAA56G+tb0yV61WNo7IjPcwzzlnbr8czehjJl6OZgwqk323/f94uvWccvFDmew0i49GH5oxduh7OhInXWESsdNcV4//kAAAwJD530H/UXeQAAAAAAAAAAAAAAAAAAAAgLN0wseSjUdEzzMfjLkzmK4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABzpPwEAAP//gEfRew==")
openat$ppp(0xffffffffffffff9c, 0x0, 0x1, 0x0)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[], 0x1c}}, 0x0)
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r9, 0x800448d2, &(0x7f0000000100))

1m43.35899744s ago: executing program 5 (id=1131):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
msgget(0x2, 0x5)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@minixdf}, {}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@commit={'commit', 0x3d, 0x5}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x1, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=")
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)='system.posix_acl_access\x00', &(0x7f0000000540)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r3 = socket(0x15, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
getsockopt(r3, 0x200000000114, 0x2710, &(0x7f0000000600)=""/102389, &(0x7f0000000000)=0x18ff5)
ioctl$BTRFS_IOC_DEFRAG(r1, 0x50009402, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8041, 0x0)
r6 = perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x8, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x20100000, 0x0, 0x0, 0x0, 0x0, 0x0)
read(r6, &(0x7f0000000740)=""/21, 0x15)
ioctl$TIOCGPTPEER(r5, 0x5441, 0x0)

1m43.104020121s ago: executing program 5 (id=1136):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000009900"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000009000000440003800800010002000000140002007663616e300000000000000000000000080003000000000014000600ff"], 0x58}}, 0x0)

1m42.518538279s ago: executing program 5 (id=1139):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000000), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000003c0)={'vxcan0\x00', <r1=>0x0})
sendmsg$can_bcm(r0, &(0x7f0000001540)={&(0x7f0000000340)={0x1d, r1}, 0x10, &(0x7f00000000c0)={&(0x7f00000014c0)=ANY=[@ANYBLOB="01000000d7fe68ca0000000000000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="00000000040000000000000000000000b8ee0816756b62187804752330b2b539bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909000000000000000000"], 0x20000600}}, 0x0)

1m42.404474108s ago: executing program 33 (id=1139):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000000), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000003c0)={'vxcan0\x00', <r1=>0x0})
sendmsg$can_bcm(r0, &(0x7f0000001540)={&(0x7f0000000340)={0x1d, r1}, 0x10, &(0x7f00000000c0)={&(0x7f00000014c0)=ANY=[@ANYBLOB="01000000d7fe68ca0000000000000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="00000000040000000000000000000000b8ee0816756b62187804752330b2b539bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909000000000000000000"], 0x20000600}}, 0x0)

8.412504359s ago: executing program 4 (id=2329):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f00000002c0)={{0x1, 0x1, 0x18, <r1=>r0, {0x4, 0x2}}, './file0\x00'})
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r0, <r2=>0xffffffffffffffff}, 0x4)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'team0\x00', <r3=>0x0})
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000700)={&(0x7f0000000580)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x11c, 0x11c, 0x6, [@var={0xd, 0x0, 0x0, 0xe, 0x5, 0x2}, @decl_tag={0xf, 0x0, 0x0, 0x11, 0x2, 0x2}, @const={0x1, 0x0, 0x0, 0xa, 0x5}, @func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{0xd}, {0x3}, {0xf, 0x3}, {0x1, 0x1}]}, @var={0xf, 0x0, 0x0, 0xe, 0x3, 0x2}, @union={0xa, 0x4, 0x0, 0x5, 0x0, 0x0, [{0x3, 0x0, 0x2074b81f}, {0xd, 0x2, 0x4}, {0x2, 0x4, 0x9}, {0x4, 0x4, 0x12}]}, @var={0x7, 0x0, 0x0, 0xe, 0x7, 0x2}, @var={0x1, 0x0, 0x0, 0xe, 0x5, 0x2}, @volatile={0x7, 0x0, 0x0, 0x9, 0x5}, @func_proto={0x0, 0x8, 0x0, 0xd, 0x0, [{0x4, 0x4}, {0xb, 0x4}, {0x4}, {0xd}, {0x8, 0x1}, {0xe, 0x1}, {0x10, 0x3}, {0xe, 0x3}]}]}, {0x0, [0x61, 0x5f, 0x0, 0x5f]}}, &(0x7f00000006c0)=""/1, 0x13a, 0x1, 0x1, 0x6, 0x10000}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000009c0)={0xffffffffffffffff, 0x20, &(0x7f0000000980)={&(0x7f0000000880), 0x0, <r5=>0x0, &(0x7f00000008c0)=""/160, 0xa0}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x17, 0x17, &(0x7f0000000340)=@raw=[@exit, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @alu={0x7, 0x1, 0x6, 0x6, 0x6, 0x20, 0x8af4db5e69b05451}, @generic={0x6, 0x6, 0x5, 0x8, 0x2}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @map_idx={0x18, 0x1, 0x5, 0x0, 0x3}], &(0x7f0000000400)='GPL\x00', 0x9, 0xe6, &(0x7f0000000440)=""/230, 0x41100, 0xd, '\x00', r3, @fallback=0x17, r4, 0x8, &(0x7f0000000840)={0x0, 0x1}, 0x8, 0x10, 0x0, 0x0, r5, r0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r6 = socket(0x10, 0x3, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x0)
write$P9_RLERRORu(r9, &(0x7f0000000140)=ANY=[@ANYBLOB="1c00000007ffff", @ANYRES16=r7, @ANYRES32=r8], 0xfffffffffffffd74)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@version_u}]}})
r10 = socket$inet6(0xa, 0x3, 0x4)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r10, 0x29, 0x20, &(0x7f00000000c0)={@dev, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r10, 0x29, 0x20, &(0x7f0000000000)={@local, 0x10000, 0x0, 0x1, 0x1, 0x0, 0x2}, 0x20)
fcntl$F_GET_RW_HINT(r9, 0x40b, &(0x7f00000000c0))
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r11=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x58, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r11, {0x0, 0x2}, {0xffff, 0xffff}, {0x4, 0x300}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x10, 0x3, 0x1, 0x3, 0x400, 0x8}, [@TCA_NETEM_DELAY_DIST={0x6, 0x2, "9f2b"}, @TCA_NETEM_LOSS={0xfffffffffffffe4d}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)

8.345894115s ago: executing program 4 (id=2333):
pipe2$9p(&(0x7f0000000200), 0x800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x0, 0x0})
socket$inet6_sctp(0xa, 0x801, 0x84)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x4000, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

6.216031529s ago: executing program 4 (id=2345):
timer_create(0x3, 0x0, &(0x7f00000000c0)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000100)={{}, {0x0, 0x3938700}}, &(0x7f00000001c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x4}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
alarm(0x3)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8923, &(0x7f0000000040)={'bond0\x00', 0x1001})

6.135309056s ago: executing program 4 (id=2347):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x518, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x9001, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, 0x0, &(0x7f0000000c00)='GPL\x00'}, 0x94)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB, @ANYRES32=0x1, @ANYBLOB="7601000000000000000000000000000000000000e9933c6de3c9eaf0342b32d436de10a9f862aff4a54d9971fec8be0031ddfd37572d66897055e994eaff4633a8755d9febe2798b3edb2d73985d3f41a2ef7398a15ff8bd109b982a36403356e855f556555ec12db5bd55a736b5b547e851b034a303754229afb1fb093c596b4bcf5188480bceb62c2f157e6b800f3bf788b311a8fb5b78bcc9822cd156f2af114b7c659afb156a2d695e11b3661db648eb26b85e", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0500"/28], 0x50)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000840), 0x2, 0x0)
write$selinux_user(r1, &(0x7f0000000080)=ANY=[@ANYBLOB='system_u:object_r:auth_cach'], 0x27)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x314c, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
socket(0x10, 0x803, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40000000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073797a310000000008000440000000000900010073797a30000000000800034000000003"], 0x64}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001100)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r5}, 0x10)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
statx(0xffffffffffffffff, &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x7100, 0x7ff, 0x0)
write$tun(r6, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd0700100000001400000060ec97000fc83c00fe8000000000000000000000000000aaff0200"/51], 0xffe)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

4.942523844s ago: executing program 2 (id=2357):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)={0x8c, 0x0, 0x100, 0x70bd27, 0x25dfdbfe, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x1}, {0x6, 0x16, 0x1}, {0x5}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x403}, {0x6, 0x16, 0x1e53}, {0x5, 0x12, 0xf}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4000}, 0x4081)

4.760128619s ago: executing program 2 (id=2358):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x79dc, 0x80, 0x0, 0x3de}, 0x0, &(0x7f0000000180))
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
getrlimit(0xf, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x34)
io_setup(0x8f0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYRESOCT=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xa, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x3ff, 0x0, 0x0, 0x0, 0x70, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
syz_clone(0xae12e400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.793684068s ago: executing program 2 (id=2364):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
lsetxattr$security_selinux(0x0, 0x0, &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x0, 0x0})
socket$inet6_sctp(0xa, 0x801, 0x84)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x4000, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
io_setup(0x1, &(0x7f0000000b80))
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x240, 0x4001, @local}, 0x10, 0x0}, 0x3004c080)
syz_io_uring_setup(0x3c0c, 0x0, 0x0, 0x0)

3.246298674s ago: executing program 2 (id=2371):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000005000080850000007d00000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r2, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
sendto$inet6(r1, &(0x7f00000001c0)="a6", 0x1, 0x850, 0x0, 0x0)
recvmsg(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000780)=""/243, 0x11000}], 0x1}, 0x142)
flistxattr(0xffffffffffffffff, 0x0, 0x0)

3.184140779s ago: executing program 2 (id=2372):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x40000, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x11)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x8, 0x6a3, 0xcd0, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x92, 0x0, 0x2, [{{0x9, 0x4, 0x0, 0xc9, 0x1, 0x3, 0x1, 0x0, 0x40, {0x9, 0x21, 0x5, 0xb, 0x1, {0x22, 0x335}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0x3, 0x6, 0x41}}}}}]}}]}}, &(0x7f0000000380)={0xa, &(0x7f00000000c0)={0xa, 0x6, 0x201, 0x71, 0xb, 0x3, 0x20, 0x7}, 0xae, &(0x7f0000000200)={0x5, 0xf, 0xae, 0x1, [@generic={0xa9, 0x10, 0x3, "181c71a999e9a7f5f015c73642b841fd6914c93e1e4c571141065ad9d710e92eb723278c1d9896373a4c343e3809a357bb5a1d1fb3e5551929e45ad3b2a09e91aa7e89136ccdd4568ef220bd4060ba532a2a66cce2ccc575185259e1ccc995e2fa5af320ad791db9b2fe76907f10f1d28db48c4e7c979587af008acb99f93cd198ec99b97cc46900a1cc3d0a6c1ea6fff6bcecb4a89ef77e0448d170fabb42b2483408aa88c4"}]}, 0x3, [{0x4, &(0x7f00000002c0)=@string={0x4, 0x3, "7218"}}, {0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x9f5e298cd22ca155}}, {0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0xc0a}}]})
ioctl$int_in(r1, 0x5452, &(0x7f0000000100)=0x3)
r2 = socket$igmp6(0xa, 0x3, 0x2)
sendmmsg$inet6(r2, &(0x7f0000007280)=[{{&(0x7f0000000000)={0xa, 0x4c21, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1}, 0x1c, &(0x7f0000000440)=[{&(0x7f00000001c0)="01301c43735c", 0x6}], 0x1}}, {{&(0x7f0000000140)={0xa, 0x4e23, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}, 0x6}, 0x1c, &(0x7f0000000a80)=[{&(0x7f0000000500)='\\g', 0x2}], 0x1}}, {{&(0x7f0000000c80)={0xa, 0x4e22, 0xfd0, @private2, 0x8}, 0x1c, &(0x7f0000000e80)=[{&(0x7f0000000cc0)="e7f6", 0x2}], 0x1}}], 0x3, 0x4000841)
listen(r1, 0x2000fff)
accept(r1, 0xfffffffffffffffd, &(0x7f0000000180))
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x7d)

2.604703376s ago: executing program 6 (id=2378):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000700)=@base={0x10, 0x4, 0x4, 0x6}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000180)={r0, &(0x7f00000005c0), &(0x7f00000003c0)=""/79}, 0x20)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000280)={'vxcan1\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x4040000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000500), r1)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), r1)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="1709000000000000000001000000050007000000000008000900fffffffe060002000000000008000a000100000008001800ac1414aa08001900e000000214001b0017"], 0x58}}, 0x0)

2.19059845s ago: executing program 6 (id=2383):
symlink(0x0, &(0x7f0000000100)='./file0\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/15, @ANYRES32], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x10, &(0x7f0000000940), 0x1, 0x79d, &(0x7f0000000980)="$eJzs3d9rW2UfAPDvSdt16/a+7QsvvNt7VRB0MJbaWTcFLypeiOBgoNduJc3KbNqUJh1rKcwhgjeCDi8Evdm1P+adt/641X9Bb2TIxtRuOFGQyEmTJmuTNtv6Y7OfD5zteXKe9DnfnPP8SM5DEsCuNZj+k4k4FBHvJhH9tceTiOipprojRmNfWu7O0mIu3ZKoVF75JamWub20mIum56T21zIHoze+fiviSGZtvaX5hcmxQiE/GxEzETFUnpoZKs0vHD03NTaRn8hPHx8eGTl24ukTvZsX62/fLRy48d6LT3w2+seb/7v6zjdJjMaB2r7mODbLYAzWXpOeGF2174XNrmyHJTt9ANyXtGl2LbfyOBT90VVNdabzkgDAw+RiRFQAgF0mMf4DwC5T/xzg9tJiLt0qF3f284jtdvP5iNi7HH/9/ubynu7aPbu91fugfbeTu+53JBExsAn1D0bER1+89km6xRbdhwRo5Y1LEXFmYLDe/zf6n2TNmoVlnS/IeLKDMoOr8vo/2D5fpvOfZxrzv0b7y6zMf6LF/Ke3Rdu9H4MRe5rza9t/5vomVNNWOv97rqextu1OU/w1A1213L+qc76e5Oy5Qj7t2/4dEYejpzfND69Tx+Fbf92664GuRrJ5/vfr5dc/TutP/2+UyFzvXtXljo+Vxx407rqblyL+390q/mTl/Cdt5r+nOqzjpWff/rDdvjT+NN76dnf8W7+qrHIl4vFoHX9dst76xOND1cthqH5RtPD5jx/0tau/+fynW1p//b3AdkjPf9/68Q8kzes1SxHd1+6tjm+v9H/Vbt/G8be+/vckr1bT9c7jwli5PDscsSd5ee3jxxrPrefr5dP4Dz/Wuv2vd/2n7wnPdBh/942fP73/+LdWGv/4PZ3/e09cvTPZ1a7+zs7/SET8ufKJRSf9X6cH+OCvIAAAAAAAAAAAAAAAAAAAAAAAAABsLBMRByLJZFfSmUw2u/wb3v+NvkyhWCofOVucmx6P6m9lD0RPpv5Vl/1N34c6XPs+/Hr+2Kr8UxHxn4h4v3dfNZ/NFQvjOx08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANTsb/P7/6mfenf66ACALbN3wxK38ttyIADAttl4/AcA/mmM/wCw+xj/AWD3Mf4DwO5j/AcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCLnTp5Mt0qvy8t5tL8+Pn5ucni+aPj+dJkdmoul80VZ2eyE8XiRCGfzRWnmp76fau/VygWZ0Zieu7CUDlfKg+V5hdOTxXnpsunz02NTeRP53u2LTIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6FxpfmFyrFDIz0o8KolK//Kpe1iOZ+sT147+cHC9Mpddxpuf2OmeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODR8HcAAAD//2khMfk=")
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="440000001000030426bd7000fcdbdf2500000000", @ANYRES32=0x0, @ANYRESDEC=r0], 0x44}, 0x1, 0xba01, 0x0, 0x4004804}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="3183000010000000000019000000180001801400020073797a5f74756e000000000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x8040}, 0x4886)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
r7 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
sendfile(r6, r7, &(0x7f0000000480)=0x2, 0x4)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000340)={'syz_tun\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@getchain={0x5c, 0x11, 0x400, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r9, {0xe, 0xfff2}, {0x7, 0xa}, {0xfff1}}, [{0x8, 0xb, 0x3ff}, {0x8, 0xb, 0x40004}, {0x8, 0xb, 0xffffffff}, {0x8, 0xb, 0x5}, {0x8, 0xb, 0x1}, {0x8, 0xb, 0x7}, {0x8, 0xb, 0x4}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r10=>0x0})
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r12, @ANYBLOB="0000000000000000b703000010000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r13 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r14=>0x0})
sendmsg$nl_route_sched(r13, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r14}}, 0x24}, 0x1, 0x0, 0x0, 0x8080}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800110000000000020000f5bc8e3ba055ca000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0xc, &(0x7f00000000c0)={0x0, 0x1}, 0x8}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000002000000000000001108000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000182600bdfdce42d75807007ca57900", @ANYRES32=r12, @ANYBLOB="0000000001000000850000003b00000018230000", @ANYRES32=r11, @ANYBLOB="00000000ffffffff18270000", @ANYRES32=r12, @ANYBLOB="000000000e0000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xd7, &(0x7f00000004c0)=""/215, 0x41100, 0x2, '\x00', r14, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000380)={0x2, 0xf, 0x2, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000400)=[r12, r12, r12, r12, r11, r12], 0x0, 0x10, 0xd0ad}, 0x94)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x50, r5, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5, 0x7, 0x6}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0xc0}, @ETHTOOL_A_LINKMODES_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}]}, @ETHTOOL_A_LINKMODES_LANES={0x8, 0x9, 0x3}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x5}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x800)
sendmsg$NFT_BATCH(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a40)={{0x14}, [@NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8}]}}}, {0x10, 0x1, 0x0, 0x1, @last={{0x9}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x88}}, 0x0)
close(r2)

2.026224363s ago: executing program 6 (id=2385):
socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r3, 0x6, 0x0, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r4, &(0x7f0000000180)='./bus\x00', 0x0)
chdir(0x0)
creat(&(0x7f0000000780)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x7e1ce440945e0ba7)
fsmount(r3, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000140)={[{0x2b, 'cpu'}]}, 0x5)

1.930955042s ago: executing program 1 (id=2389):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x80000001}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r2, 0x0, 0x0, 0x2}, 0x20)

1.906106184s ago: executing program 1 (id=2391):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7}, 0x18)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x30}, 0x7e8166965e22236a)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, 0x0, 0x0)

