last executing test programs:

2.96915894s ago: executing program 0 (id=1574):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
r2 = syz_io_uring_setup(0x10b, &(0x7f0000000140)={0x0, 0x334e, 0x10, 0x3, 0x800}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000300)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000540)=0xfffffffc, 0x0, 0x4)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000040)='./file0/file0\x00', 0x60, 0x185500, 0x12345})
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
io_uring_enter(r2, 0x7277, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYBLOB="0000000000db5ed1ca000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000020000000500"/28], 0x50)

2.750990634s ago: executing program 0 (id=1578):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x2000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000380)=@filename='./file0\x00', 0x0, &(0x7f00000003c0)='./file0\x00')
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xd, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000008000000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000001f03000000000000e5000500000000002604fdffff02000014010000033800001d13f8ff000000007a0af0ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffe7}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)

1.592603024s ago: executing program 0 (id=1589):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f00000009c0)=@nat={'nat\x00', 0x670, 0x5, 0x480, 0x218, 0xf0, 0xfeffffff, 0x218, 0x218, 0x3e8, 0x3e8, 0xffffffff, 0x3e8, 0x3e8, 0x5, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0xffffffff, 0x0, 'veth0_to_bond\x00', 'caif0\x00', {}, {}, 0x6}, 0x0, 0xc8, 0xf0, 0x0, {}, [@common=@inet=@socket3={{0x28}, 0x2}, @common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x10}}]}, @common=@inet=@TCPMSS={0x28}}, {{@uncond, 0x0, 0xf0, 0x128, 0x0, {}, [@common=@set={{0x40}, {{0x0, [0x0, 0x0, 0x6]}}}, @common=@set={{0x40}}]}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0xc, @local, @multicast2, @gre_key, @gre_key=0x8001}}}}, {{@ip={@loopback, @rand_addr, 0x0, 0x0, 'lo\x00', 'ip6tnl0\x00'}, 0x0, 0xc0, 0xf8, 0x0, {}, [@common=@inet=@multiport={{0x50}, {0x2, 0x5, [0x4e24, 0x4e23, 0x4e24, 0x4e21, 0x4e24, 0x4e23, 0x4e25, 0x4e20, 0x4e20, 0x4e23, 0x4e21, 0x4e24, 0x4e21, 0x4e23], [0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1]}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id}}}}, {{@ip={@broadcast, @broadcast, 0x0, 0x0, 'pim6reg0\x00', 'wlan0\x00'}, 0x0, 0x90, 0xd8, 0x0, {}, [@common=@socket0={{0x20}}]}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv6=@private2, @ipv4=@dev, @port, @gre_key}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4e0)
unshare(0x42000000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000851000000300000018000000000000000000000000000000950000000000000095000000"], &(0x7f0000000000)='GPL\x00'}, 0x94)

1.412255756s ago: executing program 3 (id=1591):
r0 = perf_event_open(&(0x7f0000000540)={0x0, 0x80, 0x1, 0xc2, 0x9, 0xff, 0x0, 0x6, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000500), 0x2}, 0x22, 0x480, 0x7, 0x5, 0xdd, 0xfffffff6}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0x5)
r1 = perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000005c0), 0x2}, 0x67a, 0x1, 0xfffffffe, 0x3, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, r0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
io_setup(0x6, &(0x7f0000001380)=<r3=>0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_submit(r3, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x1000000, 0x0, 0x0, 0x5, 0x0, r4, 0x0}])
ioctl$USBDEVFS_CONTROL(r4, 0xc0185500, &(0x7f00000004c0)={0x0, 0xe, 0x3, 0x0, 0x1d, 0x5, &(0x7f0000000300)="94a5d6d7ae0a9c10adb89a4b15fcdc0ccd6eaa4434d0417596123b4380"})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r5 = syz_open_procfs(0x0, &(0x7f0000000180)='oom_adj\x00')
pipe2(&(0x7f00000002c0), 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r7)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r10=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000780)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="3f9da8bc0000fedbdb251700000008000300", @ANYRES32=r10, @ANYBLOB="4800308014000400403a050c5baee2004ef2b6d713459a7a2800018008000100000000001c00038008000200020000000600010000030000060003005d550000050002"], 0x64}}, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r6, &(0x7f0000000700)=[{&(0x7f00000001c0)="c1000000da7ff40d5c0cf5", 0xb}, {&(0x7f0000000140)="4401", 0x2}, {&(0x7f00000003c0)='O', 0x1}], 0x3)
writev(r5, &(0x7f0000000100)=[{&(0x7f0000000140)='1', 0xf}], 0x1)
preadv(r5, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/54, 0x36}], 0x1, 0xbbb, 0x4)
ioctl$EVIOCSABS20(r5, 0x401845e0, &(0x7f0000000000)={0x9, 0x3, 0x5, 0x5, 0x2, 0x7})
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xd907e79c2761a508, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.285807109s ago: executing program 0 (id=1595):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x60b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x5}, @NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_XFRM_DIR={0x5, 0x3, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x84}, 0x1, 0x0, 0x0, 0x20000805}, 0x0)
ftruncate(r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES64=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
pipe2(&(0x7f0000001cc0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB="2c76f47792ad6215887d70323030302e752c63616368653d6e6f6e652c63616368653d6d6d61702c616e616d653d29"])

1.16747004s ago: executing program 0 (id=1598):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="9db70fdedffd926abbef0a01b2ba8ddb69b065246a488f17c1991df09303fadf300778e7dca133d3d58e41ae1d318ad6b42f2fb71580f89c33bda7bd6aa47f93141732f0a2622d97958a54c2c70a79b29893dc52ce4b89a24acea9a0bb6f2f191fe799f82cf97c7812e165ef53e1aab8e8154a4c25837e8e7f6963a7879457a7117b4633f69f408e53ec", @ANYRES64, @ANYRES32, @ANYRESDEC], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
pipe2(&(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x4000)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x84000)
tee(r2, r4, 0xfffffffffffffc01, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000200)='cachefiles_mark_inactive\x00', r5, 0x0, 0x7fffffff}, 0x18)
r6 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r6, &(0x7f0000000100), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000300)={'vxcan1\x00'})
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d0000"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r8}, 0x10)
r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.kill\x00', 0x275a, 0x0)
write$cgroup_int(r9, &(0x7f0000000040)=0x80000002, 0x12)
bind$bt_hci(r7, &(0x7f0000000080)={0x1f, 0x3, 0x2}, 0x6)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x6}]}, 0x10)
write$binfmt_misc(r7, &(0x7f0000001280), 0x6)
unshare(0x68040200)

1.116489321s ago: executing program 3 (id=1599):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = epoll_create(0xeed)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000480)='fscache_access\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f00000000c0)={0x20000003})
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, &(0x7f0000000240)={0x1f}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)
r3 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)="d800000018008103e00312ba0d8105040a600300ff0f040b067c55a1bc000900b80006990700000015000500fef32702d3001500030001400200000901ac040098007f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b66bce0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f00000e970300"/216, 0xd8}], 0x1}, 0x48002)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x1000000, {0x0, 0x0, 0x0, 0x0, {0x9}, {0xf, 0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x691, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8c0}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)={0x20, 0x0, 0x6a98047402e98331, 0x70bd21, 0xffa1, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x24004040}, 0x4008800)

944.172744ms ago: executing program 3 (id=1602):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000001c0)=0x79, 0x4)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x3, 0x0, 0x3, 0xc, 0x0, 0x0, 0x0, [@sadb_key={0x1, 0x9}, @sadb_address={0x3, 0x6, 0x6c}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x2, 0x6, 0xb}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @empty}}, @sadb_x_sec_ctx={0x1, 0x18, 0x3, 0x6}]}, 0x60}, 0x1, 0x7}, 0x0)

848.828706ms ago: executing program 2 (id=1605):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, &(0x7f0000000600)=""/112, 0x4f, 0x70, 0x1, 0x1200}, 0x28)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000002c0), 0x8600, 0x0)
ioctl$TCSETSW2(r0, 0x5408, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="05000000040000"], 0x50)
setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, &(0x7f0000000240)={@empty, @empty, 0xffffffffffffffff, "26f171020bf43cb2ed101a0ca13daee94ede24df16d599d5b2874e4f8da283b2", 0x644, 0x7, 0x20, 0x5}, 0x3c)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xd, &(0x7f0000000680)=ANY=[@ANYBLOB, @ANYRES64=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000f262020000f8ffffffb7f60000080000a9cc987cc7d44dfe008500ed0003000000959a0301000000d86e3264"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
truncate(&(0x7f0000000400)='./file0\x00', 0x3)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
truncate(&(0x7f0000000540)='./file1\x00', 0x87)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x18)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
execve(0x0, 0x0, 0x0)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000280)={@mcast2, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r4, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4)
sendmsg$inet6(r4, &(0x7f0000000140)={&(0x7f0000000080)={0xa, 0x4e26, 0x80000, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000002900000004000000870000000008000018"], 0x30}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYRESOCT=r2, @ANYRESHEX=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r5, 0x0, 0x7fffffffffffffff}, 0x18)
r6 = epoll_create(0x2)
r7 = socket(0x1, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f00000000c0)={0x80000000})
socket$inet_udp(0x2, 0x2, 0x0)

820.204766ms ago: executing program 2 (id=1606):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000002c0), r0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x300, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0x1, 0x1, 0x0, {0x0, 0x0, 0x0, 0x0, 0x420}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
sendmsg$NLBL_MGMT_C_REMOVEDEF(r0, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x5c, r1, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x23}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0xffffffffffffffff}, @NLBL_MGMT_A_DOMAIN={0xe, 0x1, '):(.(\'\\*&\x00'}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}]}, 0x5c}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)
r5 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc000000000010800020005000000140006"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)

799.687447ms ago: executing program 3 (id=1607):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000800)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000200)='sys_enter\x00', r4}, 0x10)
msync(&(0x7f0000d5c000/0x2000)=nil, 0xfffffffffffffef1, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000840)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01f0ff000000fcffffff08000000180001801400020073797a5f74756e0000000000000000001800028014000380100001800b000200242d2a232c7b0000"], 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r5, 0x6, 0x2, &(0x7f0000000200)=0x6, 0x9)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x10000000, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r5, 0x29, 0x3b, 0x0, 0x0)
r6 = accept(r5, &(0x7f0000000340)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000240)=0x80)
sendto$inet6(r6, 0x0, 0x0, 0x4800, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r7 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r7, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000400)="08001efbb07d5a6e", 0x8}], 0x1, &(0x7f0000000040)=[@ip_tos_int={{0x14, 0x0, 0x7}}], 0x18}, 0x4840)

775.343177ms ago: executing program 3 (id=1609):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x3, 0x0, 0x3, 0xc, 0x0, 0x0, 0x0, [@sadb_key={0x1, 0x9}, @sadb_address={0x3, 0x6, 0x6c}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x2, 0x6, 0xb}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @empty}}, @sadb_x_sec_ctx={0x1, 0x18, 0x3, 0x6}]}, 0x60}, 0x1, 0x7}, 0x0)

766.323847ms ago: executing program 4 (id=1610):
pipe2(&(0x7f0000000380)={<r0=>0xffffffffffffffff}, 0x80)
r1 = openat(r0, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
openat(r1, &(0x7f0000000200)='./file2\x00', 0x10400, 0x101)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0400"], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r3, 0x0, 0x5}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x54}, 0x1, 0x0, 0x0, 0x40820}, 0x0)
r5 = socket(0x40000000015, 0x5, 0x0)
getpid()
connect$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x2a}}, 0x10)
bind$inet(r5, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r5, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x21, 0x0, 0x0, 0x100000, 0x400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2000000, 0x0, 0x200000000000000}, 0x50)

679.011849ms ago: executing program 4 (id=1611):
r0 = accept(0xffffffffffffffff, &(0x7f00000003c0)=@nfc, &(0x7f00000000c0)=0x80)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x2)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r8=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="010000000b000000050010000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r8, @ANYRES32, @ANYBLOB="0000000002"], 0x50)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f0, &(0x7f0000000540)={'ip_vti0\x00', &(0x7f0000000600)={'ip_vti0\x00', <r9=>0x0, 0x80, 0x1, 0x4, 0x9, {{0x24, 0x4, 0x1, 0x9, 0x90, 0x67, 0x0, 0x10, 0x2f, 0x0, @remote, @multicast2, {[@timestamp={0x44, 0xc, 0x9d, 0x0, 0x0, [0x9, 0xf]}, @timestamp_prespec={0x44, 0x4c, 0x24, 0x3, 0x9, [{@multicast1, 0xfff}, {@remote, 0xdc86}, {@broadcast, 0xf}, {@rand_addr=0x64010100, 0x5}, {@rand_addr=0x64010101, 0xffffffff}, {@loopback, 0x6}, {@dev={0xac, 0x14, 0x14, 0x43}, 0x7}, {@multicast1}, {@empty, 0x6}]}, @rr={0x7, 0x23, 0x85, [@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @loopback, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, @multicast2]}]}}}}})
r10 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000c80)={'lo\x00', <r11=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r10, 0x8916, &(0x7f0000005b80)={@loopback, 0x33, r11})
r12 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r12, &(0x7f0000000200)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r13, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=@newtfilter={0x6c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r13, {0x3}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x3c, 0x2, [@TCA_FLOWER_ACT={0x38, 0x3, [@m_connmark={0x34, 0x1, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20000004}, 0x24000000)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r2, 0x89f8, &(0x7f0000000580)={'gretap0\x00', &(0x7f0000000700)={'erspan0\x00', <r14=>0x0, 0x7, 0x8, 0x4, 0x4, {{0x39, 0x4, 0x0, 0x20, 0xe4, 0x65, 0x0, 0x80, 0x29, 0x0, @private=0xa010101, @rand_addr=0x64010100, {[@timestamp_addr={0x44, 0x24, 0xd7, 0x1, 0xb, [{@multicast1, 0x2}, {@private=0xa010100, 0xfc8}, {@multicast2, 0xe}, {@initdev={0xac, 0x1e, 0x0, 0x0}}]}, @lsrr={0x83, 0x23, 0xb8, [@local, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, @broadcast, @empty, @dev={0xac, 0x14, 0x14, 0x43}, @multicast2, @multicast2]}, @timestamp={0x44, 0x14, 0x1d, 0x0, 0x7, [0x6, 0xfffffffe, 0x8, 0xdd]}, @timestamp_prespec={0x44, 0x24, 0x6, 0x3, 0x4, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x3}, {@multicast1, 0x6}, {@private=0xa010102, 0x32c0}, {@multicast2, 0xffff}]}, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x14, 0xea, 0x3, 0x6, [{@multicast1, 0x68e3}, {@local, 0x1}]}, @timestamp_addr={0x44, 0xc, 0xf6, 0x1, 0x6, [{@remote, 0xc}]}, @cipso={0x86, 0x18, 0x0, [{0x2, 0x12, "0a8f5fa0c470796ce05862b7c69f4dae"}]}, @timestamp_addr={0x44, 0x14, 0x38, 0x1, 0x1, [{@multicast1, 0x7}, {@private=0xa010100, 0x6}]}]}}}}})
sendmsg$TEAM_CMD_NOOP(r0, &(0x7f00000008c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000880)={&(0x7f0000000a00)=ANY=[@ANYBLOB="08040000", @ANYRES16=0x0, @ANYBLOB="000825bd7000fddbdf250000000008000100", @ANYRES32=0x0, @ANYBLOB="3c00028038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000500000008000100", @ANYRES32=0x0, @ANYBLOB="3c0102803c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000005000300050000000900040068617368000000003800090024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000000000008000600", @ANYRES32=r8, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=r9, @ANYBLOB="4c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000001c00040002000bff08000000080080ff01000000b70746080000000008000100", @ANYRES32=r11, @ANYBLOB="4400028040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="080007000000000008000100", @ANYRES32=r13, @ANYBLOB="180202804c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000500030003000000080004002900000038000100240001006d636173745f72656a6f696e5f696e74657276616c000000000000000000000005000300030000000800040008000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000300000008000600", @ANYRES32=r14, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b000000080004002db0000008000700000000004c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e6700000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000001000008000600", @ANYRES32=0x0, @ANYBLOB="4c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e6700000000"], 0x408}, 0x1, 0x0, 0x0, 0x8004}, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r5}, &(0x7f0000000240), &(0x7f0000000280)=r6}, 0x20)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r15=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r15, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r15, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newtfilter={0x5c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r15, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x2c, 0x2, [@TCA_BASIC_EMATCHES={0x28, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_META={0x18, 0x1, 0x0, 0x0, {{0x8, 0x4, 0x4}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x7, 0x14, 0x1}, {0x8, 0x9, 0x2}}}]}}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x400c040}, 0x0)

