last executing test programs:

1.158847482s ago: executing program 4 (id=1292):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
sysinfo(&(0x7f0000000080)=""/55)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x5, 0x5, 0x400, 0x9, 0x1}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
lsm_get_self_attr(0x64, &(0x7f0000000040), &(0x7f0000000000)=0x101, 0x0)

1.152685162s ago: executing program 4 (id=1293):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1b0000000000000000000000008000000000000034c721593f69f7189215061ae1f00b07a81734eb17610e3ea43322790d5dd23e099af7a24dde6c577665d2fcafaf1ad619353e7aaa009520be96358968558cb46df0", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000000638af8ff00000000bfa200000000000007020000f8fffffff4f0902d08000000b70400000000000085000000430000009500000000000000afd09ba7009fc4015d74b94b7b3c6b0c560d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r1, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x7fff, @loopback}, 0x1c)
io_setup(0x9, &(0x7f0000000040)=<r2=>0x0)
eventfd(0x2)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000500), 0x10001, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000180), 0x7, 0x2480)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r4, 0x8000000, {0x2a00, 0x80010000, 0x0, 0x5df, 0x0, 0x0, 0x12, 0x1a, 0xd, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6486a4b4e00d9683fda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00000014000800000000000000007f"}})
fcntl$setlease(0xffffffffffffffff, 0x400, 0x2)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYRES32, @ANYRESDEC], 0x150}, 0x1, 0x0, 0x0, 0x40000}, 0x804)
sendto$inet6(r1, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000180)=0x80000039f8, 0x4)
sendto$inet6(r1, &(0x7f0000000000)="8d", 0x1, 0x0, 0x0, 0x0)
io_destroy(r2)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000000ac0)=""/4096, 0x1000, 0x0, &(0x7f00000000c0)=""/12, 0xc}, &(0x7f0000000140)=0x40)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x100)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000580)='hugetlbfs\x00', 0x4000, 0x0)
r5 = open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
move_mount(r5, &(0x7f0000000400)='.\x00', r5, 0x0, 0x262)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x3000406, &(0x7f00000006c0), 0x1, 0x529, &(0x7f0000001500)="$eJzs3V1vI1cZAOB3JvE2u0mJCwgtlWgrWrRbwdpJQ9uAUD8kBFeVgHK/hMSJojhxFDtlE1WQih+AhBAg8QO4QeIHIKHecoeQKsE9AgRCsIVL6KCxJ2w+7MSb2PE2eR7pxOf4eOZ9zygez9hHMwFcWc9ExGsRMRYRz0fEdPF8WpTY65T8de/ff3sxL0lk2Zv/SCIpnttfV94ej4jJYrGJiPjGVyO+nRyP29zZXVuo12tbRbvaWt+sNnd276yuL6zUVmobc3OzL82/PP/i/ExWONc4yxHxypf/8uMf/Pwrr/z6c9/5492/3f5untaXPtHJOyIWzxWgh866S+1tsS/fRlvDCDYi+XhKY6POAgCAfuTH+B+NiE+3j/+nY6x9NAcAAABcJtmrU/GfJCIDAAAALq00IqYiSSvFXICpSNNKpTOH9+NxI603mq3PLje2N5byvohylNLl1XptppgrXI5Skrdnizm2++0XjrTnIuKJiPjR9PV2u7LYqC+N+ssPAAAAuCImnz58/v/v6bRdBwAAAC6Zcs/GEZPDzwUAAAAYjpNO+Y9Kh5gHAAAAMDwPc/4PAAAAfOh87Y038pLt38d76a2d7bXGW3eWas21yvr2YmWxsbVZWWk0VtrX7Fs/bX31RmPz87Gxfa/aqjVb1ebO7t31xvZG6+7qoVtgAwAAABfoiaff/UMSEXtfvN4uYYo/0M2fR50AMEhjo04AGJnxUScAjEzp1FfYQ8Bll5zSf3zyTue7wvjtcPIBAAAG79Ynj//+f63T9fpvRpsaMGTm+gDA1ePXPbi6SmedAXhz0JkAo/KRzsNjvfp7Xryjj9//O98xZNmZEgMAAAZmql2StFIcp09FmlYqEY+3bwtQSpZX67WZ4vzg99Olx/L2bHvJ5NQ5wwAAAAAAAAAAAAAAAAAAAAAAAABAR5YlkQEAAACXWkT616R9Nf+IW9PPTR3+duDIXb9+9uZP7i20WluzEdeSf07nT12LiNZPi+dfyNwSAAAAAB4BnfP04nF21NkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcNm8f//txf1ykXH//npElLvFH4+J9uNElCLixr+SGD+wXBIRYwOIv/dORNzsFj+JD7IsKxdZdIt/fcjxy+1N0z1+GhGTA4gPV9m7+f7ntW7vvzSeaT8+eP+lB5YbL8p59d7/pf/f/4312P88fqTdy5Pv/bLaM/47EU+Od9//7MdPOvEPhcgbz/Y5xm99c3e3a8eBVXaLfzBWtbW+WW3u7N5ZXV9Yqa3UNubmZl+af3n+xfmZ6vJqvVb87Rrmh5/61Qcnjf9Gj/jlw+M/tv2f62v0Wfz3vXv3P9ZplLrFv/1s98/fmz3ip8Vn32eKet5/a7++16kf9NQvfvfUSeNf6jH+iVPGf7uv8ccXnv/69//UtefY1gAALkJzZ3dtoV6vbZ1QmejjNRdcefXRSGOAlXg00hhVJfte5//xcNd4PNx6YsCJZedZ/GGT71q5dux9OhZnXWESsZevq89/SAAA4JJ5cNB/0i9IAAAAAAAAAAAAAAAAAAAAwDCd8bJkExHR94uPxtwbzVABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE70vwAAAP//7oDRwQ==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r6}, 0x10)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
listxattr(&(0x7f0000000fc0)='./file0\x00', 0x0, 0x0)

968.768315ms ago: executing program 4 (id=1298):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@version_u}]}})
r5 = socket(0x1e, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000001400)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180004000100000000000000020001001811e2ff", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000100000085000000820000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r7}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f00001a6000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
shutdown(r5, 0x2)
recvmmsg$unix(r5, &(0x7f00000066c0)=[{{0x0, 0x0, &(0x7f0000004cc0)=[{&(0x7f0000000280)=""/51, 0x33}], 0x1}}], 0x1, 0x101, 0x0)
recvfrom(r2, &(0x7f0000000300)=""/48, 0x30, 0x10000, &(0x7f0000000340)=@alg={0x26, 'aead\x00', 0x0, 0x0, 'authenc(sha256-mb,cbc(twofish))\x00'}, 0x80)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getresuid(&(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000240))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
sync()
ioctl$SIOCSIFHWADDR(r8, 0x8923, &(0x7f00000000c0)={'batadv_slave_1\x00', @random="01320136b1ff"})
socket$nl_generic(0x10, 0x3, 0x10)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030097850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r9}, 0x10)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x1)
socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xb, &(0x7f0000000080)=0x2, 0x4)

948.500955ms ago: executing program 0 (id=1300):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
sysinfo(&(0x7f0000000080)=""/55)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x5, 0x5, 0x400, 0x9, 0x1}, 0x50)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
lsm_get_self_attr(0x64, &(0x7f0000000040), &(0x7f0000000000)=0x101, 0x0)

824.117487ms ago: executing program 0 (id=1304):
perf_event_open(&(0x7f0000000500)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x4080b000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x14, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x25, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r1}, 0x10)
sync_file_range(0xffffffffffffffff, 0x6, 0x10000000000000, 0x2)

815.901397ms ago: executing program 1 (id=1305):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
sysinfo(&(0x7f0000000080)=""/55)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
lsm_get_self_attr(0x64, &(0x7f0000000040), &(0x7f0000000000)=0x101, 0x0)

776.791158ms ago: executing program 1 (id=1307):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000bc0), 0x20200, 0x0)
ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000c00)={0x9, 0x2}) (fail_nth: 1)

537.265222ms ago: executing program 1 (id=1309):
set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x28)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0xc0185879, &(0x7f0000000680)={0x4, 0x966a, 0x2000, 0x4, 0x0, 0x0, 0x2401})

536.585072ms ago: executing program 1 (id=1310):
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f00000083c0)={{0x3}})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='proc\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
lseek(r0, 0x100, 0x0)
getdents(r0, &(0x7f0000000200)=""/38, 0x26)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000006c0)={&(0x7f0000000600)=""/12, 0x10000, 0x1000, 0x9, 0x2}, 0x20)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x22, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='mm_migrate_pages\x00', r1, 0x0, 0xdf5}, 0x14)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x28, r3, 0x325, 0xfffffffe, 0x0, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x28}}, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
lstat(0x0, 0x0)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
sendmsg$NL80211_CMD_GET_WIPHY(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000800)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0103000000000000000001000d000800060000000000070003007e94342bfcb04a2209527daa6811477264c426400bdf063f249351960e9652fd6c021d9577f365000eba003c862df4babd393ec9fca3d5a0ba2a87b54669cf62c7c8ba473844"], 0x30}}, 0x40)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="180000001811000000000000", @ANYRESOCT=r6, @ANYRESHEX=r6], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffff7}, 0x94)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000002, 0x2010, r7, 0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000380), r8)
ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=<r9=>0x0)
sendmsg$NFC_CMD_DEV_UP(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=ANY=[@ANYBLOB="1c000000e42d24a5fa2993db61a5bce2132dc1a13aaa08548b7e28a03dff7aa42989fad2e4ea91535b0d9177eef9ba7dc8231ef9ca651b099eef1bd8db211fa441", @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r9, @ANYBLOB], 0x1c}}, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f00000002c0), 0x420400)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r10)
sendmsg$NLBL_MGMT_C_ADD(r10, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="a4010000", @ANYRES16=r11, @ANYBLOB="cd3e2cbd7000ffdbdf250100000008000200050000007e01010043ecf8a077157cd8bc73e1b93314cdcbb6b9bb84e5bcdb7f9af2eacc913a7640e8332d1daa67516c7f094b740c631f175dd5d0f0a8ebd2679204"], 0x1a4}, 0x1, 0x0, 0x0, 0x2}, 0x4000840)
sendmsg$NLBL_MGMT_C_ADDDEF(r8, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f0000000880)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="00022bbd6000fedbdf250400000008000c000000000014000600fc0100000000000000001000000000000c000100237b5b2f4b29020006000b00180500000800040008000c000100000008000400020000002e697ca6a50b6b2aea70b331474d34cbb2ea25ad6047426b61a00b937fcce3d0f6cbf7fae4e913b61f91a9c69a88560807525e3d17b1a76793fa4eba27ce1a94f36d47cdd8fe28fe222cececdf2a"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x44)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), r2)

471.650123ms ago: executing program 2 (id=1311):
clock_getres(0x9, 0x0)
socket$packet(0x11, 0x3, 0x300)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000440)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000003180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf84, 0x3}, 0x1c)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
creat(&(0x7f0000000000)='./file0\x00', 0x0)

454.589193ms ago: executing program 3 (id=1312):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
sysinfo(&(0x7f0000000080)=""/55)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x5, 0x5, 0x400, 0x9, 0x1}, 0x50)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
lsm_get_self_attr(0x64, &(0x7f0000000040), &(0x7f0000000000)=0x101, 0x0)

422.621694ms ago: executing program 3 (id=1313):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
fcntl$setstatus(r1, 0x4, 0x400)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="070000000400000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b700000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='kmem_cache_free\x00', r4, 0x0, 0x10001}, 0x18)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="034886dd09032800050030000000600000000028290081e949b93897bc3b0000000000007d01ff020000000000000000000000000001"], 0xfdef)

395.030244ms ago: executing program 1 (id=1314):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d0000000400000007000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0xc)
getsockopt$inet_mptcp_buf(0xffffffffffffffff, 0x11c, 0x2, &(0x7f0000000000)=""/245, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="4c000000020601080000000000000000000000400500010006000000050005000200000005000400000000000900020073797a310000000011000300686173683a69702c6d61726b000000"], 0x4c}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="480000000906010200000000000000000700ff07800c9f9f42a0d75d075ea9ad00018008000140e000000208000a400000000105000300020000000900020073797a31000000000500010007000000000000"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3014850, &(0x7f00000000c0)={[{@noquota}, {@barrier_val={'barrier', 0x3d, 0x1000}}, {@grpjquota}, {@dax_always}, {@dioread_lock}]}, 0x0, 0x4d6, &(0x7f0000000640)="$eJzs3d9rW9cdAPDvle3YSZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX/AYOwX61Of+lLocymU/AmlEGjfSyktoU3Shzy0VZF01aSuLNvEspLo84Hje879oe85FvdI556LbgBd63RETEZET0Sci4ihdH0mTbFZT9X9Hj64PVNNSVQq1z9NIknXNV4rSZdH08MGIuJPf4j4a/LduKX1jcXpQiG/mpZz5aWVXGl94/zC0vR8fj6/PDk+dmni8sTFidF9a+uV3330n3+89vsrb//y5gdTn5z9W7Vag+m2p9uxG5u73K/e9L7a/6KhNyJW9xLsOdaTtqev0xUBAGBXqt/xvx8RP42IR//vdG0AAACAdqj8ZjC+SCIqAAAAwEsrU7sHNslk03sBBiOTyWbr9/D+MI5kCsVS+RdzxbXl2fq9ssPRl5lbKORH03uFh6MvqZbHavkn5QtbyuMRcTwi/jV0uFbOzhQLs52++AEAAABd4uiW8f/nQ/XxPwAAAPCSGe50BQAAAIC2M/4HAACAl9+24/+k92ArAgAAALTDH69eraZK4/nXszfW1xaLN87P5kuL2aW1mexMcXUlO18sztd+s29pp9crFIsrv4rltVu5cr5UzpXWN6aWimvL5anac72n8p4TDQAAAAfv+E/uvp9ExOavD9dS1aF02y7G6pPtrR3QTpm97Z60qx7AwevpdAWAjnGDL3Qv8/HADgP7f28p7/GyAQAA8DwY+dEzzf+bD4QXmIE8dC/z/9C9zP9D9zL/D12uf+ddtr3Q984+1wUAAGibwVpKMtl0LnAwMplsNuJY7bEAfcncQiE/GhHfi4j3hvr6q+WxTlcaAAAAAAAAAAAAAAAAAAAAAAAAAF4wlUoSlT3q3/MRAAAAQCdFZD5O0ud7jQydGdx6feBQ8niotoyIm69c/++t6XJ5day6/rNv1pf/l66/0FgDAAAAdFJtnN6fLj3IDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB99vDB7ZlGOsi4938bEcPN4vfGQG058OZQRBx5lETvU8clEdGzD/E370TEiWbxk2q1Yjitxdb4mYg43OH4R/chPnSzu9X+Z7J6/vVtOf8ycbq2bH7+9abpWd0/vV3/l2n0f7V+rln/d6z1Sw80MifvvZHbNv6diJO9zfufRvzkGfvfv/x5Y2O7bZVXI0Z2+PypxsqVl1ZypfWN8wtL0/P5+fzy+PjYpYnLExcnRnNzC4V8+rdpjH/++K2vWrX/SNP49f63VfvP7LL9X9679eAHLeKf/Vnz9/9Ei/jV//3P08+B6vaRRn6znn/aqdffPdWq/bPbtH+n9//sLtt/7trfP9zlrgDAASitbyxOFwr51e0yjyt1rfaRkZF5PjPX0hN9z4d3uGMCAAD23ZMv/Z2uCQAAAAAAAAAAAAAAAAAAAHSvtv8IWf+3f1lgoHNNBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo6esAAAD//3kK1Ok=")
mount$nfs(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000180))
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000180)={0x0, 0x18, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x4000000, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x0)

394.251554ms ago: executing program 2 (id=1315):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r1=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x1c, &(0x7f0000000140)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0, 0x0, 0x0, 0x0, 0x4}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit, @alu={0x6, 0x0, 0x8, 0xa, 0x2, 0x2, 0xfffffffffffffffc}, @printk={@li, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa, 0x0, 0x0, 0xffffffff}}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}, @alu={0x7, 0x0, 0x8, 0x4, 0x1, 0x2, 0xe}]}, &(0x7f0000000240)='syzkaller\x00', 0x2, 0xe8, &(0x7f00000005c0)=""/232, 0x0, 0xc}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
add_key(&(0x7f0000000080)='rxrpc_s\x00', &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
personality(0x5400004)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000000)={0x18, 0x0, {0x42, @multicast, 'vxcan1\x00'}}, 0x1e)
writev(r2, &(0x7f0000000240)=[{&(0x7f0000000080)="f7a4", 0x2}], 0x1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)
socket$packet(0x11, 0x2, 0x300) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00'}) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x1c, &(0x7f0000000140)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0, 0x0, 0x0, 0x0, 0x4}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit, @alu={0x6, 0x0, 0x8, 0xa, 0x2, 0x2, 0xfffffffffffffffc}, @printk={@li, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa, 0x0, 0x0, 0xffffffff}}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}, @alu={0x7, 0x0, 0x8, 0x4, 0x1, 0x2, 0xe}]}, &(0x7f0000000240)='syzkaller\x00', 0x2, 0xe8, &(0x7f00000005c0)=""/232, 0x0, 0xc}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94) (async)
add_key(&(0x7f0000000080)='rxrpc_s\x00', &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) (async)
personality(0x5400004) (async)
socket$pppoe(0x18, 0x1, 0x0) (async)
connect$pppoe(r2, &(0x7f0000000000)={0x18, 0x0, {0x42, @multicast, 'vxcan1\x00'}}, 0x1e) (async)
writev(r2, &(0x7f0000000240)=[{&(0x7f0000000080)="f7a4", 0x2}], 0x1) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0) (async)

348.343795ms ago: executing program 0 (id=1316):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
sendto$inet_nvme_of_msg(r1, &(0x7f00000002c0)={@r2t={{0x9, 0x9, 0x18, 0xc, 0x4}, 0x9, 0x8, 0x3, 0x7}, @val=&(0x7f0000000240)="684c0802fd47b4ffedd0b0d05f994045a70004cd900016f35924c395053bfb826e4e5923ff27e071a2f416a03146356b74c546ab82944067b01f0fda80848109e0b954e77dc4ad030895370a570869bbebb2a17759390c32a3eb3d1f17b6ec316e24719f4e9c4f82ea4cddbc56aca40df115adc97fb65528c83e449aeffd"}, 0x88, 0x0, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x0, 0x0)
utimensat(r2, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000500)={[{@nodelalloc}, {@norecovery}, {@delalloc}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@resgid}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40}}, {@bh}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@barrier_val={'barrier', 0x3d, 0x81}}]}, 0xfd, 0x58a, &(0x7f0000000bc0)="$eJzs3d9rW1UcAPDvTdt1W6ftYAz1QQp7cDKWrq0/Jgibj6LDgb7P0N6V0XQZTTrWOnB7cC++yBBEHIh/gO8+Dv8B/4qBDoaMog8qRG5+dP2RtF2Xmrh8PnC3c3Jucs7JuefmnHuS3gD61nj2Ty7i5Yj4KokYXZc2GI3E8fp+q49vzmRbEtXqx78ncW7TayWN/0cakZci4ucvIk7ltuZbXl6ZLxSL6WIjPlFZuDZRXl45fWWhMJfOpVenpqfPvjk99c7bb3Wsrq9f/PPbj+6/f/bLE6vf/Pjw6N0kzseRRlpWrw5kcWt9ZLzwTyM0FOc37TjZgcx6SdLtArAnA41+PhTZOWA0Bhq9Hnj+fR4RVaBPJfo/9KnmOKA5t+/QPPh/49F79QnQ1voP1q+NxMHa3OjwarJhZpTNd8c6kH+Wx0+/3bubbbH9dYhDO8QBnsqt2xFxZnBww/mvOlw7w40/42ufqV083t7mPPrt8we66X42/kluRWwZ/+TWxj/RYvwz0qLv7sXO/T/3sAPZtJWN/95tOf5dO3WNDTRiL9TGfEPJ5SvF9ExEvBgRJ2NoOItvt55zdvVBtV3a+vFftmX5N8eCjXI8HBze+JzZQqXwLHVe79HtiFdajn+TtfZPWrR/9n5c3GUex9N7r7ZL27n++6v6Q8RrLdv/yYpWsv365ETteJhoHhVb/XHn+C/t8u92/bP2P7x9/ceS+npt1uTpYvnp8/j+4F9pu7S9Hv8Hkk9q4QONx24UKpXFyYgDyYeDI5sfn3ry3Ga8uX9W/5MnWvf/7Y7/bPL16S7rf+fYnba79kL7z+6u/evr9RsDf1+o79Mi6UngwQeffdcu/921/xu10MnGI7s5/xXTQ+2KsyGw5zcOAAAAAAAAelAuIo5EksuvhXO5fL7+/Y5jcThXLJUrpy6Xlq7ORu23smMxlGuudI+u+z7EZOP7sM341Kb4dEQcjYivBw7V4vmZUnG225UHAAAAAAAAAAAAAAAAAACAHjHS5vf/mV8Hul06YN/Vbmww3O1SAN2w4y3/O3GnJ6An7dj/gefW0/d/VwbgeeHzH/qX/g/9S/+H/rXb/j80us8FAf5zPv+hf+n/AAAAAAAAAAAAAAAAAAAAAAAAAAAA0FEXL1zIturq45szWXz2+vLSfOn66dm0PJ9fWJrJz5QWr+XnSqW5YpqfKS3s9HrFUuna5FQs3ZiopOXKRHl55dJCaelq5dKVhcJceikd8seGAQAAAAAAAAAAAAAAAAAAYIvy8sp8oVhMFwXaBs5FTxRjPytYt6enD/ZKLQQ6GujyiQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1vk3AAD//zY8MBM=")
truncate(&(0x7f0000000100)='./file0/file0\x00', 0x5)

347.374425ms ago: executing program 4 (id=1317):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
sysinfo(&(0x7f0000000080)=""/55)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
lsm_get_self_attr(0x64, &(0x7f0000000040), &(0x7f0000000000)=0x101, 0x0)