1.843920428s ago: executing program 1 (id=2392):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080000000180"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2000008, &(0x7f00000003c0), 0xfc, 0x53e, &(0x7f0000000940)="$eJzs3UFvI1cdAPD/eO3d7G62SYEDVGoptGi3grWThrYRh1IkBKdKiMJ5CYkTRXHiKHbaTVRB9hMgIQRInODCBYkPgIRW4sKxQqoEZ5CKQIhuQYIDdJDtcRKcceKsnHjX+f2kybz3xjP/9xy/8YznaSaAC+vZiHgtIj5M0/SFiJjKygvZFHudqfW6Dx68vdiakkjTN/6eRJKVdbeVZPPr2WoTEfH1r0Z8Ozkat7Gzu7ZQqxW7+UpzfbPS2Nm9vbq+sFJdqW7Mzc2+PP/K/EvzM0Np542IePXLf/7h937+lVd//bm3/nTnr7e+06rWZLb8cDtOqXjcwk7TS1cmelbYeshgj6JWe0rdzNXB1rl3hvUBAKC/1jH+RyLi0xHxQkzFpeMPZwEAAIDHUPrFyfhPEpHmu9ynHAAAAHiMFNpjYJNCORsLMBmFQrncGcP7sbhWqNUbzc8u17c3ljpjZaejVFherVVnsrHC01FKWvnZdvog/2JPfi4inoyIH0xdbefLi/Xa0qh//AAAAIAL4nrP+f8/pzrn/wAAAMCYmT5+8dR51QMAAAA4Oyec/wMAAABjwPk/AAAAjLWvvf56a0q7z79eenNne63+5u2lamOtvL69WF6sb22WV+r1lfY9+9ZP2l6tXt/8fGxs3600q41mpbGze2e9vr3RvLMaE+fSIAAAAOCIJz95/w9JROx94Wp7ark86koB56K4n0qyeU7v/+MTnfl751Qp4FxcGuA1713JL3ecAI+3Ym9Bn74OjJ/SqCsAjFxywvKewTvX9lPvZPNPDb9OAADAcN38RP71/5OvC+wVzqF6wBnSieHi6vmeTz3rBy6O9vX/QQfyOFiAsVIaaAQgMM5Oef3/wDuDRkjTU1UIAAAYusn2lBTK2c97k1EolMsRN9qPBSgly6u16kxEPBERv58qXWnlZ9trJieeMwAAAAAAAAAAAAAAAAAAAAAAAAAAHWmaRAoAAACMtYjCX5LfdO7lf3Pq+cne3wcuJ/9uPxL4ckS89ZM3fnR3odncmm2Vv79f3vxxVv7iKH7BAAAAAHp1z9Pb83+NujYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjJsPHry92J0GePnVYcX925ciYjovfjEm2vOJKEXEtX8kUTy0XhIRl4YQf+9eRHw8L37SqtZ+yLz4w3gTTogf09m7kBf/+hDiw0V2v7X/eS2v/xXi2fY8v/8VI/4v/7D67/9if/93qU//vzFgjKfe/WWlb/x7EU8V8/c/3fhJn/jPDRj/W9/Y3e23LP1pxM3u9097j3c4wkGq0lzfrDR2dm+vri+sVFeqG3Nzsy/PvzL/0vxMZXm1Vs3+5sb4/tO/+vC49l/L/f5Lstr0b//zOdvL+07677t3H3y0m9k7Gv/Wcznxf/uz7BVH4xeyOJ/J0kn2XrXTe53387BnfvG7Z45r/9JB+0un+f/f6rfRXkc6ytODfnQAgDPQ2NldW6jVqltjm2idpT8C1bjoiW++/wh+2L471A2maZq2+lTOovsRMch2khhySwv59TlI9P2njHrPBAAADNvBQf+oawIAAAAAAAAAAAAAAAAAAAAX13ncZa035sEtkJNh3EIbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAo/hcAAP//A/7SsQ==")
r0 = inotify_init1(0x80000)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000007, 0x20010, r0, 0xf0182000) (async)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000007, 0x20010, r0, 0xf0182000)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x2}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000019200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2, 0x0, 0x40}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xfffffffffffffee1, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x68}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x48, 0x16, 0xa, 0x801, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0xd, 0x1, 'batadv_slave_1\x00'}]}]}]}], {0xfffffffffffffc4a}}, 0x70}}, 0x24040880)
sendmsg$NFT_MSG_GETRULE(r1, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f00000007c0)={0x100, 0x7, 0xa, 0x0, 0x0, 0x0, {0x5, 0x0, 0x8}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_DREG={0x8, 0x1, 0x1, 0x0, 0x17}, @NFTA_PAYLOAD_CSUM_TYPE={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_PAYLOAD_CSUM_FLAGS={0x8}, @NFTA_PAYLOAD_BASE={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x3}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x1}, @NFTA_RULE_EXPRESSIONS={0x80, 0x4, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x80000001}, @NFTA_NG_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_NG_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_NG_OFFSET={0x8, 0x4, 0x1, 0x0, 0xffffffff}, @NFTA_NG_OFFSET={0x8, 0x4, 0x1, 0x0, 0xd31b}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0xb}]}}}, {0x2c, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xf}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x13}]}}}, {0xc, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @void}}]}]}, 0x100}, 0x1, 0x0, 0x0, 0x880}, 0x4000000)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) (async)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='+}[@\x00G5\v\x89\x89\xb2\x0e\xb7\xb4\x9a\xb3\xb9\xe1\xff@`\x87\xefy\xb7\xe0\xe6c\x91\x81ND\t3\xc4\xca\xf0\xd0Zpo\xd0\xc7\'CT') (async)
prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='+}[@\x00G5\v\x89\x89\xb2\x0e\xb7\xb4\x9a\xb3\xb9\xe1\xff@`\x87\xefy\xb7\xe0\xe6c\x91\x81ND\t3\xc4\xca\xf0\xd0Zpo\xd0\xc7\'CT')
socket$inet6_udp(0xa, 0x2, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) (async)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r4, &(0x7f0000000200)=""/102400, 0x19000, 0x1000000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x4000, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r2, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x33}, @void}}}, 0x1c}}, 0x4000054) (async)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x4000, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r2, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x33}, @void}}}, 0x1c}}, 0x4000054)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0xf0, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x80, 0x40800}, [@IFLA_LINKINFO={0xd0, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc0, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_BC_QUEUE_LEN={0x8, 0x7, 0x6}, @IFLA_MACVLAN_FLAGS={0x6}, @IFLA_MACVLAN_MACADDR={0xa, 0x4, @remote}, @IFLA_MACVLAN_BC_QUEUE_LEN={0x8, 0x7, 0x5}, @IFLA_MACVLAN_FLAGS={0x6, 0x2, 0x1}, @IFLA_MACVLAN_MODE={0x8, 0x1, 0x13}, @IFLA_MACVLAN_MACADDR_DATA={0x70, 0x5, 0x0, 0x1, [{0xa, 0x4, @multicast}, {0xa, 0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x34}}, {0xa, 0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}}, {0xa, 0x4, @broadcast}, {0xa, 0x4, @broadcast}, {0xa, 0x4, @multicast}, {0xa, 0x4, @local}, {0xa, 0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x41}}, {0xa, 0x4, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}]}, @IFLA_MACVLAN_MODE={0x8, 0x1, 0x1}, @IFLA_MACVLAN_BC_QUEUE_LEN={0x8, 0x7, 0x9a4}, @IFLA_MACVLAN_MACADDR_MODE={0x8}]}}}]}, 0xf0}, 0x1, 0x0, 0x0, 0x8800}, 0x0) (async)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0xf0, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x80, 0x40800}, [@IFLA_LINKINFO={0xd0, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc0, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_BC_QUEUE_LEN={0x8, 0x7, 0x6}, @IFLA_MACVLAN_FLAGS={0x6}, @IFLA_MACVLAN_MACADDR={0xa, 0x4, @remote}, @IFLA_MACVLAN_BC_QUEUE_LEN={0x8, 0x7, 0x5}, @IFLA_MACVLAN_FLAGS={0x6, 0x2, 0x1}, @IFLA_MACVLAN_MODE={0x8, 0x1, 0x13}, @IFLA_MACVLAN_MACADDR_DATA={0x70, 0x5, 0x0, 0x1, [{0xa, 0x4, @multicast}, {0xa, 0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x34}}, {0xa, 0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}}, {0xa, 0x4, @broadcast}, {0xa, 0x4, @broadcast}, {0xa, 0x4, @multicast}, {0xa, 0x4, @local}, {0xa, 0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x41}}, {0xa, 0x4, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}]}, @IFLA_MACVLAN_MODE={0x8, 0x1, 0x1}, @IFLA_MACVLAN_BC_QUEUE_LEN={0x8, 0x7, 0x9a4}, @IFLA_MACVLAN_MACADDR_MODE={0x8}]}}}]}, 0xf0}, 0x1, 0x0, 0x0, 0x8800}, 0x0)

1.680499522s ago: executing program 1 (id=2393):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r0, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[], 0xc48}, 0x0, 0xe3d08660d3cd4684})
io_uring_enter(0xffffffffffffffff, 0x92, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00'}, 0x10)
setitimer(0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000340)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)

1.205604231s ago: executing program 4 (id=2394):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
lsetxattr$security_selinux(0x0, &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x0, 0x0})
socket$inet6_sctp(0xa, 0x801, 0x84)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x4000, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
io_setup(0x1, &(0x7f0000000b80))
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x240, 0x4001, @local}, 0x10, 0x0}, 0x3004c080)
syz_io_uring_setup(0x3c0c, 0x0, 0x0, 0x0)

1.063634393s ago: executing program 6 (id=2395):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0xffff, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_config_ext={0x5, 0x80}, 0x9280, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0x28, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffdfffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_io_uring_setup(0x1714, &(0x7f0000002000)={0x0, 0x20000000, 0x10100, 0x2}, &(0x7f0000000280)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='sched_switch\x00', r3}, 0x10)
syz_clone(0xae12e400, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r4}, &(0x7f0000000240), &(0x7f0000000280)=r5}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0)
r6 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
syz_usb_disconnect(r6)
syz_usb_connect(0x4, 0x24, &(0x7f00000000c0)=ANY=[], 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
r9 = gettid()
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000800)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010028bd7000ffdbdf2514000000080001000100000008000300", @ANYRES32=0x0, @ANYBLOB="08001c00", @ANYRES32=r9], 0x2c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000)
ioctl$BTRFS_IOC_SPACE_INFO(0xffffffffffffffff, 0xc0109414, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10000})
io_uring_enter(r0, 0x27e2, 0x0, 0x0, 0x0, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000001080)={0x200000, 0x200000})
r10 = getpid()
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001e000100000000000400000002000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\b\x00\b\x00', @ANYRES32=0x0, @ANYBLOB="388e520ffe0a"], 0x24}}, 0x20000080)
unshare(0x22020600)
r12 = syz_pidfd_open(r10, 0x0)
setns(r12, 0x24020000)

1.028273956s ago: executing program 0 (id=2396):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x80000001}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r2, 0x0, 0x0, 0x2}, 0x20) (fail_nth: 3)

755.243698ms ago: executing program 0 (id=2397):
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440)) (async)
r0 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r0, 0x0, 0x400000002000000, 0x2)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x10, 0x4, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000e3375900f1102f00000000009500000000000000876455"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3c, '\x00', 0x0, 0x9}, 0x94)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) (async)
syz_read_part_table(0x5dc, &(0x7f0000000000)="$eJzs3L9rJFUcAPDvm5md3YAasbZYSCMKRrATF7VQkk780VnYKFhEJBZilSwKgj/+gBQ2ooWxCLG2UJAQDFhcdRyEO7g/4q648I6Zndm95FLdhoODz6eY997M9/u++3hvy5ngyZZXI3KKOGlHv5RtUxUbZff8kxTluYRB16aI+HD/7Xc2x++m4fxec3c3ZinDRVLdtVWMu95fVfy0/+l3RR+x017/v93HRVS5yUux9/CPXmlj0pJLZ3nV37ndrKjjWvwZEVupbA7BMGIav0U8G6M2bj3iuTLn3G7zbruDZdTzc/HIDiZH0zei+iD6U1H3R3Qldr5P+ZUubhDFhcwy4vnX17cvm7TNn6buHLZyzoOn1rpBsXiwdVb33VePb+3EdDSfPXJXsj+nX5y+93IzefN3a+YYLLt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACu3AtfvvhP0Q/ebK9pft34PYpF6G7EvbZTRYxHV1T/YHK0+s2320V8Pfns+uepn78znPc+njWHP5yLKJeuv3VW1H/8+u/KhXLN8v9bu3E3567EaXf/q9ceSJ4US9cHAAAAAAAAAAAAAAAAAACAxmFsjt8vRvHWzyk+isXr/jlGESn1w1FEzjnfya3+5f9675mud3IzUpMUuU85rmcfFFh9OiIPf3yp/aDALDHnXLUl0mNcKJe6HwAA//+8u1lf")
write(0xffffffffffffffff, &(0x7f00000007c0)="b83496bb480cfd003ba831cbda2de66db3fa6fd5f4b38a899762871060890fff3cec8986bf3684e05c8aebad067e1e19b6c2c37d3324a9bfc437dbc4b1d22df872c7b95de54f713731d19c948938a1920a68e622b0fa9316b87c50211e2f4c631fea86ab65d2a21c5f51d91aa115f6c5e38f642421f1c3c541070842963eaf61e96e7a902ce1ace1c3dd938ef5898d616c7ae69b744dcd1d4e9194cddd1aeeeda07bc1214cf5f8e19bf4cae8b8f9aaf8b09a0b064a7757c0a967696a4e8c009429255d3c65a100e6d5d249252bdb83cdf132074780ec91979911ddf3189e9d16f9b19bd013e015", 0xe7) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1900000004000000040000000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000fb1e71000500860300008b000000000000000000f98b8e1106f58b1f2bac8600824717332b240000000000e3de5f15e17d7b163d667669ea3d45c509ff96ed3534350e88503f6db456e75abecf9bcb7d1d6a731897bf"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES8, @ANYBLOB="000000000000000eb70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000680)={0x0, r1}, 0x8) (async)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000980)={0x0, r4}, 0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x1b, 0xc, &(0x7f0000000640)=ANY=[@ANYRES64=r4], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x10, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r5, 0x0, 0x6}, 0x18) (async)
r6 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r6, &(0x7f0000000180)={0x28, 0x0, 0x0, @local}, 0x10) (async)
connect$vsock_stream(r6, &(0x7f0000000400)={0x28, 0x0, 0x2710, @host}, 0x10) (async)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000006c0)=<r7=>0x0)
perf_event_open(0x0, r7, 0xa, 0xffffffffffffffff, 0x1)
socket$inet_tcp(0x2, 0x1, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$HIDIOCGFLAG(0xffffffffffffffff, 0x8004480e, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f00000000c0)={'bridge0\x00'})
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000a40)=ANY=[@ANYRES32=r6, @ANYRES32=0x0, @ANYBLOB="0315000000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r8, @ANYBLOB='\b\x00\n\x00', @ANYRESHEX=r9], 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0) (async)
r11 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r11)

638.702488ms ago: executing program 0 (id=2398):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000fd"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x10000}, 0x18)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3014850, &(0x7f00000006c0)={[{@noquota}, {@barrier_val={'barrier', 0x3d, 0x1000}}, {@grpjquota}, {@noauto_da_alloc}, {@dioread_lock}]}, 0x3, 0x4c5, &(0x7f0000001cc0)="$eJzs3U1rW1caAOD3ynbiJM7YmZlFJjCZMJPBCTOR7HiSmFlkPFDaVaBpunddWzbGsmUsOYlNKA79AYXSL9pVV90Uui6Fkp9QCoF2X0ppCW2SLrpoqyL5qkld+YtYVmI9Dxzfcz+k9z0W90hH56IbQNs6EREjEdEREacjojfdnklLrKyW6nH37t4Yr5YkKpUr3yaRpNvqz5Wky0Ppw7oj4rlnIl5Mfh+3tLQ8M1Yo5BfS9Vx5dj5XWlo+Mz07NpWfys+NDA2eH74wfG54YMfaevGpr9545b2nL37872tfjH5z6qVqWj3pvofbsRUrWzxuteldtf9FXWdELGwn2GOsI21PV6sTAQBgS6qf8f8YEX+PiPtvtzobAAAAoBkq/+uJH5OICgAAALBnZWrXwCaZbHotQE9kMtns6jW8f46DmUKxVP7XZHFxbmL1Wtm+6MpMThfyA+m1wn3RlVTXB2v1B+tn16wPRcSRiHit90BtPTteLEy0+ssPAAAAaBOH1oz/v+9dHf8DAAAAe0xfqxMAAAAAms74HwAAAPa+dcf/SefuJgIAAAA0w7OXLlVLpX7/64mrS4szxatnJvKlmezs4nh2vLgwn50qFqdqv9k3u9nzFYrF+f/E3OL1XDlfKudKS8ujs8XFufJo7b7eo3n3iQYAAIDdd+Rvtz5PImLlvwdqpWpfum8LY/WR5mYHNFNme4cnzcoD2H0drU4AaBkX+EL7Mh8PbDKwf33N+ja/NgAAAB4H/X95pPl/84HwBDOQh/Zl/h/al/l/aF/m/6HN7d/8kO71dnyyw7kAAABN01MrSSabzgX2RCaTzUYcrt0WoCuZnC7kByLiDxHxWW/X/ur6YKuTBgAAAAAAAAAAAAAAAAAAAAAAAIAnTKWSRAUAAADY0yIyXyfpjfz7e0/2rP1+YF/yQ29tGRHX3rny5vWxcnlhsLr9u1+3l99Kt5+tbwEAAABaqT5Or4/jAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAn3bt7Y7xedjPunf9HRF+j+J3RXVt2f9gbEQfvJ9H50OOSiOjYgfgrNyPiaKP4STWt6EuzWBs/ExEHWhz/0A7Eh3Z2q9r/jFTPv641518mTtSWjc+/zrQ8qjsn1uv/MvX+r9bPNer/Dm/81N31yrHbH+TWjX8z4lhn4/6nHj95xP73heeXl9fbV3k3on+T959qrFx5dj5XWlo+Mz07NpWfys8NDQ2eH74wfG54IDc5XcinfxvGePWvH/28UfsPNoy/2v9u1P6TW2z/T7ev3/3TBvFP/aPx6390g/jV//0/0/eB6v7+en1ltf6w4+9/enyj9k+s0/7NXv9TW2z/6csvf7nFQwGAXVBaWp4ZKxTyCyoqKnuvcjk90bf98BZ3TAAAwI578KG/1ZkAAAAAAAAAAAAAAAAAAABA+2r6j5Dt/+0vC3S3rqkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABv6JQAA///dfdKW")
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)

630.452498ms ago: executing program 0 (id=2399):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x65, 0x7f, 0x5, 0x0, 0x0, 0x7, 0x89008, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x8, 0x7ffffefc, 0x3, 0xfffffffffffffffe, 0x0, 0x4000, 0x0, 0xff, 0x0, 0x1}, 0x0, 0x8, 0xffffffffffffffff, 0x9)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r0, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b}}, 0x120)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0xc085}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}]}], {0x14}}, 0x64}}, 0x0) (fail_nth: 8)

422.859725ms ago: executing program 1 (id=2400):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c00e4f7", @ANYRES16=0x0, @ANYBLOB="00042abd7000fcdbdf25010000000500020002000000"], 0x1c}, 0x1, 0x0, 0x0, 0x44040}, 0x8080)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000380)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@max_batch_time={'max_batch_time', 0x3d, 0x131}}, {@mblk_io_submit}, {@quota}]}, 0x3, 0x437, &(0x7f0000000d80)="$eJzs281vG0UbAPBn7aR9+/UmVOWjaYFAQUR8JE1aSg9cikDiABISHMoxJGkV6jaoCRKtIggIlSOqxB1xROIv4AQXBJyQuMIdVapQLi2cjNbeTRzHdhPHiQP+/aRtZ3bHmnm8M/bMThxAzxpO/0kiDkbEbxExUM2uLTBc/e/u8uLUX8uLU0mUy2/+mVTK3VlenMqL5q87kGf6IgqfJnGsQb3z165fmiyVZq5m+bGFy++NzV+7/tzs5cmLMxdnrkycPXv61PgLZyae70icaVx3hj6cO3701bdvvj51/uY7P32T5PHXxdGmvrr8cKvCT5bLW6xudzlUk07q3wl2rWLWcfsr438gijXdeCBe+aSrjQO2VblcLj/Q/PJSGfgPS6LbLQC6I/+iT9e/+bFDU49d4fa56gIojftudlSv9EUhK9Nft77tpOGIOL/095fpEZ15DgEA0NJ36fzn2Ubzv0LUPhf6f7aHMhgR90XE4Yg4ExFHIuL+iErZByPioU3WX79Jsn7+U7jVVmAblM7/Xsz2ttbO//LZXwwWs9yhSvz9yYXZ0szJ7D0Zif69aX68RR3fv/zr582u1c7/0iOtP58LZu241bd37WumJxcmtxJzrdsfRwz1NYo/WdkJSCLiaEQMtVnH7NNfH2927d7xt9CBfabyVxFPVe//UtTFn0ta70+O/S9KMyfH8l6x3s+/3HijWf1bir8D0vu/v2H/X4l/MKndr53ffB03fv+s6Zqm3f6/J3lrzbkPJhcWro5H7Eleqza69vxEXbmJ1fJp/CMnGo//w7H6ThyLiLQTPxwRj0TEo1nbH4uIxyPiRIv4f3zpiXfbj397pfFPb+r+ryb2RP2ZxonipR++XVPp4GbiT+//6UpqJDuzkc+/jbSrvd4MAAAA/z6FiDgYSWF0JV0ojI5W/4b/SOwvlObmF565MPf+lenqbwQGo7+QP+kaqHkeOp4t6/P8RF3+VPbc+Ivivkp+dGquNN3t4KHHHWgy/lN/FLvdOmDb+b0W9C7jH3qX8Q+9y/iH3tVg/O/rRjuAndfo+/+jLrQD2Hl149+2H/QQ63/oXQ3G/7lutAPYeb7/oSfN74t7/0heQmJdIgq7ohkS25To9icTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wTAAD//+e45xo=")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