559.18077ms ago: executing program 2 (id=1612):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000080)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="030704707900000000000100040004000180"], 0x18}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
dup(r0)

543.133671ms ago: executing program 2 (id=1613):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e22, @empty=0x2000000}}, 0x80, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0x1108)

495.462771ms ago: executing program 4 (id=1614):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x9, 0x0)

469.076622ms ago: executing program 1 (id=1615):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b70400000000000085000000010000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)={0x20, r3, 0xc4fc9e906872338b, 0x70bd2a, 0x0, {{0x15}, {@void, @val={0xc, 0x99, {0x4, 0x3a}}}}}, 0x20}}, 0x0)

439.129202ms ago: executing program 4 (id=1616):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kmem_cache_free\x00', r1}, 0x18)
unshare(0x68040200)

438.737772ms ago: executing program 2 (id=1617):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000001c0)=0x79, 0x4)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x3, 0x0, 0x3, 0xc, 0x0, 0x0, 0x0, [@sadb_key={0x1, 0x9}, @sadb_address={0x3, 0x6, 0x6c}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x2, 0x6, 0xb}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @empty}}, @sadb_x_sec_ctx={0x1, 0x18, 0x3, 0x6}]}, 0x60}, 0x1, 0x7}, 0x0)

433.405902ms ago: executing program 1 (id=1618):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x18)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x6f, r3, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0xfd53}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

400.689423ms ago: executing program 3 (id=1619):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x2000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000380)=@filename='./file0\x00', 0x0, &(0x7f00000003c0)='./file0\x00')
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xd, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000008000000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000001f03000000000000e5000500000000002604fdffff02000014010000033800001d13f8ff000000007a0af0ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffe7}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
sendmsg$TIPC_NL_MON_SET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="20715be61097a5275a5bc966000000", @ANYRES16, @ANYBLOB="010828bd7000fddbdf25110000000c0009800800010033b4a77b"], 0x20}, 0x1, 0x0, 0x0, 0x20000011}, 0x4010)

398.019293ms ago: executing program 1 (id=1620):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000800)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000200)='sys_enter\x00', r4}, 0x10)
msync(&(0x7f0000d5c000/0x2000)=nil, 0xfffffffffffffef1, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000840)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01f0ff000000fcffffff08000000180001801400020073797a5f74756e0000000000000000001800028014000380100001800b000200242d2a232c7b0000"], 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r5, 0x6, 0x2, &(0x7f0000000200)=0x6, 0x9)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x10000000, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r5, 0x29, 0x3b, 0x0, 0x0)
r6 = accept(r5, &(0x7f0000000340)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000240)=0x80)
sendto$inet6(r6, 0x0, 0x0, 0x4800, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r7 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r7, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000400)="08001efbb07d5a6e", 0x8}], 0x1, &(0x7f0000000040)=[@ip_tos_int={{0x14, 0x0, 0x7}}], 0x18}, 0x4840)

337.051404ms ago: executing program 1 (id=1621):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x39, &(0x7f0000001800)={0x0, 0x0, 0x10100}, &(0x7f0000000240)=<r3=>0x0, &(0x7f0000001880)=<r4=>0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000780)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r5, 0x0, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0, 0x10042})
io_uring_enter(r2, 0x92, 0x0, 0x0, 0x0, 0x0)
r6 = openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$nci(r6, 0x0, 0xfffffeea)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ffffffff850000002d000000850000002a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xd4)
bpf$ITER_CREATE(0xb, 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x2, 0x4, 0x4, 0x5, 0x1014, r0}, 0x50)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xd, 0x4, 0x4, 0x7, 0x0, r8, 0x10000}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000880), 0xde9, r9}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='kfree\x00', r7}, 0x10)
r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/mem_sleep', 0x101a02, 0x0)
copy_file_range(r10, &(0x7f0000000000)=0x5, r10, 0x0, 0x4, 0x0)

335.917914ms ago: executing program 4 (id=1622):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102000028"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="0b00000073790101000000000000000000000000000af7f4f0c55de8ca0000000000000000000000000000000000000000f3c800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff00000000000000000000000000000020"], 0x138)
write$UHID_DESTROY(r3, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r4, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f0000000300), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
gettid()
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
socket$key(0xf, 0x3, 0x2)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[@ANYBLOB="04010000100007000000000000000000ff020000000000000000000000000001e00000020000000000000000000000004e200000000000000000000002000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ff010000000000000000000000000001000000002b000000fc00000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000001000000000feffffffffffffff0951000001000000090000000000000000000000000000000000200000000000070000000000000000000000000000000000040000000000e80a000000000000000000000a000200700000000000100014000e00fe0000000000000000000000000000bb"], 0x104}}, 0x0)

330.929274ms ago: executing program 2 (id=1623):
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xc3, 0x0, 0x0, 0x0, 0x0, 0x100000000003, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xa19a, 0x1000}, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x75, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000000), &(0x7f0000000280)='%-010d \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x7, 0x4008032, 0xffffffffffffffff, 0xd06d000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

194.085486ms ago: executing program 0 (id=1624):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="1b0000000000000000e65fc52718dcfb00c409e94e4b1542720000000080", @ANYRESOCT, @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000006cfa000018120000", @ANYRES8=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[], 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={&(0x7f0000000180)="35a70f51bc", &(0x7f0000000040)=""/12, 0x0, &(0x7f0000000280)="b8823813c0935b6cce7f5ae6553fdcdab58391fc63772e4007", 0x4}, 0x38)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000100)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0xd)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x33, &(0x7f0000000000)={0x0, 0x0}, 0x10)
socket$packet(0x11, 0x3, 0x300)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x4, 0x0, 0x6}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x9}, 0xffffffffffffff49)
r2 = gettid()
r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
read$ptp(r3, 0x0, 0x0)
fstat(0xffffffffffffffff, &(0x7f0000000500))
quotactl$Q_GETNEXTQUOTA(0xffffffff80000902, &(0x7f0000000300)=@rnullb, 0x0, &(0x7f0000000580))
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
mknod$loop(&(0x7f00000007c0)='./file0\x00', 0x100000000000600d, 0x1)
openat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x800, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0xc0, &(0x7f0000000180)=0x10000, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000100)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
openat$ipvs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$key(0xf, 0x3, 0x2)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)

38.011939ms ago: executing program 1 (id=1625):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x60b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x5}, @NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_XFRM_DIR={0x5, 0x3, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x84}, 0x1, 0x0, 0x0, 0x20000805}, 0x0)
ftruncate(r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES64=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
pipe2(&(0x7f0000001cc0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB="2c76f47792ad6215887d70323030302e752c63616368653d6e6f6e652c63616368653d6d6d61702c616e616d653d29"])

31.253129ms ago: executing program 4 (id=1626):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x3, 0x0, 0x3, 0xc, 0x0, 0x0, 0x0, [@sadb_key={0x1, 0x9}, @sadb_address={0x3, 0x6, 0x6c}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x2, 0x6, 0xb}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @empty}}, @sadb_x_sec_ctx={0x1, 0x18, 0x3, 0x6}]}, 0x60}, 0x1, 0x7}, 0x0)

0s ago: executing program 1 (id=1627):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffe}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r1}, 0x10) (async)
umount2(&(0x7f0000000280)='./file0\x00', 0x0) (async)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000040), 0x81, r0}, 0x38)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0xc, &(0x7f0000000d80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1ac604c22fa792860f00000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095", @ANYRESDEC=r2], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x24, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000580)={[{@minixdf}, {@nouid32}, {@nombcache}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x1, 0x58a, &(0x7f0000000640)="$eJzs3c9rG8ceAPDvynJ+v2cHwuO1h2LIoS5p5NjujxQKSS+F0oYG2nsqbMUEy1Gw5BC7gSSH5tJLCYVSWij9A3rvMZTe+0eUQBsIJZj20IvKyitHjiXLdpTKiT4fWHtmZ6TZ2dkZzWglFMDAGkv/5CJeiIgvkoiRlrR8ZIlja/lWH16fSbck6vWP/kgiyfY18yfZ/8NZ5P8R8dNnESdym8utLq/MF8vl0mIWn6gtXJmoLq+cvLRQnCvNlS5PTU+ffn166q033+hZXV85/9fXH9597/Tnx1e/+uH+0TtJnI0jWVprPZ7AzdbIWIxl52Q4zj6WcbIHhe0lSb8PgF0Zyvr5cKRjwEgMZb0eeP7diIg6MKAS/R8GVHMe0Fzb92gd/Mx48M7aAmhz/fNr743Egcba6NBqsmFllK53R3tQflrGj79/eyfdosv7EDd6UB5A081bEXEqn988/iXZ+Ld7pxpvHm/t8TIG7fUH+uluOv95td38J7c+/4k285/DbfrubnTv/7n7PSimo3T+93bb+e/60DU6lMX+05jzDScXL5VLpyLivxExHsP70/iW93NW79U7JbXO/9ItLb85F8yO435+/8bHzBZrxSeo8gYPbkW82Hb+m6y3f9Km/dPzcb770w9l/1/qlKF7/Z+u+vcRL7dt/0d3tJKt709ONK6HieZVsdmft//3S6fyx9/tb/3T9j+0df1Hk9b7tdWdl/Hdgb9LndLatP/+2Mb1vy/5uBHel+27VqzVFicj9iUfbN4/9eixzXgzf1r/8eNbj3/trv+DEfHJNut/+9jtjln7ff2n9Z/dUfs/HhjqnJQF7r3/6Tedyt/e+PdaIzSe7dnO+LfF4WwIPMm5AwAAAAAAgL0mFxFHIskV1sO5XKGw9vmOY3EoV65UaycuVpYuz0bju7KjMZxr3ukeafk8xGT2edjRqDXiU+vxtfTpiDgaEV8OHWzECzOV8my/Kw8AAAAAAAAAAAAAAAAAAAB7xOEO3/9P/TbU76MDnjo/+Q2Dq2v/78UvPQF7ktd/GFz6Pwwu/R8Gl/4Pg0v/h8Gl/8Pg0v9hcOXj+M/9PgYAAAAAAAAAAAAAAAAAAAAAAAAAAAB4jpw/dy7d6qsPr8+k8dmry0vzlasnZ0vV+cLC0kxhprJ4pTBXqcyVS4WZykK35ytXKlcmp2Lp2kStVK1NVJdXLixUli7XLlxaKM6VLpSG/5VaAQAAAAAAAAAAAAAAAAAAwLOlurwyXyyXS4sCHQNnYgeZf91J5j0SOJNdDLt6eL6PB7/c91P3bAQOdGnc+sjmpD4PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ4p8AAAD//5OFMtU=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305839, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x3fffffff404})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwrite64(r4, &(0x7f0000000140)='+', 0x76a, 0xf896)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10) (async)
modify_ldt$write(0x1, &(0x7f0000000040)={0x806, 0xffffffffffffffff}, 0x10)
syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="1600000000000000", @ANYRES32, @ANYBLOB="f0e0b961"], 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r6, 0x0, 0x6}, 0x18) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r7, &(0x7f0000000100)={0x0, 0x2844, &(0x7f0000000080)={&(0x7f0000000a80)=ANY=[@ANYBLOB="1d6b184f923ac023fe414ad0c1e48a9befc024f5f858ae56ca9a93e7450aafc1e2783687b2431ce56e2ea4c4ece5d2b77bd7867cc752670f6a9a95e37266eabde17ff8bca3c6c35b344ab050657eebcef90ea27fd4f6efd5a42f4a43309aae28aab1c637f23a3b250f3a424d4e18c7538bc3", @ANYRES16=r8, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffffff00000000000000000d0001007564703a73797a3200000000"], 0x54}}, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), r0) (async)
socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r10 = syz_genetlink_get_family_id$tipc(&(0x7f0000000580), r7)
sendmsg$TIPC_CMD_SET_LINK_PRI(r9, &(0x7f0000000a40)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000005c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="680000f8038eab501d7f90de231500", @ANYRES16=r10, @ANYBLOB="020025bd7000fcdbdf25010000000000000008410000004c0018d820000062726f6164636173742d6c696e6b00"/98], 0x68}, 0x1, 0x0, 0x0, 0x4004000}, 0x2000)
r11 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r11, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)

kernel console output (not intermixed with test programs):