292.949425ms ago: executing program 4 (id=1318):
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000080)={{0x1, 0x1, 0x18}, './file0\x00'})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x89}, 0x18)
unshare(0x2040400)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
munlockall()
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r1}, 0x10)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e23f992a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a9214a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a6683e941fdbdff03cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c99b6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109becb1b9bafcb2b47e940000000000e540d8b0db3774effb7469a21f96e2594b2973ebf7a1bd9ace2ed4d6eb1735f85885be5be74dc2ea5d7d499bd28271b98f187f5879b16b409a04d78175cc8d0f707c822805d7011ed4b22419186dd2b22aadf15828db2ca19d79e1bf2f7989237ee5cb2e1eb7b2bfc92d3aa95a26f060935c4fee8b2d7d0bf3c6d82d04329164bd4ee0b8060183f36762b0440d9082d7c8b06e4c2024f77e1018758d28e7ee290f32a48bfc2aa10b3dba9bff00d2410f3477a8e0df689c880dc9a677cfaa16603527c06625a3363744cea5f2d350224cc0fea76c72ca08507235c67346722f20690fde0790f040f5fd3eff75f9b291cc5e9c686ebaadbe756c6fa039ff441e427ed12578d5cb041ebf729cfaa575cc852fbdb54e60435e6d62b9d270433b220ed9ff1ff042b8d3d866231c460765"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x1f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a140000001100"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}}, 0x20000000)
writev(r2, &(0x7f0000000440)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000140)="139776ff030370", 0x7}], 0x2)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, &(0x7f0000002480)=@raw={'raw\x00', 0x8, 0x3, 0x4d8, 0x340, 0x11, 0x148, 0x340, 0x0, 0x440, 0x2a8, 0x2a8, 0x440, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x3, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xc0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}, {0xb}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x4f, 0x7, "72f6daeff0a9c6294e211d2d88fe6dcff5d0e552201da3b7a1fdb30dcb59"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x538)
socket$inet_smc(0x2b, 0x1, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)

245.178906ms ago: executing program 0 (id=1319):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
sysinfo(&(0x7f0000000080)=""/55)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x5, 0x5, 0x400, 0x9, 0x1}, 0x50)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
lsm_get_self_attr(0x64, &(0x7f0000000040), &(0x7f0000000000)=0x101, 0x0)

244.649376ms ago: executing program 2 (id=1320):
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
munlockall()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {0x0}], 0x2)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0xa, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="fd83c7ee17f262b0bb27d1f84e98dee102464e74350812d2c682b683d1e1c4329d3ac9f7d731e66432593efc94a4310144c6ca8c7390b45a66d6b7d7ecf9a4b4695647c124b89730f0e021aab8224db48055bfc0e7d62a77854c785abf408476cbc38cd9a74d838f2814150959b9000000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000002480)=@raw={'raw\x00', 0x8, 0x3, 0x4e8, 0x0, 0x11, 0x148, 0x340, 0x0, 0x450, 0x2a8, 0x2a8, 0x450, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x81}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x4f, 0x7, "72f6daeff0a9c6294e211d2d88fe6dcff5d0e552201da3b7a1fdb30dcb59"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x548)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000200, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000240)={'wg1\x00', 0x800})
capget(&(0x7f00000014c0)={0x20080522}, &(0x7f0000001500)={0x9, 0x4, 0x2, 0x2, 0x4, 0xe})
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r5)
sendmsg$NLBL_MGMT_C_ADDDEF(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc00000000001080002000500000014000600ff01000a00f2f3f31f000a00000000"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000004740)=@migrate={0xa0, 0x21, 0x1, 0x0, 0x0, {{@in6=@local, @in=@rand_addr=0x64010102, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x4}, [@migrate={0x50, 0x11, [{@in=@local, @in=@broadcast, @in=@multicast2, @in=@broadcast, 0x3c, 0x4, 0x0, 0x2, 0x2, 0x2}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)

218.154966ms ago: executing program 3 (id=1321):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_int(r1, 0x1, 0x22, 0x0, 0x0)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000ac0), r0)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000040)={0x0, 0x56, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x20}}, 0x2000c094)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
gettid()
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, 0x0, 0x4000000)
r6 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0xfffffffd, 0x80, 0x1, 0x357}, &(0x7f0000000080)=<r7=>0x0, &(0x7f0000000340)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x2}, 0x94)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2c, 0x0, 0x0, 0x4}]}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r9, 0x0, 0xffffffffffffffff}, 0x18)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x42, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, {0x2}})
io_uring_enter(r6, 0x47bc, 0x2, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan1\x00', <r10=>0x0})
sendmsg$NL802154_CMD_SET_TX_POWER(r3, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="100027bd7000ffdbdf250c0000000c000600030000000300000008000b007f000000080001000000000008000300", @ANYRES32=r10, @ANYBLOB="0c00064e756b129c0002000000000004000c0057247c6c23951795000000"], 0x50}, 0x1, 0x0, 0x0, 0x14}, 0x4000)
sendmsg$NL802154_CMD_SET_CCA_ED_LEVEL(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x30000020}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r5, 0x602, 0x70bd27, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0x7}, @NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0xb}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x4040}, 0x80)

217.684877ms ago: executing program 0 (id=1322):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$SOCK_DESTROY(r0, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80041018}, 0xc, &(0x7f0000000240)={&(0x7f00000000c0)={0xc0, 0x15, 0x1, 0x70bd2b, 0x25dfdbfb, {0x1d, 0x75}, [@INET_DIAG_REQ_BYTECODE={0xab, 0x1, "fe0358c27839ec0969e6e8a06241d7c11c6adb17b9d71c06a5f6112a0959b29b5b6e1c1b31b639e75a45ebe780d7e4165ec94b4dde02cadeb5dc2a7b9fdf9beebae3ecff3e86d97bad1531adeb0ec2a6d2a943f242d768b7d43f46b660392941d4667c244621326f5151c611a08f3308d889f54493ae258c4b11c9c09e668c222b7e91dcb56b821956b6773e990c127efb66733653b8373f9905bc513d3adcb00016c07338582c"}]}, 0xc0}, 0x1, 0x0, 0x0, 0x20000800}, 0x40000)
socket$inet6(0xa, 0x2, 0x0)
socket$packet(0x11, 0xa, 0x300)
r1 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xd, 0x0, &(0x7f0000000000)="259a53f288476d2610054c6588", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
execve(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x3c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r2, 0x0, 0x9}, 0x18)
r4 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f00000002c0)={0x0, 0x80, 0x30, 0xb, 0xfd, 0x1, 0x0, 0x10001, 0x8009, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0xbcac13edb28a96d4, @perf_bp={&(0x7f00000001c0), 0x5}, 0x400, 0x0, 0x7, 0x5, 0xffffffffffff7300, 0x504, 0x9, 0x0, 0x8, 0x0, 0x2}, r4, 0x2, r4, 0x7)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, 0x0)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r4, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f0000000600)={0x144, r5, 0x8, 0x70bd28, 0x25dfdbff, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x2ff}, {0x6, 0x11, 0x10}, {0x8, 0x15, 0x8}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x20}}, {0x8, 0xb, 0x6}, {0x6, 0x11, 0xf}, {0x8, 0x15, 0xc}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x8001}, {0x6, 0x11, 0x7ff}, {0x8, 0x15, 0x6}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0x34}, {0x8, 0x15, 0x5}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x101}}, {0x8, 0xb, 0x81}, {0x6, 0x11, 0x7}, {0x8, 0x15, 0x6}}]}, 0x144}, 0x1, 0x0, 0x0, 0x24040041}, 0x20048040)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r4, 0xc0189374, &(0x7f0000000440)={{0x1, 0x1, 0x18, r3, {0x3}}, './file0\x00'})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB], 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x4}}], 0x18}}], 0x1, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCBRDELBR(r7, 0x89a2, 0x0)

211.248447ms ago: executing program 2 (id=1323):
fadvise64(0xffffffffffffffff, 0x7, 0x8000000000000001, 0x1)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000400000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r0}, 0x10)
r1 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
r3 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r3, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000001480)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a067fbc45f0810500000000000058000b480400945f6400947e571e28925a01000000c57da9d2ae54c4800002091000418e00000004fcff", 0x48}, {&(0x7f0000000140)="8c57d9cc589ada685e1ef625377d1bf3339b04ea6166fae8953b5ac7d50f86f7825fe6f1235140c4f438944ba302f2", 0x2f}, {&(0x7f0000000180)="ab5d5fc3", 0x4}, {&(0x7f00000001c0)="891ec12da4dd9b8c4a9019a6ec69380244a68a6715b7b4e696bfeaf2c22c7ddc36dbeda018f00bb0cdf7e0696c84e0f35790f250cfcc785673074eb700881e3a67f313af1a79afa1408da6cfeeb984220853d5c3a1cbe75ff1bd764853adfc9806b95f943021ce7619aecbbf3fdbc26f8bf68a225ec7e90429d1965eb4db479dd7855beeb13537d6c79dac828fe66dc03af9ea3d157f8ff0387bad2cb1969c56c4f8692bf6bc2ec31b9d822fff0c668280f706fa4069a449149d9d11c5e79f57b5bf209f17d448b85b39667c76325a4de77afdb14a428521b8126efc", 0xdc}, {&(0x7f00000002c0)="03cc659ddf7830b228201b1e7e606395f7d1b8e3264c4c57bfef8ac0a699e52e85e3a6e44a16f229932b8c3868fb34e480bb1e474fc04976f072c595d85b5fb11bacbe47a8bb3a4a6d2b64f7050e460e4f517567e9869c22f525b502620f4ee2f74dd78fb303efa8b602f4aaa30f43a6e87720cb458080b8fbc7c69ab54584a7e1b438922b59b2c9e5c65a0b8110fb2dc7d8223739eade49d8f23ee0a6128adff9422684f1e3a891320e5a64f1a854207c5e007876a60031bcc54cb5f1c7550ef59cf9497db9a6152f3db6efd5f27dfb02b59614b2977b9a9f63f0d04993d624a52ad1f0e5d989", 0xe7}, {&(0x7f00000003c0)="fbf16b6f694fd72b68c027460152efb80d62496513f725429ce674bbed4529ca9f5dcb4a601b16f9f4f158d13ab2147019211c4e147f2035ef8a0bbeec9d01b82f976f5ec4ec331b4c91dc1a4f22dfa81a39a7d31a6452975d9292bcefd5cdca3e1e2fb3c3bdcf12d2f5c5c4ae6de67215c55efff7dc4aaa184b77707d1e81db17d854a3d4421a8b997a92a5f796ad625f546dde581f3007394e70221c0c028be16c871e7d86ec883ea0a8e30e9960a4b04dcdae8dd763a2c5c3502af58f16d0d3a74d2af37e368a357754bd5cff04395c12657ac78f887072af93f056a2714a6b1ba4aa4c78174972bceb48a10606ecb3ff4283ef1602bc142b44d366f2b44e2faf0f255646b09cb4f34facc28e3d070e59a647b607265c8757725c7dd71a8c648ff12fd2d3311f2ddafcf44bdd7ea477cc0f62e7b7df0f631fe71400fdceb1f2482128b497ff183ceaca746236b29e56405c56fe1ba2f33beba9b162087d180e96b0da2e684ccd940fdcd542118ee0383b06449ac68935afb16df676d78e01909425c295eeae028e3f98c3c83d0d0c9cbd7139d15926c170e49084ce8ac1399ac84fa2c3d9da4f4e880fb9990c7ec820b9c8e6cf9933aacfe75ce22d7bc5c49cb65c14bcdd29d90aaf49ec4ceab5ccd235b79b0debcc0e1ae87b44661201f9e40021a820af07a93cb73013a8516a38e5216028522d2c50dc9e159e1286cc61f7350f3eb1b7ef24f34e15231d3fe4f22ed6c29a054f88d721a5d7f73df59c986c0002fb68336627d4fdfd738e3a9d66415557473dc8702a69aa93a2097a1b34944dbe8d5dea6c762315b763afa061be813cdcf84d5ac1d00821c3548998aead90c2afc6a6d5470bb36232aa0451c08a7b58fbc3d153aae9b409cac91a6bdc2e3d0485665fb0c07e260883a8a88b48a723ace23941b6249d8d99fd8561c9f63ca30c1c3625057573524dfee0a6ae33db72429b6907157038e1e145ff8f67d6bde6506d8ba39fac069f95ab0b4f13eddb89fbb553f0068741258120c60acec6cca427d88bde28776589ac8e72da1375604d52de7ac850b640f7adda4d1fabdd4ba46c40deaf3fb56bf084812438722b7daec4e49d15155ab4e744780bb2340fb7997b01b6183bdabd4e756334f6412ef8aad27ac98af0a3d8d768ed531500840881e600a3bf5512e3e654f235a80f66cf33d7d1aea45fa680a168e91e5563ee916e9162323ffdf675c457cd86e2c79fbd07360a66cdcd32cf6226bfb0821fdd241a6c88ce970273d7c3b0fd15a7990f53fa4c676c1d3fbf249e0e1c83a6773c3bef45d597d140ce6087570e5fbb13684d7d00621a51c8f8b05ffcff60e824c64272231cc9d254e30448bdb687101e470ff8ec9407522dd45bb70d8b22e2de157e6fafbd4b419e091580be45e80418da62891660aae504e9e84a1a305cfd9c4d10299df4a153a29f04c90666735a9e73fd056c521078e2e985534d66af9ffd37c7330ad9a07a3fef64643130c5f56700e2ed50170ea1e44af4a6c9bac947f73b12f9cc7a9b789199e08f087b96a58038692ae20f53d0eca5ee81fcf204bb75715d054315826593849aceb68b065d39551d67302b6782c8d4171b9c4f0a7b7f5f0cbd0931729934f507cc5f9a4eea1f851f7a71b4c697082cdc825752068fc2cda4a1b9d9c45789b5e3395571cb230836be77cb3d22f19211d7824bab97f86ac1f90f2dc709f099d3ac1391a703b2a9af419a6ee6ed1d7c3d970e1287d1f2ec4c85147d53f3b713abfb633bb534ad2b85382a51e9fe01663c96af7e43a6b2fa557e6ea54c86af5a783c3549fad70a3077c052c407fbb7c4db81e50e05f6db315b594e72f8f6af24e9881afe58b6c38dd8c0c2e95dc9a7018114e684f73a93bc33a509c5dcf537194ad3a1343c94ddbc588864d74642ec2fd2908d6a559a4182ccddd56ac0be928658967203202b77e7f31f22e9e02b97bf486cde46c23d3a6df1ef9968e744a35c86238d7fd0464ca9780ade38d3bc623d0ccc6fbab3af4e6e2807067b15731baaeb1230748cfb16f591017b72677d24fd0a564b2274c72f1299a44fd9fd7c20e808d62f4fd28d5e9828c82f199395d7236835d2d24129228fcdc9ae223d7ef0905401470b282e6a024047d27bea71327737490980bf5babea66747d00e8ba3fcfc6c4eebddeffba1a47d27fd1c09e4fa70bd73934aae3fbd172eae36f8ed94f9ac8233f9c95161422405346e2794b238480a095a6213b94d80b486f80359f68b11702d22c6cfc526e1ebdbc6a70c1fa200195edd29139302acc822558799ae58c339b97f3deaf39b57fd14a277b38a17b0cabe3d8b3c028aeaf272afb8a5a6a8624ac9d0e0bb7a53b4fde3fb0778829ed512ced4748173e87bc71d659d34c4dfc1d9cd4ea51583087d752ea15cfe660c0986d0f237948718853964490f4cd11a997d80dd629d101843001d57b418045f5ff24727e5a4d0cbea4e5d2618b2dc9cc2a35956c212b48a8af483b62e8d4861c6cd6589a12b7f138a6e201ac4041fbe85a719f7b4ce364e1a8de40bb22da4c50a7480f9954d6697b13570046dbb03722541e68e0385c8caa130d58c95dac568d32d736c66e880261a855d199d6315ecf80e4dc4bdace6619113699587e3606a448c68016d31ef6a8ec8d6309f11f1c725d37dee8a99c6aa8ea1e472d54315ec10d19aa9ceab9e0940ece44421e2a5d8a0427a93b8e764d016f721187c5315ceb9b0a3195499f73d8e059a41ca6aea274c1f2612adb26d3971020491d9cc07b1f8daa062a8593dafc64acbdaad3616cb8560b712f4ff02f65a7768024bc8c8c5915751fcf14643ff273c969bcbfe4dccb188da342c5a7f784c9831ea61dee6ad5999af0491c709a71afb5c450d6047e712f9d4be59629ad833a21546929653f053fa69413427bf5fe86f8b83e3843c25527d698e227b36e9244437194dbb2d49f5826f1aa095aec5a74c12f95474d3caa8e79e35ef5d98a43a87ad0bc0a08a996198a649ba786b8cd8e8f368213bd06cd6936835e158d393e7a6c5f23a740c72749966c88cba46ddc92cd8dd506a4cc27e44cb640b3fedb21e855b0be8d42afdd2b9acdca77224f5949dff246272de373ed6d379d919c0d92969cc414dea0cfa309afc4f3630c509f193679c2b7814cafbb249ee4dabf485acdaed438e374dd796439e424ef789fde8cd1710a7f2613b006b3842a87b99f8fd1b379e045e9d22ef805d4ec5a042fb3f6a0dcf2f26aeb88716e8441a14cf772c49acb933637c417df3ec1c52d08b1011a7eb249363b0ed6dd4c7dbde5440025ff5c73f9be7d38c1799955f32f3472127717a4fdc1a47ffed4ee9312d652039ba2af241869cd69a981e714f615e6113025a92611fe06f10407b805b17e0b6861abce4a595c600ead1679cfd8347f084d967bb23ad4df631b45b277a4e4584f81e9ea96eb815c32fefe1a1324c8b65f8377baef86efec112fc107e5a799de3c608fe338707c2dd22b396d830abc8844fa20f9a6b634fa132ddae8976e8fceb43abe6063cef4164259c865c1889dba53572812f1f36340ffe2a00e75729a3d790f519d59373bdb12aebb3748cdcafb9280e875cf208ee75d94215a2fb0122d9b3fd43fbe78b26d8a783278980ad47c495c1e81459ef5a3f01a22506e10b65d6d59779aa36ed6c394244cfc1c9122253673ef681833de9b49514f1cdc1a9a27b93c9596bdc2eb2c7a1998c437af8270c4b3516700fb1de83f9947cdccaa1fc3694b527a1350763e0b30aa9bcc482d7409ee59630c829c1eb53584ae5bf68ba2114d90070f8eeda87ebc42365c81ffd0b2c342197fde38be07c078e17808fd52f908fe4777fa8f99822aba26a28c2d52abcaefc6654b2e83fa3b61bdcc9997f6c7bf667f1c4df7fc225dc346716313fdab47074c366972c13d27a67fa5748779dc3cacd9d07f35131e2a7c6ed9ed95e997c3ee43e481651e4eff1cf2d5da69d78e281dad8aaec05e8a6743e54d93bd62cdb5754e0275fafe1c469dd15c72c91cd6170bf3ba2813d31c545406745e88553cf92be9a42295e9739bd7d027a44bc2b4082669495e1cb0c941572309361fc9dbafdc7288b02dd7b4ec871d06d9fc7ae2884d1dfa3632e1001ed70992fab3d1c584ca05c4498b8514e97c2759b28d2d99084acc5ccb00d5e02ecfd9a18a2bfeb589643504d1326da753aad54933d3026c55736732e9aca26889a88dd78eef0f831fb224597600809d8ae3c0d7219896b35699391fc1ab3c3110b430950018a0435d3a18baf12c5a17670f3bea56bb627e94319e37b8c6a4bf3b41b9a36e2ae7fd53f79b60c06b4643df31621572cbd24a26a627b461af374a886da0fc9163aed2ae22c363bea8d48b654fdb54dc62719d8b16d91cf68c3c58e5ab5e5afa2d1d74ff29fce61e6912b5bd62ca790f9b02648d978420e0fea7982ed2209ef19fdd439d7df689d7467944ea9c86d41c64bb08b0ee9aea3b1db74fe7642027da5545d6010a92bcefda22fc236f46194858202a3c1e6e739a0d20a961e599b97cd7c4a0887163ff3a6649262f4babf43cb2e43a4b1f22f7f0fdad863f18e285cba398b5bebc73624fd2eb3baf567538f752595ad69ac574d0b40bb04826b0090595a1840cb9a6bcbcdf6172b5bf0f2720a329edd36449a7a899ab175a9e6cbcea276e26c1aeb17c6f77cd65381dbac2a1c124effb9b6f95f059ee71fd05d4ee43c4769c39ed0b73e2e4aa73ab45393994872a6d382e3e115abaca314facc13f67da0db9a4d74d438fb7c964fe6451d3e1730a5a20d8f97b1c31873d322b3bb70ff832c553d17b0686ff4da7b421a7fb08c92e06604a08a44a36d0e088d0e91a917e31707efef010e43a3afeecb8c192f1f72c5de1f5c5bbcfc3f6775129e3a4a29e941a5526c291098480bb81320d3e043e8bccc7f1bac21beb2f8b7d5255e113058d9316bda8d224c7b1990d5d1ebb8245862003dbb6aa9431d20a13b9e96febc817dd25db5e0fff55c9f42d6f7f6396322faacfd81671bc91bf8f418e619a521e59b35209691bd91540ffc12fe89f90ec93c39928e19b2911df570ec5f549b2b04544a21ff4e59570f67855bdddf687d977cc36730ccd1e1f15bb28dcda3a5234cb87a751e8303eb5d232418a9717fbc958a2eb420f0509347705a5b708c0fec9715d51bc38b9e66374676e9441ae82e243596c7b85dcb5bd49d514551d395eb69bdc2824aec64d1ec136306324c67c031bbc87571ae79c219220a94b12bbc00e6b2b86dddce324e278b3d91ba3f33fa50322b1da47a38fb01caf8ea2d0ffdee281284abe7b920895301a2704267145ce0e3e82b1a8e4f0dc1799fd2d85f911c81c882b9597a684b72df57959d331c70bf354fb934ff81c1fff2adac729fc3a5ad3b81b33d851d705b8efdbec829d4d3758a4d274005a18879b8018a4b5b34328a2527f0d8b306d144d8fad83fded9b0b0b1bde6793c599a1213e9e05c6e28b295e8386dc2fc9ac8092cb7a3704fbde7c229eecf1f890caeacc2cd1ad46813e69f01a509cbf7e7cd799af23607aa98123b96cf9c0512813d5d4726c43838572f87f7c4678ee68c15f31f41a4e8fb2c18823d40a67350881184f10e2f1a38ba08abcc094d49baa9e65859085fb1ff42fca688c048059f815ac1faade15d2b3ec726b56f32de0cda2dc57d1d1369dd8c80ce8e2735263c5c8d975b8ea101fb7f0773f8c3c72c18c1e2bda0451bec076f13d25fd7df05067697a2e7e1f5dfd75cf5c25497bbe24", 0x1000}, {&(0x7f00000013c0)="db815ce7052d3ac6269baad5f6f33c0790354230ce96a2dbca6f617b462521ca20a9de365f37f9ca48a52d36b71f613f1f604896f2e8b6b3e930f63c77931a62954fae1e685c14bbd32e5c9c4dec5b6c10d359dbd25619372f74a7550cd2a50ae98e5cb94dd66ed22c89433237e9905c2ea77518a92c59c6675b8ceea6e7990a4d2a2f49390a5feac5b5f053450d87d71a59d1f589e1e78c10cb25f397", 0x9d}], 0x100000000000027b)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback, 0xa77}, 0x1c)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x10000}, 0x0, 0x10000, 0x0, 0x1, 0xa, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="280000001800090000000000000000001c140000fe"], 0x28}}, 0x0)

184.394207ms ago: executing program 4 (id=1324):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
close(r2)

