last executing test programs:

1.987336182s ago: executing program 3 (id=923):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000004780)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYBLOB="030262254f372dd2f01c316024747921155fef93b7570ae427bd6449309404f4d0edc1e00a5033c18ad6abf4fb7cdfbc8c39cd5d4bcd130191231a930607dffd34d7a36090359418ccdb60e600585a8b8111bc38f18552ec4f1cb0bbe596161b0dc1bf"], 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), r2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xf, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f00000000c0)=r10, 0x4)
sendmsg$unix(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0xfffffffffffffe96, 0x0, 0x0, 0x0, 0x0, 0x20000001}, 0x40000)
r11 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r11, 0x29, 0x4a, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r5}, 0x18)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000480)={@cgroup, 0x11, 0x1, 0xe, &(0x7f0000000240)=[0x0], 0x1, 0x0, &(0x7f00000003c0)=[0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
r13 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)={0x2, 0x4, 0x8, 0x1, 0x80, r6, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x3}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x12, 0x12, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000184a0000ffffffff00000000000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000680)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @cgroup_sock_addr=0x20, 0xffffffffffffffff, 0x8, &(0x7f0000000880)={0xa, 0x2}, 0x8, 0x10, &(0x7f00000008c0)={0x0, 0xa, 0x8000, 0x9}, 0x10, 0xffffffffffffffff, r9, 0x2, &(0x7f0000000a40)=[r6, r8, r8, r13], &(0x7f0000000ac0)=[{0x4, 0x2, 0x1, 0x6}, {0x2, 0x3, 0x1, 0xc}], 0x10, 0xe34}, 0x94)
sendmsg$NFT_BATCH(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e74657200400100000c0a01010000000000000000070000000900020073797a31000000000900010073797a300000000014010380100100800800034000000002030106"], 0x1d4}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="ba17d71a12ee097c1d8056f5e3360335534f0761266184f4bfd65a6524662beeb5d859a19687ea35f89309940cdc77c09d03d0608944b3a4685c800eae", @ANYRES16=r3, @ANYBLOB="01002bbd7000fddbdf25070000000400018008000400ea00000004000680"], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x20040000)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000e00)=ANY=[@ANYBLOB="00c59b006b1f105e78ae5c395499011cb56d0d3b3a637f10e48dcda783bba3867aecd475cfcfbca39ff3f84e092e17af1e4e173e2683e0a583fe4e993e88e3901ab99b7cb4382eb7b67599169fe5df05bd67063eba81c3f63c3f2619f0f63af4e693231df21a66a2e20e6fb96f854549bd698e813ada6b5b94c257e13cde9fbef9a92a480f3e33bc58e834fc31ec6468fe7acee9fd1634934f73138b15e35380a56ab38a032f007698f3a13ec6a821d012ba584a7925e1957816ce0c945145f147984deb410a5df29d92e2b24f3e3c2a259c0f33fffb163778464d40eda61bbe77f245f374c70ade7082f7c1eb280679eb42d20b06b9a34810cfc24f6d4effab6452", @ANYRES16=r3, @ANYBLOB="04002bbd7000fcdbdf250700000030000680080006000000000014000400ff010000000000000000000000000001060001001e000000060005004e200000050005000300000004000180"], 0x50}, 0x1, 0x0, 0x0, 0x48001}, 0x20044090)
r14 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000001080)={0x38, 0x1403, 0x1, 0x70bd26, 0x0, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'bond0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4040000}, 0x100)
sendmsg$AUDIT_SIGNAL_INFO(r14, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x10, 0x3f2, 0x400, 0x70bd27, 0x25dfdbfb, "", ["", "", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x8800}, 0x4088000)

1.915604269s ago: executing program 3 (id=925):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./bus\x00', 0x2000414, &(0x7f0000000500)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES64=0x0, @ANYRES32, @ANYRESHEX, @ANYRESDEC], 0x1, 0x2b8, &(0x7f0000000800)="$eJzs3NFLU38Yx/Hn5/y5OdEtiKCgeqibuhm6/oAaoRANCnNSXQTHPKux0ybnDGMRuZvotr9DuuwuqP4Bb6Kb7ruTIOjGi+gbnrPpmU6durml7xfIeXae74fzdZvybLCt3n/7rJj3UnmrIgMxlQGRmqyJJNeruv/qxwG/HpKwmlwd+fXt/L0HD29nstnJadWpzMy1tKqOXfz4/OW7S58rI7Pvxz5EZSX5aPVn+vvK0MrZ1T8zTwueFjwtlStq6Vy5XLHmHFvnC14xpXrXsS3P1kLJs92mft4pLyxU1SrNj8YXXNvz1CpVtWhXtVLWiltV64lVKGkqldLRuJxsg22syS1PT1uZHdsm0tEdoeuGW5103UytdTO3fAR7AgAAfWb3+T+Y9Xee/7OzwXE/8/+Zved/Eeb/Lqk13dpj/sex4LoZK17/+23G/A8AAAAAAAAAAAAAAAAAAAAAwL9gzZiEMSaxfqyf8m9HRSQmIqbe7/E20SXhx9+EfvZ4/K/3aLvosNAH92IizpvF3GIuOAb9TF4K4ogt45KQ3/7zoS6op25lJ8fVl5RPzlI9v7SYi0i0kW9ItspfODUR5LU5/7/Ew9dPS0JOt75+umV+SK5cDuVTkpAvj6Usjsz7z+vN/KsJ1Zt3slvyw/46AAAAAACOg5Ru2Pb63e/7C2KyvR/kQ+8PGGOWdnt/YMvr60E5185XVAIAAAAAgEPzqi+KluPY7gGKqIgcIt75whiR3m8jIv1xbzQXN0SkD7ZxVEVMRIIzepD4j414WynTxppBEen53bKPotf/mQAAAAB02ubQv4/Q19dd3BEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdPu98H1li/rdVo7BIPXS5y5L8gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Ef+BgAA//+4IRyf")
creat(&(0x7f0000000d80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x120)
rename(&(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

1.756991665s ago: executing program 3 (id=932):
r0 = socket(0x2a, 0x5, 0xfffffffc)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r0)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000100), r1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r1)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000000), r2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r2)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r3, 0x0, 0x80000}, 0x18)
r4 = syz_io_uring_setup(0x593, &(0x7f0000000400)={0x0, 0x4c459, 0x10, 0x2, 0x398}, &(0x7f0000000040), &(0x7f0000000a40))
io_uring_register$IORING_REGISTER_PROBE(r4, 0x8, &(0x7f00000002c0), 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r5)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000200)=[@in={0x2, 0x4e24, @empty}], 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000400)='signal_generate\x00', r7}, 0x18)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc094, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x10000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
write$binfmt_aout(r8, &(0x7f00000003c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r8, 0x40045431, &(0x7f0000000040)={0x0, 0x40000000, 0x0, 0x0, 0x83, "00000000000000000000ffff00"})
syz_open_pts(r8, 0x0)

1.520756579s ago: executing program 0 (id=936):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000004780)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYBLOB="030262254f372dd2f01c316024747921155fef93b7570ae427bd6449309404f4d0edc1e00a5033c18ad6abf4fb7cdfbc8c39cd5d4bcd130191231a930607dffd34d7a36090359418ccdb60e600585a8b8111bc38f18552ec4f1cb0bbe596161b0dc1bf"], 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), r2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xf, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f00000000c0)=r10, 0x4)
sendmsg$unix(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0xfffffffffffffe96, 0x0, 0x0, 0x0, 0x0, 0x20000001}, 0x40000)
r11 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r11, 0x29, 0x4a, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r5}, 0x18)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000480)={@cgroup, 0x11, 0x1, 0xe, &(0x7f0000000240)=[0x0], 0x1, 0x0, &(0x7f00000003c0)=[0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
r13 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)={0x2, 0x4, 0x8, 0x1, 0x80, r6, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x3}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x12, 0x12, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000184a0000ffffffff00000000000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000680)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @cgroup_sock_addr=0x20, 0xffffffffffffffff, 0x8, &(0x7f0000000880)={0xa, 0x2}, 0x8, 0x10, &(0x7f00000008c0)={0x0, 0xa, 0x8000, 0x9}, 0x10, 0xffffffffffffffff, r9, 0x2, &(0x7f0000000a40)=[r6, r8, r8, r13], &(0x7f0000000ac0)=[{0x4, 0x2, 0x1, 0x6}, {0x2, 0x3, 0x1, 0xc}], 0x10, 0xe34}, 0x94)
sendmsg$NFT_BATCH(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e74657200400100000c0a01010000000000000000070000000900020073797a31000000000900010073797a300000000014010380100100800800034000000002030106"], 0x1d4}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="ba17d71a12ee097c1d8056f5e3360335534f0761266184f4bfd65a6524662beeb5d859a19687ea35f89309940cdc77c09d03d0608944b3a4685c800eae", @ANYRES16=r3, @ANYBLOB="01002bbd7000fddbdf25070000000400018008000400ea00000004000680"], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x20040000)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000e00)=ANY=[@ANYBLOB="00c59b006b1f105e78ae5c395499011cb56d0d3b3a637f10e48dcda783bba3867aecd475cfcfbca39ff3f84e092e17af1e4e173e2683e0a583fe4e993e88e3901ab99b7cb4382eb7b67599169fe5df05bd67063eba81c3f63c3f2619f0f63af4e693231df21a66a2e20e6fb96f854549bd698e813ada6b5b94c257e13cde9fbef9a92a480f3e33bc58e834fc31ec6468fe7acee9fd1634934f73138b15e35380a56ab38a032f007698f3a13ec6a821d012ba584a7925e1957816ce0c945145f147984deb410a5df29d92e2b24f3e3c2a259c0f33fffb163778464d40eda61bbe77f245f374c70ade7082f7c1eb280679eb42d20b06b9a34810cfc24f6d4effab6452", @ANYRES16=r3, @ANYBLOB="04002bbd7000fcdbdf250700000030000680080006000000000014000400ff010000000000000000000000000001060001001e000000060005004e200000050005000300000004000180"], 0x50}, 0x1, 0x0, 0x0, 0x48001}, 0x20044090)
r14 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000001080)={0x38, 0x1403, 0x1, 0x70bd26, 0x0, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'bond0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4040000}, 0x100)
sendmsg$AUDIT_SIGNAL_INFO(r14, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x10, 0x3f2, 0x400, 0x70bd27, 0x25dfdbfb, "", ["", "", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x8800}, 0x4088000)

1.39708604s ago: executing program 0 (id=940):
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0xfffffffc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2, 0x4}, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r2 = dup3(r1, r0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socket$inet6_tcp(0xa, 0x1, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0xfffffffffffffffe)
r3 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r3, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r4 = socket$unix(0x1, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r5=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
vmsplice(r6, &(0x7f0000000880)=[{&(0x7f00000002c0)='@', 0x1}], 0x1, 0x0)
write(r5, 0x0, 0x0)
r7 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r4, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r8 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='tran=', @ANYRESDEC=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r8])
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10)
link(&(0x7f00000001c0)='./file1\x00', 0x0)
recvmmsg(r2, &(0x7f0000008840)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000040)=""/8, 0x8}], 0x1}, 0xffffffff}], 0x1, 0x40000001, 0x0)
r11 = inotify_init1(0x0)
inotify_add_watch(r11, &(0x7f0000001ec0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x105)

1.358915175s ago: executing program 2 (id=943):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYRESHEX=r0, @ANYRES32=r0, @ANYRESOCT=r0, @ANYRES16=<r1=>0xffffffffffffffff, @ANYRESOCT=r0], 0x48)
r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000340), 0x151c00, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmmsg(r3, 0x0, 0x0, 0x0)
syz_open_dev$usbfs(0x0, 0x76, 0x101301)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f00000001c0)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "69dcaf20127e9a854528f45826cb35be51ca73845d177dd8dba7221daeccfda56b75cfe286fdd14cb5b11b1cab614fec2236da7d88ea0f0700", 0x3f}, 0x48, 0xfffffffffffffffe)
keyctl$search(0xa, r6, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES64=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
sendmmsg$unix(r8, &(0x7f0000003580)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)="a1", 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r7, @ANYBLOB="0000000014"], 0x30, 0x40400d1}}], 0x1, 0x810)
pipe(&(0x7f00000002c0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
splice(r7, 0x0, r10, 0x0, 0xa85, 0xf)
setsockopt$RDS_GET_MR_FOR_DEST(r2, 0x114, 0x7, &(0x7f0000000640)={@pppol2tpv3={0x18, 0x1, {0x0, r3, {0x2, 0x4e24, @empty}, 0x0, 0x4, 0x1, 0x1}}, {&(0x7f0000000440)=""/16, 0x10}, &(0x7f0000000540)}, 0xa0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r11}, 0x10)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r12)
syz_genetlink_get_family_id$fou(&(0x7f0000000300), r12)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r12, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r13, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

1.245939246s ago: executing program 1 (id=945):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xfdef}], 0x1, 0x0, 0x0)

1.226370778s ago: executing program 0 (id=946):
syz_mount_image$ext4(&(0x7f0000000140)='ext2\x00', &(0x7f00000005c0)='./file0\x00', 0x8205, &(0x7f0000001340), 0x1, 0x60a, &(0x7f0000000600)="$eJzs3c9rHNcdAPDvzEqqZKuVXYqpTUsFPdhQrB+uqduebF/qg6GG+lBCDhaW5AivbGHJEDuGyJBDAgmEkGsIvuQfyD2YXHMLgSS3nANOCA45JMEbZnbHXla78lrR/pDn84FZvXkzu+999+lp3uzo7QRQWtPZQxpxOCIuJRFTTdsmo75xurHfw+/uXM6WJGq1/32bRNLIK/Z/1Pi5P3tIIsYj4tOzEb+vbC13/dbtqwvVWt2rEbMbq2uz67duH19ZXbiydGXp2vyJf548Nfev+ZPzuxJnEde58//901uvvfSP5c+qx5M4HRdHX1mMljh2y3RMx6NGiM35IxFxKku0eV/2miKEZMD1YGcqjd/H0Yg4FFNRydfqpmLlzYFWDuipWiWiBpRUov9DSRXjgOLcvhfnwcPswZn6CdDW+Efqn43EeH5utO9h0nRmVD/fPbAL5Wdl/HznyHvZEh0+hxjZhXI62bwbEX9sF3+S1+1A/ilOFn8aadPzsvRcRIw13ot0h+VPt6z3+/fvWeJvbocs3tONn1n+2R2WP+j4ASin+2caB/LNbO3J8S8bGRbjn2gz/plsc+zaiUEf/zqP/4rj/Xj+GXnaMg7LxjwX2r/kaGvGV2+ce6dT+c3jv2zJyi/Ggv3w4G7EkZb4X88Hc8nj9k/atH+2y6Uuy/jP59+c67Rt0PHX7kUcbXv+8+SKVpaa3VhdK/Jark/OLq9Ul+bqj23L+OiTFz/oVP6g48/aPzrEv137Z3lrXZbx4YV7q522TT41/vTrseRinhpr5Ly8sLFxYz5iLDnf2KUp/8T2dSn2KV4ji//YX9v3/23izxt6s8v41/5/9WE9tfUqadftv+WvSu5Rrcs6dJLFv7jD9n+7yzJ+eOHmn1uyJorEdvFPbH2ppNv3HAAAAAAAAMooza/BJunM43SazszU5/D+Ifal1evrG39bvn7z2mLEsfz/IUfT4kr3VH09ydbnG/8PW6yfaFn/e0QcjIh3KxP5+szl69XFQQcPAAAAAAAAAAAAAAAAAAAAQ2J/Y/5/cZ/q7yv1+f9d2TjU49oBPdfLG8wBw03/h/LK+/9O7+AK7GmO/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMBz6eBf7n+ZRMTmvyfyJTPW2DY60JoBvfbsfXy6J/UA+q/S16cBw+TxpX/T/6F0uhr//9j4csDeVwcYgKRdZj44qG3f+e+3fSYAAAAAAAAAAAAA0ANHD5v/D2WVxseDrgIwIL9iIr/vAIA9zlf/Q3k5xweeNot/vNMG8/8BAAAAAAAAAAAAoG8m8yVJZxq3AJ2MNJ2ZifhtRByI0WR5pbo0FxG/i4gvKqO/ydbnB11pAAAAAAAAAAAAAAAAAAAAeM6s37p9daFaXbrRnPhpS87znSjugjos9WlORNL/QiciYhhi701ipCknidjMWn4oKnZjPYaiGmlejQH/YQIAAAAAAAAAAAAAAAAAgBJqmnvc3pH3+1wjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOi/J/f/33kiecrrDDpGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBv+iUAAP//q+Q5KA==")
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{0x0}], 0x1, 0x0, 0x0)

1.225459398s ago: executing program 2 (id=947):
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x9, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0x4000000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @generic={0x66}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa}]}, &(0x7f0000000000)='GPL\x00', 0x2}, 0x94)

1.170431823s ago: executing program 1 (id=948):
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000000c0)=<r0=>0x0)
syz_open_procfs$namespace(r0, &(0x7f0000000340)='ns/ipc\x00')
mkdir(&(0x7f0000000580)='./file0\x00', 0x92)
r1 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'bond0\x00', <r2=>0x0})
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000ac0)=[{{&(0x7f0000000280)={0xa, 0x4e24, 0x4, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x2}, 0x1c, 0x0, 0x0, &(0x7f0000000300)=[@pktinfo={{0x24, 0x29, 0x32, {@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xd}}, r2}}}, @pktinfo={{0x24, 0x29, 0x32, {@private2={0xfc, 0x2, '\x00', 0xb}, r2}}}], 0x50}}], 0x1, 0x810)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040), &(0x7f0000000100)=@v3={0x3000000, [{0x5, 0x8001}, {0x3}]}, 0x18, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0)

1.169508524s ago: executing program 2 (id=949):
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
close(r0)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000ac0), r0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/12], 0x48)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
mknod(&(0x7f0000000300)='./file0\x00', 0x8001420, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x5603d}], 0x1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x4, 0x1, 0x7ffc1ff9}]})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0xffffffffffffff22}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
name_to_handle_at(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x1200)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r3}, 0x18)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r5 = getpid()
r6 = syz_pidfd_open(r5, 0x0)
r7 = pidfd_getfd(r6, r6, 0x0)
setns(r7, 0x66020000)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000001c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
syz_usb_connect(0x1, 0x72a, &(0x7f0000000200)={{0x12, 0x1, 0x201, 0x16, 0x6b, 0xec, 0x0, 0x19d2, 0xff8a, 0x243f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x718, 0x1, 0x2, 0x82, 0x0, 0x9a, [{{0x9, 0x4, 0x97, 0xf4, 0x10, 0xff, 0xff, 0xff, 0x7f, [], [{{0x9, 0x5, 0x4, 0x8, 0x400, 0x4, 0xa, 0xa9, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x0, 0x80}]}}, {{0x9, 0x5, 0x9, 0x10, 0x0, 0xb, 0x4, 0xfe, [@generic={0xd, 0x5, "e315c63fe379ad32bd3f34"}, @generic={0xbe, 0x18, "b490359c97db31917c18b02c50939ced60983d460b0bd055c0e482319fc331993b40c9ea12b203aef51959651c58d1052134c5d00fb10a13d9d92bcf735627aa11a810b41cda2b7ec0a2322cc1ba5f614caf27a14b360905aad6e6c59a302b7a3375eb9940cb121cc6df8cbde08189b5b43d3a184dc53f489a889dc2c4ac47ca182e72ab27a174659fb47edb568cf5edfa08e0a2ed0cfe1da798614885ae1a4337eed43d3afb0b41748fd9849ec2e39c7154845c9821aa11165f409a"}]}}, {{0x9, 0x5, 0x2, 0xc, 0x40, 0x6, 0x7, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x5, 0x800}, @uac_iso={0x7, 0x25, 0x1, 0x82, 0xf}]}}, {{0x9, 0x5, 0xb, 0x2, 0x8, 0x6, 0x7, 0xff, [@generic={0x92, 0x3, "1e0850cc86b16eccef1c4eb68a28ea3a0e3ed41a03d425a8d61626a4751b9ca8fa94a8a0633fd22ae5821617884917b5a7c27598892483a5ff8f93eba64ae281007633b29385668a47ccb2b7766bbf4be3c13cb3e70897cff085387bdc6e589b966c8f3c84cd268aabc6938f24397597b8ed42917f8ceac16cf81bb20dac0e033e45d1eb031f7a52c1b9051abeba4e82"}, @generic={0xf8, 0x31, "270712a7838a142a5976a0826e7d3293de14c3bf4cbe034117a5cfb4c4a22b70a246dca64dde8787506b53b984d4680d06786998d1ce66db4df486bf256f3c350578c3c4b223c79d9e4cec020108d97c31eea3bdcde3c5a377c02606ef3c9d06e3961397c2f1a50fcc084df66a8f83c777076a055c9a971204cb3a0e0cbba570b32b3ddfcaa2be71841237cb0f77b0d67f9f32875c69c07c5c8aca44373e7164a7fd3243671ce605164000bca494f5d865e312c48a6a7c7bbc403f1dc54688157f612518d3ce3cc46d18860dc39913aaa9cab108ee339503ad3e7d43585ef9a54b4ef8bf50df99d7e46814e3ddb696f06b43dfe14d3e"}]}}, {{0x9, 0x5, 0x7, 0x1, 0x8, 0x9, 0x0, 0x6}}, {{0x9, 0x5, 0xa, 0x10, 0x200, 0x9, 0xf, 0x5}}, {{0x9, 0x5, 0x5, 0x2, 0x19f, 0x0, 0x7f, 0x25}}, {{0x9, 0x5, 0xe, 0xc, 0x20, 0x4, 0x0, 0x4b}}, {{0x9, 0x5, 0xb, 0x8, 0x200, 0x6, 0x7, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x2d, 0x396}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0xfa, 0x26}]}}, {{0x9, 0x5, 0xa, 0x10, 0x40, 0x6, 0x4, 0xfe, [@generic={0x51, 0xb, "8108689440995a019d07615b957ffe2e862c2fbfd9fe6a66c3f092597963cb59bc2dba8b28c6720a5a89d6c89654c92b8142c3cc684cd1c46c19d09a9d5ec622b7d98b706cde7eb105fe8c910d4133"}, @generic={0xe5, 0x23, "8516cb3bb793ac49dd3d42565e0b3ce7c48077d49daed6f5f35099c9cabe77d648ddfd6cf1c76f17a230a9869fc0feacb102b8227b7b43ab351f7656d53ee33a483b911488fd0cdd73cfd16c958064134bf8bce5f691689bd6b180159acd28481a45b9462e42e8e8773ef3505710699a659bc40480f06e3c00cf1d2a338e8881b4ccfa66be1b198175a4c5a26fade253ff2f8e5d3a0d420192bfc089f356cb90e308381a6299161ef48f30dc5ba4cd9dee6dab809a16a532fc39c17991c3b8f0a8aa7c1a3e882b0978a7d8da89e32c8b6a7ff9404c7fcdf39d81716005d11ab5d8c779"}]}}, {{0x9, 0x5, 0x0, 0x0, 0x200, 0xe, 0x6, 0x43, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x70, 0x3}]}}, {{0x9, 0x5, 0x5, 0x0, 0x40, 0x7, 0x3, 0x7}}, {{0x9, 0x5, 0xe, 0xc, 0x400, 0x2, 0x76, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x0, 0x8c}]}}, {{0x9, 0x5, 0xc, 0xc, 0x8, 0xff, 0x4, 0xe, [@generic={0x7a, 0x24, "545f313c7199381dc4cc0a7750b9b6d0e457ab6ed26a1074130f724e2fafd2aa8304645995eba0a4844793add820034aa478e073e5432e892804585f1cf0d9a6f33924ea94b5823a73d661b635864241cf2cf4a591675fce86a9984755f19f4752d98eda2cb2fdb0d5906af01829fcfc7ea6406ab384c2a1"}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0x4, 0x6}]}}, {{0x9, 0x5, 0x80, 0x10, 0x20, 0x5, 0x5, 0x7, [@generic={0x2d, 0xd, "f4d1c52c7ad3e49727fadc8a5222a7bcde962d4328bcba6bfa8fb78740c639b433913b19794161dbf53ba7"}, @generic={0xfd, 0x31, "599460bc5cd8983da0cd00d2ece7ba3d3e010602f2a12333110020dab82356e857355b09c6821fd60c03b8727c342e7e2eae2c68e029d0ce519e0c9fc5b38cb03fb7fcf7ea8d230029bbec9ecaf55aef2095f383937cf64b37d82df99440dfaaeca54285ce03e2934854d58d24192213bc47b5d8f375f61036979bbdd8adc982c2689cc88dd686cdfaec1f777d48d73397c67bc2672ad9a28ebf3796e9152f9f012a7d0d65914536f39bc9f0e2e4d6559d3ff8fc5f2bdfe5066938324c02b2c8b9abdff5159f677142cfc1abb5c317cc09fa5db4f571ce164c8f0ed842eb31c7c94e79bb9ee48270ec72670b5885dcd9367999dfa3df602d14abb8"}]}}, {{0x9, 0x5, 0x4, 0xc, 0x3ff, 0x8, 0x7f, 0x8, [@generic={0x55, 0xf, "ca8ed2422fdcd47598c704ad8a75c38bae01889e55fb003473a3262917cc9c0251bf6ce14f0e03b1d1cea71b59a2e370a4e6a18e30014ff6d1a0e6b8e0b27752743071b8b887d74815be690f17f818f7f5d337"}, @generic={0xba, 0xa1b931e773b0e777, "bd523fd789522d28ac2cc7f48d43099042bd3e95d1dbebf73ca93050fe50790d68e87cb8df5a289b872d2447069faa7c2d43b9c70582dc29556aec292dc0b484986610c874a0af31e66d20b5325eddc3b462814e6244274a073eafc31b5d9bd768c0c7a299654ecc1f6dca94f3d0798cc6add218cd3a6328f94e390c52eacce86cd69c043f3c434d29dff84b9220f308b688946a647d188dcfbc426cc73072cb0baa5317381ef1713a739b5050fbe2f554f1fbd448084f61"}]}}]}}]}}]}}, &(0x7f0000000d40)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x310, 0xc, 0x3, 0xff, 0x20, 0x5}, 0x3b, &(0x7f0000000dc0)=ANY=[@ANYBLOB="050f3b000403100b0710021800bafd1410f3eedd016ebaceffffffff00000000c25ebf18100a0683000000000f0100f03fff0000ff000430c00000c96324a599cfc5f30e9795d14ac63f7d593e3f9d095364fa3a0d5138eea78c81a59d476f805bd51366af67477d84fdcecf5d623f559e4663abc4cc681709f6a63010f2d6caef31a1c3bb75966e4f533adb06bd34e3ca9ff12f91d6866ff9ad"], 0x8, [{0x4, &(0x7f0000000940)=@lang_id={0x4, 0x3, 0x409}}, {0x4, &(0x7f0000000980)=@lang_id={0x4, 0x3, 0x41a}}, {0x54, &(0x7f00000009c0)=@string={0x54, 0x3, "932527f7a3b850f0368a8d3724eaeb2ad1fed0d5389be392dbe3ae9c588d1e5ccd78a6c1fb8acc89b98ebc66aefd95daa0f46d2f42d5d542ccb1bfc273dcfd3b9c6f2d0ee66183c46df5bb7f413f495a93b8"}}, {0x4, &(0x7f0000000a40)=@lang_id={0x4, 0x3, 0x429}}, {0x4, &(0x7f0000000a80)=@lang_id={0x4, 0x3, 0x2819}}, {0x4, &(0x7f0000000bc0)=@lang_id={0x4, 0x3, 0x2001}}, {0xb2, &(0x7f0000000c80)=@string={0xb2, 0x3, "8822573ccda48471a49bf6a404196fc84a4ef6a97b4eb3c3b932d00ae5b2fad8b6047bf8338884b12ba0821e3855c8208b04cca15c02a32edc447d98b649e44333284a415b43b4b78a1ad701393c81119bac49805a6f4fdc154e86394c9a8e9af1ed3a5de20d4ba2e6c32ec36f18dda069f790d3f077a1964260e82edf6564c4c208cd2bf3fa1d391b60629dd5500c2245f5a64c63997f33b32e45344a4043c3c799251f2ac4faa835e604270403ed46"}}, {0x4, &(0x7f00000000c0)=@lang_id={0x4, 0x3, 0x459}}]})
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB="50b9035674561c56fb486128e96182376ef5bf844750d4fbff3ca7eb25bf35afecd7eaaddeca5a0b8776adf0490ab13d9df33fab94ee4ea1", @ANYRESHEX=r8, @ANYBLOB=',\x00'])