196.263724ms ago: executing program 1 (id=2401):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x1001, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x0, 0x0})
socket$inet6_sctp(0xa, 0x801, 0x84)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x4000, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

74.774914ms ago: executing program 0 (id=2402):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7}, 0x18)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x30}, 0x7e8166965e22236a)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, 0x0, 0x0)

74.481404ms ago: executing program 2 (id=2403):
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
linkat(0xffffffffffffffff, &(0x7f0000000400)='./file0\x00', 0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x8}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0xfffffffd}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)
write$selinux_attr(r1, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
socketpair$tipc(0x20, 0x1, 0x0, &(0x7f0000000600))
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b0000000700000001000100090000"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffc93, 0x0, 0x0, 0x0}, 0x94)
socket$inet_mptcp(0x2, 0x1, 0x106)
sendmsg$key(0xffffffffffffffff, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="020d01040a0000000040000000000000030017"], 0x50}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1004000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000000680)=@newtaction={0x14, 0x30, 0x216822a75a8bdd29, 0xffe4}, 0x14}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000200))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='mm_page_alloc\x00', r0}, 0x18)
quotactl_fd$Q_GETFMT(r0, 0xffffffff80000400, 0x0, &(0x7f00000002c0))
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

70.237354ms ago: executing program 6 (id=2404):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x16, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x10000000, 0x61, 0x11, 0x4c}, [@call={0x85, 0x0, 0x0, 0xc3}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="54009a0f7d8229db8308ebfb4abd7000fddbdf2500210000", @ANYRES32=0x0, @ANYBLOB="0221000000000000140003006e657464657673696d3000000000000008000a00", @ANYRES32=0x0, @ANYBLOB="180016801400018010000600ffff00005409000004000000"], 0x54}, 0x1, 0x0, 0x0, 0x20042800}, 0x24040800)

603.09µs ago: executing program 0 (id=2405):
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000800)='/proc/diskstats\x00', 0x0, 0x0)
r3 = syz_io_uring_setup(0x49c, &(0x7f00000003c0)={0x0, 0x79ac, 0x400, 0x7ffc, 0x70, 0x0, r2}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000900)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000000)=0x7fffffff, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x2007, @fd=r2, 0x6, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r6=>0x0})
sendmsg$can_j1939(r2, &(0x7f0000000240)={&(0x7f0000000080)={0x1d, r6, 0x0, {0x0, 0x1, 0x3}, 0x81}, 0x18, &(0x7f0000000200)={&(0x7f00000000c0)="23e6c67f15b61c7944e7dabd41582cad3c185524d4071baed6dea659260cd4c631f2268e0bb7efccb47c769b94f470a070c8454e8ac6890c3f68ce65d4006b08788954ec97532d885c897431bdf0ab89faa684277a11b8ad1a117ae71ef6801672eed21870d06c7fc59ac26a42cf735e69045be5fd7eddf8a348e1c943b0f3bf05a34c23114e043c4afca5ae28b2", 0x8e}, 0x1, 0x0, 0x0, 0x8800}, 0x24004041)
r7 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000000c0)={'lo\x00', <r9=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="300000001c000102000000000000000002000009", @ANYRES32=r9, @ANYBLOB="000000000a0001"], 0x30}}, 0x0)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[], 0x50}}, 0x0)
sendmmsg(r7, &(0x7f0000000000), 0x4000000000001f2, 0x0)
io_uring_enter(r3, 0xfd0, 0x4c1, 0x43, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r10, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r10, 0x40605346, &(0x7f0000001240)={0x0, 0x0, {0x0, 0x1, 0x20000000, 0x0, 0x1}, 0x5e})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r1}, 0x18)

396.24µs ago: executing program 6 (id=2406):
socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r3, 0x6, 0x0, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r4, &(0x7f0000000180)='./bus\x00', 0x0)
chdir(0x0)
creat(&(0x7f0000000780)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x7e1ce440945e0ba7)
fsmount(r3, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000140)={[{0x2b, 'cpu'}]}, 0x5)

0s ago: executing program 4 (id=2407):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
r2 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x100)
preadv2(r2, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000780)='mm_page_free\x00', r3}, 0x18)
sendmsg$rds(r1, &(0x7f0000001d00)={&(0x7f00000017c0)={0x2, 0x0, @private=0xa010101}, 0x10, 0x0}, 0x0)

kernel console output (not intermixed with test programs):

ecommended
[  206.722418][ T9969] IPVS: Error joining to the multicast group
[  206.731676][ T9970] EXT4-fs (loop1): blocks per group (64) and clusters per group (32768) inconsistent
[  207.282195][ T9982] loop0: detected capacity change from 0 to 128
[  207.290589][ T9982] vfat: Unknown parameter ''
[  207.314059][ T9982] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1940'.
[  207.331405][ T9982] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1940'.
[  207.340517][ T9982] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1940'.
[  207.402038][ T9993] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1943'.
[  207.439243][ T9993] loop2: detected capacity change from 0 to 1024
[  207.443245][ T9997] netlink: 'syz.4.1946': attribute type 1 has an invalid length.
[  207.455345][ T9993] EXT4-fs: Ignoring removed nomblk_io_submit option
[  207.455374][ T9993] ext4: Unknown parameter 'fsmagic'
[  207.469164][ T9997] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1946'.
[  207.560543][T10007] loop4: detected capacity change from 0 to 1024
[  207.568522][T10005] loop1: detected capacity change from 0 to 512
[  207.583068][T10007] journal_path: Non-blockdev passed as './file1'
[  207.589821][T10007] EXT4-fs: error: could not find journal device path
[  207.600657][T10005] EXT4-fs: Ignoring removed mblk_io_submit option
[  207.614991][T10005] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  207.641489][T10005] EXT4-fs (loop1): 1 truncate cleaned up
[  207.994808][T10022] netlink: 'syz.2.1953': attribute type 29 has an invalid length.
[  208.108697][T10034] FAULT_INJECTION: forcing a failure.
[  208.108697][T10034] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  208.121971][T10034] CPU: 1 UID: 0 PID: 10034 Comm: syz.2.1956 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  208.122044][T10034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  208.122057][T10034] Call Trace:
[  208.122064][T10034]  <TASK>
[  208.122071][T10034]  __dump_stack+0x1d/0x30
[  208.122095][T10034]  dump_stack_lvl+0xe8/0x140
[  208.122114][T10034]  dump_stack+0x15/0x1b
[  208.122189][T10034]  should_fail_ex+0x265/0x280
[  208.122218][T10034]  should_fail+0xb/0x20
[  208.122242][T10034]  should_fail_usercopy+0x1a/0x20
[  208.122325][T10034]  _copy_from_user+0x1c/0xb0
[  208.122345][T10034]  ___sys_sendmsg+0xc1/0x1d0
[  208.122380][T10034]  __x64_sys_sendmsg+0xd4/0x160
[  208.122470][T10034]  x64_sys_call+0x191e/0x2ff0
[  208.122491][T10034]  do_syscall_64+0xd2/0x200
[  208.122517][T10034]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  208.122545][T10034]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  208.122582][T10034]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.122603][T10034] RIP: 0033:0x7fbd4029e9a9
[  208.122619][T10034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.122636][T10034] RSP: 002b:00007fbd3e8e6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  208.122719][T10034] RAX: ffffffffffffffda RBX: 00007fbd404c6080 RCX: 00007fbd4029e9a9
[  208.122753][T10034] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  208.122765][T10034] RBP: 00007fbd3e8e6090 R08: 0000000000000000 R09: 0000000000000000
[  208.122777][T10034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  208.122789][T10034] R13: 0000000000000000 R14: 00007fbd404c6080 R15: 00007ffcef2e74f8
[  208.122880][T10034]  </TASK>
[  208.339707][T10038] netlink: 'syz.2.1959': attribute type 1 has an invalid length.
[  208.347813][T10038] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1959'.
[  208.413234][   T10] kernel write not supported for file /ppp (pid: 10 comm: kworker/0:1)
[  208.634235][T10063] loop4: detected capacity change from 0 to 8192
[  209.299194][T10064] loop0: detected capacity change from 0 to 8192
[  209.307629][   T29] kauditd_printk_skb: 367 callbacks suppressed
[  209.307646][   T29] audit: type=1400 audit(1753911587.915:9579): avc:  denied  { mount } for  pid=10039 comm="syz.4.1960" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  209.384024][   T29] audit: type=1400 audit(1753911588.731:9580): avc:  denied  { mount } for  pid=10051 comm="syz.0.1965" name="/" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  209.437545][   T29] audit: type=1400 audit(1753911588.784:9581): avc:  denied  { unlink } for  pid=7448 comm="syz-executor" name="file0" dev="tmpfs" ino=812 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  209.463088][   T29] audit: type=1400 audit(1753911588.827:9582): avc:  denied  { create } for  pid=10068 comm="syz.6.1970" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  209.484160][   T29] audit: type=1400 audit(1753911588.827:9583): avc:  denied  { connect } for  pid=10068 comm="syz.6.1970" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  209.504441][   T29] audit: type=1400 audit(1753911588.827:9584): avc:  denied  { ioctl } for  pid=10068 comm="syz.6.1970" path="socket:[26043]" dev="sockfs" ino=26043 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  209.529789][   T29] audit: type=1400 audit(1753911588.827:9585): avc:  denied  { write } for  pid=10068 comm="syz.6.1970" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  209.841705][T10074] loop2: detected capacity change from 0 to 512
[  209.883436][T10074] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  209.892659][T10074] EXT4-fs (loop2): orphan cleanup on readonly fs
[  209.901782][T10074] EXT4-fs (loop2): 1 orphan inode deleted
[  209.998198][ T4486] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  210.008152][ T4486] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:19: Failed to release dquot type 1
[  210.021132][T10074] EXT4-fs mount: 6 callbacks suppressed
[  210.021148][T10074] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  210.022499][   T29] audit: type=1400 audit(1753911589.439:9586): avc:  denied  { bind } for  pid=10079 comm="syz.0.1972" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  210.104733][   T29] audit: type=1400 audit(1753911589.450:9587): avc:  denied  { listen } for  pid=10079 comm="syz.0.1972" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  210.236991][T10092] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1978'.
[  210.246809][T10092] IPVS: Error joining to the multicast group
[  210.289593][T10095] netlink: 'syz.1.1980': attribute type 1 has an invalid length.
[  210.297628][T10095] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1980'.
[  210.338000][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.572366][T10111] netlink: 'syz.2.1981': attribute type 1 has an invalid length.
[  210.580517][T10111] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1981'.
[  210.673418][T10120] loop0: detected capacity change from 0 to 512
[  210.682491][T10120] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  210.716430][T10121] loop1: detected capacity change from 0 to 512
[  210.723984][T10121] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  210.746276][T10120] EXT4-fs (loop0): 1 truncate cleaned up
[  210.782494][T10121] EXT4-fs (loop1): 1 truncate cleaned up
[  210.790363][T10120] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  210.806960][T10121] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  210.915402][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.915407][T10120] FAULT_INJECTION: forcing a failure.
[  210.915407][T10120] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  210.924807][T10120] CPU: 0 UID: 0 PID: 10120 Comm: syz.0.1986 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  210.924835][T10120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  210.924846][T10120] Call Trace:
[  210.924855][T10120]  <TASK>
[  210.924864][T10120]  __dump_stack+0x1d/0x30
[  210.924888][T10120]  dump_stack_lvl+0xe8/0x140
[  210.924932][T10120]  dump_stack+0x15/0x1b
[  210.924948][T10120]  should_fail_ex+0x265/0x280
[  210.924977][T10120]  should_fail+0xb/0x20
[  210.925000][T10120]  should_fail_usercopy+0x1a/0x20
[  210.925080][T10120]  _copy_to_user+0x20/0xa0
[  210.925099][T10120]  simple_read_from_buffer+0xb5/0x130
[  210.925130][T10120]  proc_fail_nth_read+0x10e/0x150
[  210.925158][T10120]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  210.925179][T10120]  vfs_read+0x19d/0x6f0
[  210.925199][T10120]  ? __rcu_read_unlock+0x4f/0x70
[  210.925238][T10120]  ? __fget_files+0x184/0x1c0
[  210.925262][T10120]  ksys_read+0xda/0x1a0
[  210.925281][T10120]  __x64_sys_read+0x40/0x50
[  210.925330][T10120]  x64_sys_call+0x27bc/0x2ff0
[  210.925350][T10120]  do_syscall_64+0xd2/0x200
[  210.925421][T10120]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  210.925446][T10120]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  210.925473][T10120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.925494][T10120] RIP: 0033:0x7fd8113cd3bc
[  210.925553][T10120] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  210.925570][T10120] RSP: 002b:00007fd80fa2f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  210.925589][T10120] RAX: ffffffffffffffda RBX: 00007fd8115f5fa0 RCX: 00007fd8113cd3bc
[  210.925602][T10120] RDX: 000000000000000f RSI: 00007fd80fa2f0a0 RDI: 0000000000000008
[  210.925614][T10120] RBP: 00007fd80fa2f090 R08: 0000000000000000 R09: 0000000000000000
[  210.925631][T10120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  210.925643][T10120] R13: 0000000000000000 R14: 00007fd8115f5fa0 R15: 00007ffdcdb80bf8
[  210.925662][T10120]  </TASK>
[  211.152053][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.216771][T10144] loop2: detected capacity change from 0 to 1024
[  211.224139][T10144] journal_path: Non-blockdev passed as './file1'
[  211.230675][T10144] EXT4-fs: error: could not find journal device path
[  211.247560][T10146] loop0: detected capacity change from 0 to 512
[  211.255118][T10146] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  211.267894][T10148] loop2: detected capacity change from 0 to 128
[  211.277286][T10148] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  211.290811][T10148] ext4 filesystem being mounted at /390/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  211.303586][T10146] EXT4-fs (loop0): 1 truncate cleaned up
[  211.310103][T10146] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.374209][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.390686][ T3296] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  211.404476][T10152] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1998'.
[  211.415323][T10152] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1998'.
[  211.425187][T10152] FAULT_INJECTION: forcing a failure.
[  211.425187][T10152] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  211.438503][T10152] CPU: 1 UID: 0 PID: 10152 Comm: syz.0.1998 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  211.438532][T10152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  211.438546][T10152] Call Trace:
[  211.438553][T10152]  <TASK>
[  211.438560][T10152]  __dump_stack+0x1d/0x30
[  211.438584][T10152]  dump_stack_lvl+0xe8/0x140
[  211.438604][T10152]  dump_stack+0x15/0x1b
[  211.438638][T10152]  should_fail_ex+0x265/0x280
[  211.438733][T10152]  should_fail+0xb/0x20
[  211.438772][T10152]  should_fail_usercopy+0x1a/0x20
[  211.438795][T10152]  _copy_to_user+0x20/0xa0
[  211.438814][T10152]  simple_read_from_buffer+0xb5/0x130
[  211.438918][T10152]  proc_fail_nth_read+0x10e/0x150
[  211.438940][T10152]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  211.438958][T10152]  vfs_read+0x19d/0x6f0
[  211.438973][T10152]  ? __rcu_read_unlock+0x4f/0x70
[  211.439039][T10152]  ? __fget_files+0x184/0x1c0
[  211.439086][T10152]  ksys_read+0xda/0x1a0
[  211.439105][T10152]  __x64_sys_read+0x40/0x50
[  211.439125][T10152]  x64_sys_call+0x27bc/0x2ff0
[  211.439216][T10152]  do_syscall_64+0xd2/0x200
[  211.439325][T10152]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  211.439414][T10152]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  211.439441][T10152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.439505][T10152] RIP: 0033:0x7fd8113cd3bc
[  211.439519][T10152] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  211.439534][T10152] RSP: 002b:00007fd80fa2f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  211.439552][T10152] RAX: ffffffffffffffda RBX: 00007fd8115f5fa0 RCX: 00007fd8113cd3bc
[  211.439609][T10152] RDX: 000000000000000f RSI: 00007fd80fa2f0a0 RDI: 0000000000000007
[  211.439622][T10152] RBP: 00007fd80fa2f090 R08: 0000000000000000 R09: 0000000000000000
[  211.439707][T10152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  211.439721][T10152] R13: 0000000000000000 R14: 00007fd8115f5fa0 R15: 00007ffdcdb80bf8
[  211.439739][T10152]  </TASK>
[  211.670798][T10154] loop2: detected capacity change from 0 to 512
[  211.681125][T10154] EXT4-fs: Ignoring removed mblk_io_submit option
[  211.726437][T10154] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  211.758931][T10158] loop6: detected capacity change from 0 to 2048
[  211.779317][T10158] EXT4-fs (loop6): failed to initialize system zone (-117)
[  211.787147][T10158] EXT4-fs (loop6): mount failed
[  211.892689][T10154] EXT4-fs (loop2): 1 truncate cleaned up
[  211.898825][T10154] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  211.923252][T10158] siw: device registration error -23
[  211.940463][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.995784][T10168] loop0: detected capacity change from 0 to 8192
[  212.488284][T10190] loop1: detected capacity change from 0 to 2048
[  212.501945][T10190] EXT4-fs (loop1): #clusters per group too big: 151011328
[  212.805381][T10190] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2011'.
[  212.992625][T10198] loop2: detected capacity change from 0 to 512
[  213.011585][T10198] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  213.021151][T10190] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2011'.
[  213.202441][T10198] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.216858][T10198] ext4 filesystem being mounted at /393/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  213.249163][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.389815][T10221] loop4: detected capacity change from 0 to 8192
[  213.678445][T10231] netlink: 'syz.6.2022': attribute type 27 has an invalid length.
[  213.704464][T10234] FAULT_INJECTION: forcing a failure.
[  213.704464][T10234] name failslab, interval 1, probability 0, space 0, times 0
[  213.718210][T10234] CPU: 1 UID: 0 PID: 10234 Comm: syz.0.2024 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  213.718246][T10234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  213.718256][T10234] Call Trace:
[  213.718270][T10234]  <TASK>
[  213.718328][T10234]  __dump_stack+0x1d/0x30
[  213.718350][T10234]  dump_stack_lvl+0xe8/0x140
[  213.718366][T10234]  dump_stack+0x15/0x1b
[  213.718421][T10234]  should_fail_ex+0x265/0x280
[  213.718447][T10234]  should_failslab+0x8c/0xb0
[  213.718472][T10234]  __kvmalloc_node_noprof+0x123/0x4e0
[  213.718531][T10234]  ? seq_read_iter+0x13e/0x940
[  213.718560][T10234]  seq_read_iter+0x13e/0x940
[  213.718583][T10234]  ? _parse_integer+0x27/0x40
[  213.718610][T10234]  seq_read+0x1f7/0x240
[  213.718679][T10234]  ? __pfx_seq_read+0x10/0x10
[  213.718700][T10234]  vfs_readv+0x3fb/0x690
[  213.718794][T10234]  __x64_sys_preadv+0xfd/0x1c0
[  213.718887][T10234]  x64_sys_call+0x282a/0x2ff0
[  213.718908][T10234]  do_syscall_64+0xd2/0x200
[  213.718964][T10234]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  213.718987][T10234]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  213.719012][T10234]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.719184][T10234] RIP: 0033:0x7fd8113ce9a9
[  213.719200][T10234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.719254][T10234] RSP: 002b:00007fd80fa2f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  213.719359][T10234] RAX: ffffffffffffffda RBX: 00007fd8115f5fa0 RCX: 00007fd8113ce9a9
[  213.719373][T10234] RDX: 0000000000000001 RSI: 0000200000000bc0 RDI: 0000000000000004
[  213.719386][T10234] RBP: 00007fd80fa2f090 R08: 0000000000000000 R09: 0000000000000000
[  213.719408][T10234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.719421][T10234] R13: 0000000000000000 R14: 00007fd8115f5fa0 R15: 00007ffdcdb80bf8
[  213.719438][T10234]  </TASK>
[  213.729133][T10231] 8021q: adding VLAN 0 to HW filter on device 