153.292958ms ago: executing program 3 (id=1325):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x8, &(0x7f0000006680))
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x3000404, &(0x7f00000000c0)={[{@grpjquota}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x1, 0x4be, &(0x7f0000000540)="$eJzs3ctvG9UaAPDPdpMmae7t415dtb26t5WKVB5qnIdQE2ABK2BRCVGJDUglJG4oceIodkoTVSKFXRcsEAgkxII9fwEbuqJCQqxhj1igIihBAiQkI4/tNi8XU1IbZX4/aeqZOeP5zqn7nY7PzHgCSK3jtT8yEYMR8UVE7K8vbtzgeP1l7eblqdqUiWr17PeZZLvacnPT5vv2RcRqRPRFxLNPRryU2Rq3vLwyO1ksFhYby/nK3EK+vLxy6sLc5ExhpjA/Mn56YmJ8eGx0YsfaevXNV66e+fjp3o9+fuPG9bc+/aRWrcFG2fp27KR603vi4Lp1eyLisXsRrAtyjfb0d7si3JXa5/eviDiR5P/+yCWfJpAG1Wq1+lt1b6vi1Sqwa2WTY+BMdigi6vPZ7NBQ/Rj+3zGQLZbKlYfOl5bmp+vHygeiJ3v+QrEw3PiucCB6MrXlkWT+9vLopuWxiOQY+O1cf7I8NFUqTne2qwM22bcp/3/K1fMfSAlf+SG9kvyvVquvdbsiQMf5/x/SS/5Desl/SC/5D+kl/yG95D+kl/yH9JL/kF7yH1LpmTNnalO1ef/79MXlpdnSxVPThfLs0NzS1NBUaXFhaKZUmknu2Zn7o/0VS6WFkYdj6VK+UihX8uXllXNzpaX5yrnkvv5zhZ6OtApox8Fj177KRMTqI/3JVNPbKJOrsLtVq5no9j3IQHfkut0BAV1j6A/Sy3d8YJuf6N2gr1XBws7XBeiMbLcrAHTNySPO/0FaGf+H9DL+D+nlGB8w/g/pY/wf0muwxfO//rHu2V3DEfHPiPgy17O3+awvYDfIfptpHP+f3H/f4ObS3swvySmC3oh49f2z716arFQWR2rrf7i1vvJeY/1oN+oPtKuZp808BgDSa+3m5anm1Mm43z1Rvwhha/w9jbHJvuQc5cBaZsO1CpkdunZh9UpEHN4ufqbxvPP6mY+BtdyW+Icar5n6LpL67kmem96Z+EfWxf//uvhH//LfCqTDtVr/M7xd/mWTnI5b+bex/xncoWsnWvd/2Vv9X65F/3eszRgvf/D6Ny3jX4k4um38Zry+JNbm+LW6nWwz/o0XnvtPq7Lqh/X9bBe/qTaXr8wt5MvLK6eS35GbKcyPjJ+emBgfHhudyCdj1PnmSPVWjx7+/Pqd2j/QIn6r9j/eqNMDbbb/1/9+9vzxO8S//8T2n/+hFvFr+iPiwTbj/zj69Yutymrxp1u0P3uH+LV1Y23GL7/z1N42NwUAOqC8vDI7WSwWFu9yprd3Z/Zj5m80k40/967/+Qew+2a63TMB99rtpO92TQAAAAAAAAAAAIB2deJy4m63EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgN/g9AAD//9h41EA=")
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
socket$nl_route(0x10, 0x3, 0x0)
r0 = io_uring_setup(0x648, &(0x7f00000000c0)={0x0, 0x7510, 0x3201, 0x3, 0x969})
io_uring_enter(r0, 0x0, 0xcb, 0xf, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, 0x0, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4800)
vmsplice(r1, 0x0, 0x0, 0xa)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@link_local, @remote, @val={@void, {0x8100, 0x6, 0x1, 0x2}}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "602116", 0x14, 0x3a, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast2, {[], @ndisc_ns={0x87, 0x0, 0x0, @rand_addr=' \x01\x00'}}}}}}, 0x0)

118.918078ms ago: executing program 0 (id=1326):
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYRESOCT=r0], &(0x7f0000000380)='GPL\x00', 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4})
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r3, 0x0, 0x60, &(0x7f0000000180)={'filter\x00', 0xfffffffffffff20, [{}, {0x0, 0x100000000000000}]}, 0x68)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=<r6=>r4, @ANYRESOCT=r0], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000340)='kfree\x00', r5}, 0x18)
pipe(0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
symlink(0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='kfree\x00', r7}, 0x18)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r10=>0x0})
sendmsg$nl_route(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYRES64=r6, @ANYRES32=r10, @ANYBLOB="c89904bd0000000008000d000000000034001680300001802c000c8014"], 0x5c}}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYRES64=r2, @ANYRESDEC=r9, @ANYRES16=r0], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYRESDEC, @ANYRES16], 0x48)

118.211298ms ago: executing program 2 (id=1327):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0x20, &(0x7f0000000240)={&(0x7f0000000200)=""/6, 0x6, <r0=>0x0, &(0x7f00000004c0)=""/131, 0x83}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x94)
mount_setattr(0xffffffffffffffff, &(0x7f0000001d80)='.\x00', 0x0, &(0x7f0000001dc0)={0xb}, 0x20)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000380)={<r2=>0x0, @in6={{0xa, 0x4e21, 0x4, @loopback, 0x8}}, 0x4, 0x7, 0x6, 0xe, 0x20, 0x3}, &(0x7f0000000000)=0x9c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000180)={r2, 0x101, 0x6}, 0x8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r3}, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
close(r4)

62.834309ms ago: executing program 1 (id=1328):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2ad, &(0x7f00000007c0)="$eJzs3b9rO2UYAPDn0jQJOiSCkwge6OD05dvv6pIiLRQzKRnUQYttQZogtFDwB8ZOri6Ori6C4OY/4eJ/ILgKbhYsnNzlrklqGpPatP74fJa+fe953nve69uWDvf03eeHxwdpHJ1/8lO0WknUutGNiyQ6UYvKZzGj+0UAAP9mF1kWv2Zjq+QlEdFaX1kAwBqt/Pv/u7WXBACs2RtvvvXadq+383qatmJ3+PlZP//LPv84vr59FO/HIA7jcbTjMiK7Mh7vZlk2qqe5Trw0HJ3188zhOz+U62//ElHkb0U7OsXUbP5eb2crHZvKH+V1PFXev5vnP4l2PDvn/nu9nSdz8qPfiJdfnKr/UbTjx/figxjEQVHEOD9qEZ9upemr2Ze/ffx2Xl6en4zO+s0ibiLbuOcvDQAAAAAAAAAAAAAAAAAAAAAA/2GPyt45zSj69+RTZf+djcv8k81IK53Z/jzj/KRa6Fp/oFEWX1X9eR6naZqVgZP8ejxXj/rD7BoAAAAAAAAAAAAAAAAAAAD+WU4//Oh4fzA4PLmTQdUNoHqt/7brdKdmXojFwc3JvWrlcMHKsVHFJBELy8g3sXTNv5dtD2736J65qeZvvl16na//eu/lYHOJmL85qE7X8X4y/xk2o5ppVYfk++mYRix5r8ZNl7KVjl9j7qX2yntvPF0MRgtiIllU2Cs/j59cOZNc30WjeKpz0zfLwVT6bExr+fOcf6f8SXLVrSO52x9CAAAAAAAAAAAAAAAAAABAYfLS75yL5wtTa1lzbWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2a/P//FQajMnmJ4EacnD7wFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+CMAAP//SfdjDw==")
set_mempolicy(0x6005, 0x0, 0x4)
r0 = open(0x0, 0x0, 0x28)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0xc0185879, &(0x7f0000000680)={0x4, 0x966a, 0x2000, 0x4, 0x0, 0x0, 0x2401})

1.09973ms ago: executing program 3 (id=1329):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x9, 0x5}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000014c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26f8ffa5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbde8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d944e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd00000000000000000000003a131374a3371cb3e2a9bb4d798b91cefa444501f40b7c9589e8c0bb6c82123d2b45ce905d0903b32ecf30e828c71a07a83f3275f3d661d1af0ffbd5d7f0"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0xfeffff, 0x680, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40)

633.51µs ago: executing program 2 (id=1330):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 64)
r1 = socket$l2tp6(0xa, 0x2, 0x73) (rerun: 64)
bind$l2tp6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x28, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7fff}, 0x20) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0) (async)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r2, 0x1, 0x0, 0xfffffffd, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @private=0xa010102}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x54}}, 0x0)

0s ago: executing program 3 (id=1331):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="7c010000190001000000000003000000ac141425000000000000000000000000fe8000000000000000000000000000aa00000000fffd00060a00008000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="02000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000c40005"], 0x17c}}, 0x10) (fail_nth: 4)

kernel console output (not intermixed with test programs):