1.149767936s ago: executing program 0 (id=950):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000b8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x4f25, 0x1, @mcast2, 0x5}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x91, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
r5 = memfd_create(&(0x7f0000000a80)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xd9\x19\x17\xb0\xed|\xb3\xc2\x017h\xe9kL\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f2\xf7]#\xed,\xc7\x03\x00\x00\x00\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4R$\xaa\x00U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96', 0x5)
r6 = memfd_secret(0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r6, 0x0)
ftruncate(r6, 0x51a9497)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7, 0x0, 0xffffffffffffffff}, 0x18)
fsetxattr$security_selinux(r5, &(0x7f0000000480), &(0x7f00000004c0)='system_u:object_r:hwdata_t:s0\x00', 0x1a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r1, 0x0)
futex_waitv(&(0x7f0000001200)=[{0xffffffffffffffff, &(0x7f0000000240)=0x3ff, 0x82}, {0x0, &(0x7f0000000280)=0x2, 0x2}, {0x8000000000000001, &(0x7f00000002c0)=0xc3d5}, {0x2800000000000000, &(0x7f0000000300)=0x7, 0x2}, {0x1, &(0x7f0000000340)=0x1, 0x2}, {0x7, &(0x7f0000000380)=0xfffffffffffffffc, 0x82}, {0x8, &(0x7f00000003c0)=0x9, 0x2}, {0x2, &(0x7f0000000400)=0xc, 0x82}, {0x0, &(0x7f0000000500)=0x3, 0x2}, {0x8, &(0x7f0000000540)=0x46, 0x82}, {0x3, &(0x7f0000000580)=0x7, 0x82}, {0x0, &(0x7f00000005c0)=0xfffffffffffffffc, 0x82}, {0x100, &(0x7f0000000600)=0x3e, 0x2}, {0x6, &(0x7f0000000640)=0xe, 0x82}, {0xdc, &(0x7f00000006c0)=0x6, 0x82}, {0x5, &(0x7f0000000700)=0x9, 0x82}, {0x9, &(0x7f0000000740)=0x3, 0x626c42c34ffe4996}, {0x3, &(0x7f0000000780)=0x100000001, 0x82}, {0x400, &(0x7f00000007c0)=0x3, 0x2}, {0xfffffffffffffff9, &(0x7f0000000800)=0xe7, 0x2}, {0xfffffffffffffff9, &(0x7f0000000840)=0x6bcd, 0x82}, {0x90, &(0x7f0000000880)=0xe98, 0x2}, {0x9, &(0x7f00000008c0)=0x62d, 0x82}, {0x8, &(0x7f0000000900)=0x6, 0x82}, {0x5, &(0x7f0000000940)=0x7, 0x82}, {0x7, &(0x7f0000000980)=0x1, 0x2}, {0x1, &(0x7f0000000a00)=0x9e, 0x82}, {0x0, &(0x7f0000000a40)=0x5780, 0x82}, {0x4, &(0x7f0000000a80)=0x4538abe5, 0x82}, {0x0, &(0x7f0000000ac0)=0x4, 0x2}, {0x7ff, &(0x7f0000000b00)=0x1, 0x82}, {0x7fffffffffffffff, &(0x7f0000000b40)=0xf, 0x82}, {0x5, &(0x7f0000000b80)=0x7, 0x82}, {0x2, &(0x7f0000000bc0)=0xfffffffffffffffe, 0x2}, {0x0, &(0x7f0000000c00)=0x7, 0x82}, {0x10, &(0x7f0000000c40)=0xffff, 0x2}, {0x7, &(0x7f0000000c80)=0x86b8, 0x2}, {0xffffffffffffffff, &(0x7f0000000cc0)=0x6d49, 0x82}, {0x8, &(0x7f0000000d00)=0x5, 0x82}, {0x42a5b1b9, &(0x7f0000000d40)=0x7fffffffffffffff, 0x2}, {0x800, &(0x7f0000000d80)=0x40, 0x82}], 0x29, 0x0, &(0x7f00000011c0), 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
open(&(0x7f0000000000)='./file0\x00', 0x1607c0, 0x78e22799f4a46ffe)
r8 = socket$inet(0x2, 0x3, 0xd)
setsockopt$MRT_DEL_VIF(r8, 0x0, 0xcb, 0x0, 0x0)

1.11050484s ago: executing program 1 (id=952):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
request_key(&(0x7f0000000780)='asymmetric\x00', &(0x7f0000000400)={'syz', 0x3}, &(0x7f00000003c0)='incremental-fs\x00', 0xfffffffffffffffe)

1.110023459s ago: executing program 1 (id=953):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
socket$netlink(0x10, 0x3, 0x10)
r0 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
connect$packet(r0, &(0x7f0000000180)={0x11, 0x7, 0x0, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x14)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000180), 0x1003}, 0x38)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000001400), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xfdef}], 0x1, 0x0, 0x0)