00000000 r/w without journal. Quota mode: writeback.
[   80.583430][ T5596] ext4 filesystem being mounted at /152/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.602639][ T5605] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.710: iget: bad i_size value: 38620345925642
[   80.626279][ T5605] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.710: couldn't read orphan inode 15 (err -117)
[   80.649209][ T5605] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.711165][ T5605] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.710: bg 0: block 5: invalid block bitmap
[   80.739818][ T5596] syz.0.707 (5596) used greatest stack depth: 10192 bytes left
[   80.788316][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.799596][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.831384][ T5624] FAULT_INJECTION: forcing a failure.
[   80.831384][ T5624] name failslab, interval 1, probability 0, space 0, times 0
[   80.844100][ T5624] CPU: 1 UID: 0 PID: 5624 Comm: syz.3.714 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(voluntary) 
[   80.844133][ T5624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   80.844145][ T5624] Call Trace:
[   80.844151][ T5624]  <TASK>
[   80.844160][ T5624]  __dump_stack+0x1d/0x30
[   80.844183][ T5624]  dump_stack_lvl+0xe8/0x140
[   80.844205][ T5624]  dump_stack+0x15/0x1b
[   80.844223][ T5624]  should_fail_ex+0x265/0x280
[   80.844259][ T5624]  should_failslab+0x8c/0xb0
[   80.844282][ T5624]  kmem_cache_alloc_noprof+0x50/0x310
[   80.844305][ T5624]  ? vm_area_dup+0x33/0x2c0
[   80.844332][ T5624]  vm_area_dup+0x33/0x2c0
[   80.844362][ T5624]  __split_vma+0xe9/0x650
[   80.844395][ T5624]  vma_modify+0x3f2/0xc80
[   80.844419][ T5624]  ? _parse_integer_limit+0x170/0x190
[   80.844452][ T5624]  vma_modify_flags+0x101/0x130
[   80.844484][ T5624]  mlock_fixup+0x11d/0x210
[   80.844517][ T5624]  apply_vma_lock_flags+0x193/0x250
[   80.844554][ T5624]  do_mlock+0x3c6/0x520
[   80.844585][ T5624]  ? __bpf_trace_sys_enter+0x10/0x30
[   80.844612][ T5624]  ? trace_sys_enter+0xd0/0x110
[   80.844640][ T5624]  __x64_sys_mlock+0x36/0x50
[   80.844667][ T5624]  x64_sys_call+0x28f4/0x2fb0
[   80.844702][ T5624]  do_syscall_64+0xd2/0x200
[   80.844725][ T5624]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   80.844763][ T5624]  ? clear_bhb_loop+0x40/0x90
[   80.844786][ T5624]  ? clear_bhb_loop+0x40/0x90
[   80.844809][ T5624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.844828][ T5624] RIP: 0033:0x7f713701e9a9
[   80.844842][ T5624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.844858][ T5624] RSP: 002b:00007f7135687038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
[   80.844879][ T5624] RAX: ffffffffffffffda RBX: 00007f7137245fa0 RCX: 00007f713701e9a9
[   80.844894][ T5624] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 00002000007d8000
[   80.844909][ T5624] RBP: 00007f7135687090 R08: 0000000000000000 R09: 0000000000000000
[   80.844942][ T5624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.844957][ T5624] R13: 0000000000000000 R14: 00007f7137245fa0 R15: 00007ffdc62ed408
[   80.844984][ T5624]  </TASK>
[   81.085343][ T5620] IPv6: Can't replace route, no match found
[   81.092279][ T5620] netlink: 'syz.4.715': attribute type 13 has an invalid length.
[   81.100595][ T5634] SELinux: syz.0.718 (5634) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   81.141976][ T5620] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   81.160045][ T5642] loop3: detected capacity change from 0 to 512
[   81.198264][ T5647] __nla_validate_parse: 12 callbacks suppressed
[   81.198279][ T5647] netlink: 8 bytes leftover after parsing attributes in process `syz.4.722'.
[   81.220329][ T5642] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.721: Failed to acquire dquot type 1
[   81.239062][ T5642] EXT4-fs (loop3): 1 truncate cleaned up
[   81.266786][ T5642] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.280119][ T5642] ext4 filesystem being mounted at /137/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.306254][ T5655] loop4: detected capacity change from 0 to 512
[   81.314227][ T5642] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.721: Failed to acquire dquot type 1
[   81.320645][ T5655] EXT4-fs: Ignoring removed nobh option
[   81.352376][ T5658] netlink: 8 bytes leftover after parsing attributes in process `syz.0.724'.
[   81.364237][ T5657] netlink: 96 bytes leftover after parsing attributes in process `syz.2.727'.
[   81.375147][ T5655] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.725: iget: bad i_size value: 38620345925642
[   81.391861][ T5651] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.399212][ T5651] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.405524][ T5655] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.725: couldn't read orphan inode 15 (err -117)
[   81.418416][ T5657] loop2: detected capacity change from 0 to 164
[   81.477404][ T5651] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   81.489438][ T5651] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   81.525258][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.557974][ T5655] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.597106][ T5651] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   81.605642][ T5651] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   81.606296][ T5663] netlink: 'syz.3.728': attribute type 13 has an invalid length.
[   81.614167][ T5651] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   81.630296][ T5651] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   81.669024][ T5655] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.725: bg 0: block 5: invalid block bitmap
[   81.706722][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.755820][ T5663] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.774198][ T5663] 8021q: adding VLAN 0 to HW filter on device team0
[   81.812965][ T5667] netlink: 24 bytes leftover after parsing attributes in process `syz.4.729'.
[   81.821911][ T5667] netlink: 212 bytes leftover after parsing attributes in process `syz.4.729'.
[   81.849166][ T5663] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   81.882636][ T5666] Failed to initialize the IGMP autojoin socket (err -2)
[   81.940076][ T5671] loop0: detected capacity change from 0 to 2048
[   82.000465][ T5671] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.036391][ T5682] SELinux: syz.1.735 (5682) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   82.052718][ T5684] IPv6: Can't replace route, no match found
[   82.059413][ T5675] netlink: 'syz.4.733': attribute type 13 has an invalid length.
[   82.078649][ T5675] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   82.177777][ T5692] Failed to initialize the IGMP autojoin socket (err -2)
[   82.198362][ T5695] netlink: 132 bytes leftover after parsing attributes in process `syz.3.737'.
[   82.229558][ T5697] netlink: 24 bytes leftover after parsing attributes in process `syz.4.738'.
[   82.230056][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.238620][ T5697] netlink: 212 bytes leftover after parsing attributes in process `syz.4.738'.
[   82.257781][ T5694] netlink: 132 bytes leftover after parsing attributes in process `syz.1.739'.
[   82.318937][ T5704] Failed to initialize the IGMP autojoin socket (err -2)
[   82.352371][ T5708] siw: device registration error -23
[   82.356090][ T5711] loop4: detected capacity change from 0 to 2048
[   82.395739][ T5711] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.415531][ T5719] Failed to initialize the IGMP autojoin socket (err -2)
[   82.434798][ T5711] EXT4-fs: Ignoring removed orlov option
[   82.440784][ T5711] EXT4-fs (loop4): can't enable nombcache during remount
[   82.536096][ T5727] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[   82.536096][ T5727] The task syz.0.744 (5727) triggered the difference, watch for misbehavior.
[   82.562986][ T5728] IPv6: Can't replace route, no match found
[   82.570019][ T5723] netlink: 'syz.1.746': attribute type 13 has an invalid length.
[   82.590514][ T5723] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   82.631816][ T5730] SELinux: syz.3.749 (5730) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   82.763588][ T5738] loop3: detected capacity change from 0 to 512
[   82.782260][ T5738] EXT4-fs (loop3): too many log groups per flexible block group
[   82.790034][ T5738] EXT4-fs (loop3): failed to initialize mballoc (-12)
[   82.797356][ T5736] netlink: 132 bytes leftover after parsing attributes in process `syz.1.752'.
[   82.832474][ T5738] EXT4-fs (loop3): mount failed
[   82.910900][   T31] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   82.916372][ T5748] siw: device registration error -23
[   82.937067][   T31] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   82.949453][   T31] EXT4-fs (loop4): This should not happen!! Data will be lost
[   82.949453][   T31] 
[   82.959142][   T31] EXT4-fs (loop4): Total free blocks count 0
[   82.965250][   T31] EXT4-fs (loop4): Free/Dirty block details
[   82.971200][   T31] EXT4-fs (loop4): free_blocks=2415919104
[   82.976991][   T31] EXT4-fs (loop4): dirty_blocks=8224
[   82.982483][   T31] EXT4-fs (loop4): Block reservation details
[   82.988562][   T31] EXT4-fs (loop4): i_reserved_data_blocks=514
[   83.152649][ T5770] Failed to initialize the IGMP autojoin socket (err -2)
[   83.166005][ T5769] Failed to initialize the IGMP autojoin socket (err -2)
[   83.192000][ T5774] Failed to initialize the IGMP autojoin socket (err -2)
[   83.339836][ T5792] capability: warning: `syz.4.773' uses deprecated v2 capabilities in a way that may be insecure
[   83.355884][ T5786] netlink: 'syz.0.771': attribute type 13 has an invalid length.
[   83.382797][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.390903][ T5786] 8021q: adding VLAN 0 to HW filter on device team0
[   83.401316][ T5786] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   83.460283][ T5781] Falling back ldisc for ttyS3.
[   83.483549][ T5799] SELinux: syz.3.777 (5799) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   83.513350][ T5799] Failed to initialize the IGMP autojoin socket (err -2)
[   83.622183][ T5817] loop0: detected capacity change from 0 to 164
[   83.698768][ T5822] Failed to initialize the IGMP autojoin socket (err -2)
[   83.922888][ T5830] loop4: detected capacity change from 0 to 512
[   83.952269][ T5830] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.786: Failed to acquire dquot type 1
[   83.965667][ T5830] EXT4-fs (loop4): 1 truncate cleaned up
[   83.972365][ T5830] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.985541][ T5830] ext4 filesystem being mounted at /155/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.064114][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.266538][ T5857] SELinux: syz.4.796 (5857) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   84.297224][ T5857] Failed to initialize the IGMP autojoin socket (err -2)
[   84.318647][ T5864] loop1: detected capacity change from 0 to 512
[   84.334759][ T5866] loop3: detected capacity change from 0 to 164
[   84.350431][ T5864] EXT4-fs: Ignoring removed nobh option
[   84.372155][ T5864] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.800: iget: bad i_size value: 38620345925642
[   84.392543][ T5870] loop0: detected capacity change from 0 to 164
[   84.403954][   T29] kauditd_printk_skb: 617 callbacks suppressed
[   84.403967][   T29] audit: type=1326 audit(2000000012.529:4827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5869 comm="syz.0.802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[   84.411501][ T5870] Failed to initialize the IGMP autojoin socket (err -2)
[   84.434015][   T29] audit: type=1326 audit(2000000012.529:4828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5869 comm="syz.0.802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[   84.457401][ T5864] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.800: couldn't read orphan inode 15 (err -117)
[   84.463848][   T29] audit: type=1326 audit(2000000012.529:4829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5869 comm="syz.0.802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[   84.498984][   T29] audit: type=1326 audit(2000000012.529:4830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5869 comm="syz.0.802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[   84.522526][   T29] audit: type=1326 audit(2000000012.529:4831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5869 comm="syz.0.802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[   84.537030][ T5864] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.545967][   T29] audit: type=1326 audit(2000000012.529:4832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5869 comm="syz.0.802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[   84.581753][   T29] audit: type=1326 audit(2000000012.529:4833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5869 comm="syz.0.802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[   84.599713][ T5864] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.800: bg 0: block 5: invalid block bitmap
[   84.605111][   T29] audit: type=1326 audit(2000000012.529:4834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5869 comm="syz.0.802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[   84.640668][   T29] audit: type=1326 audit(2000000012.529:4835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5869 comm="syz.0.802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[   84.664072][   T29] audit: type=1326 audit(2000000012.529:4836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5869 comm="syz.0.802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[   84.697733][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.939196][ T5897] loop0: detected capacity change from 0 to 2048
[   84.963155][ T5901] Failed to initialize the IGMP autojoin socket (err -2)
[   84.982186][ T5909] loop2: detected capacity change from 0 to 164
[   84.989617][ T5897] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.025560][ T5913] loop4: detected capacity change from 0 to 512
[   85.029978][ T5912] siw: device registration error -23
[   85.032883][ T5913] EXT4-fs: Ignoring removed nobh option
[   85.051904][ T5897] EXT4-fs: Ignoring removed orlov option
[   85.058387][ T5913] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.818: iget: bad i_size value: 38620345925642
[   85.072421][ T5897] EXT4-fs (loop0): can't enable nombcache during remount
[   85.118052][ T5909] Failed to initialize the IGMP autojoin socket (err -2)
[   85.131053][ T5913] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.818: couldn't read orphan inode 15 (err -117)
[   85.158494][ T5919] loop3: detected capacity change from 0 to 164
[   85.162584][ T5913] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.238458][ T5913] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.818: bg 0: block 5: invalid block bitmap
[   85.281838][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.302800][ T5924] Failed to initialize the IGMP autojoin socket (err -2)
[   85.584608][ T5949] Failed to initialize the IGMP autojoin socket (err -2)
[   85.649022][ T5951] Failed to initialize the IGMP autojoin socket (err -2)
[   85.660832][ T5953] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=19 sclass=netlink_tcpdiag_socket pid=5953 comm=syz.1.835
[   85.732019][ T5958] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   85.762146][ T5961] Failed to initialize the IGMP autojoin socket (err -2)
[   85.785121][ T3434] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   85.808683][ T3434] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   85.820977][ T3434] EXT4-fs (loop0): This should not happen!! Data will be lost
[   85.820977][ T3434] 
[   85.830668][ T3434] EXT4-fs (loop0): Total free blocks count 0
[   85.836661][ T3434] EXT4-fs (loop0): Free/Dirty block details
[   85.842599][ T3434] EXT4-fs (loop0): free_blocks=2415919104
[   85.848353][ T3434] EXT4-fs (loop0): dirty_blocks=8224