_pfx_tipc_nl_compat_bearer_enable+0x10/0x10
[  100.929641][ T6413]  genl_family_rcv_msg_doit+0x143/0x1b0
[  100.929688][ T6413]  genl_rcv_msg+0x422/0x460
[  100.929723][ T6413]  ? __pfx_tipc_nl_compat_recv+0x10/0x10
[  100.929819][ T6413]  netlink_rcv_skb+0x120/0x220
[  100.929863][ T6413]  ? __pfx_genl_rcv_msg+0x10/0x10
[  100.929926][ T6413]  genl_rcv+0x28/0x40
[  100.929956][ T6413]  netlink_unicast+0x5a1/0x670
[  100.930009][ T6413]  netlink_sendmsg+0x58b/0x6b0
[  100.930067][ T6413]  ? __pfx_netlink_sendmsg+0x10/0x10
[  100.930094][ T6413]  __sock_sendmsg+0x142/0x180
[  100.930122][ T6413]  ____sys_sendmsg+0x31e/0x4e0
[  100.930168][ T6413]  ___sys_sendmsg+0x17b/0x1d0
[  100.930238][ T6413]  __x64_sys_sendmsg+0xd4/0x160
[  100.930293][ T6413]  x64_sys_call+0x2999/0x2fb0
[  100.930322][ T6413]  do_syscall_64+0xd2/0x200
[  100.930348][ T6413]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.930424][ T6413]  ? clear_bhb_loop+0x40/0x90
[  100.930516][ T6413]  ? clear_bhb_loop+0x40/0x90
[  100.930549][ T6413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.930578][ T6413] RIP: 0033:0x7fa191e0e929
[  100.930668][ T6413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.930694][ T6413] RSP: 002b:00007fa190477038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  100.930720][ T6413] RAX: ffffffffffffffda RBX: 00007fa192035fa0 RCX: 00007fa191e0e929
[  100.930736][ T6413] RDX: 0000000000000000 RSI: 0000200000000440 RDI: 0000000000000004
[  100.930753][ T6413] RBP: 00007fa190477090 R08: 0000000000000000 R09: 0000000000000000
[  100.930770][ T6413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.930787][ T6413] R13: 0000000000000000 R14: 00007fa192035fa0 R15: 00007ffd72c40328
[  100.930889][ T6413]  </TASK>
[  100.932495][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.933702][   T29] audit: type=1326 audit(1751024182.288:5315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6410 comm="syz.4.925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fa191e0d3df code=0x7ffc0000
[  100.933732][   T29] audit: type=1326 audit(1751024182.288:5316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6410 comm="syz.4.925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fa191e0d58a code=0x7ffc0000
[  100.997874][ T6417] loop4: detected capacity change from 0 to 1024
[  100.999653][   T29] audit: type=1326 audit(1751024182.288:5317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6410 comm="syz.4.925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa191e0e929 code=0x7ffc0000
[  101.111317][   T29] audit: type=1400 audit(1751024182.548:5318): avc:  denied  { create } for  pid=6418 comm="syz.2.930" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  101.233930][ T6417] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.242466][   T29] audit: type=1400 audit(1751024182.568:5319): avc:  denied  { connect } for  pid=6418 comm="syz.2.930" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  101.678038][ T6426] loop3: detected capacity change from 0 to 2048
[  101.691454][ T6426] EXT4-fs: Ignoring removed mblk_io_submit option
[  101.712719][ T6426] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.732773][   T10] Process accounting resumed
[  101.738077][ T3443] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:7: bg 0: block 234: padding at end of block bitmap is not set
[  101.753401][ T3443] EXT4-fs (loop3): Remounting filesystem read-only
[  101.793054][ T6428] loop2: detected capacity change from 0 to 2048
[  101.802131][ T6428] EXT4-fs: Ignoring removed mblk_io_submit option
[  101.810062][ T6438] FAULT_INJECTION: forcing a failure.
[  101.810062][ T6438] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.824016][ T6438] CPU: 1 UID: 0 PID: 6438 Comm: syz.1.935 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  101.824120][ T6438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  101.824132][ T6438] Call Trace:
[  101.824139][ T6438]  <TASK>
[  101.824148][ T6438]  __dump_stack+0x1d/0x30
[  101.824172][ T6438]  dump_stack_lvl+0xe8/0x140
[  101.824191][ T6438]  dump_stack+0x15/0x1b
[  101.824229][ T6438]  should_fail_ex+0x265/0x280
[  101.824266][ T6438]  should_fail+0xb/0x20
[  101.824300][ T6438]  should_fail_usercopy+0x1a/0x20
[  101.824397][ T6438]  _copy_to_user+0x20/0xa0
[  101.824449][ T6438]  __snd_timer_user_ioctl+0x22c7/0x2470
[  101.824499][ T6438]  ? do_vfs_ioctl+0x9df/0x11d0
[  101.824546][ T6438]  ? __pfx_snd_timer_user_ioctl+0x10/0x10
[  101.824609][ T6438]  snd_timer_user_ioctl+0x41/0x60
[  101.824641][ T6438]  __se_sys_ioctl+0xce/0x140
[  101.824750][ T6438]  __x64_sys_ioctl+0x43/0x50
[  101.824824][ T6438]  x64_sys_call+0x19a8/0x2fb0
[  101.824884][ T6438]  do_syscall_64+0xd2/0x200
[  101.824913][ T6438]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.824939][ T6438]  ? clear_bhb_loop+0x40/0x90
[  101.824963][ T6438]  ? clear_bhb_loop+0x40/0x90
[  101.824990][ T6438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.825018][ T6438] RIP: 0033:0x7f57d05ce929
[  101.825035][ T6438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.825056][ T6438] RSP: 002b:00007f57cec37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  101.825078][ T6438] RAX: ffffffffffffffda RBX: 00007f57d07f5fa0 RCX: 00007f57d05ce929
[  101.825141][ T6438] RDX: 0000200000000500 RSI: 0000000040505412 RDI: 0000000000000005
[  101.825156][ T6438] RBP: 00007f57cec37090 R08: 0000000000000000 R09: 0000000000000000
[  101.825171][ T6438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.825186][ T6438] R13: 0000000000000000 R14: 00007f57d07f5fa0 R15: 00007ffec9904e28
[  101.825211][ T6438]  </TASK>
[  101.827555][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.859833][ T6428] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.903481][ T6440] xt_hashlimit: max too large, truncated to 1048576
[  101.950579][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.958615][   T10] tipc: Node number set to 2886997162
[  102.028174][ T6436] Process accounting resumed
[  102.127088][   T31] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 234: padding at end of block bitmap is not set
[  102.142120][   T31] EXT4-fs (loop2): Remounting filesystem read-only
[  102.149528][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.158854][ T6454] loop3: detected capacity change from 0 to 1024
[  102.167837][ T6454] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.942: Failed to acquire dquot type 0
[  102.180702][ T6454] EXT4-fs (loop3): 1 truncate cleaned up
[  102.187172][ T6454] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.214714][ T6454] siw: device registration error -23
[  102.216848][ T6458] loop2: detected capacity change from 0 to 2048
[  102.241056][ T6458] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.241603][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.265586][ T6458] __nla_validate_parse: 1 callbacks suppressed
[  102.265604][ T6458] netlink: 24 bytes leftover after parsing attributes in process `syz.2.943'.
[  102.283520][ T6458] netlink: 14 bytes leftover after parsing attributes in process `syz.2.943'.
[  102.318515][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.337654][ T6462] xt_hashlimit: max too large, truncated to 1048576
[  102.534568][ T6468] loop3: detected capacity change from 0 to 2048
[  102.541574][ T6468] EXT4-fs: Ignoring removed mblk_io_submit option
[  102.570333][ T6468] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.587798][   T10] Process accounting resumed
[  102.594170][  T312] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:5: bg 0: block 234: padding at end of block bitmap is not set
[  102.605827][ T6473] lo speed is unknown, defaulting to 1000
[  102.609287][  T312] EXT4-fs (loop3): Remounting filesystem read-only
[  102.776868][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.786276][ T6480] xt_hashlimit: max too large, truncated to 1048576
[  102.902397][ T6488] lo speed is unknown, defaulting to 1000
[  103.002697][ T6496] loop4: detected capacity change from 0 to 1024
[  103.022360][ T6498] vlan2: entered allmulticast mode
[  103.027540][ T6498] dummy0: entered allmulticast mode
[  103.033508][ T6496] EXT4-fs: Ignoring removed orlov option
[  103.064218][ T6502] loop3: detected capacity change from 0 to 512
[  103.066091][ T6496] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.089111][ T6502] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  103.110290][ T3306] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  103.121485][ T3306] CPU: 1 UID: 0 PID: 3306 Comm: syz-executor Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  103.121593][ T3306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  103.121609][ T3306] Call Trace:
[  103.121616][ T3306]  <TASK>
[  103.121624][ T3306]  __dump_stack+0x1d/0x30
[  103.121650][ T3306]  dump_stack_lvl+0xe8/0x140
[  103.121670][ T3306]  dump_stack+0x15/0x1b
[  103.121744][ T3306]  dump_header+0x81/0x220
[  103.121784][ T3306]  oom_kill_process+0x334/0x3f0
[  103.121860][ T3306]  out_of_memory+0x979/0xb80
[  103.121893][ T3306]  try_charge_memcg+0x5e6/0x9e0
[  103.121939][ T3306]  charge_memcg+0x51/0xc0
[  103.122054][ T3306]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  103.122136][ T3306]  __read_swap_cache_async+0x1df/0x350
[  103.122180][ T3306]  swap_cluster_readahead+0x277/0x3e0
[  103.122226][ T3306]  swapin_readahead+0xde/0x6f0
[  103.122276][ T3306]  ? __filemap_get_folio+0x4f7/0x6b0
[  103.122400][ T3306]  ? next_uptodate_folio+0x81c/0x890
[  103.122422][ T3306]  ? swap_cache_get_folio+0x77/0x200
[  103.122538][ T3306]  do_swap_page+0x301/0x2430
[  103.122562][ T3306]  ? css_rstat_updated+0xcd/0x5b0
[  103.122599][ T3306]  ? __pfx_default_wake_function+0x10/0x10
[  103.122633][ T3306]  handle_mm_fault+0x9a5/0x2be0
[  103.122658][ T3306]  ? mas_walk+0xf2/0x120
[  103.122749][ T3306]  do_user_addr_fault+0x636/0x1090
[  103.122791][ T3306]  exc_page_fault+0x62/0xa0
[  103.122936][ T3306]  asm_exc_page_fault+0x26/0x30
[  103.122971][ T3306] RIP: 0033:0x7f57d04a5977
[  103.122988][ T3306] Code: 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 28 fe e7 00 48 69 8c 24 90 00 00 00 e8 03 00 00 8b 78 08 <48> 8b 44 24 18 48 c1 ea 12 4c 8b 0d 39 fd e7 00 48 01 d1 39 7c 24
[  103.123007][ T3306] RSP: 002b:00007ffec99051b0 EFLAGS: 00010202
[  103.123028][ T3306] RAX: 0000001b32120000 RBX: 00000000000001c9 RCX: 0000000000019258
[  103.123041][ T3306] RDX: 0000000000e21d1c RSI: 00007ffec9905240 RDI: 000000000000001d
[  103.123054][ T3306] RBP: 00007ffec99051ec R08: 00000000035e8e2c R09: 7fffffffffffffff
[  103.123127][ T3306] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  103.123139][ T3306] R13: 00000000000927c0 R14: 0000000000018f36 R15: 00007ffec9905240
[  103.123160][ T3306]  </TASK>
[  103.123170][ T3306] memory: usage 307200kB, limit 307200kB, failcnt 222
[  103.231725][ T6496] netlink: 4 bytes leftover after parsing attributes in process `syz.4.957'.
[  103.236710][ T3306] memory+swap: usage 307520kB, limit 9007199254740988kB, failcnt 0
[  103.236730][ T3306] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[  103.371387][ T3306] Memory cgroup stats for /syz1:
[  103.372070][ T6502] EXT4-fs error (device loop3): ext4_orphan_get:1419: comm syz.3.955: bad orphan inode 11
[  103.414622][ T6502] ext4_test_bit(bit=10, block=4) = 1
[  103.420020][ T6502] is_bad_inode(inode)=0
[  103.424221][ T6502] NEXT_ORPHAN(inode)=2080374784
[  103.425431][ T3306] cache 0
[  103.429344][ T6502] max_ino=32
[  103.432173][ T3306] rss 4096
[  103.432183][ T3306] shmem 0
[  103.432191][ T3306] mapped_file 0
[  103.432199][ T3306] dirty 0
[  103.432228][ T3306] writeback 0
[  103.432236][ T3306] workingset_refault_anon 50
[  103.432283][ T3306] workingset_refault_file 130
[  103.432293][ T3306] swap 327680
[  103.435506][ T6502] i_nlink=0
[  103.438515][ T3306] swapcached 8192
[  103.438527][ T3306] pgpgin 125248
[  103.474403][ T3306] pgpgout 125246
[  103.476572][ T6502] EXT4-fs (loop3): 1 truncate cleaned up
[  103.478005][ T3306] pgfault 136449
[  103.478016][ T3306] pgmajfault 48
[  103.490882][ T3306] inactive_anon 8192
[  103.494303][ T6502] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.494782][ T3306] active_anon 0
[  103.494793][ T3306] inactive_file 0
[  103.514466][ T3306] active_file 0
[  103.518021][ T3306] unevictable 0
[  103.521736][ T3306] hierarchical_memory_limit 314572800
[  103.527126][ T3306] hierarchical_memsw_limit 9223372036854771712
[  103.533368][ T3306] total_cache 0
[  103.536946][ T3306] total_rss 4096
[  103.540544][ T3306] total_shmem 0
[  103.544022][ T3306] total_mapped_file 0
[  103.548011][ T3306] total_dirty 0
[  103.551648][ T3306] total_writeback 0
[  103.555704][ T3306] total_workingset_refault_anon 50
[  103.560870][ T3306] total_workingset_refault_file 130
[  103.566190][ T3306] total_swap 327680
[  103.570123][ T3306] total_swapcached 8192
[  103.574295][ T3306] total_pgpgin 125248
[  103.578290][ T3306] total_pgpgout 125246
[  103.582585][ T3306] total_pgfault 136449
[  103.586747][ T3306] total_pgmajfault 48
[  103.590813][ T3306] total_inactive_anon 8192
[  103.595239][ T3306] total_active_anon 0
[  103.599311][ T3306] total_inactive_file 0
[  103.603476][ T3306] total_active_file 0
[  103.607479][ T3306] total_unevictable 0
[  103.611622][ T3306] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.941,pid=6451,uid=0
[  103.626216][ T3306] Memory cgroup out of memory: Killed process 6451 (syz.1.941) total-vm:95800kB, anon-rss:936kB, file-rss:22320kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  103.644467][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.655714][ T6452] syz.1.941 (6452) used greatest stack depth: 9280 bytes left
[  103.713839][ T6513] loop0: detected capacity change from 0 to 1024
[  103.723946][ T6511] loop4: detected capacity change from 0 to 128
[  103.729016][ T6513] EXT4-fs: test_dummy_encryption option not supported
[  103.754381][ T6511] bio_check_eod: 75 callbacks suppressed
[  103.754396][ T6511] syz.4.960: attempt to access beyond end of device
[  103.754396][ T6511] loop4: rw=2049, sector=145, nr_sectors = 8 limit=128
[  103.775343][ T6513] netlink: 8 bytes leftover after parsing attributes in process `syz.0.961'.
[  103.784818][ T6515] xt_hashlimit: max too large, truncated to 1048576
[  103.795284][ T6513] netlink: 8 bytes leftover after parsing attributes in process `syz.0.961'.
[  103.816460][ T6511] syz.4.960: attempt to access beyond end of device
[  103.816460][ T6511] loop4: rw=2049, sector=161, nr_sectors = 8 limit=128
[  103.856222][ T6511] syz.4.960: attempt to access beyond end of device
[  103.856222][ T6511] loop4: rw=2049, sector=177, nr_sectors = 24 limit=128
[  103.898458][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.907834][ T6511] syz.4.960: attempt to access beyond end of device
[  103.907834][ T6511] loop4: rw=2049, sector=209, nr_sectors = 8 limit=128
[  103.942846][ T6511] syz.4.960: attempt to access beyond end of device
[  103.942846][ T6511] loop4: rw=2049, sector=225, nr_sectors = 8 limit=128
[  103.956603][ T6511] syz.4.960: attempt to access beyond end of device
[  103.956603][ T6511] loop4: rw=2049, sector=241, nr_sectors = 8 limit=128
[  103.971005][ T6511] syz.4.960: attempt to access beyond end of device
[  103.971005][ T6511] loop4: rw=2049, sector=257, nr_sectors = 8 limit=128
[  103.985112][ T6511] syz.4.960: attempt to access beyond end of device
[  103.985112][ T6511] loop4: rw=2049, sector=273, nr_sectors = 8 limit=128
[  104.008807][ T6511] syz.4.960: attempt to access beyond end of device
[  104.008807][ T6511] loop4: rw=2049, sector=289, nr_sectors = 9 limit=128
[  104.022657][ T6523] loop3: detected capacity change from 0 to 512
[  104.033597][ T6455] syz.1.941 (6455) used greatest stack depth: 5800 bytes left
[  104.042980][ T6523] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  104.059705][ T6523] EXT4-fs (loop3): mount failed
[  104.127135][ T6538] loop1: detected capacity change from 0 to 512
[  104.139316][ T6538] journal_path: Lookup failure for './file0'
[  104.145376][ T6538] EXT4-fs: error: could not find journal device path
[  104.248734][ T6540] loop4: detected capacity change from 0 to 2048
[  104.265694][ T6540] EXT4-fs: Ignoring removed mblk_io_submit option
[  104.283191][ T6540] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.339483][ T6535] Process accounting resumed
[  104.348996][ T6539] loop2: detected capacity change from 0 to 2048
[  104.362684][ T6539] EXT4-fs: Ignoring removed mblk_io_submit option
[  104.380343][ T6539] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.394647][  T312] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:5: bg 0: block 234: padding at end of block bitmap is not set
[  104.421033][ T1046] Process accounting resumed
[  104.426320][  T312] EXT4-fs (loop4): Remounting filesystem read-only
[  104.431104][   T58] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 234: padding at end of block bitmap is not set
[  104.447599][   T58] EXT4-fs (loop2): Remounting filesystem read-only
[  104.454858][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.511159][ T6549] xt_hashlimit: max too large, truncated to 1048576
[  104.549151][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.580982][ T6555] netlink: 8 bytes leftover after parsing attributes in process `syz.2.974'.
[  104.599286][ T6551] netlink: 16 bytes leftover after parsing attributes in process `syz.3.975'.
[  104.602445][ T6555] netlink: 8 bytes leftover after parsing attributes in process `syz.2.974'.
[  104.698401][ T6562] loop2: detected capacity change from 0 to 1024
[  104.733020][ T6562] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.754285][ T6553] loop4: detected capacity change from 0 to 2048
[  104.762191][ T6553] EXT4-fs: Ignoring removed mblk_io_submit option
[  104.779958][ T6553] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.803685][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.814970][   T10] Process accounting resumed
[  104.820383][   T58] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 234: padding at end of block bitmap is not set
[  104.845560][   T58] EXT4-fs (loop4): Remounting filesystem read-only
[  104.849547][ T6574] FAULT_INJECTION: forcing a failure.
[  104.849547][ T6574] name failslab, interval 1, probability 0, space 0, times 0
[  104.864789][ T6574] CPU: 1 UID: 0 PID: 6574 Comm: +}[@ Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  104.864825][ T6574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  104.864841][ T6574] Call Trace:
[  104.864849][ T6574]  <TASK>
[  104.864859][ T6574]  __dump_stack+0x1d/0x30
[  104.864909][ T6574]  dump_stack_lvl+0xe8/0x140
[  104.864942][ T6574]  dump_stack+0x15/0x1b
[  104.864963][ T6574]  should_fail_ex+0x265/0x280
[  104.865003][ T6574]  should_failslab+0x8c/0xb0
[  104.865053][ T6574]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  104.865092][ T6574]  ? sidtab_sid2str_get+0xa0/0x130
[  104.865191][ T6574]  kmemdup_noprof+0x2b/0x70
[  104.865221][ T6574]  sidtab_sid2str_get+0xa0/0x130
[  104.865300][ T6574]  security_sid_to_context_core+0x1eb/0x2e0
[  104.865335][ T6574]  security_sid_to_context+0x27/0x40
[  104.865363][ T6574]  avc_audit_post_callback+0x10f/0x520
[  104.865442][ T6574]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  104.865477][ T6574]  common_lsm_audit+0x1bb/0x230
[  104.865501][ T6574]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  104.865616][ T6574]  slow_avc_audit+0x104/0x140
[  104.865647][ T6574]  avc_has_perm+0x128/0x150
[  104.865686][ T6574]  selinux_socket_sendmsg+0x175/0x1b0
[  104.865798][ T6574]  security_socket_sendmsg+0x48/0x80
[  104.865831][ T6574]  __sock_sendmsg+0x30/0x180
[  104.865860][ T6574]  ____sys_sendmsg+0x345/0x4e0
[  104.865911][ T6574]  ___sys_sendmsg+0x17b/0x1d0
[  104.865980][ T6574]  __sys_sendmmsg+0x178/0x300
[  104.866038][ T6574]  __x64_sys_sendmmsg+0x57/0x70
[  104.866117][ T6574]  x64_sys_call+0x2f2f/0x2fb0
[  104.866147][ T6574]  do_syscall_64+0xd2/0x200
[  104.866170][ T6574]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  104.866234][ T6574]  ? clear_bhb_loop+0x40/0x90
[  104.866256][ T6574]  ? clear_bhb_loop+0x40/0x90
[  104.866277][ T6574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.866323][ T6574] RIP: 0033:0x7f48bac3e929
[  104.866342][ T6574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.866429][ T6574] RSP: 002b:00007f48b92a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  104.866449][ T6574] RAX: ffffffffffffffda RBX: 00007f48bae65fa0 RCX: 00007f48bac3e929
[  104.866461][ T6574] RDX: 0000000000000001 RSI: 0000200000000340 RDI: 0000000000000005
[  104.866485][ T6574] RBP: 00007f48b92a7090 R08: 0000000000000000 R09: 0000000000000000
[  104.866497][ T6574] R10: 0000000000008010 R11: 0000000000000246 R12: 0000000000000001
[  104.866512][ T6574] R13: 0000000000000000 R14: 00007f48bae65fa0 R15: 00007ffc8a49bd88
[  104.866539][ T6574]  </TASK>
[  105.203956][ T6582] loop1: detected capacity change from 0 to 256
[  105.222768][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.318920][ T6590] netlink: 240 bytes leftover after parsing attributes in process `syz.4.986'.
[  105.376636][ T6594] loop0: detected capacity change from 0 to 512
[  105.403237][ T6585] loop2: detected capacity change from 0 to 2048
[  105.411285][ T6594] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  105.421827][ T6585] EXT4-fs: Ignoring removed mblk_io_submit option
[  105.428352][ T6599] loop4: detected capacity change from 0 to 1024
[  105.429904][ T6594] EXT4-fs (loop0): 1 truncate cleaned up
[  105.435338][ T6599] EXT4-fs: Ignoring removed nobh option
[  105.441144][ T6594] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.446106][ T6599] EXT4-fs: Ignoring removed oldalloc option
[  105.459163][ T6594] FAULT_INJECTION: forcing a failure.
[  105.459163][ T6594] name failslab, interval 1, probability 0, space 0, times 0
[  105.476898][ T6594] CPU: 0 UID: 0 PID: 6594 Comm: syz.0.989 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  105.476934][ T6594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  105.476950][ T6594] Call Trace:
[  105.476958][ T6594]  <TASK>
[  105.476967][ T6594]  __dump_stack+0x1d/0x30
[  105.477022][ T6594]  dump_stack_lvl+0xe8/0x140
[  105.477048][ T6594]  dump_stack+0x15/0x1b
[  105.477070][ T6594]  should_fail_ex+0x265/0x280
[  105.477110][ T6594]  should_failslab+0x8c/0xb0
[  105.477133][ T6594]  kmem_cache_alloc_noprof+0x50/0x310
[  105.477227][ T6594]  ? getname_flags+0x80/0x3b0
[  105.477256][ T6594]  getname_flags+0x80/0x3b0
[  105.477281][ T6594]  path_setxattrat+0x223/0x310
[  105.477332][ T6594]  __x64_sys_lsetxattr+0x71/0x90
[  105.477421][ T6594]  x64_sys_call+0x1e36/0x2fb0
[  105.477449][ T6594]  do_syscall_64+0xd2/0x200
[  105.477473][ T6594]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  105.477507][ T6594]  ? clear_bhb_loop+0x40/0x90
[  105.477614][ T6594]  ? clear_bhb_loop+0x40/0x90
[  105.477650][ T6594]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.477672][ T6594] RIP: 0033:0x7f21d08ae929
[  105.477757][ T6594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.477776][ T6594] RSP: 002b:00007f21cef17038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  105.477797][ T6594] RAX: ffffffffffffffda RBX: 00007f21d0ad5fa0 RCX: 00007f21d08ae929
[  105.477810][ T6594] RDX: 0000200000000040 RSI: 0000200000000300 RDI: 0000200000000100
[  105.477885][ T6594] RBP: 00007f21cef17090 R08: 0000000000000000 R09: 0000000000000000
[  105.477966][ T6594] R10: 000000000000fe37 R11: 0000000000000246 R12: 0000000000000001
[  105.477978][ T6594] R13: 0000000000000000 R14: 00007f21d0ad5fa0 R15: 00007fffeaa72ea8
[  105.478082][ T6594]  </TASK>
[  105.707221][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.707657][ T6585] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.734946][ T6599] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.777501][ T6607] loop0: detected capacity change from 0 to 2048
[  105.797536][ T6597] netlink: 12 bytes leftover after parsing attributes in process `syz.1.990'.
[  105.830031][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.840453][   T10] Process accounting resumed
