last executing test programs:

1.577367986s ago: executing program 0 (id=2507):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)

1.387841698s ago: executing program 0 (id=2511):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0)

1.353038179s ago: executing program 0 (id=2515):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000000)='sys_enter\x00', r0, 0x0, 0x2}, 0x18)
semtimedop(0x0, &(0x7f00000005c0)=[{0x0, 0x1000, 0x1000}], 0x1, 0x0)

1.29191668s ago: executing program 0 (id=2518):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r0, 0x10c, 0x6, &(0x7f0000000000)=0x20b, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079109700000000007b0ae8ff000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x3f, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newlink={0x48, 0x10, 0x401, 0x0, 0x8000, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x10001}]}}}, @IFLA_MASTER={0x8, 0x3}]}, 0x48}, 0x1, 0xd}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000240)=ANY=[@ANYBLOB="240100001600010428bd700000000000fe8000000000000000000000000000bbfc01000000000000000000000000000100040000000000000000a00000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff02000000000000000000000000000100000000330000000a0101010000000000000000000000000000000000004e340100000000000000000000000000000004000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000a0000002bbd70000000000000000200000000000000000008000020ffffffdf2c0027cc"], 0x124}}, 0x0)
r5 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000080))
ioctl$PAGEMAP_SCAN(r5, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, &(0x7f00001c9000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000040)=[{0x3, 0xfffffffffffffffd}], 0x1, 0x0, 0x0, 0x0, 0x0, 0x2})
r6 = socket$key(0xf, 0x3, 0x2)
times(&(0x7f0000000380))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$key(r6, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="020300030f000000000700000000000005000900e000000001d78771b90bd8a3b4914783c58777003d5b9538a9d03e6e9bfdac550000000003000600000000000200000000000000000000000000000002000100000000000000020d000000000300050000000000020000"], 0x78}, 0x1, 0x7}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="05000000040100009900000001d46bc4a7b4a6bb5afcd53fa2d693fb8aa458e812fea9b9c9542699412c5a14ec97f377e6b4d42ce97cf2af85c70c2f70658628fea701e9806dd92ff3e309c1de8ef79ba80f61dc0da4d93391a40972fe2a71a406ab50ddac535d1687af0f74dcfa0764626fdde36c6aa9df373cb939990ccbcdacf8c252d283eb1ff043b0b701df19267ae5152ce2a71631aceb5dba853d93191881085217c61d2e6d31000000"], 0x48)
ioctl$PAGEMAP_SCAN(r5, 0xc0606610, &(0x7f00000001c0)={0x60, 0x3, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000226000/0x4000)=nil, 0x9, &(0x7f0000000180)=[{0x4, 0x7ff, 0x5}], 0x1, 0xfffffffffffffffe, 0x0, 0x70, 0x8, 0x7c})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r8}, 0x10)
faccessat2(0xffffffffffffffff, &(0x7f0000000040)='\x00', 0x1, 0x1300)

1.28270489s ago: executing program 2 (id=2519):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x8b6}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000300)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r1, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0)

1.174276652s ago: executing program 0 (id=2522):
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
syz_open_procfs(0x0, &(0x7f0000000440)='net/if_inet6\x00') (fail_nth: 14)

1.138147392s ago: executing program 2 (id=2523):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth0_to_bridge\x00', <r2=>0x0})
syz_io_uring_setup(0x10b, &(0x7f0000000580)={0x0, 0xd736, 0x80, 0x3, 0xbffffffa}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000340)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x80, 0x6000})
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r2, @ANYBLOB], 0x44}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000b80)=ANY=[@ANYBLOB="9feb01a663350018000000000000003400000034000000050000400b000000000000110200000001000000030000000000000904000000ffffffff000000120100000009000000000000080200000000305f6100f3a862f5dbb04d4a19489b450d6f4acb2b5d6ec3d433e1a60f6054e466e4a643a838b73a7176c7b2202ac4e8e46b82183b282427b6fd094ba1763b89ba074749281c30b1024b853ba7bcca18dcc85501ffe7d49135c7c425d11f7f53e067ed3fad5b8f50a779a3522cb5c2cab2e4a671ab8a9304aff2fad31cc5c18c8316c76f"], &(0x7f0000000480)=""/162, 0x51, 0xa2, 0x0, 0xfffffffd, 0x10000, @value}, 0x28)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006d616373656300000400038008000500", @ANYRES32], 0x3c}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', r2, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$evdev(0x0, 0x0, 0x802)
r6 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r7 = timerfd_create(0x0, 0x0)
readv(r7, &(0x7f00000003c0)=[{&(0x7f0000000000)=""/33, 0x21}], 0x1)

697.516259ms ago: executing program 4 (id=2531):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2, 0x0, 0x7}, 0x18)
bind$rds(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000200)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f00000007c0)=[@fadd={0x58, 0x114, 0x6, {{0x3, 0x7}, &(0x7f0000000180)=0x9, 0x0, 0x800029, 0x5, 0x6, 0x968, 0x20, 0xfffffffffffffff9}}], 0x58, 0x4804}, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)

693.513899ms ago: executing program 1 (id=2532):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r0, 0x10c, 0x6, &(0x7f0000000000)=0x20b, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079109700000000007b0ae8ff000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x3f, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newlink={0x48, 0x10, 0x401, 0x0, 0x8000, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x10001}]}}}, @IFLA_MASTER={0x8, 0x3}]}, 0x48}, 0x1, 0xd}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000240)=ANY=[@ANYBLOB="240100001600010428bd700000000000fe8000000000000000000000000000bbfc01000000000000000000000000000100040000000000000000a00000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff02000000000000000000000000000100000000330000000a0101010000000000000000000000000000000000004e340100000000000000000000000000000004000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000a0000002bbd70000000000000000200000000000000000008000020ffffffdf2c0027cc"], 0x124}}, 0x0)
r5 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000080))
ioctl$PAGEMAP_SCAN(r5, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, &(0x7f00001c9000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000040)=[{0x3, 0xfffffffffffffffd}], 0x1, 0x0, 0x0, 0x0, 0x0, 0x2})
r6 = socket$key(0xf, 0x3, 0x2)
times(&(0x7f0000000380))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$key(r6, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="020300030f000000000700000000000005000900e000000001d78771b90bd8a3b4914783c58777003d5b9538a9d03e6e9bfdac550000000003000600000000000200000000000000000000000000000002000100000000000000020d000000000300050000000000020000"], 0x78}, 0x1, 0x7}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="05000000040100009900000001d46bc4a7b4a6bb5afcd53fa2d693fb8aa458e812fea9b9c9542699412c5a14ec97f377e6b4d42ce97cf2af85c70c2f70658628fea701e9806dd92ff3e309c1de8ef79ba80f61dc0da4d93391a40972fe2a71a406ab50ddac535d1687af0f74dcfa0764626fdde36c6aa9df373cb939990ccbcdacf8c252d283eb1ff043b0b701df19267ae5152ce2a71631aceb5dba853d93191881085217c61d2e6d31000000"], 0x48)
ioctl$PAGEMAP_SCAN(r5, 0xc0606610, &(0x7f00000001c0)={0x60, 0x3, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000226000/0x4000)=nil, 0x9, &(0x7f0000000180)=[{0x4, 0x7ff, 0x5}], 0x1, 0xfffffffffffffffe, 0x0, 0x70, 0x8, 0x7c})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r8}, 0x10)
faccessat2(0xffffffffffffffff, &(0x7f0000000040)='\x00', 0x1, 0x1300)

509.915782ms ago: executing program 1 (id=2535):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)