818.642158ms ago: executing program 3 (id=957):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$KDGKBTYPE(r0, 0x4b33, &(0x7f0000000000))
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f00000035c0)={&(0x7f0000000080)=@id={0x1e, 0x3, 0x0, {0x4e21, 0x2}}, 0x10, &(0x7f0000003440)=[{&(0x7f00000000c0)="934217f70a12b86f2b9c9dd72da7a60ab6583a53d9994bad705f2b13907cc9bd533e79b82db3067dc5421691289f77ab31", 0x31}, {&(0x7f0000000100)="d28e15f01ee11499e5406c704dae7acb7bd08eb8397b8af257e020377e90396704cf1a4749f19fc54d62e39ad033dc9fba6c6be696c1283955abe30840935a300884ea2b55b4077a1c1f345cb2700c8f47ad3f28b6b1083f4168f681905d9e30a7c3ae2e0e868acc92f123d89aff43678f36c49d76dd560e032e752d171fb77b44acccd6ae25742f86bc263fc0a0a7d23e45d22f0d68f9d672858495096937482e73f59888442b5a91db080b0b7c41971a2f213dc431436e6faac980e68ad64622aabe16797d4596e23488210eef7de9140d61a63a5302309db83792ab78c622f5d47993e677d178b2b80dc05eff8b149ecfbaee8bebf235ce1cb3a0f7efb7d862d45305263a9faf2dbc326a1e301178529b36da03b41efb8cd8853fd0319deea2803e51b8aa7321c9e01b9c1ba532815b6db21a377d673df8a704d2acc1b185c91c69cc30732d2f28ee9dfb978fefc6fb1082133cc0f86616ddabbe68709562861ba903398e1d149e985d48a8fd66e3687f7811ea8d1d663e9d617b157f5d568ef1f71b1d2ba375da32e64360faafea6cbbfdd0ee6b9e39e48a01b3ab79576ecd4eae854e4a482e521e21d4f0d453c4cf8f7bd04a5b55051c9dc09fa2714b35cf053df30cec41f760c77e60526322781076233541c17c8f39add11c954e6dc70bb3d2de63957ba174bf1f9802766896ebb9d811ea260dca4e2b4b433c4db2754e46e3fadff248add10b8c364ef1d83db0c9bafd91ff5590e6e6cd6e5ca643ede1244156908436768456091982e728a7005bef6aee5681a0c870ebd1f555f80b1aa61b22796290f7bac26557102679df38cf992e0f470555cf9f9acfe8ee81c2551101a0f4505adda7834df96de23b113214d4e37ec48175f4bfd0dcd9e2646ab283c7c10389526ac8213731aff21f18c3f9d78ddd4665f820bd3b27d6bb2bb86e56e65385f6e5ba5918e7b424b8099f1b0c77643657898a9748a0b1318e05fb887ebe8956d528e7f63f755a9ee5d9db6b93a3b3d062fb4425d6f5967f0ade6724dc4cd25bb5f1034b60ed91bd3c21ab0ddde2e0465d6bed26f854290139be9609e152605515819fa6563756c07ee5cda56f83a72c2260b8589b8b72c12538fae86edf347ad69638c46f07db5dd98f57fa43cb7caa93b4d42fbbe9b49148091e7c7aefd6e2bfce3458d53049d1806a96dbd595a60e6c985f146e635c46c8fedcb38cd4c069aff63312020ab9fffa66d35e8beb0455124ce6b52dc21d2a0ad1de9171668c8df2e54b560f5cec810b63c0d8659dfe3f6ac74a12ccf4e3f26077e8352cc608000a758de7bdb8d3b7c68126c8f06922147d5cfc9704d74f24ba1a8fbbc510b1f3546b2823f49148ae97716d7a0090a816733b678458bb8bdafc3c68cd62aec0df74d8d5770c1955902ff44a2222ad3b3df9efd58e4d14980a14abeefabb63312a8f8bbe0c47cd44fd55fe8e2684b29dbcab1b9e3c66f5d9c80bb3b4d3e2628f936e19c17fd7fbded5e49d49710ca320f6f765cfe5968c9d2acaa19b0acd212f11253429934f54eb2bfadef5d7548bd9fdef891d5fa4186d9784f6b8ddbed07498571a696aa0a4b14e1e05aea56e8966c0be3fdd1adf70665f42e848f89fe27c888c89d03dbe47440452b2d13a81dc54e20f92aebb41e1514279177e67f3881761d062810d772404096c3fafb8ce5bd64f0660442d828ca1c13989d638c9915e736e5a047fe5fd443260cb4da48fa88f7574ca5fe8f4d06a2a130224f042c2933268de0489bc8a6a7df914ff62a5ef8b06456df893b234f010bce763a00876323122b348ee7501385013b4c6fb71209988b4192206acf8fed30250860ce40e0872e59212ddb2c094bfa1e71f48769533f28fb23f98746d7be8b34bc225bedffed6e7fab030d22849da4b76ae78edad688c7d135a22e8785525e991e8d72ab5e1ef7f8e307497fbd8eb7d519b276066fd96f90f7305f51266d78619ee1d85a3043c56f6044c21bacd40ef9ae28bc31b8c0f3d60b88c2672d98d0e712e4c2957be13b143eb84eb8bb2d2ac10f254fc9a9684f92f76ef70d46acc0848f33c8d8fc48545397246373b8c9c270ce76224cee671bf550f314203284f033e5dbf0a1c36815bbf206e44e051768dd3da898e4001fdf9b3f1d07d9f7ccbf5e24a2c28adf0967bd254b64b85ebb792e3b0530a2b8ab08e1f4b4cc6c426f26ba36f8b0c2314eef3dd3c1698f4a7964470cb879d8c247cad4c176a993e9b90fc09b582f73675a7ca642a4bb2cafeaaddfe6de5d3f91cf7c5bd88fd446b325e853a706adc1ed8f8173b1fa1ef2c75ab2478b76c89c7718d0a1dcb966970c3e49f32247d8af0f96bb0ba8f4a00d3e84a75cf8afac1a69afba226dc9bd9bfe498e18aa4b0adf22db24366f407e0129ed36b044883d80355ad9dcea38f9c592236c864edb1257033ed9e639a1694222289d2b6ee62c6f34f83c5225451b69e9bcf8470058745a05773fb9092ce7987087a02d578de9b5eff4613097b614f9522cb8e0c3ace12a6a2d1607ac069f582a9e90ba49b1987fffdf7f6c000d743ed472440691b79e5689ef90b939e314a0af786beb947ff349b9889b952c530e6021fbb9869600e4a30be8d5bb2d6d4f403bc94a5fb6b5a72833cba14c3f7dc7fa2dbba91409e765c052b3fab0dabfeff7cbb46124b36e28b76a68d113941cb9aedff78fcab849b7b923a561f1cfb7d57fe3065ccbf7a9b12bde3891eef5204b87bbc9c9537f548d9bf7c81f65356aec32299300e8f03915d157faac59d88dc803638876554dc7338b9f2d43ccd423a8a75459f88638b4e1722072cfd11689029faf9a9a3c0d37306cb30a67aca6f750c84de8b6967fbc9a3d2af94d4b31cb941521417eb3021a2365971b189ff8e67ec0167cedb81603668a82a9b01d669303d5f4eb132ffe129a84c85423168063713cf8a6f3127cb4048ccda5e4f1ac5e034725afac51c78511c6b1cf449d9c109113879ad8f73f3ef4f4b2eb7404c83537471cfb177f02794086319b88d697943626b596d9d4194a8a2e6b6ba5ef75a71c3266f27e982d742059f64996a4e4fdac0428444e9c83321289f0fe8a3378694bcf28f2c6f814272d18864aded483a04ceb625999a031dc842f6b7423f7f509b19f6801f6a7ffadfb0360d96e5e53f7809f6e15cff1cc1663aa946fcf10764acab4d5ae5d2ace0163f118eb7e78c5c696311446e792ebb941aa0c6d2cc56654835f11dbf150e18a8bcd084f3fbc8bbfccbdf25801b34b3f9a58b070f7f2d8e2bc00f383032c93285a79b96c8ff9bedfd525fe921682062a81df8cf4b6585babdd6ae9f0edf37ae11e09f3fd5eee2e93e673ced5cd03efb13af1bb130fdc43b119f330307b9c9410595f11d8e3200b578d51d5ada561309af93055a10788d40bc31aa909ad7b9bb7a1140e0c14dfd29a47cbaad2ee031810bdd9e281dec2f7f36dde0fe1cae4ad67d52e72c6a9a790b7b9778873528dbdcb4f50e427870e525baa7aa71b7da397a79ce6e36634fea7d5017d53c926ba161855656c31fcf27b0da65096ede0884b83cf874006618ec85bbabdbb326a44c47f3d3229aaca73a9114e420aedaa66e7695549622bd252305286bcf212c4f199f75be3b7a4a9084a53b3304678bd4f8a7ecb3975f43dcc26719a005afc093be184aa7aec893da672b16f84b098ce13c9468734d9e4a15d5fbc642b43a0876da0051e3903414890b9b2a907c53d98df1e0316c21cc3b2f8b2b28130602df881900a9adbf8d1f659c31f2d824cf8cda373cb1fb19488b787fc5538cbb19c2c1a3f90346ec9f30dc12dd5d16d7b5724a59829e76fa9271f7ae39906e568d8d8fa13925c9809e6db61dcd7fec6729fe254f6fe4180fc6cfe2ea29882501180ff86fe11c608529945ba95c407687fd261442e36724baf02e6d1f01711cea4e58a73ba6e1db075ca39e9f8041ad3a0822a8e7bf197b38d088f4e13f5fca0aba49dec337b98b0cd8613c76be1f1febee8cab49f94facccd15f2fd0fcae31146166a7955ee295fa93514a406f1267fbea816d73d4575c3665b02036d18f283dba82ba9dd0ae0939206aa07b1e30b75f7350168e83bc22688430dc45086709b6fc6f0d41eb86bd73304c68beb6eb374b3634a8bb9ea74544888cba529a8352c14537ad3cdf59a9cb64ae11323d9b022bcaf8f970b4daa386c28d12c550459a033385b1456c32b9272b903632bfd8c3715e4757d0a7ce17e60fd16e6c95a39d47417f122eff03ea72203f5d22a65a32b59befc8b4e9f35d41467792844ed9fb23b5de57964dc1054dd8dd5dec55de521a06fca27db8f9c80871f71caa1a18b9356f30fd859bb527beb1416e1a9ce6093cc19482593c0628c170284cb9c6d6f45c7e592d0dcf4fa670eba187e0aa62b7a0f369eb60d156579661ac3ed0fc1aee1a228fceb567a87af7e20ceab14ab5b0d71860f1313225452cf6458da5a489ffd88cc369b60441f79cb215b482813b6b7041d167b52d9e1d1db70d0fd0d757f1e70ccaf3c00646560ed762f4e66992cf5b4e277342a552a6471579830cf97f4f3c3340d3f9c2976bd89a4b99aef0e1c2eedcc1779277d95386635a1c615ad2dfc550e760587a558ea405746d9f5e6dc76cd41bb74ee0fa1c32fe98be227633164b785d92c2b830e0fc71238a6fe264b0b0960037da34c4bb97bfd08b977cc335e0a8969edba3817967762814ea2a077fe33395806d6ab3c5ee8d932b97a2c1e8214bba0364769d8b5156cbd2a9fa3d5df282939b1074f40a979e59c08852c64c05f89aa59241ad5eb439ff4bbe11a955f63ccb768dcee2e04a7fd7ee291015bf6a20f62329ebbe321e8e32bc4bc5c374ed65380d6306b10ec9fce2e5b130b250cdd7e967c598c398b16e024d7ee33e53dc69793ec818627cbbbef799c57691cf8ade09c444f0af8cc6b2b6f5a13cb0dfc38c4acf56b6e400ef087791a115f997be5eea026218344d83d2cb19d34d921d16faf9a2ff00c0991730c0c70723b12f0da4815896a789c581e10fcbfcbd795ee04371ce469c5cb6a28a83e8dbb57d68e4364845a40ceeece627f5024a7040359327ff6745aaba688938e494aa8dc74ec16246c37f705426e52debb5d2f2d4778311136eed57d3ded2c9e8502082f66113d0da2ae9d27941e374fb461566a4e153029b185e8b0ab6d0ab56a966d7cbdec52739501243f6a1918bedf18a101a5181fea250602f147fa246dbec8222ba1ff3479245dcb2ac21f96a84c28f13e8534337c34a391cef59f95dacd24999d158756c372ea57092595fc8a9a8e47b2669e7eacf3bf76a36db830c405b992b3c896c86f600d498ad81b204bcf912dc816ad990c6a02f0036520490e29bf02a3e7a29e0eeb9a94656ce717a24a73099f30d7d3417c3fde94ed1dbfa641cc47c0db69221166b91de083450ee2331d9bc786c45a5addabd7d5f744f4143575d1d4f06857a8858e19b385e6efea584f318543422dd1994a3798d87257dec0d2c05081fefe1a3d6261d38d04ff65358328533a6f71308b45ead8d1001b30093c3d99b848ae9a176bbe005712cf9c040d36d57ae125aa7a6bac608e52f24b685934cf83c9c3b0206c6fdbb66d66d1984e7c07faca286e3a3b9d0bc44bf532a0c14565fee4cdedc568be67ba393f9a96be3f3efc89540e2c5fc8850dcd936b6d3b9f93a9089de0ef826b59c556ab6c88b215d9f2aeea493590685a6767e95e96d29c52c4e42c2f78c38f399e8c006de607e2f7e1be3a31eb6d20b", 0x1000}, {&(0x7f0000001100)="6813ea1ec2697deb87f95cb4ac76158391f00658755cd042ddf16d2175def73cc77fc447d25437ca30a70ff3f1cbe3471a5b16a4f03b65017e1d8758a2344f8f2fc5ada7a44762d8a435b03c2d3f0e683549e9caa564e86361b0ea7283d3da5bd2df2e0eb0ed17dd4059acc14d997437f6b54a03040e2fab8a50e62076498fa9118d6acd9bbc1810581e26170f", 0x8d}, {&(0x7f00000011c0)="1ada897768c37c4eb0aaf05e99db8e2fbebe39", 0x13}, {&(0x7f0000001200)="937d7cb0cc7533129fb8bb994073b938b3f0e7f63be2969d4b4feaa30f43afd2b4", 0x21}, {&(0x7f0000001240)="f508f329e167c62841e3d44abc8f2b2e6e283a353e9b45a34baddb7c937181e9700cb3a6a0e10257798112196f86060c30a8274c93456dd928fa5088f3871bd1c426646522da3611f765442b5167bac2f0c6eb88f922c3ed893195fec85739ddc506cff791fbf9c191a1c93d2dc790d0d7102a44d07429b64b41e36b6546ef38c6ceae70a5c9b4d7f6469bb1c597f067339a8afe1a09cd510e65d85bf70a7acc41c87bb724c87f04b8eb861c33bc8a1a162a21c1e9b67b4e1367520a94aa33e2328259d4b78d4f95818322cfdff62aedc2a0a597126bff27068e7f87b35ef186d10d966a2b848216f0be3a8419a685310f7a03431352b84e5d1a0f3dc29c915eb11be807ca450f2b777d9a5de50f97764bbc10d858061e4cbb8ddc11e7f79232f46ce4a00bacb5ca8a0c2d871f1a5424a340c9f765f40c0e6ccfe100654d625c981724cbe08defd9bc1ce9181d346ae1ce4c77413e599109cbf1a0d5b42f75b3e9a66240f3afeb4f0ee7d1bfed6cea93e44aac467526e567eb57cd1880efbe1c08caa91204d6538a357bbfff4e0865a50bd291c0fe0edd9ef5b8b0189d4d904c1ce010a082abf9d4aa83c1a89ed4fbe7edb6a772f4ec47444b8b3fbde663649a0e08f50409041191f303a2b80b13c7bb3ad4b7a863e752fc3d25cb84a8832cdb29efdfb4ff48b4e9f2abf368eb140edbf954e170c6fe63b125a0ac526159ff31f35c14777b0a08035161283ee94ced787e276477b1dcd27af8123ab36e3e2dbd8d5ba9feeb72e0a7c32451595f97a182908e4873d0c96aeed1682dc0049cca2199d65269b0208e4c82260794f14d449d3e2eb4701aca30fe1c6cee9e08ecc55feac17559a90581d2eda03c5c65e05ee4db24dba0dc385236fde96364316e565b9f98f14d27787e5ee8fd703d9e86fcefc52f163d5872af7b858503b3866ad929cc6f38b49a3420d4043ae40180570f811207690ac2469983053f828affd7b2c1edbcae386eedadd9e514c86c8477333baa384cc57932ba5dd3d76e07fffa4b8e89e8455c7217be4943d9d7901b98eb5f76b4eefabecd99c24eca07ea7365e04fa4740b053945021b9cabbde00eec74155c141efd2ef7581b6ba46bbce91d2e20fbd7fc1c04007153fd1be219a9992bf05e33f2bc69eb9ae73643ac04b7511e729027f973f752e05bad0cec47678acdda9b9c1a66bc696eeb669164ca3183abf6b926357fb52af5a87cb6c9d3ad9f62111cfb9ace5fc7513d60c9b22354f8125350c0c4e64d9103dd422b71827e8692f99b689056413387ea2ecafdd58a00e29406eafaf7ca474b6c976e9e20e7f04ca87643b0770d2b3eebc5a4109931f60bf82875475cbaae96a76ad7ff6ff6ea6a960b9a02245f54549830b22d485c43943b05544b519cccbdefd892d6bd1064a056611ba8436b4fb6b402f3f274deace50840875571a6b8a143461073a5bf6e4dce064be6fff181894ea6db68a3437287821e5219280140884b1f0e5d77cfb0d869f5b280600457fdaf79c8a08b9dd67454df3ee7f2041dd48c932aab9719c62d17c67198bf715b0405fc5a5e4ea066bcc137b0149670c46cc04d8fd04d171efb291e1e9ee75b88a4eebab6693811da5df06dc5f98540406f1561b12312bbf57ba3e1993395b0b780d44570ec751f49a72bd0eed14077d0800911365fef23cf9e21c3bb5a15c1fa4667d9860ca70dac503669eb9c597c8efd2b8c010176798fdbe61c031623950de49390ce3c30dd4d450a2ffce82a9cddb33d95a0efcbcf5832596b1c92a4c34c484275db455c28e98e6dc699cf43788b24baeee6f573cced2ef80fa99118b73f3ca783c89a737d712f3a8bb58455ed9f5a6f636f48ed1a76ad32bb6a18925abc9d5c238e155c721b3f62523b0ff378c3a040885159bc248936eb09ce38a6c09ee023579a151ffcf916d18bd277d1047477a0b1b93a6d3a157c18d556ad428dc9e0d865b94cb96b463ff6011a3ba2e7cddca20a9dd013d13dcabb245f826270da27a6580db6db63d9680bcadb0c2be890132ee131b753ffec2443c8ea558daae5bbe79b75009072cec55847f93a0f3fb6a2c31ea25aba4670be6c3204bafc21cecc5df53e25556e8ce32ca7e1e963b498ea27be0151bbb76f46e172bf532a5d23c8e10893767accb1ed394365135ceb0eb9dfb114fc2d4d749104b07711dc6eb677ea5eff802669d7e6566d57064bc64de7a67e8337915de8083bd58dd9e3a941378b2290b8a431aeb2b38607bbb45e18ac76eef94c25c11272a17dfb7e7a432e77a3347bc63769099176725e40df5e61e22633ca40d48d4ac81c1d72d169538ec21e7c1a5d7edfc1979a6aee7eaf83161500e6c2301b6a44af34a9827b3ffae57d556baa296eea4692aaf90b5287804567bbd104a5cfa191f02f7d629a7e86ec9610883f8058babcae5cf3dc80c65217a609766cc317af6ef8e376e5e09697e4a55d7a87db6b95a4612b322b89fb3c91e42d0f1850e04aea2fc5c5da769a1b346d3098ab7770055f9b17d04400cafade2dd917678299496ad2b0f49e7bd45732769266bebb0ad99eabfbf04dd08d6b6ce103ec5f75fab645be025a837a9c58abe17875bbb315dea3f23738bdb875c05c7fcd2c115b87fc63081dcf19ab7f01a75b21523456740f507f393b4d3ef70667e8668a29ee92259702a0200376f81f9a0966efcd3dbd46bd8453d1a2c7be08adfd258ec40878f58df353058280d96b2072388efc1fa237aaa60170b876f3029b2606a7c4664df720319b7932b212256168be55e623a2c9b7637c01f5349ef2fd8d48c9c3acba6d37d483b2a11f0e8f33ef0bc2c2262e5dee65f9fdb188c8637386affb4a9baca9605f858bb58efad664373c3bc5f4b4bab3f6faa0d2055e2b2e634e614ffe775d29a2640225d2aab0b6c5c94e18f7f5680ec21aaa2faeba8bfaf69435c078027a970addffaa49f25c37cad74211b4e386997165e443e72f3543d2a07ac7766a84258565f78be81599893e8861a38c2739ea9d4c83e375968dba860c364e61a3e9a15530b04c29acad7d5247650a50586a0bee6ff7274f3c46064187e9265e9ba64ef85ae1ab857100403920b646683926a7417a5ac037dff117966031da22e1b5aa4b24fcee32b9217a3e5b816dfcd0568897a4faba11107408879c8896bbb1ec91d480eed35e872db51c096326428c7c05d13f713050a224a433d5cef2de90720d230e7c79f183aee0c9f15924b985f33b0b5991dd3c0e3f3d1f0841e1949545aae2735d3a518c4bc23eeb8ee1a8b8330b85964083ec25c257bf3c351130a76360f239008bc5459e3158701c102b0da6dbc33d0989a686834065d9f093f2ffceb65e37405bde0264a2736a4bf1377bc9203c56aaf756e2f3c76256efe43dd6920c9b91ebfeb8cdc9044dedcaf1583b42949d467e80da94198f813ea7db04069d280e48f372c3a8e7277eb6429c3b3c3f99863118992146ce800d653111ce659d2fc51194053f38864c39e895884f313235e387713ae638210ae0c8856f0021675829b7a770b231aa7d6e7769c654016e71e4a622b69166352bdbaacd6b9e371a7058d7c2f20abbc396ddc2d1ee95163b190e93c6f26cf31ed4e671b6c071b0a625d6848b43f0626fa8fc75ef65835d4da826e46892d94489d80a08af3b9c15ef088f383760917b58b16281fe5b3f8e95c859f0eb885329b924e054bbb8bdd56e05614ef297837ceabb7da19ee447acb3c4b0fe0945ba0931c7f1d5ba4a6995a56c843e7c7da20698b990b16ee7d9a5e5552645c099b944c7bf9882ad43f3d3d34c729df1c77336cce366c3505cbe8ba00f8ef28cdaa1f8ebbac8f97db907c062c4fe7dbd00aebacf0c086e09be3907503a7c49f4099ccdf30d596f37f62c38d3876593d39be793b6735146d3d5c76a2d56c821def7adf838eb05579dc861fa5067cbc551a82792a66f4b91f036a4c5df5bebb398f9d2fbd35af70f9df3cf4bc0873d0b82f9ab8d6d5d2f68deb390c8393dc9d13e9d53656af744850baa166fef222915b7c71906f9a6e16d2ff1c8191bc14701688702b5208c863174ddecb29bb9d7d669dc0b010983163a78743db110795ef22b2fa6c3b90ac3bf82337a8c5796380e385bd105cb6fb380b763039ca02a02c5c168a2645d58f5c5c39f8e3c05d78e27d086df57751f30b493d95199af968a7b26974ef67731bd5757435b8d42fe46ce4d6add069b5f2514eab534d1e19e1ba97513e2a2823262f8524694cb14ebcb6748acd666d141fa246190316ecd70cde414ad30002337b2f821d7dc64923b9ebc93a29f9520b7a248f3d905a093d799e35e72eff513b4d57da2bf9c41f5a46d7fb8d73259480d428c97ed250280a30eaf456831cc974e25b4d7dfd5f82163f57142f1cefee3d86eae4b5fac85e0d3c94ccb492d4f32d450afd9ce28e389739809f37243c64bfd4f581f0af327cbaa4d9dc8d5cf2ad6f0f5cdfaea25e4d6e7fdea351c91166bb57fb3240591c8357e7aa0a0129f5bddd67862bc5479f2a530633a2653e3fb16c0daf421032d24055fc779af24af987c5574eb6c51aebf9f10e47d13aa1339b1f5d25c3b9eef0f51f3fc501407730ecd8d34e05e534ada3e66dd9726181a7b5c13e4d1df2beb79203a318c0001f09e2569c4a867546404bb3f0ebeab87e4fce48afb0254e0637c73212d2a97359a8b50e8b02002fb9a6765925556e40d2dbf021c22de3bdcc7ec7c71ee618954a52667a27d7a82c325f889e637e14b2dfce740e995f8899f49024eea84d468f0e906eae82f0c77ad5afdedac991af4f2dcd4be7e6641e67d94083f75263103c66e1720420ced4bef55b4ae09b5d09674623d870558d4808bb35e21a0b83c878981fc0eb03b8b5d3b7581eb5e933168ba199801bf43a754846d94b4ec31cbc2290804889cf24ed10db5c9dedc353055bb26b91c938fec5faa02be38fe0210acb96dcd4375b4558fb62b47a5890135abe60c3f7d800dec4361f0eb05412c9f00c97d78d451d8a7706e68f151ae620212df5966be551e5781b9ed139b45bb3455fa7e5c2ea1e15245b06da57abaef7b95743b36ea75fd9ad636cd7c06803bca69c7b0b0f164147524d0a7dbd747d9360e5fba776762c6de0ab432f36957ca4c8f7b2e1f1ff2e2b6d06603dc3deda6187607850abd8d3123e67c4deed48690f88de4e8ef8993fb090082bf89adacf4df09351fb72563cfa4da70f1d557bdb9fb39c840fa8cadba30b35583d5c21611fa2e558765d47d5e86eb0ac05654b4aa5e7b95094b6d526e1c757d67f7084df6243e06ef5401d8f51158c53581732b7afd0625e6fca911608ad7848ed9a636e8382d3ed0d983c329d85b217e61c51f2aa1474a42ea15f6e3c940bc54951c687b52f2e4c59339ae46faaa9e926e5019281227c178d6bb32408aa92f788d247fc3cede6933305101fd1cf135bfbe98770a0482098209c31f565bee21110be2e31862e384430cc3d536f4a1104ac71609d4d937fffee0e12c0a2d336fb9ed32771676d4737812a91bf5369734e277fd6b183e4e1193d6f36dae331f81e4b38029dc7405bba3ea0bab7137e5c76e3bfb9b0d7d34ae5c8759a2dd516800697bbc8f9f042935b081e421a544cffc58d2bf47ea7aea175b724d048ad5334607ae02eecf9f50576ac8c9d493549a0985a76c2f7ef9ebad1d0f970ec54001ad79e38a29fb117269636d0202e5e0158be3b0795f736fc1af3ade89be4e8613d0a269bf5851925c61e344aa589d374ead5108824d333e", 0x1000}, {&(0x7f0000002240)="4d302bfd18076067704b85497ecd4d7b95694b1fa035abeeb18b26906f884c3677a505568dd31d7c65489aadb6ea8f48008ad00b99bcdf0d164d0e83182b60fc175e9c7da6630a019b76780be6b99165bc36ff848be621825433edac6c7052d0a6b38a6d3ae704d95d32ede6adb28a477d4cf008846aedfdea33bcf4463bb66b954e202196078ca34683d4d11bddee26c3e91f81e8069af3d2d286db2e805755cf73c6d876aad3d995bf665f6182702219ff7f2870528134db3493e65d833846f35bc5dd93d75a933253610e872e0b65437266b39fb1f383d1a1432434d9b264ef1abc3399369960", 0xe8}, {&(0x7f0000002340)="5aa1c549140f5be8443a91d427f71d6ab6cc2865ac5196197513b4b6a55956787272446a4fea25253d55dd3ce1da9cc68350a3b44a25a7cad5f725c38494e8745ebdad5825b93acedeb1ae517e4184723bf5002c7a5df66d9a4c561175297ec96075fcf0f435c5a4962845f57852b49f8a32a8326720ee778a2dbb5faea6d3f6bc8bd5a48221a7b1a75f70a7c372d53cf169b634930b9ca24bf7a67bf9e0ce4b1ed7cb7ec32f6b8415c2a75154b95057ae091adbcf07f0f34db457bf88264ae9fdafa2f869feea68fd6fab8c4bd601d7a4ae7215471587adb347f23634b4051107ec182722529fcdfcc25b45958ecd61df42368a92bee650b71b9f1a6e3f6040474d6a89344811c00003958e6b1fecb10545b921bb6214e5bd788098822ae6ec0a0624932e7625296e101d395d1288d5725d206279e6f8eb663e0356206b0498d7f5b906214c278dabea820874fef35be4206ce836af778955f28251bb3e99d6049756e47024b694a4e9faa81af876b207db71e43e2460c3bc9d88ac66c4d8fe1d588024c7d16c0d17bfd9a9113acd646644d70b1b2827fe3e7a7cec0c0c0c82f2dcf9fe351ddca83c08d6b39146ee51644938c79622cbe82b78cca9edca325b3e689a80980507747f34d5da13bb13f6556d02729e1d8958a3e47485ea7dc4e8845638ba9393058f311d35ef216870f95843a384bc7173c064034ffe8c19639e7dbd315c4e7bde6738beb592ec41c63c6fc8a4bf59a70eea37aad66f242b864c1287b5db3abae13c560ffab474b7bdcc498e3f6b868a3b02bd456ab06cb173965ca06885a5ec4cab8a17318628c1af28ccb1a81df63c095b26e184e2ae3b894dfda96980f79297bcc3e7c7a949d8a84fa32dfd0336073d2ca7599f9f017070e8244c46c0ce644a9e189ad96987038a5b4ec00ccb496e9b41043d835e3ef9ae2c21149cfdc455f705afedccfb2e917e4878f308735c2b8a76f493194bdc100f4fc7603a2cfd5cc66110706e45fba16abd8ee79a01a0867d91a13a948481e7b2d0812a11849446ce31b8138b38f7bfbab6523b8bcbc530365186d7992ecfefb48ed023c266b327f688830c55a3b8dc7012a8989900633e6f2c1c907d3eb9372ac3eb11c00ebe44100b59e237224625022afa859dfdf1c167948448462e697ac9c5b962b562bd265837c5188b003f391253d9922bfa448c3c04c72a31a0c68802f776373adc6507fd0a5ebc6ff0029bec8f92b6cb24e30b775535448049d32fc5b356c7c02b795b30ab3cc593fdb18a45e34645aebfa7c74fb0dc1cf1fad58b9b625108c72e1870fc462c8745f85c3255934c8dfcd3ad3cdf4df8313e8739c76783e0ced8799712c02f60ef3b344453c2172b384578505e1f83fe981dd50ad39f87150f0b62d20c9495517ae3a5bf4e4b181458362dadbb440dac350098440442ac924b3ac0e9a1d8725a5c8b2b74be4118d808eb58887e10220050b5426eeb38af7a421831066ab3ee60f26b90facd2d8031ed845e2c479cb4f0ce67229f0a0e8781333f3091f75199b2b9376797d97321085ce672d430e7bc3b15171819a3d88f100aef7a7623f375c37dbd1ee28cc571bf1bf6948474f234b4352b931b88e7ff17489205dfc548cd652ff9f40190fb0f41963247b6b45eeef1a776ffae2521a283aeca54acf473d9c70ea319bc84b46713fa25be6a21cc2227b069f433e680523cb60ef46544f8a334bfdb8760e2170bb0ddd10e81d53e6789ff8e3da4b43be76371f913dc9afc381ed802a4d8952fee4822da54d16e4e99d2d5d9229e6d7a6c2cb156fb82a4c1f4fa79302e29c34cbaa09bbe96ec7418cd0674a8683b840d09781235e8b44fdf20936e96b1e3d8a8c7971443b8b884fc5428f477ec78ac9daeaa437218a5fb7955c77b075fe159c060c30cfe0460c749d7714be707574b684445cbc39a9acbb86ac990b8d0f48ab58027a90b53b9e54f100640bb76550c50b0837f29b4d895804b17ec5771b91eb3e284b44684c74759cc16ab5e626eca56b572f7f8f06d0eec24077ca7b639c178fa35afa90fe0e9f93a04f8af69a2be7b2a9e4ed78bc6682b2ade97a06c8f1f76130907daf200dd9a2ee7b409aeb626956ed271094b6ab2807b2c1cfd40c7ea97812c1231a0db2c4ad9540fd3d73073f781f70f50f2c5cdb47a2018cd3554f300c7fa2884033761f1ba2638006af691462d88791456a9aca378bc41a8ecbbfd9b3841bd8b8546d4d3deb9b044a085835fbed6a27616c54c194ecf0c9a363ac3c4b107e1701fd4ea08268ac8134c63230652acfdcde7a6383aa334fc765cc59963414d30234c18aaedb9bb7fd227bc2d392fc23fda12bd6cd3b00371d1b543828d819e08de56fc7549701a7e0ef67bc8a63415c3e5d77b19e00c864e13f53be2ec5f125969cc2055cb27391f94c05911508804242a1f32d45fbcb8c11791f667303b4595e25b00b89ce05f092bbcf5771e8d5c9c0dbab748aaff5de0a90b3fb235d60405b8bfffc8a07122a31cab65e88c1b30f767dd944f0612e7f7288f5ce4db0a7b1dcdbb1391efdc2b8a0c011cd5463d7d091dea483004267901c0614c0e9cf70a5a87952be7142d784b7f4da1f7e4ffaa3ad16820420cf1b7bb551c35b572a7e0b0f7478514e6ec23a82e38a4b530f1635edcf3c496de029fbbf73d0fb0dda7ee6a94ba5bbe064018dd65b1e0d3a2dc538219d89bf8ca81285130b60064f4d14406f89296bac1fca57a5e4961e03138c51121835176ca11eb22ddf0503c29694014c8459ec4f052576d556b41a426312ad5f30398d9c094b8f2ef894b0f9278321077e40582e565fc73376c9e4718b3ba6f49baf18004b3cdb67ae5daa85aa342a220d5011015c1abbc4218d59668a8cefdf526cdececa7eec959556cdde3c2cbda0748c78e890a0a9761ca4dd80e7a5852a894233fbcce73ccf79c2092e84f4558fb1dc7e35eecda83b07687e27c6f6814a5f148ac62414a758b463739791112dbdbad946b1b60008b93858f2c3669b730a2bd15398e0704f1de832ca57d2b1ae7611455b650043a9f25eece56dd662002c13d67ff36c382c0ca20af7c0ce49adf0860ad6fd783316cf2b63a6022ca73bb1dbedfb00891083fb0980d269239193531f56d599c54d9ff6e4113578fd5660efc6e7ed868254fcec91b05a5e574624e210cad86937b138a19acb6853f55b70c223550d932e8d7ce297bef2bc9b7bb99c5462f3af11e32dbadf6ad80dc6f6627799beee21d9b0fbfb17efac1f57a0137ca167b981326c7828ab267bd65e8e6f6f9391c264a41cb222958327d13540f3aaea94cc01f1bd79f88ec133f1f44eb5312b26572e2bccc848ef029bdb9817420d4a5bae81e85e46621f02fc455aa0979b970fc9a7d0358291aef696b37b18685ecb64f0416ba9111f2fa5872e2fb3537d1aa4559dcca06fa0172fc6b4de8c0a798ed247b2dae0e010e6c18947cb61f6c4728a2b9608f3e8689276bac08027b6b03a2d2c59c2c3a3777544e3e17f597f629f58b4c5b3b10d13c7ef1f1fe7d40fbc8582c84198002b480aaeea88139f67b27bd057807bbcc44411910ab56835cb09fb9f012d5d76235178a5b21638ec8dc1d16bcf94cdc4110ccfe32d7e91d842f6c1860df347408642af32321f31f4ff53b62ef3b2dcb18b70cd5c1fa3597f85edaffbc018c47b5038fc79f4a31cec359f59f2a5074ecd2528462946ee361e70c2813c37a338e780f9c64869165877e6a46a291a6900d4e3ebc8dcd1286218410c180fe86a4889bb9f468c778e590042f190ff50bd3898689ad138c40c228533154988da446b74db771885479dab5fd6699e09a87bd7724994845a691a68e91fa19dc94be1a611ad10c1854a216bf331e2818dc61cda01e18baa3f9cb6931ddf90b7eacdc5196db35bf0ad4cf571f8002382f5863479c41cdd52f27fa8c1c19fedbd42cddfb3828befb7b793376ca3f796e7f69f8a3de1613ce25b1ee5a7dc4fad28b6f584e26dcaf51df55c1ac502b809debf1c8048343d27f30980995556d7101e8e883b641563163c25b004feda41b942bd8eeea6315de7e7ff36801ed67889f24da1b6fa6c8804832e371dd498960a816f5e115424d2a8e97267b0c67be4880c13ba5cd5790d9f0244b33fa6c177e4adea748c770aac41126e6dbccf4cab2d865cf1527aa280f75c153ac85ae7b66e4ba0a7060133bdca79b450efa4fd6d10b53c9b80ca2de4589780afb3baf074b6a157711c2728a35c175838c549c451fd4781df21b5fb110131316dcc69e69afa451d788a65791dca8bb7621b818c619ef5cab8512559d4f39edc4a3b0ab8861277e8d8d6c3abfb1e666278136f135421c41450625dd158e681d63c9e3f273edf05ed7cb935ef7182d43d1543eed4bf4d8ca6f0a490738c37d6ed819428cd1942e0660ef3f8385974b736eb184ab9e44d5843daec54d992c69daa057f6caca849f5c1d27f8b0b6947e7a09cd8e6179f57908f52a551ea7781db1b91a9b5b5cfaaa70fd6871e50e9cafb21e81cbf3cbf27d06e0338f7d74398cb07117a98f4ebf5203b64402fafdad710a2f360e6cbaa37aa8353effd922d8412e2dab9579b91d739cfa59c65be09ad3578a901dbfbfc9cc689b1c995e2b7f9d89ed691c58cb5e2fca84f07ca2e85f24a053d8051acfbd4831f51e40f30e0364fd3550d7b57e60fa89e468fd36efe695df7f6a3142a6a23dbb3da7ee870ccbca3b093d41690f5e5bf9a212a643f6d03162e9cdfbc1eb7f6b9c3a28616f94b72301122873bfef8423302db7a68ad40df3a46864365b8aad695ae45c2867428013c5a7e47bc3250dc43e7de18cdc6067521bc8fbd4bac49d0f0eb46c4dd4600874d33cb61eb9e216e16ad0faae99f127a8b5bb4e7009cc5de293f3b3a9c716715f0ab36d6f700e5f1d55f5ca96a45cf3b87f1873051118eee42d1e25eacb7a45df557b0d8097cd62ba70894a804c03b17067a9391254c13adfae42c7b05634d1bf1e8b85fd353d0aa773b1638c44223da58364ba5de70ba4c4ffdfab9ba5b15e21774cd9868081b37853a256317cd0b69eaa0b30a0ae8689b3c342f10bdb7b785f9fdbba19398e11b7b4cc001979bccd414ec75dda8689e4d778ebbd71585309e3483faf6b64708fd04325e180f24b3c729923cb403ad8dfe1cfb6400d44da0dfab7471910bfbdb12bf6e85096e81928e73b46ddd5b106424e0944a2bfa16ac984b5e4aced48a7b4fbe7da48ca45ed8d4c45287ba46aaebae150751a01e65c6e9580cffdda419efb64438232362e5f62e5cdbb38190db5e3e45b03bb172fd1c5cd59d60f3dcf96b74a025416d5a15ff8c0e9220a6ff98d466ab09ade6927c52063298145956e4e6caadc17b3acbff2e483dd9f5678c827bb1088a641e1017eaeee179b0e49aca75ea87a43e1a59952236850ad5b454024fb5bad91a12f545411e4cc55a0a95acbfa26ae1d084ceb764ed0e92ff87ad9035a7a53d0665e45f859562fb7e3b6a6e5b8ae5b69676059b877aa362044ca3b22b8c1c56165d48ff5b039a8eafa80bf9ad268c538b376fc2b70ec7921795cb761fa6d699dd6d7a3b3e363f0788846e510613bf01cebe6b6719c2b6d82e06dd9c71250360f3bb85ffc108f5f6e9b3a94eed2eb0e081ba5d5f44f13fee5055965ee0756489fab9a79af72278cb137fc3f1a7922623d9097789723e09655aac9016ca6c6ff6ea2eb36aad4ccfda040c4510f6eb03baa49785b4e6dd61e78f14e62cb31ff9e8fc07ac33051ee374b0fc787", 0x1000}, {&(0x7f0000003340)="05523de53df4372e078aa01f619a8b8bc6", 0x11}, {&(0x7f0000003380)="20df3278e45e2df312a3de6be5f711ee3305c5798e0567f56b94aaa86875ce5f81bc356c5b6f2d2eb8e3abcd2bb65dab80839dddbbe914cac24baab78d06050c11b7d9eff70fa6c44bef9a0b641c92e1a545945a45d98aa907484e96abb6438ef1758a0fc8343ab3eac818af3969b74f9470f4312a4e530fd0c9e7da27ae8d443ac054e46a1dee44de6897557617902d039b6faab32aafd51373cfa1a14f16607fe3ee065b17f6c416171afd3e", 0xad}], 0xa, &(0x7f0000003500)="a196ad6e6987e9028168836705fd3102421cd9c54242f371b6688da04839e8d8c3f619f47944ab720cf0bf2655ac2fd4c9e4eea51c5333ed5d307482d1c6efda26151faa6f651c7c6b0da115c16a6cb703c2900416c76fb519e48de0dd76cf0c189f1b9beecd2681590d8f06c46139b35469eefad39bd543d83f86c01b228d516540120cb2e8f65674f433736c975f292f71b478c932c07120f325fa6fac9e5f3420299c5255e7e8474b479d054be636b62960", 0xb3, 0x40}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x18)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000003600)="04aee82a67972a5db7dbec1f23b4d51894aeaa6e6fe5dc95d954c5138cefd06828d573ad261184839b1571d94797058726f6b06df964bd599f53ebb3a39e6d8a5ca5b01cba83069e9ddb0098e4e95355888fb3d89944f7ffc841fa812424dde2d3ab75b822f4b379142d6c3f9e4c4da1d1e26ca437f58d6fdea558e304dbe358e6afe0c9db5bdfe3fb83c9", 0x8b)
arch_prctl$ARCH_GET_XCOMP_SUPP(0x1021, &(0x7f00000036c0))
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000003700)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000039c0)={'syztnl2\x00', &(0x7f0000003940)={'syztnl0\x00', <r4=>0x0, 0x29, 0x81, 0xf, 0x9, 0x1, @dev={0xfe, 0x80, '\x00', 0xf}, @private0, 0x8000, 0x20, 0x3, 0x5}})
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000003a00), 0x4)
r6 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000003d00)=@bpf_tracing={0x1a, 0xa, &(0x7f0000003a80)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xa50}, [@map_idx={0x18, 0x3, 0x5, 0x0, 0x6}, @tail_call]}, &(0x7f0000003b00)='syzkaller\x00', 0x7, 0xda, &(0x7f0000003b40)=""/218, 0x0, 0x25, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, &(0x7f0000003c40)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000003c80)={0x2, 0x1, 0x6, 0x9}, 0x10, 0xf286, 0xffffffffffffffff, 0x2, 0x0, &(0x7f0000003cc0)=[{0x2, 0x9, 0x4, 0xa}, {0x5, 0x4, 0x4, 0x6}], 0x10, 0x1000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000003dc0)={0xa, 0x11, &(0x7f0000003740)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@generic={0x0, 0x9, 0xa, 0x7, 0x40}, @ldst={0x0, 0x0, 0x0, 0x7, 0x8, 0xfffffffffffffff0}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000003800)='GPL\x00', 0x7, 0xde, &(0x7f0000003840)=""/222, 0x41100, 0x6b, '\x00', r4, @fallback=0x34, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000003a40)={0x0, 0x10, 0x7309, 0x5}, 0x10, 0xffffffffffffffff, r6, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r7 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000003e80)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(r7, 0x4004662b, &(0x7f0000003ec0)=0x6)
ioctl$FS_IOC_SETFSLABEL(r5, 0x41009432, &(0x7f0000003f00)="832408b7e6bd20b2bbc6c5d3e4f91848608e79f992ab104f4b455dd586e2865a2ccd508ac4c68369cad92169222779729968a435634fe37c197242030e4bfd871c1c0ebc5a7593e1536870ec689c1b3f14d321e5bc6ed71270cf64f98c23861161e8730bcbba6824a57427b8cce19009305d71c8fedd5017aefe8f939e96bbeb8a7bcd083fa3abd5cd3b81e061e51b352d8f91d5d56cda5b34d4194795f28a6392c3658b00c58707fa591d232d9689ef88441cf078467ed7db627cea5efe2cb150d53823a3716fac48b56da2b325ce1faafcd293bd956daf17a2b89a48b46ccd0e35b469793e1e33fbc48e54c93e29da1635b0e4c7245d470cdc5c9228b04add")
setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f0000004000)={0x0, @in={{0x2, 0x4e20, @multicast1}}}, 0x84)
setsockopt$MRT6_ADD_MIF(r3, 0x29, 0xca, &(0x7f00000040c0)={0x1, 0x1, 0x7f, r4, 0x7}, 0xc)
sendto$inet(r3, &(0x7f0000004100)="bb7c0258e406a5d169abca9f4e69fc81768a41e4ded7cf810937bd59617df846985bfa88a0cb3e8b6f0ec316ae1dfba10b533767a7c738fce0e3d28259d2238ac65cbca9833848b8dcf8c21ab57ae7", 0x4f, 0x40, &(0x7f0000004180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x40}}, 0x10)
ioctl$TCSETA(r3, 0x5406, &(0x7f00000041c0)={0x1ff, 0x1ff, 0x0, 0x2, 0x1a, "8624d14ad890834c"})
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000004200)={0x0, 0x3, 0x8001, 0x3})
r8 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3000001, 0x10, r8, 0x180000000)
r9 = openat$vsock(0xffffffffffffff9c, &(0x7f0000004240), 0x200400, 0x0)
bind$inet(r9, &(0x7f0000004280)={0x2, 0x4e21, @local}, 0x10)
ioctl$TIOCSWINSZ(r3, 0x5414, &(0x7f00000042c0)={0xfff5, 0x7, 0xcd64, 0x78})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000004300)={'syzkaller0\x00', <r10=>0x0})
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x5, 0x4014010, 0xffffffffffffffff, 0x93842000)
pipe2(&(0x7f0000004340)={0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x4800)
bpf$PROG_LOAD(0x5, &(0x7f00000055c0)={0xb, 0x2a, &(0x7f0000004380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffffb}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r9}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r11}}, @exit], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000004500)='syzkaller\x00', 0xffffffff, 0x1000, &(0x7f0000004540)=""/4096, 0x41000, 0x3a, '\x00', r10, @fallback=0x21, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000005540)={0x3, 0x1, 0x100, 0x7}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0x0, &(0x7f0000005580)=[{0x3, 0x3, 0x8, 0x6}, {0x4, 0x5, 0x10, 0x8}], 0x10, 0x8}, 0x94)
ustat(0x9, &(0x7f0000005680))

818.167039ms ago: executing program 1 (id=958):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x10, &(0x7f0000000800)=ANY=[], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000001400), 0x208e24b)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xfdef}], 0x1, 0x0, 0x0)

757.819495ms ago: executing program 3 (id=959):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xfdef}], 0x1, 0x0, 0x0)

757.401085ms ago: executing program 3 (id=960):
io_setup(0x9, &(0x7f0000003080)=<r0=>0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x5, '\x00', 0x0, @fallback=0x46556b34e8e5276f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r2, @ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x24, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x7}, 0x18)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000007c0)={0x400000000000000, 0x0, &(0x7f0000000700)={&(0x7f0000001900)=ANY=[@ANYBLOB="020f000015000000000000000000000005000500000000000a00000000000000000000000000000000432e0000000000000000000000000008001200000002000000f1edc4ea00000600000000000000000000000000000000000000000000000000000000000000fc01000000000000000000000000810005000600000000000a00000000000000ff0200000000000000000000000000010000000000000000010018"], 0xa8}}, 0x40080)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='kmem_cache_free\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000640)=[{0x200000000006, 0x0, 0x3, 0x7ffc5ffb}]})
setuid(0xee00)
stat(0x0, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r5, 0x0, 0x7, 0x0, 0x0)
recvmmsg(r5, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}, 0x7fffffff}], 0x1, 0x12061, 0x0)
fchown(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
readahead(0xffffffffffffffff, 0x2, 0x8001)
io_getevents(r0, 0x1, 0x1, &(0x7f0000000000)=[{}], 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
r8 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r8, 0x0)
ioctl$USBDEVFS_IOCTL(r7, 0x80045505, &(0x7f0000000040)=@usbdevfs_disconnect={0xffffffff})
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r6, &(0x7f0000000380)="79eba42f49d2b592470f99e1e5ccb0fb410f7bb4f86fa87ae4152da7e9094f5615508d33490c18dea841397a568522d0e68a3262e38ab322de7931e4550b8b81fb6fafe99499e1ed0a09179d9118850b40bc75ed22b6c776242d6008e400b9c27b88b911c374f498a0f749d8f6a4786b592f1956e452de0a71a3e5b0ea84e4bd420fc97697362980f1abcae9ceac1712df13f8cf5a5165199d3a7b739e10bd883ed405449e2700fd28a72bb48aa9a9eaa6cac2516a90985a62f5b0657d073ec50afc202282f739bc88643c79f431241384d42ea650"}, 0x20)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x0, &(0x7f0000000040)})
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000680))
io_submit(r0, 0x1, &(0x7f00000001c0)=[&(0x7f0000001940)={0x0, 0x0, 0x0, 0x7, 0x2, 0xffffffffffffffff, 0x0}])