[  105.845792][   T37] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 234: padding at end of block bitmap is not set
[  105.869785][   T37] EXT4-fs (loop2): Remounting filesystem read-only
[  105.882824][ T6607] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.900694][ T6609] loop4: detected capacity change from 0 to 1024
[  105.940619][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.961002][ T6609] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.022659][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.059332][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.104997][   T29] kauditd_printk_skb: 491 callbacks suppressed
[  106.105012][   T29] audit: type=1326 audit(1751024187.538:5808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6621 comm="syz.2.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48bac3e929 code=0x7ffc0000
[  106.141168][   T29] audit: type=1326 audit(1751024187.568:5809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6621 comm="syz.2.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f48bac3e929 code=0x7ffc0000
[  106.164621][   T29] audit: type=1326 audit(1751024187.568:5810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6621 comm="syz.2.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48bac3e929 code=0x7ffc0000
[  106.188059][   T29] audit: type=1326 audit(1751024187.568:5811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6621 comm="syz.2.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f48bac3e929 code=0x7ffc0000
[  106.211475][   T29] audit: type=1326 audit(1751024187.568:5812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6621 comm="syz.2.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48bac3e929 code=0x7ffc0000
[  106.234998][   T29] audit: type=1326 audit(1751024187.568:5813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6621 comm="syz.2.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f48bac3e929 code=0x7ffc0000
[  106.258761][   T29] audit: type=1326 audit(1751024187.568:5814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6621 comm="syz.2.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48bac3e929 code=0x7ffc0000
[  106.275478][ T6618] loop0: detected capacity change from 0 to 2048
[  106.283078][   T29] audit: type=1326 audit(1751024187.568:5815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6621 comm="syz.2.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f48bac3e929 code=0x7ffc0000
[  106.292501][ T6618] EXT4-fs: Ignoring removed mblk_io_submit option
[  106.312830][   T29] audit: type=1326 audit(1751024187.568:5816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6621 comm="syz.2.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48bac3e929 code=0x7ffc0000
[  106.342975][ T6620] loop4: detected capacity change from 0 to 2048
[  106.343018][   T29] audit: type=1326 audit(1751024187.568:5817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6621 comm="syz.2.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f48bac3e929 code=0x7ffc0000
[  106.375492][ T6628] loop3: detected capacity change from 0 to 256
[  106.375568][ T6620] EXT4-fs: Ignoring removed mblk_io_submit option
[  106.390099][ T6628] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  106.391688][ T6618] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.408433][ T6620] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.430033][ T1046] Process accounting resumed
[  106.435630][  T312] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:5: bg 0: block 234: padding at end of block bitmap is not set
[  106.450841][ T6617] Process accounting resumed
[  106.466406][  T312] EXT4-fs (loop4): Remounting filesystem read-only
[  106.487783][  T312] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:5: bg 0: block 234: padding at end of block bitmap is not set
[  106.503285][  T312] EXT4-fs (loop0): Remounting filesystem read-only
[  106.511030][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.526602][ T6634] FAULT_INJECTION: forcing a failure.
[  106.526602][ T6634] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  106.539925][ T6634] CPU: 0 UID: 0 PID: 6634 Comm: syz.2.999 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  106.539973][ T6634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  106.539989][ T6634] Call Trace:
[  106.539997][ T6634]  <TASK>
[  106.540006][ T6634]  __dump_stack+0x1d/0x30
[  106.540043][ T6634]  dump_stack_lvl+0xe8/0x140
[  106.540069][ T6634]  dump_stack+0x15/0x1b
[  106.540096][ T6634]  should_fail_ex+0x265/0x280
[  106.540164][ T6634]  should_fail+0xb/0x20
[  106.540245][ T6634]  should_fail_usercopy+0x1a/0x20
[  106.540307][ T6634]  _copy_from_user+0x1c/0xb0
[  106.540329][ T6634]  do_sys_poll+0x149/0xbd0
[  106.540352][ T6634]  ? rcu_segcblist_enqueue+0x92/0xb0
[  106.540557][ T6634]  do_restart_poll+0xb3/0x140
[  106.540579][ T6634]  __ia32_sys_restart_syscall+0x38/0x50
[  106.540607][ T6634]  x64_sys_call+0x253e/0x2fb0
[  106.540629][ T6634]  do_syscall_64+0xd2/0x200
[  106.540647][ T6634]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  106.540719][ T6634]  ? clear_bhb_loop+0x40/0x90
[  106.540798][ T6634]  ? clear_bhb_loop+0x40/0x90
[  106.540899][ T6634]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.540921][ T6634] RIP: 0033:0x7f48bac3e929
[  106.540937][ T6634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.540956][ T6634] RSP: 002b:00007f48b92a7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000db
[  106.541006][ T6634] RAX: ffffffffffffffda RBX: 00007f48bae65fa0 RCX: 00007f48bac3e929
[  106.541018][ T6634] RDX: ffffffffffbffff8 RSI: 000000000000002c RDI: 0000200000b2c000
[  106.541030][ T6634] RBP: 00007f48b92a7090 R08: 0000000000000000 R09: 0000000000000000
[  106.541042][ T6634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.541054][ T6634] R13: 0000000000000000 R14: 00007f48bae65fa0 R15: 00007ffc8a49bd88
[  106.541075][ T6634]  </TASK>
[  106.542022][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.565088][ T6637] 9pnet_fd: Insufficient options for proto=fd
[  106.754414][ T6639] loop2: detected capacity change from 0 to 1024
[  106.765166][ T6639] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  106.776452][ T6639] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  106.788330][ T6639] JBD2: no valid journal superblock found
[  106.794412][ T6639] EXT4-fs (loop2): Could not load journal inode
[  106.825987][ T6639] Cannot find del_set index 2 as target
[  106.924893][ T6656] loop1: detected capacity change from 0 to 512
[  106.938502][ T6656] journal_path: Lookup failure for './file0'
[  106.944886][ T6656] EXT4-fs: error: could not find journal device path
[  106.957233][ T6645] batadv0: entered allmulticast mode
[  107.034706][ T6655] loop2: detected capacity change from 0 to 512
[  107.042107][ T6655] EXT4-fs warning (device loop2): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  107.074490][ T6661] loop3: detected capacity change from 0 to 2048
[  107.109109][ T6661]  loop3: p1 < > p4
[  107.113688][ T6661] loop3: p4 size 8388608 extends beyond EOD, truncated
[  107.369522][ T6674] loop3: detected capacity change from 0 to 128
[  107.384270][ T6674] syz.3.1016: attempt to access beyond end of device
[  107.384270][ T6674] loop3: rw=2049, sector=145, nr_sectors = 8 limit=128
[  107.442704][ T6676] lo speed is unknown, defaulting to 1000
[  107.744867][ T6692] xt_hashlimit: max too large, truncated to 1048576
[  107.850421][ T6702] loop2: detected capacity change from 0 to 1024
[  107.879327][ T6702] EXT4-fs: Ignoring removed nobh option
[  107.904955][ T6702] EXT4-fs: Ignoring removed oldalloc option
[  107.912019][ T6699] loop4: detected capacity change from 0 to 2048
[  107.922551][ T6699] EXT4-fs: Ignoring removed mblk_io_submit option
[  107.941630][ T6699] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.941675][ T6702] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.966718][ T6714] loop1: detected capacity change from 0 to 512
[  107.973815][ T6714] journal_path: Lookup failure for './file0'
[  107.980007][ T6714] EXT4-fs: error: could not find journal device path
[  107.993223][   T10] Process accounting resumed
[  108.009336][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.018502][  T312] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:5: bg 0: block 234: padding at end of block bitmap is not set
[  108.033477][  T312] EXT4-fs (loop4): Remounting filesystem read-only
[  108.067222][ T6722] loop2: detected capacity change from 0 to 128
[  108.096943][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.312720][ T6737] xt_hashlimit: max too large, truncated to 1048576
[  108.386746][ T6718] ±ÿ: renamed from batadv_slave_1
[  108.410287][ T6727] __nla_validate_parse: 4 callbacks suppressed
[  108.410404][ T6727] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1031'.
[  108.429996][ T6727] loop4: detected capacity change from 0 to 512
[  108.436980][ T6727] EXT4-fs: dax option not supported
[  108.450062][ T6727] netlink: 'syz.4.1031': attribute type 13 has an invalid length.
[  108.477946][ T6744] loop1: detected capacity change from 0 to 1024
[  108.494827][ T6744] EXT4-fs: Ignoring removed nobh option
[  108.505474][ T6744] EXT4-fs: Ignoring removed oldalloc option
[  108.526546][ T6747] loop2: detected capacity change from 0 to 512
[  108.553953][ T6747] journal_path: Lookup failure for './file0'
[  108.560198][ T6747] EXT4-fs: error: could not find journal device path
[  108.560744][ T6744] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.573121][ T6754] loop0: detected capacity change from 0 to 512
[  108.603057][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.629842][ T6754] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.643171][ T6754] ext4 filesystem being mounted at /212/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  108.656867][ T6765] loop4: detected capacity change from 0 to 256
[  108.673814][ T6754] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.1041: corrupted inode contents
[  108.676357][ T6769] FAULT_INJECTION: forcing a failure.
[  108.676357][ T6769] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  108.699000][ T6769] CPU: 1 UID: 0 PID: 6769 Comm: syz.3.1047 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  108.699056][ T6769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  108.699098][ T6769] Call Trace:
[  108.699104][ T6769]  <TASK>
[  108.699113][ T6769]  __dump_stack+0x1d/0x30
[  108.699139][ T6769]  dump_stack_lvl+0xe8/0x140
[  108.699161][ T6769]  dump_stack+0x15/0x1b
[  108.699178][ T6769]  should_fail_ex+0x265/0x280
[  108.699288][ T6769]  should_fail+0xb/0x20
[  108.699317][ T6769]  should_fail_usercopy+0x1a/0x20
[  108.699431][ T6769]  _copy_from_user+0x1c/0xb0
[  108.699453][ T6769]  ___sys_sendmsg+0xc1/0x1d0
[  108.699620][ T6769]  __sys_sendmmsg+0x178/0x300
[  108.699686][ T6769]  __x64_sys_sendmmsg+0x57/0x70
[  108.699746][ T6769]  x64_sys_call+0x2f2f/0x2fb0
[  108.699768][ T6769]  do_syscall_64+0xd2/0x200
[  108.699787][ T6769]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  108.699892][ T6769]  ? clear_bhb_loop+0x40/0x90
[  108.699914][ T6769]  ? clear_bhb_loop+0x40/0x90
[  108.699937][ T6769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.699960][ T6769] RIP: 0033:0x7f2ff5fde929
[  108.699976][ T6769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.699994][ T6769] RSP: 002b:00007f2ff4647038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  108.700049][ T6769] RAX: ffffffffffffffda RBX: 00007f2ff6205fa0 RCX: 00007f2ff5fde929
[  108.700061][ T6769] RDX: 0400000000000181 RSI: 00002000000030c0 RDI: 0000000000000003
[  108.700074][ T6769] RBP: 00007f2ff4647090 R08: 0000000000000000 R09: 0000000000000000
[  108.700086][ T6769] R10: 9200000000000000 R11: 0000000000000246 R12: 0000000000000001
[  108.700107][ T6769] R13: 0000000000000000 R14: 00007f2ff6205fa0 R15: 00007ffed1b2a6b8
[  108.700128][ T6769]  </TASK>
[  108.700341][ T6754] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.1041: mark_inode_dirty error
[  108.733589][ T6770] SELinux:  policydb version 617649946 does not match my version range 15-34
[  108.734534][ T6754] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.1041: corrupted inode contents
[  108.763813][ T6770] SELinux: failed to load policy
[  108.766493][ T6754] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.1041: mark_inode_dirty error
[  108.775965][ T6764] loop2: detected capacity change from 0 to 1024
[  108.822417][ T6767] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1043'.
[  108.860378][ T6764] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.865870][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.970235][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.039541][ T6791] loop1: detected capacity change from 0 to 512
[  109.050361][ T6791] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.063433][ T6791] ext4 filesystem being mounted at /189/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  109.106085][ T6798] loop4: detected capacity change from 0 to 512
[  109.113217][ T6798] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  109.125977][ T6798] EXT4-fs (loop4): 1 truncate cleaned up
[  109.142153][ T6798] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.170357][ T6802] FAULT_INJECTION: forcing a failure.
[  109.170357][ T6802] name failslab, interval 1, probability 0, space 0, times 0
[  109.172426][ T6798] FAULT_INJECTION: forcing a failure.
[  109.172426][ T6798] name failslab, interval 1, probability 0, space 0, times 0
[  109.183143][ T6802] CPU: 1 UID: 0 PID: 6802 Comm: syz.0.1057 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  109.183185][ T6802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  109.183203][ T6802] Call Trace:
[  109.183212][ T6802]  <TASK>
[  109.183225][ T6802]  __dump_stack+0x1d/0x30
[  109.183253][ T6802]  dump_stack_lvl+0xe8/0x140
[  109.183337][ T6802]  dump_stack+0x15/0x1b
[  109.183359][ T6802]  should_fail_ex+0x265/0x280
[  109.183406][ T6802]  should_failslab+0x8c/0xb0
[  109.183500][ T6802]  kmem_cache_alloc_noprof+0x50/0x310
[  109.183592][ T6802]  ? dst_alloc+0xbd/0x100
[  109.183637][ T6802]  dst_alloc+0xbd/0x100
[  109.183681][ T6802]  ip_route_output_key_hash_rcu+0xf16/0x1440
[  109.183768][ T6802]  ip_route_output_flow+0x7b/0x130
[  109.183806][ T6802]  udp_sendmsg+0x1197/0x13b0
[  109.183842][ T6802]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  109.183894][ T6802]  ? __account_obj_stock+0x211/0x350
[  109.183939][ T6802]  udpv6_sendmsg+0x7e9/0x1580
[  109.183987][ T6802]  ? inet_sk_get_local_port_range+0x89/0x100
[  109.184021][ T6802]  ? _raw_spin_unlock_bh+0x36/0x40
[  109.184108][ T6802]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  109.184154][ T6802]  inet6_sendmsg+0xac/0xd0
[  109.184181][ T6802]  __sock_sendmsg+0x8b/0x180
[  109.184216][ T6802]  ____sys_sendmsg+0x345/0x4e0
[  109.184276][ T6802]  ___sys_sendmsg+0x17b/0x1d0
[  109.184345][ T6802]  __sys_sendmmsg+0x178/0x300
[  109.184411][ T6802]  __x64_sys_sendmmsg+0x57/0x70
[  109.184538][ T6802]  x64_sys_call+0x2f2f/0x2fb0
[  109.184570][ T6802]  do_syscall_64+0xd2/0x200
[  109.184595][ T6802]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  109.184701][ T6802]  ? clear_bhb_loop+0x40/0x90
[  109.184730][ T6802]  ? clear_bhb_loop+0x40/0x90
[  109.184762][ T6802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.184792][ T6802] RIP: 0033:0x7f21d08ae929
[  109.184813][ T6802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.184865][ T6802] RSP: 002b:00007f21cef17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  109.184891][ T6802] RAX: ffffffffffffffda RBX: 00007f21d0ad5fa0 RCX: 00007f21d08ae929
[  109.184926][ T6802] RDX: 0000000000000001 RSI: 0000200000002b00 RDI: 0000000000000004
[  109.184943][ T6802] RBP: 00007f21cef17090 R08: 0000000000000000 R09: 0000000000000000
[  109.184960][ T6802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.185002][ T6802] R13: 0000000000000000 R14: 00007f21d0ad5fa0 R15: 00007fffeaa72ea8
[  109.185099][ T6802]  </TASK>
[  109.445196][ T6798] CPU: 0 UID: 0 PID: 6798 Comm: syz.4.1056 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  109.445241][ T6798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  109.445334][ T6798] Call Trace:
[  109.445340][ T6798]  <TASK>
[  109.445393][ T6798]  __dump_stack+0x1d/0x30
[  109.445412][ T6798]  dump_stack_lvl+0xe8/0x140
[  109.445430][ T6798]  dump_stack+0x15/0x1b
[  109.445521][ T6798]  should_fail_ex+0x265/0x280
[  109.445624][ T6798]  ? ext4_expand_extra_isize_ea+0x79c/0x11f0
[  109.445643][ T6798]  should_failslab+0x8c/0xb0
[  109.445664][ T6798]  __kmalloc_cache_noprof+0x4c/0x320
[  109.445704][ T6798]  ext4_expand_extra_isize_ea+0x79c/0x11f0
[  109.445765][ T6798]  ? ext4_fc_track_inode+0x9f/0x530
[  109.445800][ T6798]  __ext4_expand_extra_isize+0x246/0x280
[  109.445841][ T6798]  __ext4_mark_inode_dirty+0x29d/0x3f0
[  109.445941][ T6798]  __ext4_unlink+0x46c/0x630
[  109.446012][ T6798]  ext4_unlink+0x100/0x2b0
[  109.446039][ T6798]  vfs_unlink+0x26c/0x420
[  109.446069][ T6798]  do_unlinkat+0x28e/0x4c0
[  109.446149][ T6798]  __x64_sys_unlink+0x2e/0x40
[  109.446177][ T6798]  x64_sys_call+0x22a6/0x2fb0
[  109.446197][ T6798]  do_syscall_64+0xd2/0x200
[  109.446213][ T6798]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  109.446236][ T6798]  ? clear_bhb_loop+0x40/0x90
[  109.446304][ T6798]  ? clear_bhb_loop+0x40/0x90
[  109.446336][ T6798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.446383][ T6798] RIP: 0033:0x7fa191e0e929
[  109.446397][ T6798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.446413][ T6798] RSP: 002b:00007fa190477038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[  109.446430][ T6798] RAX: ffffffffffffffda RBX: 00007fa192035fa0 RCX: 00007fa191e0e929
[  109.446513][ T6798] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180
[  109.446524][ T6798] RBP: 00007fa190477090 R08: 0000000000000000 R09: 0000000000000000
[  109.446534][ T6798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.446545][ T6798] R13: 0000000000000000 R14: 00007fa192035fa0 R15: 00007ffd72c40328
[  109.446563][ T6798]  </TASK>
[  109.454570][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.675198][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.730033][ T6814] lo speed is unknown, defaulting to 1000
[  109.903934][ T6826] loop2: detected capacity change from 0 to 2048
[  109.924577][ T6826] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.941501][ T6826] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1065'.
[  109.951546][ T6826] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1065'.
[  110.196307][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.271744][ T6834] loop4: detected capacity change from 0 to 1024
[  110.289979][ T6834] EXT4-fs: Ignoring removed nobh option
[  110.304735][ T6834] EXT4-fs: Ignoring removed oldalloc option
[  110.370473][ T6834] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.448770][ T6838] loop2: detected capacity change from 0 to 2048
[  110.459623][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.476667][ T6840] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1069'.
[  110.479446][ T6838]  loop2: p1 < > p4
[  110.497671][ T6840] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1069'.
[  110.508039][ T6838] loop2: p4 size 8388608 extends beyond EOD, truncated
[  110.510374][ T6840] xt_hashlimit: max too large, truncated to 1048576
[  110.556623][ T6844] loop3: detected capacity change from 0 to 512
[  110.589938][ T6844] EXT4-fs error (device loop3): ext4_iget_extra_inode:5035: inode #15: comm syz.3.1070: corrupted in-inode xattr: invalid ea_ino
[  110.609494][ T6844] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.1070: couldn't read orphan inode 15 (err -117)
[  110.642987][ T6844] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.679738][ T6850] loop1: detected capacity change from 0 to 2048
[  110.719104][ T6850]  loop1: p1 < > p4
[  110.723641][ T6850] loop1: p4 size 8388608 extends beyond EOD, truncated
[  110.792448][ T6861] loop1: detected capacity change from 0 to 1024
[  110.851286][ T6869] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  110.860270][ T6869] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  110.868825][ T6869] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1071'.
[  110.877918][ T6869] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1071'.
[  110.888131][ T6858] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1076'.
[  110.920949][ T6858] loop2: detected capacity change from 0 to 512
[  110.922171][ T6869] team0: entered promiscuous mode
[  110.948611][ T6858] EXT4-fs: dax option not supported
[  110.955451][ T6872] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  110.972841][ T6858] netlink: 'syz.2.1076': attribute type 13 has an invalid length.
[  110.990755][ T6872] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  110.991438][ T6869] team_slave_0: entered promiscuous mode
[  111.004656][ T6869] team_slave_1: entered promiscuous mode
[  111.019301][ T6869] team0: left promiscuous mode
[  111.024269][ T6869] team_slave_0: left promiscuous mode
[  111.027414][ T6872] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1072'.
[  111.029822][ T6869] team_slave_1: left promiscuous mode
[  111.095585][ T6876] FAULT_INJECTION: forcing a failure.
[  111.095585][ T6876] name failslab, interval 1, probability 0, space 0, times 0
[  111.108365][ T6876] CPU: 0 UID: 0 PID: 6876 Comm: syz.4.1072 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  111.108402][ T6876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  111.108418][ T6876] Call Trace:
[  111.108430][ T6876]  <TASK>
[  111.108438][ T6876]  __dump_stack+0x1d/0x30
[  111.108544][ T6876]  dump_stack_lvl+0xe8/0x140
[  111.108579][ T6876]  dump_stack+0x15/0x1b
[  111.108602][ T6876]  should_fail_ex+0x265/0x280
[  111.108643][ T6876]  should_failslab+0x8c/0xb0
[  111.108686][ T6876]  __kvmalloc_node_noprof+0x123/0x4e0
[  111.108716][ T6876]  ? nf_hook_entries_grow+0x1bc/0x450
[  111.108760][ T6876]  nf_hook_entries_grow+0x1bc/0x450
[  111.108801][ T6876]  __nf_register_net_hook+0x18e/0x480
[  111.108864][ T6876]  nf_register_net_hook+0x88/0x130
[  111.108961][ T6876]  nf_register_net_hooks+0x44/0x150
[  111.109003][ T6876]  nf_ct_netns_do_get+0x2b1/0x380
[  111.109060][ T6876]  ? nf_register_net_hook+0x9e/0x130
[  111.109104][ T6876]  nf_ct_netns_get+0x87/0xc0
[  111.109173][ T6876]  connlimit_mt_check+0x4a/0x150
[  111.109206][ T6876]  xt_check_match+0x2ad/0x4f0
[  111.109237][ T6876]  ? strnlen+0x28/0x50
[  111.109294][ T6876]  ? strcmp+0x22/0x50
[  111.109319][ T6876]  ? xt_find_match+0x1d1/0x210
[  111.109358][ T6876]  translate_table+0xa9c/0xf90
[  111.109463][ T6876]  do_ipt_set_ctl+0x66f/0x820
[  111.109512][ T6876]  nf_setsockopt+0x196/0x1b0
[  111.109573][ T6876]  ip_setsockopt+0x102/0x110
[  111.109611][ T6876]  udp_setsockopt+0x99/0xb0
[  111.109646][ T6876]  sock_common_setsockopt+0x66/0x80
[  111.109673][ T6876]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  111.109770][ T6876]  __sys_setsockopt+0x181/0x200
[  111.109803][ T6876]  __x64_sys_setsockopt+0x64/0x80
[  111.109957][ T6876]  x64_sys_call+0x2bd5/0x2fb0
[  111.109985][ T6876]  do_syscall_64+0xd2/0x200
[  111.110064][ T6876]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  111.110099][ T6876]  ? clear_bhb_loop+0x40/0x90
[  111.110178][ T6876]  ? clear_bhb_loop+0x40/0x90
[  111.110201][ T6876]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.110228][ T6876] RIP: 0033:0x7fa191e0e929
[  111.110316][ T6876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.110337][ T6876] RSP: 002b:00007fa190435038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  111.110361][ T6876] RAX: ffffffffffffffda RBX: 00007fa192036160 RCX: 00007fa191e0e929
[  111.110378][ T6876] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000011
[  111.110400][ T6876] RBP: 00007fa190435090 R08: 0000000000000570 R09: 0000000000000000
[  111.110416][ T6876] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000001
[  111.110498][ T6876] R13: 0000000000000000 R14: 00007fa192036160 R15: 00007ffd72c40328