479.101433ms ago: executing program 3 (id=2536):
mount$bpf(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x400408, &(0x7f0000000cc0)=ANY=[@ANYBLOB='uid='])
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f0000007500)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000140)="0ec09e297b", 0x5}], 0x1, &(0x7f0000000800)=[{0x100, 0x10c, 0xfffffff9, "1432faca3741df71e7f32d22b67fccef953f3d25163a634244a6790489232b00acc3ae7ff6bfc7d0e4d0eb9d639fb01e86b71ee05c71e2dea0f6354047b07873f1a85f6fbf6ea766fa88e3da83a3a32f8aa3d6001640680984476fae3b03fccbe1cefcf53ef65e6344ad1007238eeca437f85e9a67235a01a6a931a4e768ccb24ef1bef74eaf38c850cce158f8d53b605cf1dc83eaaa70cf4bf054665acb66feaa84b48c36bdc2546a7f61a8413609abe43f2d78838e1aba6bb31e1e1dc2ac2c69d6c7f8d5cc90be8adf449d68d735df03273c47f1167a32df1d9a193bef4d9ee17a21ca114bc31776d745d847"}, {0x1010, 0x10f, 0x5, "90300099071307109615b85532c7b5382c785e902ab063a559731c2cbbc428bee102c037fd27dc72d20ba93dc41d63ee6fe4a196b41bae06739fbdbebc936475115828fbb350d5dd4d754c9354417b3255e489063ce713ef2dcf00df54cdda80669ff031e283134fcbb26af5cee2c47cd8a839edd870bb3dacf0aeb5fb1ee55faa4783cdcbaa83a3b274b0aa7e0143d50a0da23e68f55342ca34cbfbbf93226e8c70e3e42f352ae6a3343b4ea2cf4826e62fe68ffe4dd6a6a4decadb05a0e283b335ab90d9b87da4933306ba0dfce27bb06dd37acbcc0c4f073f559da8dd1bf9e215b4cb5683d0ce8ea4133bf74e26718d3832c862caa1fe1afebab1c39ae7e57e3e7e28f27aa2a0065f3f0ebffe3aa79ae16af48490e59876d821465545d7271ae11860816a3f0b650f5b0a22f173d0606690b367ecb8b400ed07b2433cff1dee0db56e23144caa9856e9b36e2e8aa8c7d7e50a4736699ccedf3ec140c97c615f5f22c850837f000360c9cb1796ad4b675acd12e7624f03e40bef900c094507c17e213e77fc9bbbe9709e2eacbbe5b6437b3321316b5aa22969929107efe321750043e385196ec73473943aba2d3b88681454be67d2d95a70470a3c65e33752aa2e9e94cb014aa18772dbbf19fbff46c86046b3b468a521dc8c92a1213156e322599e77623399bf9ef8fe4ceb5716e34aaff60cc32bbf312a7f809725a1bef5bc7e8d98222d30a0a99eb346e8805d3c4ffea0266928844e85458cb7914d18f5124eff8812463c12014d9f191b22d696b1fa25b6c8589f1e0e8c4ba3fc396ba6b07e00a9ef573a57967a0fd2c38f001693c6528db58ce6be62bba3cddefb5c1ad9c870ed1d4e47ffb187347189f501a9dabdf04c79b328d974208c848f3f558e4e2791ca3ac3d5220e8d48b3ad70f7b5eb6214d65925030f5ba62e5ac11030f70e6b76e7710648a81776fde7d282223905ff077fca99099b963453e90894aea228584637417b22a40cdb3dd91e2a5f10fbe41b7704863ef6913628d7deff5aaa8e4b2e125d370b57958d3710a2640661f1c498076db67663f469f3bde00dc5a3542e932542ed12636566ce23666ec8a524a30e8be5f8d4d57f737ab8e6cb041072fb8e7adee6cd18818bff9ab373c9c962e6c9ca551f95435157ea47f7361cb9ab65c57b3999262dc222c742f122abf9dfe246637391565456512cd26dab747f5512ee4508582dec1da1c962cb18a2f7fb43bcf57e02e6bed7d2cd8ab6611c1c8bf21e71b6b8be8ee8d02baf760310b5f4dedbf8b7f278d51016408cf0ad8de5c2a1d138eaa6cf9b65445a9d884bb9f8cef476be1ddaa2178755373db14fe3819928c858034a9a0dfb60ff6a80b5e015fcf56b2e99917e07affb6b49e26431218e1c229274a04228663065d592c4b59d25c16c5f7eb8da35c0281e3e0085857c6134a71d21db7daad788a4adeb1b962eb8a8ecfaf81b4782aa6fa233069ec072d4c337d98c2f9a5c475a3394b4e511cc71b8ae43e28308aaa4142d21cb0a57eb23015d2cfeeede333c50a4d69f0e1a6768a17288a7f9ca51ad43b9ede4b01868786c7b6991a432fff309971553cae7c47df638586e8da6b231aa595ab0e40db546facbcf3bba14e80b77ece9ad8df7ce16b0a8e7c956d7cd1b347428e8e2aac134f588ca4ff1490f501fe9041bf1c421ac152f87c4d064325709113898e56692c03fe2940c64da549ebcc7c132b3f9bd3f8974420b2c240e2e88e48faad5432f3d8dc0a5f26fb48d95f8af18b9d91a1c84a3f37cb877af9ece958a26e6c2bbc4099ca8de66c761f1abbd10f1c022be8a7c69b472b72a7714de2b72ac4299bdbf87fedf2e761bc0545de849c15d66aebb56ef3b3c60cb262c92703111940e8f9f18a0cb0c7beddb9d37dc24cf86d26b48afbb08cbe27452d39d2f0d85e465b16e95fbc7b476b95c30b77b66205bac563d0b86f860616579b1736ec17ee058db59bf0c70173f3ba5283e31440dce7aad709b10c521eed1fe6640f6bfe420ca46a233dc2ce280f0839aefe277664b93dc89a47a58fc5ca6459f607cf256af8f701a339b5a37dff1bc82d3206bdd513bdd62d57d356096f323b1266c477e224fcf84af5dfa2bfbcaba0ddf5a375b93ba8b370e188677986a44c4a3d584a0c547bfdcbe55dbdd22871215e2293213729fbb8ab8805ac5b909dee847e3fac240a3a458b345c1b7bc51387374de95f26122afbab4f32d79bff4226f4fc8312b268e883dd87982afdda3f38c5cf745c3d54aacb56085ff49c455239bc6561a25540b4fcd7d57d929a6601e295c41ddf9a17b94691782f6c0cfbe3c07a05aae6cbf1c1e2a0143608490fcc1c00ba6027564f1254d116e4f539b47e64a3c6b5310172565d071f93cc30fcd053bb6e4cc5ef23a31af44a564d4db4b4131dda9d05b1763fb54f61fe4e9a08ea539a9f89146219653ed106bf3c9c585a4ee2d2d7b1cc15ff0235da14c711babdc2e281355f50b1a1de6355844c382d397d5415382203d3d7bbf2d96e3d668e27a94e48dd9a09189686bf2eddc9fad87ba691ef462caf8d8317cca9a14672a935d7ca50ea52d753a61e3e12787cde4e06066fb596e3fc7a551ec4774991fe87381b768ffe0eb0440ab0ce0cbf53a278d41c221e61e2b86910eb651086366102547ce59d747da481396cb3731c990541d75fd54ceed20935e3a1b68f7b06cdb8f1299efe91b0cd36ed8751a3c80c050b62854313cb89684f3913eeddd7acb4176e41d26613bd9e2836e158b7ac41f3761a0a36ac469b0c4a3a9c7aa0c5adb8e377bf9ac44ca2b076da007dbee7f454f193f18a76a76729efcef13fa818232056aade320723a4a966fcf8c3322c23b4219111d24e8f775bf52bd51c3613ac5b3066d87b8b8bacdb319c7203a85923f7cae82da11d6e4882f01a39b074d25bb916a0a8e8a8ad1b406d63a07f9fffbab5a4d4484e9ec8cc77d45be1141dc5383979eee3fc033b401fa52dd5f04cdeb31892d38258deda0a633c41d6962bca918c239a224eb54fa90cb411cc736acce1c6fee0e8fb25499887eec6b4911f9e986e18c90e9dbeac04f424219ee0e95706f61feff62622114419b5bacb1ef9cec5d634343844c77008ee030a9f1c3ed263f206411ab7441868fe43151eb6c64a46b80568bfde448be0a2c580dc149a1cd2a99ca3f1c535bb08a472698a14a3b73104211da4abfaae0da63c44901814ad41d79ebb5e94f7382526ffc3f418670e6d1094855c802f146eab0f10102f628361610f5374b318914d131af6ebe3f1e6f33cd21e72bd2a31c051e83efb406fb16ea41365837bb06a79313f7f997a846701656377c6d973ee198e29a2cf369869fd6562f742f934353f23f76120af6e7a4541304c21cb3668d312f9b300f563f5c579f7ca3c1184d1ff369fcbde6624a13f9afcd6bb39e57810ec2e0d04d7198c6cd6641f38c424a2a87f5942f6063a7b459e3e3b66862430d198247678d7de5d613eaa505656b6aa38720efe7fbfa2753376568336a82bc1ccfa37bfd891c36f4f889f553e0cbd2685169667376b8f90da9b9ab642e056f6884f9209cb2decafbc3c76b650b87774164cef40236defc1516935e09db4b8a4c64d5de12cbbb4b8f1e33aaebbf8d6ca20b8e59b8ab0e5103c44d8cefe38ffcb41b3ed2b749acbf64be4c0d3a8f954915bb010e97ea35892d1b54ee1a79aaf5503d03e3832dba6a82b3306854a0558fb3a1ea9fecef55a44b53dcc4b72de84d10070c07964c908926200295ded3f297efbd33d336375d7cfbeec1a90a2d4bea0125c9a304b7e65df66e47f45154a02a1fff5481f11229c51c5e6c5481b3bff74b25dad2f4332e4ed93e871b08435602e940de9fb0ca4926fd984d8dc9f1b966fb6ec83cb61da7c943c32573f7e5be1b459abb0ec50e8206bcd68519de2fca8b22ab948355820b29696ea7b90ec74f1ab103dfa5d18c4eca275f060af0b1838806219577e6c623053c367aa50a7d1cd21a319527c97f3060b60f74bea7d0084b77ce639c1a024cdc7b9d8f8da8433f4087fc42d673018420cfa6cf2758f93a762379804b1019340aa7a7060ad869ec2c48c03a43250a9da03c8bfc853156929c7a6492eba1e2178cba5b49130fe9b6fc1f42b77ac5d56affbcf442eac0b1760f9c0e4123873d3273663c241ae1c533f27e151cc33bacfd56744ca6c361e99382c3019a80755b98c99b728ee08414f612e98b9becddea1bd2a3ed424937bca9e33419db0eaf0709a57d9d15f04ee23fd859646b86221968bbc3f3909127953d402a077a8b5c37a748d3231878a52179f513173fc3e3b82ac0834c515d22700a5c34334a47324e7125de12050c6f5b1c260f26107d73e1ed773ca19ead108c3938a1bdad93b0e6b525593f05c79f72a3709ce134d712d3fc5a853548f3bbadb2a7c4801cdf8852cb80e396113532e0717bdbf16d8282ee1549203b060fe523f439911e9e4c0ee0552dbe7035e845bec234a708bd4a97b0331a5008e838f79fe56b185e146ec37294cfbe09017c7956fb8bca9e1cd80dbdc7608fbb2a3f938bbb833081f9a0f0f517800aa4b5fa64b7794723ada1866fcbffe31c7836450e6c62071af59232396d7442f2a582211c295399a168ec12460c8304933f461f1d9acc40fd22086f3e08765e2a0ae8e1e6c8c05d3f7e896c9e85fcc3a73f78992c6518c51aedea34f6120703fe0a675aa07872f39c12d3fb117b746ebd2ba0cffd28c11895d862c79a1baa313a62159693cfa87ed35ccc72a132ec72fbde59e3f669fec51c31648a5a1dfc65c92dee56ba0bc864aaa425ed6bd71df3dfeaa001e7b668779c71695449a6f452809be1108d02f60e6b274568cb3e410c3d332eddb84d0939020ba4d84ce38cafb7df95907b37e06c675a35886f489264768e305a76b3cd1e044aea2cf141c76f0896c503a880b803446ac41eaa8e96540b062ae651f753f3abb59842688757b93f668b462fc5698249d16f5808a46c3036358f43d39339f0a7e28b7350797fea40b85a28e5518d4b561ae5431b3c5feaabd0ce49cb7a4b835edafffec7364e98353520fcae22780150b6dac71f12e5aaf141539f164a5ca70c782182031b21f20bd31befb13c011b7c005e85e003d66d24caf43d2cd110d3864ee828a9487bc0951357ff05705f11dc5cf4484284de7fb21a8a11c7c467fc97f5ec573bdcfcfb06e5f7105d04dc779eadeedd35361d30f31f49f19dc73b97cb18baf64e81649a4c42facd4f5bbea61a37e2b6ab483e12e400d3513e2edea5ed8439beda3bc876fb87c3633ae72ea81072cd6c1b078be8aa0fa6ab279cba4921e2b7d3fe00bb54c441ee6fa5142bfbfb69002ff39ca2a7c2289e83e5153181e05d3f33ca9d732b3938b1099ace1f038ec4bb993017d90fa56bf8eeb3a0d5becc4fbad63933bc698f60cb330144c16e30ff606fc9c61a6b106c7b2f69112a92f7e3e913349354d84f736370c86ae4fd0ff98b678e871fb53252f239897e7dff3d856f9c8e576101780dacdb06ec2e505210ba86aea60c23ff0dad83641d357affc690eb5a4a88dd8a1a752b8939b8040f6af1fed3b04bba27a6b4f5391f1c7150007589f8e067589309b5ddc146460ef3988b5b293bf35f78a526f1374d21dbd77fc13cd4a8ae073fd3578d5c069289491272a495f72fa8619b89ab19a25fcb197ac716130f5a0c838b1f33ad1dab2570674b8312400cf987f31ea6bdae4e2e06a0414d13804b5a8758b81abac58198dc15e6af7b5d"}, {0x90, 0x10b, 0x7f, "f0addbf886e2a56a6ea06e6ba41929906d6564cf87c76fb9471c2a55386d24c942c9f620805ad19cb2aaf4d3937463663cf1b7a0c38a0ddfb73603025a8be09b6ddbe00e71606e8c7ad78a17c9d41a23c88bd9ed420cd14656775551708d2a510e82bdfc3e4259200a5ba6dc1f8630d98daffd3ff4791edeb9"}, {0xb8, 0x102, 0x7fff, "568d429565323a3a9972af85568ccf4d8c228746e1aed119cc5ddcc135a4a5fb8873d0a52b61975ffd37cbc704c1b2276122cae41e52c4032a7e356aad8192f3368d59ace7aff61afd790757fc4d31404d2bcd7dbdfae8b4763e2a5d990476da583b82c16e027b546965e957ec965192305b5aa9f648996a6f1d16d3c0eb43d4fc717dcccc0feb0ffd961ce50cb567e131f14c15953d29b4c6fce0636c6520244b095e"}, {0xb0, 0x114, 0x3, "c843826f1f98c0255574d1a39a078e2accfdc3bee851042205e94f9b349ef3ba1d16cc667b2e7860d59523d4f902bf9557d16d9c7958bb16c0a18c8ac0d848d7684faed44f746cd06f166a1aedc242511744ed814e82f75ae3f0be88987b7b39aad5a9807c1fe4af3a781ee24b14adedd0c599ce624dcedd226bdc18636fdbb1c8fb9620530a4896115ec4c7b7214e4a8fb27b98f56d580bc9"}, {0x60, 0x10d, 0xfff, "e507cc686afde6564c6291ff9474e1aa3f0341f7a80fc98687d5f7d553fe6273f8bc23572be827262b944459d203b2e805fcdb32b4818fbb69b81beb3698fa28e66f6fb729785d33f91c0f7365bd"}, {0x78, 0x88, 0x2, "75ac7119ab3e2805e69b7f8357d417720cb6b1f34f9b3a8ada5e41be3189b85315659014856655e6a5b9f1465462404910967a9cc3813a07ea9a1c7afe26913a5ed1465dc78bb5b8a4adf484e46acf53b7f9c93139eb607f44470044d37da60ba46306"}, {0x90, 0x70cb2424c1a640ff, 0xb, "2be47989ed9a196224570737ad83549be76e2501f0faa20cf046b89e3e6a4cbdeb9a206c1af3211ba07cf9e6671d42385277b46143c4ae9035246c5339d0464382644d330123d95d72a780204166da1983451d202a42ab5c9ec358101d0d5584d0fe2b2cd1804923a38dd5901c218ef7af2be7debca57c9ce7"}, {0xb98, 0x116, 0x7bb, "8c4f8be167ec87c9552e00970761efe8e9402b04085e49e14eaa4430d373c9b1dc485d793e59398d85023322f691c8efdd71484cfe7778ac8e0f97d045134fe376df8afe9f7ff5926625b4a2eafafd285a0a6305b950c10cb3a90bf93f6a9d74167717ad9acf2f049fe30cf6bc758a3b355fc0c9d833a604667fdd52d0670c43a72995e92dba59c2683e864902cf5edff7d77ec3e3f8d469a1f66b15e9ca567e875c2514ba057887b130deb71bc637298f4fdcfde086ddd7cc5ad9928b305aba85bd6598f30af1f0dc7abfeb91353288ea6de83fd9dcf4cd166976add66ca17ae656aed079316e6e211492552a4692129b101e299b0847c72ebadf2ae9a444f46a20c2203736b331b480dc7ad2bba30f6e56d512b75fc1dac8b8a2f8542bb91bd0106657994cb81be50192492dae957d326b03c6315a457026802b19916548f2673ba442690eebde69a08f5a832d617410bd4200ab1198a1d18f2a9a3d697d54fc717c70bb6b4411a8ee33e5578129cefececa2d122be3b46bf5cab1afaebbde9e75a9d06052d06a86a187c7ecede10b693963f3bb7417204d1ef72af6f653434ac62a35bdac290d550275af5de90f29fb2d68c977c1e19dab56e8303b6eacfab5bb345587cd21f639f0b2e0c939b4ae556c2b8a9ae30593fdcdc07789d0a07f45d60709abf4cf16e8b7e570943e89e4b238ce6332bdf51dfe5639fea96317d9551e756b5c9d2b2124a0625f4a2b0a1f0eee65df4162785f8d5243358aefc9f8943e54013e88df0bfd6b457789704d47137f3b4d3655f234b8cdd3cd122db536671ea93fc2deabbe016b6203f61bd179233796256cc66b8a10a46f0a06ea8deec49b9faaec32daeecfd12732fc2d516795287684cf044d92bbec1f0759203205165b4709864cb869b79e17c042789d9950e7c2a748d9fe5f791d72ccda3cd058eaf4380272b0067e4502c0e124f41ead4daecbe4867eb9ddb761fbb519fa5e26a012db0299a6c58181b74da4a5c6a9e15a76850c892ed2877616438247d67c5cd7ea565845f3a56dd18316c246e8b09756c49aea017f5e700c53ccce3beabc1140d74c8869ab44a74ddd0e54c5e08da628321c55f23a74f87bfd33ee90a4e58fdc748658e9325254d94c3ed56bbd78b4667c7e2edd3355f67474181ce32bea339dc250b57fa5c414484b22fd13a5405147864845480aa5d979e0954ba83a103c9ae557cd5b1ff8200aed1e41c6aaf9fc4499ae560aae0ca3a672ca7b5db5492277fb800fd1872032944d354db6ee9d65711a227963ccbddfe9e2b8a9258b6a05d4f4292cb533b768ff0878f5f93cb0e1162df4e3130b51d80e6f9cfd4aa2491b1fc91e874fca8f61cbea46523742c85cf56b40ee2d7d5a30764b69fd5361a548570346e55f5a985829fddd307029e2e6953add11cc5c13f38bc8ae0cb99a2bfa5e81f957972a8db372820329b84a14b73fa8a1c34a4b48f0fe350e4ac271db43625c87a3231331ade92ddefc2744533afc07ff203cefc54f219ac4c7a50c3dbe8b6d852922ac4a3ead5ae4ad5a6d0f9d6b6b25837275c2c36b814acc612b7e966fbdf2a5e2742cc979db3fdf77b2591f2affc49830d37e85734e23a93190a38e3b999becdfe9b9090eece953ebabfc5da2b349b665c4bbd9ff681a487a6b2505841a59e5580e8abe4a4be5aec5f7048e3c6b1995f221bdc80c6f137fe0872a747cb5d8e016eefa21a935a2992b9c09de43954eed8c9c5d4a4eeaf19f726a48dfb83c74c63ae6e611cf8e0bab76f1fbf5301aab8fbf5db911759bc9b86c4081cddace3d50c2d3db59f54caad301d74779a829657fd6510844146e381c231670b5ca1aab3b6a0fcccaa74cdab4106c5335b9e76910d1f59ba7c42cb026d2a4a02a2553604414e15c97d3385d0ab055a39482255887a9811c56927a292097167e5075b8f48e2eb71d10a179d60facefd2a6c88c12e4e0576ca8c7acc9d0845c423593b158aecb822858d2b1238f67a944090ab9c7782034e02d7e2708cd7ed6de9a1ff369c95c2ad8042422652eeebbbc6d8ccc5fa2effde7049ee0978de8d6349e73933974b5eb41c8b62bb1d929da836e0e2a0ce28e2391a19374b0ff4e74bf81dac3a41f75adcff1988437a78e10cfb9f9dab6d893f7c6d0f487373136e1f6d0e9594661c376c6b91aed90c3f41d2197faceb1505b14abe9c9924af4764af26643c7b1b54a65b3d32e5bc06f5fec7265200a08d9b8c540421510492e16b5b5aa3900cdc86b694dc4a5a25d204fb58a366503652ca127d5e860824416a4db5001167b7df0b136348fd995a4e16baccebdf9167c3fda77a71b46afc39980873234034f2f35f8110556d6a5a9f114d7973f3d92d2959d90d24af29679c89ba468d07790e3ea246a738e8862d4633b8e7349064576dc3e1eed44856eeec75a6c512c2a7e7242161bc761e0dec00e4042f55f9e382c69483470b416dad4e269cd68be07a917ebcc482da08d7dc79caa4bd26135237a09e43086ce59b3cdb213b41653d453bf0fe61eb5101bd936fd293b6f323b03ef3983803fd3282e6d714a1e919e4dd3afc83f5635551f6b2b7591802836fc91b53e52a7b001be20fb32d9a7cc2aa295d142c09fd70fd021bcc01f11aae5c5e58f8c25247bc25f6e5ac961d1826504a35327007c81ca340a5545eeec55f92b7cfb5341ba7a49fd12b2c8f7dc6198d8a451e64ea6414f672064d306d4bdeb1c6c60012a94b9c98386cb7c95b502bc939dd7e677fa28a68250a1291e3e39eaf6d0178c6b41c10508b1836c7ab9dee801fbd4a4945c2e8fbd5c7d9ab62c1319b83c63529983c38f0ea9ae446b83788910f7e7f7eb708c436539693c8caed77377cf213720ac76abc7964b467289e6f1549eedd633bd34aaf1bfe2bb6dd021a22033f5af0dce2254f1b3671fd35ddae3c67477a424c449f5fed907964bcd8da0c959b53eebd1f7c9c9cf6b7aea500102faa0b12aeb21994985f6c88a43a961c605596d643a866fcb970853f2a115e1943e0c475203ecde96b0f0314fe683697c34b6f4af3bac664a5d7effcb90e05398c0dd3145b9f58da9a5be8111b4694281a3e07e0aab8fe95760b14f7a89bb7ff7ece934cc6a77585e6ce0a71b3120ec67c0f8ca780e4ce38828c76646046e404f6673c1c9c3a0d19b9bad92ee184877d7ff7e3aae1c3c77753e81f5fe22e8611669e8725b639ed99934b89bc31b02c3b51be28c8488beba7fd9de0205e1f47e4f035aba46a2933bfe0e9bf986d5e6d2ec36cb7b2bf52101ba19df863c27bffc4c2092760bcad4300232b1c2a861c9bc791bf3ddc0d995795fcfd3bc7064b38b9549e044828618718447916b16c6bcb2372674aa955b72f0f3fc52a8db3e59fc3519c5695482f0968ba5cd067d2e10481d972e45cad342bf07c41d617c6d7821b650e37e3305710186b688f4904bb8164f2a761b83ed6af74bcaa1f15bb98194e41674233ea9829fba791d716e8b34a044dd7b765af1e63ab8cdc6aa08ecb385f00b1420caf58f1718927e0c54325a676bcb61c703833eeacead4d7589ca79e14f7c516489545d8cdf95a255fbd2e0d47d83cae99df01d685c20003430781ebf5652f2c8037fb0653cd07b0820441ade74201be72587639944af91087440b3cfd4e80b700f8724b0bf16967a3d693ad9b58983e40f8f8e633face0f52d2cd952cd7002ebc93065d8df99390f481e3b2603656b18642ffcc3381b92d8de9facae07d6134bde528f1ce1b3df0d16ab60fb1c690f747623a444883e0cecd9db08f40f910fd36a8e1d38bde1cbb4ad49fb18ea0f06216a04fc3bcb552203dfe14dbb11efdba007a586b37c41932b34041b47993e83d95ec4194d36c2cc1012846dc9df5024ce7a46cf7deba9fe15908c5530b9a7ffc45b765cda749691499d3585f22849fca780f811e78f8c2f5e2af30cfb8530fa5c10183eb5ec90e41ddeb752d8c067b7965414497bd43cc71c66516486804f1c6bd65062398d0336c10d8f846944e8e1e5aac658fe34f1427f21bdb78bce5222b98c4bff99ef400b959d25ca51439dfbdf48ae682898f847a31130ef8f6eaffd877488ebe5b2be9b3ef03c9d8a2a5e1fb1baf86afbd1d41419adc47299e5d2513f40ff544a36c1391b35d5a8ac1caedf"}], 0x2008}}], 0x1, 0x40004)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r2, 0x0, 0x178}, 0x18)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r3, 0x10001, 0x0)
r4 = socket(0x1e, 0x5, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000180)=@req3={0x80000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4}, 0x1c)
listen(r4, 0x0)
r5 = socket(0x1e, 0x805, 0x0)
sendmsg$tipc(r5, &(0x7f0000000080)={&(0x7f0000000100)=@name={0x1e, 0x2, 0x1}, 0x10, 0x0}, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f00000000c0)=@req3={0x80000000, 0x0, 0x2}, 0x1c)
accept4$inet6(r4, 0x0, 0x0, 0x800)
sendmsg$tipc(r5, &(0x7f0000000640)={&(0x7f0000000300), 0x10, 0x0}, 0x0)

412.817434ms ago: executing program 1 (id=2537):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_read_part_table(0x105e, &(0x7f0000000000)="$eJzsz71NA0EYBNC55eCO4FohoQMqICGhGbohoA96ISG3LFuftSf/dGA7eC9YjTSzWm24rZZtVT3Wb6WGJE/9+Gp5yZw8p62jt3FO5k1V1ZQh+e/33ntT0/64SS/aX6Y1f74Ou6rLM8vDKX2Py3n/8XO9jwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/ToEAAD//zfUF2I=")

402.759014ms ago: executing program 4 (id=2538):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0, r1, 0x0, 0xffffffffffffffff}, 0x18)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0)

394.967514ms ago: executing program 3 (id=2539):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x20048005)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)

375.853654ms ago: executing program 3 (id=2540):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r0, 0x10c, 0x6, &(0x7f0000000000)=0x20b, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
faccessat2(0xffffffffffffffff, &(0x7f0000000040)='\x00', 0x1, 0x1300)

328.089985ms ago: executing program 4 (id=2541):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000000)='sys_enter\x00', r0, 0x0, 0x2}, 0x18)
semtimedop(0x0, &(0x7f00000005c0)=[{0x0, 0x1000, 0x1000}], 0x1, 0x0)

321.809545ms ago: executing program 4 (id=2551):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0, r1, 0x0, 0xffffffffffffffff}, 0x18)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0)

292.742966ms ago: executing program 0 (id=2542):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth0_to_bridge\x00', <r2=>0x0})
syz_io_uring_setup(0x10b, &(0x7f0000000580)={0x0, 0xd736, 0x80, 0x3, 0xbffffffa}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000340)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x80, 0x6000})
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r2], 0x44}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000b80)=ANY=[@ANYBLOB="9feb01a663350018000000000000003400000034000000050000400b000000000000110200000001000000030000000000000904000000ffffffff000000120100000009000000000000080200000000305f6100f3a862f5dbb04d4a19489b450d6f4acb2b5d6ec3d433e1a60f6054e466e4a643a838b73a7176c7b2202ac4e8e46b82183b282427b6fd094ba1763b89ba074749281c30b1024b853ba7bcca18dcc85501ffe7d49135c7c425d11f7f53e067ed3fad5b8f50a779a3522cb5c2cab2e4a671ab8a9304aff2fad31cc5c18c8316c76f"], &(0x7f0000000480)=""/162, 0x51, 0xa2, 0x0, 0xfffffffd, 0x10000, @value}, 0x28)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006d616373656300000400038008000500", @ANYRES32], 0x3c}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', r2, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$evdev(0x0, 0x0, 0x802)
r6 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r7 = timerfd_create(0x0, 0x0)
readv(r7, &(0x7f00000003c0)=[{&(0x7f0000000000)=""/33, 0x21}], 0x1)