[   85.853757][ T3434] EXT4-fs (loop0): Block reservation details
[   85.859832][ T3434] EXT4-fs (loop0): i_reserved_data_blocks=514
[   85.955875][ T5967] Failed to initialize the IGMP autojoin socket (err -2)
[   86.089195][ T5982] Cannot find add_set index 0 as target
[   86.103692][ T5979] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.110951][ T5979] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.158386][ T5979] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   86.170385][ T5979] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   86.223154][ T5979] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   86.231713][ T5979] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   86.240160][ T5979] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   86.248688][ T5979] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   86.257729][ T5997] __nla_validate_parse: 15 callbacks suppressed
[   86.257747][ T5997] netlink: 12 bytes leftover after parsing attributes in process `syz.3.845'.
[   86.284915][   T36] lo speed is unknown, defaulting to 1000
[   86.290848][   T36] syz0: Port: 1 Link DOWN
[   86.298982][ T5991] ip6gretap0: entered promiscuous mode
[   86.337224][ T5994] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.393659][ T5994] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.425649][ T6006] Failed to initialize the IGMP autojoin socket (err -2)
[   86.473428][ T5994] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.488328][ T6007] FAULT_INJECTION: forcing a failure.
[   86.488328][ T6007] name failslab, interval 1, probability 0, space 0, times 0
[   86.501201][ T6007] CPU: 0 UID: 0 PID: 6007 Comm: syz.3.851 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(voluntary) 
[   86.501239][ T6007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   86.501321][ T6007] Call Trace:
[   86.501329][ T6007]  <TASK>
[   86.501339][ T6007]  __dump_stack+0x1d/0x30
[   86.501565][ T6007]  dump_stack_lvl+0xe8/0x140
[   86.501616][ T6007]  dump_stack+0x15/0x1b
[   86.501637][ T6007]  should_fail_ex+0x265/0x280
[   86.501671][ T6007]  ? io_manage_buffers_legacy+0x188/0x670
[   86.501762][ T6007]  should_failslab+0x8c/0xb0
[   86.501789][ T6007]  __kmalloc_cache_noprof+0x4c/0x320
[   86.501821][ T6007]  io_manage_buffers_legacy+0x188/0x670
[   86.501853][ T6007]  __io_issue_sqe+0xfb/0x2e0
[   86.501934][ T6007]  ? io_assign_file+0x56/0x200
[   86.501968][ T6007]  io_issue_sqe+0x53/0x970
[   86.502002][ T6007]  ? io_provide_buffers_prep+0x1c7/0x1f0
[   86.502031][ T6007]  io_submit_sqes+0x667/0xfd0
[   86.502076][ T6007]  __se_sys_io_uring_enter+0x1c1/0x1b70
[   86.502185][ T6007]  ? 0xffffffff81000000
[   86.502201][ T6007]  ? __rcu_read_unlock+0x4f/0x70
[   86.502237][ T6007]  ? get_pid_task+0x96/0xd0
[   86.502261][ T6007]  ? proc_fail_nth_write+0x12d/0x160
[   86.502298][ T6007]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   86.502339][ T6007]  ? vfs_write+0x75e/0x8e0
[   86.502447][ T6007]  ? __rcu_read_unlock+0x4f/0x70
[   86.502472][ T6007]  ? __fget_files+0x184/0x1c0
[   86.502537][ T6007]  ? fput+0x8f/0xc0
[   86.502582][ T6007]  __x64_sys_io_uring_enter+0x78/0x90
[   86.502624][ T6007]  x64_sys_call+0x28c8/0x2fb0
[   86.502720][ T6007]  do_syscall_64+0xd2/0x200
[   86.502744][ T6007]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   86.502772][ T6007]  ? clear_bhb_loop+0x40/0x90
[   86.502858][ T6007]  ? clear_bhb_loop+0x40/0x90
[   86.502884][ T6007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.502977][ T6007] RIP: 0033:0x7f713701e9a9
[   86.502995][ T6007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.503016][ T6007] RSP: 002b:00007f7135666038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   86.503107][ T6007] RAX: ffffffffffffffda RBX: 00007f7137246080 RCX: 00007f713701e9a9
[   86.503122][ T6007] RDX: 0000000000000000 RSI: 00000000000047fa RDI: 0000000000000003
[   86.503143][ T6007] RBP: 00007f7135666090 R08: 0000000000000000 R09: 0000000000000000
[   86.503159][ T6007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.503172][ T6007] R13: 0000000000000000 R14: 00007f7137246080 R15: 00007ffdc62ed408
[   86.503191][ T6007]  </TASK>
[   86.812005][ T5994] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.014373][ T5994] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   87.126510][ T5994] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   87.295328][ T6034] FAULT_INJECTION: forcing a failure.
[   87.295328][ T6034] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   87.308923][ T6034] CPU: 1 UID: 0 PID: 6034 Comm: syz.0.862 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(voluntary) 
[   87.308954][ T6034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   87.308966][ T6034] Call Trace:
[   87.308971][ T6034]  <TASK>
[   87.308978][ T6034]  __dump_stack+0x1d/0x30
[   87.309074][ T6034]  dump_stack_lvl+0xe8/0x140
[   87.309128][ T6034]  dump_stack+0x15/0x1b
[   87.309149][ T6034]  should_fail_ex+0x265/0x280
[   87.309181][ T6034]  should_fail+0xb/0x20
[   87.309207][ T6034]  should_fail_usercopy+0x1a/0x20
[   87.309298][ T6034]  strncpy_from_user+0x25/0x230
[   87.309333][ T6034]  path_setxattrat+0xeb/0x310
[   87.309376][ T6034]  __x64_sys_fsetxattr+0x6b/0x80
[   87.309395][ T6034]  x64_sys_call+0x2f7c/0x2fb0
[   87.309416][ T6034]  do_syscall_64+0xd2/0x200
[   87.309498][ T6034]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   87.309523][ T6034]  ? clear_bhb_loop+0x40/0x90
[   87.309579][ T6034]  ? clear_bhb_loop+0x40/0x90
[   87.309600][ T6034]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.309677][ T6034] RIP: 0033:0x7fa52ce8e9a9
[   87.309691][ T6034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.309757][ T6034] RSP: 002b:00007fa52b4f7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[   87.309872][ T6034] RAX: ffffffffffffffda RBX: 00007fa52d0b5fa0 RCX: 00007fa52ce8e9a9
[   87.309889][ T6034] RDX: 0000200000000180 RSI: 0000200000000080 RDI: 0000000000000003
[   87.309905][ T6034] RBP: 00007fa52b4f7090 R08: 0000000000000001 R09: 0000000000000000
[   87.309949][ T6034] R10: 0000000000000018 R11: 0000000000000246 R12: 0000000000000001
[   87.309961][ T6034] R13: 0000000000000000 R14: 00007fa52d0b5fa0 R15: 00007ffdebfb9698
[   87.309979][ T6034]  </TASK>
[   87.451866][ T5994] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   87.519143][ T5994] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.569586][ T6038] loop4: detected capacity change from 0 to 512
[   87.601755][ T6038] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.864: Failed to acquire dquot type 1
[   87.623448][ T6038] EXT4-fs (loop4): 1 truncate cleaned up
[   87.649554][ T6051] Failed to initialize the IGMP autojoin socket (err -2)
[   87.681319][ T6038] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.701487][ T6057] loop1: detected capacity change from 0 to 164
[   87.703104][ T6038] ext4 filesystem being mounted at /173/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.731344][ T6057] netlink: 4 bytes leftover after parsing attributes in process `syz.1.871'.
[   87.737667][ T6038] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.864: Failed to acquire dquot type 1
[   87.741935][ T6057] netlink: 12 bytes leftover after parsing attributes in process `syz.1.871'.
[   87.786624][ T6057] Failed to initialize the IGMP autojoin socket (err -2)
[   87.835380][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.874765][ T6073] veth1_to_bond: entered allmulticast mode
[   87.899355][ T6073] netlink: 4 bytes leftover after parsing attributes in process `syz.4.877'.
[   87.983238][ T6070] veth1_to_bond: left allmulticast mode
[   88.032922][ T6093] Failed to initialize the IGMP autojoin socket (err -2)
[   88.074585][ T6100] loop3: detected capacity change from 0 to 512
[   88.096703][ T6100] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.887: Failed to acquire dquot type 1
[   88.116895][ T6100] EXT4-fs (loop3): 1 truncate cleaned up
[   88.123926][ T6100] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.149840][ T6100] ext4 filesystem being mounted at /181/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.165331][ T6107] Failed to initialize the IGMP autojoin socket (err -2)
[   88.184021][ T6109] loop0: detected capacity change from 0 to 164
[   88.195779][ T6109] netlink: 4 bytes leftover after parsing attributes in process `syz.0.889'.
[   88.214546][ T6100] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.887: Failed to acquire dquot type 1
[   88.227667][ T6109] netlink: 12 bytes leftover after parsing attributes in process `syz.0.889'.
[   88.255999][ T6109] Failed to initialize the IGMP autojoin socket (err -2)
[   88.275257][ T6116] Failed to initialize the IGMP autojoin socket (err -2)
[   88.300479][ T6105] Falling back ldisc for ttyS3.
[   88.318039][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.416007][ T6132] Failed to initialize the IGMP autojoin socket (err -2)
[   88.527313][ T6137] netlink: 132 bytes leftover after parsing attributes in process `syz.1.895'.
[   88.541777][ T6150] Failed to initialize the IGMP autojoin socket (err -2)
[   88.671030][ T6171] IPv6: Can't replace route, no match found
[   88.687798][ T6160] netlink: 'syz.0.900': attribute type 13 has an invalid length.
[   88.710386][ T6160] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   88.786308][ T6174] loop3: detected capacity change from 0 to 512
[   88.805526][ T6174] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.903: Failed to acquire dquot type 1
[   88.807556][ T6184] netlink: 12 bytes leftover after parsing attributes in process `syz.0.904'.
[   88.829597][ T6174] EXT4-fs (loop3): 1 truncate cleaned up
[   88.836135][ T6174] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.848906][ T6174] ext4 filesystem being mounted at /186/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.869919][ T6174] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.903: Failed to acquire dquot type 1
[   88.961616][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.974845][ T6190] loop0: detected capacity change from 0 to 164
[   89.040227][ T6188] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.047500][ T6188] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.058895][ T6193] netlink: 132 bytes leftover after parsing attributes in process `syz.3.909'.
[   89.132001][ T6188] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   89.141953][ T6188] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   89.171286][ T6188] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   89.179710][ T6188] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   89.188181][ T6188] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   89.196774][ T6188] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   89.289945][ T6196] Failed to initialize the IGMP autojoin socket (err -2)
[   89.465098][ T6209] IPv6: Can't replace route, no match found
[   89.465372][   T29] kauditd_printk_skb: 818 callbacks suppressed
[   89.465390][   T29] audit: type=1326 audit(2000000017.589:5643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6217 comm="syz.0.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[   89.486739][ T6209] netlink: 'syz.4.914': attribute type 13 has an invalid length.
[   89.501006][   T29] audit: type=1326 audit(2000000017.589:5644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6217 comm="syz.0.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[   89.532600][   T29] audit: type=1326 audit(2000000017.589:5645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6206 comm="syz.4.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc01bd6e9a9 code=0x7ffc0000
[   89.532705][   T29] audit: type=1326 audit(2000000017.589:5646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6206 comm="syz.4.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc01bd6e9a9 code=0x7ffc0000
[   89.532731][   T29] audit: type=1326 audit(2000000017.589:5647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6206 comm="syz.4.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc01bd6e9a9 code=0x7ffc0000
[   89.602976][   T29] audit: type=1326 audit(2000000017.589:5648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6206 comm="syz.4.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc01bd6e9a9 code=0x7ffc0000
[   89.626457][   T29] audit: type=1326 audit(2000000017.589:5649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6206 comm="syz.4.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fc01bd6e9a9 code=0x7ffc0000
[   89.650276][ T6209] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   89.651092][   T29] audit: type=1326 audit(2000000017.599:5650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6206 comm="syz.4.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc01bd6e9a9 code=0x7ffc0000
[   89.689194][   T29] audit: type=1326 audit(2000000017.599:5651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6206 comm="syz.4.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc01bd6e9a9 code=0x7ffc0000
[   89.712608][   T29] audit: type=1326 audit(2000000017.599:5652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6206 comm="syz.4.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc01bd6e9a9 code=0x7ffc0000
[   89.821513][ T6219] Failed to initialize the IGMP autojoin socket (err -2)
[   89.854942][ T6239] Failed to initialize the IGMP autojoin socket (err -2)
[   90.025872][ T6247] Failed to initialize the IGMP autojoin socket (err -2)
[   90.246717][ T6258] Failed to initialize the IGMP autojoin socket (err -2)
[   90.355786][ T6265] loop0: detected capacity change from 0 to 512
[   90.372681][ T6265] EXT4-fs: Ignoring removed nobh option
[   90.394829][ T6266] netlink: 24 bytes leftover after parsing attributes in process `syz.3.933'.
[   90.412717][ T6265] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.932: iget: bad i_size value: 38620345925642
[   90.446225][ T6265] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.932: couldn't read orphan inode 15 (err -117)
[   90.510341][ T6265] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.549739][ T6276] netlink: 'syz.2.937': attribute type 13 has an invalid length.
[   90.567768][ T6265] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.932: bg 0: block 5: invalid block bitmap
[   90.588604][ T6276] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.606803][ T6276] 8021q: adding VLAN 0 to HW filter on device team0
[   90.626209][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.664596][ T6276] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   90.684912][ T6279] Failed to initialize the IGMP autojoin socket (err -2)
[   90.828609][ T6294] loop1: detected capacity change from 0 to 164
[   90.861303][ T6290] loop2: detected capacity change from 0 to 164
[   90.875514][ T6294] Failed to initialize the IGMP autojoin socket (err -2)
[   90.946773][ T6301] loop0: detected capacity change from 0 to 164
[   90.985502][ T6304] Failed to initialize the IGMP autojoin socket (err -2)
[   90.999953][ T6306] Failed to initialize the IGMP autojoin socket (err -2)
[   91.158139][ T6320] loop3: detected capacity change from 0 to 164
[   91.208131][ T6320] Failed to initialize the IGMP autojoin socket (err -2)
[   91.404642][ T6340] loop1: detected capacity change from 0 to 512
[   91.437190][ T6340] EXT4-fs: Ignoring removed nobh option
[   91.481570][ T6340] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.967: iget: bad i_size value: 38620345925642
[   91.525768][ T6352] __nla_validate_parse: 3 callbacks suppressed
[   91.525788][ T6352] netlink: 8 bytes leftover after parsing attributes in process `syz.3.973'.
[   91.550903][ T6354] loop0: detected capacity change from 0 to 512
[   91.567264][ T6354] EXT4-fs: Ignoring removed nobh option
[   91.577142][ T6340] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.967: couldn't read orphan inode 15 (err -117)
[   91.613093][ T6352] loop3: detected capacity change from 0 to 164