[  111.110518][ T6876]  </TASK>
[  111.113423][ T6872] team0: entered promiscuous mode
[  111.123012][ T6876] xt_connlimit: cannot load conntrack support for proto=2
[  111.272042][ T6872] team_slave_0: entered promiscuous mode
[  111.345879][ T6879] xt_hashlimit: max too large, truncated to 1048576
[  111.349429][ T6872] team_slave_1: entered promiscuous mode
[  111.409258][   T29] kauditd_printk_skb: 452 callbacks suppressed
[  111.409278][   T29] audit: type=1326 audit(1751024192.718:6270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6877 comm="syz.2.1081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48bac3e929 code=0x7ffc0000
[  111.409331][   T29] audit: type=1326 audit(1751024192.718:6271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6877 comm="syz.2.1081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7f48bac3e929 code=0x7ffc0000
[  111.468580][   T29] audit: type=1326 audit(1751024192.718:6272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6877 comm="syz.2.1081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48bac3e929 code=0x7ffc0000
[  111.492188][   T29] audit: type=1326 audit(1751024192.718:6273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6877 comm="syz.2.1081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f48bac3e929 code=0x7ffc0000
[  111.492567][ T6875] loop1: detected capacity change from 0 to 2048
[  111.516010][   T29] audit: type=1326 audit(1751024192.718:6274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6877 comm="syz.2.1081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48bac3e929 code=0x7ffc0000
[  111.516068][   T29] audit: type=1326 audit(1751024192.718:6275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6877 comm="syz.2.1081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f48bac3e929 code=0x7ffc0000
[  111.523394][ T6875] EXT4-fs: Ignoring removed mblk_io_submit option
[  111.547548][   T29] audit: type=1326 audit(1751024192.718:6276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6877 comm="syz.2.1081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48bac3e929 code=0x7ffc0000
[  111.601086][   T29] audit: type=1326 audit(1751024192.718:6277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6877 comm="syz.2.1081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f48bac3e929 code=0x7ffc0000
[  111.624590][   T29] audit: type=1326 audit(1751024192.718:6278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6877 comm="syz.2.1081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48bac3e929 code=0x7ffc0000
[  111.640022][ T1046] Process accounting resumed
[  111.648047][   T29] audit: type=1326 audit(1751024192.718:6279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6877 comm="syz.2.1081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f48bac3e929 code=0x7ffc0000
[  111.676876][ T6872] team0: left promiscuous mode
[  111.677250][   T31] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 234: padding at end of block bitmap is not set
[  111.681763][ T6872] team_slave_0: left promiscuous mode
[  111.701988][ T6872] team_slave_1: left promiscuous mode
[  111.711573][   T31] EXT4-fs (loop1): Remounting filesystem read-only
[  111.758444][ T6891] FAULT_INJECTION: forcing a failure.
[  111.758444][ T6891] name failslab, interval 1, probability 0, space 0, times 0
[  111.771236][ T6891] CPU: 0 UID: 0 PID: 6891 Comm: syz.2.1084 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  111.771339][ T6891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  111.771355][ T6891] Call Trace:
[  111.771364][ T6891]  <TASK>
[  111.771373][ T6891]  __dump_stack+0x1d/0x30
[  111.771401][ T6891]  dump_stack_lvl+0xe8/0x140
[  111.771425][ T6891]  dump_stack+0x15/0x1b
[  111.771441][ T6891]  should_fail_ex+0x265/0x280
[  111.771487][ T6891]  should_failslab+0x8c/0xb0
[  111.771518][ T6891]  __kmalloc_cache_node_noprof+0x54/0x320
[  111.771556][ T6891]  ? __get_vm_area_node+0x106/0x1d0
[  111.771609][ T6891]  __get_vm_area_node+0x106/0x1d0
[  111.771712][ T6891]  __vmalloc_node_range_noprof+0x273/0xe00
[  111.771751][ T6891]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  111.771789][ T6891]  ? mntput_no_expire+0x6f/0x3c0
[  111.771831][ T6891]  ? __rcu_read_unlock+0x4f/0x70
[  111.771865][ T6891]  ? selinux_capable+0x1f9/0x270
[  111.771933][ T6891]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  111.772021][ T6891]  __vmalloc_noprof+0x83/0xc0
[  111.772051][ T6891]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  111.772098][ T6891]  bpf_prog_alloc_no_stats+0x47/0x390
[  111.772186][ T6891]  ? bpf_prog_alloc+0x2a/0x150
[  111.772266][ T6891]  bpf_prog_alloc+0x3c/0x150
[  111.772437][ T6891]  bpf_prog_load+0x514/0x1070
[  111.772483][ T6891]  ? security_bpf+0x2b/0x90
[  111.772510][ T6891]  __sys_bpf+0x51d/0x790
[  111.772561][ T6891]  __x64_sys_bpf+0x41/0x50
[  111.772639][ T6891]  x64_sys_call+0x2478/0x2fb0
[  111.772663][ T6891]  do_syscall_64+0xd2/0x200
[  111.772683][ T6891]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  111.772711][ T6891]  ? clear_bhb_loop+0x40/0x90
[  111.772779][ T6891]  ? clear_bhb_loop+0x40/0x90
[  111.772806][ T6891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.772827][ T6891] RIP: 0033:0x7f48bac3e929
[  111.772843][ T6891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.772929][ T6891] RSP: 002b:00007f48b92a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  111.772952][ T6891] RAX: ffffffffffffffda RBX: 00007f48bae65fa0 RCX: 00007f48bac3e929
[  111.772968][ T6891] RDX: 0000000000000094 RSI: 0000200000000140 RDI: 0000000000000005
[  111.772983][ T6891] RBP: 00007f48b92a7090 R08: 0000000000000000 R09: 0000000000000000
[  111.772998][ T6891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.773013][ T6891] R13: 0000000000000000 R14: 00007f48bae65fa0 R15: 00007ffc8a49bd88
[  111.773060][ T6891]  </TASK>
[  111.773076][ T6891] syz.2.1084: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0
[  112.038917][ T6891] CPU: 0 UID: 0 PID: 6891 Comm: syz.2.1084 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  112.038943][ T6891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  112.038954][ T6891] Call Trace:
[  112.038961][ T6891]  <TASK>
[  112.038968][ T6891]  __dump_stack+0x1d/0x30
[  112.038987][ T6891]  dump_stack_lvl+0xe8/0x140
[  112.039053][ T6891]  dump_stack+0x15/0x1b
[  112.039068][ T6891]  warn_alloc+0x12b/0x1a0
[  112.039107][ T6891]  __vmalloc_node_range_noprof+0x297/0xe00
[  112.039152][ T6891]  ? mntput_no_expire+0x6f/0x3c0
[  112.039227][ T6891]  ? __rcu_read_unlock+0x4f/0x70
[  112.039250][ T6891]  ? selinux_capable+0x1f9/0x270
[  112.039278][ T6891]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  112.039364][ T6891]  __vmalloc_noprof+0x83/0xc0
[  112.039391][ T6891]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  112.039497][ T6891]  bpf_prog_alloc_no_stats+0x47/0x390
[  112.039525][ T6891]  ? bpf_prog_alloc+0x2a/0x150
[  112.039612][ T6891]  bpf_prog_alloc+0x3c/0x150
[  112.039655][ T6891]  bpf_prog_load+0x514/0x1070
[  112.039742][ T6891]  ? security_bpf+0x2b/0x90
[  112.039760][ T6891]  __sys_bpf+0x51d/0x790
[  112.039796][ T6891]  __x64_sys_bpf+0x41/0x50
[  112.039885][ T6891]  x64_sys_call+0x2478/0x2fb0
[  112.039905][ T6891]  do_syscall_64+0xd2/0x200
[  112.039921][ T6891]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  112.039968][ T6891]  ? clear_bhb_loop+0x40/0x90
[  112.039986][ T6891]  ? clear_bhb_loop+0x40/0x90
[  112.040035][ T6891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.040061][ T6891] RIP: 0033:0x7f48bac3e929
[  112.040074][ T6891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.040090][ T6891] RSP: 002b:00007f48b92a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  112.040106][ T6891] RAX: ffffffffffffffda RBX: 00007f48bae65fa0 RCX: 00007f48bac3e929
[  112.040152][ T6891] RDX: 0000000000000094 RSI: 0000200000000140 RDI: 0000000000000005
[  112.040162][ T6891] RBP: 00007f48b92a7090 R08: 0000000000000000 R09: 0000000000000000
[  112.040173][ T6891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  112.040187][ T6891] R13: 0000000000000000 R14: 00007f48bae65fa0 R15: 00007ffc8a49bd88
[  112.040214][ T6891]  </TASK>
[  112.040220][ T6891] Mem-Info:
[  112.267747][ T6891] active_anon:8174 inactive_anon:0 isolated_anon:0
[  112.267747][ T6891]  active_file:8671 inactive_file:2222 isolated_file:0
[  112.267747][ T6891]  unevictable:0 dirty:197 writeback:0
[  112.267747][ T6891]  slab_reclaimable:3096 slab_unreclaimable:96677
[  112.267747][ T6891]  mapped:29373 shmem:4549 pagetables:1362
[  112.267747][ T6891]  sec_pagetables:0 bounce:0
[  112.267747][ T6891]  kernel_misc_reclaimable:0
[  112.267747][ T6891]  free:1759041 free_pcp:56574 free_cma:0
[  112.313024][ T6891] Node 0 active_anon:32696kB inactive_anon:0kB active_file:34684kB inactive_file:8888kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:117492kB dirty:788kB writeback:0kB shmem:18196kB writeback_tmp:0kB kernel_stack:3296kB pagetables:5680kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  112.342719][ T6891] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  112.371607][ T6891] lowmem_reserve[]: 0 2882 7860 7860
[  112.376982][ T6891] Node 0 DMA32 free:2947728kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2951356kB mlocked:0kB bounce:0kB free_pcp:3628kB local_pcp:100kB free_cma:0kB
[  112.407354][ T6891] lowmem_reserve[]: 0 0 4978 4978
[  112.412645][ T6891] Node 0 Normal free:4073136kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:32696kB inactive_anon:0kB active_file:34684kB inactive_file:8888kB unevictable:0kB writepending:788kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:222320kB local_pcp:192204kB free_cma:0kB
[  112.444885][ T6891] lowmem_reserve[]: 0 0 0 0
[  112.449437][ T6891] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  112.462274][ T6891] Node 0 DMA32: 2*4kB (M) 1*8kB (M) 4*16kB (M) 2*32kB (M) 4*64kB (M) 4*128kB (M) 3*256kB (M) 4*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2947728kB
[  112.478832][ T6891] Node 0 Normal: 1358*4kB (UME) 622*8kB (UME) 628*16kB (UME) 339*32kB (UME) 454*64kB (UME) 222*128kB (UME) 86*256kB (UME) 63*512kB (UME) 44*1024kB (UM) 47*2048kB (UME) 925*4096kB (UM) = 4073160kB
[  112.498407][ T6891] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  112.507879][ T6891] 15470 total pagecache pages
[  112.512686][ T6891] 5 pages in swap cache
[  112.516888][ T6891] Free swap  = 124976kB
[  112.521102][ T6891] Total swap = 124996kB
[  112.525273][ T6891] 2097051 pages RAM
[  112.529129][ T6891] 0 pages HighMem/MovableOnly
[  112.533814][ T6891] 80812 pages reserved
[  112.547867][ T6897] loop0: detected capacity change from 0 to 2048
[  112.584205][ T6903] loop3: detected capacity change from 0 to 2048
[  112.592106][ T6897]  loop0: p1 < > p4
[  112.596574][ T6897] loop0: p4 size 8388608 extends beyond EOD, truncated
[  112.633303][ T6906] loop2: detected capacity change from 0 to 1024
[  112.647216][ T6906] EXT4-fs: Ignoring removed oldalloc option
[  112.653300][ T6906] EXT4-fs: Ignoring removed orlov option
[  112.659007][ T6906] EXT4-fs: Ignoring removed oldalloc option
[  112.665053][ T6906] EXT4-fs: Ignoring removed nomblk_io_submit option
[  112.699446][ T6910] xt_hashlimit: max too large, truncated to 1048576
[  112.725085][ T6910] loop0: detected capacity change from 0 to 128
[  112.731665][ T6905] loop1: detected capacity change from 0 to 512
[  112.738143][ T6912] loop3: detected capacity change from 0 to 2048
[  112.738495][ T6905] EXT4-fs: dax option not supported
[  112.753535][ T6905] netlink: 'syz.1.1091': attribute type 13 has an invalid length.
[  112.827338][ T6920] lo speed is unknown, defaulting to 1000
[  112.848389][ T6925] loop0: detected capacity change from 0 to 512
[  112.871360][ T6925] ext4 filesystem being mounted at /224/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  113.124730][ T6945] FAULT_INJECTION: forcing a failure.
[  113.124730][ T6945] name failslab, interval 1, probability 0, space 0, times 0
[  113.137850][ T6945] CPU: 1 UID: 0 PID: 6945 Comm: syz.0.1098 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  113.137888][ T6945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  113.137902][ T6945] Call Trace:
[  113.137909][ T6945]  <TASK>
[  113.137917][ T6945]  __dump_stack+0x1d/0x30
[  113.137953][ T6945]  dump_stack_lvl+0xe8/0x140
[  113.138106][ T6945]  dump_stack+0x15/0x1b
[  113.138159][ T6945]  should_fail_ex+0x265/0x280
[  113.138215][ T6945]  should_failslab+0x8c/0xb0
[  113.138243][ T6945]  __kvmalloc_node_noprof+0x123/0x4e0
[  113.138304][ T6945]  ? bpf_test_run_xdp_live+0xed/0xfe0
[  113.138358][ T6945]  bpf_test_run_xdp_live+0xed/0xfe0
[  113.138396][ T6945]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  113.138488][ T6945]  ? cpus_read_unlock+0x6e/0xc0
[  113.138517][ T6945]  ? __static_call_update+0x37c/0x3b0
[  113.138561][ T6945]  ? 0xffffffffa0205480
[  113.138584][ T6945]  ? synchronize_rcu+0x45/0x320
[  113.138629][ T6945]  ? 0xffffffffa0205480
[  113.138644][ T6945]  ? 0xffffffffa0205480
[  113.138658][ T6945]  ? bpf_dispatcher_change_prog+0x6ec/0x7f0
[  113.138756][ T6945]  ? 0xffffffffa0201654
[  113.138770][ T6945]  ? 0xffffffffa020168c
[  113.138798][ T6945]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  113.138845][ T6945]  bpf_prog_test_run_xdp+0x4f5/0x910
[  113.138933][ T6945]  ? __rcu_read_unlock+0x4f/0x70
[  113.139033][ T6945]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  113.139069][ T6945]  bpf_prog_test_run+0x227/0x390
[  113.139091][ T6945]  __sys_bpf+0x3dc/0x790
[  113.139141][ T6945]  __x64_sys_bpf+0x41/0x50
[  113.139219][ T6945]  x64_sys_call+0x2478/0x2fb0
[  113.139249][ T6945]  do_syscall_64+0xd2/0x200
[  113.139349][ T6945]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  113.139390][ T6945]  ? clear_bhb_loop+0x40/0x90
[  113.139420][ T6945]  ? clear_bhb_loop+0x40/0x90
[  113.139450][ T6945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.139481][ T6945] RIP: 0033:0x7f21d08ae929
[  113.139503][ T6945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.139647][ T6945] RSP: 002b:00007f21cef17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  113.139674][ T6945] RAX: ffffffffffffffda RBX: 00007f21d0ad5fa0 RCX: 00007f21d08ae929
[  113.139688][ T6945] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  113.139701][ T6945] RBP: 00007f21cef17090 R08: 0000000000000000 R09: 0000000000000000
[  113.139715][ T6945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.139732][ T6945] R13: 0000000000000000 R14: 00007f21d0ad5fa0 R15: 00007fffeaa72ea8
[  113.139840][ T6945]  </TASK>
[  113.415816][ T6948] lo speed is unknown, defaulting to 1000
[  113.578021][ T6954] xt_hashlimit: max too large, truncated to 1048576
[  113.590907][ T6958] loop2: detected capacity change from 0 to 1024
[  113.597723][ T6958] EXT4-fs: Ignoring removed nobh option
[  113.629782][ T6954] loop4: detected capacity change from 0 to 128
[  113.639090][ T6958] EXT4-fs: Ignoring removed oldalloc option
[  113.696091][ T6964] lo speed is unknown, defaulting to 1000
[  113.707948][ T6969] loop3: detected capacity change from 0 to 512
[  113.754958][ T6969] ext4 filesystem being mounted at /228/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  113.784926][ T6977] lo speed is unknown, defaulting to 1000
[  113.842101][ T6979] lo speed is unknown, defaulting to 1000
[  114.027732][ T6999] __nla_validate_parse: 9 callbacks suppressed
[  114.027751][ T6999] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1117'.
[  114.043884][ T7000] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1117'.
[  114.116613][ T7005] lo speed is unknown, defaulting to 1000
[  114.124472][ T6999] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1117'.
[  114.133449][ T6999] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1117'.
[  114.150127][ T7000] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1117'.
[  114.159430][ T7000] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1117'.
[  114.187982][ T6999] wireguard0: entered promiscuous mode
[  114.193583][ T6999] wireguard0: entered allmulticast mode
[  114.214205][ T7000] wireguard1: entered promiscuous mode
[  114.219823][ T7000] wireguard1: entered allmulticast mode
[  114.330749][ T7009] loop1: detected capacity change from 0 to 2048
[  114.345069][ T7018] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1123'.
[  114.349387][ T7009] EXT4-fs: Ignoring removed mblk_io_submit option
[  114.361017][ T7021] loop3: detected capacity change from 0 to 1024
[  114.367920][ T7018] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1123'.
[  114.378094][ T7021] EXT4-fs: Ignoring removed nobh option
[  114.387413][ T7018] xt_hashlimit: max too large, truncated to 1048576
[  114.410592][ T7023] xt_hashlimit: max too large, truncated to 1048576
[  114.413866][ T7021] EXT4-fs: Ignoring removed oldalloc option
[  114.429336][   T10] Process accounting resumed
[  114.436413][   T58] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 234: padding at end of block bitmap is not set
[  114.451577][   T58] EXT4-fs (loop1): Remounting filesystem read-only
[  114.477711][ T7030] loop2: detected capacity change from 0 to 512
[  114.541157][ T7030] EXT4-fs (loop2): orphan cleanup on readonly fs
[  114.548209][ T7030] EXT4-fs error (device loop2): ext4_orphan_get:1419: comm syz.2.1124: bad orphan inode 13
[  114.559107][ T7030] ext4_test_bit(bit=12, block=18) = 1
[  114.564558][ T7030] is_bad_inode(inode)=0
[  114.568801][ T7030] NEXT_ORPHAN(inode)=2130706432
[  114.573702][ T7030] max_ino=32
[  114.576926][ T7030] i_nlink=1
[  114.643915][ T7030] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  114.653610][ T7036] FAULT_INJECTION: forcing a failure.
[  114.653610][ T7036] name failslab, interval 1, probability 0, space 0, times 0
[  114.666385][ T7036] CPU: 0 UID: 0 PID: 7036 Comm: syz.0.1128 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  114.666421][ T7036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  114.666505][ T7036] Call Trace:
[  114.666513][ T7036]  <TASK>
[  114.666523][ T7036]  __dump_stack+0x1d/0x30
[  114.666549][ T7036]  dump_stack_lvl+0xe8/0x140
[  114.666573][ T7036]  dump_stack+0x15/0x1b
[  114.666589][ T7036]  should_fail_ex+0x265/0x280
[  114.666685][ T7036]  should_failslab+0x8c/0xb0
[  114.666713][ T7036]  __kvmalloc_node_noprof+0x123/0x4e0
[  114.666750][ T7036]  ? bpf_test_run_xdp_live+0xed/0xfe0
[  114.666819][ T7036]  bpf_test_run_xdp_live+0xed/0xfe0
[  114.666889][ T7036]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  114.666920][ T7036]  ? __pfx_autoremove_wake_function+0x10/0x10
[  114.667038][ T7036]  ? 0xffffffffa0205480
[  114.667058][ T7036]  ? synchronize_rcu+0x45/0x320
[  114.667098][ T7036]  ? 0xffffffffa0205480
[  114.667113][ T7036]  ? 0xffffffffa0205480
[  114.667136][ T7036]  ? bpf_dispatcher_change_prog+0x6ec/0x7f0
[  114.667172][ T7036]  ? rep_movs_alternative+0xf/0x90
[  114.667205][ T7036]  ? 0xffffffffa0201654
[  114.667289][ T7036]  ? 0xffffffffa020168c
[  114.667320][ T7036]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  114.667386][ T7036]  bpf_prog_test_run_xdp+0x4f5/0x910
[  114.667431][ T7036]  ? __rcu_read_unlock+0x4f/0x70
[  114.667465][ T7036]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  114.667531][ T7036]  bpf_prog_test_run+0x227/0x390
[  114.667554][ T7036]  __sys_bpf+0x3dc/0x790
[  114.667605][ T7036]  __x64_sys_bpf+0x41/0x50
[  114.667687][ T7036]  x64_sys_call+0x2478/0x2fb0
[  114.667773][ T7036]  do_syscall_64+0xd2/0x200
[  114.667796][ T7036]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  114.667822][ T7036]  ? clear_bhb_loop+0x40/0x90
[  114.667846][ T7036]  ? clear_bhb_loop+0x40/0x90
[  114.667875][ T7036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.667927][ T7036] RIP: 0033:0x7f21d08ae929
[  114.667942][ T7036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.667960][ T7036] RSP: 002b:00007f21cef17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  114.667980][ T7036] RAX: ffffffffffffffda RBX: 00007f21d0ad5fa0 RCX: 00007f21d08ae929
[  114.667997][ T7036] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  114.668013][ T7036] RBP: 00007f21cef17090 R08: 0000000000000000 R09: 0000000000000000
[  114.668055][ T7036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  114.668110][ T7036] R13: 0000000000000000 R14: 00007f21d0ad5fa0 R15: 00007fffeaa72ea8
[  114.668136][ T7036]  </TASK>
[  114.928109][ T7030] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1124: bg 0: block 248: padding at end of block bitmap is not set
[  114.953654][ T7030] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1124: Failed to acquire dquot type 1
[  114.975504][ T7030] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  114.999158][ T7033] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1126'.
[  115.008444][ T7040] loop4: detected capacity change from 0 to 512
[  115.026517][ T7033] loop3: detected capacity change from 0 to 512
[  115.033344][ T7033] EXT4-fs: dax option not supported
[  115.033468][ T7040] journal_path: Lookup failure for './file0'
[  115.044966][ T7040] EXT4-fs: error: could not find journal device path
[  115.046751][ T7033] netlink: 'syz.3.1126': attribute type 13 has an invalid length.
[  115.080657][ T7033] netdevsim netdevsim3 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  115.089127][ T7033] netdevsim netdevsim3 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  115.098016][ T7033] netdevsim netdevsim3 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  115.106534][ T7033] netdevsim netdevsim3 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  115.237919][ T7057] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1136'.
[  115.286454][ T7051] loop0: detected capacity change from 0 to 2048
[  115.307914][ T7051] EXT4-fs: Ignoring removed mblk_io_submit option
[  115.331226][ T7066] FAULT_INJECTION: forcing a failure.
[  115.331226][ T7066] name failslab, interval 1, probability 0, space 0, times 0
[  115.344040][ T7066] CPU: 0 UID: 0 PID: 7066 Comm: syz.3.1140 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  115.344111][ T7066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  115.344126][ T7066] Call Trace:
[  115.344133][ T7066]  <TASK>
[  115.344141][ T7066]  __dump_stack+0x1d/0x30
[  115.344167][ T7066]  dump_stack_lvl+0xe8/0x140
[  115.344215][ T7066]  dump_stack+0x15/0x1b
[  115.344237][ T7066]  should_fail_ex+0x265/0x280
[  115.344271][ T7066]  should_failslab+0x8c/0xb0
[  115.344294][ T7066]  kmem_cache_alloc_noprof+0x50/0x310
[  115.344320][ T7066]  ? security_inode_alloc+0x37/0x100
[  115.344389][ T7066]  security_inode_alloc+0x37/0x100
[  115.344437][ T7066]  inode_init_always_gfp+0x4b7/0x500
[  115.344479][ T7066]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  115.344498][ T7066]  alloc_inode+0x58/0x170
[  115.344543][ T7066]  new_inode+0x1d/0xe0
[  115.344562][ T7066]  shmem_get_inode+0x244/0x750
[  115.344666][ T7066]  __shmem_file_setup+0x113/0x210
[  115.344708][ T7066]  shmem_file_setup+0x3b/0x50
[  115.344819][ T7066]  __se_sys_memfd_create+0x2c3/0x590
[  115.344852][ T7066]  __x64_sys_memfd_create+0x31/0x40
[  115.344887][ T7066]  x64_sys_call+0x122f/0x2fb0
[  115.344987][ T7066]  do_syscall_64+0xd2/0x200
[  115.345060][ T7066]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  115.345126][ T7066]  ? clear_bhb_loop+0x40/0x90
[  115.345150][ T7066]  ? clear_bhb_loop+0x40/0x90
[  115.345174][ T7066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.345201][ T7066] RIP: 0033:0x7f2ff5fde929
[  115.345217][ T7066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.345234][ T7066] RSP: 002b:00007f2ff4646e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  115.345302][ T7066] RAX: ffffffffffffffda RBX: 00000000000004c4 RCX: 00007f2ff5fde929
[  115.345314][ T7066] RDX: 00007f2ff4646ef0 RSI: 0000000000000000 RDI: 00007f2ff60614cc
[  115.345327][ T7066] RBP: 0000200000000500 R08: 00007f2ff4646bb7 R09: 00007f2ff4646e40
[  115.345342][ T7066] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000080
[  115.345355][ T7066] R13: 00007f2ff4646ef0 R14: 00007f2ff4646eb0 R15: 0000200000000200