292.391255ms ago: executing program 2 (id=2543):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x14, &(0x7f0000000ac0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000068a20510e96bc401bf187082e077fdd7f4f3503f36e39c0cdb5ae95e154f5496cf5d49bc4852663928ce39e8e8d28a93fa6f9d06a75dda4a5958d8ffe4453769ff53141025fe8b63fd727f98d41ced3c0c757c44784ca06cdd2ae378b2d7d3e9c0c09a7821ac65de7f9d6e835fca88cf375fa8b79c7dad65f6943aada007"], &(0x7f0000000300)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x200000000000006}, 0x18)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
io_setup(0x5, &(0x7f0000000140)=<r4=>0x0)
r5 = eventfd2(0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x4c, &(0x7f0000000000), 0x4)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@rights={{0x14, 0x1, 0x1, [<r6=>0xffffffffffffffff]}}], 0x18}, 0x0)
clock_gettime(0x0, &(0x7f0000000540)={<r7=>0x0, <r8=>0x0})
ppoll(&(0x7f0000000480)=[{}, {r5, 0x4}, {0xffffffffffffffff, 0x220b}], 0x3, &(0x7f0000000580)={r7, r8+10000000}, &(0x7f00000005c0)={[0x100]}, 0x8)
r9 = syz_io_uring_setup(0x237, &(0x7f0000000100)={0x0, 0x0, 0x10100, 0x0, 0x1eb}, &(0x7f0000000040)=<r10=>0x0, &(0x7f00000001c0))
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="070000000400000008020000d900000000000000b84890fbef869bc22dd6b4f2d8e874576f021d76656c03e4bd7f48bdcc948aeb31143f3adc2140c4163f7476ce90e79260d588d6017ce6d08a91961053355b0fd99066f90f864fb4ed", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r12, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000c9c46d3d60024bba87de1dffb652bbe20a9a646b7e73cab1ab65c27bf2bd5bfdc522c6f13d07c25d745991a4778ecb1b89acd56ecdc03f175e32f688b36f6da297f5240c969cb5efa30a6890fd5ff7294a8636c8311e325a2b5c1da30b68d7bf8a6509825757653dd46241ac8e5743458b6214df5850a1dacf5b3b88988c737f0f5fdaf9de43ec44d908fbbb85136638c2562f5146f065533e22903ecb1b65954ee1f79536126956e2a1d3b51cdf299da4eee8e7a7e13ff2847c67ab7e130cb393993d201c848a8737da387192d2bc83b4d475f66fbf6c0cd778e09452f2aa59a6be"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r14 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r13}, 0x18)
ioctl$sock_SIOCETHTOOL(r11, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0xea5, '.\x00'}})
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000004c0))
r15 = io_uring_register$IORING_REGISTER_PERSONALITY(r9, 0x9, 0x0, 0x0)
r16 = mmap$IORING_OFF_SQES(&(0x7f00001d5000/0x2000)=nil, 0x2000, 0x8, 0x30, r9, 0x10000000)
syz_io_uring_submit(r10, r16, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x28, 0x0, 0xffffffffffffffff, &(0x7f0000000440), r2, 0x1, 0x0, 0x1, {0x0, r15}})
io_uring_enter(r9, 0x2def, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, @void, @value}, 0x94)
r17 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000600)='rxrpc_rx_rwind_change\x00', r17, 0x0, 0x8000000000000000}, 0x18)
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000180)=[{&(0x7f00000006c0)=""/235, 0xfffffffffffffdff}, {&(0x7f0000000340)=""/195}, {&(0x7f00000008c0)=""/214}], 0x1}, 0x1f00)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
io_submit(r4, 0x2, &(0x7f0000001ec0)=[&(0x7f0000000840)={0x0, 0x0, 0x0, 0x1, 0x8, r14, &(0x7f0000000640)="861c5dd43424c5e66fd2e9c56e79e0cb07e1d76462a4abbe08cf6ae221736ea6c815d9640c0af189d7c0ffcf7497eb5ab4", 0x31, 0x5, 0x0, 0x3, r6}, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x6, 0x1, r13, &(0x7f0000000ec0)="9e290393dac16ca1e3f7528746730d2e78c0984eb52e0c42d049cd248513b816affda369abf0f5ddd479368779d7539ddc573f313e941446c8fe78bfdfe538d4b7072470dfb988b0d5a40b41ec4706e91c920dbf17f9c1e4413226423aabbaaa8a6d0e7e5c71e9fe7529fe38aa5e524ec5305d0892764f4a8028221f4c24015bc011997acc2e0194a6ce99c29174553dc55a1edd540c13d4f4950068da11df263e11be49ac73ae53bad135323da7ecddc5c82271221e01d9cb9bf5dc6d5e5e94887ec787625b0b7dce57900bc3bb721bce0bb1760a97d53b1bd4fbf54d072dfca85c1b9d11badb964be93a539ec2078d1567eaac825544e9e5a69d6a2e279ad8880da54627dd9a8d943e5f9316c1f84ca9f15f23cfc723a5912ab2c837b191bb697ece7e5ee2eecdad6352aa63ba712e493ee2ea1c1df18ee92c1f52a8144ff0c4fc370a5497c5e2ff025119adcd03e695eb52d8d3a71b6654cbe041dcbf7e32d4d94a28c7af1eaea26142090f8a18bd40717644c3036ffba76823e861ddf570c1ae3f1b887defbffb37d496f2e2aabf7bd923de2f3429d6214d62be1643cc926ffad26538780af55bef9b309ac50eb389155ec45e151b5e0b1951cb0d2f0054309c2a1e913a2ae1b78f7bc4f1ac25b863e7312be8ad78538ba111d46580cf71320c2cd9c4f5b27c9d8f618f1a7dcbcd27e6574d242e18afca6fae20c271abcdfc8f47b6b3642ca84c89515b73fe927cfafc7b4c0f3db6ff9a9e30e86bd7c1c8c140dcbad8c34107f55531141ef82b3c59883fbfbe8a4893c6d43f663614420b18268c7f5ef8b6b28e96c6550cbdd43557ea68479968865c08a71f1826b12ba20f987e2d993f49ff5da65227b5e9edf6f26d27ff56d4f1eef86f86c71cc7a0c8bbe4db2235b9e14375ddef9cbfb47ad2c801e07db09dc3b7be74f7b47b2ab661c79f4a0297b7e5fe7b2d8e4e061c2ce9257cbaea5efa5c4c278131d6db547098209894ba36471491870951fc2a607ec5848ea4bd95e085aa0ad9afc7e8f208e5c9fd61fe5aea411f212563a348bbbd94cc50ea81e6d7c9a6129df83ba0f9a409dfe53003c1d281d28100a2ecc7af4e71961e006ad5b53df8434165bfb9d1931afac184dea71aba85562ba9f3a3ddf290d372b7e751aefe5cdbf04b7e1b4cf5d4997526507a9921937d0028dd283da2587203d20fd4a3e29b592c01f47ca6965c43fc318f2433f61b9b673b35da1efed5936fbc4df5bde4da290f6e8ad847a55775c0eb85e145a19f514a1ae9828df6ea069dcff73f2647ca6f942f98b10ea43ece000c34157580c3b9108da5817f104c4c1a771daab31d39c95b6e6b0d854f00c26fa581997ca9ffad698b4061f311b00a97dc58bda542bbfaaaf2b3d920d04073c4aa2d3b84a080e1de70a1a993b283bfecdb903283c0636c83e47ae6154e2c8f9eb623f9f1cc2595aecd9201aead2e1f3da98e19dc308decd3ccaf1cc7037f0dc03c91a5ff97f587be06576bdf89f6012ced6c8c206d462668ff0f74724f259d004c7bdc032a9beb3d7f65fce71a1dbaf0c24a7e9249eb032c21ea4ed40b9ee7b9ba8673014b2e25ab8774f30e229058bf4840ccdb3290b9cc50a70c9be7bf15702a951136c4da305a238d820484fee0b480aa102ad8677490b050fdc4980e11931d2df0f5d9d66136ea3c558544fc293747a69d9bd2886ad828b356ac2120e5cb48115cf3b27bdf1b822354fb7c426eea6ffc568b6ba16e3331a70802bbcd95e5b911119fe8b899e947b16753f2994254425acaff3c5ff4d992eccb60f4792209ee734818813b90fbd2ea9712ff73a94989141e563df4a7c784a9e67147cdc6b4f7dfd52e6eb8963ecff60f9b8d880eb27ed2722aa9a1cf3786ee4a74c453f4632a4756cd3f8f6b8a0b48ca31071b7687813253a6a93c38e378205fa0f1f902ebf4831d0064caeca518e89a9d45a1bce7248f3bb1f98f708a6a414686291c52dd9ef05b876089bc63bff384ff2cba32cd577b431092a0ca7bd93fda78d81d730604fa4431be55689c6ed98e9f1c0b12e3a3f1d1d3913302622a66e2ece288f85bc66cd994b76ef0a60e03d25581b590a2193dce41cedb8b4ea65a6bfa53f1035a705141f72bbdec891db435feedc26a64ddf9385969584dc981f9c00c92c1994f8957d04ac2f66f827e136bdcad41949a27992666514b96fe66e070e713c2e34fcb2291c755eb5d3208e69cf8225165a20cb58518e9686388f1a817e0db014db8dfb95613aa8b7f3fd82f81fcf7843fcff45dcb1730ac124f04f15d185e97ba2caa7b231fcb3fea067679cf0cce1037ac790e5f4e8d519db85534b09d1d5362f979c98fd2a6814d76e2d620d07c2a493f492a10c9cd87f1bb723366d425c9bb7e48337f6eac7edd4ae0d527f495930e3651838c8d1dc1818987bdae993e04c5cc6a17f31c01b6de8ad71e75047c3b48419b93470c24703b404d1b9fb9149726ba372a73931bfe35afdc285feff933a68304807b1a5f9f4e9cd91a78cd0dfe568792ceee1130ca8e3705d77e0508bcf8e1f527f3a3d32dcf9836d5c08dfd920cdcab848cd9e231671922bbdbec2981ac524c21aefd69c41e8fd910e958c5b7371fb41d546dd08352ab3a59fc097a1e558f13aab893729f65122ba49076761a8e2e433c754d52c1a7e53a9c045d8c08e04341c8d1611372066faf5deb16da95c42f8c4f3cce06238f6daf64d03d262b06e0cbecf3397475b8d3652c4be523708d7387a0f850583911fd033c656def9b503cb19bd929abe561566a3f7618ee987e02b96e83f1570a679a71215af43afbebe95ca6c8ecab714149cc1da49e21ce18e631f71aa896e0d3fb34d21bcb7446647d367b3a0534e6790fefb6a1370c6d3aab7e48b23a70c73cbc7667ba95d920e2f97963a17f44332db99ee7c3618d0117be4dcfbbaa12c3d3de9b082a42438d3425197ac55ab46d800d748db62fdd2ddc1ca38e19d9ba554d3b430e0fd61b301b1418ec76bec61d4cd3a4fa668fca136ddee7e4f47a8ae121e32597813db80bb4b5c76aa2c798e9bf0ec5aa83171f6f57ac65d390264c71a50e564c560d683f37d1e4116726366aac8016c645ab3e73e3e59922ff9ec5f3b59103e6294269634081d052b729fc6b8916ef6155c305a9c8fbb8d5bba56896ebd8d03a4c45282544f81119bd1042f5c2bccf22bf78479cf565b2ec796f6ef9e82320ecee21c96a0e611142c0e82f879c462e9aa640942fc5adb1b5eae78311315ae516ab36ca1ba38b2e0ad5cffcf250c4792401f9999eed4d106c7fa23523bd04d713ec409cd542b35295dbe01b4d0421fa3ac23fda69486c508c0ee158ea1c5c36d37caf6284b0e09c1fa8787809f22656bcdc1dd571b8ade307fea689555551ab22006f4bc3f56205da87c7a7597958b9e6257ed0c4e7603a544384f8ff03e2caa096ad99cbc2a4cd14d0faeb6a017f1f3fa51cc49f5eecee397f38a98815e6da12d0bfc99402f78f52b6713e2a05e135945da05df89184be469f09eaa450c3b2f3bee2cce5ed09c38936cf186f069b35bb5026daed54d0474de7c434d26372219f60e5a34d7cc051a625ede527cd4d506bd2119257de95010993182140859f82940896dce46c76498bde96cce5689c995b2e99ce491d5cfab2fc2dd9638cc2e5d4183bf485884af3d9592b14776c89227cb20d0fb5bc74aa6c3d71c0ef4838f4150637863ee67ee88b9142c8d2f90c12d70b891c9d2f2e284f59193fb5c5688e1151b53db76b3210848743dab60ef3396f848d7063824331c1859a8b7b371560e428680b05ea00db00aef8f2790d776f80cf74da75e86532e7ed8b4f38a6448e2f16c04cdfb477d865f84556f55cb9e040a29ad33773e9db84cc4053600e2b79b6d115ab11ae59ef610d38f3aab3156e350bdd52249152dc54b08341bd7e5de78bc8b96512be39e2af731d2ee0537938674b9e59873316e35045eae19ab8d13479ae3c75d2d8aee8b9338f84ab567400d8580d40a4e0254c0430472cb7bd38d6e5a157bf13412f75b7c23f239c205ce4a54d60d8e9ea3a366c48c724fc9a8c76109d7b781e16cdb66a556df95d3577d39b569a674bec9834d2721554f92cdf22be0ed5a4bf295e39fe1e550b8f793f8d8f0aea542b047c9e9026bd6697bbe60725b02063b317d4d80da1a0e78f9d3150232302d253713b8ce9e107e30fd5434bec3032f98a568585db5f6694425ffd006a4ceb32058c977ed70c819aab4708dce0afee5ec99979c4624c7499cdb8c7129e35a1da9272e8ad33e60637f68c7eb605e2a5a914c85f67ad4e9bee423c9e9c8da78c59c4fead7361e71ca644c62d8c082715335c7ec36899c28314e77cee65911a0b34065797f587c21d34d46e0968bfba24f32daea3ae82d449b73352f3f3270c7b4514e4887c5d7bf712860e42fb448bf1ad55aa3ce15b5a2deff249eaf848222fd256b318d7498377ae7ffdb80cdc31337fd3c2352312683efbbc96c63a5057dc1ec21c2410362cf8b998525f14a6cbff70dc75f855f8bb3b34d321de62b933bfd62027c140167e629030c79247565ba941b9d25ac71e2caadadc1be81b56754cd028b97ed4def49f1b5aabed0e52208aa39e379c1c051ae638a89f8177606e2051e00ccb3a49fcd7f0d1e219ab3b0740a6c5934ee85c2bd87f456efcfe867abc1a917afa4654389ed49486cbcdb24ef46c0d3cd7136ca63e1202fda76d2ea3fa4ca6465a4735da16e32312f5a536a7c51de26046f802c0b6c8e8e9dd3f739c0c4885808bf85f05150735903a7fbce0728e044ec637ef7baad7650047aa47e3e478e16b8e8d26453bc7a7c37d64a6849702ab059bd10ad9072204f3fd9164e971d75ff80e3a545a95f6b9f46cacdca817ef5ff192dcd3754f94d9f436046106a3e85a17ab659dc0e037ce5f97eeff35acddecedde2c968478bfc5a79b2d9ef0c2f52e51062d393480a406bc3da6292c1a0cf986f37df233002f959a387d193d75b5a81ad62d43c3807ef48fa6a62781d2d368b4e4d8dbeae4668e03323ccf3ed99418002038ca640ee85488b9e82eb973477016ffd6a6bbcde033918735199e81f9f8a5bbae20ee40e95a0ada881d1c01c3e51f0abc93aa73e39bea2593dad8815890cb0d79df09f7ac5466a0e22119452111e4e73846fbf45744d32dc827493a368cb2c1271f0c21ee9d928c4fd15c1640f7a4d4274faa5a224396280f7eb2b99e5943fa2394280edc900e5cbd4b89dd9e8603a7910e9d11c949ace894b858ed2bd3e86def57ca87d6a21cf07b9052b4f89396f906bfcaafd281b958e0112f07029105c428b00d32f7bc7eb3775ed17096b763741996782f3c3accf68efe064bdc291d9729a9eaec9881f4afdf4818ad512aa070cee87ef7539fd2f160dae757f2fb2af5fb563d7a142e204b8998797f926773c83f64743eeb033da4105e7b899b01efebdecb45d6278c21a0d956a4411f3195c2c1c80726e989db823bf63d6ee1cfb05954b96b9b45c6b596609a1a7f47ebdeb36aa5b8883d1b5064265cde33d79b0c2b3b71e4cf88de0fa1e0161cb5487363c52ece5d1f24ec4500bbf3cba8bd8651ec0a01668e7d35393b5fb643d09cffa03bfde34af0f6c56d4dd05958d2621e11fb079723a44759832ca4752ae6f1799a1f5d6a02a2edd6e9c6375e74cb95642123204cfb925796ff1dff65a931b3082dd7cf02b82f37ebba0f1861d0a9cf8ec69ec9732b6ee831a779d33715f5abcebbf96b9ff97fc68cb7f911e5ec010869", 0x1000, 0x8, 0x0, 0x3}])
r18 = bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff54, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='mm_vmscan_write_folio\x00', r18, 0x0, 0x80}, 0x18)

283.255775ms ago: executing program 1 (id=2544):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000000}, 0x0)
dup(0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90224fc60100005000a000200053582c137153e37000c0180fc0b100bf800", 0x33fe0}], 0x1}, 0x0)

240.028307ms ago: executing program 4 (id=2545):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x8b6}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000300)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r1, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0)

239.611807ms ago: executing program 3 (id=2546):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r0, 0x10c, 0x6, &(0x7f0000000000)=0x20b, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079109700000000007b0ae8ff000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x3f, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newlink={0x48, 0x10, 0x401, 0x0, 0x8000, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x10001}]}}}, @IFLA_MASTER={0x8, 0x3}]}, 0x48}, 0x1, 0xd}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000240)=ANY=[@ANYBLOB="240100001600010428bd700000000000fe8000000000000000000000000000bbfc01000000000000000000000000000100040000000000000000a00000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff02000000000000000000000000000100000000330000000a0101010000000000000000000000000000000000004e340100000000000000000000000000000004000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000a0000002bbd70000000000000000200000000000000000008000020ffffffdf2c0027cc"], 0x124}}, 0x0)
r5 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000080))
ioctl$PAGEMAP_SCAN(r5, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, &(0x7f00001c9000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000040)=[{0x3, 0xfffffffffffffffd}], 0x1, 0x0, 0x0, 0x0, 0x0, 0x2})
r6 = socket$key(0xf, 0x3, 0x2)
times(&(0x7f0000000380))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$key(r6, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="020300030f000000000700000000000005000900e000000001d78771b90bd8a3b4914783c58777003d5b9538a9d03e6e9bfdac550000000003000600000000000200000000000000000000000000000002000100000000000000020d000000000300050000000000020000"], 0x78}, 0x1, 0x7}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="05000000040100009900000001d46bc4a7b4a6bb5afcd53fa2d693fb8aa458e812fea9b9c9542699412c5a14ec97f377e6b4d42ce97cf2af85c70c2f70658628fea701e9806dd92ff3e309c1de8ef79ba80f61dc0da4d93391a40972fe2a71a406ab50ddac535d1687af0f74dcfa0764626fdde36c6aa9df373cb939990ccbcdacf8c252d283eb1ff043b0b701df19267ae5152ce2a71631aceb5dba853d93191881085217c61d2e6d31000000"], 0x48)
ioctl$PAGEMAP_SCAN(r5, 0xc0606610, &(0x7f00000001c0)={0x60, 0x3, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000226000/0x4000)=nil, 0x9, &(0x7f0000000180)=[{0x4, 0x7ff, 0x5}], 0x1, 0xfffffffffffffffe, 0x0, 0x70, 0x8, 0x7c})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r8}, 0x10)
faccessat2(0xffffffffffffffff, &(0x7f0000000040)='\x00', 0x1, 0x1300)

168.796108ms ago: executing program 1 (id=2547):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)

154.441088ms ago: executing program 3 (id=2548):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000101b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x8b6}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000300)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r2, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
io_uring_enter(r2, 0x47f6, 0x0, 0x2, 0x0, 0x0)

126.763228ms ago: executing program 1 (id=2549):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2, 0x0, 0x7}, 0x18)
bind$rds(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000200)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f00000007c0)=[@fadd={0x58, 0x114, 0x6, {{0x3, 0x7}, &(0x7f0000000180)=0x9, 0x0, 0x800029, 0x5, 0x6, 0x968, 0x20, 0xfffffffffffffff9}}], 0x58, 0x4804}, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)

126.005078ms ago: executing program 2 (id=2550):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x20048005)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)

109.941698ms ago: executing program 2 (id=2552):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000000)='sys_enter\x00', r0, 0x0, 0x2}, 0x18)
semtimedop(0x0, &(0x7f00000005c0)=[{0x0, 0x1000, 0x1000}], 0x1, 0x0)

68.437449ms ago: executing program 2 (id=2553):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth0_to_bridge\x00', <r2=>0x0})
syz_io_uring_setup(0x10b, &(0x7f0000000580)={0x0, 0xd736, 0x80, 0x3, 0xbffffffa}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000340)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x80, 0x6000})
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r2, @ANYBLOB='\b\x00'], 0x44}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000b80)=ANY=[@ANYBLOB="9feb01a663350018000000000000003400000034000000050000400b000000000000110200000001000000030000000000000904000000ffffffff000000120100000009000000000000080200000000305f6100f3a862f5dbb04d4a19489b450d6f4acb2b5d6ec3d433e1a60f6054e466e4a643a838b73a7176c7b2202ac4e8e46b82183b282427b6fd094ba1763b89ba074749281c30b1024b853ba7bcca18dcc85501ffe7d49135c7c425d11f7f53e067ed3fad5b8f50a779a3522cb5c2cab2e4a671ab8a9304aff2fad31cc5c18c8316c76f"], &(0x7f0000000480)=""/162, 0x51, 0xa2, 0x0, 0xfffffffd, 0x10000, @value}, 0x28)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006d616373656300000400038008000500", @ANYRES32], 0x3c}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', r2, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$evdev(0x0, 0x0, 0x802)
r6 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r7 = timerfd_create(0x0, 0x0)
readv(r7, &(0x7f00000003c0)=[{&(0x7f0000000000)=""/33, 0x21}], 0x1)

20.604259ms ago: executing program 3 (id=2554):
unshare(0x6a040000)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0x2d}, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x2, 0x6e}, 0x2c)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000580)={{0x84, @multicast2, 0x4e23, 0x3, 'lc\x00', 0x2, 0x4, 0x7e}, {@private=0xa010102, 0x4e20, 0x2, 0x0, 0x80012d58, 0x12d59}}, 0x44)

0s ago: executing program 4 (id=2555):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000060000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xd, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002a00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
time(0x0)

kernel console output (not intermixed with test programs):