560.609314ms ago: executing program 4 (id=962):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_open_dev$ttys(0xc, 0x2, 0x1)
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
ioctl$KDGKBLED(r1, 0x4b64, &(0x7f0000000080))
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'ip6gretap0\x00', <r5=>0x0})
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000280)={@remote, r5}, 0x14)
sendmsg$nl_route_sched(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x2000, {0x0, 0x0, 0x74, r5, {0xfffd, 0x10}, {0x1, 0xfff1}, {0xb, 0x3}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x14004804}, 0x8804)
dup2(r3, r4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r6 = socket(0x2, 0x80805, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000003c0), 0x4)
r8 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000400)={0x0, r1}, 0x8)
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r10 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000300)={'bond0\x00', <r11=>0x0})
r12 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r12, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000840)=@newqdisc={0x8c, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r11, {}, {0xffff, 0xffff}, {0x2, 0x9}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2], 0x0, [0x5, 0x4, 0x2, 0x0, 0x1, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x8001]}}]}}]}, 0x8c}}, 0x0)
r13 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1e00000000000080050000000800000018060100", @ANYRES32=r9, @ANYBLOB="0200"/20, @ANYRES32=r11, @ANYRES32=r7, @ANYBLOB="0400000005000000050000000600"/24, @ANYRES32=r8, @ANYBLOB="fc5d284dcae5b2ab487d5d044427ed3e0f522ad2ef6f2b7ee58272d6cfa47f2db9b57dedc861f55c8d2c0c06e18293b2e801124bcd5981dee898beee4ef2ca3f1ff8990ceff5d0be0694f3a3546359dc7a321398eb6fe56a1b488ee84434f324c6a9d20a75f37c68f18d5ecb17412f935b3147ba34767ded0eff64215860e1945a9b9f31db381cf8fee825f1d8fcc64d44e01a77069b5ddaca04cf666d70388a9651a60df9126ff82a6391faa6705252e174564b7b1d30b90e34f3ab9dcd712fff500480cd7d20cc"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0xca, r13}, 0x38)
sendmmsg$inet_sctp(r6, &(0x7f0000000880)=[{&(0x7f0000000440)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0)
sendmmsg$inet_sctp(r6, &(0x7f0000000380)=[{&(0x7f0000000140)=@in={0x2, 0x4e24, @multicast2}, 0x10, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000300)="359cb6", 0x3}], 0x2, &(0x7f0000000000)=ANY=[@ANYBLOB="30000000000000008400000001000000000000000c000400"/44, @ANYRES32=r0], 0x30}], 0x1, 0x0)

525.900868ms ago: executing program 1 (id=963):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000002980)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f1988536d4b5888807b3aaafaf59f53121782a0a9370dc0feae13c8c2a1dcc8a3122aaa3dcd5b9247a915378e6492e5b94073dcdc87e7c794fb262a7e9ee0b9432f74331c6e9412ac6557c54c6ac72bc24ff70ca2f8ef53773c5cbdf4a583f81fdc8719dbe967b0690a3ed3f314c3e2ceebb3e29d00c2c1053d1e8b32d8a8be1bb9786746e0ee564306c80d7045747165005fa3528b5ac1e35e03b69cb54111dfcebc6d585aacdd57c351ef1aa8050274b122a21b47432f17a0cacfd9524d9cb09029e4daefaea47f8cd5a4f1dee71093ebc076363e14f78dd3b129b4b3ae5a7a085297416f1f1a8aeefa517ed1525ec76469b8b469851cc56c6016d9067dac3de3818856014c98ce8f36dac4d8cdb1f25e3c5de7bdab78066d2418c12e0acde73c05fc80a0658c7fbc52812a8423323a80e8a968e0ace13290fe8f862c1e7233c26f73ca24e5e441dd406e136df3a3996865e0693d955c691c675c3f6191b225d82ea4c6a7b2c1ed690c17768cd2b21ab0ac2ca7673eb9c00d635e146555db84b8a9061c3ca8bbefd2ae2b80f4a09561a098815c1357c4a7bca20712834842f171f5872668e88c7fcfe0bf526adcc84c5b1d7ca1b6486f25a2de3a52546468652e4e1ea8bee54b2f45d25173c2e3539f2a3642d825bdff3684ca6d0236cdd1cf93086b4574c588bb30275bcc87cc28ca453dcd07e3b2de929e898f0db8bb69e3725b2097", 0x289}], 0x1}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000e00)="61506eb07117164bdb4ee7ac0a137512738cac7ddf83039c6483d715bcafc5c4f7feff3c5f7c8d0773bb7447d33297aaf2f9e2b9dc15752fdb623d0008f673f7a04836a22be782e61cc35bdea0abd69a4726afa107f95b8922be17921a894c90310251c043c6ffce40aa34acd2ddccc0255708feca96f2563c7318556f4ef40d02bb5cb1", 0x84}, {&(0x7f0000000a00)="449f6aed247d197178d7f0a82e1deae14825b22ab6c0ec1ca0c27cd21d8a486374b780581aac75a2f848f285c99133f0435497bf6ae25625c6", 0x39}, {&(0x7f0000000f80)="da272d98f0f8962c15832ad9fc3fe69499698607da01faf3742d6a27555ae47f444bad1ea77509fed4623598addf131c04811469c810db02e91468121899cb0cfaa6d06d1cd876e6a0bee56f2bec7b61a5", 0x51}, {&(0x7f0000000040)="09bedb", 0x3}, {&(0x7f0000001040)="cc5a4dbac0affd0a979c63ea8352d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662defd28f78449f073bad544f586136c5076a6f0f1b6fc9adf80557eb44db1b41824e9ef104c95e999766bbf27d74ad5d8fa63210cde65d384dd3e87c3fedaec3144d1ee66a0eb0750363e346cb930dae6109df6b9955bf8af119b5c9a86622af4ff8b5949fb90f8edbde416d046d61512fe4c453bb601a780e1bbc00dbedc5e50d3cd9bc920810eaefd5f9a171e9d32ab46b42e3e78c60087318bab42e94653cbd9e52fba37c5a31d095500e91d02256f101e82447e34733220cdaaabc947f5b815080b5214c", 0x11b}], 0x5}}], 0x2, 0x480e0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

442.969426ms ago: executing program 4 (id=964):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
request_key(&(0x7f0000000780)='asymmetric\x00', &(0x7f0000000400)={'syz', 0x3}, &(0x7f00000003c0)='incremental-fs\x00', 0xfffffffffffffffe)

423.920728ms ago: executing program 4 (id=965):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000004780)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYBLOB="030262254f372dd2f01c316024747921155fef93b7570ae427bd6449309404f4d0edc1e00a5033c18ad6abf4fb7cdfbc8c39cd5d4bcd130191231a930607dffd34d7a36090359418ccdb60e600585a8b8111bc38f18552ec4f1cb0bbe596161b0dc1bf"], 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), r2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xf, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f00000000c0)=r11, 0x4)
sendmsg$unix(r7, &(0x7f00000006c0)={0x0, 0xfffffffffffffe96, 0x0, 0x0, 0x0, 0x0, 0x20000001}, 0x40000)
r12 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r12, 0x29, 0x4a, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r5}, 0x18)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000480)={@cgroup, 0x11, 0x1, 0xe, &(0x7f0000000240)=[0x0], 0x1, 0x0, &(0x7f00000003c0)=[0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40)
r13 = socket$nl_netfilter(0x10, 0x3, 0xc)
r14 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x3}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x12, 0x12, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000184a0000ffffffff00000000000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000680)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @cgroup_sock_addr=0x20, 0xffffffffffffffff, 0x8, &(0x7f0000000880)={0xa, 0x2}, 0x8, 0x10, &(0x7f00000008c0)={0x0, 0xa, 0x8000, 0x9}, 0x10, 0xffffffffffffffff, r10, 0x2, &(0x7f0000000a40)=[0xffffffffffffffff, r9, r9, r14], &(0x7f0000000ac0)=[{0x4, 0x2, 0x1, 0x6}, {0x2, 0x3, 0x1, 0xc}], 0x10, 0xe34}, 0x94)
sendmsg$NFT_BATCH(r13, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e74657200400100000c0a01010000000000000000070000000900020073797a31000000000900010073797a300000000014010380100100800800034000000002030106"], 0x1d4}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="ba17d71a12ee097c1d8056f5e3360335534f0761266184f4bfd65a6524662beeb5d859a19687ea35f89309940cdc77c09d03d0608944b3a4685c800eae", @ANYRES16=r3, @ANYBLOB="01002bbd7000fddbdf25070000000400018008000400ea00000004000680"], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x20040000)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000e00)=ANY=[@ANYBLOB="00c59b006b1f105e78ae5c395499011cb56d0d3b3a637f10e48dcda783bba3867aecd475cfcfbca39ff3f84e092e17af1e4e173e2683e0a583fe4e993e88e3901ab99b7cb4382eb7b67599169fe5df05bd67063eba81c3f63c3f2619f0f63af4e693231df21a66a2e20e6fb96f854549bd698e813ada6b5b94c257e13cde9fbef9a92a480f3e33bc58e834fc31ec6468fe7acee9fd1634934f73138b15e35380a56ab38a032f007698f3a13ec6a821d012ba584a7925e1957816ce0c945145f147984deb410a5df29d92e2b24f3e3c2a259c0f33fffb163778464d40eda61bbe77f245f374c70ade7082f7c1eb280679eb42d20b06b9a34810cfc24f6d4effab6452", @ANYRES16=r3, @ANYBLOB="04002bbd7000fcdbdf250700000030000680080006000000000014000400ff010000000000000000000000000001060001001e000000060005004e200000050005000300000004000180"], 0x50}, 0x1, 0x0, 0x0, 0x48001}, 0x20044090)
r15 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r15, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000001080)={0x38, 0x1403, 0x1, 0x70bd26, 0x0, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'bond0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4040000}, 0x100)
sendmsg$AUDIT_SIGNAL_INFO(r15, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x10, 0x3f2, 0x400, 0x70bd27, 0x25dfdbfb, "", ["", "", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x8800}, 0x4088000)

392.117761ms ago: executing program 4 (id=966):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./bus\x00', 0x2000414, &(0x7f0000000500)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES64=0x0, @ANYRES32, @ANYRESHEX, @ANYRESDEC], 0x1, 0x2b8, &(0x7f0000000800)="$eJzs3NFLU38Yx/Hn5/y5OdEtiKCgeqibuhm6/oAaoRANCnNSXQTHPKux0ybnDGMRuZvotr9DuuwuqP4Bb6Kb7ruTIOjGi+gbnrPpmU6durml7xfIeXae74fzdZvybLCt3n/7rJj3UnmrIgMxlQGRmqyJJNeruv/qxwG/HpKwmlwd+fXt/L0HD29nstnJadWpzMy1tKqOXfz4/OW7S58rI7Pvxz5EZSX5aPVn+vvK0MrZ1T8zTwueFjwtlStq6Vy5XLHmHFvnC14xpXrXsS3P1kLJs92mft4pLyxU1SrNj8YXXNvz1CpVtWhXtVLWiltV64lVKGkqldLRuJxsg22syS1PT1uZHdsm0tEdoeuGW5103UytdTO3fAR7AgAAfWb3+T+Y9Xee/7OzwXE/8/+Zved/Eeb/Lqk13dpj/sex4LoZK17/+23G/A8AAAAAAAAAAAAAAAAAAAAAwL9gzZiEMSaxfqyf8m9HRSQmIqbe7/E20SXhx9+EfvZ4/K/3aLvosNAH92IizpvF3GIuOAb9TF4K4ogt45KQ3/7zoS6op25lJ8fVl5RPzlI9v7SYi0i0kW9ItspfODUR5LU5/7/Ew9dPS0JOt75+umV+SK5cDuVTkpAvj6Usjsz7z+vN/KsJ1Zt3slvyw/46AAAAAACOg5Ru2Pb63e/7C2KyvR/kQ+8PGGOWdnt/YMvr60E5185XVAIAAAAAgEPzqi+KluPY7gGKqIgcIt75whiR3m8jIv1xbzQXN0SkD7ZxVEVMRIIzepD4j414WynTxppBEen53bKPotf/mQAAAAB02ubQv4/Q19dd3BEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdPu98H1li/rdVo7BIPXS5y5L8gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Ef+BgAA//+4IRyf")
creat(&(0x7f0000000d80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x120)
rename(&(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

341.561326ms ago: executing program 4 (id=967):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000002980)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f1988536d4b5888807b3aaafaf59f53121782a0a9370dc0feae13c8c2a1dcc8a3122aaa3dcd5b9247a915378e6492e5b94073dcdc87e7c794fb262a7e9ee0b9432f74331c6e9412ac6557c54c6ac72bc24ff70ca2f8ef53773c5cbdf4a583f81fdc8719dbe967b0690a3ed3f314c3e2ceebb3e29d00c2c1053d1e8b32d8a8be1bb9786746e0ee564306c80d7045747165005fa3528b5ac1e35e03b69cb54111dfcebc6d585aacdd57c351ef1aa8050274b122a21b47432f17a0cacfd9524d9cb09029e4daefaea47f8cd5a4f1dee71093ebc076363e14f78dd3b129b4b3ae5a7a085297416f1f1a8aeefa517ed1525ec76469b8b469851cc56c6016d9067dac3de3818856014c98ce8f36dac4d8cdb1f25e3c5de7bdab78066d2418c12e0acde73c05fc80a0658c7fbc52812a8423323a80e8a968e0ace13290fe8f862c1e7233c26f73ca24e5e441dd406e136df3a3996865e0693d955c691c675c3f6191b225d82ea4c6a7b2c1ed690c17768cd2b21ab0ac2ca7673eb9c00d635e146555db84b8a9061c3ca8bbefd2ae2b80f4a09561a098815c1357c4a7bca20712834842f171f5872668e88c7fcfe0bf526adcc84c5b1d7ca1b6486f25", 0x23d}], 0x1}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000e00)="61506eb07117164bdb4ee7ac0a137512738cac7ddf83039c6483d715bcafc5c4f7feff3c5f7c8d0773bb7447d33297aaf2f9e2b9dc15752fdb623d0008f673f7a04836a22be782e61cc35bdea0abd69a4726afa107f95b8922be17921a894c90310251", 0x63}, {&(0x7f0000000a00)="449f6aed247d197178d7f0a82e1deae14825b22ab6c0ec1ca0c27cd21d8a486374b780581aac75a2f848f285c99133f0435497bf6ae25625c6", 0x39}, {&(0x7f0000000f80)="da272d98f0f8962c15832ad9fc3fe69499698607da01faf3742d6a27555ae47f444bad1ea77509fed4623598addf131c04811469c810db02e91468121899cb0cfaa6d06d1cd876e6a0bee56f2bec7b61a58d4bc82f91da6fefe815e7be6c6a07ebeca051d4a71823d1cbd9", 0x6b}, {&(0x7f0000000040)="09bedb", 0x3}, {&(0x7f0000001040)="cc5a4dbac0affd0a979c63ea8352d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662defd28f78449f073bad544f586136c5076a6f0f1b6fc9adf80557eb44db1b41824e9ef104c95e999766bbf27d74ad5d8fa63210cde65d384dd3e87c3fedaec3144d1ee66a0eb0750363e346cb930dae6109df6b9955bf8af119b5c9a86622af4ff8b5949fb90f8edbde416d046d61512fe4c453bb601a780e1bbc00dbedc5e50d3cd9bc920810eaefd5f9a171e9d32ab46b42e3e78c60087318bab42e94653cbd9e52fba37c5a31d095500e91d02256f101e82447e34733220cdaaabc94", 0x113}], 0x5}}], 0x2, 0x480e0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)

314.719049ms ago: executing program 4 (id=968):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080066110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0b2ae13d922e6235592ce847e2566c43d72918a897323fd0723043c47c896ce0bce66a245ad9d6817fd98cd824498949714ffaac8a6f77ef0000ca5d82054d54d53cd2b6db714e75d9bdae214fa68a0557eb2c5ca683a4b6fcfcff0bffffffffffd47042eaebfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beacf871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae66317f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef0dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d7736ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6480000001a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabc53c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f384c4956b41f3843e7c878b1e11316d8ddae1c6c3b85aaf7a9fcaf8f5d6186c42542d68ba72682c938d3c0a2e6e10eed71b1d31c9f300b41745329bf34495c63e43fb896e4903fb0fae54a8f0fe3b48a5b29d279070647e65097c8ecf32a15080000000000000001007ba4a70a084bd994ac5e00000000000000000000000000351a30cd97f83d72631d0fe92efa974a53f4dc1eb9a86df632a6d463688123f64d42a919bcfc44a90ffd680200000091f842a91c977f6075d07e39e669b0713af0498a99bf5261cb3269d499a5202d7a08b33ade7b38829b9bd39619688d5e9af22170ef83e5b92cbb32b655c45de1c154aad81bf64351668a3f76d5afa958aff76249e0ffdf8e45155536a1a44bfcbfbfd232af000052f9002a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x12, 0x4, 0x4, 0x12}, 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB="05"], 0x10)
close(r1)
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r2}, &(0x7f0000000500), &(0x7f0000000540)=r1}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r2}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000000)={[{@errors_remount}, {@grpquota}]}, 0x4, 0x4f2, &(0x7f0000000c80)="$eJzs3c9vVF0ZAOD3Tjttv34DBWWhRgURRUOY/gAaggthozGExEhcuYDaDk3TGabptEgri7J0byKJK/0T3LkwYeXCnTvducGFCSrRUBMXY+6dSzu0HVqk7dDO8yR37j3nXuY9Z4ZzztzDDCeAnnUuItYiYiAi7kfESJ6f5FvcbG3pda9fPZlef/VkOolm8+4/kux8mhdtfyb1af6cQxHxg+9G/DjZHrexsjo/Va1WFvP06FJtYbSxsnp5rpDnTEyOT45dv3JtYt/qerb2m5ffmbv9w9/99ksv/rj2zZ+mxSr97ER2rr0e+6lV9WKU2vL6I+L2QQTrkv787w9HT9raPhMR57P2PxJ92bsJABxnzeZINEfa0wDAcZfe/5ciKZTzuYBSFArlcmsO70wMF6r1xtKlkfryw5nI5rBORbHwYK5aGcvnCk9FMUnT49nxZnpiS/pKRJyOiJ8PfpKly9P16kw3P/gAQA/7dMv4/+/B1vgPABxzQ+95va8IAMDR977jPwBw9Bn/AaD3vMf4b+ofAI4J9/8A0HuM/wDQe3Yd/58eTjkAgEPx/Tt30q25nv//1zOPVpa/VXp0eabSmC/XlqfL0/XFhfJsvT5brZSnm83dnq9ary+MX91INlZW79Xqyw+X7s3VpmYr9yrFA64PALC702ef/zmJiLUbn2RbtK3lYKyG463Q7QIAXdPX7QIAXeP3PNC79nCPbxoAjrkdluh9S8evCD2z+CscVRc/b/4fepX5f+hd/9/8/7f3vRzA4TP/D72r2Uys+Q8APcYcP/BB//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPaqUbUmhnK0FvpY+FsrliBMRcSqKyYO5amUsIk5GxJ8Gi4NperzbhQYAPlDhb0m+/tfFkQulrWcHkv8MZvuI+Mkv7/7i8dTS0uJ4mv/PjfylZ3n+xEA3KgAAtLu5Pas1Tuf7thv516+eTL/ZDrOIL2+1FhdN467nW+tMf/Rn+6EoRsTwv5I83ZJ+Xunbh/hrTyPic5v1f9wWoZTNgbRWPt0aP4194gDib77+W+MX3opfyM6l+2L2Wnx2H8oCveb5rVY/mbe9tInl7a8Q57L9zu1/KOuhPtyb/m99W/9X2Oj/+rbFT7I2f24j/e6SvLz6++9ty2yOtM49jfhC/07xk434SYf+98Ie6/iXL375fKdzzV9FXIyd47fUsm52dKm2MNpYWb08V5uarcxWHk5MTI5Pjl2/cm1iNJujbj3+YacYf79x6WSn+Gn9hzvEH9ql/l/bY/1//d/7P/rKO+J/46s7v/9n3hE/HRO/vsf4U8M3Oy7fncaf6VD/3d7/S3uM/+KvqzN7vBQAOASNldX5qWq1srjLQfpZc7drHBzNg1iL+AiKkR8MxEdRjJ4/6HbPBBy0zUbf7ZIAAAAAAAAAAAAAAACdNFZW5wfjYH9O1O06AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHz9LwAA//9Jt84K")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x2)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r6, 0x0, 0x0, 0x8000c62)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r9=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="2400000070000100000000000000000007000000", @ANYRES32=r9, @ANYBLOB="0c00028006"], 0x24}}, 0x0)
pwrite64(r5, &(0x7f0000000140)='2', 0xfdef, 0xfecc)

286.175362ms ago: executing program 0 (id=969):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='kfree\x00', r0}, 0x18)
r1 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000200))
socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRES8=r0], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000280)=[{0x200000000006, 0x0, 0xfd, 0x7ffc0002}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="02000000040000000300000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r4, 0x0, 0xfffffffffffffffd}, 0x18)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380), 0x84d03, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kmem_cache_free\x00', r5, 0x0, 0xfffffffffffffffc}, 0x18)
setitimer(0x0, 0x0, 0x0)
getresuid(&(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340))
r6 = syz_open_dev$evdev(&(0x7f00000003c0), 0x7, 0x24000)
ioctl$EVIOCGBITSND(r6, 0x80404532, &(0x7f0000000400)=""/48)
r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
r8 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r7}, 0x8)
close(r8)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r7, 0x8, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_clone(0x400c0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000040000000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000009a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000100"/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="18f9ff0000800007000000000000000000000700", @ANYRES64=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f98}, 0x94)

177.317602ms ago: executing program 2 (id=970):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) (async, rerun: 32)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) (rerun: 32)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0}, 0x94) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
setresuid(0x0, 0xee01, 0xffffffffffffffff)
r1 = shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil)
shmctl$IPC_SET(r1, 0x1, &(0x7f0000000140)={{0x3, 0x0, 0x0, 0x0, 0x0, 0x12}, 0x3, 0x2, 0xfffffffffffffffc, 0xf4, 0x0, 0x0, 0xfffd}) (async)
shmctl$SHM_UNLOCK(r1, 0xc) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x18) (async)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)=ANY=[@ANYRES32=0x0, @ANYRES64], 0x48) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) (async, rerun: 64)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') (async, rerun: 64)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_flash={0x33, 0xea6, '.\x00'}}) (async, rerun: 64)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=<r5=>r2, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf090000000000005509010000"], &(0x7f00000005c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (rerun: 64)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=ANY=[@ANYBLOB="1e000000000000000500000006", @ANYRES8=r5, @ANYRESDEC=r4, @ANYRESOCT=r0, @ANYBLOB="003d73771df3f643d0711c3e1487c7e75bd2fff488156ad33def123c8c21e1cbe80096e37549e9354f006ae03ea17447b0386c773362e513365fc9504ce8e7100128f9f1f34dd90556f3fb0e586d4772f359f6be1d81b583d072150828c49163afb67b1d58cc368c5433a5966b5d1bc45136a050ae108883950a6e3813296eb8647900db5b93df1d48d7286bfb4d496185471cf1d02a8e05320569721618389e9ca1da57c1d5c9a8ac0277b85453f40b1c"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b702000008000000bfa300000000000007030000ffffffff7a0af0fff8ffffff"], 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x18, 0x7, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000006000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000), 0x100000000000013a, 0x0) (async)
getsockopt$CAN_RAW_FD_FRAMES(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000680), &(0x7f00000006c0)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, 0x2}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000085", @ANYRES32, @ANYRES64=r7], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94) (async)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000600)={@loopback, @dev={0xfe, 0x80, '\x00', 0x25}, @local, 0x7, 0xe, 0xe, 0x0, 0x2, 0x10008}) (async, rerun: 64)
r8 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 64)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r8, 0x8982, &(0x7f0000000480)={0x3, 'veth1_to_bridge\x00', {0x9}, 0x4})
lsm_get_self_attr(0x67, 0x0, &(0x7f00000003c0), 0x0) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)

103.0789ms ago: executing program 2 (id=971):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x12, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0x4000000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r2}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2}, 0x94)

84.876921ms ago: executing program 2 (id=972):
socketpair$unix(0x1, 0x7e5a382bc0e6279e, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
get_mempolicy(0x0, 0x0, 0x80000000, &(0x7f0000003000/0x2000)=nil, 0x3)
bind$phonet(r1, &(0x7f0000000100)={0x23, 0xfd, 0x8}, 0x10)
splice(r0, 0x0, r1, 0x0, 0xf3a, 0x0)
syz_clone(0xa020c100, &(0x7f0000000580)="a09e80c9840de18a4e961ad5657131e6923f8bde23dfaac5a53cb3e4b7e1e9c322c4d1e9feabbfbc77320048dcb950d6dc52cfa44ec279c77776ad9c38a50bc9ce38101540d825827fa482ff19e84ec3f3808f5741abd8eea30dacd168274adc1caf254b7c4d3053dedbfdf52234eb51c2e5b8947116fcee7be84344cd35a16287861e986935c16a5fb210157689d86964e16c769fd553615273d2719860b4ff9ff20dd8a742154523a9a106e564af7936fdb639e8154620c2268b34a57ba63ada31184aa2e5", 0xc6, &(0x7f0000000440), &(0x7f0000000500), &(0x7f0000000680)="ac4bb2ea2c17091350a749692bf9fff1d93a0f8ea7a8ecc767877d239882d0b61d")
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r2 = syz_io_uring_setup(0x71c2, &(0x7f0000000200)={0x0, 0xed24, 0x2000, 0x2, 0x117, 0x0, r1}, &(0x7f0000000280), &(0x7f0000000400))
r3 = syz_io_uring_setup(0x6b0b, &(0x7f0000000380)={0x0, 0x79af, 0x0, 0x7fff, 0x32, 0x0, r2}, &(0x7f0000000340)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_MSG_RING={0x28, 0x44, 0x0, r3, 0x0, 0x0, 0x0, 0x2})
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x40002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={&(0x7f00000001c0), 0x1}, 0xc004, 0x10000, 0x0, 0x1, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000020000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r6)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000f80)={0x70, r7, 0x1, 0x3, 0x25dfdbfe, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}]}, @ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8}, @ETHTOOL_A_CHANNELS_HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x86}, 0x40040)
io_uring_enter(r3, 0x625, 0x4c1, 0xc1, 0x0, 0x0)

0s ago: executing program 0 (id=973):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x10, &(0x7f0000000800)=ANY=[], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000001400), 0x208e24b)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xfdef}], 0x1, 0x0, 0x0)

kernel console output (not intermixed with test programs):