[   91.624783][ T6354] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.972: iget: bad i_size value: 38620345925642
[   91.648274][ T6340] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.710300][ T6354] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.972: couldn't read orphan inode 15 (err -117)
[   91.754556][ T6340] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.967: bg 0: block 5: invalid block bitmap
[   91.779632][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.802443][ T6361] Failed to initialize the IGMP autojoin socket (err -2)
[   91.810951][ T6354] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.847890][ T6354] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.972: bg 0: block 5: invalid block bitmap
[   91.889144][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.002183][ T6381] netlink: 24 bytes leftover after parsing attributes in process `syz.1.983'.
[   92.011170][ T6381] netlink: 212 bytes leftover after parsing attributes in process `syz.1.983'.
[   92.170121][ T6396] netlink: 132 bytes leftover after parsing attributes in process `syz.4.987'.
[   92.334285][ T6422] loop2: detected capacity change from 0 to 164
[   92.381897][ T6422] Failed to initialize the IGMP autojoin socket (err -2)
[   92.411935][ T6429] netlink: 12 bytes leftover after parsing attributes in process `syz.4.999'.
[   92.558283][ T6441] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1001'.
[   92.612714][ T6447] siw: device registration error -23
[   92.779302][ T6460] loop2: detected capacity change from 0 to 164
[   92.828113][ T6460] Failed to initialize the IGMP autojoin socket (err -2)
[   92.839293][ T6462] Failed to initialize the IGMP autojoin socket (err -2)
[   93.018557][ T6472] siw: device registration error -23
[   93.047429][ T6470] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1014'.
[   93.058322][ T6470] loop4: detected capacity change from 0 to 164
[   93.146151][ T6480] loop2: detected capacity change from 0 to 512
[   93.256611][ T6480] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.307241][ T6480] ext4 filesystem being mounted at /190/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.325020][ T6484] Failed to initialize the IGMP autojoin socket (err -2)
[   93.352800][ T6480] Zero length message leads to an empty skb
[   93.420047][ T6503] FAULT_INJECTION: forcing a failure.
[   93.420047][ T6503] name failslab, interval 1, probability 0, space 0, times 0
[   93.432842][ T6503] CPU: 1 UID: 0 PID: 6503 Comm: syz.0.1025 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(voluntary) 
[   93.432875][ T6503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   93.432889][ T6503] Call Trace:
[   93.432896][ T6503]  <TASK>
[   93.432904][ T6503]  __dump_stack+0x1d/0x30
[   93.432979][ T6503]  dump_stack_lvl+0xe8/0x140
[   93.433001][ T6503]  dump_stack+0x15/0x1b
[   93.433020][ T6503]  should_fail_ex+0x265/0x280
[   93.433055][ T6503]  ? sdev_prefix_printk+0x79/0x170
[   93.433122][ T6503]  should_failslab+0x8c/0xb0
[   93.433160][ T6503]  __kmalloc_cache_noprof+0x4c/0x320
[   93.433283][ T6503]  sdev_prefix_printk+0x79/0x170
[   93.433308][ T6503]  ? should_fail_ex+0xdb/0x280
[   93.433378][ T6503]  ? read_tsc+0x9/0x20
[   93.433415][ T6503]  virtscsi_device_reset+0x42/0x160
[   93.433450][ T6503]  scsi_ioctl_reset+0x29c/0x490
[   93.433503][ T6503]  scsi_ioctl+0x5fd/0x14d0
[   93.433531][ T6503]  ? ioctl_has_perm+0x257/0x2a0
[   93.433572][ T6503]  ? do_vfs_ioctl+0x9df/0x11d0
[   93.433603][ T6503]  sg_ioctl+0x12fb/0x1360
[   93.433684][ T6503]  ? __pfx_sg_ioctl+0x10/0x10
[   93.433712][ T6503]  __se_sys_ioctl+0xce/0x140
[   93.433812][ T6503]  __x64_sys_ioctl+0x43/0x50
[   93.433839][ T6503]  x64_sys_call+0x19a8/0x2fb0
[   93.433910][ T6503]  do_syscall_64+0xd2/0x200
[   93.433930][ T6503]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.433957][ T6503]  ? clear_bhb_loop+0x40/0x90
[   93.434053][ T6503]  ? clear_bhb_loop+0x40/0x90
[   93.434154][ T6503]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.434175][ T6503] RIP: 0033:0x7fa52ce8e9a9
[   93.434191][ T6503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.434210][ T6503] RSP: 002b:00007fa52b4d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   93.434230][ T6503] RAX: ffffffffffffffda RBX: 00007fa52d0b6080 RCX: 00007fa52ce8e9a9
[   93.434242][ T6503] RDX: 0000200000000080 RSI: 0000000000002284 RDI: 0000000000000005
[   93.434292][ T6503] RBP: 00007fa52b4d6090 R08: 0000000000000000 R09: 0000000000000000
[   93.434304][ T6503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.434316][ T6503] R13: 0000000000000000 R14: 00007fa52d0b6080 R15: 00007ffdebfb9698
[   93.434336][ T6503]  </TASK>
[   93.764450][ T6513] loop4: detected capacity change from 0 to 164
[   93.778422][ T6513] Failed to initialize the IGMP autojoin socket (err -2)
[   93.802588][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.879061][ T6516] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1033'.
[   93.982296][ T6527] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1036'.
[   94.117765][ T6542] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1042'.
[   94.209011][ T6561] loop3: detected capacity change from 0 to 164
[   94.223972][ T6561] Failed to initialize the IGMP autojoin socket (err -2)
[   94.268709][ T6569] siw: device registration error -23
[   94.419368][ T6593] Failed to initialize the IGMP autojoin socket (err -2)
[   94.419708][ T6595] loop2: detected capacity change from 0 to 164
[   94.439596][ T6595] Failed to initialize the IGMP autojoin socket (err -2)
[   94.480437][   T29] kauditd_printk_skb: 912 callbacks suppressed
[   94.480455][   T29] audit: type=1326 audit(2000000022.609:6565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6592 comm="syz.3.1062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f713701e9a9 code=0x7ffc0000
[   94.510281][   T29] audit: type=1326 audit(2000000022.609:6566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6592 comm="syz.3.1062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f713701e9a9 code=0x7ffc0000
[   94.550154][   T29] audit: type=1326 audit(2000000022.679:6567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6594 comm="syz.2.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f665ab3e9a9 code=0x7ffc0000
[   94.573784][   T29] audit: type=1326 audit(2000000022.679:6568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6594 comm="syz.2.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f665ab3e9a9 code=0x7ffc0000
[   94.617900][ T6604] Failed to initialize the IGMP autojoin socket (err -2)
[   94.756898][   T29] audit: type=1326 audit(2000000022.869:6569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6614 comm="syz.4.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc01bd6e9a9 code=0x7ffc0000
[   94.780527][   T29] audit: type=1326 audit(2000000022.869:6570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6614 comm="syz.4.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc01bd6e9a9 code=0x7ffc0000
[   94.854086][ T6623] loop4: detected capacity change from 0 to 512
[   94.882307][   T29] audit: type=1326 audit(2000000023.009:6571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6626 comm="syz.2.1076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f665ab3e9a9 code=0x7ffc0000
[   94.905992][   T29] audit: type=1326 audit(2000000023.009:6572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6626 comm="syz.2.1076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f665ab3e9a9 code=0x7ffc0000
[   94.942524][ T6623] Quota error (device loop4): v2_read_file_info: Free block number 1 out of range (1, 6).
[   94.972856][ T6623] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   95.023137][ T6623] EXT4-fs (loop4): mount failed
[   95.047521][   T29] audit: type=1326 audit(2000000023.009:6573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6626 comm="syz.2.1076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f665ab3e9a9 code=0x7ffc0000
[   95.137387][ T6642] loop4: detected capacity change from 0 to 164
[   95.204162][ T6642] Failed to initialize the IGMP autojoin socket (err -2)
[   95.249341][ T6650] sd 0:0:1:0: device reset
[   95.263211][ T6649] Failed to initialize the IGMP autojoin socket (err -2)
[   95.291987][ T6652] FAULT_INJECTION: forcing a failure.
[   95.291987][ T6652] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   95.305644][ T6652] CPU: 0 UID: 0 PID: 6652 Comm: syz.1.1083 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(voluntary) 
[   95.305681][ T6652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   95.305697][ T6652] Call Trace:
[   95.305704][ T6652]  <TASK>
[   95.305713][ T6652]  __dump_stack+0x1d/0x30
[   95.305739][ T6652]  dump_stack_lvl+0xe8/0x140
[   95.305764][ T6652]  dump_stack+0x15/0x1b
[   95.305818][ T6652]  should_fail_ex+0x265/0x280
[   95.305857][ T6652]  should_fail_alloc_page+0xf2/0x100
[   95.305884][ T6652]  __alloc_frozen_pages_noprof+0xff/0x360
[   95.306008][ T6652]  alloc_pages_mpol+0xb3/0x250
[   95.306041][ T6652]  vma_alloc_folio_noprof+0x1aa/0x300
[   95.306127][ T6652]  handle_mm_fault+0xbfe/0x2be0
[   95.306153][ T6652]  ? __rcu_read_unlock+0x4f/0x70
[   95.306216][ T6652]  do_user_addr_fault+0x3fe/0x1090
[   95.306263][ T6652]  exc_page_fault+0x62/0xa0
[   95.306302][ T6652]  asm_exc_page_fault+0x26/0x30
[   95.306400][ T6652] RIP: 0010:__put_user_4+0xd/0x20
[   95.306421][ T6652] Code: 66 89 01 31 c9 0f 01 ca e9 d0 7d 01 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90
[   95.306445][ T6652] RSP: 0018:ffffc90011877dd0 EFLAGS: 00050202
[   95.306465][ T6652] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000200000001840
[   95.306481][ T6652] RDX: 0000000000000231 RSI: 0000000000000000 RDI: ffff88811b17c5b8
[   95.306497][ T6652] RBP: 0000000000000026 R08: 000188811b17c5bf R09: 0000000000000000
[   95.306584][ T6652] R10: 000000000000000c R11: 0000000000000000 R12: ffff88811d80fb30
[   95.306600][ T6652] R13: 0000000000000000 R14: ffff88811b17c5b8 R15: 0000000000000000
[   95.306623][ T6652]  netlink_getsockopt+0x315/0x420
[   95.306651][ T6652]  ? __pfx_netlink_getsockopt+0x10/0x10
[   95.306677][ T6652]  do_sock_getsockopt+0x200/0x240
[   95.306719][ T6652]  __x64_sys_getsockopt+0x11e/0x1a0
[   95.306773][ T6652]  x64_sys_call+0x12aa/0x2fb0
[   95.306798][ T6652]  do_syscall_64+0xd2/0x200
[   95.306822][ T6652]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   95.306856][ T6652]  ? clear_bhb_loop+0x40/0x90
[   95.306964][ T6652]  ? clear_bhb_loop+0x40/0x90
[   95.306992][ T6652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.307020][ T6652] RIP: 0033:0x7f94cdfde9a9
[   95.307039][ T6652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.307107][ T6652] RSP: 002b:00007f94cc647038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[   95.307127][ T6652] RAX: ffffffffffffffda RBX: 00007f94ce205fa0 RCX: 00007f94cdfde9a9
[   95.307144][ T6652] RDX: 0000000000000009 RSI: 000000000000010e RDI: 0000000000000007
[   95.307220][ T6652] RBP: 00007f94cc647090 R08: 0000200000000100 R09: 0000000000000000
[   95.307237][ T6652] R10: 0000200000001840 R11: 0000000000000246 R12: 0000000000000001
[   95.307252][ T6652] R13: 0000000000000000 R14: 00007f94ce205fa0 R15: 00007ffdd5905a58
[   95.307272][ T6652]  </TASK>
[   95.702285][ T6667] siw: device registration error -23
[   95.807918][ T6682] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.815562][ T6682] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.863854][ T6682] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   95.875249][ T6682] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   95.911336][ T6682] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   95.919797][ T6682] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   95.928213][ T6682] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   95.936735][ T6682] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   96.011370][ T6693] loop0: detected capacity change from 0 to 164
[   96.025197][ T6693] Failed to initialize the IGMP autojoin socket (err -2)
[   96.054698][ T6689] netlink: 'syz.4.1094': attribute type 13 has an invalid length.
[   96.079546][ T6689] ip6gretap0: left promiscuous mode
[   96.088864][ T6689] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.112503][ T6689] 8021q: adding VLAN 0 to HW filter on device team0
[   96.123156][ T6689] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   96.170772][ T6702] loop3: detected capacity change from 0 to 164
[   96.381490][ T6723] loop2: detected capacity change from 0 to 164
[   96.395760][ T6727] loop0: detected capacity change from 0 to 512
[   96.404487][ T6727] EXT4-fs: Ignoring removed nobh option
[   96.413398][ T6727] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.1111: iget: bad i_size value: 38620345925642
[   96.438672][ T6723] Failed to initialize the IGMP autojoin socket (err -2)
[   96.445331][ T6727] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.1111: couldn't read orphan inode 15 (err -117)
[   96.488088][ T6727] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.1111: bg 0: block 5: invalid block bitmap
[   96.565427][ T6740] __nla_validate_parse: 6 callbacks suppressed
[   96.565447][ T6740] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1116'.
[   96.593856][ T6742] loop2: detected capacity change from 0 to 164
[   96.675994][ T6758] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1123'.
[   96.687010][ T6760] Failed to initialize the IGMP autojoin socket (err -2)
[   96.698386][ T6759] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1124'.
[   96.707551][ T6759] netlink: 212 bytes leftover after parsing attributes in process `syz.4.1124'.
[   96.707696][ T6758] loop1: detected capacity change from 0 to 164
[   96.817289][ T6766] Failed to initialize the IGMP autojoin socket (err -2)
[   96.840891][ T6768] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1130'.
[   96.971729][ T6774] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1132'.
[   97.028627][ T6782] FAULT_INJECTION: forcing a failure.
[   97.028627][ T6782] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.041994][ T6782] CPU: 1 UID: 0 PID: 6782 Comm: syz.2.1134 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(voluntary) 
[   97.042030][ T6782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   97.042045][ T6782] Call Trace:
[   97.042050][ T6782]  <TASK>
[   97.042057][ T6782]  __dump_stack+0x1d/0x30
[   97.042169][ T6782]  dump_stack_lvl+0xe8/0x140
[   97.042209][ T6782]  dump_stack+0x15/0x1b
[   97.042225][ T6782]  should_fail_ex+0x265/0x280
[   97.042256][ T6782]  should_fail+0xb/0x20
[   97.042306][ T6782]  should_fail_usercopy+0x1a/0x20
[   97.042363][ T6782]  _copy_from_user+0x1c/0xb0
[   97.042387][ T6782]  __sys_bpf+0x178/0x790
[   97.042441][ T6782]  __x64_sys_bpf+0x41/0x50
[   97.042502][ T6782]  x64_sys_call+0x2478/0x2fb0
[   97.042530][ T6782]  do_syscall_64+0xd2/0x200
[   97.042553][ T6782]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.042645][ T6782]  ? clear_bhb_loop+0x40/0x90
[   97.042672][ T6782]  ? clear_bhb_loop+0x40/0x90
[   97.042771][ T6782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.042790][ T6782] RIP: 0033:0x7f665ab3e9a9
[   97.042805][ T6782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.042834][ T6782] RSP: 002b:00007f665919f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   97.042853][ T6782] RAX: ffffffffffffffda RBX: 00007f665ad65fa0 RCX: 00007f665ab3e9a9
[   97.042885][ T6782] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005
[   97.042896][ T6782] RBP: 00007f665919f090 R08: 0000000000000000 R09: 0000000000000000
[   97.042907][ T6782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.042921][ T6782] R13: 0000000000000001 R14: 00007f665ad65fa0 R15: 00007ffe61042348
[   97.042945][ T6782]  </TASK>
[   97.238142][ T6781] siw: device registration error -23
[   97.248169][ T6788] Failed to initialize the IGMP autojoin socket (err -2)
[   97.289427][ T6794] Failed to initialize the IGMP autojoin socket (err -2)
[   97.322844][ T6798] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1141'.