00000000000 r/w without journal. Quota mode: none.
[   86.998243][ T6234] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.1056: Abort forced by user
[   87.009198][ T6234] EXT4-fs (loop3): Remounting filesystem read-only
[   87.015824][ T6234] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[   87.026267][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.059607][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.090651][ T6251] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[   87.099071][ T6251] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[   87.118085][ T6254] SELinux: syz.3.1062 (6254) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   87.413925][ T6292] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[   87.422389][ T6292] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[   87.477708][ T6296] loop4: detected capacity change from 0 to 8192
[   87.495627][ T3301]  loop4: p1 p2 p4
[   87.499524][ T3301] loop4: p1 size 65536 extends beyond EOD, truncated
[   87.507110][ T3301] loop4: p2 start 861536256 is beyond EOD, truncated
[   87.513891][ T3301] loop4: p4 size 65536 extends beyond EOD, truncated
[   87.526219][ T6296]  loop4: p1 p2 p4
[   87.530241][ T6296] loop4: p1 size 65536 extends beyond EOD, truncated
[   87.538246][ T6296] loop4: p2 start 861536256 is beyond EOD, truncated
[   87.545034][ T6296] loop4: p4 size 65536 extends beyond EOD, truncated
[   87.585258][ T6302] loop4: detected capacity change from 0 to 1024
[   87.596140][ T6302] EXT4-fs: Ignoring removed nomblk_io_submit option
[   87.609492][ T6302] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.617405][ T3301] udevd[3301]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   87.625140][ T3548] udevd[3548]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   87.642399][ T6302] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.1087: Abort forced by user
[   87.652668][ T6302] EXT4-fs (loop4): Remounting filesystem read-only
[   87.653261][ T3548] udevd[3548]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   87.659291][ T6302] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[   87.670887][ T3301] udevd[3301]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   87.729971][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.952571][ T6326] loop4: detected capacity change from 0 to 8192
[   88.006158][ T3301]  loop4: p1 p2 p4
[   88.013325][ T3301] loop4: p1 size 65536 extends beyond EOD, truncated
[   88.032135][ T3301] loop4: p2 start 861536256 is beyond EOD, truncated
[   88.038946][ T3301] loop4: p4 size 65536 extends beyond EOD, truncated
[   88.059133][ T6326]  loop4: p1 p2 p4
[   88.063379][ T6326] loop4: p1 size 65536 extends beyond EOD, truncated
[   88.093508][ T6326] loop4: p2 start 861536256 is beyond EOD, truncated
[   88.100451][ T6326] loop4: p4 size 65536 extends beyond EOD, truncated
[   88.231918][ T3301] udevd[3301]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   88.241951][ T3548] udevd[3548]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   88.267657][ T6342] loop3: detected capacity change from 0 to 256
[   88.274187][ T3548] udevd[3548]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   88.285727][ T3301] udevd[3301]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   88.300788][ T6332] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1100'.
[   88.309844][ T6332] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1100'.
[   88.318933][ T6332] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1100'.
[   88.357422][ T6337] netlink: 112 bytes leftover after parsing attributes in process `syz.2.1100'.
[   88.388180][ T6332] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1100'.
[   88.397270][ T6332] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1100'.
[   88.406270][ T6332] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1100'.
[   88.476242][ T6332] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1100'.
[   88.485368][ T6332] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1100'.
[   88.494426][ T6332] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1100'.
[   88.586292][ T6361] loop3: detected capacity change from 0 to 1024
[   88.603008][ T6361] EXT4-fs: Ignoring removed orlov option
[   88.703559][ T6361] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.169213][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.385490][ T6396] loop3: detected capacity change from 0 to 8192
[   89.446768][ T3301]  loop3: p1 p2 p4
[   89.450711][ T3301] loop3: p1 size 65536 extends beyond EOD, truncated
[   89.451028][ T6407] loop4: detected capacity change from 0 to 1024
[   89.468173][ T3301] loop3: p2 start 861536256 is beyond EOD, truncated
[   89.474968][ T3301] loop3: p4 size 65536 extends beyond EOD, truncated
[   89.493343][ T6407] EXT4-fs: Ignoring removed orlov option
[   89.499394][ T6396]  loop3: p1 p2 p4
[   89.505882][ T6396] loop3: p1 size 65536 extends beyond EOD, truncated
[   89.521944][ T6407] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.523569][ T6396] loop3: p2 start 861536256 is beyond EOD, truncated
[   89.541246][ T6396] loop3: p4 size 65536 extends beyond EOD, truncated
[   89.682931][ T3301] udevd[3301]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   89.683142][ T3548] udevd[3548]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   89.798108][ T6423] FAULT_INJECTION: forcing a failure.
[   89.798108][ T6423] name failslab, interval 1, probability 0, space 0, times 0
[   89.811013][ T6423] CPU: 1 UID: 0 PID: 6423 Comm: syz.2.1138 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[   89.811118][ T6423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   89.811133][ T6423] Call Trace:
[   89.811141][ T6423]  <TASK>
[   89.811221][ T6423]  __dump_stack+0x1d/0x30
[   89.811246][ T6423]  dump_stack_lvl+0xe8/0x140
[   89.811271][ T6423]  dump_stack+0x15/0x1b
[   89.811292][ T6423]  should_fail_ex+0x265/0x280
[   89.811375][ T6423]  ? netdevice_event+0x2ae/0x610
[   89.811414][ T6423]  should_failslab+0x8c/0xb0
[   89.811443][ T6423]  __kmalloc_cache_noprof+0x4c/0x320
[   89.811547][ T6423]  ? __pfx_netdevice_event+0x10/0x10
[   89.811578][ T6423]  netdevice_event+0x2ae/0x610
[   89.811606][ T6423]  ? __pfx_add_netdev_ips+0x10/0x10
[   89.811677][ T6423]  ? __pfx_is_eth_port_of_netdev_filter+0x10/0x10
[   89.811707][ T6423]  ? __pfx_add_default_gids+0x10/0x10
[   89.811741][ T6423]  ? __pfx_is_ndev_for_default_gid_filter+0x10/0x10
[   89.811845][ T6423]  ? __pfx_del_netdev_ips+0x10/0x10
[   89.811883][ T6423]  ? __pfx_is_eth_port_of_netdev_filter+0x10/0x10
[   89.811996][ T6423]  ? __pfx_netdevice_event+0x10/0x10
[   89.812047][ T6423]  raw_notifier_call_chain+0x6f/0x1b0
[   89.812071][ T6423]  ? call_netdevice_notifiers_info+0x9c/0x100
[   89.812105][ T6423]  call_netdevice_notifiers_info+0xae/0x100
[   89.812138][ T6423]  netif_set_mac_address+0x204/0x260
[   89.812211][ T6423]  dev_set_mac_address_user+0xd7/0x190
[   89.812247][ T6423]  dev_ifsioc+0x9b3/0xaa0
[   89.812270][ T6423]  ? __rcu_read_unlock+0x4f/0x70
[   89.812351][ T6423]  dev_ioctl+0x70a/0x960
[   89.812370][ T6423]  sock_do_ioctl+0x197/0x220
[   89.812398][ T6423]  sock_ioctl+0x41b/0x610
[   89.812426][ T6423]  ? __pfx_sock_ioctl+0x10/0x10
[   89.812484][ T6423]  __se_sys_ioctl+0xce/0x140
[   89.812518][ T6423]  __x64_sys_ioctl+0x43/0x50
[   89.812552][ T6423]  x64_sys_call+0x19a8/0x2fb0
[   89.812602][ T6423]  do_syscall_64+0xd2/0x200
[   89.812622][ T6423]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   89.812650][ T6423]  ? clear_bhb_loop+0x40/0x90
[   89.812672][ T6423]  ? clear_bhb_loop+0x40/0x90
[   89.812727][ T6423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.812749][ T6423] RIP: 0033:0x7faa9d64e929
[   89.812780][ T6423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.812800][ T6423] RSP: 002b:00007faa9bcb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   89.812821][ T6423] RAX: ffffffffffffffda RBX: 00007faa9d875fa0 RCX: 00007faa9d64e929
[   89.812835][ T6423] RDX: 0000200000000000 RSI: 0000000000008924 RDI: 0000000000000006
[   89.812848][ T6423] RBP: 00007faa9bcb7090 R08: 0000000000000000 R09: 0000000000000000
[   89.812861][ T6423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   89.812941][ T6423] R13: 0000000000000000 R14: 00007faa9d875fa0 R15: 00007ffcbd55e7b8
[   89.812962][ T6423]  </TASK>
[   90.192180][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.273063][ T6445] loop4: detected capacity change from 0 to 1024
[   90.287751][ T6445] EXT4-fs: Ignoring removed nomblk_io_submit option
[   90.311720][ T6445] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   90.408222][ T6445] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.1146: Abort forced by user
[   90.424434][ T6445] EXT4-fs (loop4): Remounting filesystem read-only
[   90.431087][ T6445] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[   90.453274][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.517526][ T6457] loop4: detected capacity change from 0 to 256
[   90.560025][ T6461] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[   90.568424][ T6461] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[   90.599202][ T6465] loop4: detected capacity change from 0 to 1024
[   90.617513][ T6465] EXT4-fs: Ignoring removed nomblk_io_submit option
[   90.621297][   T29] kauditd_printk_skb: 641 callbacks suppressed
[   90.621349][   T29] audit: type=1326 audit(2000000000.370:5961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6466 comm="syz.2.1154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa9d64e929 code=0x7ffc0000
[   90.668683][   T29] audit: type=1326 audit(2000000000.410:5962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6466 comm="syz.2.1154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faa9d64e929 code=0x7ffc0000
[   90.692188][   T29] audit: type=1326 audit(2000000000.410:5963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6466 comm="syz.2.1154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa9d64e929 code=0x7ffc0000
[   90.700719][ T6465] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   90.715748][   T29] audit: type=1326 audit(2000000000.410:5964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6466 comm="syz.2.1154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa9d64e929 code=0x7ffc0000
[   90.715776][   T29] audit: type=1326 audit(2000000000.410:5965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6466 comm="syz.2.1154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7faa9d64e929 code=0x7ffc0000
[   90.715800][   T29] audit: type=1326 audit(2000000000.410:5966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6466 comm="syz.2.1154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa9d64e929 code=0x7ffc0000
[   90.798077][   T29] audit: type=1326 audit(2000000000.410:5967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6466 comm="syz.2.1154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa9d64e929 code=0x7ffc0000
[   90.821509][   T29] audit: type=1326 audit(2000000000.410:5968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6466 comm="syz.2.1154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faa9d64e929 code=0x7ffc0000
[   90.844949][   T29] audit: type=1326 audit(2000000000.410:5969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6466 comm="syz.2.1154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa9d64e929 code=0x7ffc0000
[   90.868381][   T29] audit: type=1326 audit(2000000000.410:5970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6466 comm="syz.2.1154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa9d64e929 code=0x7ffc0000
[   90.892186][ T6465] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.1152: Abort forced by user
[   90.923370][ T6465] EXT4-fs (loop4): Remounting filesystem read-only
[   90.929981][ T6465] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[   90.954184][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.102400][ T6494] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   91.110750][ T6494] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   91.151013][ T6497] loop3: detected capacity change from 0 to 1024
[   91.185022][ T6497] EXT4-fs: Ignoring removed orlov option
[   91.192903][ T6497] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.254450][ T6513] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   91.264591][ T6513] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   91.475313][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.580954][ T6532] loop3: detected capacity change from 0 to 1024
[   91.605274][ T6532] EXT4-fs: Ignoring removed orlov option
[   91.631400][ T6532] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.805245][ T6540] netlink: 'syz.4.1183': attribute type 2 has an invalid length.
[   92.078660][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.185308][ T6555] loop3: detected capacity change from 0 to 1024
[   92.207522][ T6555] EXT4-fs: Ignoring removed orlov option
[   92.234320][ T6555] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.517900][ T6577] loop4: detected capacity change from 0 to 1024
[   92.527003][ T6578] SELinux: syz.0.1198 (6578) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   92.541157][ T6577] EXT4-fs: Ignoring removed nomblk_io_submit option
[   92.541952][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.573419][ T6577] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.589751][ T6578] netlink: 'syz.0.1198': attribute type 1 has an invalid length.
[   92.617934][ T6577] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.1197: Abort forced by user
[   92.629303][ T6586] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   92.636476][ T6577] EXT4-fs (loop4): Remounting filesystem read-only
[   92.639445][ T6586] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   92.645790][ T6577] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[   92.686735][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.830406][ T6606] loop4: detected capacity change from 0 to 1024
[   92.841207][ T6609] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   92.851288][ T6609] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   92.851511][ T6606] EXT4-fs: Ignoring removed orlov option
[   92.853873][ T6606] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.050844][ T6629] loop3: detected capacity change from 0 to 256
[   93.062294][ T6635] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   93.072404][ T6635] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   93.395991][ T6661] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   93.406079][ T6661] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   93.707671][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.799671][ T6681] FAULT_INJECTION: forcing a failure.
[   93.799671][ T6681] name failslab, interval 1, probability 0, space 0, times 0
[   93.812451][ T6681] CPU: 1 UID: 0 PID: 6681 Comm: syz.0.1243 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[   93.812541][ T6681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   93.812590][ T6681] Call Trace:
[   93.812597][ T6681]  <TASK>
[   93.812606][ T6681]  __dump_stack+0x1d/0x30
[   93.812625][ T6681]  dump_stack_lvl+0xe8/0x140
[   93.812671][ T6681]  dump_stack+0x15/0x1b
[   93.812691][ T6681]  should_fail_ex+0x265/0x280
[   93.812730][ T6681]  should_failslab+0x8c/0xb0
[   93.812776][ T6681]  __kmalloc_noprof+0xa5/0x3e0
[   93.812800][ T6681]  ? fib_create_info+0xbb1/0x1980
[   93.812820][ T6681]  fib_create_info+0xbb1/0x1980
[   93.812845][ T6681]  fib_table_insert+0x60/0xeb0
[   93.812999][ T6681]  ? __cond_resched+0x4e/0x90
[   93.813025][ T6681]  ? should_fail_ex+0xdb/0x280
[   93.813062][ T6681]  ? ip_rt_ioctl+0x724/0x950
[   93.813120][ T6681]  ? should_failslab+0x8c/0xb0
[   93.813140][ T6681]  ? __kmalloc_cache_noprof+0x189/0x320
[   93.813172][ T6681]  ? fib_new_table+0xad/0x1c0
[   93.813206][ T6681]  ip_rt_ioctl+0x38d/0x950
[   93.813316][ T6681]  inet_ioctl+0x33f/0x3a0
[   93.813339][ T6681]  sock_do_ioctl+0x73/0x220
[   93.813379][ T6681]  sock_ioctl+0x41b/0x610
[   93.813404][ T6681]  ? trace_reschedule_exit+0xd/0xc0
[   93.813479][ T6681]  ? __pfx_sock_ioctl+0x10/0x10
[   93.813567][ T6681]  __se_sys_ioctl+0xce/0x140
[   93.813602][ T6681]  __x64_sys_ioctl+0x43/0x50
[   93.813629][ T6681]  x64_sys_call+0x19a8/0x2fb0
[   93.813652][ T6681]  do_syscall_64+0xd2/0x200
[   93.813728][ T6681]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.813755][ T6681]  ? clear_bhb_loop+0x40/0x90
[   93.813779][ T6681]  ? clear_bhb_loop+0x40/0x90
[   93.813812][ T6681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.813874][ T6681] RIP: 0033:0x7fd70398e929
[   93.813891][ T6681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.813993][ T6681] RSP: 002b:00007fd701fb5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   93.814017][ T6681] RAX: ffffffffffffffda RBX: 00007fd703bb6160 RCX: 00007fd70398e929
[   93.814033][ T6681] RDX: 0000200000000000 RSI: 000000000000890b RDI: 000000000000000a
[   93.814050][ T6681] RBP: 00007fd701fb5090 R08: 0000000000000000 R09: 0000000000000000
[   93.814065][ T6681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.814081][ T6681] R13: 0000000000000000 R14: 00007fd703bb6160 R15: 00007ffe85c84a58
[   93.814142][ T6681]  </TASK>
[   94.233463][ T6692] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   94.243528][ T6692] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   94.305324][ T6694] __nla_validate_parse: 4 callbacks suppressed
[   94.305343][ T6694] netlink: 268 bytes leftover after parsing attributes in process `syz.4.1251'.
[   94.386125][ T6698] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1253'.
[   94.575967][ T6717] loop4: detected capacity change from 0 to 128
[   94.636082][ T6717] syz.4.1256: attempt to access beyond end of device
[   94.636082][ T6717] loop4: rw=2049, sector=145, nr_sectors = 96 limit=128
[   94.674837][ T6723] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   94.684876][ T6723] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   94.716427][ T6727] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1265'.
[   94.738858][ T6729] netlink: 596 bytes leftover after parsing attributes in process `syz.1.1267'.
[   94.782520][ T6733] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1266'.
[   94.826420][ T6736] pim6reg: entered allmulticast mode
[   94.832898][ T6737] loop3: detected capacity change from 0 to 1024
[   94.841175][ T6736] pim6reg: left allmulticast mode
[   94.850117][ T6737] EXT4-fs: Ignoring removed nomblk_io_submit option
[   94.866844][ T6737] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.881268][ T6737] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.1270: Abort forced by user
[   94.891962][ T6737] EXT4-fs (loop3): Remounting filesystem read-only
[   94.899251][ T6737] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[   94.919104][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.982790][ T6750] loop3: detected capacity change from 0 to 256
[   95.114015][ T6756] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   95.124188][ T6756] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   95.358913][ T6765] vlan1: entered promiscuous mode
[   95.364154][ T6765] vlan1: entered allmulticast mode
[   95.369400][ T6765] hsr_slave_1: entered allmulticast mode
[   95.377033][ T6765] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1280'.
[   95.389936][ T2872] kworker/u8:6: attempt to access beyond end of device
[   95.389936][ T2872] loop4: rw=1, sector=241, nr_sectors = 800 limit=128
[   95.443756][ T6769] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   95.452144][ T6771] loop4: detected capacity change from 0 to 1024
[   95.469336][ T6769] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   95.479085][ T3301] printk: udevd: 4 output lines suppressed due to ratelimiting
[   95.481116][ T6771] EXT4-fs: Ignoring removed nomblk_io_submit option
[   95.499429][ T6771] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.524271][ T6771] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.1281: Abort forced by user
[   95.553392][ T6771] EXT4-fs (loop4): Remounting filesystem read-only
[   95.560019][ T6771] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[   95.614252][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.634180][   T29] kauditd_printk_skb: 1065 callbacks suppressed
[   95.634198][   T29] audit: type=1326 audit(2000000000.390:7036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.3.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[   95.664052][   T29] audit: type=1326 audit(2000000000.390:7037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.3.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[   95.687662][   T29] audit: type=1326 audit(2000000000.390:7038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.3.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[   95.742942][ T6785] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   95.753019][ T6785] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   95.756970][   T29] audit: type=1326 audit(2000000000.500:7039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.3.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[   95.785560][   T29] audit: type=1326 audit(2000000000.500:7040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.3.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[   95.809184][   T29] audit: type=1326 audit(2000000000.500:7041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.3.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[   95.821421][ T6789] loop4: detected capacity change from 0 to 512
[   95.832626][   T29] audit: type=1326 audit(2000000000.500:7042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.3.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[   95.832665][   T29] audit: type=1326 audit(2000000000.500:7043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.3.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[   95.886009][   T29] audit: type=1326 audit(2000000000.500:7044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.3.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[   95.909477][   T29] audit: type=1326 audit(2000000000.500:7045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.3.1286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[   95.935278][ T6789] EXT4-fs: Ignoring removed orlov option
[   95.948950][ T6789] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   95.959842][ T6789] EXT4-fs (loop4): orphan cleanup on readonly fs
[   95.967289][ T6789] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1291: bg 0: block 248: padding at end of block bitmap is not set