13028.156:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4502 comm="syz.1.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0b4c4efc9 code=0x7ffc0000
[   54.548673][   T29] audit: type=1326 audit(1760913028.156:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4502 comm="syz.1.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0b4c4efc9 code=0x7ffc0000
[   54.572317][   T29] audit: type=1326 audit(1760913028.156:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4502 comm="syz.1.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7fb0b4c4efc9 code=0x7ffc0000
[   54.632466][ T4471] loop2: detected capacity change from 0 to 128
[   54.641926][ T4471] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   54.654356][ T4471] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   54.741221][ T4512] rdma_rxe: rxe_newlink: failed to add bond0
[   54.757970][ T4510] FAULT_INJECTION: forcing a failure.
[   54.757970][ T4510] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   54.771176][ T4510] CPU: 1 UID: 0 PID: 4510 Comm: syz.4.299 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   54.771211][ T4510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   54.771228][ T4510] Call Trace:
[   54.771236][ T4510]  <TASK>
[   54.771247][ T4510]  __dump_stack+0x1d/0x30
[   54.771283][ T4510]  dump_stack_lvl+0xe8/0x140
[   54.771308][ T4510]  dump_stack+0x15/0x1b
[   54.771400][ T4510]  should_fail_ex+0x265/0x280
[   54.771446][ T4510]  should_fail+0xb/0x20
[   54.771488][ T4510]  should_fail_usercopy+0x1a/0x20
[   54.771579][ T4510]  _copy_from_user+0x1c/0xb0
[   54.771604][ T4510]  sctp_setsockopt+0x154/0xe30
[   54.771742][ T4510]  sock_common_setsockopt+0x69/0x80
[   54.771772][ T4510]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   54.771799][ T4510]  __sys_setsockopt+0x184/0x200
[   54.771846][ T4510]  __x64_sys_setsockopt+0x64/0x80
[   54.771890][ T4510]  x64_sys_call+0x20ec/0x3000
[   54.771913][ T4510]  do_syscall_64+0xd2/0x200
[   54.771939][ T4510]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   54.772028][ T4510]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   54.772058][ T4510]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.772086][ T4510] RIP: 0033:0x7f2c92e0efc9
[   54.772106][ T4510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.772127][ T4510] RSP: 002b:00007f2c91877038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   54.772206][ T4510] RAX: ffffffffffffffda RBX: 00007f2c93065fa0 RCX: 00007f2c92e0efc9
[   54.772223][ T4510] RDX: 0000000000000005 RSI: 0000000000000084 RDI: 0000000000000003
[   54.772239][ T4510] RBP: 00007f2c91877090 R08: 0000000000000084 R09: 0000000000000000
[   54.772255][ T4510] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000001
[   54.772268][ T4510] R13: 00007f2c93066038 R14: 00007f2c93065fa0 R15: 00007ffc94aeb4a8
[   54.772363][ T4510]  </TASK>
[   54.793973][ T4514] netlink: 12 bytes leftover after parsing attributes in process `syz.0.300'.
[   54.972985][ T3331] Bluetooth: hci0: Frame reassembly failed (-84)
[   55.125990][ T4533] loop4: detected capacity change from 0 to 512
[   55.139006][ T4529] loop3: detected capacity change from 0 to 1024
[   55.383052][ T4531] loop2: detected capacity change from 0 to 512
[   55.427912][ T4531] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.448122][ T4531] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.572503][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.616497][ T4544] rdma_rxe: rxe_newlink: failed to add bond0
[   55.687167][ T4550] FAULT_INJECTION: forcing a failure.
[   55.687167][ T4550] name failslab, interval 1, probability 0, space 0, times 0
[   55.699987][ T4550] CPU: 0 UID: 0 PID: 4550 Comm: syz.2.313 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   55.700020][ T4550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   55.700037][ T4550] Call Trace:
[   55.700045][ T4550]  <TASK>
[   55.700055][ T4550]  __dump_stack+0x1d/0x30
[   55.700141][ T4550]  dump_stack_lvl+0xe8/0x140
[   55.700190][ T4550]  dump_stack+0x15/0x1b
[   55.700233][ T4550]  should_fail_ex+0x265/0x280
[   55.700276][ T4550]  ? __pfx_shmem_alloc_inode+0x10/0x10
[   55.700355][ T4550]  should_failslab+0x8c/0xb0
[   55.700392][ T4550]  kmem_cache_alloc_lru_noprof+0x55/0x490
[   55.700430][ T4550]  ? shmem_alloc_inode+0x34/0x50
[   55.700526][ T4550]  ? __pfx_shmem_alloc_inode+0x10/0x10
[   55.700553][ T4550]  shmem_alloc_inode+0x34/0x50
[   55.700579][ T4550]  alloc_inode+0x40/0x170
[   55.700611][ T4550]  new_inode+0x1d/0xe0
[   55.700646][ T4550]  shmem_get_inode+0x244/0x750
[   55.700708][ T4550]  __shmem_file_setup+0x113/0x210
[   55.700741][ T4550]  shmem_file_setup+0x3b/0x50
[   55.700826][ T4550]  __se_sys_memfd_create+0x2c3/0x590
[   55.700860][ T4550]  __x64_sys_memfd_create+0x31/0x40
[   55.700890][ T4550]  x64_sys_call+0x2ac2/0x3000
[   55.700979][ T4550]  do_syscall_64+0xd2/0x200
[   55.701010][ T4550]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   55.701074][ T4550]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   55.701106][ T4550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.701130][ T4550] RIP: 0033:0x7ff7642fefc9
[   55.701156][ T4550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.701189][ T4550] RSP: 002b:00007ff762d5ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   55.701215][ T4550] RAX: ffffffffffffffda RBX: 00000000000004f9 RCX: 00007ff7642fefc9
[   55.701232][ T4550] RDX: 00007ff762d5eef0 RSI: 0000000000000000 RDI: 00007ff764382960
[   55.701254][ T4550] RBP: 0000200000000200 R08: 00007ff762d5ebb7 R09: 00007ff762d5ee40
[   55.701290][ T4550] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000740
[   55.701307][ T4550] R13: 00007ff762d5eef0 R14: 00007ff762d5eeb0 R15: 0000200000000780
[   55.701332][ T4550]  </TASK>
[   56.067157][ T4559] netlink: 8 bytes leftover after parsing attributes in process `syz.1.314'.
[   56.076908][ T4556] x_tables: duplicate underflow at hook 1
[   56.086522][ T3445] Bluetooth: hci1: Frame reassembly failed (-84)
[   56.107083][ T4562] loop2: detected capacity change from 0 to 512
[   56.170086][ T4548] loop4: detected capacity change from 0 to 128
[   56.177028][ T4548] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   56.190043][ T4548] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   56.243550][ T4569] loop2: detected capacity change from 0 to 512
[   56.267423][ T4569] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a84ec018, mo2=0002]
[   56.275724][ T4569] System zones: 0-2, 18-18, 34-35
[   56.281928][ T4569] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.294711][ T4569] ext4 filesystem being mounted at /63/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   56.338114][ T4569] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   56.367411][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.418286][ T4578] loop4: detected capacity change from 0 to 1024
[   56.436751][ T4578] EXT4-fs: Ignoring removed nomblk_io_submit option
[   56.443675][ T4578] EXT4-fs: inline encryption not supported
[   56.449637][ T4578] EXT4-fs: Ignoring removed nomblk_io_submit option
[   56.477288][ T4578] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.542911][ T4578] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.324: Allocating blocks 449-513 which overlap fs metadata
[   56.545062][ T4586] loop1: detected capacity change from 0 to 1024
[   56.565697][ T4578] EXT4-fs (loop4): pa ffff88810720b1c0: logic 256, phys. 385, len 8
[   56.574014][ T4578] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   56.747764][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.757859][ T4584] loop2: detected capacity change from 0 to 32768
[   56.795442][ T4602] netlink: 24 bytes leftover after parsing attributes in process `syz.4.327'.
[   56.805267][ T4584]  loop2: p1 p2 p3 < > p4 < p5 p6 >
[   56.811102][ T4584] loop2: p1 start 460800 is beyond EOD, truncated
[   56.817616][ T4584] loop2: p2 size 83886080 extends beyond EOD, truncated
[   56.818644][ T4602] IPVS: Error connecting to the multicast addr
[   56.839762][ T4584] loop2: p5 start 460800 is beyond EOD, truncated
[   56.846287][ T4584] loop2: p6 size 83886080 extends beyond EOD, truncated
[   56.863788][ T4602] veth0_to_team: entered promiscuous mode
[   56.955136][ T4558] Bluetooth: hci0: command 0x1003 tx timeout
[   56.955829][ T3562] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   56.996895][ T4618] netlink: 8 bytes leftover after parsing attributes in process `syz.4.329'.
[   57.257880][ T4633] FAULT_INJECTION: forcing a failure.
[   57.257880][ T4633] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   57.271041][ T4633] CPU: 0 UID: 0 PID: 4633 Comm: syz.4.334 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   57.271077][ T4633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   57.271106][ T4633] Call Trace:
[   57.271129][ T4633]  <TASK>
[   57.271138][ T4633]  __dump_stack+0x1d/0x30
[   57.271166][ T4633]  dump_stack_lvl+0xe8/0x140
[   57.271211][ T4633]  dump_stack+0x15/0x1b
[   57.271233][ T4633]  should_fail_ex+0x265/0x280
[   57.271275][ T4633]  should_fail+0xb/0x20
[   57.271328][ T4633]  should_fail_usercopy+0x1a/0x20
[   57.271355][ T4633]  _copy_from_user+0x1c/0xb0
[   57.271390][ T4633]  ___sys_sendmsg+0xc1/0x1d0
[   57.271463][ T4633]  __x64_sys_sendmsg+0xd4/0x160
[   57.271512][ T4633]  x64_sys_call+0x191e/0x3000
[   57.271541][ T4633]  do_syscall_64+0xd2/0x200
[   57.271642][ T4633]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   57.271717][ T4633]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   57.271750][ T4633]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.271777][ T4633] RIP: 0033:0x7f2c92e0efc9
[   57.271798][ T4633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.271822][ T4633] RSP: 002b:00007f2c91877038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   57.271894][ T4633] RAX: ffffffffffffffda RBX: 00007f2c93065fa0 RCX: 00007f2c92e0efc9
[   57.271911][ T4633] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[   57.271928][ T4633] RBP: 00007f2c91877090 R08: 0000000000000000 R09: 0000000000000000
[   57.271944][ T4633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.271960][ T4633] R13: 00007f2c93066038 R14: 00007f2c93065fa0 R15: 00007ffc94aeb4a8
[   57.272034][ T4633]  </TASK>
[   57.488662][ T4635] netlink: 12 bytes leftover after parsing attributes in process `syz.1.335'.
[   58.074971][ T3704] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   58.115871][ T4665] FAULT_INJECTION: forcing a failure.
[   58.115871][ T4665] name failslab, interval 1, probability 0, space 0, times 0
[   58.128617][ T4665] CPU: 0 UID: 0 PID: 4665 Comm: syz.3.346 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   58.128647][ T4665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   58.128663][ T4665] Call Trace:
[   58.128672][ T4665]  <TASK>
[   58.128682][ T4665]  __dump_stack+0x1d/0x30
[   58.128705][ T4665]  dump_stack_lvl+0xe8/0x140
[   58.128786][ T4665]  dump_stack+0x15/0x1b
[   58.128812][ T4665]  should_fail_ex+0x265/0x280
[   58.128847][ T4665]  should_failslab+0x8c/0xb0
[   58.128920][ T4665]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   58.128950][ T4665]  ? __alloc_skb+0x101/0x320
[   58.128977][ T4665]  __alloc_skb+0x101/0x320
[   58.129007][ T4665]  ? kthread_insert_work+0x104/0x1f0
[   58.129074][ T4665]  ? __pfx_virtual_ncidev_close+0x10/0x10
[   58.129099][ T4665]  nfc_genl_device_removed+0x39/0x1d0
[   58.129128][ T4665]  nfc_unregister_device+0x1b/0x130
[   58.129173][ T4665]  nci_unregister_device+0x146/0x160
[   58.129200][ T4665]  ? __pfx_virtual_ncidev_close+0x10/0x10
[   58.129232][ T4665]  virtual_ncidev_close+0x2a/0x50
[   58.129261][ T4665]  __fput+0x29b/0x650
[   58.129363][ T4665]  ____fput+0x1c/0x30
[   58.129432][ T4665]  task_work_run+0x131/0x1a0
[   58.129510][ T4665]  exit_to_user_mode_loop+0xed/0x110
[   58.129536][ T4665]  do_syscall_64+0x1d6/0x200
[   58.129644][ T4665]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   58.129670][ T4665]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   58.129698][ T4665]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.129726][ T4665] RIP: 0033:0x7f09d8c0efc9
[   58.129826][ T4665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.129849][ T4665] RSP: 002b:00007f09d7677038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[   58.129873][ T4665] RAX: 0000000000000000 RBX: 00007f09d8e65fa0 RCX: 00007f09d8c0efc9
[   58.129889][ T4665] RDX: 0200000000000000 RSI: ffffffffffffffff RDI: 0000000000000003
[   58.129905][ T4665] RBP: 00007f09d7677090 R08: 0000000000000000 R09: 0000000000000000
[   58.129989][ T4665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.130003][ T4665] R13: 00007f09d8e66038 R14: 00007f09d8e65fa0 R15: 00007ffebd3bba08
[   58.130027][ T4665]  </TASK>
[   58.363750][ T4670] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1500) !
[   58.389665][ T4672] netlink: 12 bytes leftover after parsing attributes in process `syz.1.348'.
[   58.446676][ T4676] loop0: detected capacity change from 0 to 512
[   58.471240][ T4676] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.490629][ T4676] ext4 filesystem being mounted at /58/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.515953][ T4676] FAULT_INJECTION: forcing a failure.
[   58.515953][ T4676] name failslab, interval 1, probability 0, space 0, times 0
[   58.528735][ T4676] CPU: 1 UID: 0 PID: 4676 Comm: syz.0.352 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   58.528823][ T4676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   58.528838][ T4676] Call Trace:
[   58.528847][ T4676]  <TASK>
[   58.528857][ T4676]  __dump_stack+0x1d/0x30
[   58.528882][ T4676]  dump_stack_lvl+0xe8/0x140
[   58.528978][ T4676]  dump_stack+0x15/0x1b
[   58.529020][ T4676]  should_fail_ex+0x265/0x280
[   58.529065][ T4676]  ? __iomap_dio_rw+0x14b/0x1240
[   58.529178][ T4676]  should_failslab+0x8c/0xb0
[   58.529233][ T4676]  __kmalloc_cache_noprof+0x4c/0x4a0
[   58.529285][ T4676]  ? next_uptodate_folio+0x815/0x890
[   58.529339][ T4676]  __iomap_dio_rw+0x14b/0x1240
[   58.529413][ T4676]  ? __rcu_read_unlock+0x34/0x70
[   58.529534][ T4676]  ? avc_policy_seqno+0x15/0x30
[   58.529577][ T4676]  iomap_dio_rw+0x40/0x90
[   58.529608][ T4676]  ext4_file_read_iter+0x20f/0x290
[   58.529725][ T4676]  aio_read+0x1dd/0x2e0
[   58.529779][ T4676]  io_submit_one+0xab2/0x11d0
[   58.529830][ T4676]  __se_sys_io_submit+0xfb/0x280
[   58.529887][ T4676]  __x64_sys_io_submit+0x43/0x50
[   58.530030][ T4676]  x64_sys_call+0x2d6c/0x3000
[   58.530054][ T4676]  do_syscall_64+0xd2/0x200
[   58.530079][ T4676]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   58.530113][ T4676]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   58.530201][ T4676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.530244][ T4676] RIP: 0033:0x7f30ca34efc9
[   58.530265][ T4676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.530341][ T4676] RSP: 002b:00007f30c8daf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[   58.530365][ T4676] RAX: ffffffffffffffda RBX: 00007f30ca5a5fa0 RCX: 00007f30ca34efc9
[   58.530416][ T4676] RDX: 0000200000000040 RSI: 0000000000000001 RDI: 00007f30cb0de000
[   58.530434][ T4676] RBP: 00007f30c8daf090 R08: 0000000000000000 R09: 0000000000000000
[   58.530450][ T4676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.530466][ T4676] R13: 00007f30ca5a6038 R14: 00007f30ca5a5fa0 R15: 00007ffe20b5a7d8
[   58.530491][ T4676]  </TASK>
[   58.839776][ T4692] netlink: 7 bytes leftover after parsing attributes in process `syz.2.356'.
[   58.860166][ T4692] netlink: 60 bytes leftover after parsing attributes in process `syz.2.356'.
[   58.869168][ T4692] netlink: 60 bytes leftover after parsing attributes in process `syz.2.356'.
[   58.882889][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.894720][ T4694] loop4: detected capacity change from 0 to 1024
[   58.921334][ T4692] netlink: 7 bytes leftover after parsing attributes in process `syz.2.356'.
[   58.930547][ T4692] netlink: 60 bytes leftover after parsing attributes in process `syz.2.356'.
[   58.939539][ T4692] netlink: 60 bytes leftover after parsing attributes in process `syz.2.356'.
[   58.955481][ T4694] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.970993][ T4700] FAULT_INJECTION: forcing a failure.
[   58.970993][ T4700] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   58.984254][ T4700] CPU: 1 UID: 0 PID: 4700 Comm: syz.0.358 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   58.984289][ T4700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   58.984305][ T4700] Call Trace:
[   58.984314][ T4700]  <TASK>
[   58.984347][ T4700]  __dump_stack+0x1d/0x30
[   58.984373][ T4700]  dump_stack_lvl+0xe8/0x140
[   58.984395][ T4700]  dump_stack+0x15/0x1b
[   58.984422][ T4700]  should_fail_ex+0x265/0x280
[   58.984460][ T4700]  should_fail+0xb/0x20
[   58.984529][ T4700]  should_fail_usercopy+0x1a/0x20
[   58.984552][ T4700]  _copy_from_iter+0xd2/0xe80
[   58.984603][ T4700]  ? __build_skb_around+0x1ab/0x200
[   58.984632][ T4700]  ? __alloc_skb+0x223/0x320
[   58.984663][ T4700]  netlink_sendmsg+0x471/0x6b0
[   58.984700][ T4700]  ? __pfx_netlink_sendmsg+0x10/0x10
[   58.984734][ T4700]  __sock_sendmsg+0x145/0x180
[   58.984758][ T4700]  ____sys_sendmsg+0x31e/0x4e0
[   58.984866][ T4700]  ___sys_sendmsg+0x17b/0x1d0
[   58.984923][ T4700]  __x64_sys_sendmsg+0xd4/0x160
[   58.985009][ T4700]  x64_sys_call+0x191e/0x3000
[   58.985033][ T4700]  do_syscall_64+0xd2/0x200
[   58.985060][ T4700]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   58.985157][ T4700]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   58.985192][ T4700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.985215][ T4700] RIP: 0033:0x7f30ca34efc9
[   58.985262][ T4700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.985280][ T4700] RSP: 002b:00007f30c8daf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   58.985302][ T4700] RAX: ffffffffffffffda RBX: 00007f30ca5a5fa0 RCX: 00007f30ca34efc9
[   58.985321][ T4700] RDX: 0000000000000000 RSI: 0000200000001200 RDI: 0000000000000003
[   58.985334][ T4700] RBP: 00007f30c8daf090 R08: 0000000000000000 R09: 0000000000000000
[   58.985347][ T4700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.985360][ T4700] R13: 00007f30ca5a6038 R14: 00007f30ca5a5fa0 R15: 00007ffe20b5a7d8
[   58.985435][ T4700]  </TASK>
[   59.250017][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.279256][ T4683] loop3: detected capacity change from 0 to 128
[   59.305879][ T4683] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   59.330785][ T4683] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   59.357480][ T4712] loop4: detected capacity change from 0 to 1024
[   59.388151][   T29] kauditd_printk_skb: 96 callbacks suppressed
[   59.388168][   T29] audit: type=1326 audit(1760913033.196:941): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4682 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09d8c0efc9 code=0x7ffc0000
[   59.426297][   T37] Bluetooth: hci0: Frame reassembly failed (-84)
[   59.432965][   T29] audit: type=1326 audit(1760913033.236:942): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4682 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f09d8c0efc9 code=0x7ffc0000
[   59.457103][   T29] audit: type=1326 audit(1760913033.236:943): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4682 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09d8c0efc9 code=0x7ffc0000
[   59.481065][   T29] audit: type=1326 audit(1760913033.236:944): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4682 comm="syz.3.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09d8c0efc9 code=0x7ffc0000
[   59.482843][ T4714] x_tables: duplicate underflow at hook 1
[   59.512164][ T4712] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.553684][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.634804][   T29] audit: type=1400 audit(1760913033.436:945): avc:  denied  { getopt } for  pid=4727 comm="syz.0.367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   59.667005][ T4734] loop2: detected capacity change from 0 to 512
[   59.680524][ T4736] FAULT_INJECTION: forcing a failure.
[   59.680524][ T4736] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   59.693795][ T4736] CPU: 1 UID: 0 PID: 4736 Comm: syz.4.371 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   59.693824][ T4736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   59.693840][ T4736] Call Trace:
[   59.693914][ T4736]  <TASK>
[   59.693922][ T4736]  __dump_stack+0x1d/0x30
[   59.693948][ T4736]  dump_stack_lvl+0xe8/0x140
[   59.693973][ T4736]  dump_stack+0x15/0x1b
[   59.694069][ T4736]  should_fail_ex+0x265/0x280
[   59.694116][ T4736]  should_fail+0xb/0x20
[   59.694154][ T4736]  should_fail_usercopy+0x1a/0x20
[   59.694183][ T4736]  _copy_to_user+0x20/0xa0
[   59.694242][ T4736]  simple_read_from_buffer+0xb5/0x130
[   59.694272][ T4736]  proc_fail_nth_read+0x10e/0x150
[   59.694312][ T4736]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   59.694420][ T4736]  vfs_read+0x1a8/0x770
[   59.694451][ T4736]  ? __rcu_read_unlock+0x4f/0x70
[   59.694522][ T4736]  ? __fget_files+0x184/0x1c0
[   59.694553][ T4736]  ksys_read+0xda/0x1a0
[   59.694583][ T4736]  __x64_sys_read+0x40/0x50
[   59.694613][ T4736]  x64_sys_call+0x27c0/0x3000
[   59.694675][ T4736]  do_syscall_64+0xd2/0x200
[   59.694731][ T4736]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   59.694814][ T4736]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   59.694838][ T4736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.694859][ T4736] RIP: 0033:0x7f2c92e0d9dc
[   59.694874][ T4736] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   59.694920][ T4736] RSP: 002b:00007f2c91877030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   59.694945][ T4736] RAX: ffffffffffffffda RBX: 00007f2c93065fa0 RCX: 00007f2c92e0d9dc
[   59.694961][ T4736] RDX: 000000000000000f RSI: 00007f2c918770a0 RDI: 0000000000000006
[   59.695049][ T4736] RBP: 00007f2c91877090 R08: 0000000000000000 R09: 0000000000000000
[   59.695062][ T4736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.695076][ T4736] R13: 00007f2c93066038 R14: 00007f2c93065fa0 R15: 00007ffc94aeb4a8
[   59.695095][ T4736]  </TASK>
[   59.712800][ T4738] loop3: detected capacity change from 0 to 2048
[   59.756878][ T4740] loop4: detected capacity change from 0 to 1024
[   59.772107][ T4734] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   59.903878][ T4740] EXT4-fs: Ignoring removed nomblk_io_submit option
[   59.935302][ T4738] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.949879][ T4740] EXT4-fs: inline encryption not supported
[   59.955831][ T4740] EXT4-fs: Ignoring removed nomblk_io_submit option
[   59.964908][ T4734] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   59.981852][ T4740] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   60.015058][ T4734] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.039234][ T4748] loop0: detected capacity change from 0 to 1024
[   60.046237][ T4748] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   60.082209][ T4738] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.372: corrupted in-inode xattr: overlapping e_value 
[   60.109965][   T29] audit: type=1326 audit(1760913033.916:946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.2.370" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff7642fefc9 code=0x0
[   60.144157][ T4750] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[   60.166285][ T4750] syzkaller0: entered promiscuous mode
[   60.171815][ T4750] syzkaller0: entered allmulticast mode
[   60.242046][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.320554][   T29] audit: type=1400 audit(1760913033.986:947): avc:  denied  { read } for  pid=4733 comm="syz.2.370" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   60.339693][   T29] audit: type=1326 audit(1760913033.986:948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.2.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7642fefc9 code=0x7ffc0000
[   60.362909][   T29] audit: type=1326 audit(1760913033.986:949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.2.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7642fefc9 code=0x7ffc0000
[   60.386306][   T29] audit: type=1326 audit(1760913033.986:950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.2.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff7642fefc9 code=0x7ffc0000
[   60.579523][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.829603][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   61.139800][ T4765] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.376' sets config #0
[   61.351276][ T4778] loop4: detected capacity change from 0 to 512
[   61.434983][ T3562] Bluetooth: hci0: command 0x1003 tx timeout
[   61.441191][ T3704] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   61.459972][ T4780] loop4: detected capacity change from 0 to 1024
[   61.490578][ T4780] EXT4-fs: Ignoring removed nomblk_io_submit option
[   61.517001][ T4780] EXT4-fs: inline encryption not supported
[   61.522913][ T4780] EXT4-fs: Ignoring removed nomblk_io_submit option
[   61.533747][ T4784] loop0: detected capacity change from 0 to 512
[   61.537256][ T4782] loop1: detected capacity change from 0 to 512
[   61.574315][ T4780] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   61.575303][ T4782] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   61.622228][ T4782] EXT4-fs (loop1): mount failed
[   61.709971][ T4780] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.384: Allocating blocks 449-513 which overlap fs metadata
[   61.742824][ T4802] loop0: detected capacity change from 0 to 512
[   61.743758][ T4780] EXT4-fs (loop4): pa ffff88810728a7e0: logic 256, phys. 385, len 8
[   61.757370][ T4780] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   61.768788][ T4802] EXT4-fs warning (device loop0): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   61.791323][ T4802] EXT4-fs (loop0): mount failed
[   61.816445][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.863087][ T4811] __nla_validate_parse: 7 callbacks suppressed
[   61.863106][ T4811] netlink: 12 bytes leftover after parsing attributes in process `syz.1.396'.
[   61.888761][ T4812] loop4: detected capacity change from 0 to 512
[   61.916397][ T4814] netlink: 28 bytes leftover after parsing attributes in process `syz.2.397'.
[   61.935468][ T4811] x_tables: duplicate underflow at hook 1
[   61.938780][ T3331] Bluetooth: hci0: Frame reassembly failed (-84)
[   62.056834][ T4826] IPv6: Can't replace route, no match found
[   62.090388][ T4829] loop0: detected capacity change from 0 to 1024
[   62.118875][ T4829] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   62.148875][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.256657][ T4820] loop4: detected capacity change from 0 to 128
[   62.281554][ T4841] loop0: detected capacity change from 0 to 1024
[   62.286406][ T4820] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   62.300205][ T4841] EXT4-fs: Ignoring removed nomblk_io_submit option
[   62.307177][ T4841] EXT4-fs: inline encryption not supported
[   62.313049][ T4841] EXT4-fs: Ignoring removed nomblk_io_submit option
[   62.340397][ T4820] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   62.427034][ T4855] loop2: detected capacity change from 0 to 512
[   62.446997][ T4857] loop3: detected capacity change from 0 to 1024
[   62.478227][ T4841] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.405: Allocating blocks 449-513 which overlap fs metadata
[   62.492573][ T4841] EXT4-fs (loop0): pa ffff88810720b230: logic 256, phys. 385, len 8
[   62.500735][ T4841] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   62.642726][ T4875] netlink: 8 bytes leftover after parsing attributes in process `syz.0.414'.
[   62.658547][ T4881] loop3: detected capacity change from 0 to 512
[   62.673077][ T4879] loop4: detected capacity change from 0 to 512
[   62.689735][ T4881] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a84ec018, mo2=0002]
[   62.698250][ T4881] System zones: 0-2, 18-18, 34-35
[   62.704214][ T4881] ext4 filesystem being mounted at /74/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   62.717065][ T4881] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   62.744708][ T4879] EXT4-fs (loop4): 1 orphan inode deleted
[   62.773633][   T12] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:0: Failed to release dquot type 1
[   62.800372][ T4879] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.839161][ T4890] netlink: 12 bytes leftover after parsing attributes in process `syz.3.422'.
[   62.873019][ T4893] loop2: detected capacity change from 0 to 512
[   62.920468][ T4898] loop2: detected capacity change from 0 to 1024
[   62.947742][ T4898] EXT4-fs: Ignoring removed nomblk_io_submit option
[   62.954522][ T4898] EXT4-fs: inline encryption not supported
[   62.957145][ T4887] loop0: detected capacity change from 0 to 512
[   62.960443][ T4898] EXT4-fs: Ignoring removed nomblk_io_submit option