[   97.331914][ T6798] netlink: 212 bytes leftover after parsing attributes in process `syz.1.1141'.
[   97.445972][ T6813] loop1: detected capacity change from 0 to 164
[   97.473883][ T6817] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1147'.
[   97.500217][ T6823] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1149'.
[   97.618267][ T6829] netlink: 'syz.3.1152': attribute type 13 has an invalid length.
[   97.664139][ T6829] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.795031][ T6829] 8021q: adding VLAN 0 to HW filter on device team0
[   97.817969][ T6829] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   97.844551][ T6837] Failed to initialize the IGMP autojoin socket (err -2)
[   98.014056][ T6843] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6843 comm=syz.3.1156
[   98.084780][ T6851] loop3: detected capacity change from 0 to 164
[   98.210460][ T6863] hub 9-0:1.0: USB hub found
[   98.215209][ T6863] hub 9-0:1.0: 8 ports detected
[   98.267889][ T6861] bond1: entered promiscuous mode
[   98.273155][ T6861] bond1: entered allmulticast mode
[   98.279433][ T6861] 8021q: adding VLAN 0 to HW filter on device bond1
[   98.288937][ T6861] bond1 (unregistering): Released all slaves
[   98.320254][ T6869] Failed to initialize the IGMP autojoin socket (err -2)
[   98.333684][ T6874] loop2: detected capacity change from 0 to 512
[   98.340393][ T6874] EXT4-fs: Ignoring removed nobh option
[   98.347436][ T6874] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.1165: iget: bad i_size value: 38620345925642
[   98.361836][ T6874] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.1165: couldn't read orphan inode 15 (err -117)
[   98.388752][ T6877] Failed to initialize the IGMP autojoin socket (err -2)
[   98.401018][ T6874] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1165: bg 0: block 5: invalid block bitmap
[   98.428215][ T6879] 
@�A`�: renamed from veth0_vlan
[   98.532910][ T6899] loop2: detected capacity change from 0 to 512
[   98.539679][ T6899] EXT4-fs: Ignoring removed nobh option
[   98.561685][ T6899] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.1174: iget: bad i_size value: 38620345925642
[   98.585303][ T6899] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.1174: couldn't read orphan inode 15 (err -117)
[   98.613754][ T6908] siw: device registration error -23
[   98.673489][ T6914] loop4: detected capacity change from 0 to 512
[   98.678776][ T6899] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1174: bg 0: block 5: invalid block bitmap
[   98.681437][ T6914] EXT4-fs: Ignoring removed nobh option
[   98.718079][ T6914] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.1179: iget: bad i_size value: 38620345925642
[   98.737007][ T6914] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.1179: couldn't read orphan inode 15 (err -117)
[   98.758895][ T6914] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1179: bg 0: block 5: invalid block bitmap
[   98.791093][ T6926] Failed to initialize the IGMP autojoin socket (err -2)
[   98.837582][ T6935] Failed to initialize the IGMP autojoin socket (err -2)
[   98.862370][ T6937] siw: device registration error -23
[   99.011061][ T6955] loop1: detected capacity change from 0 to 512
[   99.017819][ T6955] EXT4-fs: Ignoring removed nobh option
[   99.026253][ T6955] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.1197: iget: bad i_size value: 38620345925642
[   99.057200][ T6955] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.1197: couldn't read orphan inode 15 (err -117)
[   99.100467][ T6955] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1197: bg 0: block 5: invalid block bitmap
[   99.232436][ T6974] loop1: detected capacity change from 0 to 164
[   99.252284][ T6974] Failed to initialize the IGMP autojoin socket (err -2)
[   99.266237][ T6979] loop4: detected capacity change from 0 to 164
[   99.325480][ T6983] SELinux: failed to load policy
[   99.334374][ T6985] FAULT_INJECTION: forcing a failure.
[   99.334374][ T6985] name failslab, interval 1, probability 0, space 0, times 0
[   99.347433][ T6985] CPU: 1 UID: 0 PID: 6985 Comm: syz.1.1207 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(voluntary) 
[   99.347489][ T6985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   99.347505][ T6985] Call Trace:
[   99.347513][ T6985]  <TASK>
[   99.347521][ T6985]  __dump_stack+0x1d/0x30
[   99.347548][ T6985]  dump_stack_lvl+0xe8/0x140
[   99.347586][ T6985]  dump_stack+0x15/0x1b
[   99.347603][ T6985]  should_fail_ex+0x265/0x280
[   99.347679][ T6985]  should_failslab+0x8c/0xb0
[   99.347725][ T6985]  __kmalloc_cache_node_noprof+0x54/0x320
[   99.347762][ T6985]  ? __get_vm_area_node+0x106/0x1d0
[   99.347792][ T6985]  __get_vm_area_node+0x106/0x1d0
[   99.347896][ T6985]  __vmalloc_node_range_noprof+0x273/0xe00
[   99.347936][ T6985]  ? sel_write_load+0x158/0x380
[   99.347973][ T6985]  ? __rcu_read_unlock+0x4f/0x70
[   99.348005][ T6985]  ? sel_write_load+0x158/0x380
[   99.348039][ T6985]  vmalloc_noprof+0x82/0xc0
[   99.348127][ T6985]  ? sel_write_load+0x158/0x380
[   99.348152][ T6985]  sel_write_load+0x158/0x380
[   99.348182][ T6985]  ? __pfx_sel_write_load+0x10/0x10
[   99.348246][ T6985]  vfs_write+0x266/0x8e0
[   99.348284][ T6985]  ? __rcu_read_unlock+0x4f/0x70
[   99.348311][ T6985]  ? __fget_files+0x184/0x1c0
[   99.348338][ T6985]  ksys_write+0xda/0x1a0
[   99.348386][ T6985]  __x64_sys_write+0x40/0x50
[   99.348415][ T6985]  x64_sys_call+0x2cdd/0x2fb0
[   99.348483][ T6985]  do_syscall_64+0xd2/0x200
[   99.348507][ T6985]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   99.348548][ T6985]  ? clear_bhb_loop+0x40/0x90
[   99.348570][ T6985]  ? clear_bhb_loop+0x40/0x90
[   99.348596][ T6985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.348676][ T6985] RIP: 0033:0x7f94cdfde9a9
[   99.348695][ T6985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.348719][ T6985] RSP: 002b:00007f94cc647038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   99.348773][ T6985] RAX: ffffffffffffffda RBX: 00007f94ce205fa0 RCX: 00007f94cdfde9a9
[   99.348785][ T6985] RDX: 0000000000000010 RSI: 0000200000000200 RDI: 0000000000000006
[   99.348796][ T6985] RBP: 00007f94cc647090 R08: 0000000000000000 R09: 0000000000000000
[   99.348808][ T6985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.348900][ T6985] R13: 0000000000000000 R14: 00007f94ce205fa0 R15: 00007ffdd5905a58
[   99.348919][ T6985]  </TASK>
[   99.348926][ T6985] syz.1.1207: vmalloc error: size 16, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null)
[   99.495548][   T29] kauditd_printk_skb: 857 callbacks suppressed
[   99.495609][   T29] audit: type=1326 audit(2000000027.609:7431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6916 comm="syz.3.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7136fbab89 code=0x7ffc0000
[   99.500293][ T6985] ,cpuset=/,mems_allowed=0
[   99.500325][ T6985] CPU: 1 UID: 0 PID: 6985 Comm: syz.1.1207 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(voluntary) 
[   99.500416][ T6985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   99.500439][ T6985] Call Trace:
[   99.500447][ T6985]  <TASK>
[   99.500458][ T6985]  __dump_stack+0x1d/0x30
[   99.500486][ T6985]  dump_stack_lvl+0xe8/0x140
[   99.500512][ T6985]  dump_stack+0x15/0x1b
[   99.500535][ T6985]  warn_alloc+0x12b/0x1a0
[   99.500615][ T6985]  __vmalloc_node_range_noprof+0x297/0xe00
[   99.500662][ T6985]  ? __rcu_read_unlock+0x4f/0x70
[   99.500696][ T6985]  ? sel_write_load+0x158/0x380
[   99.500730][ T6985]  vmalloc_noprof+0x82/0xc0
[   99.500846][ T6985]  ? sel_write_load+0x158/0x380
[   99.500880][ T6985]  sel_write_load+0x158/0x380
[   99.500914][ T6985]  ? __pfx_sel_write_load+0x10/0x10
[   99.500978][ T6985]  vfs_write+0x266/0x8e0
[   99.501023][ T6985]  ? __rcu_read_unlock+0x4f/0x70
[   99.501053][ T6985]  ? __fget_files+0x184/0x1c0
[   99.501080][ T6985]  ksys_write+0xda/0x1a0
[   99.501161][ T6985]  __x64_sys_write+0x40/0x50
[   99.501203][ T6985]  x64_sys_call+0x2cdd/0x2fb0
[   99.501230][ T6985]  do_syscall_64+0xd2/0x200
[   99.501262][ T6985]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   99.501297][ T6985]  ? clear_bhb_loop+0x40/0x90
[   99.501363][ T6985]  ? clear_bhb_loop+0x40/0x90
[   99.501391][ T6985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.501420][ T6985] RIP: 0033:0x7f94cdfde9a9
[   99.501497][ T6985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.501522][ T6985] RSP: 002b:00007f94cc647038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   99.501548][ T6985] RAX: ffffffffffffffda RBX: 00007f94ce205fa0 RCX: 00007f94cdfde9a9
[   99.501564][ T6985] RDX: 0000000000000010 RSI: 0000200000000200 RDI: 0000000000000006
[   99.501581][ T6985] RBP: 00007f94cc647090 R08: 0000000000000000 R09: 0000000000000000
[   99.501598][ T6985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.501695][ T6985] R13: 0000000000000000 R14: 00007f94ce205fa0 R15: 00007ffdd5905a58
[   99.501721][ T6985]  </TASK>
[   99.501791][ T6985] Mem-Info:
[   99.507007][   T29] audit: type=1326 audit(2000000027.629:7432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6916 comm="syz.3.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7137015967 code=0x7ffc0000
[   99.510934][ T6985] active_anon:5214 inactive_anon:1 isolated_anon:0
[   99.510934][ T6985]  active_file:6304 inactive_file:2247 isolated_file:0
[   99.510934][ T6985]  unevictable:0 dirty:372 writeback:0
[   99.510934][ T6985]  slab_reclaimable:3098 slab_unreclaimable:82330
[   99.510934][ T6985]  mapped:30398 shmem:1538 pagetables:1052
[   99.510934][ T6985]  sec_pagetables:0 bounce:0
[   99.510934][ T6985]  kernel_misc_reclaimable:0
[   99.510934][ T6985]  free:1836611 free_pcp:9046 free_cma:0
[   99.515680][   T29] audit: type=1326 audit(2000000027.639:7433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6916 comm="syz.3.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7136fbab89 code=0x7ffc0000
[   99.535074][ T6985] Node 0 active_anon:20856kB inactive_anon:4kB active_file:25216kB inactive_file:8988kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:121592kB dirty:1488kB writeback:0kB shmem:6152kB writeback_tmp:0kB kernel_stack:3232kB pagetables:4208kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   99.545996][   T29] audit: type=1326 audit(2000000027.669:7434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6916 comm="syz.3.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7137015967 code=0x7ffc0000
[   99.551627][ T6985] Node 0 
[   99.559640][   T29] audit: type=1326 audit(2000000027.669:7435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6916 comm="syz.3.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7136fbab89 code=0x7ffc0000
[   99.567613][ T6985] DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   99.575634][   T29] audit: type=1326 audit(2000000027.669:7436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6916 comm="syz.3.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f713701e9a9 code=0x7ffc0000
[   99.583591][ T6985] lowmem_reserve[]: 0 2882 7860 7860
[   99.586657][   T29] audit: type=1326 audit(2000000027.669:7437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6916 comm="syz.3.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7137015967 code=0x7ffc0000
[   99.598038][ T6985] 
[   99.604215][   T29] audit: type=1326 audit(2000000027.669:7438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6916 comm="syz.3.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7136fbab89 code=0x7ffc0000
[   99.627489][ T6985] Node 0 
[   99.631942][   T29] audit: type=1326 audit(2000000027.669:7439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6916 comm="syz.3.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f713701e9a9 code=0x7ffc0000
[   99.644341][ T6985] DMA32 free:2947820kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2951348kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:0kB free_cma:0kB
[   99.763632][   T29] audit: type=1326 audit(2000000027.789:7440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6916 comm="syz.3.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7137015967 code=0x7ffc0000
[   99.767514][ T6985] lowmem_reserve[]:
[   99.858654][ T6998] Failed to initialize the IGMP autojoin socket (err -2)
[   99.870425][ T6985]  0 0 4978 4978
[  100.216824][ T6985] Node 0 Normal free:4385108kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:20820kB inactive_anon:4kB active_file:25216kB inactive_file:8992kB unevictable:0kB writepending:1488kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:31352kB local_pcp:19072kB free_cma:0kB
[  100.248968][ T6985] lowmem_reserve[]: 0 0 0 0
[  100.253698][ T6985] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  100.266627][ T6985] Node 0 DMA32: 5*4kB (M) 3*8kB (M) 2*16kB (M) 3*32kB (M) 5*64kB (M) 4*128kB (M) 3*256kB (M) 4*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2947820kB
[  100.282816][ T6985] Node 0 Normal: 137*4kB (UME) 70*8kB (UM) 194*16kB (UME) 225*32kB (UME) 115*64kB (UME) 40*128kB (UME) 14*256kB (UME) 3*512kB (UME) 4*1024kB (UME) 7*2048kB (ME) 1059*4096kB (UM) = 4385108kB
[  100.301939][ T6985] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  100.311304][ T6985] 10035 total pagecache pages
[  100.315997][ T6985] 2 pages in swap cache
[  100.320251][ T6985] Free swap  = 124988kB
[  100.324488][ T6985] Total swap = 124996kB
[  100.328695][ T6985] 2097051 pages RAM
[  100.332512][ T6985] 0 pages HighMem/MovableOnly
[  100.337190][ T6985] 80814 pages reserved
[  100.343529][ T6987] SELinux: failed to load policy
[  100.388890][ T7005] Failed to initialize the IGMP autojoin socket (err -2)
[  100.443973][ T7005] netlink: 'syz.0.1214': attribute type 1 has an invalid length.
[  100.481933][ T7021] Failed to initialize the IGMP autojoin socket (err -2)
[  100.663099][ T7046] Failed to initialize the IGMP autojoin socket (err -2)
[  100.843169][ T7072] loop2: detected capacity change from 0 to 164
[  100.854884][ T7072] Failed to initialize the IGMP autojoin socket (err -2)
[  100.977850][ T7088] loop2: detected capacity change from 0 to 2048
[  100.985299][ T7088] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  101.016533][ T7093] FAULT_INJECTION: forcing a failure.
[  101.016533][ T7093] name failslab, interval 1, probability 0, space 0, times 0
[  101.029249][ T7093] CPU: 1 UID: 0 PID: 7093 Comm: syz.2.1242 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(voluntary) 
[  101.029284][ T7093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  101.029300][ T7093] Call Trace:
[  101.029307][ T7093]  <TASK>
[  101.029315][ T7093]  __dump_stack+0x1d/0x30
[  101.029340][ T7093]  dump_stack_lvl+0xe8/0x140
[  101.029365][ T7093]  dump_stack+0x15/0x1b
[  101.029385][ T7093]  should_fail_ex+0x265/0x280
[  101.029424][ T7093]  should_failslab+0x8c/0xb0
[  101.029443][ T7093]  kmem_cache_alloc_noprof+0x50/0x310
[  101.029465][ T7093]  ? vm_area_dup+0x33/0x2c0
[  101.029490][ T7093]  vm_area_dup+0x33/0x2c0
[  101.029513][ T7093]  __split_vma+0xe9/0x650
[  101.029538][ T7093]  vma_modify+0x3f2/0xc80
[  101.029560][ T7093]  vma_modify_flags+0x101/0x130
[  101.029584][ T7093]  mlock_fixup+0x11d/0x210
[  101.029608][ T7093]  apply_vma_lock_flags+0x193/0x250
[  101.029637][ T7093]  do_mlock+0x3c6/0x520
[  101.029659][ T7093]  ? __bpf_trace_sys_enter+0x10/0x30
[  101.029678][ T7093]  ? __traceiter_sys_enter+0x5c/0x80
[  101.029697][ T7093]  ? trace_sys_enter+0xd0/0x110
[  101.029717][ T7093]  __x64_sys_mlock+0x36/0x50
[  101.029738][ T7093]  x64_sys_call+0x28f4/0x2fb0
[  101.029756][ T7093]  do_syscall_64+0xd2/0x200
[  101.029772][ T7093]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.029795][ T7093]  ? clear_bhb_loop+0x40/0x90
[  101.029813][ T7093]  ? clear_bhb_loop+0x40/0x90
[  101.029832][ T7093]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.029870][ T7093] RIP: 0033:0x7f665ab3e9a9
[  101.029887][ T7093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.029908][ T7093] RSP: 002b:00007f665919f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