[   95.983451][ T6789] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1291: Failed to acquire dquot type 1
[   96.007338][ T6789] EXT4-fs (loop4): 1 truncate cleaned up
[   96.013671][ T6789] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   96.076112][ T6804] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   96.098507][ T6789] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[   96.157008][ T6811] loop3: detected capacity change from 0 to 256
[   96.174616][ T6789] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   96.183744][ T6789] ext4 filesystem being remounted at /279/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   96.206825][ T6815] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   96.216845][ T6815] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   96.226956][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.256990][ T6822] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1305'.
[   96.570385][ T6850] loop4: detected capacity change from 0 to 256
[   96.720731][ T6863] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1324'.
[   96.793849][ T6868] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1324'.
[   97.186677][ T6909] loop3: detected capacity change from 0 to 256
[   97.602237][ T6930] atomic_op ffff88813654b928 conn xmit_atomic 0000000000000000
[   97.972561][ T6948] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   97.982631][ T6948] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   98.043565][ T6954] loop4: detected capacity change from 0 to 1024
[   98.061985][ T6954] EXT4-fs: Ignoring removed nomblk_io_submit option
[   98.092927][ T6954] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.119054][ T6954] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.1368: Abort forced by user
[   98.130189][ T6954] EXT4-fs (loop4): Remounting filesystem read-only
[   98.136828][ T6954] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[   98.156926][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.264029][ T6962] loop4: detected capacity change from 0 to 256
[   98.409753][ T6980] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   98.419920][ T6980] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   98.492058][ T6990] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   98.502090][ T6990] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   99.191312][ T7019] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[   99.201435][ T7019] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[   99.318914][ T7025] vhci_hcd: invalid port number 129
[   99.324194][ T7025] vhci_hcd: default hub control req: 0200 v0005 i0081 l0
[   99.377223][ T7033] loop4: detected capacity change from 0 to 1024
[   99.382585][ T7029] SELinux: failed to load policy
[   99.385368][ T7033] EXT4-fs: Ignoring removed nomblk_io_submit option
[   99.403897][ T7029] pimreg: entered allmulticast mode
[   99.409171][ T7033] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.421639][ T7033] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.1404: Abort forced by user
[   99.432350][ T7033] EXT4-fs (loop4): Remounting filesystem read-only
[   99.439038][ T7033] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[   99.447251][ T7029] loop3: detected capacity change from 0 to 512
[   99.453824][ T7029] ext4: Unknown parameter 'subj_role'
[   99.461858][ T7029] pimreg: left allmulticast mode
[   99.476592][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.516929][ T7045] loop3: detected capacity change from 0 to 512
[   99.552315][ T7045] EXT4-fs (loop3): 1 orphan inode deleted
[   99.566864][   T37] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 1
[   99.575000][ T7045] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.596273][ T7045] ext4 filesystem being mounted at /294/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.664305][ T7054] atomic_op ffff8881329c5928 conn xmit_atomic 0000000000000000
[   99.838490][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.850444][ T1035] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   99.858442][ T1035] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  100.017984][ T7072] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1417'.
[  100.069572][ T7074] loop3: detected capacity change from 0 to 1024
[  100.086724][ T7074] EXT4-fs: Ignoring removed orlov option
[  100.106018][ T7074] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.442543][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.486462][ T7091] loop3: detected capacity change from 0 to 256
[  100.509609][ T7091] FAT-fs (loop3): Directory bread(block 64) failed
[  100.519632][ T7091] FAT-fs (loop3): Directory bread(block 65) failed
[  100.527041][ T7093] tipc: Started in network mode
[  100.532035][ T7093] tipc: Node identity ac14140f, cluster identity 4711
[  100.534609][ T7091] FAT-fs (loop3): Directory bread(block 66) failed
[  100.540148][ T7093] tipc: New replicast peer: 0.0.255.255
[  100.550991][ T7093] tipc: Enabled bearer <udp:s>, priority 10
[  100.554642][ T7091] FAT-fs (loop3): Directory bread(block 67) failed
[  100.563532][ T7091] FAT-fs (loop3): Directory bread(block 68) failed
[  100.570219][ T7091] FAT-fs (loop3): Directory bread(block 69) failed
[  100.578079][ T7091] FAT-fs (loop3): Directory bread(block 70) failed
[  100.589824][ T7091] FAT-fs (loop3): Directory bread(block 71) failed
[  100.596660][ T7091] FAT-fs (loop3): Directory bread(block 72) failed
[  100.606437][ T7091] FAT-fs (loop3): Directory bread(block 73) failed
[  100.646363][ T7091] syz.3.1423: attempt to access beyond end of device
[  100.646363][ T7091] loop3: rw=524288, sector=1800, nr_sectors = 20 limit=256
[  100.660683][ T7091] syz.3.1423: attempt to access beyond end of device
[  100.660683][ T7091] loop3: rw=0, sector=1800, nr_sectors = 8 limit=256
[  100.729963][   T29] kauditd_printk_skb: 1181 callbacks suppressed
[  100.729987][   T29] audit: type=1400 audit(2000000000.090:8224): avc:  denied  { name_bind } for  pid=7113 comm="syz.3.1434" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  100.776978][ T7116] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1435'.
[  100.793429][ T7120] FAULT_INJECTION: forcing a failure.
[  100.793429][ T7120] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  100.806780][ T7120] CPU: 1 UID: 0 PID: 7120 Comm: syz.2.1437 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  100.806814][ T7120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  100.806909][ T7120] Call Trace:
[  100.806917][ T7120]  <TASK>
[  100.806926][ T7120]  __dump_stack+0x1d/0x30
[  100.806952][ T7120]  dump_stack_lvl+0xe8/0x140
[  100.806976][ T7120]  dump_stack+0x15/0x1b
[  100.806996][ T7120]  should_fail_ex+0x265/0x280
[  100.807064][ T7120]  should_fail_alloc_page+0xf2/0x100
[  100.807095][ T7120]  __alloc_frozen_pages_noprof+0xff/0x360
[  100.807141][ T7120]  alloc_pages_mpol+0xb3/0x250
[  100.807245][ T7120]  vma_alloc_folio_noprof+0x1aa/0x300
[  100.807286][ T7120]  do_wp_page+0x673/0x2400
[  100.807315][ T7120]  ? __rcu_read_lock+0x37/0x50
[  100.807345][ T7120]  handle_mm_fault+0x77d/0x2be0
[  100.807519][ T7120]  ? mas_walk+0xf2/0x120
[  100.807583][ T7120]  do_user_addr_fault+0x636/0x1090
[  100.807626][ T7120]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  100.807686][ T7120]  exc_page_fault+0x62/0xa0
[  100.807721][ T7120]  asm_exc_page_fault+0x26/0x30
[  100.807761][ T7120] RIP: 0033:0x7faa9d510d50
[  100.807780][ T7120] Code: 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 49 89 c1 49 29 f1 47 0f b6 0c 08 45 84 c9 74 08 <45> 88 0c 00 49 8b 47 10 48 83 c0 01 49 89 47 10 83 e9 01 73 d3 41
[  100.807800][ T7120] RSP: 002b:00007faa9bcb64a0 EFLAGS: 00010202
[  100.807844][ T7120] RAX: 0000000000006005 RBX: 00007faa9bcb6540 RCX: 0000000000000101
[  100.807856][ T7120] RDX: 00000000000003f2 RSI: 0000000000000ff3 RDI: 00007faa9bcb65e0
[  100.807867][ T7120] RBP: 0000000000000102 R08: 00007faa93897000 R09: 0000000000000010
[  100.807909][ T7120] R10: 0000200000001502 R11: 0000000000000524 R12: 0000000000000c01
[  100.807934][ T7120] R13: 00007faa9d6ec120 R14: 0000000000000017 R15: 00007faa9bcb65e0
[  100.807958][ T7120]  </TASK>
[  100.807969][ T7120] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  101.027145][   T29] audit: type=1326 audit(2000000000.010:8225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7127 comm="syz.4.1440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  101.051145][ T7128] loop4: detected capacity change from 0 to 1024
[  101.058232][ T7128] EXT4-fs: Ignoring removed orlov option
[  101.060094][   T29] audit: type=1326 audit(2000000000.010:8226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7127 comm="syz.4.1440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  101.087520][   T29] audit: type=1326 audit(2000000000.010:8227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7127 comm="syz.4.1440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  101.110991][   T29] audit: type=1326 audit(2000000000.010:8228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7127 comm="syz.4.1440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  101.134551][   T29] audit: type=1326 audit(2000000000.010:8229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7127 comm="syz.4.1440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  101.158036][   T29] audit: type=1326 audit(2000000000.010:8230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7127 comm="syz.4.1440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  101.181436][   T29] audit: type=1326 audit(2000000000.010:8231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7127 comm="syz.4.1440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  101.205082][   T29] audit: type=1326 audit(2000000000.010:8232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7127 comm="syz.4.1440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  101.228699][   T29] audit: type=1326 audit(2000000000.010:8233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7127 comm="syz.4.1440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  101.230565][ T7128] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.432216][ T7154] tipc: Started in network mode
[  101.432747][ T7150] atomic_op ffff888100891928 conn xmit_atomic 0000000000000000
[  101.437170][ T7154] tipc: Node identity ac14140f, cluster identity 4711
[  101.458759][ T7154] tipc: New replicast peer: 0.0.255.255
[  101.464455][ T7154] tipc: Enabled bearer <udp:s>, priority 10
[  101.585413][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.668563][ T3402] tipc: Node number set to 2886997007
[  101.966625][ T7176] pim6reg1: entered promiscuous mode
[  101.972077][ T7176] pim6reg1: entered allmulticast mode
[  102.000644][ T7174] loop4: detected capacity change from 0 to 512
[  102.007545][ T7174] EXT4-fs: Ignoring removed mblk_io_submit option
[  102.014030][ T7174] EXT4-fs: Ignoring removed bh option
[  102.020644][ T7174] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  102.034153][ T7174] EXT4-fs (loop4): 1 truncate cleaned up
[  102.040522][ T7174] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.333869][ T7184] loop1: detected capacity change from 0 to 1024
[  102.347805][ T7183] loop3: detected capacity change from 0 to 2048
[  102.351213][ T7184] EXT4-fs: Ignoring removed nomblk_io_submit option
[  102.365994][ T7184] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.366553][ T7183] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.390559][ T7184] EXT4-fs error (device loop1): __ext4_remount:6736: comm syz.1.1461: Abort forced by user
[  102.402351][ T7184] EXT4-fs (loop1): Remounting filesystem read-only
[  102.409031][ T7184] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  102.419026][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.499111][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.509467][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.586036][ T3402] tipc: Node number set to 2886997007
[  102.612761][ T7207] 9pnet_fd: Insufficient options for proto=fd
[  102.757304][ T7222] futex_wake_op: syz.3.1476 tries to shift op by -1; fix this program
[  102.817275][ T7224] loop4: detected capacity change from 0 to 1024
[  102.824253][ T7224] EXT4-fs: Ignoring removed nomblk_io_submit option
[  102.846523][ T7224] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.862274][ T7224] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.1477: Abort forced by user
[  102.872953][ T7224] EXT4-fs (loop4): Remounting filesystem read-only
[  102.879771][ T7224] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[  102.896959][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.013346][ T7232] sd 0:0:1:0: device reset
[  103.020723][ T7232] loop3: detected capacity change from 0 to 512
[  103.027825][ T7232] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  103.157708][ T7240] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1482'.
[  103.189574][ T7240] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1482'.
[  103.277642][ T7232] EXT4-fs (loop3): 1 truncate cleaned up
[  103.283711][ T7232] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.509680][ T7259] loop4: detected capacity change from 0 to 256
[  103.569251][ T7270] FAULT_INJECTION: forcing a failure.
[  103.569251][ T7270] name failslab, interval 1, probability 0, space 0, times 0
[  103.582071][ T7270] CPU: 0 UID: 0 PID: 7270 Comm: syz.2.1495 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  103.582100][ T7270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  103.582114][ T7270] Call Trace:
[  103.582182][ T7270]  <TASK>
[  103.582188][ T7270]  __dump_stack+0x1d/0x30
[  103.582206][ T7270]  dump_stack_lvl+0xe8/0x140
[  103.582222][ T7270]  dump_stack+0x15/0x1b
[  103.582238][ T7270]  should_fail_ex+0x265/0x280
[  103.582371][ T7270]  should_failslab+0x8c/0xb0
[  103.582395][ T7270]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  103.582422][ T7270]  ? shmem_alloc_inode+0x34/0x50
[  103.582478][ T7270]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  103.582556][ T7270]  shmem_alloc_inode+0x34/0x50
[  103.582577][ T7270]  alloc_inode+0x40/0x170
[  103.582616][ T7270]  new_inode+0x1d/0xe0
[  103.582698][ T7270]  shmem_get_inode+0x244/0x750
[  103.582723][ T7270]  __shmem_file_setup+0x113/0x210
[  103.582761][ T7270]  shmem_file_setup+0x3b/0x50
[  103.582802][ T7270]  __se_sys_memfd_create+0x2c3/0x590
[  103.582883][ T7270]  __x64_sys_memfd_create+0x31/0x40
[  103.582913][ T7270]  x64_sys_call+0x122f/0x2fb0
[  103.582935][ T7270]  do_syscall_64+0xd2/0x200
[  103.582952][ T7270]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  103.583003][ T7270]  ? clear_bhb_loop+0x40/0x90
[  103.583070][ T7270]  ? clear_bhb_loop+0x40/0x90
[  103.583134][ T7270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.583216][ T7270] RIP: 0033:0x7faa9d64e929
[  103.583230][ T7270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.583251][ T7270] RSP: 002b:00007faa9bcb6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  103.583273][ T7270] RAX: ffffffffffffffda RBX: 000000000000050a RCX: 00007faa9d64e929
[  103.583289][ T7270] RDX: 00007faa9bcb6ef0 RSI: 0000000000000000 RDI: 00007faa9d6d14cc
[  103.583301][ T7270] RBP: 0000200000000200 R08: 00007faa9bcb6bb7 R09: 00007faa9bcb6e40
[  103.583343][ T7270] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0
[  103.583354][ T7270] R13: 00007faa9bcb6ef0 R14: 00007faa9bcb6eb0 R15: 0000200000000040
[  103.583376][ T7270]  </TASK>
[  103.892633][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.933358][ T7284] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  103.954869][ T7280] loop4: detected capacity change from 0 to 8192
[  103.961443][ T7284] vhci_hcd: default hub control req: 1f03 v0017 i0001 l0
[  103.994739][ T7280]  loop4: p1 p2 p4
[  103.998615][ T7280] loop4: p1 size 65536 extends beyond EOD, truncated
[  104.006027][ T7280] loop4: p2 start 861536256 is beyond EOD, truncated
[  104.012802][ T7280] loop4: p4 size 65536 extends beyond EOD, truncated
[  104.058802][ T7296] loop4: detected capacity change from 0 to 512
[  104.088069][ T7296] EXT4-fs (loop4): 1 orphan inode deleted
[  104.094259][ T7296] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.108097][ T2872] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:6: Failed to release dquot type 1
[  104.111764][ T7305] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  104.119841][ T7296] ext4 filesystem being mounted at /343/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.127759][ T7305] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  104.157263][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.202097][ T7310] loop4: detected capacity change from 0 to 256
[  104.295428][ T7320] loop4: detected capacity change from 0 to 8192
[  104.334892][ T7320]  loop4: p1 p2 p4
[  104.339802][ T7320] loop4: p1 size 65536 extends beyond EOD, truncated
[  104.347218][ T7320] loop4: p2 start 861536256 is beyond EOD, truncated
[  104.353920][ T7320] loop4: p4 size 65536 extends beyond EOD, truncated
[  104.461173][ T7338] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  104.469504][ T7338] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  104.528986][ T7336] loop1: detected capacity change from 0 to 256
[  104.721979][ T7368] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  104.730376][ T7368] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  104.779478][ T7373] loop4: detected capacity change from 0 to 256
[  104.861125][ T7387] loop1: detected capacity change from 0 to 512
[  104.891653][ T7387] EXT4-fs (loop1): 1 orphan inode deleted
[  104.899337][ T7387] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.905248][   T37] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 1
[  104.921144][ T7387] ext4 filesystem being mounted at /337/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.005266][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.078752][ T7415] loop4: detected capacity change from 0 to 1024
[  105.086071][ T7415] EXT4-fs: Ignoring removed orlov option
[  105.096451][ T7415] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.132722][ T7424] loop1: detected capacity change from 0 to 1024
[  105.139652][ T7424] EXT4-fs: Ignoring removed nomblk_io_submit option
[  105.156842][ T7424] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.192572][ T7424] EXT4-fs error (device loop1): __ext4_remount:6736: comm syz.1.1562: Abort forced by user
[  105.222946][ T7424] EXT4-fs (loop1): Remounting filesystem read-only
[  105.229548][ T7424] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  105.280226][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.303946][ T7437] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  105.312469][ T7437] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  105.388439][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.442967][ T7445] loop4: detected capacity change from 0 to 256
[  105.787949][   T29] kauditd_printk_skb: 1342 callbacks suppressed
[  105.787966][   T29] audit: type=1326 audit(2000000000.000:9574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7497 comm="syz.4.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  105.820245][   T29] audit: type=1326 audit(2000000000.000:9575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7497 comm="syz.4.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  105.843850][   T29] audit: type=1326 audit(2000000000.000:9576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7497 comm="syz.4.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  105.882124][   T29] audit: type=1326 audit(2000000000.030:9577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7497 comm="syz.4.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  105.905740][   T29] audit: type=1326 audit(2000000000.030:9578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7497 comm="syz.4.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  105.929282][   T29] audit: type=1326 audit(2000000000.040:9579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7497 comm="syz.4.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  105.952742][   T29] audit: type=1326 audit(2000000000.040:9580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7497 comm="syz.4.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  105.976187][   T29] audit: type=1326 audit(2000000000.040:9581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7497 comm="syz.4.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  105.999742][   T29] audit: type=1326 audit(2000000000.040:9582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7497 comm="syz.4.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  106.023160][   T29] audit: type=1326 audit(2000000000.040:9583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7497 comm="syz.4.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  106.032034][ T7509] loop4: detected capacity change from 0 to 1024
[  106.054773][ T7509] EXT4-fs: Ignoring removed nomblk_io_submit option
[  106.081203][ T7509] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.114108][ T7509] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.1601: Abort forced by user
[  106.131256][ T7515] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  106.139573][ T7515] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  106.140183][ T7509] EXT4-fs (loop4): Remounting filesystem read-only
[  106.154801][ T7509] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[  106.176017][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.207732][ T7523] loop4: detected capacity change from 0 to 128
[  106.220749][ T7523] FAT-fs (loop4): bogus number of reserved sectors
[  106.227441][ T7523] FAT-fs (loop4): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  106.236780][ T7523] FAT-fs (loop4): Can't find a valid FAT filesystem
[  106.558626][ T7550] loop1: detected capacity change from 0 to 1024
[  106.568729][ T7550] EXT4-fs: Ignoring removed nomblk_io_submit option
[  106.596583][ T7556] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  106.604945][ T7556] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  106.613886][ T7550] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.628183][ T7550] EXT4-fs error (device loop1): __ext4_remount:6736: comm syz.1.1617: Abort forced by user
[  106.638988][ T7550] EXT4-fs (loop1): Remounting filesystem read-only
[  106.645732][ T7550] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  106.668121][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.836486][ T7578] loop1: detected capacity change from 0 to 8192
[  106.856803][ T7585] loop3: detected capacity change from 0 to 512
[  106.875808][ T7578]  loop1: p1 p2 p4