[  213.822707][T10240] SELinux: syz.0.2026 (10240) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  213.827798][T10231] 8021q: adding VLAN 0 to HW filter on device team0
[  213.889410][T10241] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2026'.
[  213.961519][T10231] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  214.004918][T10231] netlink: 'syz.6.2022': attribute type 27 has an invalid length.
[  214.051089][T10246] loop2: detected capacity change from 0 to 512
[  214.062023][T10246] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  214.101542][T10246] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.161535][T10264] netlink: 'syz.1.2034': attribute type 1 has an invalid length.
[  214.169578][T10264] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2034'.
[  214.175231][T10246] ext4 filesystem being mounted at /395/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  214.218629][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.249090][   T29] kauditd_printk_skb: 119 callbacks suppressed
[  214.249143][   T29] audit: type=1400 audit(1753911593.967:9707): avc:  denied  { accept } for  pid=10268 comm="syz.2.2035" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  214.294930][   T29] audit: type=1326 audit(1753911593.999:9708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10268 comm="syz.2.2035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4029e9a9 code=0x7ffc0000
[  214.320143][   T29] audit: type=1326 audit(1753911593.999:9709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10268 comm="syz.2.2035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4029e9a9 code=0x7ffc0000
[  214.344679][   T29] audit: type=1326 audit(1753911593.999:9710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10268 comm="syz.2.2035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4029e9a9 code=0x7ffc0000
[  214.350640][T10276] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2036'.
[  214.369656][   T29] audit: type=1326 audit(1753911593.999:9711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10268 comm="syz.2.2035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4029e9a9 code=0x7ffc0000
[  214.392702][T10274] loop2: detected capacity change from 0 to 512
[  214.403778][   T29] audit: type=1326 audit(1753911593.999:9712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10268 comm="syz.2.2035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd4029e9a9 code=0x7ffc0000
[  214.428805][T10274] EXT4-fs: Ignoring removed mblk_io_submit option
[  214.434112][   T29] audit: type=1326 audit(1753911593.999:9713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10268 comm="syz.2.2035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4029e9a9 code=0x7ffc0000
[  214.465629][   T29] audit: type=1326 audit(1753911593.999:9714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10268 comm="syz.2.2035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbd4029e9a9 code=0x7ffc0000
[  214.489781][   T29] audit: type=1326 audit(1753911593.999:9715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10268 comm="syz.2.2035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4029e9a9 code=0x7ffc0000
[  214.514461][   T29] audit: type=1326 audit(1753911593.999:9716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10268 comm="syz.2.2035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd4029e9a9 code=0x7ffc0000
[  214.516369][T10274] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  214.641473][T10274] EXT4-fs (loop2): 1 truncate cleaned up
[  214.647670][T10274] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.712792][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.397748][T10309] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2047'.
[  215.408173][T10309] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2047'.
[  215.423362][T10294] lo speed is unknown, defaulting to 1000
[  215.437756][T10294] lo speed is unknown, defaulting to 1000
[  215.462786][T10307] loop2: detected capacity change from 0 to 512
[  215.491226][T10307] EXT4-fs (loop2): orphan cleanup on readonly fs
[  215.504867][T10294] lo speed is unknown, defaulting to 1000
[  215.530523][T10307] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2043: bg 0: block 248: padding at end of block bitmap is not set
[  215.609296][T10307] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.2043: Failed to acquire dquot type 1
[  215.634830][T10318] loop4: detected capacity change from 0 to 512
[  215.644631][T10318] EXT4-fs: Ignoring removed mblk_io_submit option
[  215.651851][T10307] EXT4-fs (loop2): 1 truncate cleaned up
[  215.658737][T10318] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  215.669612][T10307] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  215.691726][T10318] EXT4-fs (loop4): 1 truncate cleaned up
[  215.703138][T10318] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.793352][ T5120] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.832526][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.976088][T10347] loop2: detected capacity change from 0 to 512
[  215.983064][T10347] EXT4-fs: Ignoring removed mblk_io_submit option
[  215.990499][T10347] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  216.005997][T10347] EXT4-fs (loop2): 1 truncate cleaned up
[  216.014926][T10341] loop1: detected capacity change from 0 to 256
[  216.023508][T10347] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.046082][T10341] FAT-fs (loop1): Directory bread(block 64) failed
[  216.053596][T10341] FAT-fs (loop1): Directory bread(block 65) failed
[  216.060593][T10341] FAT-fs (loop1): Directory bread(block 66) failed
[  216.071256][T10341] FAT-fs (loop1): Directory bread(block 67) failed
[  216.077984][T10341] FAT-fs (loop1): Directory bread(block 68) failed
[  216.079180][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.084797][T10341] FAT-fs (loop1): Directory bread(block 69) failed
[  216.100416][T10341] FAT-fs (loop1): Directory bread(block 70) failed
[  216.107228][T10341] FAT-fs (loop1): Directory bread(block 71) failed
[  216.113878][T10341] FAT-fs (loop1): Directory bread(block 72) failed
[  216.120415][T10341] FAT-fs (loop1): Directory bread(block 73) failed
[  216.283542][T10373] lo speed is unknown, defaulting to 1000
[  216.292796][T10373] lo speed is unknown, defaulting to 1000
[  216.337769][T10380] loop1: detected capacity change from 0 to 512
[  216.349202][T10373] lo speed is unknown, defaulting to 1000
[  216.354098][T10380] EXT4-fs: Ignoring removed mblk_io_submit option
[  216.363999][T10380] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  216.405854][T10380] EXT4-fs (loop1): 1 truncate cleaned up
[  216.455721][T10380] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.543618][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.561966][T10394] FAULT_INJECTION: forcing a failure.
[  216.561966][T10394] name failslab, interval 1, probability 0, space 0, times 0
[  216.576059][T10394] CPU: 0 UID: 0 PID: 10394 Comm: syz.1.2081 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  216.576097][T10394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  216.576108][T10394] Call Trace:
[  216.576114][T10394]  <TASK>
[  216.576122][T10394]  __dump_stack+0x1d/0x30
[  216.576144][T10394]  dump_stack_lvl+0xe8/0x140
[  216.576168][T10394]  dump_stack+0x15/0x1b
[  216.576186][T10394]  should_fail_ex+0x265/0x280
[  216.576211][T10394]  should_failslab+0x8c/0xb0
[  216.576271][T10394]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  216.576296][T10394]  ? sidtab_sid2str_get+0xa0/0x130
[  216.576399][T10394]  kmemdup_noprof+0x2b/0x70
[  216.576500][T10394]  sidtab_sid2str_get+0xa0/0x130
[  216.576606][T10394]  security_sid_to_context_core+0x1eb/0x2e0
[  216.576637][T10394]  security_sid_to_context+0x27/0x40
[  216.576665][T10394]  avc_audit_post_callback+0x10f/0x520
[  216.576721][T10394]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  216.576779][T10394]  common_lsm_audit+0x1bb/0x230
[  216.576804][T10394]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  216.576836][T10394]  slow_avc_audit+0x104/0x140
[  216.576887][T10394]  avc_has_perm+0x13a/0x180
[  216.576927][T10394]  selinux_socket_sendmsg+0x175/0x1b0
[  216.576955][T10394]  security_socket_sendmsg+0x48/0x80
[  216.576977][T10394]  __sock_sendmsg+0x30/0x180
[  216.577047][T10394]  ____sys_sendmsg+0x31e/0x4e0
[  216.577107][T10394]  ___sys_sendmsg+0x17b/0x1d0
[  216.577146][T10394]  __x64_sys_sendmsg+0xd4/0x160
[  216.577176][T10394]  x64_sys_call+0x191e/0x2ff0
[  216.577193][T10394]  do_syscall_64+0xd2/0x200
[  216.577259][T10394]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  216.577331][T10394]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  216.577358][T10394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.577379][T10394] RIP: 0033:0x7f57d17ce9a9
[  216.577395][T10394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.577418][T10394] RSP: 002b:00007f57cfe37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  216.577436][T10394] RAX: ffffffffffffffda RBX: 00007f57d19f5fa0 RCX: 00007f57d17ce9a9
[  216.577447][T10394] RDX: 0000000020000004 RSI: 0000200000000200 RDI: 0000000000000006
[  216.577458][T10394] RBP: 00007f57cfe37090 R08: 0000000000000000 R09: 0000000000000000
[  216.577538][T10394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.577550][T10394] R13: 0000000000000000 R14: 00007f57d19f5fa0 R15: 00007ffc172db7b8
[  216.577565][T10394]  </TASK>
[  216.831501][T10396] loop6: detected capacity change from 0 to 256
[  216.898588][T10396] FAT-fs (loop6): Directory bread(block 64) failed
[  216.920973][T10396] FAT-fs (loop6): Directory bread(block 65) failed
[  216.952284][T10396] FAT-fs (loop6): Directory bread(block 66) failed
[  216.958973][T10396] FAT-fs (loop6): Directory bread(block 67) failed
[  216.962192][T10406] loop1: detected capacity change from 0 to 512
[  216.978593][T10396] FAT-fs (loop6): Directory bread(block 68) failed
[  216.992249][T10406] EXT4-fs: quotafile must be on filesystem root
[  217.000919][T10396] FAT-fs (loop6): Directory bread(block 69) failed
[  217.007882][T10396] FAT-fs (loop6): Directory bread(block 70) failed
[  217.019009][T10406] bridge0: entered allmulticast mode
[  217.021097][T10396] FAT-fs (loop6): Directory bread(block 71) failed
[  217.035853][T10406] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2085'.
[  217.043755][T10396] FAT-fs (loop6): Directory bread(block 72) failed
[  217.051710][T10396] FAT-fs (loop6): Directory bread(block 73) failed
[  217.062507][T10406] bridge_slave_1: left allmulticast mode
[  217.068534][T10406] bridge_slave_1: left promiscuous mode
[  217.074542][T10406] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.111438][T10406] bridge_slave_0: left allmulticast mode
[  217.117736][T10406] bridge_slave_0: left promiscuous mode
[  217.123731][T10406] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.158323][T10406] bridge0 (unregistering): left allmulticast mode
[  217.367449][T10430] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2094'.
[  217.393047][T10430] IPVS: Error joining to the multicast group
[  217.970800][T10446] netlink: 'syz.4.2100': attribute type 1 has an invalid length.
[  217.979452][T10446] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2100'.
[  218.021368][T10444] loop2: detected capacity change from 0 to 8192
[  218.363342][T10462] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2105'.
[  218.376068][T10462] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2105'.
[  218.392818][T10462] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2105'.
[  218.612365][T10492] loop0: detected capacity change from 0 to 2048
[  218.630399][T10492] EXT4-fs (loop0): #clusters per group too big: 151011328
[  218.651421][T10492] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2118'.
[  218.711582][T10497] netlink: 'syz.1.2121': attribute type 10 has an invalid length.
[  218.720512][T10492] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2118'.
[  218.753520][T10502] SELinux: syz.6.2122 (10502) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  218.941182][   T29] kauditd_printk_skb: 341 callbacks suppressed
[  218.941197][   T29] audit: type=1326 audit(1753911598.998:10056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.2.2116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4029e9a9 code=0x7ffc0000
[  218.981169][   T29] audit: type=1326 audit(1753911598.998:10057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.2.2116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4029e9a9 code=0x7ffc0000
[  219.067488][   T29] audit: type=1400 audit(1753911599.138:10058): avc:  denied  { create } for  pid=10526 comm="syz.0.2133" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  219.115524][   T29] audit: type=1400 audit(1753911599.192:10059): avc:  denied  { write } for  pid=10526 comm="syz.0.2133" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  219.136783][   T29] audit: type=1400 audit(1753911599.192:10060): avc:  denied  { nlmsg_write } for  pid=10526 comm="syz.0.2133" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  219.240340][T10537] loop2: detected capacity change from 0 to 2048
[  219.248691][T10537] EXT4-fs (loop2): #clusters per group too big: 151011328
[  219.284135][   T29] audit: type=1326 audit(1753911599.374:10061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10540 comm="syz.0.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  219.309563][   T29] audit: type=1326 audit(1753911599.374:10062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10540 comm="syz.0.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  219.333720][   T29] audit: type=1326 audit(1753911599.374:10063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10540 comm="syz.0.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  219.358272][   T29] audit: type=1326 audit(1753911599.374:10064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10540 comm="syz.0.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  219.382176][   T29] audit: type=1326 audit(1753911599.374:10065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10540 comm="syz.0.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  219.430552][T10546] 8021q: adding VLAN 0 to HW filter on device bond0
[  219.449227][T10546] FAULT_INJECTION: forcing a failure.
[  219.449227][T10546] name failslab, interval 1, probability 0, space 0, times 0
[  219.462909][T10546] CPU: 1 UID: 0 PID: 10546 Comm: syz.0.2137 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  219.462937][T10546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  219.462948][T10546] Call Trace:
[  219.462956][T10546]  <TASK>
[  219.463036][T10546]  __dump_stack+0x1d/0x30
[  219.463057][T10546]  dump_stack_lvl+0xe8/0x140
[  219.463075][T10546]  dump_stack+0x15/0x1b
[  219.463089][T10546]  should_fail_ex+0x265/0x280
[  219.463118][T10546]  should_failslab+0x8c/0xb0
[  219.463190][T10546]  kmem_cache_alloc_node_noprof+0x57/0x320
[  219.463223][T10546]  ? __alloc_skb+0x101/0x320
[  219.463250][T10546]  __alloc_skb+0x101/0x320
[  219.463348][T10546]  ? _raw_spin_unlock_bh+0x36/0x40
[  219.463370][T10546]  inet_ifmcaddr_notify+0x64/0x120
[  219.463409][T10546]  __ip_mc_dec_group+0x1ac/0x3d0
[  219.463429][T10546]  ip_mc_down+0x13d/0x1c0
[  219.463449][T10546]  inetdev_event+0x1b3/0xc10
[  219.463475][T10546]  ? __pfx_ib_netdevice_event+0x10/0x10
[  219.463543][T10546]  ? ib_netdevice_event+0x28b/0x5f0
[  219.463570][T10546]  ? __pfx_arp_netdev_event+0x10/0x10
[  219.463634][T10546]  ? __pfx_inetdev_event+0x10/0x10
[  219.463662][T10546]  raw_notifier_call_chain+0x6c/0x1b0
[  219.463679][T10546]  ? call_netdevice_notifiers_info+0x9c/0x100
[  219.463704][T10546]  call_netdevice_notifiers_info+0xae/0x100
[  219.463727][T10546]  dev_close_many+0x170/0x240
[  219.463749][T10546]  unregister_netdevice_many_notify+0x441/0x1690
[  219.463828][T10546]  ? unregister_netdevice_queue+0x12b/0x220
[  219.463857][T10546]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  219.463884][T10546]  rtnl_dellink+0x3cb/0x550
[  219.463977][T10546]  ? selinux_capable+0x31/0x40
[  219.463999][T10546]  ? security_capable+0x83/0x90
[  219.464064][T10546]  ? ns_capable+0x7d/0xb0
[  219.464085][T10546]  ? __pfx_rtnl_dellink+0x10/0x10
[  219.464159][T10546]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  219.464179][T10546]  ? avc_has_perm_noaudit+0x1b1/0x200
[  219.464212][T10546]  netlink_rcv_skb+0x120/0x220
[  219.464240][T10546]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  219.464344][T10546]  rtnetlink_rcv+0x1c/0x30
[  219.464361][T10546]  netlink_unicast+0x5a8/0x680
[  219.464444][T10546]  netlink_sendmsg+0x58b/0x6b0
[  219.464473][T10546]  ? __pfx_netlink_sendmsg+0x10/0x10
[  219.464546][T10546]  __sock_sendmsg+0x145/0x180
[  219.464568][T10546]  ____sys_sendmsg+0x31e/0x4e0
[  219.464599][T10546]  ___sys_sendmsg+0x17b/0x1d0
[  219.464677][T10546]  __x64_sys_sendmsg+0xd4/0x160
[  219.464753][T10546]  x64_sys_call+0x191e/0x2ff0
[  219.464843][T10546]  do_syscall_64+0xd2/0x200
[  219.464912][T10546]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  219.464938][T10546]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  219.464963][T10546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.464982][T10546] RIP: 0033:0x7fd8113ce9a9
[  219.464997][T10546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.465062][T10546] RSP: 002b:00007fd80fa2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  219.465082][T10546] RAX: ffffffffffffffda RBX: 00007fd8115f5fa0 RCX: 00007fd8113ce9a9
[  219.465095][T10546] RDX: 0000000000040040 RSI: 0000200000000100 RDI: 0000000000000003
[  219.465107][T10546] RBP: 00007fd80fa2f090 R08: 0000000000000000 R09: 0000000000000000
[  219.465118][T10546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  219.465129][T10546] R13: 0000000000000000 R14: 00007fd8115f5fa0 R15: 00007ffdcdb80bf8
[  219.465216][T10546]  </TASK>
[  219.821212][T10546] bond0 (unregistering): Released all slaves
[  219.880891][T10566] loop2: detected capacity change from 0 to 2048
[  219.897744][T10566] EXT4-fs (loop2): #clusters per group too big: 151011328
[  219.962537][T10578] FAULT_INJECTION: forcing a failure.
[  219.962537][T10578] name failslab, interval 1, probability 0, space 0, times 0
[  219.975475][T10578] CPU: 0 UID: 0 PID: 10578 Comm: syz.1.2149 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  219.975504][T10578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  219.975516][T10578] Call Trace:
[  219.975524][T10578]  <TASK>
[  219.975532][T10578]  __dump_stack+0x1d/0x30
[  219.975623][T10578]  dump_stack_lvl+0xe8/0x140
[  219.975643][T10578]  dump_stack+0x15/0x1b
[  219.975657][T10578]  should_fail_ex+0x265/0x280
[  219.975758][T10578]  should_failslab+0x8c/0xb0
[  219.975786][T10578]  __kmalloc_cache_node_noprof+0x54/0x320
[  219.975816][T10578]  ? __get_vm_area_node+0x106/0x1d0
[  219.975896][T10578]  __get_vm_area_node+0x106/0x1d0
[  219.975926][T10578]  __vmalloc_node_range_noprof+0x273/0xe00
[  219.975956][T10578]  ? sel_write_load+0x158/0x380
[  219.976069][T10578]  ? common_lsm_audit+0x1ca/0x230
[  219.976095][T10578]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  219.976134][T10578]  ? sel_write_load+0x158/0x380
[  219.976164][T10578]  vmalloc_noprof+0x82/0xc0
[  219.976193][T10578]  ? sel_write_load+0x158/0x380
[  219.976223][T10578]  sel_write_load+0x158/0x380
[  219.976310][T10578]  ? __pfx_sel_write_load+0x10/0x10
[  219.976338][T10578]  vfs_write+0x269/0x8e0
[  219.976401][T10578]  ? __rcu_read_unlock+0x4f/0x70
[  219.976421][T10578]  ? __fget_files+0x184/0x1c0
[  219.976446][T10578]  ksys_write+0xda/0x1a0
[  219.976516][T10578]  __x64_sys_write+0x40/0x50
[  219.976532][T10578]  x64_sys_call+0x27fe/0x2ff0
[  219.976554][T10578]  do_syscall_64+0xd2/0x200
[  219.976624][T10578]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  219.976681][T10578]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  219.976709][T10578]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.976728][T10578] RIP: 0033:0x7f57d17ce9a9
[  219.976742][T10578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.976886][T10578] RSP: 002b:00007f57cfe37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  219.976906][T10578] RAX: ffffffffffffffda RBX: 00007f57d19f5fa0 RCX: 00007f57d17ce9a9
[  219.976919][T10578] RDX: 000000000000ffa8 RSI: 0000200000000000 RDI: 0000000000000003
[  219.976930][T10578] RBP: 00007f57cfe37090 R08: 0000000000000000 R09: 0000000000000000
[  219.976940][T10578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  219.977002][T10578] R13: 0000000000000000 R14: 00007f57d19f5fa0 R15: 00007ffc172db7b8
[  219.977020][T10578]  </TASK>
[  219.977027][T10578] syz.1.2149: vmalloc error: size 65448, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0
[  220.233672][T10578] CPU: 0 UID: 0 PID: 10578 Comm: syz.1.2149 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  220.233741][T10578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  220.233754][T10578] Call Trace:
[  220.233762][T10578]  <TASK>
[  220.233770][T10578]  __dump_stack+0x1d/0x30
[  220.233794][T10578]  dump_stack_lvl+0xe8/0x140
[  220.233881][T10578]  dump_stack+0x15/0x1b
[  220.233896][T10578]  warn_alloc+0x12b/0x1a0
[  220.233933][T10578]  __vmalloc_node_range_noprof+0x297/0xe00
[  220.234018][T10578]  ? common_lsm_audit+0x1ca/0x230
[  220.234044][T10578]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  220.234084][T10578]  ? sel_write_load+0x158/0x380
[  220.234141][T10578]  vmalloc_noprof+0x82/0xc0
[  220.234250][T10578]  ? sel_write_load+0x158/0x380
[  220.234279][T10578]  sel_write_load+0x158/0x380
[  220.234310][T10578]  ? __pfx_sel_write_load+0x10/0x10
[  220.234353][T10578]  vfs_write+0x269/0x8e0
[  220.234369][T10578]  ? __rcu_read_unlock+0x4f/0x70
[  220.234395][T10578]  ? __fget_files+0x184/0x1c0
[  220.234417][T10578]  ksys_write+0xda/0x1a0
[  220.234434][T10578]  __x64_sys_write+0x40/0x50
[  220.234542][T10578]  x64_sys_call+0x27fe/0x2ff0
[  220.234563][T10578]  do_syscall_64+0xd2/0x200
[  220.234590][T10578]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  220.234616][T10578]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  220.234712][T10578]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.234732][T10578] RIP: 0033:0x7f57d17ce9a9
[  220.234823][T10578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.234841][T10578] RSP: 002b:00007f57cfe37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  220.234860][T10578] RAX: ffffffffffffffda RBX: 00007f57d19f5fa0 RCX: 00007f57d17ce9a9
[  220.234877][T10578] RDX: 000000000000ffa8 RSI: 0000200000000000 RDI: 0000000000000003
[  220.234888][T10578] RBP: 00007f57cfe37090 R08: 0000000000000000 R09: 0000000000000000
[  220.234964][T10578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.234976][T10578] R13: 0000000000000000 R14: 00007f57d19f5fa0 R15: 00007ffc172db7b8
[  220.234995][T10578]  </TASK>
[  220.235017][T10578] Mem-Info:
[  220.456365][T10578] active_anon:21875 inactive_anon:0 isolated_anon:6
[  220.456365][T10578]  active_file:18947 inactive_file:2539 isolated_file:0
[  220.456365][T10578]  unevictable:5 dirty:309 writeback:0
[  220.456365][T10578]  slab_reclaimable:3366 slab_unreclaimable:25324
[  220.456365][T10578]  mapped:32368 shmem:18792 pagetables:975
[  220.456365][T10578]  sec_pagetables:0 bounce:0
[  220.456365][T10578]  kernel_misc_reclaimable:0
[  220.456365][T10578]  free:1842294 free_pcp:27751 free_cma:0
[  220.502269][T10578] Node 0 active_anon:87500kB inactive_anon:0kB active_file:75788kB inactive_file:10156kB unevictable:20kB isolated(anon):24kB isolated(file):0kB mapped:129472kB dirty:1236kB writeback:0kB shmem:75168kB writeback_tmp:0kB kernel_stack:5376kB pagetables:3900kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  220.532626][T10578] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  220.562237][T10578] lowmem_reserve[]: 0 2883 7862 7862
[  220.567621][T10578] Node 0 DMA32 free:2949520kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953052kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:3532kB free_cma:0kB
[  220.598862][T10578] lowmem_reserve[]: 0 0 4978 4978
[  220.603939][T10578] Node 0 Normal free:4404296kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:87500kB inactive_anon:0kB active_file:75788kB inactive_file:10156kB unevictable:20kB writepending:1236kB present:5242880kB managed:5098240kB mlocked:20kB bounce:0kB free_pcp:107472kB local_pcp:27004kB free_cma:0kB
[  220.637444][T10578] lowmem_reserve[]: 0 0 0 0
[  220.642008][T10578] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  220.655417][T10578] Node 0 DMA32: 4*4kB (M) 2*8kB (M) 3*16kB (M) 4*32kB (M) 5*64kB (M) 3*128kB (M) 2*256kB (M) 4*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949520kB
[  220.672292][T10578] Node 0 Normal: 17*4kB (UME) 20*8kB (ME) 26*16kB (UME) 399*32kB (ME) 148*64kB (UME) 108*128kB (UME) 89*256kB (UME) 60*512kB (UME) 53*1024kB (UE) 36*2048kB (UM) 1022*4096kB (UM) = 4404324kB
[  220.691698][T10578] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  220.701062][T10578] 40264 total pagecache pages
[  220.705841][T10578] 1 pages in swap cache
[  220.710046][T10578] Free swap  = 124992kB
[  220.714297][T10578] Total swap = 124996kB
[  220.718466][T10578] 2097051 pages RAM
[  220.722362][T10578] 0 pages HighMem/MovableOnly
[  220.727113][T10578] 80388 pages reserved
[  220.781045][T10593] program +}[@ is using a deprecated SCSI ioctl, please convert it to SG_IO
[  220.794689][T10593] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  220.816772][T10593] loop0: detected capacity change from 0 to 128
[  220.823637][T10593] EXT4-fs: Ignoring removed nobh option
[  220.837756][T10593] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  220.866582][T10593] ext4 filesystem being mounted at /389/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  220.915970][ T3297] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  220.934567][T10611] SELinux: failed to load policy
[  220.967248][T10618] loop4: detected capacity change from 0 to 1024
[  220.974382][T10618] EXT4-fs: Ignoring removed orlov option
[  220.982397][T10618] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.000210][T10622] __nla_validate_parse: 6 callbacks suppressed
[  221.000231][T10622] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2163'.
[  221.311521][T10642] loop0: detected capacity change from 0 to 512
[  221.379974][ T5120] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.389835][T10642] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  221.398256][T10642] EXT4-fs (loop0): orphan cleanup on readonly fs
[  221.406540][T10642] EXT4-fs (loop0): 1 orphan inode deleted
[  221.412672][ T4486] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:19: Failed to release dquot type 1
[  221.435432][T10642] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  221.655441][T10651] loop1: detected capacity change from 0 to 1024
[  221.662811][T10651] journal_path: Non-blockdev passed as './file1'
[  221.669304][T10651] EXT4-fs: error: could not find journal device path
[  221.711770][T10653] netdevsim netdevsim1: Direct firmware load for ./file0/file1 failed with error -2
[  221.768286][T10658] loop1: detected capacity change from 0 to 1024
[  221.775954][T10658] EXT4-fs: Ignoring removed orlov option
[  221.783508][T10658] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.799128][T10658] FAULT_INJECTION: forcing a failure.
[  221.799128][T10658] name failslab, interval 1, probability 0, space 0, times 0
[  221.812494][T10658] CPU: 0 UID: 0 PID: 10658 Comm: syz.1.2174 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  221.812524][T10658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  221.812627][T10658] Call Trace:
[  221.812641][T10658]  <TASK>
[  221.812664][T10658]  __dump_stack+0x1d/0x30
[  221.812692][T10658]  dump_stack_lvl+0xe8/0x140
[  221.812713][T10658]  dump_stack+0x15/0x1b
[  221.812730][T10658]  should_fail_ex+0x265/0x280
[  221.812777][T10658]  should_failslab+0x8c/0xb0
[  221.812858][T10658]  __kmalloc_noprof+0xa5/0x3e0
[  221.812888][T10658]  ? copy_splice_read+0xc2/0x5f0
[  221.812922][T10658]  copy_splice_read+0xc2/0x5f0
[  221.813114][T10658]  ? __pfx_ext4_file_splice_read+0x10/0x10
[  221.813139][T10658]  splice_direct_to_actor+0x290/0x680
[  221.813166][T10658]  ? __pfx_direct_splice_actor+0x10/0x10
[  221.813254][T10658]  do_splice_direct+0xda/0x150
[  221.813279][T10658]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  221.813347][T10658]  do_sendfile+0x380/0x650
[  221.813376][T10658]  __x64_sys_sendfile64+0x105/0x150
[  221.813402][T10658]  x64_sys_call+0x2bb0/0x2ff0
[  221.813426][T10658]  do_syscall_64+0xd2/0x200
[  221.813462][T10658]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  221.813489][T10658]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  221.813517][T10658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.813690][T10658] RIP: 0033:0x7f57d17ce9a9
[  221.813705][T10658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.813720][T10658] RSP: 002b:00007f57cfe37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  221.813790][T10658] RAX: ffffffffffffffda RBX: 00007f57d19f5fa0 RCX: 00007f57d17ce9a9
[  221.813805][T10658] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000007
[  221.813818][T10658] RBP: 00007f57cfe37090 R08: 0000000000000000 R09: 0000000000000000
[  221.813831][T10658] R10: 000000000003ffff R11: 0000000000000246 R12: 0000000000000001
[  221.813841][T10658] R13: 0000000000000000 R14: 00007f57d19f5fa0 R15: 00007ffc172db7b8
[  221.813857][T10658]  </TASK>
[  222.084125][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.175906][T10663] loop2: detected capacity change from 0 to 512
[  222.183470][T10663] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  222.209608][T10663] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.247918][T10663] ext4 filesystem being mounted at /423/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  222.318303][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.337103][T10678] FAULT_INJECTION: forcing a failure.
[  222.337103][T10678] name failslab, interval 1, probability 0, space 0, times 0
[  222.350192][T10678] CPU: 0 UID: 0 PID: 10678 Comm: syz.0.2181 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  222.350222][T10678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  222.350234][T10678] Call Trace:
[  222.350266][T10678]  <TASK>
[  222.350311][T10678]  __dump_stack+0x1d/0x30
[  222.350332][T10678]  dump_stack_lvl+0xe8/0x140
[  222.350388][T10678]  dump_stack+0x15/0x1b
[  222.350401][T10678]  should_fail_ex+0x265/0x280
[  222.350430][T10678]  should_failslab+0x8c/0xb0
[  222.350535][T10678]  __kmalloc_noprof+0xa5/0x3e0
[  222.350641][T10678]  ? kobject_get_path+0x92/0x1c0
[  222.350658][T10678]  kobject_get_path+0x92/0x1c0
[  222.350676][T10678]  kobject_uevent_env+0x1da/0x570
[  222.350698][T10678]  ? device_pm_check_callbacks+0x683/0x6a0
[  222.350783][T10678]  kobject_uevent+0x1d/0x30
[  222.350900][T10678]  device_del+0x710/0x790
[  222.350955][T10678]  device_unregister+0x15/0x40
[  222.350984][T10678]  bdi_unregister+0x307/0x3a0
[  222.351006][T10678]  __del_gendisk+0x2c3/0x570
[  222.351023][T10678]  del_gendisk+0xac/0xf0
[  222.351042][T10678]  loop_remove+0x26/0x80
[  222.351060][T10678]  loop_control_ioctl+0x3b3/0x3f0
[  222.351081][T10678]  ? __pfx_loop_control_ioctl+0x10/0x10
[  222.351137][T10678]  __se_sys_ioctl+0xce/0x140
[  222.351166][T10678]  __x64_sys_ioctl+0x43/0x50
[  222.351190][T10678]  x64_sys_call+0x1816/0x2ff0
[  222.351260][T10678]  do_syscall_64+0xd2/0x200
[  222.351365][T10678]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  222.351402][T10678]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  222.351435][T10678]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.351512][T10678] RIP: 0033:0x7fd8113ce9a9
[  222.351527][T10678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.351545][T10678] RSP: 002b:00007fd80fa2f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  222.351561][T10678] RAX: ffffffffffffffda RBX: 00007fd8115f5fa0 RCX: 00007fd8113ce9a9
[  222.351573][T10678] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000003
[  222.351592][T10678] RBP: 00007fd80fa2f090 R08: 0000000000000000 R09: 0000000000000000
[  222.351604][T10678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.351686][T10678] R13: 0000000000000000 R14: 00007fd8115f5fa0 R15: 00007ffdcdb80bf8
[  222.351704][T10678]  </TASK>
[  222.593084][T10680] loop4: detected capacity change from 0 to 1024
[  222.606970][T10680] journal_path: Non-blockdev passed as './file1'
[  222.614059][T10680] EXT4-fs: error: could not find journal device path
[  222.648065][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.722800][T10701] FAULT_INJECTION: forcing a failure.
[  222.722800][T10701] name failslab, interval 1, probability 0, space 0, times 0
[  222.735626][T10701] CPU: 0 UID: 0 PID: 10701 Comm: syz.1.2190 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  222.735652][T10701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  222.735737][T10701] Call Trace:
[  222.735745][T10701]  <TASK>
[  222.735751][T10701]  __dump_stack+0x1d/0x30
[  222.735770][T10701]  dump_stack_lvl+0xe8/0x140
[  222.735787][T10701]  dump_stack+0x15/0x1b
[  222.735800][T10701]  should_fail_ex+0x265/0x280
[  222.735833][T10701]  should_failslab+0x8c/0xb0
[  222.735930][T10701]  kmem_cache_alloc_noprof+0x50/0x310
[  222.736025][T10701]  ? security_file_alloc+0x32/0x100
[  222.736051][T10701]  security_file_alloc+0x32/0x100
[  222.736112][T10701]  init_file+0x5c/0x1d0
[  222.736137][T10701]  alloc_empty_file+0x8b/0x200
[  222.736211][T10701]  alloc_file_pseudo+0xc6/0x160
[  222.736266][T10701]  __shmem_file_setup+0x1de/0x210
[  222.736325][T10701]  shmem_file_setup+0x3b/0x50
[  222.736411][T10701]  __se_sys_memfd_create+0x2c3/0x590
[  222.736471][T10701]  __x64_sys_memfd_create+0x31/0x40
[  222.736497][T10701]  x64_sys_call+0x2abe/0x2ff0
[  222.736514][T10701]  do_syscall_64+0xd2/0x200
[  222.736559][T10701]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  222.736581][T10701]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  222.736605][T10701]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.736625][T10701] RIP: 0033:0x7f57d17ce9a9
[  222.736720][T10701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.736734][T10701] RSP: 002b:00007f57cfe36e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  222.736750][T10701] RAX: ffffffffffffffda RBX: 0000000000000476 RCX: 00007f57d17ce9a9
[  222.736763][T10701] RDX: 00007f57cfe36ef0 RSI: 0000000000000000 RDI: 00007f57d18516fc
[  222.736855][T10701] RBP: 0000200000000540 R08: 00007f57cfe36bb7 R09: 00007f57cfe36e40
[  222.736868][T10701] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0
[  222.736880][T10701] R13: 00007f57cfe36ef0 R14: 00007f57cfe36eb0 R15: 0000200000000240
[  222.736896][T10701]  </TASK>
[  222.955394][T10692] loop2: detected capacity change from 0 to 256
[  222.969317][T10692] FAT-fs (loop2): Directory bread(block 64) failed
[  222.972775][T10705] loop1: detected capacity change from 0 to 512
[  222.976146][T10692] FAT-fs (loop2): Directory bread(block 65) failed
[  222.989234][T10692] FAT-fs (loop2): Directory bread(block 66) failed
[  222.996138][T10705] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  222.997405][T10691] loop4: detected capacity change from 0 to 256
[  223.005649][T10692] FAT-fs (loop2): Directory bread(block 67) failed
[  223.017943][T10692] FAT-fs (loop2): Directory bread(block 68) failed
[  223.024641][T10692] FAT-fs (loop2): Directory bread(block 69) failed
[  223.026296][T10705] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.033461][T10692] FAT-fs (loop2): Directory bread(block 70) failed
[  223.051470][T10692] FAT-fs (loop2): Directory bread(block 71) failed
[  223.052052][T10691] FAT-fs (loop4): Directory bread(block 64) failed
[  223.058920][T10705] ext4 filesystem being mounted at /497/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  223.065358][T10691] FAT-fs (loop4): Directory bread(block 65) failed
[  223.078154][T10692] FAT-fs (loop2): Directory bread(block 72) failed
[  223.082459][T10691] FAT-fs (loop4): Directory bread(block 66) failed
[  223.095654][T10691] FAT-fs (loop4): Directory bread(block 67) failed
[  223.102202][T10691] FAT-fs (loop4): Directory bread(block 68) failed
[  223.108878][T10691] FAT-fs (loop4): Directory bread(block 69) failed
[  223.113482][T10692] FAT-fs (loop2): Directory bread(block 73) failed
[  223.116001][T10691] FAT-fs (loop4): Directory bread(block 70) failed
[  223.123518][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.129297][T10691] FAT-fs (loop4): Directory bread(block 71) failed
[  223.145180][T10691] FAT-fs (loop4): Directory bread(block 72) failed
[  223.152953][T10691] FAT-fs (loop4): Directory bread(block 73) failed
[  223.223156][T10711] netlink: 'syz.1.2193': attribute type 27 has an invalid length.
[  223.244704][T10711] 8021q: adding VLAN 0 to HW filter on device 