[  101.029930][ T7093] RAX: ffffffffffffffda RBX: 00007f665ad65fa0 RCX: 00007f665ab3e9a9
[  101.029945][ T7093] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 00002000007d8000
[  101.029960][ T7093] RBP: 00007f665919f090 R08: 0000000000000000 R09: 0000000000000000
[  101.029975][ T7093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.029990][ T7093] R13: 0000000000000000 R14: 00007f665ad65fa0 R15: 00007ffe61042348
[  101.030015][ T7093]  </TASK>
[  101.286175][ T7095] Failed to initialize the IGMP autojoin socket (err -2)
[  101.381194][ T7099] siw: device registration error -23
[  101.466156][ T7104] loop1: detected capacity change from 0 to 1024
[  101.475845][ T7108] FAULT_INJECTION: forcing a failure.
[  101.475845][ T7108] name failslab, interval 1, probability 0, space 0, times 0
[  101.488720][ T7108] CPU: 1 UID: 0 PID: 7108 Comm: syz.4.1244 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(voluntary) 
[  101.488750][ T7108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  101.488762][ T7108] Call Trace:
[  101.488767][ T7108]  <TASK>
[  101.488773][ T7108]  __dump_stack+0x1d/0x30
[  101.488864][ T7108]  dump_stack_lvl+0xe8/0x140
[  101.488883][ T7108]  dump_stack+0x15/0x1b
[  101.488902][ T7108]  should_fail_ex+0x265/0x280
[  101.488938][ T7108]  should_failslab+0x8c/0xb0
[  101.488958][ T7108]  kmem_cache_alloc_noprof+0x50/0x310
[  101.489037][ T7108]  ? alloc_vfsmnt+0x2d/0x360
[  101.489077][ T7108]  alloc_vfsmnt+0x2d/0x360
[  101.489171][ T7108]  vfs_create_mount+0x3b/0x240
[  101.489203][ T7108]  fc_mount+0x61/0x70
[  101.489231][ T7108]  mq_init_ns+0x249/0x2f0
[  101.489258][ T7108]  copy_ipcs+0x214/0x3b0
[  101.489366][ T7108]  create_new_namespaces+0x12a/0x3d0
[  101.489467][ T7108]  unshare_nsproxy_namespaces+0xe8/0x120
[  101.489503][ T7108]  ksys_unshare+0x3d0/0x6d0
[  101.489603][ T7108]  ? trace_sys_enter+0xd0/0x110
[  101.489636][ T7108]  __x64_sys_unshare+0x1f/0x30
[  101.489720][ T7108]  x64_sys_call+0x2d4b/0x2fb0
[  101.489750][ T7108]  do_syscall_64+0xd2/0x200
[  101.489774][ T7108]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.489808][ T7108]  ? clear_bhb_loop+0x40/0x90
[  101.489835][ T7108]  ? clear_bhb_loop+0x40/0x90
[  101.489903][ T7108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.489926][ T7108] RIP: 0033:0x7fc01bd6e9a9
[  101.489946][ T7108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.490016][ T7108] RSP: 002b:00007fc01a38d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  101.490038][ T7108] RAX: ffffffffffffffda RBX: 00007fc01bf96160 RCX: 00007fc01bd6e9a9
[  101.490059][ T7108] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006a040000
[  101.490134][ T7108] RBP: 00007fc01a38d090 R08: 0000000000000000 R09: 0000000000000000
[  101.490150][ T7108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  101.490166][ T7108] R13: 0000000000000001 R14: 00007fc01bf96160 R15: 00007fffba98a858
[  101.490192][ T7108]  </TASK>
[  101.763263][ T7104] EXT4-fs mount: 10 callbacks suppressed
[  101.763283][ T7104] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.916771][ T7104] ext4 filesystem being mounted at /244/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.011429][ T7103] uprobe: syz.1.1248:7103 failed to unregister, leaking uprobe
[  102.032122][ T7115] __nla_validate_parse: 12 callbacks suppressed
[  102.032140][ T7115] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1250'.
[  102.175612][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.189984][ T7126] Failed to initialize the IGMP autojoin socket (err -2)
[  102.286384][ T7137] siw: device registration error -23
[  102.340706][ T7145] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1258'.
[  102.781115][ T7167] loop2: detected capacity change from 0 to 512
[  102.787622][ T7168] loop4: detected capacity change from 0 to 2048
[  102.788031][ T7167] EXT4-fs: Ignoring removed orlov option
[  102.812751][ T7167] EXT4-fs (loop2): VFS: Can't find ext4 filesystem
[  102.813448][ T7168] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.980433][ T7176] siw: device registration error -23
[  103.141580][ T7189] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1273'.
[  103.171822][ T7189] loop3: detected capacity change from 0 to 164
[  103.448428][ T7212] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1267'.
[  103.483142][ T7210] Failed to initialize the IGMP autojoin socket (err -2)
[  104.151867][ T7243] Failed to initialize the IGMP autojoin socket (err -2)
[  104.186013][ T7245] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1291'.
[  104.195083][ T7245] netlink: 212 bytes leftover after parsing attributes in process `syz.2.1291'.
[  104.293892][ T7249] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1293'.
[  104.318102][ T7258] loop2: detected capacity change from 0 to 2048
[  104.345046][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.372514][ T7258] Alternate GPT is invalid, using primary GPT.
[  104.378972][ T7258]  loop2: p2 p3 p7
[  104.486264][ T7271] Failed to initialize the IGMP autojoin socket (err -2)
[  104.504460][   T29] kauditd_printk_skb: 479 callbacks suppressed
[  104.504474][   T29] audit: type=1400 audit(2000000032.629:7920): avc:  denied  { create } for  pid=7272 comm="syz.4.1303" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  104.534006][   T29] audit: type=1400 audit(2000000032.649:7921): avc:  denied  { create } for  pid=7257 comm="syz.2.1297" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  104.553808][   T29] audit: type=1400 audit(2000000032.649:7922): avc:  denied  { setopt } for  pid=7257 comm="syz.2.1297" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  104.573275][   T29] audit: type=1400 audit(2000000032.659:7923): avc:  denied  { write } for  pid=7272 comm="syz.4.1303" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  104.592716][   T29] audit: type=1400 audit(2000000032.659:7924): avc:  denied  { module_request } for  pid=7272 comm="syz.4.1303" kmod="crypto-ecb(cipher_null)" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  104.634554][   T29] audit: type=1400 audit(2000000032.759:7925): avc:  denied  { cpu } for  pid=7277 comm="syz.3.1304" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  104.683856][   T29] audit: type=1400 audit(2000000032.809:7926): avc:  denied  { create } for  pid=7282 comm="syz.0.1305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  104.748877][ T7288] loop4: detected capacity change from 0 to 512
[  104.755894][ T7288] EXT4-fs: Ignoring removed nobh option
[  104.756546][   T29] audit: type=1400 audit(2000000032.889:7927): avc:  denied  { mounton } for  pid=7287 comm="syz.4.1306" path="/258/file1" dev="tmpfs" ino=1429 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  104.763097][ T7288] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.1306: iget: bad i_size value: 38620345925642
[  104.797278][ T7288] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.1306: couldn't read orphan inode 15 (err -117)
[  104.818012][ T7288] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.852451][   T29] audit: type=1400 audit(2000000032.969:7928): avc:  denied  { mount } for  pid=7287 comm="syz.4.1306" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  104.874208][   T29] audit: type=1400 audit(2000000032.969:7929): avc:  denied  { create } for  pid=7290 comm="syz.3.1307" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  104.879051][ T7288] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1306: bg 0: block 5: invalid block bitmap
[  104.928872][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.955130][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  104.962798][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  104.970356][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  104.977776][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  104.985429][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  104.988063][ T7303] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1314'.
[  104.992963][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.009405][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.016933][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.024403][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.031866][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.039487][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.047037][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.053878][ T7301] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1311'.
[  105.054591][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.070901][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.078651][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.086345][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.093802][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.096585][ T7307] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1315'.
[  105.101266][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.101296][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.125170][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.132782][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.140300][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.147882][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.155375][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.163050][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.164417][ T7312] Failed to initialize the IGMP autojoin socket (err -2)
[  105.170495][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.170525][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.192453][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.199880][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.207289][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.214873][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.222277][ T1035] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  105.238375][ T1035] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  105.254730][ T7315] Failed to initialize the IGMP autojoin socket (err -2)
[  105.416144][ T7330] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  105.424763][ T7330] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  105.434917][ T7330] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  105.454809][ T7330] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  105.469579][ T7333] loop4: detected capacity change from 0 to 512
[  105.480243][ T7333] EXT4-fs: Ignoring removed nobh option
[  105.488919][ T7333] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.1323: iget: bad i_size value: 38620345925642
[  105.502934][ T7333] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.1323: couldn't read orphan inode 15 (err -117)
[  105.515728][ T7333] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.536006][ T7333] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1323: bg 0: block 5: invalid block bitmap
[  105.571562][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.700542][ T7343] Failed to initialize the IGMP autojoin socket (err -2)
[  105.913276][ T7353] loop1: detected capacity change from 0 to 512
[  106.100885][ T7355] siw: device registration error -23
[  106.135414][ T7353] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.148428][ T7353] ext4 filesystem being mounted at /256/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  106.170344][ T7353] netlink: 'syz.1.1328': attribute type 13 has an invalid length.
[  106.183428][ T7353] gretap0: refused to change device tx_queue_len
[  106.190123][ T7353] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  106.218885][ T1035] lo speed is unknown, defaulting to 1000
[  106.224699][ T1035] syz0: Port: 1 Link ACTIVE
[  106.405955][ T7364] loop4: detected capacity change from 0 to 2048
[  106.421053][ T7369] Failed to initialize the IGMP autojoin socket (err -2)
[  106.510935][ T7364]  loop4: p1 < > p4
[  106.612480][ T7364] loop4: p4 size 8388608 extends beyond EOD, truncated
[  107.018759][ T7394] Failed to initialize the IGMP autojoin socket (err -2)
[  107.598753][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.635310][ T7424] Failed to initialize the IGMP autojoin socket (err -2)
[  107.668687][ T7428] __nla_validate_parse: 4 callbacks suppressed
[  107.668706][ T7428] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1350'.
[  107.685341][ T7428] binfmt_misc: register: failed to install interpreter file ./bus
[  107.733362][ T7431] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1351'.
[  107.751413][ T7431] netlink: 536 bytes leftover after parsing attributes in process `syz.2.1351'.
[  108.381744][ T7459] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1359'.
[  108.408731][ T7459] loop0: detected capacity change from 0 to 164
[  108.419507][ T7461] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1360'.
[  108.470153][ T1035] kernel write not supported for file bpf-prog (pid: 1035 comm: kworker/1:2)
[  108.557307][ T7467] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1363'.
[  108.589538][ T7467] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1363'.
[  108.606347][ T7469] loop1: detected capacity change from 0 to 2048
[  108.612895][ T7467] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1363'.
[  108.695815][ T7476] loop4: detected capacity change from 0 to 512
[  108.729786][ T7476] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  108.738941][ T7476] EXT4-fs (loop4): orphan cleanup on readonly fs
[  108.754086][ T7476] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  108.830135][ T7476] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  108.844675][ T7476] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1367: bg 0: block 40: padding at end of block bitmap is not set
[  108.887953][ T7476] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  108.940233][ T7476] EXT4-fs (loop4): 1 truncate cleaned up
[  108.946375][ T7476] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  108.962428][ T7493] Failed to initialize the IGMP autojoin socket (err -2)
[  109.045459][ T7476] FAULT_INJECTION: forcing a failure.
[  109.045459][ T7476] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  109.058630][ T7476] CPU: 1 UID: 0 PID: 7476 Comm: syz.4.1367 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(voluntary) 
[  109.058748][ T7476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  109.058765][ T7476] Call Trace:
[  109.058773][ T7476]  <TASK>
[  109.058783][ T7476]  __dump_stack+0x1d/0x30
[  109.058822][ T7476]  dump_stack_lvl+0xe8/0x140
[  109.058847][ T7476]  dump_stack+0x15/0x1b
[  109.058868][ T7476]  should_fail_ex+0x265/0x280
[  109.058900][ T7476]  should_fail+0xb/0x20
[  109.058925][ T7476]  should_fail_usercopy+0x1a/0x20
[  109.058955][ T7476]  _copy_from_user+0x1c/0xb0
[  109.058981][ T7476]  io_submit_one+0x52/0x11d0
[  109.059080][ T7476]  __se_sys_io_submit+0xfb/0x280
[  109.059120][ T7476]  __x64_sys_io_submit+0x43/0x50
[  109.059161][ T7476]  x64_sys_call+0xfc4/0x2fb0
[  109.059234][ T7476]  do_syscall_64+0xd2/0x200
[  109.059254][ T7476]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  109.059279][ T7476]  ? clear_bhb_loop+0x40/0x90
[  109.059379][ T7476]  ? clear_bhb_loop+0x40/0x90
[  109.059401][ T7476]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.059486][ T7476] RIP: 0033:0x7fc01bd6e9a9
[  109.059500][ T7476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.059518][ T7476] RSP: 002b:00007fc01a3cf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  109.059535][ T7476] RAX: ffffffffffffffda RBX: 00007fc01bf95fa0 RCX: 00007fc01bd6e9a9
[  109.059610][ T7476] RDX: 0000200000000100 RSI: 0000000000000001 RDI: 00007fc01cacf000
[  109.059622][ T7476] RBP: 00007fc01a3cf090 R08: 0000000000000000 R09: 0000000000000000
[  109.059633][ T7476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.059644][ T7476] R13: 0000000000000000 R14: 00007fc01bf95fa0 R15: 00007fffba98a858
[  109.059663][ T7476]  </TASK>
[  109.300701][ T7495] siw: device registration error -23