[  106.879836][ T7578] loop1: p1 size 65536 extends beyond EOD, truncated
[  106.903589][ T7578] loop1: p2 start 861536256 is beyond EOD, truncated
[  106.910357][ T7578] loop1: p4 size 65536 extends beyond EOD, truncated
[  106.927872][ T7585] EXT4-fs (loop3): 1 orphan inode deleted
[  106.934538][ T7585] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.940927][ T7598] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  106.955428][ T7598] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  106.965125][   T51] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[  106.979600][ T7585] ext4 filesystem being mounted at /321/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  107.090464][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.102488][ T7610] loop1: detected capacity change from 0 to 256
[  107.319889][ T7623] loop4: detected capacity change from 0 to 8192
[  107.332259][ T7633] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  107.340576][ T7633] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  107.385298][ T7623]  loop4: p1 p2 p4
[  107.389310][ T7623] loop4: p1 size 65536 extends beyond EOD, truncated
[  107.397054][ T7623] loop4: p2 start 861536256 is beyond EOD, truncated
[  107.403767][ T7623] loop4: p4 size 65536 extends beyond EOD, truncated
[  107.687607][ T7668] loop3: detected capacity change from 0 to 2048
[  107.719991][ T7668] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.743056][ T7673] loop1: detected capacity change from 0 to 256
[  107.812900][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.957943][ T7701] loop1: detected capacity change from 0 to 256
[  108.122763][ T7720] loop3: detected capacity change from 0 to 8192
[  108.174868][ T7720]  loop3: p1 p2 p4
[  108.178762][ T7720] loop3: p1 size 65536 extends beyond EOD, truncated
[  108.188013][ T7720] loop3: p2 start 861536256 is beyond EOD, truncated
[  108.194775][ T7720] loop3: p4 size 65536 extends beyond EOD, truncated
[  108.441359][ T7733] loop3: detected capacity change from 0 to 256
[  108.800903][ T7764] loop4: detected capacity change from 0 to 256
[  108.882858][ T7785] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1726'.
[  109.007621][ T7804] loop3: detected capacity change from 0 to 1024
[  109.014917][ T7804] EXT4-fs: Ignoring removed nomblk_io_submit option
[  109.038625][ T7804] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.061109][ T7804] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.1735: Abort forced by user
[  109.071496][ T7804] EXT4-fs (loop3): Remounting filesystem read-only
[  109.078165][ T7804] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  109.099152][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.138447][ T7813] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1737'.
[  109.180209][ T7811] loop3: detected capacity change from 0 to 8192
[  109.241037][ T7811]  loop3: p1 p2 p4
[  109.244917][ T7811] loop3: p1 size 65536 extends beyond EOD, truncated
[  109.252374][ T7811] loop3: p2 start 861536256 is beyond EOD, truncated
[  109.259173][ T7811] loop3: p4 size 65536 extends beyond EOD, truncated
[  109.352922][ T7825] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  109.361208][ T7825] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  109.482595][ T7831] loop4: detected capacity change from 0 to 256
[  109.524699][ T7835] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1748'.
[  109.751363][ T7847] loop1: detected capacity change from 0 to 1024
[  109.759661][ T7847] EXT4-fs: Ignoring removed nomblk_io_submit option
[  109.786383][ T7853] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  109.794668][ T7853] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  109.804408][ T7847] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.822328][ T7847] EXT4-fs error (device loop1): __ext4_remount:6736: comm syz.1.1754: Abort forced by user
[  109.845556][ T7847] EXT4-fs (loop1): Remounting filesystem read-only
[  109.852208][ T7847] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  109.871396][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.035222][ T7877] loop4: detected capacity change from 0 to 1024
[  110.042118][ T7877] EXT4-fs: Ignoring removed orlov option
[  110.050230][ T7877] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.340355][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.359801][ T7885] loop3: detected capacity change from 0 to 1024
[  110.366836][ T7885] EXT4-fs: Ignoring removed nomblk_io_submit option
[  110.369260][ T7887] loop4: detected capacity change from 0 to 1024
[  110.380578][ T7887] EXT4-fs: Ignoring removed orlov option
[  110.386827][ T7885] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.388831][ T7887] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.411767][ T7885] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.1769: Abort forced by user
[  110.423025][ T7885] EXT4-fs (loop3): Remounting filesystem read-only
[  110.429679][ T7885] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  110.447877][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.481854][ T7892] loop3: detected capacity change from 0 to 256
[  110.574399][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.779936][ T7920] loop3: detected capacity change from 0 to 256
[  110.808955][   T29] kauditd_printk_skb: 1420 callbacks suppressed
[  110.808969][   T29] audit: type=1326 audit(2000000001.630:11003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7923 comm="syz.3.1784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  110.839536][   T29] audit: type=1326 audit(2000000001.640:11004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7923 comm="syz.3.1784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  110.886162][ T7928] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  110.894420][ T7928] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  110.904557][   T29] audit: type=1326 audit(2000000001.700:11005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7925 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2215b1e929 code=0x7ffc0000
[  110.928122][   T29] audit: type=1326 audit(2000000001.700:11006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7925 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2215b1e929 code=0x7ffc0000
[  110.951808][   T29] audit: type=1326 audit(2000000001.700:11007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7925 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2215b1e929 code=0x7ffc0000
[  110.975592][   T29] audit: type=1326 audit(2000000001.700:11008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7925 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2215b1e929 code=0x7ffc0000
[  110.999219][   T29] audit: type=1326 audit(2000000001.700:11009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7925 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2215b1e929 code=0x7ffc0000
[  111.022985][   T29] audit: type=1326 audit(2000000001.700:11010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7925 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2215b1e929 code=0x7ffc0000
[  111.046648][   T29] audit: type=1326 audit(2000000001.700:11011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7925 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2215b1e929 code=0x7ffc0000
[  111.070395][   T29] audit: type=1326 audit(2000000001.700:11012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7925 comm="syz.1.1785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2215b1e929 code=0x7ffc0000
[  111.161104][ T7943] loop3: detected capacity change from 0 to 1024
[  111.168266][ T7943] EXT4-fs: Ignoring removed nomblk_io_submit option
[  111.197532][ T7943] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.248791][ T7943] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.1794: Abort forced by user
[  111.300523][ T7943] EXT4-fs (loop3): Remounting filesystem read-only
[  111.307191][ T7943] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  111.374286][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.453146][ T7975] loop1: detected capacity change from 0 to 1024
[  111.460886][ T7975] EXT4-fs: Ignoring removed nomblk_io_submit option
[  111.482076][ T7975] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.504325][ T7975] EXT4-fs error (device loop1): __ext4_remount:6736: comm syz.1.1808: Abort forced by user
[  111.538965][ T7982] vlan2: entered promiscuous mode
[  111.544178][ T7982] vlan2: entered allmulticast mode
[  111.549434][ T7982] hsr_slave_1: entered allmulticast mode
[  111.597995][ T7975] EXT4-fs (loop1): Remounting filesystem read-only
[  111.604667][ T7975] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  111.641418][ T7979] loop3: detected capacity change from 0 to 8192
[  111.659159][ T7984] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  111.667489][ T7984] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  111.677566][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.685518][ T7977] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1809'.
[  111.704981][ T7979]  loop3: p1 p2 p4
[  111.708872][ T7979] loop3: p1 size 65536 extends beyond EOD, truncated
[  111.719319][ T7979] loop3: p2 start 861536256 is beyond EOD, truncated
[  111.726096][ T7979] loop3: p4 size 65536 extends beyond EOD, truncated
[  111.866128][ T8002] loop4: detected capacity change from 0 to 1024
[  111.873891][ T8002] EXT4-fs: Ignoring removed nomblk_io_submit option
[  111.886162][ T8001] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1819'.
[  111.906217][ T8002] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.935068][ T8002] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.1818: Abort forced by user
[  111.983886][ T8002] EXT4-fs (loop4): Remounting filesystem read-only
[  111.990547][ T8002] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[  112.032806][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.193954][ T8029] loop3: detected capacity change from 0 to 1024
[  112.224015][ T8029] EXT4-fs: Ignoring removed nomblk_io_submit option
[  112.269784][ T8029] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  112.287875][ T8029] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.1831: Abort forced by user
[  112.302960][ T8029] EXT4-fs (loop3): Remounting filesystem read-only
[  112.309684][ T8029] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  112.414014][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.422855][ T8044] loop4: detected capacity change from 0 to 256
[  112.662505][ T8068] loop1: detected capacity change from 0 to 1024
[  112.673209][ T8068] EXT4-fs: Ignoring removed nomblk_io_submit option
[  112.706343][ T8068] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  112.816686][ T8068] EXT4-fs error (device loop1): __ext4_remount:6736: comm syz.1.1847: Abort forced by user
[  112.832788][ T8068] EXT4-fs (loop1): Remounting filesystem read-only
[  112.839479][ T8068] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  112.858149][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.883379][ T8090] loop1: detected capacity change from 0 to 1024
[  112.890579][ T8090] EXT4-fs: Ignoring removed nomblk_io_submit option
[  112.917276][ T8090] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  112.933109][ T8090] EXT4-fs error (device loop1): __ext4_remount:6736: comm syz.1.1856: Abort forced by user
[  112.943964][ T8090] EXT4-fs (loop1): Remounting filesystem read-only
[  112.950589][ T8090] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  112.970041][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.980144][ T8095] loop3: detected capacity change from 0 to 8192
[  113.029550][ T8104] loop4: detected capacity change from 0 to 256
[  113.049518][ T8095]  loop3: p1 p2 p4
[  113.053393][ T8095] loop3: p1 size 65536 extends beyond EOD, truncated
[  113.061622][ T8095] loop3: p2 start 861536256 is beyond EOD, truncated
[  113.068587][ T8095] loop3: p4 size 65536 extends beyond EOD, truncated
[  113.081746][ T8108] loop4: detected capacity change from 0 to 1024
[  113.089425][ T8108] EXT4-fs: Ignoring removed nomblk_io_submit option
[  113.131907][ T8108] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.147582][ T8108] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.1866: Abort forced by user
[  113.158659][ T8108] EXT4-fs (loop4): Remounting filesystem read-only
[  113.165386][ T8108] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[  113.201537][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.375979][ T8148] loop1: detected capacity change from 0 to 1024
[  113.382956][ T8148] EXT4-fs: Ignoring removed nomblk_io_submit option
[  113.404022][ T8148] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.421062][ T8148] EXT4-fs error (device loop1): __ext4_remount:6736: comm syz.1.1883: Abort forced by user
[  113.432707][ T8148] EXT4-fs (loop1): Remounting filesystem read-only
[  113.439295][ T8148] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  113.476778][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.550576][ T8170] loop3: detected capacity change from 0 to 1024
[  113.569031][ T8170] EXT4-fs: Ignoring removed orlov option
[  113.583199][ T8170] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.852518][ T8202] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  113.860857][ T8202] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  113.910997][ T8200] loop1: detected capacity change from 0 to 8192
[  113.919462][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.940220][ T8208] loop3: detected capacity change from 0 to 1024
[  113.947130][ T8208] EXT4-fs: Ignoring removed nomblk_io_submit option
[  113.953967][ T8200]  loop1: p1 p2 p4
[  113.958146][ T8200] loop1: p1 size 65536 extends beyond EOD, truncated
[  113.966077][ T8200] loop1: p2 start 861536256 is beyond EOD, truncated
[  113.967539][ T8208] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.972804][ T8200] loop1: p4 size 65536 extends beyond EOD, truncated
[  114.007003][ T8208] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.1912: Abort forced by user
[  114.008683][ T8212] loop4: detected capacity change from 0 to 256
[  114.025673][ T8208] EXT4-fs (loop3): Remounting filesystem read-only
[  114.032225][ T8208] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  114.085487][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.150023][ T8226] tipc: Started in network mode
[  114.155034][ T8226] tipc: Node identity ac14140f, cluster identity 4711
[  114.162777][ T8226] tipc: New replicast peer: 0.0.255.255
[  114.168426][ T8226] tipc: Enabled bearer <udp:s>, priority 10
[  114.200745][ T8232] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  114.209038][ T8232] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  114.288217][ T8241] loop3: detected capacity change from 0 to 1024
[  114.304911][ T8241] EXT4-fs: Ignoring removed nomblk_io_submit option
[  114.339011][ T8241] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.360399][ T8241] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.1928: Abort forced by user
[  114.384344][ T8241] EXT4-fs (loop3): Remounting filesystem read-only
[  114.390972][ T8241] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  114.438310][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.545961][ T8272] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  114.554199][ T8272] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  114.573613][ T8276] loop3: detected capacity change from 0 to 1024
[  114.580726][ T8276] EXT4-fs: Ignoring removed orlov option
[  114.588840][ T8276] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.617019][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.796910][ T8300] loop3: detected capacity change from 0 to 1024
[  114.804877][ T8300] EXT4-fs: Ignoring removed orlov option
[  114.814440][ T8300] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.887308][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.043937][ T8334] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  115.052258][ T8334] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  115.294546][ T1035] tipc: Node number set to 2886997007
[  115.307998][ T8357] loop3: detected capacity change from 0 to 256
[  115.366213][ T8365] loop4: detected capacity change from 0 to 256
[  115.419852][ T8368] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  115.428146][ T8368] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  115.858810][   T29] kauditd_printk_skb: 1382 callbacks suppressed
[  115.858825][   T29] audit: type=1326 audit(2000000000.030:12395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8429 comm="syz.3.2017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  115.888773][   T29] audit: type=1326 audit(2000000000.030:12396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8429 comm="syz.3.2017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  115.912938][   T29] audit: type=1326 audit(2000000000.030:12397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8429 comm="syz.3.2017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  115.936592][   T29] audit: type=1326 audit(2000000000.060:12398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8429 comm="syz.3.2017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  115.960213][   T29] audit: type=1326 audit(2000000000.060:12399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8429 comm="syz.3.2017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  115.983799][   T29] audit: type=1326 audit(2000000000.060:12400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8429 comm="syz.3.2017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  116.007471][   T29] audit: type=1326 audit(2000000000.060:12401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8429 comm="syz.3.2017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  116.031098][   T29] audit: type=1326 audit(2000000000.060:12402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8429 comm="syz.3.2017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  116.054601][   T29] audit: type=1326 audit(2000000000.060:12403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8429 comm="syz.3.2017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  116.078244][   T29] audit: type=1326 audit(2000000000.060:12404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8429 comm="syz.3.2017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  116.303721][ T8452] loop3: detected capacity change from 0 to 8192
[  116.348059][ T8452]  loop3: p1 p2 p4
[  116.351855][ T8452] loop3: p1 size 65536 extends beyond EOD, truncated
[  116.394132][ T8452] loop3: p2 start 861536256 is beyond EOD, truncated
[  116.401020][ T8452] loop3: p4 size 65536 extends beyond EOD, truncated
[  116.563476][ T8478] loop4: detected capacity change from 0 to 256
[  116.650147][ T8497] loop3: detected capacity change from 0 to 1024
[  116.666924][ T8497] EXT4-fs: Ignoring removed orlov option
[  116.709292][ T8495] loop4: detected capacity change from 0 to 8192
[  116.737205][ T8500] loop1: detected capacity change from 0 to 1024
[  116.781975][ T8500] EXT4-fs: Ignoring removed orlov option
[  116.795050][ T8495]  loop4: p1 p2 p4
[  116.799091][ T8495] loop4: p1 size 65536 extends beyond EOD, truncated
[  116.807739][ T8495] loop4: p2 start 861536256 is beyond EOD, truncated
[  116.814566][ T8495] loop4: p4 size 65536 extends beyond EOD, truncated
[  117.243701][ T8542] loop1: detected capacity change from 0 to 1024
[  117.253779][ T8542] EXT4-fs: Ignoring removed orlov option
[  117.265674][ T8546] loop3: detected capacity change from 0 to 1024
[  117.272802][ T8546] EXT4-fs: Ignoring removed nomblk_io_submit option
[  117.308905][ T8546] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.2072: Abort forced by user
[  117.335372][ T8546] EXT4-fs (loop3): Remounting filesystem read-only
[  117.341948][ T8546] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  117.528790][ T8580] loop4: detected capacity change from 0 to 1024
[  117.537170][ T8580] EXT4-fs: Ignoring removed nomblk_io_submit option
[  117.559936][ T8580] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.2087: Abort forced by user
[  117.584656][ T8580] EXT4-fs (loop4): Remounting filesystem read-only
[  117.591309][ T8580] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[  117.793176][ T8595] loop1: detected capacity change from 0 to 8192
[  117.900355][ T8595]  loop1: p1 p2 p4
[  117.906970][ T8595] loop1: p1 size 65536 extends beyond EOD, truncated
[  117.933553][ T8595] loop1: p2 start 861536256 is beyond EOD, truncated
[  117.940378][ T8595] loop1: p4 size 65536 extends beyond EOD, truncated
[  118.356573][ T8613] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  118.364976][ T8613] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  118.659283][ T8618] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  118.667611][ T8618] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  118.846567][ T8632] loop4: detected capacity change from 0 to 8192
[  118.874762][ T8632]  loop4: p1 p2 p4
[  118.878580][ T8632] loop4: p1 size 65536 extends beyond EOD, truncated
[  118.888892][ T8632] loop4: p2 start 861536256 is beyond EOD, truncated
[  118.895715][ T8632] loop4: p4 size 65536 extends beyond EOD, truncated
[  118.977069][ T8648] loop4: detected capacity change from 0 to 1024
[  118.983833][ T8648] EXT4-fs: Ignoring removed nomblk_io_submit option
[  119.000492][ T8648] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.2116: Abort forced by user
[  119.010967][ T8648] EXT4-fs (loop4): Remounting filesystem read-only
[  119.017705][ T8648] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[  119.213451][ T8663] loop4: detected capacity change from 0 to 8192
[  119.237922][ T8670] loop3: detected capacity change from 0 to 1024
[  119.248965][ T8670] EXT4-fs: Ignoring removed nomblk_io_submit option
[  119.284873][ T8663]  loop4: p1 p2 p4
[  119.290602][ T8663] loop4: p1 size 65536 extends beyond EOD, truncated
[  119.301169][ T8670] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.2126: Abort forced by user
[  119.312601][ T8670] EXT4-fs (loop3): Remounting filesystem read-only
[  119.319185][ T8670] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  119.327430][ T8663] loop4: p2 start 861536256 is beyond EOD, truncated
[  119.334149][ T8663] loop4: p4 size 65536 extends beyond EOD, truncated
[  119.419180][ T8686] loop4: detected capacity change from 0 to 8192
[  119.465442][ T8686]  loop4: p1 p2 p4
[  119.469400][ T8686] loop4: p1 size 65536 extends beyond EOD, truncated
[  119.478211][ T8686] loop4: p2 start 861536256 is beyond EOD, truncated
[  119.484962][ T8686] loop4: p4 size 65536 extends beyond EOD, truncated