[  115.345375][ T7066]  </TASK>
[  115.596614][ T7064] loop2: detected capacity change from 0 to 1024
[  115.637426][ T7051] Process accounting resumed
[  115.650854][ T7064] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1139: Failed to acquire dquot type 0
[  115.682985][ T7064] EXT4-fs (loop2): 1 truncate cleaned up
[  115.745716][   T51] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 234: padding at end of block bitmap is not set
[  115.784899][   T51] EXT4-fs (loop0): Remounting filesystem read-only
[  115.799234][ T7084] FAULT_INJECTION: forcing a failure.
[  115.799234][ T7084] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  115.812525][ T7084] CPU: 0 UID: 0 PID: 7084 Comm: syz.1.1148 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  115.812561][ T7084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  115.812623][ T7084] Call Trace:
[  115.812631][ T7084]  <TASK>
[  115.812641][ T7084]  __dump_stack+0x1d/0x30
[  115.812666][ T7084]  dump_stack_lvl+0xe8/0x140
[  115.812690][ T7084]  dump_stack+0x15/0x1b
[  115.812711][ T7084]  should_fail_ex+0x265/0x280
[  115.812747][ T7084]  should_fail+0xb/0x20
[  115.812781][ T7084]  should_fail_usercopy+0x1a/0x20
[  115.812815][ T7084]  _copy_from_iter+0xcf/0xe40
[  115.812923][ T7084]  ? __build_skb_around+0x1a0/0x200
[  115.812962][ T7084]  ? __alloc_skb+0x223/0x320
[  115.812996][ T7084]  netlink_sendmsg+0x471/0x6b0
[  115.813029][ T7084]  ? __pfx_netlink_sendmsg+0x10/0x10
[  115.813050][ T7084]  __sock_sendmsg+0x142/0x180
[  115.813115][ T7084]  ____sys_sendmsg+0x31e/0x4e0
[  115.813154][ T7084]  ___sys_sendmsg+0x17b/0x1d0
[  115.813206][ T7084]  __x64_sys_sendmsg+0xd4/0x160
[  115.813308][ T7084]  x64_sys_call+0x2999/0x2fb0
[  115.813330][ T7084]  do_syscall_64+0xd2/0x200
[  115.813348][ T7084]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  115.813395][ T7084]  ? clear_bhb_loop+0x40/0x90
[  115.813418][ T7084]  ? clear_bhb_loop+0x40/0x90
[  115.813466][ T7084]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.813488][ T7084] RIP: 0033:0x7f57d05ce929
[  115.813541][ T7084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.813560][ T7084] RSP: 002b:00007f57cec37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  115.813579][ T7084] RAX: ffffffffffffffda RBX: 00007f57d07f5fa0 RCX: 00007f57d05ce929
[  115.813591][ T7084] RDX: 00000000240008c4 RSI: 0000200000000280 RDI: 0000000000000003
[  115.813604][ T7084] RBP: 00007f57cec37090 R08: 0000000000000000 R09: 0000000000000000
[  115.813615][ T7084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  115.813627][ T7084] R13: 0000000000000000 R14: 00007f57d07f5fa0 R15: 00007ffec9904e28
[  115.813648][ T7084]  </TASK>
[  115.815567][ T7079] loop4: detected capacity change from 0 to 2048
[  115.845388][ T7081] loop2: detected capacity change from 0 to 512
[  115.937424][ T7092] xt_hashlimit: max too large, truncated to 1048576
[  116.045908][ T7079]  loop4: p1 < > p4
[  116.051127][ T7081] ext4 filesystem being mounted at /261/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.065108][ T7079] loop4: p4 size 8388608 extends beyond EOD, truncated
[  116.090748][ T7096] loop1: detected capacity change from 0 to 512
[  116.099706][ T7096] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  116.108319][ T7109] loop0: detected capacity change from 0 to 256
[  116.126680][ T7096] EXT4-fs error (device loop1): ext4_orphan_get:1419: comm syz.1.1151: bad orphan inode 11
[  116.152989][ T7115] netlink: 'syz.3.1155': attribute type 1 has an invalid length.
[  116.161995][ T7096] ext4_test_bit(bit=10, block=4) = 1
[  116.167346][ T7096] is_bad_inode(inode)=0
[  116.169659][ T7117] FAULT_INJECTION: forcing a failure.
[  116.169659][ T7117] name failslab, interval 1, probability 0, space 0, times 0
[  116.171884][ T7096] NEXT_ORPHAN(inode)=2080374784
[  116.184213][ T7117] CPU: 1 UID: 0 PID: 7117 Comm: syz.4.1156 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  116.184250][ T7117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  116.184330][ T7117] Call Trace:
[  116.184337][ T7117]  <TASK>
[  116.184346][ T7117]  __dump_stack+0x1d/0x30
[  116.184439][ T7117]  dump_stack_lvl+0xe8/0x140
[  116.184470][ T7117]  dump_stack+0x15/0x1b
[  116.184493][ T7117]  should_fail_ex+0x265/0x280
[  116.184541][ T7117]  should_failslab+0x8c/0xb0
[  116.184587][ T7117]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  116.184631][ T7117]  ? sidtab_sid2str_get+0xa0/0x130
[  116.184678][ T7117]  kmemdup_noprof+0x2b/0x70
[  116.184739][ T7117]  sidtab_sid2str_get+0xa0/0x130
[  116.184774][ T7117]  security_sid_to_context_core+0x1eb/0x2e0
[  116.184810][ T7117]  security_sid_to_context+0x27/0x40
[  116.184881][ T7117]  selinux_lsmprop_to_secctx+0x67/0xf0
[  116.184915][ T7117]  security_lsmprop_to_secctx+0x43/0x80
[  116.184999][ T7117]  audit_log_task_context+0x77/0x190
[  116.185119][ T7117]  audit_log_task+0xf4/0x250
[  116.185162][ T7117]  audit_seccomp+0x61/0x100
[  116.185201][ T7117]  ? __seccomp_filter+0x68c/0x10d0
[  116.185235][ T7117]  __seccomp_filter+0x69d/0x10d0
[  116.185289][ T7117]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  116.185370][ T7117]  ? vfs_write+0x75e/0x8e0
[  116.185454][ T7117]  __secure_computing+0x82/0x150
[  116.185564][ T7117]  syscall_trace_enter+0xcf/0x1e0
[  116.185665][ T7117]  do_syscall_64+0xac/0x200
[  116.185687][ T7117]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  116.185732][ T7117]  ? clear_bhb_loop+0x40/0x90
[  116.185762][ T7117]  ? clear_bhb_loop+0x40/0x90
[  116.185794][ T7117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.185846][ T7117] RIP: 0033:0x7fa191e0e929
[  116.185870][ T7117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.185895][ T7117] RSP: 002b:00007fa190477038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  116.185923][ T7117] RAX: ffffffffffffffda RBX: 00007fa192035fa0 RCX: 00007fa191e0e929
[  116.185941][ T7117] RDX: 0000200000000040 RSI: 0000000000005423 RDI: 0000000000000003
[  116.185980][ T7117] RBP: 00007fa190477090 R08: 0000000000000000 R09: 0000000000000000
[  116.185997][ T7117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.186014][ T7117] R13: 0000000000000000 R14: 00007fa192035fa0 R15: 00007ffd72c40328
[  116.186042][ T7117]  </TASK>
[  116.245773][ T7122] loop4: detected capacity change from 0 to 512
[  116.249060][ T7096] max_ino=32
[  116.249070][ T7096] i_nlink=0
[  116.250324][ T7096] EXT4-fs (loop1): 1 truncate cleaned up
[  116.344267][ T7122] ext4 filesystem being mounted at /205/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.469998][   T29] kauditd_printk_skb: 350 callbacks suppressed
[  116.470013][   T29] audit: type=1400 audit(1751024197.898:6625): avc:  denied  { bind } for  pid=7121 comm="syz.4.1158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  116.495934][   T29] audit: type=1400 audit(1751024197.898:6626): avc:  denied  { listen } for  pid=7121 comm="syz.4.1158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  116.505564][ T7127] loop0: detected capacity change from 0 to 512
[  116.515921][   T29] audit: type=1400 audit(1751024197.898:6627): avc:  denied  { create } for  pid=7121 comm="syz.4.1158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  116.534843][ T7127] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  116.541787][   T29] audit: type=1400 audit(1751024197.898:6628): avc:  denied  { write } for  pid=7121 comm="syz.4.1158" name="event2" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  116.541824][   T29] audit: type=1400 audit(1751024197.898:6629): avc:  denied  { ioctl } for  pid=7121 comm="syz.4.1158" path="/dev/input/event0" dev="devtmpfs" ino=242 ioctlcmd=0x4593 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  116.549762][ T7127] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002]
[  116.573349][   T29] audit: type=1326 audit(1751024197.958:6630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7125 comm="syz.3.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f2ff5fde929 code=0x7ffc0000
[  116.631255][ T7127] EXT4-fs (loop0): orphan cleanup on readonly fs
[  116.637801][ T7127] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #13: comm syz.0.1159: iget: bad i_size value: 12154761577498
[  116.651367][ T7127] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.1159: couldn't read orphan inode 13 (err -117)
[  116.689581][ T7127] EXT4-fs warning (device loop0): dx_probe:861: inode #2: comm syz.0.1159: dx entry: limit 65535 != root limit 120
[  116.701845][ T7127] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.1159: Corrupt directory, running e2fsck is recommended
[  116.746757][   T29] audit: type=1326 audit(1751024198.178:6631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7137 comm="syz.4.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa191e0e929 code=0x7ffc0000
[  116.778146][   T29] audit: type=1326 audit(1751024198.208:6632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7137 comm="syz.4.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa191e0e929 code=0x7ffc0000
[  116.798990][ T7136] loop0: detected capacity change from 0 to 2048
[  116.801949][   T29] audit: type=1326 audit(1751024198.208:6633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7137 comm="syz.4.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa191e0e929 code=0x7ffc0000
[  116.831872][   T29] audit: type=1326 audit(1751024198.208:6634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7137 comm="syz.4.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa191e0e929 code=0x7ffc0000
[  116.859830][ T7136]  loop0: p1 < > p4
[  116.864366][ T7136] loop0: p4 size 8388608 extends beyond EOD, truncated
[  116.911408][ T7142] xt_hashlimit: max too large, truncated to 1048576
[  116.921371][ T7142] loop0: detected capacity change from 0 to 128
[  117.011147][ T7146] xt_hashlimit: max too large, truncated to 1048576
[  117.017894][ T7151] loop4: detected capacity change from 0 to 128
[  117.052800][ T7151] netdevsim netdevsim4: Direct firmware load for À
 failed with error -2
[  117.066343][ T7156] loop2: detected capacity change from 0 to 512
[  117.083671][ T7156] journal_path: Lookup failure for './file0'
[  117.089836][ T7156] EXT4-fs: error: could not find journal device path
[  117.101505][ T7160] xt_hashlimit: max too large, truncated to 1048576
[  117.124082][ T7160] loop1: detected capacity change from 0 to 128
[  117.188829][ T7174] hsr_slave_0: left promiscuous mode
[  117.195094][ T7174] hsr_slave_1: left promiscuous mode
[  117.206538][ T7175] loop3: detected capacity change from 0 to 1024
[  117.213684][ T7175] EXT4-fs: Ignoring removed oldalloc option
[  117.219764][ T7175] EXT4-fs: Ignoring removed orlov option
[  117.225468][ T7175] EXT4-fs: Ignoring removed oldalloc option
[  117.231478][ T7175] EXT4-fs: Ignoring removed nomblk_io_submit option
[  117.254434][ T7181] loop0: detected capacity change from 0 to 512
[  117.283865][ T7176] loop1: detected capacity change from 0 to 8192
[  117.292736][ T7181] ext4 filesystem being mounted at /245/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  117.328884][ T7176]  loop1: p1 p2 p4 < >
[  117.333105][ T7176] loop1: p1 start 4261412873 is beyond EOD, truncated
[  117.340037][ T7176] loop1: p2 start 4009754624 is beyond EOD, truncated
[  117.663962][ T7207] FAULT_INJECTION: forcing a failure.
[  117.663962][ T7207] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  117.677324][ T7207] CPU: 0 UID: 0 PID: 7207 Comm: syz.1.1184 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  117.677361][ T7207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  117.677377][ T7207] Call Trace:
[  117.677387][ T7207]  <TASK>
[  117.677397][ T7207]  __dump_stack+0x1d/0x30
[  117.677425][ T7207]  dump_stack_lvl+0xe8/0x140
[  117.677493][ T7207]  dump_stack+0x15/0x1b
[  117.677515][ T7207]  should_fail_ex+0x265/0x280
[  117.677578][ T7207]  should_fail+0xb/0x20
[  117.677692][ T7207]  should_fail_usercopy+0x1a/0x20
[  117.677734][ T7207]  _copy_from_user+0x1c/0xb0
[  117.677766][ T7207]  __x64_sys_rt_sigsuspend+0x70/0xe0
[  117.677881][ T7207]  x64_sys_call+0x1ba8/0x2fb0
[  117.677917][ T7207]  do_syscall_64+0xd2/0x200
[  117.678027][ T7207]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  117.678061][ T7207]  ? clear_bhb_loop+0x40/0x90
[  117.678088][ T7207]  ? clear_bhb_loop+0x40/0x90
[  117.678127][ T7207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.678152][ T7207] RIP: 0033:0x7f57d05ce929
[  117.678169][ T7207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.678191][ T7207] RSP: 002b:00007f57cec37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000082
[  117.678216][ T7207] RAX: ffffffffffffffda RBX: 00007f57d07f5fa0 RCX: 00007f57d05ce929
[  117.678249][ T7207] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 00002000000002c0
[  117.678264][ T7207] RBP: 00007f57cec37090 R08: 0000000000000000 R09: 0000000000000000
[  117.678278][ T7207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  117.678293][ T7207] R13: 0000000000000000 R14: 00007f57d07f5fa0 R15: 00007ffec9904e28
[  117.678318][ T7207]  </TASK>
[  117.892521][ T7248] loop0: detected capacity change from 0 to 512
[  117.906253][ T7248] journal_path: Lookup failure for './file0'
[  117.912612][ T7248] EXT4-fs: error: could not find journal device path
[  117.946594][ T7254] loop1: detected capacity change from 0 to 1024
[  117.961693][ T7254] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1187: Failed to acquire dquot type 0
[  117.995368][ T7254] EXT4-fs (loop1): 1 truncate cleaned up
[  118.018072][ T7262] loop3: detected capacity change from 0 to 2048
[  118.025376][ T7254] siw: device registration error -23
[  118.059214][ T7262]  loop3: p1 < > p4
[  118.063781][ T7262] loop3: p4 size 8388608 extends beyond EOD, truncated
[  118.085360][ T7269] lo speed is unknown, defaulting to 1000
[  118.197977][ T7287] FAULT_INJECTION: forcing a failure.
[  118.197977][ T7287] name failslab, interval 1, probability 0, space 0, times 0
[  118.210721][ T7287] CPU: 1 UID: 0 PID: 7287 Comm: syz.3.1195 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  118.210750][ T7287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  118.210763][ T7287] Call Trace:
[  118.210769][ T7287]  <TASK>
[  118.210776][ T7287]  __dump_stack+0x1d/0x30
[  118.210806][ T7287]  dump_stack_lvl+0xe8/0x140
[  118.210827][ T7287]  dump_stack+0x15/0x1b
[  118.210843][ T7287]  should_fail_ex+0x265/0x280
[  118.210881][ T7287]  should_failslab+0x8c/0xb0
[  118.210905][ T7287]  kmem_cache_alloc_noprof+0x50/0x310
[  118.210932][ T7287]  ? vm_area_dup+0x33/0x2c0
[  118.210965][ T7287]  vm_area_dup+0x33/0x2c0
[  118.211000][ T7287]  __split_vma+0xe9/0x650
[  118.211028][ T7287]  ? mas_find+0x4ea/0x610
[  118.211046][ T7287]  vms_gather_munmap_vmas+0x2a5/0x7a0
[  118.211078][ T7287]  do_vmi_align_munmap+0x1a4/0x3d0
[  118.211122][ T7287]  do_vmi_munmap+0x1db/0x220
[  118.211151][ T7287]  mremap_to+0x305/0x540
[  118.211182][ T7287]  __se_sys_mremap+0x549/0x6f0
[  118.211215][ T7287]  ? ksys_write+0x192/0x1a0
[  118.211254][ T7287]  __x64_sys_mremap+0x67/0x80
[  118.211288][ T7287]  x64_sys_call+0x2ba9/0x2fb0
[  118.211314][ T7287]  do_syscall_64+0xd2/0x200
[  118.211336][ T7287]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  118.211363][ T7287]  ? clear_bhb_loop+0x40/0x90
[  118.211383][ T7287]  ? clear_bhb_loop+0x40/0x90
[  118.211404][ T7287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.211425][ T7287] RIP: 0033:0x7f2ff5fde929
[  118.211444][ T7287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.211463][ T7287] RSP: 002b:00007f2ff4647038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  118.211481][ T7287] RAX: ffffffffffffffda RBX: 00007f2ff6205fa0 RCX: 00007f2ff5fde929
[  118.211493][ T7287] RDX: 0000000000200000 RSI: 0000000000600600 RDI: 0000200000000000
[  118.211508][ T7287] RBP: 00007f2ff4647090 R08: 0000200000a00000 R09: 0000000000000000
[  118.211524][ T7287] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000002
[  118.211538][ T7287] R13: 0000000000000000 R14: 00007f2ff6205fa0 R15: 00007ffed1b2a6b8
[  118.211564][ T7287]  </TASK>
[  118.218118][ T7290] loop2: detected capacity change from 0 to 1024
[  118.261905][ T7293] loop4: detected capacity change from 0 to 1024
[  118.294716][ T7290] EXT4-fs: Ignoring removed nobh option
[  118.299245][ T7293] EXT4-fs: Ignoring removed nobh option
[  118.317440][ T7290] EXT4-fs: Ignoring removed oldalloc option
[  118.326387][ T7293] EXT4-fs: Ignoring removed oldalloc option
[  118.362887][ T7297] loop3: detected capacity change from 0 to 512
[  118.416218][ T7294] lo speed is unknown, defaulting to 1000
[  118.423760][ T7297] journal_path: Lookup failure for './file0'
[  118.488673][ T7297] EXT4-fs: error: could not find journal device path
[  118.620917][ T7315] FAULT_INJECTION: forcing a failure.
[  118.620917][ T7315] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  118.634113][ T7315] CPU: 0 UID: 0 PID: 7315 Comm: syz.4.1200 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  118.634142][ T7315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  118.634159][ T7315] Call Trace:
[  118.634167][ T7315]  <TASK>
[  118.634200][ T7315]  __dump_stack+0x1d/0x30
[  118.634254][ T7315]  dump_stack_lvl+0xe8/0x140
[  118.634274][ T7315]  dump_stack+0x15/0x1b
[  118.634293][ T7315]  should_fail_ex+0x265/0x280
[  118.634386][ T7315]  should_fail+0xb/0x20
[  118.634416][ T7315]  should_fail_usercopy+0x1a/0x20
[  118.634517][ T7315]  _copy_to_user+0x20/0xa0
[  118.634543][ T7315]  simple_read_from_buffer+0xb5/0x130
[  118.634575][ T7315]  proc_fail_nth_read+0x100/0x140
[  118.634617][ T7315]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  118.634717][ T7315]  vfs_read+0x1a0/0x6f0
[  118.634811][ T7315]  ? __rcu_read_unlock+0x4f/0x70
[  118.634835][ T7315]  ? __fget_files+0x184/0x1c0
[  118.634862][ T7315]  ksys_read+0xda/0x1a0
[  118.634900][ T7315]  __x64_sys_read+0x40/0x50
[  118.634936][ T7315]  x64_sys_call+0x2d77/0x2fb0
[  118.634970][ T7315]  do_syscall_64+0xd2/0x200
[  118.634987][ T7315]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  118.635062][ T7315]  ? clear_bhb_loop+0x40/0x90
[  118.635083][ T7315]  ? clear_bhb_loop+0x40/0x90
[  118.635105][ T7315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.635133][ T7315] RIP: 0033:0x7fa191e0d33c
[  118.635223][ T7315] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  118.635247][ T7315] RSP: 002b:00007fa190456030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  118.635270][ T7315] RAX: ffffffffffffffda RBX: 00007fa192036080 RCX: 00007fa191e0d33c
[  118.635284][ T7315] RDX: 000000000000000f RSI: 00007fa1904560a0 RDI: 0000000000000003
[  118.635297][ T7315] RBP: 00007fa190456090 R08: 0000000000000000 R09: 0000000000000000
[  118.635312][ T7315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.635404][ T7315] R13: 0000000000000000 R14: 00007fa192036080 R15: 00007ffd72c40328
[  118.635423][ T7315]  </TASK>
[  118.635502][ T7309] loop2: detected capacity change from 0 to 1024
[  118.878778][ T7309] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1201: Failed to acquire dquot type 0
[  118.899344][ T7309] EXT4-fs (loop2): 1 truncate cleaned up
[  118.958011][ T7336] loop1: detected capacity change from 0 to 2048
[  118.986242][ T7339] loop0: detected capacity change from 0 to 512
[  118.993405][ T7339] journal_path: Lookup failure for './file0'
[  118.999608][ T7339] EXT4-fs: error: could not find journal device path
[  119.008790][ T7336]  loop1: p1 < > p4
[  119.016433][ T7336] loop1: p4 size 8388608 extends beyond EOD, truncated
[  119.054866][ T7345] __nla_validate_parse: 5 callbacks suppressed
[  119.054885][ T7345] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1215'.
[  119.076800][ T7349] FAULT_INJECTION: forcing a failure.
[  119.076800][ T7349] name failslab, interval 1, probability 0, space 0, times 0
[  119.089555][ T7349] CPU: 1 UID: 0 PID: 7349 Comm: syz.0.1218 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  119.089584][ T7349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  119.089597][ T7349] Call Trace:
[  119.089603][ T7349]  <TASK>
[  119.089612][ T7349]  __dump_stack+0x1d/0x30
[  119.089635][ T7349]  dump_stack_lvl+0xe8/0x140
[  119.089687][ T7349]  dump_stack+0x15/0x1b
[  119.089706][ T7349]  should_fail_ex+0x265/0x280
[  119.089768][ T7349]  ? nft_netdev_hook_alloc+0x15e/0x340
[  119.089796][ T7349]  should_failslab+0x8c/0xb0
[  119.089822][ T7349]  __kmalloc_cache_noprof+0x4c/0x320
[  119.089882][ T7349]  nft_netdev_hook_alloc+0x15e/0x340
[  119.089910][ T7349]  nf_tables_parse_netdev_hooks+0xcf/0x570
[  119.089941][ T7349]  nft_flowtable_parse_hook+0x2c6/0x450
[  119.089980][ T7349]  ? nla_strcmp+0xc3/0xe0
[  119.090040][ T7349]  nf_tables_newflowtable+0x7d6/0x1200
[  119.090075][ T7349]  nfnetlink_rcv+0xb99/0x1690
[  119.090142][ T7349]  netlink_unicast+0x5a1/0x670
[  119.090267][ T7349]  netlink_sendmsg+0x58b/0x6b0
[  119.090291][ T7349]  ? __pfx_netlink_sendmsg+0x10/0x10
[  119.090314][ T7349]  __sock_sendmsg+0x142/0x180
[  119.090344][ T7349]  ____sys_sendmsg+0x31e/0x4e0
[  119.090417][ T7349]  ___sys_sendmsg+0x17b/0x1d0
[  119.090516][ T7349]  __x64_sys_sendmsg+0xd4/0x160
[  119.090619][ T7349]  x64_sys_call+0x2999/0x2fb0
[  119.090650][ T7349]  do_syscall_64+0xd2/0x200
[  119.090670][ T7349]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  119.090700][ T7349]  ? clear_bhb_loop+0x40/0x90
[  119.090766][ T7349]  ? clear_bhb_loop+0x40/0x90
[  119.090792][ T7349]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.090816][ T7349] RIP: 0033:0x7f21d08ae929
[  119.090833][ T7349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.090861][ T7349] RSP: 002b:00007f21cef17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  119.090934][ T7349] RAX: ffffffffffffffda RBX: 00007f21d0ad5fa0 RCX: 00007f21d08ae929
[  119.090947][ T7349] RDX: 0000000020008000 RSI: 0000200000000500 RDI: 0000000000000003
[  119.090961][ T7349] RBP: 00007f21cef17090 R08: 0000000000000000 R09: 0000000000000000
[  119.090974][ T7349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  119.090988][ T7349] R13: 0000000000000000 R14: 00007f21d0ad5fa0 R15: 00007fffeaa72ea8
[  119.091062][ T7349]  </TASK>
[  119.091553][ T7345] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1215'.
[  119.125511][ T7347] loop4: detected capacity change from 0 to 2048
[  119.181872][ T7355] loop1: detected capacity change from 0 to 512
[  119.353126][ T7342] lo speed is unknown, defaulting to 1000
[  119.360538][ T7355] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  119.368855][ T7355] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002]
[  119.377405][ T7356]  loop4: p1 < > p4
[  119.390404][ T7356] loop4: p4 size 8388608 extends beyond EOD, truncated
[  119.397875][ T7355] EXT4-fs (loop1): orphan cleanup on readonly fs
[  119.404842][ T7345] xt_CT: No such helper "pptp"
[  119.419280][ T7355] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #13: comm syz.1.1219: iget: bad i_size value: 12154761577498
[  119.426690][ T7347]  loop4: p1 < > p4
[  119.442413][ T7355] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.1219: couldn't read orphan inode 13 (err -117)
[  119.454511][ T7347] loop4: p4 size 8388608 extends beyond EOD, truncated
[  119.479864][ T7353] loop2: detected capacity change from 0 to 1024
[  119.486368][   T10] IPVS: starting estimator thread 0...
[  119.499296][ T7353] EXT4-fs: Ignoring removed nobh option
[  119.505025][ T7353] EXT4-fs: Ignoring removed bh option
[  119.578648][ T7363] IPVS: using max 2304 ests per chain, 115200 per kthread
[  119.589172][ T7368] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=86 sclass=netlink_tcpdiag_socket pid=7368 comm=syz.0.1223
[  119.641126][ T7388] FAULT_INJECTION: forcing a failure.
[  119.641126][ T7388] name failslab, interval 1, probability 0, space 0, times 0
[  119.653949][ T7388] CPU: 1 UID: 0 PID: 7388 Comm: syz.3.1228 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  119.653984][ T7388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  119.654000][ T7388] Call Trace:
[  119.654009][ T7388]  <TASK>
[  119.654017][ T7388]  __dump_stack+0x1d/0x30