[  223.253065][T10711] 8021q: adding VLAN 0 to HW filter on device team0
[  223.263899][T10711] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  223.288982][T10717] loop2: detected capacity change from 0 to 1024
[  223.297339][T10711] netlink: 'syz.1.2193': attribute type 27 has an invalid length.
[  223.303483][T10717] journal_path: Non-blockdev passed as './file1'
[  223.312226][T10717] EXT4-fs: error: could not find journal device path
[  223.584229][T10742] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.2197'.
[  223.594198][T10737] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.2197'.
[  223.607115][   T29] kauditd_printk_skb: 270 callbacks suppressed
[  223.607127][   T29] audit: type=1400 audit(1753911603.977:10335): avc:  denied  { create } for  pid=10740 comm="syz.6.2203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  223.633290][   T29] audit: type=1400 audit(1753911604.009:10336): avc:  denied  { sqpoll } for  pid=10723 comm="syz.4.2197" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  223.899436][T10755] FAULT_INJECTION: forcing a failure.
[  223.899436][T10755] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  223.906332][   T29] audit: type=1400 audit(1753911604.063:10337): avc:  denied  { write } for  pid=10731 comm="syz.1.2200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  223.913763][T10755] CPU: 0 UID: 0 PID: 10755 Comm: syz.0.2207 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  223.913814][T10755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  223.913826][T10755] Call Trace:
[  223.913833][T10755]  <TASK>
[  223.913868][T10755]  __dump_stack+0x1d/0x30
[  223.913887][T10755]  dump_stack_lvl+0xe8/0x140
[  223.913905][T10755]  dump_stack+0x15/0x1b
[  223.913921][T10755]  should_fail_ex+0x265/0x280
[  223.913949][T10755]  should_fail+0xb/0x20
[  223.914005][T10755]  should_fail_usercopy+0x1a/0x20
[  223.914057][T10755]  _copy_from_user+0x1c/0xb0
[  223.914175][T10755]  ___sys_sendmsg+0xc1/0x1d0
[  223.914255][T10755]  __x64_sys_sendmsg+0xd4/0x160
[  223.914334][T10755]  x64_sys_call+0x191e/0x2ff0
[  223.914354][T10755]  do_syscall_64+0xd2/0x200
[  223.914386][T10755]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  223.914430][T10755]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  223.914458][T10755]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.914479][T10755] RIP: 0033:0x7fd8113ce9a9
[  223.914495][T10755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.914512][T10755] RSP: 002b:00007fd80fa2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  223.914575][T10755] RAX: ffffffffffffffda RBX: 00007fd8115f5fa0 RCX: 00007fd8113ce9a9
[  223.914637][T10755] RDX: 000000002004c800 RSI: 0000200000000380 RDI: 0000000000000003
[  223.914649][T10755] RBP: 00007fd80fa2f090 R08: 0000000000000000 R09: 0000000000000000
[  223.914661][T10755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.914673][T10755] R13: 0000000000000000 R14: 00007fd8115f5fa0 R15: 00007ffdcdb80bf8
[  223.914691][T10755]  </TASK>
[  224.063746][T10759] audit: audit_backlog=65 > audit_backlog_limit=64
[  224.063764][T10759] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64
[  224.063778][T10759] audit: backlog limit exceeded
[  224.105266][T10759] netlink: 'syz.0.2208': attribute type 27 has an invalid length.
[  224.107082][   T29] audit: type=1400 audit(1753911604.073:10338): avc:  denied  { create } for  pid=10738 comm="syz.0.2202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  224.163499][ T3296] audit: audit_backlog=65 > audit_backlog_limit=64
[  224.168473][   T29] audit: type=1400 audit(1753911604.073:10339): avc:  denied  { ioctl } for  pid=10738 comm="syz.0.2202" path="socket:[27416]" dev="sockfs" ino=27416 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  224.176078][ T3296] audit: audit_lost=3 audit_rate_limit=0 audit_backlog_limit=64
[  224.227511][T10759] 8021q: adding VLAN 0 to HW filter on device 