[  119.586376][ T8701] loop1: detected capacity change from 0 to 1024
[  119.593488][ T8701] EXT4-fs: Ignoring removed nomblk_io_submit option
[  119.608618][ T8701] EXT4-fs error (device loop1): __ext4_remount:6736: comm syz.1.2139: Abort forced by user
[  119.628689][ T8701] EXT4-fs (loop1): Remounting filesystem read-only
[  119.635302][ T8701] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  119.649355][ T8705] loop4: detected capacity change from 0 to 256
[  119.832590][ T8732] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  119.840901][ T8732] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  119.959943][ T8742] loop4: detected capacity change from 0 to 8192
[  120.005656][ T8742]  loop4: p1 p2 p4
[  120.011486][ T8742] loop4: p1 size 65536 extends beyond EOD, truncated
[  120.029737][ T8742] loop4: p2 start 861536256 is beyond EOD, truncated
[  120.036638][ T8742] loop4: p4 size 65536 extends beyond EOD, truncated
[  120.155751][ T8772] FAULT_INJECTION: forcing a failure.
[  120.155751][ T8772] name failslab, interval 1, probability 0, space 0, times 0
[  120.168509][ T8772] CPU: 0 UID: 0 PID: 8772 Comm: syz.2.2171 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  120.168548][ T8772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  120.168560][ T8772] Call Trace:
[  120.168565][ T8772]  <TASK>
[  120.168572][ T8772]  __dump_stack+0x1d/0x30
[  120.168595][ T8772]  dump_stack_lvl+0xe8/0x140
[  120.168634][ T8772]  dump_stack+0x15/0x1b
[  120.168654][ T8772]  should_fail_ex+0x265/0x280
[  120.168693][ T8772]  should_failslab+0x8c/0xb0
[  120.168781][ T8772]  kmem_cache_alloc_noprof+0x50/0x310
[  120.168814][ T8772]  ? dup_fd+0x3a/0x540
[  120.168911][ T8772]  dup_fd+0x3a/0x540
[  120.168946][ T8772]  ? __fget_files+0x184/0x1c0
[  120.168997][ T8772]  ksys_unshare+0x346/0x6d0
[  120.169028][ T8772]  ? ksys_write+0x192/0x1a0
[  120.169046][ T8772]  __x64_sys_unshare+0x1f/0x30
[  120.169079][ T8772]  x64_sys_call+0x2d4b/0x2fb0
[  120.169130][ T8772]  do_syscall_64+0xd2/0x200
[  120.169151][ T8772]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  120.169203][ T8772]  ? clear_bhb_loop+0x40/0x90
[  120.169229][ T8772]  ? clear_bhb_loop+0x40/0x90
[  120.169256][ T8772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.169290][ T8772] RIP: 0033:0x7faa9d64e929
[  120.169306][ T8772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.169358][ T8772] RSP: 002b:00007faa9bcb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  120.169375][ T8772] RAX: ffffffffffffffda RBX: 00007faa9d875fa0 RCX: 00007faa9d64e929
[  120.169388][ T8772] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020060400
[  120.169399][ T8772] RBP: 00007faa9bcb7090 R08: 0000000000000000 R09: 0000000000000000
[  120.169410][ T8772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.169421][ T8772] R13: 0000000000000000 R14: 00007faa9d875fa0 R15: 00007ffcbd55e7b8
[  120.169444][ T8772]  </TASK>
[  120.548484][ T8795] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  120.556820][ T8795] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  120.569168][ T8786] loop3: detected capacity change from 0 to 8192
[  120.605204][ T8786]  loop3: p1 p2 p4
[  120.609647][ T8786] loop3: p1 size 65536 extends beyond EOD, truncated
[  120.626119][ T8786] loop3: p2 start 861536256 is beyond EOD, truncated
[  120.632858][ T8786] loop3: p4 size 65536 extends beyond EOD, truncated
[  120.868036][   T29] kauditd_printk_skb: 1702 callbacks suppressed
[  120.868062][   T29] audit: type=1326 audit(2000000000.740:14107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8820 comm="syz.2.2194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa9d64e929 code=0x7ffc0000
[  120.964352][   T29] audit: type=1326 audit(2000000000.770:14108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8820 comm="syz.2.2194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7faa9d64e929 code=0x7ffc0000
[  121.025476][ T8828] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  121.033701][ T8828] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  121.066754][   T29] audit: type=1326 audit(2000000000.880:14109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8818 comm="syz.3.2193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  121.090412][   T29] audit: type=1326 audit(2000000000.880:14110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8818 comm="syz.3.2193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  121.113962][   T29] audit: type=1326 audit(2000000000.890:14111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8810 comm="syz.1.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2215b1e929 code=0x7ffc0000
[  121.137538][   T29] audit: type=1326 audit(2000000000.890:14112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8810 comm="syz.1.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2215b1e929 code=0x7ffc0000
[  121.161109][   T29] audit: type=1326 audit(2000000000.890:14113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8810 comm="syz.1.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7f2215b1e929 code=0x7ffc0000
[  121.184668][   T29] audit: type=1326 audit(2000000000.890:14114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8820 comm="syz.2.2194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa9d64e929 code=0x7ffc0000
[  121.208169][   T29] audit: type=1326 audit(2000000000.890:14115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8820 comm="syz.2.2194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa9d64e929 code=0x7ffc0000
[  121.231944][   T29] audit: type=1326 audit(2000000000.900:14116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8818 comm="syz.3.2193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  121.507816][ T8854] loop1: detected capacity change from 0 to 8192
[  121.555860][ T8854]  loop1: p1 p2 p4
[  121.564616][ T8854] loop1: p1 size 65536 extends beyond EOD, truncated
[  121.572116][ T8854] loop1: p2 start 861536256 is beyond EOD, truncated
[  121.578896][ T8854] loop1: p4 size 65536 extends beyond EOD, truncated
[  121.631937][ T8863] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  121.640257][ T8863] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  121.706989][ T8879] netlink: 'syz.1.2220': attribute type 4 has an invalid length.
[  121.760597][ T8884] loop1: detected capacity change from 0 to 1024
[  121.768674][ T8884] EXT4-fs: Ignoring removed nomblk_io_submit option
[  121.791243][ T8884] EXT4-fs error (device loop1): __ext4_remount:6736: comm syz.1.2221: Abort forced by user
[  121.805874][ T8884] EXT4-fs (loop1): Remounting filesystem read-only
[  121.812520][ T8884] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  121.831642][ T8889] loop3: detected capacity change from 0 to 8192
[  121.854830][ T8889]  loop3: p1 p2 p4
[  121.858723][ T8889] loop3: p1 size 65536 extends beyond EOD, truncated
[  121.867338][ T8889] loop3: p2 start 861536256 is beyond EOD, truncated
[  121.874084][ T8889] loop3: p4 size 65536 extends beyond EOD, truncated
[  122.044137][ T8909] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  122.052413][ T8909] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  122.088424][ T8915] FAULT_INJECTION: forcing a failure.
[  122.088424][ T8915] name failslab, interval 1, probability 0, space 0, times 0
[  122.101244][ T8915] CPU: 0 UID: 0 PID: 8915 Comm: syz.1.2236 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  122.101314][ T8915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  122.101328][ T8915] Call Trace:
[  122.101334][ T8915]  <TASK>
[  122.101342][ T8915]  __dump_stack+0x1d/0x30
[  122.101434][ T8915]  dump_stack_lvl+0xe8/0x140
[  122.101458][ T8915]  dump_stack+0x15/0x1b
[  122.101476][ T8915]  should_fail_ex+0x265/0x280
[  122.101512][ T8915]  ? assoc_array_insert+0x2e0/0x1990
[  122.101535][ T8915]  should_failslab+0x8c/0xb0
[  122.101614][ T8915]  __kmalloc_cache_noprof+0x4c/0x320
[  122.101699][ T8915]  assoc_array_insert+0x2e0/0x1990
[  122.101797][ T8915]  ? keyring_compare_object+0xda/0x100
[  122.101865][ T8915]  ? assoc_array_delete+0x348/0x950
[  122.101893][ T8915]  __key_link_begin+0x8a/0x140
[  122.101919][ T8915]  key_move+0x160/0x550
[  122.102086][ T8915]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[  122.102123][ T8915]  ? __pfx_keyring_search_iterator+0x10/0x10
[  122.102189][ T8915]  keyctl_keyring_move+0xd6/0x110
[  122.102249][ T8915]  __se_sys_keyctl+0x5f7/0xb80
[  122.102277][ T8915]  ? __rcu_read_unlock+0x4f/0x70
[  122.102338][ T8915]  ? __fget_files+0x184/0x1c0
[  122.102362][ T8915]  ? fput+0x8f/0xc0
[  122.102391][ T8915]  __x64_sys_keyctl+0x67/0x80
[  122.102422][ T8915]  x64_sys_call+0x2e7f/0x2fb0
[  122.102457][ T8915]  do_syscall_64+0xd2/0x200
[  122.102477][ T8915]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  122.102551][ T8915]  ? clear_bhb_loop+0x40/0x90
[  122.102582][ T8915]  ? clear_bhb_loop+0x40/0x90
[  122.102673][ T8915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.102702][ T8915] RIP: 0033:0x7f2215b1e929
[  122.102717][ T8915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.102738][ T8915] RSP: 002b:00007f2214187038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  122.102759][ T8915] RAX: ffffffffffffffda RBX: 00007f2215d45fa0 RCX: 00007f2215b1e929
[  122.102823][ T8915] RDX: fffffffffffffffe RSI: 0000000014de6549 RDI: 000000000000001e
[  122.102837][ T8915] RBP: 00007f2214187090 R08: 0000000000000001 R09: 0000000000000000
[  122.102847][ T8915] R10: 0000000014de6549 R11: 0000000000000246 R12: 0000000000000001
[  122.102860][ T8915] R13: 0000000000000000 R14: 00007f2215d45fa0 R15: 00007ffef210dc28
[  122.102882][ T8915]  </TASK>
[  122.416709][ T8931] loop3: detected capacity change from 0 to 1024
[  122.425599][ T8931] EXT4-fs: Ignoring removed nomblk_io_submit option
[  122.466443][ T8941] netlink: 'syz.0.2240': attribute type 4 has an invalid length.
[  122.480453][ T8931] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.2243: Abort forced by user
[  122.491864][ T8931] EXT4-fs (loop3): Remounting filesystem read-only
[  122.498451][ T8931] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  122.510081][ T8942] SELinux:  policydb version 763034897 does not match my version range 15-34
[  122.523387][ T8942] SELinux: failed to load policy
[  122.544158][ T8942] loop4: detected capacity change from 0 to 128
[  122.557919][ T8942] vfat: Unknown parameter '�LE՝mug�g&�U��b�FQ�r<J���s��+��R1qv��C�P&�3?�� ����^D��d/��n�g��W}5�~��R�>��.��OKR^��	�̙�[�;��̮l��������n4�j����֑]}�1�������$�B;F5�lC���+!�B���;D����\mb��	0�#�#��C���d'
[  122.601473][ T8942] 9pnet: Could not find request transport: 0xffffffffffffffff
[  122.647542][ T8952] FAULT_INJECTION: forcing a failure.
[  122.647542][ T8952] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  122.660881][ T8952] CPU: 0 UID: 0 PID: 8952 Comm: syz.3.2249 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  122.660950][ T8952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  122.660965][ T8952] Call Trace:
[  122.660972][ T8952]  <TASK>
[  122.660981][ T8952]  __dump_stack+0x1d/0x30
[  122.661001][ T8952]  dump_stack_lvl+0xe8/0x140
[  122.661018][ T8952]  dump_stack+0x15/0x1b
[  122.661035][ T8952]  should_fail_ex+0x265/0x280
[  122.661094][ T8952]  should_fail_alloc_page+0xf2/0x100
[  122.661124][ T8952]  __alloc_frozen_pages_noprof+0xff/0x360
[  122.661165][ T8952]  alloc_pages_bulk_noprof+0x4b8/0x540
[  122.661194][ T8952]  ? __kmalloc_noprof+0x1dd/0x3e0
[  122.661235][ T8952]  ? copy_splice_read+0xc2/0x5f0
[  122.661271][ T8952]  copy_splice_read+0xf3/0x5f0
[  122.661371][ T8952]  ? __pfx_copy_splice_read+0x10/0x10
[  122.661450][ T8952]  splice_direct_to_actor+0x26c/0x680
[  122.661531][ T8952]  ? __pfx_direct_splice_actor+0x10/0x10
[  122.661579][ T8952]  do_splice_direct+0xda/0x150
[  122.661681][ T8952]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  122.661725][ T8952]  do_sendfile+0x380/0x650
[  122.661794][ T8952]  __x64_sys_sendfile64+0x105/0x150
[  122.661824][ T8952]  x64_sys_call+0xb39/0x2fb0
[  122.661852][ T8952]  do_syscall_64+0xd2/0x200
[  122.661874][ T8952]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  122.661905][ T8952]  ? clear_bhb_loop+0x40/0x90
[  122.661953][ T8952]  ? clear_bhb_loop+0x40/0x90
[  122.662036][ T8952]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.662060][ T8952] RIP: 0033:0x7fd25f62e929
[  122.662077][ T8952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.662094][ T8952] RSP: 002b:00007fd25dc97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  122.662110][ T8952] RAX: ffffffffffffffda RBX: 00007fd25f855fa0 RCX: 00007fd25f62e929
[  122.662121][ T8952] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000007
[  122.662207][ T8952] RBP: 00007fd25dc97090 R08: 0000000000000000 R09: 0000000000000000
[  122.662217][ T8952] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  122.662303][ T8952] R13: 0000000000000000 R14: 00007fd25f855fa0 R15: 00007ffdac895348
[  122.662320][ T8952]  </TASK>
[  122.891503][ T8951] loop1: detected capacity change from 0 to 1024
[  122.898823][ T8951] EXT4-fs: Ignoring removed orlov option
[  123.076729][ T8976] loop3: detected capacity change from 0 to 512
[  123.083744][ T8976] EXT4-fs: Ignoring removed mblk_io_submit option
[  123.115734][ T8976] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  123.138380][ T8976] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  123.151669][ T8976] EXT4-fs (loop3): 1 truncate cleaned up
[  123.164072][ T8976] xt_TPROXY: Can be used only with -p tcp or -p udp
[  123.218265][ T8983] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  123.226732][ T8983] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  123.364430][ T8987] loop3: detected capacity change from 0 to 1024
[  123.401630][ T8987] EXT4-fs: Ignoring removed i_version option
[  123.421477][ T8987] EXT4-fs: Ignoring removed mblk_io_submit option
[  123.445149][ T8987] EXT4-fs: Ignoring removed nobh option
[  123.450905][ T8987] EXT4-fs: Ignoring removed bh option
[  123.491374][ T8987] FAULT_INJECTION: forcing a failure.
[  123.491374][ T8987] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.504750][ T8987] CPU: 0 UID: 0 PID: 8987 Comm: syz.3.2264 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  123.504783][ T8987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  123.504795][ T8987] Call Trace:
[  123.504801][ T8987]  <TASK>
[  123.504807][ T8987]  __dump_stack+0x1d/0x30
[  123.504830][ T8987]  dump_stack_lvl+0xe8/0x140
[  123.504853][ T8987]  dump_stack+0x15/0x1b
[  123.504873][ T8987]  should_fail_ex+0x265/0x280
[  123.505044][ T8987]  should_fail+0xb/0x20
[  123.505157][ T8987]  should_fail_usercopy+0x1a/0x20
[  123.505248][ T8987]  _copy_to_user+0x20/0xa0
[  123.505269][ T8987]  simple_read_from_buffer+0xb5/0x130
[  123.505301][ T8987]  proc_fail_nth_read+0x100/0x140
[  123.505361][ T8987]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  123.505393][ T8987]  vfs_read+0x1a0/0x6f0
[  123.505423][ T8987]  ? __rcu_read_unlock+0x4f/0x70
[  123.505463][ T8987]  ? __fget_files+0x184/0x1c0
[  123.505485][ T8987]  ksys_read+0xda/0x1a0
[  123.505573][ T8987]  __x64_sys_read+0x40/0x50
[  123.505674][ T8987]  x64_sys_call+0x2d77/0x2fb0
[  123.505697][ T8987]  do_syscall_64+0xd2/0x200
[  123.505779][ T8987]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  123.505839][ T8987]  ? clear_bhb_loop+0x40/0x90
[  123.505859][ T8987]  ? clear_bhb_loop+0x40/0x90
[  123.505880][ T8987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.505913][ T8987] RIP: 0033:0x7fd25f62d33c
[  123.505927][ T8987] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  123.505945][ T8987] RSP: 002b:00007fd25dc97030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  123.505963][ T8987] RAX: ffffffffffffffda RBX: 00007fd25f855fa0 RCX: 00007fd25f62d33c
[  123.505975][ T8987] RDX: 000000000000000f RSI: 00007fd25dc970a0 RDI: 0000000000000014
[  123.505987][ T8987] RBP: 00007fd25dc97090 R08: 0000000000000000 R09: 0000000000000000
[  123.505998][ T8987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.506020][ T8987] R13: 0000000000000000 R14: 00007fd25f855fa0 R15: 00007ffdac895348
[  123.506038][ T8987]  </TASK>
[  123.511949][ T9008] netlink: 'syz.0.2272': attribute type 1 has an invalid length.
[  123.676819][ T9009] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2272'.
[  123.693302][ T9008] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  123.888640][ T9032] loop4: detected capacity change from 0 to 8192
[  123.904201][ T9046] FAULT_INJECTION: forcing a failure.
[  123.904201][ T9046] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.917386][ T9046] CPU: 1 UID: 0 PID: 9046 Comm: syz.3.2288 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  123.917489][ T9046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  123.917549][ T9046] Call Trace:
[  123.917556][ T9046]  <TASK>
[  123.917564][ T9046]  __dump_stack+0x1d/0x30
[  123.917589][ T9046]  dump_stack_lvl+0xe8/0x140
[  123.917647][ T9046]  dump_stack+0x15/0x1b
[  123.917672][ T9046]  should_fail_ex+0x265/0x280
[  123.917708][ T9046]  should_fail+0xb/0x20
[  123.917861][ T9046]  should_fail_usercopy+0x1a/0x20
[  123.917895][ T9046]  _copy_to_user+0x20/0xa0
[  123.917947][ T9046]  simple_read_from_buffer+0xb5/0x130
[  123.918033][ T9046]  proc_fail_nth_read+0x100/0x140
[  123.918050][ T9046]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  123.918145][ T9046]  vfs_read+0x1a0/0x6f0
[  123.918179][ T9046]  ? __rcu_read_unlock+0x4f/0x70
[  123.918233][ T9046]  ? __fget_files+0x184/0x1c0
[  123.918260][ T9046]  ksys_read+0xda/0x1a0
[  123.918299][ T9046]  __x64_sys_read+0x40/0x50
[  123.918356][ T9046]  x64_sys_call+0x2d77/0x2fb0
[  123.918376][ T9046]  do_syscall_64+0xd2/0x200
[  123.918392][ T9046]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  123.918420][ T9046]  ? clear_bhb_loop+0x40/0x90
[  123.918484][ T9046]  ? clear_bhb_loop+0x40/0x90
[  123.918508][ T9046]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.918528][ T9046] RIP: 0033:0x7fd25f62d33c
[  123.918608][ T9046] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  123.918628][ T9046] RSP: 002b:00007fd25dc97030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  123.918655][ T9046] RAX: ffffffffffffffda RBX: 00007fd25f855fa0 RCX: 00007fd25f62d33c
[  123.918670][ T9046] RDX: 000000000000000f RSI: 00007fd25dc970a0 RDI: 0000000000000005
[  123.918684][ T9046] RBP: 00007fd25dc97090 R08: 0000000000000000 R09: 0000000000000000
[  123.918698][ T9046] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000002
[  123.918710][ T9046] R13: 0000000000000000 R14: 00007fd25f855fa0 R15: 00007ffdac895348
[  123.918731][ T9046]  </TASK>
[  124.148591][ T9032]  loop4: p1 p2 p4
[  124.154544][ T9032] loop4: p1 size 65536 extends beyond EOD, truncated
[  124.166558][ T9032] loop4: p2 start 861536256 is beyond EOD, truncated
[  124.173291][ T9032] loop4: p4 size 65536 extends beyond EOD, truncated
[  124.315479][ T9071] loop4: detected capacity change from 0 to 256
[  124.373074][ T9080] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2302'.
[  125.032167][ T9099] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  125.040551][ T9099] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  125.232133][ T9108] xt_TPROXY: Can be used only with -p tcp or -p udp
[  125.295813][ T9110] loop3: detected capacity change from 0 to 256
[  125.377219][ T9113] loop1: detected capacity change from 0 to 512
[  125.383927][ T9113] EXT4-fs: Ignoring removed mblk_io_submit option
[  125.390641][ T9113] EXT4-fs: Ignoring removed bh option
[  125.405291][ T9113] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  125.423639][ T9113] EXT4-fs (loop1): 1 truncate cleaned up
[  125.578488][ T9130] loop0: detected capacity change from 0 to 1024
[  125.587470][ T9130] EXT4-fs: Ignoring removed orlov option
[  125.674057][ T9135] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  125.682418][ T9135] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  125.820922][ T9144] loop0: detected capacity change from 0 to 256
[  125.902576][   T29] kauditd_printk_skb: 1258 callbacks suppressed
[  125.902590][   T29] audit: type=1326 audit(2000000005.770:15375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9154 comm="syz.3.2336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  125.956598][   T29] audit: type=1326 audit(2000000005.790:15376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9154 comm="syz.3.2336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  125.980210][   T29] audit: type=1326 audit(2000000005.790:15377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9154 comm="syz.3.2336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  126.004203][   T29] audit: type=1326 audit(2000000005.830:15378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9154 comm="syz.3.2336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  126.027756][   T29] audit: type=1326 audit(2000000005.830:15379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9154 comm="syz.3.2336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  126.051312][   T29] audit: type=1326 audit(2000000005.840:15380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9154 comm="syz.3.2336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  126.074971][   T29] audit: type=1326 audit(2000000005.840:15381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9154 comm="syz.3.2336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  126.098513][   T29] audit: type=1326 audit(2000000005.840:15382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9154 comm="syz.3.2336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  126.122043][   T29] audit: type=1326 audit(2000000005.840:15383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9154 comm="syz.3.2336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  126.145635][   T29] audit: type=1326 audit(2000000005.840:15384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9154 comm="syz.3.2336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd25f62e929 code=0x7ffc0000
[  126.277445][ T9161] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2331'.
[  126.599186][ T9167] loop3: detected capacity change from 0 to 1024
[  126.606611][ T9167] EXT4-fs: Ignoring removed orlov option
[  126.624390][ T9176] netlink: 'syz.4.2342': attribute type 4 has an invalid length.
[  126.640377][ T9176] netlink: 'syz.4.2342': attribute type 4 has an invalid length.
[  126.650204][ T9176] FAULT_INJECTION: forcing a failure.
[  126.650204][ T9176] name failslab, interval 1, probability 0, space 0, times 0