[  119.654043][ T7388]  dump_stack_lvl+0xe8/0x140
[  119.654068][ T7388]  dump_stack+0x15/0x1b
[  119.654089][ T7388]  should_fail_ex+0x265/0x280
[  119.654128][ T7388]  should_failslab+0x8c/0xb0
[  119.654156][ T7388]  kmem_cache_alloc_noprof+0x50/0x310
[  119.654181][ T7388]  ? vm_area_dup+0x33/0x2c0
[  119.654209][ T7388]  vm_area_dup+0x33/0x2c0
[  119.654235][ T7388]  __split_vma+0xe9/0x650
[  119.654259][ T7388]  ? mas_find+0x4ea/0x610
[  119.654276][ T7388]  vms_gather_munmap_vmas+0x2a5/0x7a0
[  119.654303][ T7388]  do_vmi_align_munmap+0x1a4/0x3d0
[  119.654333][ T7388]  do_vmi_munmap+0x1db/0x220
[  119.654354][ T7388]  mremap_to+0x305/0x540
[  119.654382][ T7388]  __se_sys_mremap+0x549/0x6f0
[  119.654411][ T7388]  ? ksys_write+0x192/0x1a0
[  119.654440][ T7388]  __x64_sys_mremap+0x67/0x80
[  119.654462][ T7388]  x64_sys_call+0x2ba9/0x2fb0
[  119.654480][ T7388]  do_syscall_64+0xd2/0x200
[  119.654495][ T7388]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  119.654518][ T7388]  ? clear_bhb_loop+0x40/0x90
[  119.654536][ T7388]  ? clear_bhb_loop+0x40/0x90
[  119.654554][ T7388]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.654572][ T7388] RIP: 0033:0x7f2ff5fde929
[  119.654585][ T7388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.654600][ T7388] RSP: 002b:00007f2ff4647038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  119.654616][ T7388] RAX: ffffffffffffffda RBX: 00007f2ff6205fa0 RCX: 00007f2ff5fde929
[  119.654627][ T7388] RDX: 0000000000200000 RSI: 0000000000600600 RDI: 0000200000000000
[  119.654637][ T7388] RBP: 00007f2ff4647090 R08: 0000200000a00000 R09: 0000000000000000
[  119.654647][ T7388] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000002
[  119.654657][ T7388] R13: 0000000000000000 R14: 00007f2ff6205fa0 R15: 00007ffed1b2a6b8
[  119.654684][ T7388]  </TASK>
[  119.885372][ T7391] loop1: detected capacity change from 0 to 2048
[  119.895451][ T7393] loop3: detected capacity change from 0 to 256
[  119.919592][ T7391]  loop1: p1 < > p4
[  119.923995][ T7391] loop1: p4 size 8388608 extends beyond EOD, truncated
[  119.928985][ T7397] loop4: detected capacity change from 0 to 512
[  119.938762][ T7397] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  119.946740][ T7397] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002]
[  119.955368][ T7397] EXT4-fs (loop4): orphan cleanup on readonly fs
[  119.961959][ T7397] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #13: comm syz.4.1232: iget: bad i_size value: 12154761577498
[  119.975148][ T7397] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.1232: couldn't read orphan inode 13 (err -117)
[  119.993115][   T36] IPVS: starting estimator thread 0...
[  120.061029][ T7405] lo speed is unknown, defaulting to 1000
[  120.088758][ T7401] IPVS: using max 1920 ests per chain, 96000 per kthread
[  120.192189][ T7420] loop4: detected capacity change from 0 to 512
[  120.276386][ T7409] loop3: detected capacity change from 0 to 2048
[  120.278701][ T7420] ext4 filesystem being mounted at /224/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  120.288014][ T7409] EXT4-fs: Ignoring removed mblk_io_submit option
[  120.300849][ T7423] FAULT_INJECTION: forcing a failure.
[  120.300849][ T7423] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  120.314291][ T7423] CPU: 0 UID: 0 PID: 7423 Comm: syz.2.1241 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  120.314342][ T7423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  120.314359][ T7423] Call Trace:
[  120.314367][ T7423]  <TASK>
[  120.314378][ T7423]  __dump_stack+0x1d/0x30
[  120.314428][ T7423]  dump_stack_lvl+0xe8/0x140
[  120.314453][ T7423]  dump_stack+0x15/0x1b
[  120.314568][ T7423]  should_fail_ex+0x265/0x280
[  120.314613][ T7423]  should_fail+0xb/0x20
[  120.314647][ T7423]  should_fail_usercopy+0x1a/0x20
[  120.314685][ T7423]  fpu__restore_sig+0x12d/0xaa0
[  120.314732][ T7423]  ? common_interrupt+0x13/0x90
[  120.314850][ T7423]  ? should_fail_ex+0xdb/0x280
[  120.314948][ T7423]  __ia32_sys_rt_sigreturn+0x29f/0x350
[  120.314986][ T7423]  x64_sys_call+0x2e8a/0x2fb0
[  120.315011][ T7423]  do_syscall_64+0xd2/0x200
[  120.315034][ T7423]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  120.315151][ T7423]  ? clear_bhb_loop+0x40/0x90
[  120.315179][ T7423]  ? clear_bhb_loop+0x40/0x90
[  120.315208][ T7423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.315257][ T7423] RIP: 0033:0x7f48bac3e927
[  120.315275][ T7423] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  120.315296][ T7423] RSP: 002b:00007f48b92a7038 EFLAGS: 00000246
[  120.315330][ T7423] RAX: 0000000000000000 RBX: 00007f48bae65fa0 RCX: 00007f48bac3e929
[  120.315342][ T7423] RDX: 0000000000000053 RSI: 0000200000000700 RDI: 0000000000000003
[  120.315354][ T7423] RBP: 00007f48b92a7090 R08: 0000000000000000 R09: 0000000000000000
[  120.315454][ T7423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  120.315470][ T7423] R13: 0000000000000000 R14: 00007f48bae65fa0 R15: 00007ffc8a49bd88
[  120.315496][ T7423]  </TASK>
[  120.540123][ T7434] loop0: detected capacity change from 0 to 512
[  120.559127][   T36] Process accounting resumed
[  120.571224][   T51] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 234: padding at end of block bitmap is not set
[  120.586146][   T51] EXT4-fs (loop3): Remounting filesystem read-only
[  120.608822][ T7434] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  120.616781][ T7434] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002]
[  120.643910][ T7420] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm syz.4.1239: corrupted inode contents
[  120.669826][ T7434] EXT4-fs (loop0): orphan cleanup on readonly fs
[  120.673390][ T7442] loop2: detected capacity change from 0 to 256
[  120.685131][ T7434] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #13: comm syz.0.1244: iget: bad i_size value: 12154761577498
[  120.699548][ T7434] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.1244: couldn't read orphan inode 13 (err -117)
[  120.719679][ T7420] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #18: comm syz.4.1239: mark_inode_dirty error
[  120.741965][   T36] IPVS: starting estimator thread 0...
[  120.752569][ T7420] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm syz.4.1239: corrupted inode contents
[  120.783600][ T7420] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #18: comm syz.4.1239: mark_inode_dirty error
[  120.798513][ T7420] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #18: comm syz.4.1239: mark inode dirty (error -117)
[  120.802169][ T7449] FAULT_INJECTION: forcing a failure.
[  120.802169][ T7449] name failslab, interval 1, probability 0, space 0, times 0
[  120.812215][ T7420] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  120.823998][ T7449] CPU: 0 UID: 0 PID: 7449 Comm: syz.3.1250 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  120.824036][ T7449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  120.824049][ T7449] Call Trace:
[  120.824057][ T7449]  <TASK>
[  120.824067][ T7449]  __dump_stack+0x1d/0x30
[  120.824093][ T7449]  dump_stack_lvl+0xe8/0x140
[  120.824119][ T7449]  dump_stack+0x15/0x1b
[  120.824218][ T7449]  should_fail_ex+0x265/0x280
[  120.824328][ T7449]  should_failslab+0x8c/0xb0
[  120.824363][ T7449]  kmem_cache_alloc_node_noprof+0x57/0x320
[  120.824418][ T7449]  ? __alloc_skb+0x101/0x320
[  120.824462][ T7449]  __alloc_skb+0x101/0x320
[  120.824595][ T7449]  netlink_ack+0xfd/0x500
[  120.824640][ T7449]  ? __pfx_ieee802154_set_macparams+0x10/0x10
[  120.824700][ T7449]  netlink_rcv_skb+0x192/0x220
[  120.824815][ T7449]  ? __pfx_genl_rcv_msg+0x10/0x10
[  120.824858][ T7449]  genl_rcv+0x28/0x40
[  120.824918][ T7449]  netlink_unicast+0x5a1/0x670
[  120.824964][ T7449]  netlink_sendmsg+0x58b/0x6b0
[  120.825013][ T7449]  ? __pfx_netlink_sendmsg+0x10/0x10
[  120.825041][ T7449]  __sock_sendmsg+0x142/0x180
[  120.825076][ T7449]  ____sys_sendmsg+0x31e/0x4e0
[  120.825130][ T7449]  ___sys_sendmsg+0x17b/0x1d0
[  120.825241][ T7449]  __x64_sys_sendmsg+0xd4/0x160
[  120.825310][ T7449]  x64_sys_call+0x2999/0x2fb0
[  120.825347][ T7449]  do_syscall_64+0xd2/0x200
[  120.825372][ T7449]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  120.825462][ T7449]  ? clear_bhb_loop+0x40/0x90
[  120.825493][ T7449]  ? clear_bhb_loop+0x40/0x90
[  120.825523][ T7449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.825555][ T7449] RIP: 0033:0x7f2ff5fde929
[  120.825606][ T7449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.825632][ T7449] RSP: 002b:00007f2ff4647038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  120.825659][ T7449] RAX: ffffffffffffffda RBX: 00007f2ff6205fa0 RCX: 00007f2ff5fde929
[  120.825678][ T7449] RDX: 000000000804c090 RSI: 0000200000000140 RDI: 0000000000000004
[  120.825695][ T7449] RBP: 00007f2ff4647090 R08: 0000000000000000 R09: 0000000000000000
[  120.825729][ T7449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.825818][ T7449] R13: 0000000000000000 R14: 00007f2ff6205fa0 R15: 00007ffed1b2a6b8
[  120.825848][ T7449]  </TASK>
[  120.998732][ T7443] IPVS: using max 2352 ests per chain, 117600 per kthread
[  121.082867][ T7447] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1249'.
[  121.099485][ T7447] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1249'.
[  121.134828][ T7456] loop1: detected capacity change from 0 to 1024
[  121.143908][ T7447] xt_hashlimit: max too large, truncated to 1048576
[  121.147740][ T7458] FAULT_INJECTION: forcing a failure.
[  121.147740][ T7458] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  121.163938][ T7458] CPU: 0 UID: 0 PID: 7458 Comm: syz.3.1254 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  121.163969][ T7458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  121.164013][ T7458] Call Trace:
[  121.164021][ T7458]  <TASK>
[  121.164030][ T7458]  __dump_stack+0x1d/0x30
[  121.164051][ T7458]  dump_stack_lvl+0xe8/0x140
[  121.164070][ T7458]  dump_stack+0x15/0x1b
[  121.164132][ T7458]  should_fail_ex+0x265/0x280
[  121.164171][ T7458]  should_fail+0xb/0x20
[  121.164201][ T7458]  should_fail_usercopy+0x1a/0x20
[  121.164261][ T7458]  _copy_from_iter+0xcf/0xe40
[  121.164301][ T7458]  ? rep_movs_alternative+0x4a/0x90
[  121.164352][ T7458]  ? _copy_from_iter+0x16d/0xe40
[  121.164391][ T7458]  copy_page_from_iter+0x178/0x2a0
[  121.164470][ T7458]  skb_copy_datagram_from_iter+0x232/0x490
[  121.164504][ T7458]  unix_stream_sendmsg+0x45e/0x8e0
[  121.164554][ T7458]  ? __pfx_unix_stream_sendmsg+0x10/0x10
[  121.164580][ T7458]  __sock_sendmsg+0x142/0x180
[  121.164653][ T7458]  ____sys_sendmsg+0x31e/0x4e0
[  121.164780][ T7458]  ___sys_sendmsg+0x17b/0x1d0
[  121.164834][ T7458]  __x64_sys_sendmsg+0xd4/0x160
[  121.164936][ T7458]  x64_sys_call+0x2999/0x2fb0
[  121.164963][ T7458]  do_syscall_64+0xd2/0x200
[  121.164986][ T7458]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  121.165025][ T7458]  ? clear_bhb_loop+0x40/0x90
[  121.165069][ T7458]  ? clear_bhb_loop+0x40/0x90
[  121.165170][ T7458]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.165263][ T7458] RIP: 0033:0x7f2ff5fde929
[  121.165284][ T7458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.165306][ T7458] RSP: 002b:00007f2ff4647038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  121.165329][ T7458] RAX: ffffffffffffffda RBX: 00007f2ff6205fa0 RCX: 00007f2ff5fde929
[  121.165345][ T7458] RDX: 0000000000000003 RSI: 0000200000000980 RDI: 0000000000000003
[  121.165428][ T7458] RBP: 00007f2ff4647090 R08: 0000000000000000 R09: 0000000000000000
[  121.165452][ T7458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  121.165467][ T7458] R13: 0000000000000000 R14: 00007f2ff6205fa0 R15: 00007ffed1b2a6b8
[  121.165496][ T7458]  </TASK>
[  121.489058][ T7456] __quota_error: 274 callbacks suppressed
[  121.489073][ T7456] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0
[  121.505250][ T7456] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  121.514902][ T7456] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1252: Failed to acquire dquot type 0
[  121.526151][ T7462] net_ratelimit: 44 callbacks suppressed
[  121.526167][ T7462] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  121.581486][   T29] audit: type=1326 audit(1751024203.018:6905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7469 comm="syz.3.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff5fde929 code=0x7ffc0000
[  121.609189][ T7456] EXT4-fs (loop1): 1 truncate cleaned up
[  121.625200][   T29] audit: type=1326 audit(1751024203.038:6906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7469 comm="syz.3.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ff5fde929 code=0x7ffc0000
[  121.649116][   T29] audit: type=1326 audit(1751024203.038:6907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7469 comm="syz.3.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff5fde929 code=0x7ffc0000
[  121.649154][   T29] audit: type=1326 audit(1751024203.038:6908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7469 comm="syz.3.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ff5fde929 code=0x7ffc0000
[  121.649187][   T29] audit: type=1326 audit(1751024203.038:6909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7469 comm="syz.3.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff5fde929 code=0x7ffc0000
[  121.649225][   T29] audit: type=1326 audit(1751024203.038:6910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7469 comm="syz.3.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ff5fde929 code=0x7ffc0000
[  121.649326][   T29] audit: type=1326 audit(1751024203.038:6911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7469 comm="syz.3.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff5fde929 code=0x7ffc0000
[  121.649424][   T29] audit: type=1326 audit(1751024203.038:6912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7469 comm="syz.3.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f2ff5fde929 code=0x7ffc0000
[  121.679396][ T7456] siw: device registration error -23
[  121.702792][ T7468] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1256'.
[  121.785296][ T7476] loop4: detected capacity change from 0 to 2048
[  121.890902][ T7467] ±ÿ: renamed from batadv_slave_1
[  121.891182][ T7476]  loop4: p1 < > p4
[  121.893884][ T7476] loop4: p4 size 8388608 extends beyond EOD, truncated
[  121.968757][ T7487] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  122.167715][ T7504] loop1: detected capacity change from 0 to 256
[  122.192811][ T7509] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1270'.
[  122.231304][ T7508] lo speed is unknown, defaulting to 1000
[  122.269027][ T7512] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1267'.
[  122.359894][ T7514] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1276'.
[  122.455579][ T7528] loop1: detected capacity change from 0 to 512
[  122.492086][ T7528] journal_path: Lookup failure for './file0'
[  122.498261][ T7528] EXT4-fs: error: could not find journal device path
[  122.777584][ T7530] ±ÿ: renamed from batadv_slave_1
[  122.860611][ T7545] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1285'.
[  122.988271][ T7558] loop0: detected capacity change from 0 to 512
[  122.995421][ T7558] journal_path: Lookup failure for './file0'
[  123.001772][ T7558] EXT4-fs: error: could not find journal device path
[  123.012547][ T7549] loop1: detected capacity change from 0 to 512
[  123.019550][ T7549] EXT4-fs: Ignoring removed nomblk_io_submit option
[  123.028778][ T7549] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  123.043644][ T7565] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1294'.
[  123.055196][ T7563] support for cryptoloop has been removed.  Use dm-crypt instead.
[  123.057309][ T7549] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  123.084008][ T7568] loop0: detected capacity change from 0 to 1024
[  123.088758][ T7549] EXT4-fs (loop1): 1 truncate cleaned up
[  123.096762][ T7565] loop2: detected capacity change from 0 to 512
[  123.103187][ T7563] loop4: detected capacity change from 0 to 512
[  123.110339][ T7568] EXT4-fs: Ignoring removed nobh option
[  123.116071][ T7568] EXT4-fs: Ignoring removed oldalloc option
[  123.125358][ T7565] EXT4-fs (loop2): 1 orphan inode deleted
[  123.134378][ T7563] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  123.149472][   T31] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  123.150337][ T7565] ext4 filesystem being mounted at /280/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.172197][ T7563] EXT4-fs (loop4): mount failed
[  123.225038][ T7582] loop3: detected capacity change from 0 to 2048
[  123.249003][ T7582]  loop3: p1 < > p4
[  123.258916][ T7582] loop3: p4 size 8388608 extends beyond EOD, truncated
[  123.302381][ T7584] xt_hashlimit: max too large, truncated to 1048576
[  123.410574][ T7594] lo speed is unknown, defaulting to 1000
[  123.439332][ T7601] FAULT_INJECTION: forcing a failure.
[  123.439332][ T7601] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.452781][ T7601] CPU: 1 UID: 0 PID: 7601 Comm: syz.1.1307 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  123.452816][ T7601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  123.452870][ T7601] Call Trace:
[  123.452878][ T7601]  <TASK>
[  123.452894][ T7601]  __dump_stack+0x1d/0x30
[  123.452917][ T7601]  dump_stack_lvl+0xe8/0x140
[  123.452943][ T7601]  dump_stack+0x15/0x1b
[  123.452971][ T7601]  should_fail_ex+0x265/0x280
[  123.453020][ T7601]  should_fail+0xb/0x20
[  123.453064][ T7601]  should_fail_usercopy+0x1a/0x20
[  123.453250][ T7601]  _copy_to_user+0x20/0xa0
[  123.453277][ T7601]  simple_read_from_buffer+0xb5/0x130
[  123.453326][ T7601]  proc_fail_nth_read+0x100/0x140
[  123.453412][ T7601]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  123.453462][ T7601]  vfs_read+0x1a0/0x6f0
[  123.453493][ T7601]  ? __rcu_read_unlock+0x4f/0x70
[  123.453579][ T7601]  ? __rcu_read_unlock+0x4f/0x70
[  123.453615][ T7601]  ? __fget_files+0x184/0x1c0
[  123.453639][ T7601]  ksys_read+0xda/0x1a0
[  123.453672][ T7601]  __x64_sys_read+0x40/0x50
[  123.453802][ T7601]  x64_sys_call+0x2d77/0x2fb0
[  123.453831][ T7601]  do_syscall_64+0xd2/0x200
[  123.453854][ T7601]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  123.454017][ T7601]  ? clear_bhb_loop+0x40/0x90
[  123.454045][ T7601]  ? clear_bhb_loop+0x40/0x90
[  123.454074][ T7601]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.454102][ T7601] RIP: 0033:0x7f57d05cd33c
[  123.454153][ T7601] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  123.454176][ T7601] RSP: 002b:00007f57cec37030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  123.454195][ T7601] RAX: ffffffffffffffda RBX: 00007f57d07f5fa0 RCX: 00007f57d05cd33c
[  123.454208][ T7601] RDX: 000000000000000f RSI: 00007f57cec370a0 RDI: 0000000000000003
[  123.454223][ T7601] RBP: 00007f57cec37090 R08: 0000000000000000 R09: 0000000000000000
[  123.454315][ T7601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.454327][ T7601] R13: 0000000000000000 R14: 00007f57d07f5fa0 R15: 00007ffec9904e28
[  123.454348][ T7601]  </TASK>
[  123.489688][ T7602] ±ÿ: renamed from batadv_slave_1
[  123.815331][ T7625] vlan0: entered allmulticast mode
[  123.838297][ T7626] loop0: detected capacity change from 0 to 1024
[  123.846401][ T7626] EXT4-fs: Ignoring removed bh option
[  123.918490][ T7639] xt_hashlimit: max too large, truncated to 1048576
[  123.941276][ T7638] xt_hashlimit: max too large, truncated to 1048576
[  123.984516][ T7624] loop1: detected capacity change from 0 to 512
[  123.991505][ T7624] EXT4-fs: dax option not supported
[  123.998629][ T7624] netlink: 'syz.1.1314': attribute type 13 has an invalid length.
[  124.044358][ T7650] loop3: detected capacity change from 0 to 512
[  124.053937][ T7650] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  124.086165][ T7650] ext4 filesystem being mounted at /274/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  124.150078][ T7658] loop1: detected capacity change from 0 to 256
[  124.180440][ T7665] ==================================================================
[  124.188593][ T7665] BUG: KCSAN: data-race in mas_state_walk / mas_wmb_replace
[  124.195923][ T7665] 
[  124.198265][ T7665] write to 0xffff888105727f00 of 8 bytes by task 7663 on cpu 0:
[  124.205906][ T7665]  mas_wmb_replace+0x4d3/0x14a0
[  124.210785][ T7665]  mas_wr_store_entry+0x1773/0x2b50
[  124.216023][ T7665]  mas_store_prealloc+0x74d/0x9e0
[  124.221164][ T7665]  vma_iter_store_new+0x1c5/0x200
[  124.226213][ T7665]  vma_complete+0x125/0x580
[  124.230740][ T7665]  __split_vma+0x591/0x650
[  124.235184][ T7665]  vma_modify+0x21e/0xc80
[  124.239537][ T7665]  vma_modify_flags+0x101/0x130
[  124.244419][ T7665]  mprotect_fixup+0x2cc/0x570
[  124.249148][ T7665]  do_mprotect_pkey+0x6d6/0x980
[  124.254024][ T7665]  __x64_sys_mprotect+0x48/0x60
[  124.258899][ T7665]  x64_sys_call+0x2794/0x2fb0
[  124.263603][ T7665]  do_syscall_64+0xd2/0x200
[  124.268210][ T7665]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.274209][ T7665] 
[  124.276630][ T7665] read to 0xffff888105727f00 of 8 bytes by task 7665 on cpu 1:
[  124.284275][ T7665]  mas_state_walk+0x485/0x650
[  124.289002][ T7665]  mas_walk+0x30/0x120
[  124.293094][ T7665]  lock_vma_under_rcu+0xa2/0x2f0
[  124.298146][ T7665]  do_user_addr_fault+0x233/0x1090
[  124.303291][ T7665]  exc_page_fault+0x62/0xa0
[  124.307817][ T7665]  asm_exc_page_fault+0x26/0x30
[  124.312699][ T7665] 
[  124.315033][ T7665] value changed: 0xffff888104222816 -> 0xffff888103ddbe16
[  124.322155][ T7665] 
[  124.324494][ T7665] Reported by Kernel Concurrency Sanitizer on:
[  124.330778][ T7665] CPU: 1 UID: 0 PID: 7665 Comm: syz.2.1330 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  124.343231][ T7665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  124.353308][ T7665] ==================================================================
[  124.365943][ T7670] FAULT_INJECTION: forcing a failure.
[  124.365943][ T7670] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  124.379192][ T7670] CPU: 0 UID: 0 PID: 7670 Comm: syz.3.1331 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  124.379238][ T7670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  124.379250][ T7670] Call Trace:
[  124.379257][ T7670]  <TASK>
[  124.379265][ T7670]  __dump_stack+0x1d/0x30
[  124.379288][ T7670]  dump_stack_lvl+0xe8/0x140
[  124.379312][ T7670]  dump_stack+0x15/0x1b
[  124.379356][ T7670]  should_fail_ex+0x265/0x280
[  124.379387][ T7670]  should_fail+0xb/0x20
[  124.379416][ T7670]  should_fail_usercopy+0x1a/0x20
[  124.379476][ T7670]  _copy_from_iter+0xcf/0xe40
[  124.379510][ T7670]  ? __build_skb_around+0x1a0/0x200
[  124.379546][ T7670]  ? __alloc_skb+0x223/0x320
[  124.379582][ T7670]  netlink_sendmsg+0x471/0x6b0
[  124.379644][ T7670]  ? __pfx_netlink_sendmsg+0x10/0x10
[  124.379663][ T7670]  __sock_sendmsg+0x142/0x180
[  124.379688][ T7670]  ____sys_sendmsg+0x31e/0x4e0
[  124.379731][ T7670]  ___sys_sendmsg+0x17b/0x1d0
[  124.379804][ T7670]  __x64_sys_sendmsg+0xd4/0x160
[  124.379842][ T7670]  x64_sys_call+0x2999/0x2fb0
[  124.379884][ T7670]  do_syscall_64+0xd2/0x200
[  124.379902][ T7670]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  124.379934][ T7670]  ? clear_bhb_loop+0x40/0x90
[  124.379991][ T7670]  ? clear_bhb_loop+0x40/0x90
[  124.380012][ T7670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.380033][ T7670] RIP: 0033:0x7f2ff5fde929
[  124.380048][ T7670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.380069][ T7670] RSP: 002b:00007f2ff4647038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  124.380136][ T7670] RAX: ffffffffffffffda RBX: 00007f2ff6205fa0 RCX: 00007f2ff5fde929
[  124.380149][ T7670] RDX: 0000000000000010 RSI: 0000200000000180 RDI: 0000000000000003
[  124.380162][ T7670] RBP: 00007f2ff4647090 R08: 0000000000000000 R09: 0000000000000000
[  124.380175][ T7670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  124.380196][ T7670] R13: 0000000000000000 R14: 00007f2ff6205fa0 R15: 00007ffed1b2a6b8
[  124.380218][ T7670]  </TASK>