[  224.228672][T10759] 8021q: adding VLAN 0 to HW filter on device team0
[  224.257452][T10762] loop2: detected capacity change from 0 to 1024
[  224.264932][T10762] journal_path: Non-blockdev passed as './file1'
[  224.264955][T10762] EXT4-fs: error: could not find journal device path
[  224.281469][T10759] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  224.281501][ T1062] lo speed is unknown, defaulting to 1000
[  224.281525][ T1062] s
z1: Port: 1 Link ACTIVE
[  224.281550][ T1062] lo speed is unknown, defaulting to 1000
[  224.319175][T10759] netlink: 'syz.0.2208': attribute type 27 has an invalid length.
[  224.341875][T10769] SELinux: syz.6.2213 (10769) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  224.358120][T10772] FAULT_INJECTION: forcing a failure.
[  224.358120][T10772] name failslab, interval 1, probability 0, space 0, times 0
[  224.358173][T10772] CPU: 0 UID: 0 PID: 10772 Comm: syz.2.2214 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  224.358197][T10772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  224.358209][T10772] Call Trace:
[  224.358216][T10772]  <TASK>
[  224.358224][T10772]  __dump_stack+0x1d/0x30
[  224.358246][T10772]  dump_stack_lvl+0xe8/0x140
[  224.358336][T10772]  dump_stack+0x15/0x1b
[  224.358350][T10772]  should_fail_ex+0x265/0x280
[  224.358381][T10772]  should_failslab+0x8c/0xb0
[  224.358401][T10772]  kmem_cache_alloc_node_noprof+0x57/0x320
[  224.358466][T10772]  ? __alloc_skb+0x101/0x320
[  224.358492][T10772]  __alloc_skb+0x101/0x320
[  224.358581][T10772]  netlink_alloc_large_skb+0xba/0xf0
[  224.358651][T10772]  netlink_sendmsg+0x3cf/0x6b0
[  224.358684][T10772]  ? __pfx_netlink_sendmsg+0x10/0x10
[  224.358774][T10772]  __sock_sendmsg+0x145/0x180
[  224.358793][T10772]  ____sys_sendmsg+0x31e/0x4e0
[  224.358823][T10772]  ___sys_sendmsg+0x17b/0x1d0
[  224.358863][T10772]  __x64_sys_sendmsg+0xd4/0x160
[  224.358924][T10772]  x64_sys_call+0x191e/0x2ff0
[  224.358945][T10772]  do_syscall_64+0xd2/0x200
[  224.359045][T10772]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  224.359098][T10772]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  224.359148][T10772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.359224][T10772] RIP: 0033:0x7fbd4029e9a9
[  224.359241][T10772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.359259][T10772] RSP: 002b:00007fbd3e907038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  224.359279][T10772] RAX: ffffffffffffffda RBX: 00007fbd404c5fa0 RCX: 00007fbd4029e9a9
[  224.359293][T10772] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  224.359306][T10772] RBP: 00007fbd3e907090 R08: 0000000000000000 R09: 0000000000000000
[  224.359319][T10772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.359363][T10772] R13: 0000000000000000 R14: 00007fbd404c5fa0 R15: 00007ffcef2e74f8
[  224.359424][T10772]  </TASK>
[  224.458781][T10775] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2213'.
[  224.552358][T10784] loop4: detected capacity change from 0 to 512
[  224.558494][T10784] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  224.558731][T10784] EXT4-fs (loop4): orphan cleanup on readonly fs
[  224.559748][T10784] EXT4-fs (loop4): 1 orphan inode deleted
[  224.559845][ T4486] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:19: Failed to release dquot type 1
[  224.560402][T10784] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  225.119903][ T5120] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.142287][T10791] loop4: detected capacity change from 0 to 512
[  225.153887][T10791] EXT4-fs: Ignoring removed mblk_io_submit option
[  225.161414][T10791] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  225.182293][T10791] EXT4-fs (loop4): 1 truncate cleaned up
[  225.188973][T10791] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.272179][ T5120] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.308271][T10798] batadv_slave_0: entered promiscuous mode
[  225.336240][T10797] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2221'.
[  225.351925][T10797] batadv_slave_0 (unregistering): left promiscuous mode
[  225.361236][T10797] batman_adv: batadv0: Removing interface: batadv_slave_0
[  225.381288][T10807] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2224'.
[  225.470679][T10811] netlink: 'syz.4.2226': attribute type 6 has an invalid length.
[  225.480583][T10811] netlink: 'syz.4.2226': attribute type 8 has an invalid length.
[  225.582169][T10814] FAULT_INJECTION: forcing a failure.
[  225.582169][T10814] name failslab, interval 1, probability 0, space 0, times 0
[  225.595264][T10814] CPU: 0 UID: 0 PID: 10814 Comm: syz.1.2227 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  225.595294][T10814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  225.595386][T10814] Call Trace:
[  225.595392][T10814]  <TASK>
[  225.595401][T10814]  __dump_stack+0x1d/0x30
[  225.595426][T10814]  dump_stack_lvl+0xe8/0x140
[  225.595461][T10814]  dump_stack+0x15/0x1b
[  225.595477][T10814]  should_fail_ex+0x265/0x280
[  225.595529][T10814]  should_failslab+0x8c/0xb0
[  225.595655][T10814]  __kvmalloc_node_noprof+0x123/0x4e0
[  225.595700][T10814]  ? alloc_fdtable+0x10b/0x1d0
[  225.595721][T10814]  alloc_fdtable+0x10b/0x1d0
[  225.595740][T10814]  dup_fd+0x4c7/0x540
[  225.595759][T10814]  copy_files+0x98/0xf0
[  225.595784][T10814]  copy_process+0xc5b/0x2000
[  225.595832][T10814]  kernel_clone+0x16c/0x5c0
[  225.595882][T10814]  ? bpf_get_current_comm+0x7c/0xb0
[  225.595911][T10814]  __x64_sys_clone+0xe6/0x120
[  225.595943][T10814]  x64_sys_call+0x119c/0x2ff0
[  225.595966][T10814]  do_syscall_64+0xd2/0x200
[  225.596009][T10814]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  225.596035][T10814]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  225.596063][T10814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.596155][T10814] RIP: 0033:0x7f57d17ce9a9
[  225.596288][T10814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.596307][T10814] RSP: 002b:00007f57cfe36fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  225.596328][T10814] RAX: ffffffffffffffda RBX: 00007f57d19f5fa0 RCX: 00007f57d17ce9a9
[  225.596341][T10814] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000630c1000
[  225.596354][T10814] RBP: 00007f57cfe37090 R08: 0000000000000000 R09: 0000000000000000
[  225.596366][T10814] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  225.596424][T10814] R13: 0000000000000000 R14: 00007f57d19f5fa0 R15: 00007ffc172db7b8
[  225.596443][T10814]  </TASK>
[  225.886726][T10816] loop2: detected capacity change from 0 to 8192
[  226.279272][T10834] netlink: 'syz.2.2235': attribute type 1 has an invalid length.
[  226.287212][T10834] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2235'.
[  226.459829][T10841] netlink: 'syz.2.2236': attribute type 10 has an invalid length.
[  226.525783][T10837] loop1: detected capacity change from 0 to 512
[  226.534936][T10841] 
: (slave dummy0): Releasing backup interface
[  226.547804][T10841] team0: Port device dummy0 added
[  226.753486][T10852] FAULT_INJECTION: forcing a failure.
[  226.753486][T10852] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.766994][T10852] CPU: 0 UID: 0 PID: 10852 Comm: syz.4.2239 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  226.767020][T10852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  226.767036][T10852] Call Trace:
[  226.767041][T10852]  <TASK>
[  226.767049][T10852]  __dump_stack+0x1d/0x30
[  226.767073][T10852]  dump_stack_lvl+0xe8/0x140
[  226.767093][T10852]  dump_stack+0x15/0x1b
[  226.767110][T10852]  should_fail_ex+0x265/0x280
[  226.767181][T10852]  should_fail+0xb/0x20
[  226.767239][T10852]  should_fail_usercopy+0x1a/0x20
[  226.767263][T10852]  _copy_from_user+0x1c/0xb0
[  226.767283][T10852]  ___bpf_copy_key+0xa5/0x110
[  226.767306][T10852]  map_update_elem+0x165/0x520
[  226.767351][T10852]  __sys_bpf+0x5d7/0x790
[  226.767376][T10852]  __x64_sys_bpf+0x41/0x50
[  226.767452][T10852]  x64_sys_call+0x2aea/0x2ff0
[  226.767474][T10852]  do_syscall_64+0xd2/0x200
[  226.767530][T10852]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  226.767612][T10852]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  226.767733][T10852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.767751][T10852] RIP: 0033:0x7fad4853e9a9
[  226.767768][T10852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.767787][T10852] RSP: 002b:00007fad46ba7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  226.767808][T10852] RAX: ffffffffffffffda RBX: 00007fad48765fa0 RCX: 00007fad4853e9a9
[  226.767822][T10852] RDX: 0000000000000020 RSI: 0000200000000240 RDI: 0000000000000002
[  226.767835][T10852] RBP: 00007fad46ba7090 R08: 0000000000000000 R09: 0000000000000000
[  226.767898][T10852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.767908][T10852] R13: 0000000000000000 R14: 00007fad48765fa0 R15: 00007fffa34f2048
[  226.767924][T10852]  </TASK>
[  226.953393][T10851] FAULT_INJECTION: forcing a failure.
[  226.953393][T10851] name failslab, interval 1, probability 0, space 0, times 0
[  226.959190][T10837] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  226.972207][T10851] CPU: 1 UID: 0 PID: 10851 Comm: syz.2.2238 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  226.972266][T10851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  226.972279][T10851] Call Trace:
[  226.972287][T10851]  <TASK>
[  226.972295][T10851]  __dump_stack+0x1d/0x30
[  226.972344][T10851]  dump_stack_lvl+0xe8/0x140
[  226.972363][T10851]  dump_stack+0x15/0x1b
[  226.972379][T10851]  should_fail_ex+0x265/0x280
[  226.972488][T10851]  should_failslab+0x8c/0xb0
[  226.972567][T10851]  __kmalloc_noprof+0xa5/0x3e0
[  226.972594][T10851]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[  226.972632][T10851]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[  226.972658][T10851]  genl_family_rcv_msg_doit+0x48/0x1b0
[  226.972679][T10851]  ? selinux_capable+0x31/0x40
[  226.972701][T10851]  ? security_capable+0x83/0x90
[  226.972780][T10851]  ? ns_capable+0x7d/0xb0
[  226.972840][T10851]  genl_rcv_msg+0x422/0x460
[  226.972861][T10851]  ? __pfx_ethnl_act_cable_test+0x10/0x10
[  226.972892][T10851]  netlink_rcv_skb+0x120/0x220
[  226.972948][T10851]  ? __pfx_genl_rcv_msg+0x10/0x10
[  226.972973][T10851]  genl_rcv+0x28/0x40
[  226.972991][T10851]  netlink_unicast+0x5a8/0x680
[  226.973085][T10851]  netlink_sendmsg+0x58b/0x6b0
[  226.973114][T10851]  ? __pfx_netlink_sendmsg+0x10/0x10
[  226.973152][T10851]  __sock_sendmsg+0x145/0x180
[  226.973173][T10851]  ____sys_sendmsg+0x31e/0x4e0
[  226.973235][T10851]  ___sys_sendmsg+0x17b/0x1d0
[  226.973280][T10851]  __x64_sys_sendmsg+0xd4/0x160
[  226.973364][T10851]  x64_sys_call+0x191e/0x2ff0
[  226.973384][T10851]  do_syscall_64+0xd2/0x200
[  226.973442][T10851]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  226.973466][T10851]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  226.973494][T10851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.973515][T10851] RIP: 0033:0x7fbd4029e9a9
[  226.973532][T10851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.973551][T10851] RSP: 002b:00007fbd3e907038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  226.973610][T10851] RAX: ffffffffffffffda RBX: 00007fbd404c5fa0 RCX: 00007fbd4029e9a9
[  226.973699][T10851] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000006
[  226.973712][T10851] RBP: 00007fbd3e907090 R08: 0000000000000000 R09: 0000000000000000
[  226.973724][T10851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.973803][T10851] R13: 0000000000000000 R14: 00007fbd404c5fa0 R15: 00007ffcef2e74f8
[  226.973821][T10851]  </TASK>
[  227.261595][T10837] EXT4-fs (loop1): orphan cleanup on readonly fs
[  227.306510][T10837] EXT4-fs (loop1): 1 orphan inode deleted
[  227.312751][ T4495] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:27: Failed to release dquot type 1
[  227.336627][T10837] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  227.561095][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.638200][T10879] loop4: detected capacity change from 0 to 8192
[  227.960125][T10887] loop2: detected capacity change from 0 to 512
[  227.967243][T10887] EXT4-fs: Ignoring removed mblk_io_submit option
[  227.971940][T10888] netlink: 'syz.0.2253': attribute type 27 has an invalid length.
[  227.974772][T10887] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  227.990031][T10883] netlink: 'syz.1.2250': attribute type 27 has an invalid length.
[  228.002988][T10887] EXT4-fs (loop2): 1 truncate cleaned up
[  228.009155][T10887] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.027623][   T36] lo speed is unknown, defaulting to 1000
[  228.034038][   T36] s
z1: Port: 1 Link DOWN
[  228.051483][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.055652][T10892] 8021q: adding VLAN 0 to HW filter on device 

[  228.069223][T10892] 8021q: adding VLAN 0 to HW filter on device team0
[  228.079777][T10892] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  228.108070][T10883] 8021q: adding VLAN 0 to HW filter on device 

[  228.115922][T10883] 8021q: adding VLAN 0 to HW filter on device team0
[  228.116403][T10888] netlink: 'syz.0.2253': attribute type 27 has an invalid length.
[  228.136115][T10883] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  228.155988][T10898] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54050 sclass=netlink_route_socket pid=10898 comm=syz.0.2255
[  228.159965][   T36] lo speed is unknown, defaulting to 1000
[  228.175948][   T36] s
z1: Port: 1 Link ACTIVE
[  228.176380][T10898] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2255'.
[  228.183457][ T3356] lo speed is unknown, defaulting to 1000
[  228.190837][T10895] netlink: 'syz.1.2250': attribute type 27 has an invalid length.
[  228.341785][T10910] openvswitch: netlink: Message has 6 unknown bytes.
[  228.354158][   T29] kauditd_printk_skb: 168 callbacks suppressed
[  228.354175][   T29] audit: type=1400 audit(1753911609.105:10505): avc:  denied  { read } for  pid=10907 comm="syz.4.2260" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  228.385734][   T29] audit: type=1400 audit(1753911609.105:10506): avc:  denied  { read } for  pid=10907 comm="syz.4.2260" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  228.409431][   T29] audit: type=1400 audit(1753911609.105:10507): avc:  denied  { open } for  pid=10907 comm="syz.4.2260" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  228.434432][   T29] audit: type=1400 audit(1753911609.148:10508): avc:  denied  { create } for  pid=10911 comm="syz.1.2261" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=iucv_socket permissive=1
[  228.456207][   T29] audit: type=1400 audit(1753911609.159:10509): avc:  denied  { name_bind } for  pid=10907 comm="syz.4.2260" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  228.483538][T10921] FAULT_INJECTION: forcing a failure.
[  228.483538][T10921] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  228.493667][   T29] audit: type=1400 audit(1753911609.245:10510): avc:  denied  { cpu } for  pid=10911 comm="syz.1.2261" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  228.497923][T10921] CPU: 1 UID: 0 PID: 10921 Comm: syz.2.2263 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  228.498043][T10921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  228.498056][T10921] Call Trace:
[  228.498062][T10921]  <TASK>
[  228.498072][T10921]  __dump_stack+0x1d/0x30
[  228.498136][T10921]  dump_stack_lvl+0xe8/0x140
[  228.498195][T10921]  dump_stack+0x15/0x1b
[  228.498212][T10921]  should_fail_ex+0x265/0x280
[  228.498277][T10921]  should_fail+0xb/0x20
[  228.498302][T10921]  should_fail_usercopy+0x1a/0x20
[  228.498330][T10921]  _copy_to_user+0x20/0xa0
[  228.498425][T10921]  simple_read_from_buffer+0xb5/0x130
[  228.498460][T10921]  proc_fail_nth_read+0x10e/0x150
[  228.498517][T10921]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  228.498540][T10921]  vfs_read+0x19d/0x6f0
[  228.498559][T10921]  ? __rcu_read_unlock+0x4f/0x70
[  228.498645][T10921]  ? __fget_files+0x184/0x1c0
[  228.498713][T10921]  ksys_read+0xda/0x1a0
[  228.498808][T10921]  __x64_sys_read+0x40/0x50
[  228.498828][T10921]  x64_sys_call+0x27bc/0x2ff0
[  228.498873][T10921]  do_syscall_64+0xd2/0x200
[  228.498902][T10921]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  228.498928][T10921]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  228.499078][T10921]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.499100][T10921] RIP: 0033:0x7fbd4029d3bc
[  228.499117][T10921] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  228.499136][T10921] RSP: 002b:00007fbd3e907030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  228.499157][T10921] RAX: ffffffffffffffda RBX: 00007fbd404c5fa0 RCX: 00007fbd4029d3bc
[  228.499175][T10921] RDX: 000000000000000f RSI: 00007fbd3e9070a0 RDI: 0000000000000007
[  228.499188][T10921] RBP: 00007fbd3e907090 R08: 0000000000000000 R09: 0000000000000000
[  228.499267][T10921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  228.499280][T10921] R13: 0000000000000000 R14: 00007fbd404c5fa0 R15: 00007ffcef2e74f8
[  228.499299][T10921]  </TASK>
[  228.552667][T10923] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2264'.
[  228.743367][T10923] FAULT_INJECTION: forcing a failure.
[  228.743367][T10923] name failslab, interval 1, probability 0, space 0, times 0
[  228.756194][T10923] CPU: 0 UID: 0 PID: 10923 Comm: syz.2.2264 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  228.756260][T10923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  228.756272][T10923] Call Trace:
[  228.756279][T10923]  <TASK>
[  228.756288][T10923]  __dump_stack+0x1d/0x30
[  228.756310][T10923]  dump_stack_lvl+0xe8/0x140
[  228.756328][T10923]  dump_stack+0x15/0x1b
[  228.756342][T10923]  should_fail_ex+0x265/0x280
[  228.756388][T10923]  ? netlbl_mgmt_add_common+0x3b/0x960
[  228.756412][T10923]  should_failslab+0x8c/0xb0
[  228.756435][T10923]  __kmalloc_cache_noprof+0x4c/0x320
[  228.756463][T10923]  netlbl_mgmt_add_common+0x3b/0x960
[  228.756485][T10923]  ? __nla_parse+0x40/0x60
[  228.756547][T10923]  ? selinux_current_getlsmprop_subj+0x6e/0x80
[  228.756578][T10923]  netlbl_mgmt_adddef+0x183/0x1b0
[  228.756599][T10923]  genl_family_rcv_msg_doit+0x143/0x1b0
[  228.756658][T10923]  genl_rcv_msg+0x422/0x460
[  228.756679][T10923]  ? __pfx_netlbl_mgmt_adddef+0x10/0x10
[  228.756793][T10923]  netlink_rcv_skb+0x120/0x220
[  228.756875][T10923]  ? __pfx_genl_rcv_msg+0x10/0x10
[  228.756896][T10923]  genl_rcv+0x28/0x40
[  228.756912][T10923]  netlink_unicast+0x5a8/0x680
[  228.756937][T10923]  netlink_sendmsg+0x58b/0x6b0
[  228.756992][T10923]  ? __pfx_netlink_sendmsg+0x10/0x10
[  228.757022][T10923]  __sock_sendmsg+0x145/0x180
[  228.757043][T10923]  ____sys_sendmsg+0x31e/0x4e0
[  228.757069][T10923]  ___sys_sendmsg+0x17b/0x1d0
[  228.757160][T10923]  __x64_sys_sendmsg+0xd4/0x160
[  228.757316][T10923]  x64_sys_call+0x191e/0x2ff0
[  228.757338][T10923]  do_syscall_64+0xd2/0x200
[  228.757397][T10923]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  228.757420][T10923]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  228.757527][T10923]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.757576][T10923] RIP: 0033:0x7fbd4029e9a9
[  228.757590][T10923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.757605][T10923] RSP: 002b:00007fbd3e907038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  228.757626][T10923] RAX: ffffffffffffffda RBX: 00007fbd404c5fa0 RCX: 00007fbd4029e9a9
[  228.757640][T10923] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000004
[  228.757653][T10923] RBP: 00007fbd3e907090 R08: 0000000000000000 R09: 0000000000000000
[  228.757667][T10923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  228.757705][T10923] R13: 0000000000000000 R14: 00007fbd404c5fa0 R15: 00007ffcef2e74f8
[  228.757720][T10923]  </TASK>
[  229.031982][T10925] netlink: 'syz.6.2265': attribute type 27 has an invalid length.
[  229.045927][T10927] netlink: 'syz.2.2266': attribute type 27 has an invalid length.
[  229.082334][T10927] 8021q: adding VLAN 0 to HW filter on device 