[   62.992422][ T4887] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.054117][ T4908] netlink: 8 bytes leftover after parsing attributes in process `syz.4.427'.
[   63.138760][ T4911] FAULT_INJECTION: forcing a failure.
[   63.138760][ T4911] name failslab, interval 1, probability 0, space 0, times 0
[   63.151437][ T4911] CPU: 1 UID: 0 PID: 4911 Comm: syz.2.426 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   63.151466][ T4911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   63.151479][ T4911] Call Trace:
[   63.151486][ T4911]  <TASK>
[   63.151494][ T4911]  __dump_stack+0x1d/0x30
[   63.151600][ T4911]  dump_stack_lvl+0xe8/0x140
[   63.151623][ T4911]  dump_stack+0x15/0x1b
[   63.151654][ T4911]  should_fail_ex+0x265/0x280
[   63.151749][ T4911]  should_failslab+0x8c/0xb0
[   63.151810][ T4911]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   63.151841][ T4911]  ? dup_task_struct+0x70/0x6b0
[   63.151873][ T4911]  dup_task_struct+0x70/0x6b0
[   63.151940][ T4911]  ? _parse_integer+0x27/0x40
[   63.151982][ T4911]  copy_process+0x399/0x2000
[   63.152080][ T4911]  ? kstrtouint+0x76/0xc0
[   63.152113][ T4911]  ? kstrtouint_from_user+0x9f/0xf0
[   63.152134][ T4911]  ? __rcu_read_unlock+0x4f/0x70
[   63.152231][ T4911]  kernel_clone+0x16c/0x5c0
[   63.152261][ T4911]  ? vfs_write+0x7e8/0x960
[   63.152369][ T4911]  __x64_sys_clone+0xe6/0x120
[   63.152471][ T4911]  x64_sys_call+0x119c/0x3000
[   63.152494][ T4911]  do_syscall_64+0xd2/0x200
[   63.152521][ T4911]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   63.152626][ T4911]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   63.152709][ T4911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.152733][ T4911] RIP: 0033:0x7ff7642fefc9
[   63.152748][ T4911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.152823][ T4911] RSP: 002b:00007ff762d1cfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   63.152849][ T4911] RAX: ffffffffffffffda RBX: 00007ff764556180 RCX: 00007ff7642fefc9
[   63.152862][ T4911] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000041200000
[   63.152874][ T4911] RBP: 00007ff762d1d090 R08: 0000000000000000 R09: 0000000000000000
[   63.152886][ T4911] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[   63.152919][ T4911] R13: 00007ff764556218 R14: 00007ff764556180 R15: 00007ffca5c9b668
[   63.152939][ T4911]  </TASK>
[   63.449545][ T4895] loop3: detected capacity change from 0 to 128
[   63.456895][ T4895] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   63.500445][ T4895] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   63.559361][ T4916] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.429' sets config #0
[   63.642663][ T4920] netlink: 12 bytes leftover after parsing attributes in process `syz.3.430'.
[   63.658718][ T3331] Bluetooth: hci1: Frame reassembly failed (-84)
[   63.911042][ T4925] netlink: 12 bytes leftover after parsing attributes in process `syz.2.432'.
[   63.929904][   T37] Bluetooth: hci2: Frame reassembly failed (-84)
[   63.995003][ T3704] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   64.181597][ T4930] loop1: detected capacity change from 0 to 32768
[   64.235522][ T3581]  loop1: p1 p2 p3 < > p4 < p5 p6 >
[   64.241040][ T3581] loop1: p1 start 460800 is beyond EOD, truncated
[   64.247532][ T3581] loop1: p2 size 83886080 extends beyond EOD, truncated
[   64.256642][ T3581] loop1: p5 start 460800 is beyond EOD, truncated
[   64.263236][ T3581] loop1: p6 size 83886080 extends beyond EOD, truncated
[   64.273803][ T4930]  loop1: p1 p2 p3 < > p4 < p5 p6 >
[   64.279138][ T4930] loop1: p1 start 460800 is beyond EOD, truncated
[   64.285792][ T4930] loop1: p2 size 83886080 extends beyond EOD, truncated
[   64.294294][ T4930] loop1: p5 start 460800 is beyond EOD, truncated
[   64.300863][ T4930] loop1: p6 size 83886080 extends beyond EOD, truncated
[   64.420253][ T4934] loop4: detected capacity change from 0 to 512
[   64.436676][   T29] kauditd_printk_skb: 196 callbacks suppressed
[   64.436710][   T29] audit: type=1400 audit(1760913038.246:1144): avc:  denied  { create } for  pid=4936 comm="syz.0.436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   64.464864][   T29] audit: type=1400 audit(1760913038.266:1145): avc:  denied  { setopt } for  pid=4936 comm="syz.0.436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   64.478193][ T4937] netlink: 'syz.0.436': attribute type 3 has an invalid length.
[   64.485837][   T29] audit: type=1400 audit(1760913038.276:1146): avc:  denied  { bind } for  pid=4936 comm="syz.0.436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   64.511393][   T29] audit: type=1400 audit(1760913038.276:1147): avc:  denied  { name_bind } for  pid=4936 comm="syz.0.436" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[   64.532220][   T29] audit: type=1400 audit(1760913038.276:1148): avc:  denied  { node_bind } for  pid=4936 comm="syz.0.436" saddr=fe80::aa src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[   64.533098][ T4937] loop0: detected capacity change from 0 to 512
[   64.591844][ T4937] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz.0.436: corrupted in-inode xattr: invalid ea_ino
[   64.614146][ T4937] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.436: couldn't read orphan inode 15 (err -117)
[   64.656455][   T29] audit: type=1400 audit(1760913038.466:1149): avc:  denied  { setattr } for  pid=4936 comm="syz.0.436" name="bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   64.708762][ T4937] EXT4-fs error (device loop0): ext4_lookup:1787: inode #14: comm syz.0.436: invalid fast symlink length 39
[   64.746124][ T4949] FAULT_INJECTION: forcing a failure.
[   64.746124][ T4949] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   64.759342][ T4949] CPU: 1 UID: 0 PID: 4949 Comm: syz.0.439 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   64.759424][ T4949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   64.759441][ T4949] Call Trace:
[   64.759449][ T4949]  <TASK>
[   64.759458][ T4949]  __dump_stack+0x1d/0x30
[   64.759484][ T4949]  dump_stack_lvl+0xe8/0x140
[   64.759507][ T4949]  dump_stack+0x15/0x1b
[   64.759549][ T4949]  should_fail_ex+0x265/0x280
[   64.759587][ T4949]  should_fail+0xb/0x20
[   64.759685][ T4949]  should_fail_usercopy+0x1a/0x20
[   64.759737][ T4949]  strncpy_from_user+0x25/0x230
[   64.759773][ T4949]  ? kstrtouint_from_user+0x9f/0xf0
[   64.759831][ T4949]  strncpy_from_user_nofault+0x68/0xf0
[   64.759908][ T4949]  bpf_probe_read_compat_str+0xb4/0x130
[   64.759991][ T4949]  bpf_prog_fd7be918018daafb+0x41/0x68
[   64.760008][ T4949]  bpf_trace_run2+0x107/0x1c0
[   64.760054][ T4949]  ? __rcu_read_unlock+0x4f/0x70
[   64.760088][ T4949]  ? __pfx___bpf_trace_sys_enter+0x10/0x10
[   64.760125][ T4949]  __bpf_trace_sys_enter+0x10/0x30
[   64.760227][ T4949]  __traceiter_sys_enter+0x50/0x80
[   64.760255][ T4949]  trace_sys_enter+0x86/0xf0
[   64.760281][ T4949]  syscall_trace_enter+0x13e/0x1e0
[   64.760351][ T4949]  do_syscall_64+0xac/0x200
[   64.760384][ T4949]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   64.760419][ T4949]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   64.760499][ T4949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.760580][ T4949] RIP: 0033:0x7f30ca34efc9
[   64.760594][ T4949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.760619][ T4949] RSP: 002b:00007f30c8daf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000098
[   64.760637][ T4949] RAX: ffffffffffffffda RBX: 00007f30ca5a5fa0 RCX: 00007f30ca34efc9
[   64.760650][ T4949] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   64.760677][ T4949] RBP: 00007f30c8daf090 R08: 0000000000000000 R09: 0000000000000000
[   64.760692][ T4949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.760707][ T4949] R13: 00007f30ca5a6038 R14: 00007f30ca5a5fa0 R15: 00007ffe20b5a7d8
[   64.760732][ T4949]  </TASK>
[   65.198858][ T4962] netlink: 'syz.1.444': attribute type 13 has an invalid length.
[   65.218023][ T4962] lo: entered promiscuous mode
[   65.222866][ T4962] lo: entered allmulticast mode
[   65.229753][ T4962] tunl0: entered promiscuous mode
[   65.234835][ T4962] tunl0: entered allmulticast mode
[   65.241583][ T4962] gre0: entered promiscuous mode
[   65.246677][ T4962] gre0: entered allmulticast mode
[   65.253465][ T4962] gretap0: entered promiscuous mode
[   65.258855][ T4962] gretap0: entered allmulticast mode
[   65.269955][ T4962] erspan0: entered promiscuous mode
[   65.275295][ T4962] erspan0: entered allmulticast mode
[   65.286196][ T4962] ip_vti0: entered promiscuous mode
[   65.291482][ T4962] ip_vti0: entered allmulticast mode
[   65.298428][ T4962] ip6_vti0: entered promiscuous mode
[   65.303752][ T4962] ip6_vti0: entered allmulticast mode
[   65.317775][ T4962] sit0: entered promiscuous mode
[   65.322863][ T4962] sit0: entered allmulticast mode
[   65.329842][ T4962] ip6tnl0: entered promiscuous mode
[   65.335142][ T4962] ip6tnl0: entered allmulticast mode
[   65.341696][ T4962] ip6gre0: entered promiscuous mode
[   65.347124][ T4962] ip6gre0: entered allmulticast mode
[   65.354298][ T4962] syz_tun: entered promiscuous mode
[   65.359652][ T4962] syz_tun: entered allmulticast mode
[   65.374259][ T4962] ip6gretap0: entered promiscuous mode
[   65.379846][ T4962] ip6gretap0: entered allmulticast mode
[   65.391092][ T4962] bridge0: entered promiscuous mode
[   65.396542][ T4962] bridge0: entered allmulticast mode
[   65.402078][ T4969] loop4: detected capacity change from 0 to 1024
[   65.404369][ T4962] vcan0: entered promiscuous mode
[   65.413525][ T4962] vcan0: entered allmulticast mode
[   65.420263][ T4962] bond0: entered promiscuous mode
[   65.425397][ T4962] bond_slave_0: entered promiscuous mode
[   65.430824][   T29] audit: type=1400 audit(1760913039.236:1150): avc:  denied  { read write } for  pid=4968 comm="syz.4.447" name="event1" dev="devtmpfs" ino=243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   65.431198][ T4962] bond_slave_1: entered promiscuous mode
[   65.454679][   T29] audit: type=1400 audit(1760913039.236:1151): avc:  denied  { open } for  pid=4968 comm="syz.4.447" path="/dev/input/event1" dev="devtmpfs" ino=243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   65.484554][ T4962] bond0: entered allmulticast mode
[   65.489790][ T4962] bond_slave_0: entered allmulticast mode
[   65.495586][ T4962] bond_slave_1: entered allmulticast mode
[   65.504152][ T4962] team0: entered promiscuous mode
[   65.509316][ T4962] team_slave_0: entered promiscuous mode
[   65.515125][ T4962] team_slave_1: entered promiscuous mode
[   65.520906][ T4962] team0: entered allmulticast mode
[   65.526079][ T4962] team_slave_0: entered allmulticast mode
[   65.531824][ T4962] team_slave_1: entered allmulticast mode
[   65.540351][ T4962] dummy0: entered promiscuous mode
[   65.545627][ T4962] dummy0: entered allmulticast mode
[   65.552201][ T4962] nlmon0: entered promiscuous mode
[   65.557424][ T4962] nlmon0: entered allmulticast mode
[   65.564592][ T4962] caif0: entered promiscuous mode
[   65.569818][ T4962] caif0: entered allmulticast mode
[   65.577336][ T4962] batadv0: entered promiscuous mode
[   65.582622][ T4962] batadv0: entered allmulticast mode
[   65.590130][ T4962] vxcan0: entered promiscuous mode
[   65.595478][ T4962] vxcan0: entered allmulticast mode
[   65.602195][ T4962] vxcan1: entered promiscuous mode
[   65.607425][ T4962] vxcan1: entered allmulticast mode
[   65.613951][ T4962] veth0: entered promiscuous mode
[   65.619061][ T4962] veth0: entered allmulticast mode
[   65.625301][ T4962] veth1: entered promiscuous mode
[   65.630344][ T4962] veth1: entered allmulticast mode
[   65.636816][ T4962] wg0: entered promiscuous mode
[   65.641766][ T4962] wg0: entered allmulticast mode
[   65.647854][ T4962] wg1: entered promiscuous mode
[   65.652716][ T4962] wg1: entered allmulticast mode
[   65.659034][ T4962] wg2: entered promiscuous mode
[   65.663896][ T4962] wg2: entered allmulticast mode
[   65.670199][ T4962] veth0_to_bridge: entered promiscuous mode
[   65.675772][ T3562] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   65.676895][ T4962] veth0_to_bridge: entered allmulticast mode
[   65.682241][ T4926] Bluetooth: hci1: command 0x1003 tx timeout
[   65.692578][ T4962] veth1_to_bridge: entered promiscuous mode
[   65.700297][ T4962] veth1_to_bridge: entered allmulticast mode
[   65.710973][ T4962] veth0_to_bond: entered promiscuous mode
[   65.716778][ T4962] veth0_to_bond: entered allmulticast mode
[   65.730211][ T4962] veth1_to_bond: entered promiscuous mode
[   65.736067][ T4962] veth1_to_bond: entered allmulticast mode
[   65.744526][ T4962] veth0_to_team: entered promiscuous mode
[   65.750442][ T4962] veth0_to_team: entered allmulticast mode
[   65.760679][ T4962] veth1_to_team: entered promiscuous mode
[   65.766552][ T4962] veth1_to_team: entered allmulticast mode
[   65.776113][ T4962] veth0_to_batadv: entered promiscuous mode
[   65.782106][ T4962] veth0_to_batadv: entered allmulticast mode
[   65.790207][ T4962] batadv_slave_0: entered promiscuous mode
[   65.796119][ T4962] batadv_slave_0: entered allmulticast mode
[   65.803995][ T4962] veth1_to_batadv: entered promiscuous mode
[   65.810031][ T4962] veth1_to_batadv: entered allmulticast mode
[   65.818161][ T4962] batadv_slave_1: entered promiscuous mode
[   65.824052][ T4962] batadv_slave_1: entered allmulticast mode
[   65.831786][ T4962] xfrm0: entered promiscuous mode
[   65.836910][ T4962] xfrm0: entered allmulticast mode
[   65.842594][ T4962] veth0_to_hsr: entered promiscuous mode
[   65.848290][ T4962] veth0_to_hsr: entered allmulticast mode
[   65.855970][ T4962] hsr_slave_0: entered allmulticast mode
[   65.862914][ T4962] veth1_to_hsr: entered promiscuous mode
[   65.868711][ T4962] veth1_to_hsr: entered allmulticast mode
[   65.875952][ T4962] hsr_slave_1: entered allmulticast mode
[   65.882952][ T4962] hsr0: entered promiscuous mode
[   65.888018][ T4962] hsr0: entered allmulticast mode
[   65.894714][ T4962] veth1_virt_wifi: entered promiscuous mode
[   65.900755][ T4962] veth1_virt_wifi: entered allmulticast mode
[   65.909102][ T4962] veth0_virt_wifi: entered promiscuous mode
[   65.915197][ T4962] veth0_virt_wifi: entered allmulticast mode
[   65.922821][ T4962] veth1_vlan: entered allmulticast mode
[   65.947660][ T4962] vlan0: entered promiscuous mode
[   65.952806][ T4962] vlan0: entered allmulticast mode
[   65.960080][ T4982] loop0: detected capacity change from 0 to 128
[   65.967611][ T4962] vlan1: entered promiscuous mode
[   65.972770][ T4962] vlan1: entered allmulticast mode
[   65.980024][ T4962] macvlan0: entered promiscuous mode
[   65.985627][ T4962] macvlan0: entered allmulticast mode
[   65.993360][ T4962] macvlan1: entered promiscuous mode
[   65.998896][ T4962] macvlan1: entered allmulticast mode
[   66.005106][ T4558] Bluetooth: hci2: Opcode 0x1003 failed: -110
[   66.017015][ T4962] ipvlan0: entered promiscuous mode
[   66.022674][ T4962] ipvlan1: entered promiscuous mode
[   66.028058][ T4962] ipvlan1: entered allmulticast mode
[   66.033914][ T4962] veth1_macvtap: entered allmulticast mode
[   66.041322][ T4962] veth0_macvtap: entered allmulticast mode
[   66.049429][ T4962] macvtap0: entered promiscuous mode
[   66.054969][ T4962] macvtap0: entered allmulticast mode
[   66.084324][ T4962] macsec0: entered promiscuous mode
[   66.089826][ T4962] macsec0: entered allmulticast mode
[   66.110401][ T4962] geneve0: entered promiscuous mode
[   66.115782][ T4962] geneve0: entered allmulticast mode
[   66.122760][ T4962] geneve1: entered promiscuous mode
[   66.128036][ T4962] geneve1: entered allmulticast mode
[   66.135188][ T4962] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[   66.142541][ T4962] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[   66.160237][ T4962] netdevsim netdevsim1 netdevsim1: entered promiscuous mode
[   66.167635][ T4962] netdevsim netdevsim1 netdevsim1: entered allmulticast mode
[   66.181142][ T4987] FAULT_INJECTION: forcing a failure.
[   66.181142][ T4987] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   66.194317][ T4987] CPU: 1 UID: 0 PID: 4987 Comm: syz.4.451 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   66.194349][ T4987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   66.194390][ T4987] Call Trace:
[   66.194455][ T4987]  <TASK>
[   66.194466][ T4987]  __dump_stack+0x1d/0x30
[   66.194509][ T4987]  dump_stack_lvl+0xe8/0x140
[   66.194529][ T4987]  dump_stack+0x15/0x1b
[   66.194550][ T4987]  should_fail_ex+0x265/0x280
[   66.194595][ T4987]  should_fail+0xb/0x20
[   66.194646][ T4987]  should_fail_usercopy+0x1a/0x20
[   66.194673][ T4987]  _copy_from_user+0x1c/0xb0
[   66.194708][ T4987]  proc_control+0x43/0xa0
[   66.194742][ T4987]  usbdev_ioctl+0x93c/0x1700
[   66.194775][ T4987]  ? __pfx_usbdev_ioctl+0x10/0x10
[   66.194804][ T4987]  __se_sys_ioctl+0xce/0x140
[   66.194830][ T4987]  __x64_sys_ioctl+0x43/0x50
[   66.194855][ T4987]  x64_sys_call+0x1816/0x3000
[   66.194965][ T4987]  do_syscall_64+0xd2/0x200
[   66.194991][ T4987]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   66.195083][ T4987]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   66.195114][ T4987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.195143][ T4987] RIP: 0033:0x7f2c92e0efc9
[   66.195163][ T4987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.195186][ T4987] RSP: 002b:00007f2c91877038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   66.195240][ T4987] RAX: ffffffffffffffda RBX: 00007f2c93065fa0 RCX: 00007f2c92e0efc9
[   66.195264][ T4987] RDX: 0000200000000080 RSI: 00000000c0185500 RDI: 0000000000000006
[   66.195277][ T4987] RBP: 00007f2c91877090 R08: 0000000000000000 R09: 0000000000000000
[   66.195288][ T4987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.195300][ T4987] R13: 00007f2c93066038 R14: 00007f2c93065fa0 R15: 00007ffc94aeb4a8
[   66.195319][ T4987]  </TASK>
[   66.381575][ T4962] netdevsim netdevsim1 netdevsim2: entered promiscuous mode
[   66.388985][ T4962] netdevsim netdevsim1 netdevsim2: entered allmulticast mode
[   66.430888][ T4990] rdma_rxe: rxe_newlink: failed to add bond0
[   66.444080][ T4962] netdevsim netdevsim1 netdevsim3: entered promiscuous mode
[   66.451676][ T4962] netdevsim netdevsim1 netdevsim3: entered allmulticast mode
[   66.467498][ T4962] bridge1: entered promiscuous mode
[   66.472766][ T4962] bridge1: entered allmulticast mode
[   66.480045][ T4962] bridge2: entered promiscuous mode
[   66.485410][ T4962] bridge2: entered allmulticast mode
[   66.492106][ T4962] bridge3: entered promiscuous mode
[   66.497470][ T4962] bridge3: entered allmulticast mode
[   66.505749][   T29] audit: type=1400 audit(1760913040.316:1152): avc:  denied  { map } for  pid=4993 comm="syz.4.454" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   66.515204][ T4962] veth2: entered promiscuous mode
[   66.534872][ T4962] veth2: entered allmulticast mode
[   66.540744][ T4962] veth3: entered promiscuous mode
[   66.545849][ T4962] veth3: entered allmulticast mode
[   66.551342][ T4962] veth4: entered promiscuous mode
[   66.556504][ T4962] veth4: entered allmulticast mode
[   66.562268][ T4962] veth5: entered promiscuous mode
[   66.567467][ T4962] veth5: entered allmulticast mode
[   66.645436][ T4996] loop4: detected capacity change from 0 to 512
[   66.652442][ T4996] EXT4-fs: Ignoring removed bh option
[   66.658149][ T4996] EXT4-fs: Ignoring removed mblk_io_submit option
[   66.671881][ T4996] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   66.683323][ T4996] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   66.691469][ T4996] EXT4-fs (loop4): orphan cleanup on readonly fs
[   66.698599][ T4996] Quota error (device loop4): do_insert_tree: Free block already used in tree: block 4
[   66.699409][ T4995] loop0: detected capacity change from 0 to 32768
[   66.708639][ T4996] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.454: Failed to acquire dquot type 1
[   66.730936][ T4996] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.454: Invalid block bitmap block 0 in block_group 0
[   66.744857][ T4996] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.454: Invalid block bitmap block 0 in block_group 0
[   66.759959][ T4996] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.454: Invalid block bitmap block 0 in block_group 0
[   66.773895][ T4996] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.454: Failed to acquire dquot type 1
[   66.786394][ T4996] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.454: Failed to acquire dquot type 1
[   66.799547][ T4995]  loop0: p1 p2 p3 < > p4 < p5 p6 >
[   66.804843][ T4995] loop0: p1 start 460800 is beyond EOD, truncated
[   66.811328][ T4995] loop0: p2 size 83886080 extends beyond EOD, truncated
[   66.846981][ T4996] EXT4-fs (loop4): 1 orphan inode deleted
[   66.861336][ T5001] vhci_hcd: default hub control req: 400c v5000 i0007 l0
[   66.873828][ T4996] syz.4.454 (4996) used greatest stack depth: 8992 bytes left
[   66.883402][ T4995] loop0: p5 start 460800 is beyond EOD, truncated
[   66.889903][ T4995] loop0: p6 size 83886080 extends beyond EOD, truncated
[   66.931587][ T5006] loop3: detected capacity change from 0 to 1024
[   67.455116][ T5020] loop0: detected capacity change from 0 to 2048
[   67.504386][ T5020] ext4 filesystem being mounted at /86/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.532075][ T5024] loop1: detected capacity change from 0 to 512
[   67.567069][ T5024] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a84ec018, mo2=0002]
[   67.588080][ T5024] System zones: 0-2, 18-18, 34-35
[   67.594878][ T5024] ext4 filesystem being mounted at /95/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   67.632385][ T5024] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   67.731702][ T5032] Q�6��\b��Y�4��: renamed from lo (while UP)
[   67.804648][ T5034] syzkaller0: entered promiscuous mode
[   67.810237][ T5034] syzkaller0: entered allmulticast mode
[   67.838394][ T5040] loop4: detected capacity change from 0 to 512
[   67.846791][ T5040] EXT4-fs: inline encryption not supported
[   67.852702][ T5040] EXT4-fs: Ignoring removed nobh option
[   67.860296][ T5040] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   67.871929][ T5040] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[   67.882100][ T5040] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.471: Corrupt directory, running e2fsck is recommended
[   67.900122][ T5040] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[   67.908427][ T5040] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.471: corrupted in-inode xattr: invalid ea_ino
[   67.922130][ T5040] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.471: couldn't read orphan inode 15 (err -117)
[   68.034122][ T5055] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[   68.040697][ T5055] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   68.048323][ T5055] vhci_hcd vhci_hcd.0: Device attached
[   68.207970][ T5061] loop2: detected capacity change from 0 to 164
[   68.294999][ T1028] usb 1-1: new low-speed USB device number 2 using vhci_hcd
[   68.805463][ T5057] vhci_hcd: connection reset by peer
[   68.811473][ T3331] vhci_hcd: stop threads
[   68.815870][ T3331] vhci_hcd: release socket
[   68.820377][ T3331] vhci_hcd: disconnect device
[   68.843979][ T5075] Q�6��\b��Y�4��: renamed from lo (while UP)
[   68.900151][ T5080] netlink: 12 bytes leftover after parsing attributes in process `syz.3.484'.
[   69.359394][ T5090] loop3: detected capacity change from 0 to 512
[   69.457225][ T5090] __quota_error: 202 callbacks suppressed
[   69.457300][ T5090] Quota error (device loop3): v2_read_file_info: Free block number 1 out of range (1, 6).
[   69.555534][ T5090] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   69.646966][ T5090] EXT4-fs (loop3): mount failed
[   69.921873][   T29] audit: type=1400 audit(1760913043.726:1350): avc:  denied  { write } for  pid=5097 comm="syz.1.490" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[   70.003427][   T29] audit: type=1400 audit(1760913043.796:1351): avc:  denied  { create } for  pid=5100 comm="syz.0.489" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   70.023037][   T29] audit: type=1400 audit(1760913043.796:1352): avc:  denied  { write } for  pid=5100 comm="syz.0.489" path="socket:[9041]" dev="sockfs" ino=9041 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   70.046207][   T29] audit: type=1400 audit(1760913043.796:1353): avc:  denied  { connect } for  pid=5100 comm="syz.0.489" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   70.090667][   T29] audit: type=1326 audit(1760913043.896:1354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5091 comm="syz.4.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   70.114092][   T29] audit: type=1326 audit(1760913043.896:1355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5091 comm="syz.4.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   70.143309][ T5106] netlink: 3 bytes leftover after parsing attributes in process `syz.3.491'.
[   70.153609][ T5106] !60�X���: renamed from caif0
[   70.158765][   T29] audit: type=1400 audit(1760913043.946:1356): avc:  denied  { write } for  pid=5104 comm="syz.3.491" name="netstat" dev="proc" ino=4026532656 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   70.183473][ T5106] !60�X���: entered allmulticast mode
[   70.188952][ T5106] A link change request failed with some changes committed already. Interface !60�X��� may have been left with an inconsistent configuration, please check.
[   70.301089][ T5116] netlink: 12 bytes leftover after parsing attributes in process `syz.2.496'.
[   70.411419][   T29] audit: type=1326 audit(1760913044.216:1357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5124 comm="syz.3.500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09d8c0efc9 code=0x7ffc0000
[   70.440368][   T29] audit: type=1326 audit(1760913044.216:1358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5124 comm="syz.3.500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09d8c0efc9 code=0x7ffc0000
[   70.490759][ T5108] loop0: detected capacity change from 0 to 512
[   70.504478][ T5130] netlink: 12 bytes leftover after parsing attributes in process `syz.2.502'.
[   70.521055][ T5108] EXT4-fs mount: 24 callbacks suppressed
[   70.521075][ T5108] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.544198][ T5108] ext4 filesystem being mounted at /97/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   70.557881][   T12] Bluetooth: hci0: Frame reassembly failed (-84)
[   70.594577][ T5130] x_tables: duplicate underflow at hook 1
[   70.716499][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.915084][ T5163] loop4: detected capacity change from 0 to 512
[   70.921854][ T5163] EXT4-fs: inline encryption not supported
[   70.944069][ T5163] EXT4-fs: Ignoring removed nobh option
[   70.951717][ T5163] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   70.963389][ T5163] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[   70.973523][ T5163] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.514: Corrupt directory, running e2fsck is recommended
[   70.995719][ T5163] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[   71.004151][ T5163] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.514: corrupted in-inode xattr: invalid ea_ino
[   71.025004][ T5163] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.514: couldn't read orphan inode 15 (err -117)
[   71.038137][ T5163] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.090261][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.206651][ T5179] rdma_rxe: rxe_newlink: failed to add bond0
[   71.216137][ T5171] loop1: detected capacity change from 0 to 512
[   71.261641][ T5171] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.275441][ T5171] ext4 filesystem being mounted at /103/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.338941][ T5194] netlink: 12 bytes leftover after parsing attributes in process `syz.4.525'.
[   71.358743][ T5194] x_tables: duplicate underflow at hook 1
[   71.374002][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.456720][ T5200] loop4: detected capacity change from 0 to 512
[   71.463360][ T5200] EXT4-fs: Ignoring removed nobh option
[   71.470597][ T5200] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.527: iget: bad i_size value: 38620345925642
[   71.483504][ T5200] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.527: couldn't read orphan inode 15 (err -117)
[   71.496489][ T5200] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.574921][ T5200] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.527: bg 0: block 5: invalid block bitmap
[   71.589825][ T5200] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[   71.602321][ T5200] EXT4-fs (loop4): This should not happen!! Data will be lost
[   71.602321][ T5200] 
[   71.612077][ T5200] EXT4-fs (loop4): Total free blocks count 0
[   71.618514][ T5200] EXT4-fs (loop4): Free/Dirty block details
[   71.624498][ T5200] EXT4-fs (loop4): free_blocks=0
[   71.629478][ T5200] EXT4-fs (loop4): dirty_blocks=2600
[   71.634777][ T5200] EXT4-fs (loop4): Block reservation details