[  126.662892][ T9176] CPU: 0 UID: 0 PID: 9176 Comm: syz.4.2342 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  126.662923][ T9176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  126.662934][ T9176] Call Trace:
[  126.662940][ T9176]  <TASK>
[  126.662945][ T9176]  __dump_stack+0x1d/0x30
[  126.662981][ T9176]  dump_stack_lvl+0xe8/0x140
[  126.663003][ T9176]  dump_stack+0x15/0x1b
[  126.663045][ T9176]  should_fail_ex+0x265/0x280
[  126.663080][ T9176]  ? inetdev_init+0x6b/0x370
[  126.663156][ T9176]  should_failslab+0x8c/0xb0
[  126.663180][ T9176]  __kmalloc_cache_noprof+0x4c/0x320
[  126.663206][ T9176]  inetdev_init+0x6b/0x370
[  126.663298][ T9176]  inetdev_event+0x15c/0xc10
[  126.663324][ T9176]  ? __pfx_ib_netdevice_event+0x10/0x10
[  126.663390][ T9176]  ? ib_netdevice_event+0x186/0x5f0
[  126.663411][ T9176]  ? __pfx_inetdev_event+0x10/0x10
[  126.663452][ T9176]  raw_notifier_call_chain+0x6f/0x1b0
[  126.663475][ T9176]  ? call_netdevice_notifiers_info+0x9c/0x100
[  126.663505][ T9176]  call_netdevice_notifiers_info+0xae/0x100
[  126.663534][ T9176]  netif_set_mtu_ext+0x296/0x370
[  126.663568][ T9176]  do_setlink+0x751/0x2810
[  126.663605][ T9176]  ? save_fpregs_to_fpstate+0x100/0x160
[  126.663634][ T9176]  ? _raw_spin_unlock+0x26/0x50
[  126.663660][ T9176]  ? finish_task_switch+0xad/0x2b0
[  126.663683][ T9176]  ? __schedule+0x6a8/0xb30
[  126.663724][ T9176]  rtnl_setlink+0x311/0x420
[  126.663767][ T9176]  ? security_capable+0x83/0x90
[  126.663841][ T9176]  ? ns_capable+0x7d/0xb0
[  126.663864][ T9176]  ? __pfx_rtnl_setlink+0x10/0x10
[  126.663918][ T9176]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  126.663943][ T9176]  netlink_rcv_skb+0x123/0x220
[  126.663999][ T9176]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  126.664034][ T9176]  rtnetlink_rcv+0x1c/0x30
[  126.664117][ T9176]  netlink_unicast+0x5a1/0x670
[  126.664204][ T9176]  netlink_sendmsg+0x58b/0x6b0
[  126.664233][ T9176]  ? __pfx_netlink_sendmsg+0x10/0x10
[  126.664275][ T9176]  __sock_sendmsg+0x145/0x180
[  126.664306][ T9176]  sock_write_iter+0x165/0x1b0
[  126.664335][ T9176]  do_iter_readv_writev+0x421/0x4c0
[  126.664361][ T9176]  vfs_writev+0x2df/0x8b0
[  126.664465][ T9176]  do_writev+0xe7/0x210
[  126.664496][ T9176]  __x64_sys_writev+0x45/0x50
[  126.664520][ T9176]  x64_sys_call+0x2006/0x2fb0
[  126.664592][ T9176]  do_syscall_64+0xd2/0x200
[  126.664615][ T9176]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  126.664647][ T9176]  ? clear_bhb_loop+0x40/0x90
[  126.664666][ T9176]  ? clear_bhb_loop+0x40/0x90
[  126.664761][ T9176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.664787][ T9176] RIP: 0033:0x7fa11c5ae929
[  126.664805][ T9176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.664827][ T9176] RSP: 002b:00007fa11ac17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  126.664848][ T9176] RAX: ffffffffffffffda RBX: 00007fa11c7d5fa0 RCX: 00007fa11c5ae929
[  126.664924][ T9176] RDX: 0000000000000001 RSI: 0000200000000300 RDI: 0000000000000003
[  126.664939][ T9176] RBP: 00007fa11ac17090 R08: 0000000000000000 R09: 0000000000000000
[  126.664954][ T9176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  126.664968][ T9176] R13: 0000000000000000 R14: 00007fa11c7d5fa0 R15: 00007ffe7befbf68
[  126.664986][ T9176]  </TASK>
[  127.045754][ T9171] loop1: detected capacity change from 0 to 8192
[  127.064777][ T9171]  loop1: p1 p2 p4
[  127.068606][ T9171] loop1: p1 size 65536 extends beyond EOD, truncated
[  127.076286][ T9171] loop1: p2 start 861536256 is beyond EOD, truncated
[  127.083024][ T9171] loop1: p4 size 65536 extends beyond EOD, truncated
[  127.312537][ T9207] loop4: detected capacity change from 0 to 1024
[  127.330610][ T9207] EXT4-fs: Ignoring removed orlov option
[  127.433366][ T9224] loop3: detected capacity change from 0 to 8192
[  127.534640][ T9224]  loop3: p1 p2 p4
[  127.538485][ T9224] loop3: p1 size 65536 extends beyond EOD, truncated
[  127.555486][ T9224] loop3: p2 start 861536256 is beyond EOD, truncated
[  127.562320][ T9224] loop3: p4 size 65536 extends beyond EOD, truncated
[  127.677601][ T9244] loop3: detected capacity change from 0 to 512
[  127.740925][ T9244] EXT4-fs (loop3): too many log groups per flexible block group
[  127.748749][ T9244] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  127.782548][ T9244] EXT4-fs (loop3): mount failed
[  127.953960][ T9264] loop4: detected capacity change from 0 to 1024
[  127.969661][ T9264] EXT4-fs: Ignoring removed orlov option
[  128.275347][ T9281] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2385'.
[  128.670440][ T9317] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=9317 comm=syz.0.2398
[  128.781547][ T9324] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2401'.
[  128.790542][ T9324] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2401'.
[  128.807140][ T9314] loop1: detected capacity change from 0 to 736
[  128.846618][ T9329] loop1: detected capacity change from 0 to 1024
[  128.854388][ T9329] EXT4-fs: Ignoring removed orlov option
[  129.259305][ T9352] loop0: detected capacity change from 0 to 8192
[  129.364265][ T9359] netlink: 256 bytes leftover after parsing attributes in process `syz.4.2412'.
[  129.667525][ T9365] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2414'.
[  129.773213][ T9365] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2414'.
[  130.006781][ T9384] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  130.015098][ T9384] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  130.191712][ T9388] loop0: detected capacity change from 0 to 256
[  130.213671][ T9388] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  130.222878][ T9397] loop3: detected capacity change from 0 to 1024
[  130.246500][ T9397] EXT4-fs: Ignoring removed orlov option
[  130.376020][ T9406] loop4: detected capacity change from 0 to 256
[  130.491961][ T9424] FAULT_INJECTION: forcing a failure.
[  130.491961][ T9424] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.505172][ T9424] CPU: 1 UID: 0 PID: 9424 Comm: syz.1.2435 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  130.505228][ T9424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  130.505249][ T9424] Call Trace:
[  130.505256][ T9424]  <TASK>
[  130.505265][ T9424]  __dump_stack+0x1d/0x30
[  130.505291][ T9424]  dump_stack_lvl+0xe8/0x140
[  130.505310][ T9424]  dump_stack+0x15/0x1b
[  130.505325][ T9424]  should_fail_ex+0x265/0x280
[  130.505381][ T9424]  should_fail+0xb/0x20
[  130.505414][ T9424]  should_fail_usercopy+0x1a/0x20
[  130.505527][ T9424]  _copy_from_user+0x1c/0xb0
[  130.505597][ T9424]  kstrtouint_from_user+0x69/0xf0
[  130.505626][ T9424]  ? 0xffffffff81000000
[  130.505677][ T9424]  ? selinux_file_permission+0x1e4/0x320
[  130.505709][ T9424]  proc_fail_nth_write+0x50/0x160
[  130.505730][ T9424]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  130.505747][ T9424]  vfs_write+0x269/0x8e0
[  130.505819][ T9424]  ? vfs_read+0x47f/0x6f0
[  130.505898][ T9424]  ? __rcu_read_unlock+0x4f/0x70
[  130.505940][ T9424]  ? __fget_files+0x184/0x1c0
[  130.505962][ T9424]  ksys_write+0xda/0x1a0
[  130.506040][ T9424]  __x64_sys_write+0x40/0x50
[  130.506060][ T9424]  x64_sys_call+0x2cdd/0x2fb0
[  130.506086][ T9424]  do_syscall_64+0xd2/0x200
[  130.506108][ T9424]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  130.506201][ T9424]  ? clear_bhb_loop+0x40/0x90
[  130.506226][ T9424]  ? clear_bhb_loop+0x40/0x90
[  130.506280][ T9424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.506306][ T9424] RIP: 0033:0x7f2215b1d3df
[  130.506324][ T9424] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  130.506346][ T9424] RSP: 002b:00007f2214166030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  130.506367][ T9424] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2215b1d3df
[  130.506383][ T9424] RDX: 0000000000000001 RSI: 00007f22141660a0 RDI: 0000000000000008
[  130.506396][ T9424] RBP: 00007f2214166090 R08: 0000000000000000 R09: 0000000000000000
[  130.506437][ T9424] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  130.506448][ T9424] R13: 0000000000000000 R14: 00007f2215d46080 R15: 00007ffef210dc28
[  130.506520][ T9424]  </TASK>
[  130.930647][ T9437] loop1: detected capacity change from 0 to 8192
[  130.991287][ T9441] loop3: detected capacity change from 0 to 8192
[  131.019107][ T9437]  loop1: p1 p2 p4
[  131.022951][ T9437] loop1: p1 size 65536 extends beyond EOD, truncated
[  131.043727][ T9437] loop1: p2 start 861536256 is beyond EOD, truncated
[  131.050583][ T9437] loop1: p4 size 65536 extends beyond EOD, truncated
[  131.149082][   T29] kauditd_printk_skb: 979 callbacks suppressed
[  131.149097][   T29] audit: type=1326 audit(2000000011.020:16364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9446 comm="syz.4.2447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  131.205534][ T9447] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2445'.
[  131.221009][   T29] audit: type=1326 audit(2000000011.060:16365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9446 comm="syz.4.2447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  131.232786][ T9452] loop3: detected capacity change from 0 to 256
[  131.244602][   T29] audit: type=1326 audit(2000000011.060:16366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9446 comm="syz.4.2447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  131.274508][   T29] audit: type=1326 audit(2000000011.060:16367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9446 comm="syz.4.2447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  131.298158][   T29] audit: type=1326 audit(2000000011.060:16368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9446 comm="syz.4.2447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  131.321828][   T29] audit: type=1326 audit(2000000011.060:16369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9446 comm="syz.4.2447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  131.345730][   T29] audit: type=1326 audit(2000000011.060:16370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9446 comm="syz.4.2447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  131.369390][   T29] audit: type=1326 audit(2000000011.060:16371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9446 comm="syz.4.2447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  131.393010][   T29] audit: type=1326 audit(2000000011.060:16372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9446 comm="syz.4.2447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  131.416755][   T29] audit: type=1326 audit(2000000011.060:16373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9446 comm="syz.4.2447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7fa11c5ae929 code=0x7ffc0000
[  131.441003][ T9447] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2445'.
[  131.606773][ T9475] loop4: detected capacity change from 0 to 1024
[  131.615180][ T9475] EXT4-fs: Ignoring removed orlov option
[  131.628850][ T9475] EXT4-fs mount: 40 callbacks suppressed
[  131.628862][ T9475] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.721147][ T9486] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  131.729455][ T9486] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  131.909672][ T9492] loop3: detected capacity change from 0 to 1024
[  131.921003][ T9494] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2463'.
[  131.926445][ T9492] EXT4-fs: Ignoring removed orlov option
[  131.943677][ T9494] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2463'.
[  131.956963][ T9492] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.010540][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.100241][ T9509] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2470'.
[  132.125270][ T9504] loop4: detected capacity change from 0 to 8192
[  132.174641][ T9504]  loop4: p1 p2 p4
[  132.180810][ T9504] loop4: p1 size 65536 extends beyond EOD, truncated
[  132.189529][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.198993][ T9504] loop4: p2 start 861536256 is beyond EOD, truncated
[  132.205758][ T9504] loop4: p4 size 65536 extends beyond EOD, truncated
[  132.228470][ T9515] loop3: detected capacity change from 0 to 164
[  132.235049][ T9515] iso9660: Unknown parameter ''
[  132.258884][ T9515] SELinux:  Context system_u:object_r:logrotate_var_lib_t:s0 is not valid (left unmapped).
[  132.307479][ T9518] loop4: detected capacity change from 0 to 8192
[  132.344778][ T9518]  loop4: p1 p2 p4
[  132.348747][ T9518] loop4: p1 size 65536 extends beyond EOD, truncated
[  132.362239][ T9518] loop4: p2 start 861536256 is beyond EOD, truncated
[  132.369037][ T9518] loop4: p4 size 65536 extends beyond EOD, truncated
[  132.414775][ T9521] loop1: detected capacity change from 0 to 256
[  132.504224][    C1] vcan0: j1939_tp_rxtimer: 0xffff888102771400: rx timeout, send abort
[  132.681277][ T9535] loop4: detected capacity change from 0 to 8192
[  132.714791][ T9535]  loop4: p1 p2 p4
[  132.718585][ T9535] loop4: p1 size 65536 extends beyond EOD, truncated
[  132.725914][ T9535] loop4: p2 start 861536256 is beyond EOD, truncated
[  132.732785][ T9535] loop4: p4 size 65536 extends beyond EOD, truncated
[  132.784925][ T9545] loop4: detected capacity change from 0 to 256
[  133.004443][    C1] vcan0: j1939_tp_rxtimer: 0xffff888102771800: rx timeout, send abort
[  133.012868][    C1] vcan0: j1939_tp_rxtimer: 0xffff888102771400: abort rx timeout. Force session deactivation
[  133.165024][ T9569] loop3: detected capacity change from 0 to 256
[  133.195937][ T9567] loop4: detected capacity change from 0 to 8192
[  133.234830][ T9567]  loop4: p1 p2 p4
[  133.238691][ T9567] loop4: p1 size 65536 extends beyond EOD, truncated
[  133.256710][ T9567] loop4: p2 start 861536256 is beyond EOD, truncated
[  133.263626][ T9567] loop4: p4 size 65536 extends beyond EOD, truncated
[  133.308770][ T9577] loop3: detected capacity change from 0 to 8192
[  133.349450][ T9577]  loop3: p1 p2 p4
[  133.353281][ T9577] loop3: p1 size 65536 extends beyond EOD, truncated
[  133.363683][ T9582] FAULT_INJECTION: forcing a failure.
[  133.363683][ T9582] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  133.364306][ T9577] loop3: p2 start 861536256 is beyond EOD, truncated
[  133.376880][ T9582] CPU: 1 UID: 0 PID: 9582 Comm: syz.0.2506 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  133.376918][ T9582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  133.376934][ T9582] Call Trace:
[  133.376942][ T9582]  <TASK>
[  133.376953][ T9582]  __dump_stack+0x1d/0x30
[  133.377031][ T9582]  dump_stack_lvl+0xe8/0x140
[  133.377055][ T9582]  dump_stack+0x15/0x1b
[  133.377075][ T9582]  should_fail_ex+0x265/0x280
[  133.377113][ T9582]  should_fail+0xb/0x20
[  133.377149][ T9582]  should_fail_usercopy+0x1a/0x20
[  133.377229][ T9582]  _copy_from_user+0x1c/0xb0
[  133.377286][ T9582]  copy_from_bpfptr+0x5c/0x90
[  133.377326][ T9582]  bpf_prog_load+0x74a/0x1070
[  133.377375][ T9582]  ? security_bpf+0x2b/0x90
[  133.377401][ T9582]  __sys_bpf+0x51d/0x790
[  133.377456][ T9582]  __x64_sys_bpf+0x41/0x50
[  133.377616][ T9582]  x64_sys_call+0x2478/0x2fb0
[  133.377643][ T9582]  do_syscall_64+0xd2/0x200
[  133.377665][ T9582]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  133.377741][ T9582]  ? clear_bhb_loop+0x40/0x90
[  133.377766][ T9582]  ? clear_bhb_loop+0x40/0x90
[  133.377793][ T9582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.377826][ T9582] RIP: 0033:0x7fd70398e929
[  133.377902][ T9582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.377925][ T9582] RSP: 002b:00007fd701ff7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  133.377947][ T9582] RAX: ffffffffffffffda RBX: 00007fd703bb5fa0 RCX: 00007fd70398e929
[  133.377963][ T9582] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005
[  133.377978][ T9582] RBP: 00007fd701ff7090 R08: 0000000000000000 R09: 0000000000000000
[  133.378048][ T9582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  133.378063][ T9582] R13: 0000000000000000 R14: 00007fd703bb5fa0 R15: 00007ffe85c84a58
[  133.378085][ T9582]  </TASK>
[  133.512814][    C1] vcan0: j1939_tp_rxtimer: 0xffff888102771800: abort rx timeout. Force session deactivation
[  133.521879][ T9577] loop3: p4 size 65536 extends beyond EOD, truncated
[  133.719075][ T9603] loop3: detected capacity change from 0 to 256
[  133.847407][ T9599] loop1: detected capacity change from 0 to 8192
[  133.876902][ T9615] __nla_validate_parse: 4 callbacks suppressed
[  133.876917][ T9615] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2523'.
[  133.892503][ T9599]  loop1: p1 p2 p4
[  133.897889][ T9599] loop1: p1 size 65536 extends beyond EOD, truncated
[  133.905846][ T9599] loop1: p2 start 861536256 is beyond EOD, truncated
[  133.912625][ T9599] loop1: p4 size 65536 extends beyond EOD, truncated
[  134.028284][ T9625] loop1: detected capacity change from 0 to 8192
[  134.062206][ T9628] FAULT_INJECTION: forcing a failure.
[  134.062206][ T9628] name failslab, interval 1, probability 0, space 0, times 0
[  134.075084][ T9628] CPU: 1 UID: 0 PID: 9628 Comm: syz.0.2522 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  134.075117][ T9628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  134.075154][ T9628] Call Trace:
[  134.075162][ T9628]  <TASK>
[  134.075170][ T9628]  __dump_stack+0x1d/0x30
[  134.075195][ T9628]  dump_stack_lvl+0xe8/0x140
[  134.075295][ T9628]  dump_stack+0x15/0x1b
[  134.075316][ T9628]  should_fail_ex+0x265/0x280
[  134.075354][ T9628]  should_failslab+0x8c/0xb0
[  134.075383][ T9628]  kmem_cache_alloc_noprof+0x50/0x310
[  134.075463][ T9628]  ? getname_flags+0x80/0x3b0
[  134.075491][ T9628]  getname_flags+0x80/0x3b0
[  134.075519][ T9628]  do_sys_openat2+0x60/0x110
[  134.075562][ T9628]  __x64_sys_openat+0xf2/0x120
[  134.075605][ T9628]  x64_sys_call+0x1af/0x2fb0
[  134.075625][ T9628]  do_syscall_64+0xd2/0x200
[  134.075641][ T9628]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  134.075668][ T9628]  ? clear_bhb_loop+0x40/0x90
[  134.075694][ T9628]  ? clear_bhb_loop+0x40/0x90
[  134.075772][ T9628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.075844][ T9628] RIP: 0033:0x7fd70398d290
[  134.075863][ T9628] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  134.075886][ T9628] RSP: 002b:00007fd701fd5f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  134.075909][ T9628] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd70398d290
[  134.075924][ T9628] RDX: 0000000000000000 RSI: 00007fd701fd5fa0 RDI: 00000000ffffff9c
[  134.075939][ T9628] RBP: 00007fd701fd5fa0 R08: 0000000000000000 R09: 0000000000000000
[  134.075953][ T9628] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  134.075999][ T9628] R13: 0000000000000000 R14: 00007fd703bb6080 R15: 00007ffe85c84a58
[  134.076021][ T9628]  </TASK>
[  134.262667][ T9625]  loop1: p1 p2 p4
[  134.266519][ T9625] loop1: p1 size 65536 extends beyond EOD, truncated
[  134.275639][ T9631] loop3: detected capacity change from 0 to 256
[  134.282178][ T9625] loop1: p2 start 861536256 is beyond EOD, truncated
[  134.288964][ T9625] loop1: p4 size 65536 extends beyond EOD, truncated
[  134.320510][ T9633] loop4: detected capacity change from 0 to 1024
[  134.328130][ T9633] EXT4-fs: Ignoring removed orlov option
[  134.337147][ T9633] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.534567][ T9647] bpf: Bad value for 'uid'
[  134.588675][ T9649] loop1: detected capacity change from 0 to 8192
[  134.606151][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.627857][ T9649]  loop1: p1 p2 p4
[  134.632238][ T9649] loop1: p1 size 65536 extends beyond EOD, truncated
[  134.659179][ T9649] loop1: p2 start 861536256 is beyond EOD, truncated
[  134.666111][ T9649] loop1: p4 size 65536 extends beyond EOD, truncated
[  134.742244][ T9665] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2542'.
[  134.764457][ T9663] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  134.772782][ T9663] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  134.784451][ T9669] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2544'.
[  134.806392][ T9669] netlink: zone id is out of range
[  134.812439][ T9669] netlink: zone id is out of range
[  134.821202][ T9669] netlink: del zone limit has 8 unknown bytes
[  134.871940][ T9677] loop1: detected capacity change from 0 to 1024
[  134.908016][ T9677] EXT4-fs: Ignoring removed orlov option
[  134.922196][ T9677] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.018644][ T9677] ==================================================================
[  135.026803][ T9677] BUG: KCSAN: data-race in filemap_read / filemap_read
[  135.033716][ T9677] 
[  135.036063][ T9677] write to 0xffff88813b751e28 of 8 bytes by task 9687 on cpu 0:
[  135.043715][ T9677]  filemap_read+0x974/0xa00
[  135.048258][ T9677]  generic_file_read_iter+0x79/0x330
[  135.053603][ T9677]  ext4_file_read_iter+0x1cc/0x290
[  135.058747][ T9677]  copy_splice_read+0x3c1/0x5f0
[  135.063693][ T9677]  splice_direct_to_actor+0x290/0x680
[  135.069103][ T9677]  do_splice_direct+0xda/0x150
[  135.073916][ T9677]  do_sendfile+0x380/0x650
[  135.078366][ T9677]  __x64_sys_sendfile64+0x105/0x150
[  135.083600][ T9677]  x64_sys_call+0xb39/0x2fb0
[  135.088300][ T9677]  do_syscall_64+0xd2/0x200
[  135.092840][ T9677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.098777][ T9677] 
[  135.101128][ T9677] read to 0xffff88813b751e28 of 8 bytes by task 9677 on cpu 1:
[  135.108698][ T9677]  filemap_read+0x6f/0xa00
[  135.113159][ T9677]  generic_file_read_iter+0x79/0x330
[  135.118582][ T9677]  ext4_file_read_iter+0x1cc/0x290
[  135.123724][ T9677]  copy_splice_read+0x3c1/0x5f0
[  135.128600][ T9677]  splice_direct_to_actor+0x290/0x680
[  135.134008][ T9677]  do_splice_direct+0xda/0x150
[  135.138798][ T9677]  do_sendfile+0x380/0x650
[  135.143231][ T9677]  __x64_sys_sendfile64+0x105/0x150
[  135.148449][ T9677]  x64_sys_call+0xb39/0x2fb0
[  135.153058][ T9677]  do_syscall_64+0xd2/0x200
[  135.157578][ T9677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.163488][ T9677] 
[  135.165823][ T9677] value changed: 0x00000000000000cf -> 0x00000000000000d0
[  135.172936][ T9677] 
[  135.175284][ T9677] Reported by Kernel Concurrency Sanitizer on:
[  135.181446][ T9677] CPU: 1 UID: 0 PID: 9677 Comm: syz.1.2549 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  135.193883][ T9677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  135.203985][ T9677] ==================================================================
[  135.222859][ T3154] IPVS: starting estimator thread 0...
[  135.308517][ T9692] IPVS: using max 2304 ests per chain, 115200 per kthread
[  135.343412][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.357669][  T397] IPVS: stop unused estimator thread 0...