[  229.092614][T10927] 8021q: adding VLAN 0 to HW filter on device team0
[  229.104533][T10927] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  229.131440][T10932] netlink: 'syz.6.2265': attribute type 27 has an invalid length.
[  229.144779][T10925] 8021q: adding VLAN 0 to HW filter on device 

[  229.162258][T10925] 8021q: adding VLAN 0 to HW filter on device team0
[  229.188460][T10925] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  229.206491][   T36] lo speed is unknown, defaulting to 1000
[  229.213250][   T36] syz0: Port: 1 Link ACTIVE
[  229.221541][T10927] netlink: 'syz.2.2266': attribute type 27 has an invalid length.
[  229.260463][   T29] audit: type=1400 audit(1753911610.071:10511): avc:  denied  { watch watch_reads } for  pid=10942 comm="syz.0.2274" path="/424" dev="tmpfs" ino=2273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  229.289009][T10945] SELinux: syz.1.2275 (10945) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  229.307696][T10947] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2276'.
[  229.353122][T10953] openvswitch: netlink: Message has 6 unknown bytes.
[  229.361570][T10954] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2275'.
[  229.368381][T10961] syzkaller1: entered promiscuous mode
[  229.376440][T10961] syzkaller1: entered allmulticast mode
[  229.406470][   T29] audit: type=1400 audit(1753911610.232:10512): avc:  denied  { setopt } for  pid=10958 comm="syz.6.2278" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  229.697886][   T29] audit: type=1400 audit(1753911610.543:10513): avc:  denied  { mounton } for  pid=10974 comm="syz.0.2283" path="/428/file0" dev="tmpfs" ino=2299 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  229.724434][   T29] audit: type=1400 audit(1753911610.575:10514): avc:  denied  { mount } for  pid=10974 comm="syz.0.2283" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  229.964577][T10980] ip6gre1: entered promiscuous mode
[  230.015319][T10986] FAULT_INJECTION: forcing a failure.
[  230.015319][T10986] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  230.028773][T10986] CPU: 0 UID: 0 PID: 10986 Comm: +}[@ Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  230.028920][T10986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  230.028930][T10986] Call Trace:
[  230.028937][T10986]  <TASK>
[  230.028944][T10986]  __dump_stack+0x1d/0x30
[  230.028964][T10986]  dump_stack_lvl+0xe8/0x140
[  230.028980][T10986]  dump_stack+0x15/0x1b
[  230.029021][T10986]  should_fail_ex+0x265/0x280
[  230.029047][T10986]  should_fail_alloc_page+0xf2/0x100
[  230.029123][T10986]  __alloc_frozen_pages_noprof+0xff/0x360
[  230.029221][T10986]  alloc_pages_mpol+0xb3/0x250
[  230.029253][T10986]  vma_alloc_folio_noprof+0x1aa/0x300
[  230.029347][T10986]  do_wp_page+0x673/0x2400
[  230.029434][T10986]  ? __rcu_read_lock+0x37/0x50
[  230.029460][T10986]  handle_mm_fault+0x77d/0x2be0
[  230.029484][T10986]  ? mas_walk+0xf2/0x120
[  230.029513][T10986]  do_user_addr_fault+0x636/0x1090
[  230.029617][T10986]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  230.029643][T10986]  exc_page_fault+0x62/0xa0
[  230.029778][T10986]  asm_exc_page_fault+0x26/0x30
[  230.029796][T10986] RIP: 0033:0x7fad48400ca3
[  230.029811][T10986] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  230.029871][T10986] RSP: 002b:00007fad46ba64a0 EFLAGS: 00010202
[  230.029966][T10986] RAX: 0000000000000400 RBX: 00007fad46ba6540 RCX: 00007fad3e787000
[  230.029974][T10986] RDX: 00007fad46ba66e0 RSI: 0000000000000029 RDI: 00007fad46ba65e0
[  230.029981][T10986] RBP: 00000000000000f9 R08: 0000000000000008 R09: 00000000000000a7
[  230.029994][T10986] R10: 00000000000000c0 R11: 00007fad46ba6540 R12: 0000000000000001
[  230.030001][T10986] R13: 00007fad485dc880 R14: 0000000000000020 R15: 00007fad46ba65e0
[  230.030012][T10986]  </TASK>
[  230.030031][T10986] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  230.225018][T10986] loop4: detected capacity change from 0 to 512
[  230.232562][T10986] EXT4-fs: Ignoring removed mblk_io_submit option
[  230.241758][T10986] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  230.253475][T10993] FAULT_INJECTION: forcing a failure.
[  230.253475][T10993] name failslab, interval 1, probability 0, space 0, times 0
[  230.253659][T10986] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  230.266216][T10993] CPU: 1 UID: 0 PID: 10993 Comm: syz.2.2289 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  230.266306][T10993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  230.266318][T10993] Call Trace:
[  230.266326][T10993]  <TASK>
[  230.266334][T10993]  __dump_stack+0x1d/0x30
[  230.266354][T10993]  dump_stack_lvl+0xe8/0x140
[  230.266444][T10993]  dump_stack+0x15/0x1b
[  230.266460][T10993]  should_fail_ex+0x265/0x280
[  230.266491][T10993]  ? __pfx_cond_bools_destroy+0x10/0x10
[  230.266547][T10993]  should_failslab+0x8c/0xb0
[  230.266620][T10993]  kmem_cache_alloc_noprof+0x50/0x310
[  230.266648][T10993]  ? hashtab_duplicate+0xfe/0x360
[  230.266674][T10993]  ? __pfx_cond_bools_destroy+0x10/0x10
[  230.266692][T10993]  hashtab_duplicate+0xfe/0x360
[  230.266794][T10993]  ? __pfx_cond_bools_copy+0x10/0x10
[  230.266816][T10993]  cond_policydb_dup+0xd2/0x4e0
[  230.266923][T10993]  security_set_bools+0xa0/0x340
[  230.266955][T10993]  sel_commit_bools_write+0x1ea/0x270
[  230.267155][T10993]  ? __pfx_sel_commit_bools_write+0x10/0x10
[  230.267177][T10993]  vfs_write+0x269/0x8e0
[  230.267196][T10993]  ? __rcu_read_unlock+0x4f/0x70
[  230.267219][T10993]  ? __fget_files+0x184/0x1c0
[  230.267244][T10993]  ksys_write+0xda/0x1a0
[  230.267266][T10993]  __x64_sys_write+0x40/0x50
[  230.267286][T10993]  x64_sys_call+0x27fe/0x2ff0
[  230.267307][T10993]  do_syscall_64+0xd2/0x200
[  230.267336][T10993]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  230.267361][T10993]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  230.267479][T10993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.267501][T10993] RIP: 0033:0x7fbd4029e9a9
[  230.267559][T10993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.267577][T10993] RSP: 002b:00007fbd3e907038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  230.267596][T10993] RAX: ffffffffffffffda RBX: 00007fbd404c5fa0 RCX: 00007fbd4029e9a9
[  230.267609][T10993] RDX: 0000000000000003 RSI: 0000200000000800 RDI: 0000000000000003
[  230.267622][T10993] RBP: 00007fbd3e907090 R08: 0000000000000000 R09: 0000000000000000
[  230.267635][T10993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  230.267678][T10993] R13: 0000000000000000 R14: 00007fbd404c5fa0 R15: 00007ffcef2e74f8
[  230.267697][T10993]  </TASK>
[  230.366850][T10997] openvswitch: netlink: Message has 6 unknown bytes.
[  230.370282][T10986] System zones: 1-12
[  230.529888][T10986] EXT4-fs (loop4): 1 truncate cleaned up
[  230.537439][T10986] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.559411][ T5120] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.597143][T11003] openvswitch: netlink: Message has 6 unknown bytes.
[  230.620548][T11006] loop2: detected capacity change from 0 to 128
[  230.627837][T11006] vfat: Unknown parameter '0177777777777777777777718446744073709551615'
[  230.694219][T11015] loop4: detected capacity change from 0 to 512
[  230.701289][T11015] EXT4-fs: Ignoring removed mblk_io_submit option
[  230.708693][T11015] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  230.721106][T11015] EXT4-fs (loop4): 1 truncate cleaned up
[  230.729317][T11015] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.763027][ T5120] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.837556][T11020] xt_CT: You must specify a L4 protocol and not use inversions on it
[  230.853789][T11020] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2300'.
[  231.034184][T11037] loop2: detected capacity change from 0 to 512
[  231.044524][T11037] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  231.053936][T11037] EXT4-fs (loop2): orphan cleanup on readonly fs
[  231.062014][T11037] EXT4-fs (loop2): 1 orphan inode deleted
[  231.068000][ T4491] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:23: Failed to release dquot type 1
[  231.081770][T11037] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  231.483826][T11045] openvswitch: netlink: Message has 6 unknown bytes.
[  231.652654][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.664869][T11062] veth0: entered promiscuous mode
[  231.671291][T11062] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2310'.
[  231.695233][T11062] veth0 (unregistering): left promiscuous mode
[  231.726536][T11067] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2313'.
[  231.737728][T11067] IPVS: Error joining to the multicast group
[  231.749987][T11067] loop2: detected capacity change from 0 to 512
[  231.764277][T11067] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.782754][T11067] ext4 filesystem being mounted at /457/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  231.811234][T11067] EXT4-fs error (device loop2): ext4_do_update_inode:5563: inode #2: comm syz.2.2313: corrupted inode contents
[  231.837924][T11067] EXT4-fs error (device loop2): ext4_dirty_inode:6454: inode #2: comm syz.2.2313: mark_inode_dirty error
[  231.853427][T11067] EXT4-fs error (device loop2): ext4_do_update_inode:5563: inode #2: comm syz.2.2313: corrupted inode contents
[  231.899545][T11067] EXT4-fs error (device loop2): ext4_do_update_inode:5563: inode #2: comm syz.2.2313: corrupted inode contents
[  231.919289][T11067] EXT4-fs error (device loop2): ext4_dirty_inode:6454: inode #2: comm syz.2.2313: mark_inode_dirty error
[  231.934602][T11067] EXT4-fs error (device loop2): ext4_do_update_inode:5563: inode #2: comm syz.2.2313: corrupted inode contents
[  231.952233][T11067] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.2313: mark_inode_dirty error
[  231.971597][T11067] EXT4-fs error (device loop2): ext4_do_update_inode:5563: inode #2: comm syz.2.2313: corrupted inode contents
[  231.988904][T11067] EXT4-fs error (device loop2): ext4_dirty_inode:6454: inode #2: comm syz.2.2313: mark_inode_dirty error
[  232.066748][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.113366][T11078] netlink: 32 bytes leftover after parsing attributes in process `+}[@'.
[  232.158845][    C1] vcan0: j1939_tp_txtimer: 0xffff888119fe4000: tx aborted with unknown reason: -2
[  232.170549][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88811a15a600: 0x00000: (250) Any other reason (if a Connection Abort reason is identified that is not listed in the table use code 250)
[  232.191730][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888119fe4000: 0x00000: (250) Any other reason (if a Connection Abort reason is identified that is not listed in the table use code 250)
[  232.368221][T11094] netlink: 32 bytes leftover after parsing attributes in process `+}[@'.
[  232.392769][T11094] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  232.392781][    C1] vcan0: j1939_tp_txtimer: 0xffff88811a15a600: tx aborted with unknown reason: -2
[  232.520866][T11101] loop2: detected capacity change from 0 to 512
[  232.535715][T11101] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  232.544342][T11101] EXT4-fs (loop2): orphan cleanup on readonly fs
[  232.554211][T11101] EXT4-fs (loop2): 1 orphan inode deleted
[  232.653656][T11105] loop4: detected capacity change from 0 to 1024
[  232.664238][T11105] EXT4-fs: Ignoring removed orlov option
[  232.675939][T11105] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  232.911363][ T4486] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:19: Failed to release dquot type 1
[  232.939028][T11101] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  232.969586][T11110] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2325'.
[  232.980276][T11110] FAULT_INJECTION: forcing a failure.
[  232.980276][T11110] name failslab, interval 1, probability 0, space 0, times 0
[  232.993802][T11110] CPU: 0 UID: 0 PID: 11110 Comm: syz.6.2325 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  232.993830][T11110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  232.993842][T11110] Call Trace:
[  232.993868][T11110]  <TASK>
[  232.993875][T11110]  __dump_stack+0x1d/0x30
[  232.993894][T11110]  dump_stack_lvl+0xe8/0x140
[  232.993951][T11110]  dump_stack+0x15/0x1b
[  232.993965][T11110]  should_fail_ex+0x265/0x280
[  232.993989][T11110]  should_failslab+0x8c/0xb0
[  232.994010][T11110]  kmem_cache_alloc_node_noprof+0x57/0x320
[  232.994071][T11110]  ? __alloc_skb+0x101/0x320
[  232.994093][T11110]  ? _raw_spin_unlock_bh+0x36/0x40
[  232.994133][T11110]  __alloc_skb+0x101/0x320
[  232.994200][T11110]  qdisc_notify+0xcb/0x280
[  232.994254][T11110]  qdisc_graft+0xafb/0xcc0
[  232.994341][T11110]  tc_modify_qdisc+0xf84/0x1420
[  232.994369][T11110]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  232.994392][T11110]  rtnetlink_rcv_msg+0x657/0x6d0
[  232.994460][T11110]  netlink_rcv_skb+0x120/0x220
[  232.994486][T11110]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  232.994507][T11110]  rtnetlink_rcv+0x1c/0x30
[  232.994521][T11110]  netlink_unicast+0x5a8/0x680
[  232.994550][T11110]  netlink_sendmsg+0x58b/0x6b0
[  232.994622][T11110]  ? __pfx_netlink_sendmsg+0x10/0x10
[  232.994724][T11110]  __sock_sendmsg+0x145/0x180
[  232.994744][T11110]  ____sys_sendmsg+0x31e/0x4e0
[  232.994772][T11110]  ___sys_sendmsg+0x17b/0x1d0
[  232.994853][T11110]  __x64_sys_sendmsg+0xd4/0x160
[  232.994881][T11110]  x64_sys_call+0x191e/0x2ff0
[  232.994902][T11110]  do_syscall_64+0xd2/0x200
[  232.994928][T11110]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  232.994975][T11110]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  232.994999][T11110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.995021][T11110] RIP: 0033:0x7f28f83ee9a9
[  232.995035][T11110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.995078][T11110] RSP: 002b:00007f28f6a57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  232.995114][T11110] RAX: ffffffffffffffda RBX: 00007f28f8615fa0 RCX: 00007f28f83ee9a9
[  232.995134][T11110] RDX: 0000000000008840 RSI: 0000200000000740 RDI: 0000000000000005
[  232.995147][T11110] RBP: 00007f28f6a57090 R08: 0000000000000000 R09: 0000000000000000
[  232.995159][T11110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  232.995172][T11110] R13: 0000000000000000 R14: 00007f28f8615fa0 R15: 00007fff1edd4ba8
[  232.995191][T11110]  </TASK>
[  233.284708][ T5120] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.302627][T11112] loop6: detected capacity change from 0 to 512
[  233.311719][ T3296] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.312254][T11112] EXT4-fs: Ignoring removed mblk_io_submit option
[  233.328199][T11112] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  233.349608][T11112] EXT4-fs (loop6): 1 truncate cleaned up
[  233.352127][T11117] loop2: detected capacity change from 0 to 512
[  233.357872][T11112] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.366142][T11117] EXT4-fs (loop2): couldn't mount RDWR because of unsupported optional features (60000)
[  233.418923][T11119] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2329'.
[  233.423376][ T7448] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.496256][T11129] netlink: 'syz.2.2334': attribute type 1 has an invalid length.
[  233.505694][T11129] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2334'.
[  233.534978][T11130] netlink: 60 bytes leftover after parsing attributes in process `syz.6.2330'.
[  233.545627][T11130] netlink: 60 bytes leftover after parsing attributes in process `syz.6.2330'.
[  233.593945][T11136] netlink: 'syz.2.2335': attribute type 1 has an invalid length.
[  234.080765][   T29] kauditd_printk_skb: 101 callbacks suppressed
[  234.080781][   T29] audit: type=1326 audit(1753911615.242:10614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11153 comm="syz.0.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  234.108556][T11152] lo speed is unknown, defaulting to 1000
[  234.126142][   T29] audit: type=1326 audit(1753911615.285:10615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11153 comm="syz.0.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  234.134253][T11152] lo speed is unknown, defaulting to 1000
[  234.150832][   T29] audit: type=1326 audit(1753911615.285:10616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11153 comm="syz.0.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  234.180742][   T29] audit: type=1326 audit(1753911615.285:10617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11153 comm="syz.0.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  234.205190][   T29] audit: type=1326 audit(1753911615.285:10618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11153 comm="syz.0.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  234.207086][T11152] lo speed is unknown, defaulting to 1000
[  234.229680][   T29] audit: type=1326 audit(1753911615.285:10619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11153 comm="syz.0.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  234.229717][   T29] audit: type=1326 audit(1753911615.285:10620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11153 comm="syz.0.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  234.229773][   T29] audit: type=1326 audit(1753911615.285:10621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11153 comm="syz.0.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  234.229802][   T29] audit: type=1326 audit(1753911615.285:10622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11153 comm="syz.0.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  234.229907][   T29] audit: type=1326 audit(1753911615.285:10623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11153 comm="syz.0.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  234.466995][T11162] SELinux: syz.6.2340 (11162) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  234.512591][T11166] FAULT_INJECTION: forcing a failure.
[  234.512591][T11166] name failslab, interval 1, probability 0, space 0, times 0
[  234.526466][T11166] CPU: 1 UID: 0 PID: 11166 Comm: syz.2.2341 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  234.526500][T11166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  234.526512][T11166] Call Trace:
[  234.526519][T11166]  <TASK>
[  234.526526][T11166]  __dump_stack+0x1d/0x30
[  234.526591][T11166]  dump_stack_lvl+0xe8/0x140
[  234.526625][T11166]  dump_stack+0x15/0x1b
[  234.526642][T11166]  should_fail_ex+0x265/0x280
[  234.526670][T11166]  should_failslab+0x8c/0xb0
[  234.526697][T11166]  kmem_cache_alloc_noprof+0x50/0x310
[  234.526746][T11166]  ? audit_log_start+0x365/0x6c0
[  234.526794][T11166]  audit_log_start+0x365/0x6c0
[  234.526905][T11166]  audit_seccomp+0x48/0x100
[  234.526933][T11166]  ? __seccomp_filter+0x68c/0x10d0
[  234.526958][T11166]  __seccomp_filter+0x69d/0x10d0
[  234.526984][T11166]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  234.527102][T11166]  ? vfs_write+0x75e/0x8e0
[  234.527118][T11166]  ? __rcu_read_unlock+0x4f/0x70
[  234.527218][T11166]  ? __fget_files+0x184/0x1c0
[  234.527243][T11166]  __secure_computing+0x82/0x150
[  234.527280][T11166]  syscall_trace_enter+0xcf/0x1e0
[  234.527306][T11166]  do_syscall_64+0xac/0x200
[  234.527339][T11166]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  234.527365][T11166]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  234.527392][T11166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.527471][T11166] RIP: 0033:0x7fbd4029e9a9
[  234.527489][T11166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.527508][T11166] RSP: 002b:00007fbd3e907038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b9
[  234.527528][T11166] RAX: ffffffffffffffda RBX: 00007fbd404c5fa0 RCX: 00007fbd4029e9a9
[  234.527542][T11166] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000004
[  234.527555][T11166] RBP: 00007fbd3e907090 R08: 0000000000000000 R09: 0000000000000000
[  234.527600][T11166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  234.527613][T11166] R13: 0000000000000000 R14: 00007fbd404c5fa0 R15: 00007ffcef2e74f8
[  234.527633][T11166]  </TASK>
[  235.697136][T11189] SELinux: syz.4.2347 (11189) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  235.980755][T11199] loop2: detected capacity change from 0 to 128
[  236.024330][T11199] syz.2.2349: attempt to access beyond end of device
[  236.024330][T11199] loop2: rw=2049, sector=145, nr_sectors = 8 limit=128
[  236.048745][T11199] syz.2.2349: attempt to access beyond end of device
[  236.048745][T11199] loop2: rw=2049, sector=161, nr_sectors = 8 limit=128
[  236.074732][T11199] syz.2.2349: attempt to access beyond end of device
[  236.074732][T11199] loop2: rw=2049, sector=177, nr_sectors = 24 limit=128
[  236.099547][T11199] syz.2.2349: attempt to access beyond end of device
[  236.099547][T11199] loop2: rw=2049, sector=209, nr_sectors = 8 limit=128
[  236.119002][T11199] syz.2.2349: attempt to access beyond end of device
[  236.119002][T11199] loop2: rw=2049, sector=225, nr_sectors = 8 limit=128
[  236.149199][T11201] syz.2.2349: attempt to access beyond end of device
[  236.149199][T11201] loop2: rw=2049, sector=305, nr_sectors = 80 limit=128
[  236.188313][T11199] syz.2.2349: attempt to access beyond end of device
[  236.188313][T11199] loop2: rw=2049, sector=241, nr_sectors = 8 limit=128
[  236.236545][T11201] syz.2.2349: attempt to access beyond end of device
[  236.236545][T11201] loop2: rw=2049, sector=393, nr_sectors = 8 limit=128
[  236.254101][T11199] syz.2.2349: attempt to access beyond end of device
[  236.254101][T11199] loop2: rw=2049, sector=257, nr_sectors = 8 limit=128
[  236.271503][T11201] syz.2.2349: attempt to access beyond end of device
[  236.271503][T11201] loop2: rw=2049, sector=409, nr_sectors = 8 limit=128
[  236.525914][T11217] loop2: detected capacity change from 0 to 256
[  236.587809][T11217] FAT-fs (loop2): Directory bread(block 64) failed
[  236.595986][T11217] FAT-fs (loop2): Directory bread(block 65) failed
[  236.608036][T11217] FAT-fs (loop2): Directory bread(block 66) failed
[  236.614865][T11217] FAT-fs (loop2): Directory bread(block 67) failed
[  236.621919][T11217] FAT-fs (loop2): Directory bread(block 68) failed
[  236.645323][T11217] FAT-fs (loop2): Directory bread(block 69) failed
[  236.652335][T11217] FAT-fs (loop2): Directory bread(block 70) failed
[  236.671524][T11217] FAT-fs (loop2): Directory bread(block 71) failed
[  236.678226][T11217] FAT-fs (loop2): Directory bread(block 72) failed
[  236.686141][T11217] FAT-fs (loop2): Directory bread(block 73) failed
[  237.804028][T11237] netlink: 'syz.0.2359': attribute type 27 has an invalid length.
[  237.825283][    T9] lo speed is unknown, defaulting to 1000
[  237.831927][    T9] s
z1: Port: 1 Link DOWN
[  237.836996][    T9] lo speed is unknown, defaulting to 1000
[  237.871599][T11237] 8021q: adding VLAN 0 to HW filter on device 