[   71.641280][ T5200] EXT4-fs (loop4): i_reserved_data_blocks=2600
[   71.650192][   T12] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 16 with max blocks 2048 with error 28
[   71.779180][ T5210] xfrm0: left promiscuous mode
[   71.784158][ T5210] xfrm0: left allmulticast mode
[   72.007949][ T5223] loop0: detected capacity change from 0 to 512
[   72.026907][ T5223] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.039700][ T5223] ext4 filesystem being mounted at /103/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.102890][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.123094][ T5229] netlink: 12 bytes leftover after parsing attributes in process `syz.0.538'.
[   72.143771][ T5229] x_tables: duplicate underflow at hook 1
[   72.181684][ T5233] netlink: 8 bytes leftover after parsing attributes in process `syz.1.539'.
[   72.264436][ T5235] loop0: detected capacity change from 0 to 2048
[   72.279344][ T5235] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.294724][ T5235] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.540: bg 0: block 234: padding at end of block bitmap is not set
[   72.339899][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.390189][ T5245] bridge_slave_0: left allmulticast mode
[   72.395944][ T5245] bridge_slave_0: left promiscuous mode
[   72.401667][ T5245] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.411662][ T5245] bridge_slave_1: left allmulticast mode
[   72.417418][ T5245] bridge_slave_1: left promiscuous mode
[   72.423248][ T5245] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.434439][ T5245] bond0: (slave bond_slave_0): Releasing backup interface
[   72.446324][ T5245] bond0: (slave bond_slave_1): Releasing backup interface
[   72.453695][ T5243] loop1: detected capacity change from 0 to 32768
[   72.463122][ T5245] team0: Port device team_slave_0 removed
[   72.471777][ T5245] team0: Port device team_slave_1 removed
[   72.481237][ T5245] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   72.519009][ T5243]  loop1: p1 p2 p3 < > p4 < p5 p6 >
[   72.528206][ T5243] loop1: p1 start 460800 is beyond EOD, truncated
[   72.534780][ T5243] loop1: p2 size 83886080 extends beyond EOD, truncated
[   72.552138][ T5243] loop1: p5 start 460800 is beyond EOD, truncated
[   72.558708][ T5243] loop1: p6 size 83886080 extends beyond EOD, truncated
[   72.638773][ T3562] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   72.962315][ T5256] loop2: detected capacity change from 0 to 512
[   73.297891][ T5268] netlink: 8 bytes leftover after parsing attributes in process `syz.0.552'.
[   73.327472][ T2898] Bluetooth: hci0: Frame reassembly failed (-84)
[   73.339668][ T5266] x_tables: duplicate underflow at hook 1
[   73.355161][ T1028] usb 1-1: enqueue for inactive port 0
[   73.365286][ T1028] usb 1-1: enqueue for inactive port 0
[   73.427729][ T5274] rdma_rxe: rxe_newlink: failed to add bond0
[   73.445524][ T1028] vhci_hcd: vhci_device speed not set
[   74.468140][   T29] kauditd_printk_skb: 324 callbacks suppressed
[   74.468158][   T29] audit: type=1326 audit(1760913048.276:1683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5293 comm="syz.4.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   74.528390][   T29] audit: type=1326 audit(1760913048.276:1684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5293 comm="syz.4.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   74.543200][ T5296] netlink: 'syz.3.563': attribute type 2 has an invalid length.
[   74.551763][   T29] audit: type=1326 audit(1760913048.276:1685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5293 comm="syz.4.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   74.582871][   T29] audit: type=1326 audit(1760913048.276:1686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5293 comm="syz.4.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   74.606225][   T29] audit: type=1326 audit(1760913048.276:1687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5293 comm="syz.4.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   74.629730][   T29] audit: type=1326 audit(1760913048.276:1688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5293 comm="syz.4.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   74.653151][   T29] audit: type=1326 audit(1760913048.276:1689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5293 comm="syz.4.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=303 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   74.676816][   T29] audit: type=1326 audit(1760913048.276:1690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5293 comm="syz.4.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   74.700176][   T29] audit: type=1326 audit(1760913048.276:1691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5293 comm="syz.4.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   74.723508][   T29] audit: type=1326 audit(1760913048.276:1692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5293 comm="syz.4.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   74.755291][ T5303] netlink: 8 bytes leftover after parsing attributes in process `syz.3.564'.
[   74.865598][ T5308] loop3: detected capacity change from 0 to 1024
[   75.361499][ T5315] loop1: detected capacity change from 0 to 1024
[   75.374992][ T3562] Bluetooth: hci0: command 0x1003 tx timeout
[   75.381046][ T4558] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   75.401728][ T5315] EXT4-fs: Ignoring removed nomblk_io_submit option
[   75.428562][ T5315] EXT4-fs: inline encryption not supported
[   75.434738][ T5315] EXT4-fs: Ignoring removed nomblk_io_submit option
[   75.457823][ T5315] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.534574][ T5328] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.571' sets config #0
[   75.544708][ T5315] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.569: Allocating blocks 449-513 which overlap fs metadata
[   75.569452][ T5315] EXT4-fs (loop1): pa ffff88810728a770: logic 256, phys. 385, len 8
[   75.577668][ T5315] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   75.614511][ T5336] netlink: 12 bytes leftover after parsing attributes in process `syz.2.575'.
[   75.629345][ T5337] netlink: 8 bytes leftover after parsing attributes in process `syz.4.576'.
[   75.731676][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.053382][ T5356] loop4: detected capacity change from 0 to 1024
[   76.060482][ T5356] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   77.227044][ T5369] netlink: 12 bytes leftover after parsing attributes in process `syz.3.588'.
[   77.578446][ T5371] loop2: detected capacity change from 0 to 1024
[   77.585285][ T5371] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   78.174518][ T5378] loop3: detected capacity change from 0 to 1024
[   78.245079][ T5380] wireguard0: entered promiscuous mode
[   78.250626][ T5380] wireguard0: entered allmulticast mode
[   78.412730][ T5391] syz2: rxe_newlink: already configured on bond0
[   78.514077][ T5398] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.594' sets config #-1
[   79.414307][ T5414] loop4: detected capacity change from 0 to 128
[   79.424781][ T5414] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   79.440714][ T5414] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   79.460694][ T5420] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.604' sets config #0
[   79.548786][ T3331] Bluetooth: hci0: Frame reassembly failed (-84)
[   79.560421][ T5424] x_tables: duplicate underflow at hook 1
[   79.640502][ T5426] syz2: rxe_newlink: already configured on bond0
[   79.677197][   T29] kauditd_printk_skb: 179 callbacks suppressed
[   79.677222][   T29] audit: type=1326 audit(1760913053.476:1872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5427 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0b4c4efc9 code=0x7ffc0000
[   79.707558][   T29] audit: type=1326 audit(1760913053.476:1873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5427 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0b4c4efc9 code=0x7ffc0000
[   79.730913][   T29] audit: type=1326 audit(1760913053.476:1874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5427 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0b4c4efc9 code=0x7ffc0000
[   79.754332][   T29] audit: type=1326 audit(1760913053.476:1875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5427 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0b4c4efc9 code=0x7ffc0000
[   79.777674][   T29] audit: type=1326 audit(1760913053.476:1876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5427 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0b4c4efc9 code=0x7ffc0000
[   79.801154][   T29] audit: type=1326 audit(1760913053.476:1877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5427 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb0b4c4efc9 code=0x7ffc0000
[   79.824493][   T29] audit: type=1326 audit(1760913053.476:1878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5427 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0b4c4efc9 code=0x7ffc0000
[   79.847861][   T29] audit: type=1326 audit(1760913053.476:1879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5427 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0b4c4efc9 code=0x7ffc0000
[   79.871234][   T29] audit: type=1326 audit(1760913053.476:1880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5427 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0b4c4efc9 code=0x7ffc0000
[   79.894665][   T29] audit: type=1326 audit(1760913053.476:1881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5427 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0b4c4efc9 code=0x7ffc0000
[   80.087047][ T5434] loop3: detected capacity change from 0 to 512
[   80.124467][ T5434] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.144275][ T5434] ext4 filesystem being mounted at /105/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.298637][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.344405][ T5455] netlink: 8 bytes leftover after parsing attributes in process `syz.0.619'.
[   80.436944][ T5460] loop0: detected capacity change from 0 to 1024
[   80.449411][ T5461] loop3: detected capacity change from 0 to 1024
[   80.460611][ T5460] EXT4-fs: Ignoring removed nomblk_io_submit option
[   80.472583][ T5463] netlink: 8 bytes leftover after parsing attributes in process `syz.2.622'.
[   80.473304][ T5460] EXT4-fs: inline encryption not supported
[   80.487509][ T5460] EXT4-fs: Ignoring removed nomblk_io_submit option
[   80.503917][ T5461] EXT4-fs: Ignoring removed nomblk_io_submit option
[   80.511313][ T5461] EXT4-fs: inline encryption not supported
[   80.517298][ T5461] EXT4-fs: Ignoring removed nomblk_io_submit option
[   80.525849][ T5460] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.563459][ T5461] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.631698][ T5460] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.621: Allocating blocks 449-513 which overlap fs metadata
[   80.649787][ T5460] EXT4-fs (loop0): pa ffff88810720b2a0: logic 256, phys. 385, len 8
[   80.653131][ T5461] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.620: Allocating blocks 449-513 which overlap fs metadata
[   80.657923][ T5460] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   80.674776][ T5461] EXT4-fs (loop3): pa ffff88810720b310: logic 256, phys. 385, len 8
[   80.689732][ T5461] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   80.746871][ T5471] loop2: detected capacity change from 0 to 512
[   80.759279][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.770953][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.785195][ T5471] EXT4-fs: Ignoring removed nobh option
[   80.787463][ T5473] loop1: detected capacity change from 0 to 512
[   80.805120][ T5473] ext4: Unknown parameter 'smackfsroot'
[   80.826113][ T5471] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.626: iget: bad i_size value: 38620345925642
[   80.845436][ T5471] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.626: couldn't read orphan inode 15 (err -117)
[   80.908474][ T5471] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.924338][ T5484] loop3: detected capacity change from 0 to 512
[   80.953072][ T5488] netlink: 'syz.0.632': attribute type 1 has an invalid length.
[   80.960857][ T5488] netlink: 198116 bytes leftover after parsing attributes in process `syz.0.632'.
[   80.974959][ T5488] pimreg3: entered allmulticast mode
[   80.988981][ T5490] netlink: 12 bytes leftover after parsing attributes in process `syz.3.633'.
[   81.086074][ T5495] loop0: detected capacity change from 0 to 1024
[   81.094467][ T5495] EXT4-fs: Ignoring removed nobh option
[   81.100212][ T5495] EXT4-fs: Ignoring removed bh option
[   81.166350][ T5360] Bluetooth: hci1: Frame reassembly failed (-84)
[   81.196410][ T5495] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.236220][ T5495] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.635: Allocating blocks 449-513 which overlap fs metadata
[   81.250406][ T5495] EXT4-fs (loop0): Remounting filesystem read-only
[   81.273514][ T5486] loop1: detected capacity change from 0 to 128
[   81.281220][ T5494] EXT4-fs (loop0): pa ffff88810720b380: logic 48, phys. 177, len 21
[   81.306105][ T5486] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   81.335559][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.344815][ T3445] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm kworker/u8:7: bg 0: block 5: invalid block bitmap
[   81.345548][ T3445] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   81.357393][ T5486] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   81.369840][ T3445] EXT4-fs (loop2): This should not happen!! Data will be lost
[   81.369840][ T3445] 
[   81.388591][ T3445] EXT4-fs (loop2): Total free blocks count 0
[   81.394593][ T3445] EXT4-fs (loop2): Free/Dirty block details
[   81.400574][ T3445] EXT4-fs (loop2): free_blocks=0
[   81.405586][ T3445] EXT4-fs (loop2): dirty_blocks=16000
[   81.411004][ T3445] EXT4-fs (loop2): Block reservation details
[   81.417067][ T3445] EXT4-fs (loop2): i_reserved_data_blocks=16000
[   81.446528][ T3445] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[   81.472106][ T5503] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   81.472106][ T5503]    program syz.0.636 not setting count and/or reply_len properly
[   81.496250][ T5503] FAULT_INJECTION: forcing a failure.
[   81.496250][ T5503] name failslab, interval 1, probability 0, space 0, times 0
[   81.508985][ T5503] CPU: 1 UID: 0 PID: 5503 Comm: syz.0.636 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   81.509018][ T5503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   81.509034][ T5503] Call Trace:
[   81.509043][ T5503]  <TASK>
[   81.509051][ T5503]  __dump_stack+0x1d/0x30
[   81.509075][ T5503]  dump_stack_lvl+0xe8/0x140
[   81.509168][ T5503]  dump_stack+0x15/0x1b
[   81.509188][ T5503]  should_fail_ex+0x265/0x280
[   81.509231][ T5503]  should_failslab+0x8c/0xb0
[   81.509283][ T5503]  __kmalloc_noprof+0xa5/0x570
[   81.509317][ T5503]  ? bio_kmalloc+0x41/0x50
[   81.509352][ T5503]  bio_kmalloc+0x41/0x50
[   81.509417][ T5503]  blk_rq_map_user_iov+0x5f4/0x1520
[   81.509455][ T5503]  blk_rq_map_user_io+0x18f/0x260
[   81.509480][ T5503]  ? _raw_spin_unlock+0x26/0x50
[   81.509517][ T5503]  ? finish_task_switch+0xad/0x2b0
[   81.509624][ T5503]  ? __schedule+0x6b9/0xb30
[   81.509686][ T5503]  ? sg_link_reserve+0x117/0x140
[   81.509824][ T5503]  sg_common_write+0xb06/0xc30
[   81.509863][ T5503]  sg_write+0x6b5/0x750
[   81.509906][ T5503]  vfs_writev+0x406/0x8b0
[   81.509947][ T5503]  ? __pfx_sg_write+0x10/0x10
[   81.510043][ T5503]  do_writev+0xe7/0x210
[   81.510119][ T5503]  __x64_sys_writev+0x45/0x50
[   81.510154][ T5503]  x64_sys_call+0x1e9a/0x3000
[   81.510260][ T5503]  do_syscall_64+0xd2/0x200
[   81.510290][ T5503]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   81.510323][ T5503]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   81.510381][ T5503]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.510406][ T5503] RIP: 0033:0x7f30ca34efc9
[   81.510424][ T5503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.510446][ T5503] RSP: 002b:00007f30c8daf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   81.510469][ T5503] RAX: ffffffffffffffda RBX: 00007f30ca5a5fa0 RCX: 00007f30ca34efc9
[   81.510497][ T5503] RDX: 0000000000000002 RSI: 0000200000000080 RDI: 0000000000000003
[   81.510512][ T5503] RBP: 00007f30c8daf090 R08: 0000000000000000 R09: 0000000000000000
[   81.510526][ T5503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.510541][ T5503] R13: 00007f30ca5a6038 R14: 00007f30ca5a5fa0 R15: 00007ffe20b5a7d8
[   81.510563][ T5503]  </TASK>
[   81.511242][ T5505] syz2: rxe_newlink: already configured on bond0
[   81.578032][ T5508] loop0: detected capacity change from 0 to 512
[   81.617182][ T4926] Bluetooth: hci0: command 0x1003 tx timeout
[   81.617640][ T4558] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   81.818759][ T5522] loop1: detected capacity change from 0 to 512
[   81.947607][   T52] Bluetooth: hci0: Frame reassembly failed (-84)
[   81.960022][ T5537] x_tables: duplicate underflow at hook 1
[   82.204450][ T5557] loop4: detected capacity change from 0 to 1024
[   82.222514][ T5557] EXT4-fs: Ignoring removed nomblk_io_submit option
[   82.232589][ T5559] FAULT_INJECTION: forcing a failure.
[   82.232589][ T5559] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   82.234640][ T5534] loop1: detected capacity change from 0 to 128
[   82.245822][ T5559] CPU: 0 UID: 0 PID: 5559 Comm: syz.2.659 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   82.245874][ T5559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   82.245894][ T5559] Call Trace:
[   82.245911][ T5559]  <TASK>
[   82.245922][ T5559]  __dump_stack+0x1d/0x30
[   82.246026][ T5559]  dump_stack_lvl+0xe8/0x140
[   82.246055][ T5559]  dump_stack+0x15/0x1b
[   82.246079][ T5559]  should_fail_ex+0x265/0x280
[   82.246152][ T5559]  should_fail+0xb/0x20
[   82.246197][ T5559]  should_fail_usercopy+0x1a/0x20
[   82.246228][ T5559]  _copy_from_user+0x1c/0xb0
[   82.246264][ T5559]  ___sys_sendmsg+0xc1/0x1d0
[   82.246399][ T5559]  __x64_sys_sendmsg+0xd4/0x160
[   82.246501][ T5559]  x64_sys_call+0x191e/0x3000
[   82.246533][ T5559]  do_syscall_64+0xd2/0x200
[   82.246567][ T5559]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   82.246688][ T5559]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   82.246722][ T5559]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.246752][ T5559] RIP: 0033:0x7ff7642fefc9
[   82.246775][ T5559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.246816][ T5559] RSP: 002b:00007ff762d5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   82.246843][ T5559] RAX: ffffffffffffffda RBX: 00007ff764555fa0 RCX: 00007ff7642fefc9
[   82.246861][ T5559] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000006
[   82.246879][ T5559] RBP: 00007ff762d5f090 R08: 0000000000000000 R09: 0000000000000000
[   82.246896][ T5559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.246920][ T5559] R13: 00007ff764556038 R14: 00007ff764555fa0 R15: 00007ffca5c9b668
[   82.246949][ T5559]  </TASK>
[   82.247685][ T5557] EXT4-fs: inline encryption not supported
[   82.264157][ T5534] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   82.271865][ T5557] EXT4-fs: Ignoring removed nomblk_io_submit option
[   82.424991][ T5534] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   82.465396][ T5557] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.519290][ T5557] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.657: Allocating blocks 449-513 which overlap fs metadata
[   82.545254][ T5566] Q�6��\b��Y�4��: left promiscuous mode
[   82.554003][ T5557] EXT4-fs (loop4): pa ffff88810720b310: logic 256, phys. 385, len 8
[   82.562273][ T5557] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   82.580549][ T5566] A link change request failed with some changes committed already. Interface Q�6��\b��Y�4�� may have been left with an inconsistent configuration, please check.
[   82.626599][ T5570] netlink: 8 bytes leftover after parsing attributes in process `syz.2.663'.
[   82.640682][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.888588][ T5584] netlink: 12 bytes leftover after parsing attributes in process `syz.4.669'.
[   83.195051][ T4926] Bluetooth: hci1: command 0x1003 tx timeout
[   83.195233][ T3562] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   83.260599][ T5598] loop4: detected capacity change from 0 to 32768
[   83.270800][ T5600] loop2: detected capacity change from 0 to 128
[   83.297978][ T5600] /dev/loop2: Can't open blockdev
[   83.305611][ T3581]  loop4: p1 p2 p3 < > p4 < p5 p6 >
[   83.313141][ T3581] loop4: p1 start 460800 is beyond EOD, truncated
[   83.319640][ T3581] loop4: p2 size 83886080 extends beyond EOD, truncated
[   83.337402][ T3581] loop4: p5 start 460800 is beyond EOD, truncated
[   83.343882][ T3581] loop4: p6 size 83886080 extends beyond EOD, truncated
[   83.371872][ T5609] netlink: 8 bytes leftover after parsing attributes in process `syz.2.677'.
[   83.382525][ T5598]  loop4: p1 p2 p3 < > p4 < p5 p6 >
[   83.395084][ T5598] loop4: p1 start 460800 is beyond EOD, truncated
[   83.401738][ T5598] loop4: p2 size 83886080 extends beyond EOD, truncated
[   83.430629][ T5598] loop4: p5 start 460800 is beyond EOD, truncated
[   83.437167][ T5598] loop4: p6 size 83886080 extends beyond EOD, truncated
[   83.669435][ T5614] loop2: detected capacity change from 0 to 512
[   83.686675][ T5614] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.699507][ T5614] ext4 filesystem being mounted at /128/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.732649][ T5624] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.682' sets config #0
[   83.770956][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.995336][ T3562] Bluetooth: hci0: command 0x1003 tx timeout
[   84.001382][ T4558] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   84.124004][ T5640] netlink: 8 bytes leftover after parsing attributes in process `syz.0.689'.
[   84.207882][ T5644] rdma_rxe: rxe_newlink: failed to add bond0
[   84.248342][ T5646] loop0: detected capacity change from 0 to 2048
[   84.279798][ T3583] Alternate GPT is invalid, using primary GPT.
[   84.286338][ T3583]  loop0: p2 p3 p7
[   84.333471][ T5646] Alternate GPT is invalid, using primary GPT.
[   84.339987][ T5646]  loop0: p2 p3 p7
[   84.378389][ T5646] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   84.398854][ T5646] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   84.418178][ T5646] netlink: 4 bytes leftover after parsing attributes in process `syz.0.693'.
[   84.427298][ T5663] loop4: detected capacity change from 0 to 1024
[   84.451284][ T5663] EXT4-fs: inline encryption not supported
[   84.464449][ T5646] batadv_slave_0: entered promiscuous mode
[   84.484088][ T5663] EXT4-fs (loop4): orphan cleanup on readonly fs
[   84.494464][ T5668] netlink: 8 bytes leftover after parsing attributes in process `syz.3.702'.
[   84.494696][ T5663] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.700: Failed to acquire dquot type 0
[   84.516107][ T5663] EXT4-fs (loop4): 1 truncate cleaned up
[   84.522535][ T5663] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   84.542574][ T5663] vhci_hcd: default hub control req: 0314 v001b i0006 l0
[   84.582624][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.646521][ T3445] Bluetooth: hci0: Frame reassembly failed (-84)
[   84.698969][ T5683] rdma_rxe: rxe_newlink: failed to add bond0
[   84.738103][ T5686] loop2: detected capacity change from 0 to 1024
[   84.747029][ T5686] EXT4-fs: Ignoring removed nomblk_io_submit option
[   84.753780][ T5686] EXT4-fs: inline encryption not supported
[   84.759722][ T5686] EXT4-fs: Ignoring removed nomblk_io_submit option
[   84.789584][ T5686] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.805122][   T29] kauditd_printk_skb: 258 callbacks suppressed
[   84.805140][   T29] audit: type=1326 audit(1760913058.616:2138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5691 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   84.835266][   T29] audit: type=1326 audit(1760913058.616:2139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5691 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   84.858632][   T29] audit: type=1326 audit(1760913058.616:2140): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5691 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   84.882472][   T29] audit: type=1326 audit(1760913058.616:2141): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5691 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   84.906030][   T29] audit: type=1326 audit(1760913058.616:2142): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5691 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   84.926375][ T5686] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.710: Allocating blocks 449-513 which overlap fs metadata
[   84.929837][   T29] audit: type=1326 audit(1760913058.616:2143): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5691 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   84.967056][   T29] audit: type=1326 audit(1760913058.616:2144): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5691 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   84.990735][   T29] audit: type=1326 audit(1760913058.616:2145): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5691 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   84.991078][ T5695] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.712' sets config #0
[   85.014386][   T29] audit: type=1326 audit(1760913058.616:2146): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5691 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   85.014427][   T29] audit: type=1326 audit(1760913058.616:2147): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5691 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   85.070925][ T5686] EXT4-fs (loop2): pa ffff88810720b460: logic 256, phys. 385, len 8
[   85.078997][ T5686] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   85.124644][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.254602][ T5712] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.716' sets config #-1
[   85.373496][ T5723] loop2: detected capacity change from 0 to 1024
[   85.664660][ T5732] rdma_rxe: rxe_newlink: failed to add bond0
[   85.737237][ T5738] FAULT_INJECTION: forcing a failure.
[   85.737237][ T5738] name failslab, interval 1, probability 0, space 0, times 0
[   85.750026][ T5738] CPU: 1 UID: 0 PID: 5738 Comm: syz.3.731 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   85.750088][ T5738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   85.750104][ T5738] Call Trace:
[   85.750111][ T5738]  <TASK>
[   85.750119][ T5738]  __dump_stack+0x1d/0x30
[   85.750140][ T5738]  dump_stack_lvl+0xe8/0x140
[   85.750162][ T5738]  dump_stack+0x15/0x1b
[   85.750180][ T5738]  should_fail_ex+0x265/0x280
[   85.750227][ T5738]  should_failslab+0x8c/0xb0
[   85.750263][ T5738]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   85.750413][ T5738]  ? perf_event_alloc+0x14c/0x1740
[   85.750491][ T5738]  perf_event_alloc+0x14c/0x1740
[   85.750521][ T5738]  __se_sys_perf_event_open+0x615/0x11c0
[   85.750561][ T5738]  ? __rcu_read_unlock+0x4f/0x70
[   85.750715][ T5738]  __x64_sys_perf_event_open+0x67/0x80
[   85.750742][ T5738]  x64_sys_call+0x7bd/0x3000
[   85.750767][ T5738]  do_syscall_64+0xd2/0x200
[   85.750840][ T5738]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   85.750877][ T5738]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   85.750909][ T5738]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.750931][ T5738] RIP: 0033:0x7f09d8c0efc9
[   85.751016][ T5738] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.751041][ T5738] RSP: 002b:00007f09d7677038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[   85.751065][ T5738] RAX: ffffffffffffffda RBX: 00007f09d8e65fa0 RCX: 00007f09d8c0efc9
[   85.751077][ T5738] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[   85.751090][ T5738] RBP: 00007f09d7677090 R08: 0000000000000000 R09: 0000000000000000
[   85.751155][ T5738] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[   85.751172][ T5738] R13: 00007f09d8e66038 R14: 00007f09d8e65fa0 R15: 00007ffebd3bba08
[   85.751197][ T5738]  </TASK>
[   86.306507][ T5768] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.742' sets config #0
[   86.404894][ T5773] syz.4.747 (5773) used obsolete PPPIOCDETACH ioctl
[   86.714958][ T4558] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   86.721189][ T3562] Bluetooth: hci0: command 0x1003 tx timeout
[   86.875301][ T5793] loop2: detected capacity change from 0 to 1024
[   87.164730][ T5795] netlink: 'syz.0.756': attribute type 10 has an invalid length.
[   87.173061][ T5795] ipvlan0: entered allmulticast mode
[   87.178461][ T5795] veth0_vlan: entered allmulticast mode
[   87.187005][ T5795] team0: Device ipvlan0 failed to register rx_handler