[  237.880972][T11237] 8021q: adding VLAN 0 to HW filter on device team0
[  237.892521][T11237] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  237.910039][ T3513] lo speed is unknown, defaulting to 1000
[  237.916550][ T3513] s
z1: Port: 1 Link ACTIVE
[  237.921250][T11239] loop1: detected capacity change from 0 to 128
[  237.921886][ T3513] lo speed is unknown, defaulting to 1000
[  237.942972][T11239] vfat: Unknown parameter '0177777777777777777777718446744073709551615'
[  238.027103][T11246] openvswitch: netlink: Message has 6 unknown bytes.
[  238.141770][T11256] siw: device registration error -23
[  238.182710][T11260] netlink: 'syz.1.2369': attribute type 1 has an invalid length.
[  238.191354][T11260] __nla_validate_parse: 9 callbacks suppressed
[  238.191368][T11260] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2369'.
[  238.594006][T11271] can0: slcan on ptm0.
[  238.845808][   T29] kauditd_printk_skb: 158 callbacks suppressed
[  238.845824][   T29] audit: type=1326 audit(1753911620.360:10780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11273 comm="syz.0.2373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  238.877701][   T29] audit: type=1326 audit(1753911620.360:10781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11273 comm="syz.0.2373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  238.901931][   T29] audit: type=1326 audit(1753911620.360:10782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11273 comm="syz.0.2373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  238.926269][   T29] audit: type=1326 audit(1753911620.360:10783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11273 comm="syz.0.2373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  238.950173][   T29] audit: type=1326 audit(1753911620.360:10784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11273 comm="syz.0.2373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  238.974192][   T29] audit: type=1326 audit(1753911620.360:10785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11273 comm="syz.0.2373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  238.998245][   T29] audit: type=1326 audit(1753911620.360:10786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11273 comm="syz.0.2373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  239.074093][T11276] loop1: detected capacity change from 0 to 1024
[  239.082441][T11276] journal_path: Non-blockdev passed as './file1'
[  239.088891][T11276] EXT4-fs: error: could not find journal device path
[  239.129586][   T29] audit: type=1400 audit(1753911620.660:10787): avc:  denied  { write } for  pid=11279 comm="syz.1.2376" name="rt_acct" dev="proc" ino=4026532786 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  239.174440][   T29] audit: type=1400 audit(1753911620.693:10788): avc:  denied  { write } for  pid=11279 comm="syz.1.2376" path="socket:[29318]" dev="sockfs" ino=29318 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  239.201906][   T29] audit: type=1326 audit(1753911620.714:10789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11273 comm="syz.0.2373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8113ce9a9 code=0x7ffc0000
[  239.235962][T11284] netlink: 'syz.6.2378': attribute type 27 has an invalid length.
[  239.288778][T11284] 8021q: adding VLAN 0 to HW filter on device 

[  239.312233][T11284] 8021q: adding VLAN 0 to HW filter on device team0
[  239.322872][T11284] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  239.353595][T11284] netlink: 'syz.6.2378': attribute type 27 has an invalid length.
[  239.376267][T11291] FAULT_INJECTION: forcing a failure.
[  239.376267][T11291] name failslab, interval 1, probability 0, space 0, times 0
[  239.389738][T11291] CPU: 1 UID: 0 PID: 11291 Comm: syz.1.2381 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  239.389765][T11291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  239.389827][T11291] Call Trace:
[  239.389836][T11291]  <TASK>
[  239.389844][T11291]  __dump_stack+0x1d/0x30
[  239.389865][T11291]  dump_stack_lvl+0xe8/0x140
[  239.389917][T11291]  dump_stack+0x15/0x1b
[  239.389933][T11291]  should_fail_ex+0x265/0x280
[  239.389962][T11291]  should_failslab+0x8c/0xb0
[  239.390025][T11291]  kmem_cache_alloc_noprof+0x50/0x310
[  239.390053][T11291]  ? security_inode_alloc+0x37/0x100
[  239.390078][T11291]  security_inode_alloc+0x37/0x100
[  239.390158][T11291]  inode_init_always_gfp+0x4b7/0x500
[  239.390182][T11291]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  239.390205][T11291]  alloc_inode+0x58/0x170
[  239.390224][T11291]  new_inode+0x1d/0xe0
[  239.390244][T11291]  shmem_get_inode+0x244/0x750
[  239.390299][T11291]  __shmem_file_setup+0x113/0x210
[  239.390529][T11291]  shmem_file_setup+0x3b/0x50
[  239.390560][T11291]  __se_sys_memfd_create+0x2c3/0x590
[  239.390606][T11291]  __x64_sys_memfd_create+0x31/0x40
[  239.390635][T11291]  x64_sys_call+0x2abe/0x2ff0
[  239.390654][T11291]  do_syscall_64+0xd2/0x200
[  239.390701][T11291]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  239.390730][T11291]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  239.390755][T11291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.390774][T11291] RIP: 0033:0x7f57d17ce9a9
[  239.390860][T11291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.390877][T11291] RSP: 002b:00007f57cfe36e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  239.390898][T11291] RAX: ffffffffffffffda RBX: 00000000000004bc RCX: 00007f57d17ce9a9
[  239.390988][T11291] RDX: 00007f57cfe36ef0 RSI: 0000000000000000 RDI: 00007f57d18516fc
[  239.391000][T11291] RBP: 0000200000000a40 R08: 00007f57cfe36bb7 R09: 00007f57cfe36e40
[  239.391014][T11291] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000500
[  239.391028][T11291] R13: 00007f57cfe36ef0 R14: 00007f57cfe36eb0 R15: 00002000000001c0
[  239.391047][T11291]  </TASK>
[  239.641311][T11295] loop6: detected capacity change from 0 to 2048
[  239.652010][T11295] EXT4-fs (loop6): #clusters per group too big: 151011328
[  239.672272][T11295] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2383'.
[  239.747471][T11295] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2383'.
[  239.762546][T11297] netlink: 8 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  239.852481][T11305] vhci_hcd: invalid port number 65
[  239.932320][T11317] loop1: detected capacity change from 0 to 512
[  239.955645][T11317] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.2392: Failed to acquire dquot type 1
[  239.968868][T11317] EXT4-fs (loop1): 1 truncate cleaned up
[  239.983014][T11317] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.996770][T11317] ext4 filesystem being mounted at /535/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.028763][T11317] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2392'.
[  240.244722][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.820990][T11334] FAULT_INJECTION: forcing a failure.
[  240.820990][T11334] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  240.836822][T11334] CPU: 0 UID: 0 PID: 11334 Comm: syz.0.2396 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  240.836850][T11334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  240.836860][T11334] Call Trace:
[  240.836869][T11334]  <TASK>
[  240.836877][T11334]  __dump_stack+0x1d/0x30
[  240.837015][T11334]  dump_stack_lvl+0xe8/0x140
[  240.837032][T11334]  dump_stack+0x15/0x1b
[  240.837047][T11334]  should_fail_ex+0x265/0x280
[  240.837112][T11334]  should_fail+0xb/0x20
[  240.837134][T11334]  should_fail_usercopy+0x1a/0x20
[  240.837238][T11334]  _copy_from_user+0x1c/0xb0
[  240.837259][T11334]  ___bpf_copy_key+0xa5/0x110
[  240.837353][T11334]  map_update_elem+0x165/0x520
[  240.837372][T11334]  __sys_bpf+0x5d7/0x790
[  240.837413][T11334]  __x64_sys_bpf+0x41/0x50
[  240.837445][T11334]  x64_sys_call+0x2aea/0x2ff0
[  240.837467][T11334]  do_syscall_64+0xd2/0x200
[  240.837562][T11334]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  240.837594][T11334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.837620][T11334] RIP: 0033:0x7fd8113ce9a9
[  240.837641][T11334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.837662][T11334] RSP: 002b:00007fd80fa2f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  240.837740][T11334] RAX: ffffffffffffffda RBX: 00007fd8115f5fa0 RCX: 00007fd8113ce9a9
[  240.837756][T11334] RDX: 0000000000000020 RSI: 0000200000000240 RDI: 0000000000000002
[  240.837770][T11334] RBP: 00007fd80fa2f090 R08: 0000000000000000 R09: 0000000000000000
[  240.837784][T11334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  240.837797][T11334] R13: 0000000000000000 R14: 00007fd8115f5fa0 R15: 00007ffdcdb80bf8
[  240.837846][T11334]  </TASK>
[  241.194008][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.201747][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.211598][T11345] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2399'.
[  241.221156][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.228679][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.236228][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.244063][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.251622][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.259368][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.266982][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.274564][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.277242][T11345] FAULT_INJECTION: forcing a failure.
[  241.277242][T11345] name failslab, interval 1, probability 0, space 0, times 0
[  241.281960][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.295738][T11345] CPU: 1 UID: 0 PID: 11345 Comm: syz.0.2399 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  241.295805][T11345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  241.295817][T11345] Call Trace:
[  241.295825][T11345]  <TASK>
[  241.295833][T11345]  __dump_stack+0x1d/0x30
[  241.295855][T11345]  dump_stack_lvl+0xe8/0x140
[  241.295874][T11345]  dump_stack+0x15/0x1b
[  241.295926][T11345]  should_fail_ex+0x265/0x280
[  241.295956][T11345]  should_failslab+0x8c/0xb0
[  241.295980][T11345]  __kmalloc_noprof+0xa5/0x3e0
[  241.296090][T11345]  ? nft_obj_init+0x15f/0x220
[  241.296194][T11345]  nft_obj_init+0x15f/0x220
[  241.296262][T11345]  nf_tables_newobj+0x72f/0xcc0
[  241.296306][T11345]  nfnetlink_rcv+0xb99/0x1690
[  241.296360][T11345]  netlink_unicast+0x5a8/0x680
[  241.296388][T11345]  netlink_sendmsg+0x58b/0x6b0
[  241.296417][T11345]  ? __pfx_netlink_sendmsg+0x10/0x10
[  241.296450][T11345]  __sock_sendmsg+0x145/0x180
[  241.296468][T11345]  ____sys_sendmsg+0x31e/0x4e0
[  241.296553][T11345]  ___sys_sendmsg+0x17b/0x1d0
[  241.296592][T11345]  __x64_sys_sendmsg+0xd4/0x160
[  241.296623][T11345]  x64_sys_call+0x191e/0x2ff0
[  241.296712][T11345]  do_syscall_64+0xd2/0x200
[  241.296807][T11345]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  241.296832][T11345]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  241.296924][T11345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.296944][T11345] RIP: 0033:0x7fd8113ce9a9
[  241.296961][T11345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.297009][T11345] RSP: 002b:00007fd80fa2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  241.297028][T11345] RAX: ffffffffffffffda RBX: 00007fd8115f5fa0 RCX: 00007fd8113ce9a9
[  241.297041][T11345] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000004
[  241.297054][T11345] RBP: 00007fd80fa2f090 R08: 0000000000000000 R09: 0000000000000000
[  241.297132][T11345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  241.297144][T11345] R13: 0000000000000000 R14: 00007fd8115f5fa0 R15: 00007ffdcdb80bf8
[  241.297163][T11345]  </TASK>
[  241.414686][T11349] loop1: detected capacity change from 0 to 512
[  241.418006][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.476072][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.492816][T11349] EXT4-fs: Ignoring removed mblk_io_submit option
[  241.493499][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.526795][T11349] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  241.527196][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.563396][T11349] EXT4-fs (loop1): 1 truncate cleaned up
[  241.568437][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.568464][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.577989][T11349] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  241.583101][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.583132][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.628042][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.635531][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.643218][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.650633][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.658183][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.665691][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.673369][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.682192][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  241.691126][   T10] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  241.703822][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.725285][T11270] can0 (unregistered): slcan off ptm0.
[  241.823756][ T3513] lo speed is unknown, defaulting to 1000
[  241.823767][T11361] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2405'.
[  241.823865][ T3513] ==================================================================
[  241.823888][ T3513] BUG: KCSAN: data-race in data_push_tail / vsnprintf
[  241.823906][ T3513] 
[  241.823913][ T3513] write to 0xffffffff88e1e370 of 11 bytes by task 11361 on cpu 0:
[  241.823928][ T3513]  vsnprintf+0x2ce/0x890
[  241.823945][ T3513]  vscnprintf+0x41/0x90
[  241.823962][ T3513]  printk_sprint+0x30/0x2d0
[  241.823982][ T3513]  vprintk_store+0x599/0x860
[  241.824000][ T3513]  vprintk_emit+0x178/0x650
[  241.824021][ T3513]  vprintk_default+0x26/0x30
[  241.824041][ T3513]  vprintk+0x1d/0x30
[  241.824064][ T3513]  _printk+0x79/0xa0
[  241.824088][ T3513]  __nla_validate_parse+0x1738/0x1d00
[  241.824116][ T3513]  __nla_parse+0x40/0x60
[  241.824141][ T3513]  neigh_add+0x118/0x8f0
[  241.824161][ T3513]  rtnetlink_rcv_msg+0x657/0x6d0
[  241.824180][ T3513]  netlink_rcv_skb+0x120/0x220
[  241.824208][ T3513]  rtnetlink_rcv+0x1c/0x30
[  241.824223][ T3513]  netlink_unicast+0x5a8/0x680
[  241.824255][ T3513]  netlink_sendmsg+0x58b/0x6b0
[  241.824281][ T3513]  __sock_sendmsg+0x145/0x180
[  241.824303][ T3513]  ____sys_sendmsg+0x345/0x4e0
[  241.824330][ T3513]  ___sys_sendmsg+0x17b/0x1d0
[  241.824353][ T3513]  __sys_sendmmsg+0x178/0x300
[  241.824379][ T3513]  __x64_sys_sendmmsg+0x57/0x70
[  241.824405][ T3513]  x64_sys_call+0x1c4a/0x2ff0
[  241.824428][ T3513]  do_syscall_64+0xd2/0x200
[  241.824457][ T3513]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.824478][ T3513] 
[  241.824484][ T3513] read to 0xffffffff88e1e370 of 8 bytes by task 3513 on cpu 1:
[  241.824502][ T3513]  data_push_tail+0xfd/0x420
[  241.824521][ T3513]  data_alloc+0xbf/0x2b0
[  241.824550][ T3513]  prb_reserve+0x808/0xaf0
[  241.824578][ T3513]  vprintk_store+0x56d/0x860
[  241.824595][ T3513]  vprintk_emit+0x178/0x650
[  241.824612][ T3513]  vprintk_default+0x26/0x30
[  241.824632][ T3513]  vprintk+0x1d/0x30
[  241.824659][ T3513]  _printk+0x79/0xa0
[  241.824686][ T3513]  ib_get_eth_speed+0x33d/0x4b0
[  241.824710][ T3513]  siw_query_port+0x3a/0x2d0
[  241.824734][ T3513]  ib_query_port+0x390/0x3d0
[  241.824760][ T3513]  ib_cache_update+0xf8/0x700
[  241.824781][ T3513]  ib_cache_event_task+0x7f/0xf0
[  241.824804][ T3513]  process_scheduled_works+0x4cb/0x9d0
[  241.824830][ T3513]  worker_thread+0x582/0x770
[  241.824854][ T3513]  kthread+0x489/0x510
[  241.824872][ T3513]  ret_from_fork+0xdd/0x150
[  241.824894][ T3513]  ret_from_fork_asm+0x1a/0x30
[  241.824916][ T3513] 
[  241.824921][ T3513] value changed: 0x00000000fffff559 -> 0x3a6b6e696c74656e
[  241.824935][ T3513] 
[  241.824942][ T3513] Reported by Kernel Concurrency Sanitizer on:
[  241.824956][ T3513] CPU: 1 UID: 0 PID: 3513 Comm: kworker/1:5 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(voluntary) 
[  241.824981][ T3513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  241.824996][ T3513] Workqueue: infiniband ib_cache_event_task
[  241.825021][ T3513] ==================================================================
[  242.188851][ T3513] syz0: Port: 1 Link DOWN