[   87.200291][ T5797] __nla_validate_parse: 2 callbacks suppressed
[   87.200305][ T5797] netlink: 8 bytes leftover after parsing attributes in process `syz.3.757'.
[   87.258134][ T5799] loop0: detected capacity change from 0 to 1024
[   87.285467][ T5799] EXT4-fs: Ignoring removed nomblk_io_submit option
[   87.306843][ T5799] EXT4-fs: inline encryption not supported
[   87.312784][ T5799] EXT4-fs: Ignoring removed nomblk_io_submit option
[   87.326412][ T5799] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.431116][ T5799] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.758: Allocating blocks 449-513 which overlap fs metadata
[   87.473191][ T5799] EXT4-fs (loop0): pa ffff88810720b460: logic 256, phys. 385, len 8
[   87.481473][ T5799] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   87.489526][ T5811] loop3: detected capacity change from 0 to 128
[   87.500181][ T5811] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   87.530522][ T5811] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   87.599636][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.694560][ T5823] loop0: detected capacity change from 0 to 1024
[   87.702965][ T5823] EXT4-fs: Ignoring removed nobh option
[   87.708660][ T5823] EXT4-fs: Ignoring removed bh option
[   87.722554][ T5826] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.767' sets config #0
[   87.747134][ T5823] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.776327][ T5830] netlink: 8 bytes leftover after parsing attributes in process `syz.2.770'.
[   87.781807][ T5823] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.766: Allocating blocks 449-513 which overlap fs metadata
[   87.799439][ T5823] EXT4-fs (loop0): Remounting filesystem read-only
[   87.808995][ T5820] EXT4-fs (loop0): pa ffff88810728a770: logic 48, phys. 177, len 21
[   87.837767][ T5834] xt_hashlimit: max too large, truncated to 1048576
[   87.849570][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.883739][   T52] Bluetooth: hci0: Frame reassembly failed (-84)
[   87.902620][ T5836] x_tables: duplicate underflow at hook 1
[   88.097742][ T5851] loop2: detected capacity change from 0 to 1024
[   88.563885][ T5853] xt_hashlimit: overflow, try lower: 17592186044416/9
[   88.620752][ T5855] netlink: 12 bytes leftover after parsing attributes in process `syz.3.782'.
[   88.646321][ T5360] Bluetooth: hci1: Frame reassembly failed (-84)
[   88.696990][ T5857] netlink: 8 bytes leftover after parsing attributes in process `syz.1.783'.
[   88.760740][ T5862] loop4: detected capacity change from 0 to 1024
[   88.775520][ T5862] EXT4-fs: Ignoring removed nobh option
[   88.781169][ T5862] EXT4-fs: Ignoring removed bh option
[   88.793474][ T5864] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   88.802581][ T5864] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   88.812736][ T5862] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.838557][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.859793][ T5864] netlink: 'syz.1.786': attribute type 10 has an invalid length.
[   88.874988][ T5864] ipvlan0: left promiscuous mode
[   88.881072][ T5864] team0: Device ipvlan0 failed to register rx_handler
[   88.993920][ T5877] netlink: 12 bytes leftover after parsing attributes in process `syz.2.791'.
[   89.026669][ T5360] Bluetooth: hci2: Frame reassembly failed (-84)
[   89.575713][ T5882] loop1: detected capacity change from 0 to 32768
[   89.616277][ T3581]  loop1: p1 p2 p3 < > p4 < p5 p6 >
[   89.621719][ T3581] loop1: p1 start 460800 is beyond EOD, truncated
[   89.628203][ T3581] loop1: p2 size 83886080 extends beyond EOD, truncated
[   89.637633][ T3581] loop1: p5 start 460800 is beyond EOD, truncated
[   89.644112][ T3581] loop1: p6 size 83886080 extends beyond EOD, truncated
[   89.655639][ T5882]  loop1: p1 p2 p3 < > p4 < p5 p6 >
[   89.663407][ T5882] loop1: p1 start 460800 is beyond EOD, truncated
[   89.669997][ T5882] loop1: p2 size 83886080 extends beyond EOD, truncated
[   89.679013][ T5882] loop1: p5 start 460800 is beyond EOD, truncated
[   89.685558][ T5882] loop1: p6 size 83886080 extends beyond EOD, truncated
[   89.708146][ T5886] loop4: detected capacity change from 0 to 1024
[   89.716175][ T5886] EXT4-fs: Ignoring removed nomblk_io_submit option
[   89.727229][ T5886] EXT4-fs: inline encryption not supported
[   89.733180][ T5886] EXT4-fs: Ignoring removed nomblk_io_submit option
[   89.748401][ T5886] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.826412][ T5886] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.794: Allocating blocks 449-513 which overlap fs metadata
[   89.843344][ T5886] EXT4-fs (loop4): pa ffff88810728a930: logic 256, phys. 385, len 8
[   89.851452][ T5886] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   89.877206][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.899319][   T29] kauditd_printk_skb: 225 callbacks suppressed
[   89.899336][   T29] audit: type=1326 audit(1760913063.706:2373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5891 comm="syz.4.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   89.914962][ T4558] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   89.929712][   T29] audit: type=1326 audit(1760913063.716:2374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5891 comm="syz.4.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   89.935094][ T3704] Bluetooth: hci0: command 0x1003 tx timeout
[   89.958385][   T29] audit: type=1326 audit(1760913063.716:2375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5891 comm="syz.4.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   89.987676][   T29] audit: type=1326 audit(1760913063.716:2376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5891 comm="syz.4.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   90.011384][   T29] audit: type=1326 audit(1760913063.716:2377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5891 comm="syz.4.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   90.035003][   T29] audit: type=1326 audit(1760913063.716:2378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5891 comm="syz.4.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   90.058337][   T29] audit: type=1326 audit(1760913063.716:2379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5891 comm="syz.4.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   90.081705][   T29] audit: type=1326 audit(1760913063.716:2380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5891 comm="syz.4.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=303 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   90.105062][   T29] audit: type=1326 audit(1760913063.716:2381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5891 comm="syz.4.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   90.128491][   T29] audit: type=1326 audit(1760913063.716:2382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5891 comm="syz.4.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c92e0efc9 code=0x7ffc0000
[   90.287754][ T5901] loop0: detected capacity change from 0 to 1024
[   90.398838][ T5907] loop1: detected capacity change from 0 to 1024
[   90.406091][ T5907] EXT4-fs: Ignoring removed nobh option
[   90.411711][ T5907] EXT4-fs: Ignoring removed bh option
[   90.426724][ T5907] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.453545][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.485825][ T5912] loop1: detected capacity change from 0 to 128
[   90.507607][ T5912] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   90.530790][ T5912] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   90.714973][ T3704] Bluetooth: hci1: command 0x1003 tx timeout
[   90.715084][ T3562] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   91.028717][ T5925] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.807' sets config #0
[   91.035425][ T4926] Bluetooth: hci2: Opcode 0x1003 failed: -110
[   91.038704][ T3562] Bluetooth: hci2: command 0x1003 tx timeout
[   91.330396][ T5936] loop1: detected capacity change from 0 to 1024
[   91.435725][ T5932] loop0: detected capacity change from 0 to 32768
[   91.475365][ T3581]  loop0: p1 p2 p3 < > p4 < p5 p6 >
[   91.480850][ T3581] loop0: p1 start 460800 is beyond EOD, truncated
[   91.487332][ T3581] loop0: p2 size 83886080 extends beyond EOD, truncated
[   91.496089][ T3581] loop0: p5 start 460800 is beyond EOD, truncated
[   91.502542][ T3581] loop0: p6 size 83886080 extends beyond EOD, truncated
[   91.513375][ T5932]  loop0: p1 p2 p3 < > p4 < p5 p6 >
[   91.518798][ T5932] loop0: p1 start 460800 is beyond EOD, truncated
[   91.525268][ T5932] loop0: p2 size 83886080 extends beyond EOD, truncated
[   91.533906][ T5932] loop0: p5 start 460800 is beyond EOD, truncated
[   91.540425][ T5932] loop0: p6 size 83886080 extends beyond EOD, truncated
[   91.946863][ T5948] netlink: 256 bytes leftover after parsing attributes in process `syz.4.817'.
[   92.160987][ T5960] loop0: detected capacity change from 0 to 1024
[   92.172752][ T5962] loop2: detected capacity change from 0 to 1024
[   92.179839][ T5960] EXT4-fs: Ignoring removed nomblk_io_submit option
[   92.187199][ T5960] EXT4-fs: inline encryption not supported
[   92.193094][ T5960] EXT4-fs: Ignoring removed nomblk_io_submit option
[   92.233738][ T5960] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.363458][ T5960] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.821: Allocating blocks 449-513 which overlap fs metadata
[   92.383468][ T5960] EXT4-fs (loop0): pa ffff88810728a8c0: logic 256, phys. 385, len 8
[   92.391725][ T5960] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   92.420723][ T5977] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.826' sets config #0
[   92.423022][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.688239][ T5986] loop0: detected capacity change from 0 to 32768
[   92.745688][ T3581]  loop0: p1 p2 p3 < > p4 < p5 p6 >
[   92.753151][ T3581] loop0: p1 start 460800 is beyond EOD, truncated
[   92.759704][ T3581] loop0: p2 size 83886080 extends beyond EOD, truncated
[   92.768340][ T3581] loop0: p5 start 460800 is beyond EOD, truncated
[   92.774799][ T3581] loop0: p6 size 83886080 extends beyond EOD, truncated
[   92.784616][ T5986]  loop0: p1 p2 p3 < > p4 < p5 p6 >
[   92.795762][ T5986] loop0: p1 start 460800 is beyond EOD, truncated
[   92.802238][ T5986] loop0: p2 size 83886080 extends beyond EOD, truncated
[   92.816319][ T5986] loop0: p5 start 460800 is beyond EOD, truncated
[   92.822828][ T5986] loop0: p6 size 83886080 extends beyond EOD, truncated
[   92.970175][ T6005] netlink: 12 bytes leftover after parsing attributes in process `syz.1.840'.
[   93.370268][ T6027] rdma_rxe: rxe_newlink: failed to add bond0
[   93.499769][ T6041] loop3: detected capacity change from 0 to 128
[   93.509029][ T6041] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   93.536472][ T6041] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   93.575842][ T6032] loop2: detected capacity change from 0 to 2048
[   93.607452][ T6032] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   93.666314][ T6032] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.852: bg 0: block 234: padding at end of block bitmap is not set
[   93.738316][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.801197][ T6066] loop1: detected capacity change from 0 to 1024
[   93.843108][ T6066] EXT4-fs: Ignoring removed nomblk_io_submit option
[   93.850012][ T6066] EXT4-fs: inline encryption not supported
[   93.855901][ T6066] EXT4-fs: Ignoring removed nomblk_io_submit option
[   93.877037][ T6066] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.908704][ T6075] rdma_rxe: rxe_newlink: failed to add bond0
[   93.961994][ T6079] loop4: detected capacity change from 0 to 1024
[   94.018473][ T6062] loop3: detected capacity change from 0 to 32768
[   94.018733][ T6066] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.868: Allocating blocks 449-513 which overlap fs metadata
[   94.071835][ T6066] EXT4-fs (loop1): pa ffff88810720b540: logic 256, phys. 385, len 8
[   94.079980][ T6066] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   94.095763][ T3301]  loop3: p1 p2 p3 < > p4 < p5 p6 >
[   94.105013][ T3301] loop3: p1 start 460800 is beyond EOD, truncated
[   94.111504][ T3301] loop3: p2 size 83886080 extends beyond EOD, truncated
[   94.144016][ T3301] loop3: p5 start 460800 is beyond EOD, truncated
[   94.150555][ T3301] loop3: p6 size 83886080 extends beyond EOD, truncated
[   94.161331][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.173983][ T6062]  loop3: p1 p2 p3 < > p4 < p5 p6 >
[   94.179847][ T6062] loop3: p1 start 460800 is beyond EOD, truncated
[   94.186361][ T6062] loop3: p2 size 83886080 extends beyond EOD, truncated
[   94.255753][ T6062] loop3: p5 start 460800 is beyond EOD, truncated
[   94.262319][ T6062] loop3: p6 size 83886080 extends beyond EOD, truncated
[   94.314064][ T6094] loop4: detected capacity change from 0 to 8192
[   94.368248][ T6094] netlink: 12 bytes leftover after parsing attributes in process `syz.4.876'.
[   94.449103][ T6108] netlink: 12 bytes leftover after parsing attributes in process `syz.2.883'.
[   94.701766][ T6120] loop0: detected capacity change from 0 to 1024
[   94.702211][ T6120] EXT4-fs: Ignoring removed nomblk_io_submit option
[   94.702332][ T6120] EXT4-fs: inline encryption not supported
[   94.702375][ T6120] EXT4-fs: Ignoring removed nomblk_io_submit option
[   94.718590][ T6120] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   94.819152][ T6120] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.886: Allocating blocks 449-513 which overlap fs metadata
[   94.819509][ T6120] EXT4-fs (loop0): pa ffff88810728a8c0: logic 256, phys. 385, len 8
[   94.819532][ T6120] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   94.873158][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.939377][ T3583] udevd[3583]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   94.940989][ T3301] udevd[3301]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory
[   94.941519][ T6112] udevd[6112]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   94.973126][ T3581] udevd[3581]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   95.038233][ T6136] loop0: detected capacity change from 0 to 512
[   95.038618][ T6136] EXT4-fs: Ignoring removed bh option
[   95.038760][ T6136] EXT4-fs: Ignoring removed mblk_io_submit option
[   95.045802][ T6136] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   95.103340][ T6136] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   95.103449][ T6136] EXT4-fs (loop0): orphan cleanup on readonly fs
[   95.103820][ T6136] __quota_error: 418 callbacks suppressed
[   95.103840][ T6136] Quota error (device loop0): do_insert_tree: Free block already used in tree: block 4
[   95.134271][ T6136] Quota error (device loop0): qtree_write_dquot: Error -5 occurred while creating quota
[   95.148430][ T6136] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.891: Failed to acquire dquot type 1
[   95.148885][ T6136] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.891: Invalid block bitmap block 0 in block_group 0
[   95.149106][ T6136] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.891: Invalid block bitmap block 0 in block_group 0
[   95.149265][ T6136] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.891: Invalid block bitmap block 0 in block_group 0
[   95.149525][ T6136] Quota error (device loop0): write_blk: dquota write failed
[   95.208327][ T6136] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[   95.208360][ T6136] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.891: Failed to acquire dquot type 1
[   95.230133][ T6136] Quota error (device loop0): write_blk: dquota write failed
[   95.230212][ T6136] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[   95.230281][ T6136] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.891: Failed to acquire dquot type 1
[   95.230502][ T6136] EXT4-fs (loop0): 1 orphan inode deleted
[   95.248498][ T6136] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   95.363276][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.365637][ T6140] FAULT_INJECTION: forcing a failure.
[   95.365637][ T6140] name failslab, interval 1, probability 0, space 0, times 0
[   95.365734][ T6140] CPU: 0 UID: 0 PID: 6140 Comm: syz.2.893 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   95.365759][ T6140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   95.365771][ T6140] Call Trace:
[   95.365777][ T6140]  <TASK>
[   95.365785][ T6140]  __dump_stack+0x1d/0x30
[   95.365808][ T6140]  dump_stack_lvl+0xe8/0x140
[   95.365895][ T6140]  dump_stack+0x15/0x1b
[   95.365918][ T6140]  should_fail_ex+0x265/0x280
[   95.365963][ T6140]  ? __pfx_shmem_alloc_inode+0x10/0x10
[   95.366038][ T6140]  should_failslab+0x8c/0xb0
[   95.366074][ T6140]  kmem_cache_alloc_lru_noprof+0x55/0x490
[   95.366225][ T6140]  ? shmem_alloc_inode+0x34/0x50
[   95.366253][ T6140]  ? __pfx_shmem_alloc_inode+0x10/0x10
[   95.366281][ T6140]  shmem_alloc_inode+0x34/0x50
[   95.366306][ T6140]  alloc_inode+0x40/0x170
[   95.366342][ T6140]  new_inode+0x1d/0xe0
[   95.366375][ T6140]  shmem_get_inode+0x244/0x750
[   95.366406][ T6140]  __shmem_file_setup+0x113/0x210
[   95.366495][ T6140]  shmem_file_setup+0x3b/0x50
[   95.366544][ T6140]  __se_sys_memfd_create+0x2c3/0x590
[   95.366570][ T6140]  __x64_sys_memfd_create+0x31/0x40
[   95.366608][ T6140]  x64_sys_call+0x2ac2/0x3000
[   95.366636][ T6140]  do_syscall_64+0xd2/0x200
[   95.366747][ T6140]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   95.366854][ T6140]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   95.366960][ T6140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.366986][ T6140] RIP: 0033:0x7ff7642fefc9
[   95.367001][ T6140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.367020][ T6140] RSP: 002b:00007ff762d5ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   95.367039][ T6140] RAX: ffffffffffffffda RBX: 0000000000000522 RCX: 00007ff7642fefc9
[   95.367052][ T6140] RDX: 00007ff762d5eef0 RSI: 0000000000000000 RDI: 00007ff764382960
[   95.367066][ T6140] RBP: 00002000000007c0 R08: 00007ff762d5ebb7 R09: 00007ff762d5ee40
[   95.367123][ T6140] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[   95.367138][ T6140] R13: 00007ff762d5eef0 R14: 00007ff762d5eeb0 R15: 0000200000000100
[   95.367162][ T6140]  </TASK>
[   95.400182][   T29] audit: type=1326 audit(1760913069.206:2801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6145 comm="syz.2.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7642fefc9 code=0x7ffc0000
[   95.400537][   T29] audit: type=1326 audit(1760913069.206:2802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6145 comm="syz.2.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7642fefc9 code=0x7ffc0000
[   95.403747][   T29] audit: type=1326 audit(1760913069.206:2803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6145 comm="syz.2.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff7642fefc9 code=0x7ffc0000
[   95.403930][   T29] audit: type=1326 audit(1760913069.206:2804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6145 comm="syz.2.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7642fefc9 code=0x7ffc0000
[   95.424258][ T6148] loop3: detected capacity change from 0 to 128
[   95.424736][ T6148] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   95.424987][ T6148] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   95.524559][ T6156] netlink: 8 bytes leftover after parsing attributes in process `syz.3.900'.
[   95.545422][ T2898] Bluetooth: hci0: Frame reassembly failed (-84)
[   95.551610][ T6158] x_tables: duplicate underflow at hook 1
[   95.824869][ T6167] FAULT_INJECTION: forcing a failure.
[   95.824869][ T6167] name failslab, interval 1, probability 0, space 0, times 0
[   95.824933][ T6167] CPU: 1 UID: 0 PID: 6167 Comm: syz.3.903 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   95.825019][ T6167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   95.825036][ T6167] Call Trace:
[   95.825045][ T6167]  <TASK>
[   95.825053][ T6167]  __dump_stack+0x1d/0x30
[   95.825074][ T6167]  dump_stack_lvl+0xe8/0x140
[   95.825177][ T6167]  dump_stack+0x15/0x1b
[   95.825199][ T6167]  should_fail_ex+0x265/0x280
[   95.825247][ T6167]  should_failslab+0x8c/0xb0
[   95.825274][ T6167]  kmem_cache_alloc_noprof+0x50/0x480
[   95.825328][ T6167]  ? create_new_namespaces+0x3c/0x3d0
[   95.825415][ T6167]  create_new_namespaces+0x3c/0x3d0
[   95.825518][ T6167]  unshare_nsproxy_namespaces+0xe8/0x120
[   95.825565][ T6167]  ksys_unshare+0x3d0/0x6d0
[   95.825682][ T6167]  __x64_sys_unshare+0x1f/0x30
[   95.825773][ T6167]  x64_sys_call+0x2915/0x3000
[   95.825799][ T6167]  do_syscall_64+0xd2/0x200
[   95.825825][ T6167]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   95.825856][ T6167]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   95.825920][ T6167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.825949][ T6167] RIP: 0033:0x7f09d8c0efc9
[   95.825968][ T6167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.826065][ T6167] RSP: 002b:00007f09d7635038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[   95.826086][ T6167] RAX: ffffffffffffffda RBX: 00007f09d8e66180 RCX: 00007f09d8c0efc9
[   95.826102][ T6167] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000064000600
[   95.826118][ T6167] RBP: 00007f09d7635090 R08: 0000000000000000 R09: 0000000000000000
[   95.826134][ T6167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.826150][ T6167] R13: 00007f09d8e66218 R14: 00007f09d8e66180 R15: 00007ffebd3bba08
[   95.826173][ T6167]  </TASK>
[   96.215711][ T6161] loop2: detected capacity change from 0 to 32768
[   96.567534][ T6185] loop4: detected capacity change from 0 to 128
[   96.581908][ T6185] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   96.610528][ T6185] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   96.620125][ T6187] loop3: detected capacity change from 0 to 1024
[   96.952823][ T6208] loop2: detected capacity change from 0 to 1024
[   96.973042][ T6208] EXT4-fs: Ignoring removed nomblk_io_submit option
[   96.979940][ T6208] EXT4-fs: inline encryption not supported
[   96.985900][ T6208] EXT4-fs: Ignoring removed nomblk_io_submit option
[   97.014121][ T6208] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.188595][ T6208] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.919: Allocating blocks 449-513 which overlap fs metadata
[   97.217523][ T6208] EXT4-fs (loop2): pa ffff88810728a8c0: logic 256, phys. 385, len 8
[   97.225634][ T6208] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   97.239915][ T6221] rdma_rxe: rxe_newlink: failed to add bond0
[   97.241040][ T6224] random: crng reseeded on system resumption
[   97.304844][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.326565][ T6230] loop3: detected capacity change from 0 to 128
[   97.333340][ T6230] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   97.401904][ T6230] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   97.427920][ T6239] loop4: detected capacity change from 0 to 2048
[   97.434839][ T6240] loop2: detected capacity change from 0 to 1024
[   97.444975][ T6240] EXT4-fs: Ignoring removed nomblk_io_submit option
[   97.453525][ T6239] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.472746][ T6239] x_tables: duplicate underflow at hook 1
[   97.479997][ T6240] EXT4-fs: inline encryption not supported
[   97.486064][ T6240] EXT4-fs: Ignoring removed nomblk_io_submit option
[   97.511881][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.519388][ T6240] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.591535][ T6240] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.931: Allocating blocks 449-513 which overlap fs metadata
[   97.605386][ T3562] Bluetooth: hci0: command 0x1003 tx timeout
[   97.605418][ T4926] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   97.635566][ T6240] EXT4-fs (loop2): pa ffff88810728a9a0: logic 256, phys. 385, len 8
[   97.643708][ T6240] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   97.691048][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.738990][ T6256] rdma_rxe: rxe_newlink: failed to add bond0
[   97.847214][ T6271] loop4: detected capacity change from 0 to 128
[   97.854235][ T6271] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   97.867287][ T6269] netlink: 8 bytes leftover after parsing attributes in process `syz.2.943'.
[   97.879937][ T6271] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   97.934578][ T6275] netlink: 8 bytes leftover after parsing attributes in process `syz.4.944'.
[   97.991179][ T6281] loop0: detected capacity change from 0 to 1024
[   98.067839][ T6289] rdma_rxe: rxe_newlink: failed to add bond0
[   98.144100][ T6300] loop4: detected capacity change from 0 to 128
[   98.177970][ T6300] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   98.203912][ T6300] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   98.383338][ T6306] loop4: detected capacity change from 0 to 1024
[   98.391354][ T6306] EXT4-fs: Ignoring removed nobh option
[   98.397124][ T6306] EXT4-fs: Ignoring removed bh option
[   98.437955][ T6306] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.491381][ T6306] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.956: Allocating blocks 449-513 which overlap fs metadata
[   98.527682][ T6306] EXT4-fs (loop4): Remounting filesystem read-only
[   98.536334][ T6321] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.960' sets config #0
[   98.557896][ T6305] EXT4-fs (loop4): pa ffff88810720b4d0: logic 48, phys. 177, len 21
[   98.581741][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.643734][ T6325] netlink: 4 bytes leftover after parsing attributes in process `syz.4.962'.
[   98.781638][ T6333] rdma_rxe: rxe_newlink: failed to add bond0
[   98.808669][ T6335] loop4: detected capacity change from 0 to 128
[   98.815696][ T6335] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   98.828355][ T6335] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   98.958400][ T6341] random: crng reseeded on system resumption
[   99.014616][ T6339] loop4: detected capacity change from 0 to 512
[   99.059651][ T6339] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.077141][ T6339] ext4 filesystem being mounted at /232/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.190483][ T3312] ==================================================================
[   99.198627][ T3312] BUG: KCSAN: data-race in shmem_getattr / shmem_recalc_inode
[   99.206133][ T3312] 
[   99.208481][ T3312] read-write to 0xffff88811eaa9180 of 8 bytes by task 6353 on cpu 0:
[   99.216570][ T3312]  shmem_recalc_inode+0x3b/0x200
[   99.221552][ T3312]  shmem_get_folio_gfp+0x7a3/0xd60
[   99.226711][ T3312]  shmem_write_begin+0xa8/0x190
[   99.231593][ T3312]  generic_perform_write+0x184/0x490
[   99.236898][ T3312]  shmem_file_write_iter+0xc5/0xf0
[   99.242042][ T3312]  __kernel_write_iter+0x2d6/0x540
[   99.247187][ T3312]  dump_user_range+0x61e/0x8f0
[   99.251978][ T3312]  elf_core_dump+0x1de7/0x1f80
[   99.256778][ T3312]  coredump_write+0xb12/0xe30
[   99.261486][ T3312]  vfs_coredump+0x143a/0x20d0
[   99.266188][ T3312]  get_signal+0xd84/0xf70
[   99.270543][ T3312]  arch_do_signal_or_restart+0x96/0x440
[   99.276123][ T3312]  irqentry_exit_to_user_mode+0x5b/0xa0
[   99.281704][ T3312]  irqentry_exit+0x12/0x50
[   99.286159][ T3312]  asm_exc_page_fault+0x26/0x30
[   99.291028][ T3312] 
[   99.293371][ T3312] read to 0xffff88811eaa9180 of 8 bytes by task 3312 on cpu 1:
[   99.300936][ T3312]  shmem_getattr+0x41/0x200
[   99.305475][ T3312]  vfs_getattr_nosec+0x146/0x1e0
[   99.310448][ T3312]  vfs_statx+0x113/0x390
[   99.314729][ T3312]  vfs_fstatat+0x115/0x170
[   99.319173][ T3312]  __se_sys_newfstatat+0x55/0x260
[   99.324231][ T3312]  __x64_sys_newfstatat+0x55/0x70
[   99.329461][ T3312]  x64_sys_call+0x135a/0x3000
[   99.334171][ T3312]  do_syscall_64+0xd2/0x200
[   99.338701][ T3312]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.344629][ T3312] 
[   99.346969][ T3312] value changed: 0x000000000000072c -> 0x000000000000072f
[   99.354090][ T3312] 
[   99.356430][ T3312] Reported by Kernel Concurrency Sanitizer on:
[   99.362602][ T3312] CPU: 1 UID: 0 PID: 3312 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[   99.372528][ T3312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   99.382638][ T3312] ==================================================================
[   99.393960][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.451766][ T6358] loop4: detected capacity change from 0 to 1024
[   99.458756][ T6358] EXT4-fs: Ignoring removed nobh option
[   99.464390][ T6358] EXT4-fs: Ignoring removed bh option
[   99.479041][ T6358] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.522922][ T6358] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.974: Allocating blocks 449-513 which overlap fs metadata
[   99.552858][ T6358] EXT4-fs (loop4): Remounting filesystem read-only
[   99.667272][ T6357] EXT4-fs (loop4): pa ffff88810720b690: logic 48, phys. 177, len 21
[   99.711921][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.