[  109.542893][   T29] kauditd_printk_skb: 437 callbacks suppressed
[  109.542912][   T29] audit: type=1326 audit(2000000037.669:8364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7512 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f665ab3e9a9 code=0x7ffc0000
[  109.591015][   T29] audit: type=1326 audit(2000000037.669:8365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7512 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f665ab3e9a9 code=0x7ffc0000
[  109.616945][   T29] audit: type=1400 audit(2000000037.749:8366): avc:  denied  { read write } for  pid=7500 comm="syz.0.1377" name="virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  109.640684][   T29] audit: type=1400 audit(2000000037.749:8367): avc:  denied  { open } for  pid=7500 comm="syz.0.1377" path="/dev/virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  109.677248][ T7513] Failed to initialize the IGMP autojoin socket (err -2)
[  109.685578][   T29] audit: type=1326 audit(2000000037.799:8368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7512 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f665ab3e9a9 code=0x7ffc0000
[  109.709357][   T29] audit: type=1326 audit(2000000037.799:8369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7512 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f665ab3e9a9 code=0x7ffc0000
[  109.733160][   T29] audit: type=1326 audit(2000000037.799:8370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7512 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f665ab3e9a9 code=0x7ffc0000
[  109.756718][   T29] audit: type=1326 audit(2000000037.799:8371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7512 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f665ab3e9a9 code=0x7ffc0000
[  109.780525][   T29] audit: type=1326 audit(2000000037.799:8372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7512 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f665ab3e9a9 code=0x7ffc0000
[  109.803962][   T29] audit: type=1326 audit(2000000037.799:8373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7512 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f665ab3e9a9 code=0x7ffc0000
[  109.837260][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.969103][ T7529] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1381'.
[  110.006090][ T7531] Failed to initialize the IGMP autojoin socket (err -2)
[  110.034158][ T7526] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1382'.
[  110.060508][ T7536] program syz.4.1386 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  110.063224][ T7539] Failed to initialize the IGMP autojoin socket (err -2)
[  110.138934][ T7547] FAULT_INJECTION: forcing a failure.
[  110.138934][ T7547] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  110.152220][ T7547] CPU: 1 UID: 0 PID: 7547 Comm: syz.2.1390 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(voluntary) 
[  110.152257][ T7547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  110.152273][ T7547] Call Trace:
[  110.152282][ T7547]  <TASK>
[  110.152291][ T7547]  __dump_stack+0x1d/0x30
[  110.152338][ T7547]  dump_stack_lvl+0xe8/0x140
[  110.152373][ T7547]  dump_stack+0x15/0x1b
[  110.152446][ T7547]  should_fail_ex+0x265/0x280
[  110.152478][ T7547]  should_fail+0xb/0x20
[  110.152503][ T7547]  should_fail_usercopy+0x1a/0x20
[  110.152589][ T7547]  strncpy_from_user+0x25/0x230
[  110.152620][ T7547]  ? bpf_trace_run2+0x124/0x1c0
[  110.152653][ T7547]  __se_sys_request_key+0x57/0x290
[  110.152686][ T7547]  __x64_sys_request_key+0x55/0x70
[  110.152776][ T7547]  x64_sys_call+0x2f19/0x2fb0
[  110.152804][ T7547]  do_syscall_64+0xd2/0x200
[  110.152828][ T7547]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  110.152856][ T7547]  ? clear_bhb_loop+0x40/0x90
[  110.152882][ T7547]  ? clear_bhb_loop+0x40/0x90
[  110.152940][ T7547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.152966][ T7547] RIP: 0033:0x7f665ab3e9a9
[  110.152983][ T7547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.153006][ T7547] RSP: 002b:00007f665919f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[  110.153029][ T7547] RAX: ffffffffffffffda RBX: 00007f665ad65fa0 RCX: 00007f665ab3e9a9
[  110.153105][ T7547] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000200000000340
[  110.153121][ T7547] RBP: 00007f665919f090 R08: 0000000000000000 R09: 0000000000000000
[  110.153136][ T7547] R10: 0000000017fba891 R11: 0000000000000246 R12: 0000000000000001
[  110.153151][ T7547] R13: 0000000000000000 R14: 00007f665ad65fa0 R15: 00007ffe61042348
[  110.153176][ T7547]  </TASK>
[  110.383225][ T7553] loop2: detected capacity change from 0 to 512
[  110.413143][ T7553] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  110.430025][ T7553] EXT4-fs (loop2): orphan cleanup on readonly fs
[  110.438852][ T7553] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  110.461501][ T7553] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  110.468857][ T7553] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1394: bg 0: block 40: padding at end of block bitmap is not set
[  110.491390][ T7553] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  110.501036][ T7553] EXT4-fs (loop2): 1 truncate cleaned up
[  110.507097][ T7553] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  110.611714][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.622921][ T7572] loop0: detected capacity change from 0 to 512
[  110.629623][ T7572] EXT4-fs: Ignoring removed nobh option
[  110.649663][ T7572] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.1402: iget: bad i_size value: 38620345925642
[  110.670248][ T7572] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.1402: couldn't read orphan inode 15 (err -117)
[  110.721119][ T7572] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.759915][ T7572] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.1402: bg 0: block 5: invalid block bitmap
[  110.810304][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.857019][ T7583] Failed to initialize the IGMP autojoin socket (err -2)
[  110.966481][ T7581] netlink: 'syz.2.1405': attribute type 13 has an invalid length.
[  111.126516][ T7600] Failed to initialize the IGMP autojoin socket (err -2)
[  111.146039][ T7581] 8021q: adding VLAN 0 to HW filter on device bond0
[  111.155054][ T7581] 8021q: adding VLAN 0 to HW filter on device team0
[  111.166298][ T7581] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  111.188542][ T7604] Failed to initialize the IGMP autojoin socket (err -2)
[  111.229247][ T1035] lo speed is unknown, defaulting to 1000
[  111.235123][ T1035] syz0: Port: 1 Link DOWN
[  111.254249][ T7609] loop2: detected capacity change from 0 to 512
[  111.273782][ T7609] EXT4-fs: Ignoring removed nobh option
[  111.283627][ T7609] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.1416: iget: bad i_size value: 38620345925642
[  111.305464][ T7616] Failed to initialize the IGMP autojoin socket (err -2)
[  111.314308][ T7609] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.1416: couldn't read orphan inode 15 (err -117)
[  111.328029][ T7609] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.361194][ T7609] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1416: bg 0: block 5: invalid block bitmap
[  111.393758][ T7625] loop3: detected capacity change from 0 to 512
[  111.400799][ T7625] EXT4-fs: Ignoring removed nobh option
[  111.414785][ T7625] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.1421: iget: bad i_size value: 38620345925642
[  111.430270][ T7625] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.1421: couldn't read orphan inode 15 (err -117)
[  111.451907][ T7625] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.453120][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.475858][ T7632] netlink: 'syz.0.1422': attribute type 13 has an invalid length.
[  111.511447][ T7625] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1421: bg 0: block 5: invalid block bitmap
[  111.512835][ T7632] 8021q: adding VLAN 0 to HW filter on device bond0
[  111.543357][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.554218][ T7632] 8021q: adding VLAN 0 to HW filter on device team0
[  111.565418][ T7632] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  111.622078][ T7645] netlink: 'syz.1.1427': attribute type 13 has an invalid length.
[  111.646511][ T7645] 8021q: adding VLAN 0 to HW filter on device bond0
[  111.654749][ T7645] 8021q: adding VLAN 0 to HW filter on device team0
[  111.666776][ T7645] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  111.682892][   T10] lo speed is unknown, defaulting to 1000
[  111.688685][   T10] syz0: Port: 1 Link ACTIVE
[  111.722757][ T7653] Failed to initialize the IGMP autojoin socket (err -2)
[  111.736628][ T7655] loop4: detected capacity change from 0 to 512
[  111.746082][ T7655] EXT4-fs: Ignoring removed nobh option
[  111.749010][ T7659] Failed to initialize the IGMP autojoin socket (err -2)
[  111.760530][ T7658] Failed to initialize the IGMP autojoin socket (err -2)
[  111.762194][ T7655] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.1434: iget: bad i_size value: 38620345925642
[  111.780625][ T7655] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.1434: couldn't read orphan inode 15 (err -117)
[  111.793250][ T7655] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.813471][ T7655] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1434: bg 0: block 5: invalid block bitmap
[  111.837182][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.926437][ T7673] FAULT_INJECTION: forcing a failure.
[  111.926437][ T7673] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  111.939603][ T7673] CPU: 1 UID: 0 PID: 7673 Comm: syz.1.1438 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(voluntary) 
[  111.939631][ T7673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  111.939643][ T7673] Call Trace:
[  111.939648][ T7673]  <TASK>
[  111.939655][ T7673]  __dump_stack+0x1d/0x30
[  111.939678][ T7673]  dump_stack_lvl+0xe8/0x140
[  111.939700][ T7673]  dump_stack+0x15/0x1b
[  111.939758][ T7673]  should_fail_ex+0x265/0x280
[  111.939795][ T7673]  should_fail+0xb/0x20
[  111.939821][ T7673]  should_fail_usercopy+0x1a/0x20
[  111.939901][ T7673]  _copy_from_user+0x1c/0xb0
[  111.940008][ T7673]  ___sys_sendmsg+0xc1/0x1d0
[  111.940046][ T7673]  __x64_sys_sendmsg+0xd4/0x160
[  111.940072][ T7673]  x64_sys_call+0x2999/0x2fb0
[  111.940099][ T7673]  do_syscall_64+0xd2/0x200
[  111.940182][ T7673]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  111.940217][ T7673]  ? clear_bhb_loop+0x40/0x90
[  111.940245][ T7673]  ? clear_bhb_loop+0x40/0x90
[  111.940421][ T7673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.940442][ T7673] RIP: 0033:0x7f94cdfde9a9
[  111.940457][ T7673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.940475][ T7673] RSP: 002b:00007f94cc647038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  111.940493][ T7673] RAX: ffffffffffffffda RBX: 00007f94ce205fa0 RCX: 00007f94cdfde9a9
[  111.940509][ T7673] RDX: 0000000000000010 RSI: 00002000000001c0 RDI: 0000000000000006
[  111.940524][ T7673] RBP: 00007f94cc647090 R08: 0000000000000000 R09: 0000000000000000
[  111.940579][ T7673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.940595][ T7673] R13: 0000000000000000 R14: 00007f94ce205fa0 R15: 00007ffdd5905a58
[  111.940620][ T7673]  </TASK>
[  112.160550][ T7682] loop4: detected capacity change from 0 to 1024
[  112.175742][ T7683] vlan2: entered allmulticast mode
[  112.288209][ T7697] loop1: detected capacity change from 0 to 164
[  112.521575][ T7712] loop3: detected capacity change from 0 to 128
[  112.535907][ T7713] Failed to initialize the IGMP autojoin socket (err -2)
[  112.547357][ T7712] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  112.556645][ T7720] Failed to initialize the IGMP autojoin socket (err -2)
[  112.585919][ T7712] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  112.629719][ T7712] 9pnet: Could not find request transport: f�fdno=
[  112.815084][ T7741] bond1: entered promiscuous mode
[  112.820390][ T7741] bond1: entered allmulticast mode
[  112.825864][ T7741] 8021q: adding VLAN 0 to HW filter on device bond1
[  112.833932][ T7744] __nla_validate_parse: 13 callbacks suppressed
[  112.833950][ T7744] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1461'.
[  112.849287][ T7744] netlink: 212 bytes leftover after parsing attributes in process `syz.2.1461'.
[  112.859583][ T7741] bond1 (unregistering): Released all slaves
[  112.862024][ T7745] loop9: detected capacity change from 0 to 7
[  112.873341][ T7745] Buffer I/O error on dev loop9, logical block 0, async page read
[  112.881468][ T7745] Buffer I/O error on dev loop9, logical block 0, async page read
[  112.889510][ T7745]  loop9: unable to read partition table
[  112.896647][ T7745] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  112.896647][ T7745] 
) failed (rc=-5)
[  112.936609][ T7751] Failed to initialize the IGMP autojoin socket (err -2)
[  112.946231][ T7753] Failed to initialize the IGMP autojoin socket (err -2)
[  113.040420][ T7757] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1467'.
[  113.051376][ T7757] loop2: detected capacity change from 0 to 164
[  113.285918][ T7763] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1469'.
[  113.554881][ T7806] netlink: 436 bytes leftover after parsing attributes in process `syz.1.1481'.
[  113.643622][ T7814] Failed to initialize the IGMP autojoin socket (err -2)
[  113.679410][ T7816] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1486'.
[  113.713090][ T7822] loop0: detected capacity change from 0 to 512
[  113.719719][ T7822] EXT4-fs: Ignoring removed nobh option
[  113.732466][ T7822] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.1488: iget: bad i_size value: 38620345925642
[  113.746574][ T7822] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.1488: couldn't read orphan inode 15 (err -117)
[  113.760892][ T7822] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.781137][ T7822] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.1488: bg 0: block 5: invalid block bitmap
[  113.785753][ T7828] loop1: detected capacity change from 0 to 1024
[  113.796563][ T7831] siw: device registration error -23
[  113.809056][ T7831] loop2: detected capacity change from 0 to 512
[  113.815971][ T7831] EXT4-fs: Ignoring removed orlov option
[  113.821959][ T7831] EXT4-fs: Ignoring removed nomblk_io_submit option
[  113.828708][ T7831] ext4: Unknown parameter 'fsname'
[  113.835249][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.840947][ T7831] loop2: detected capacity change from 0 to 1024
[  113.850462][ T7828] EXT4-fs: Ignoring removed orlov option
[  113.850958][ T7831] ext4: Unknown parameter 'smackfshat'
[  113.870007][ T7831] ip6gre1: entered allmulticast mode
[  113.897990][ T7828] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.920161][ T7828] EXT4-fs (loop1): shut down requested (0)
[  113.927484][ T7828] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  113.937444][ T7828] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  113.950001][ T7828] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  113.985272][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.044457][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.048906][ T7844] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1496'.
[  114.052281][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.068720][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.076349][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.083872][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.091422][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.098967][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.106501][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.114014][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.121620][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.129104][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.136628][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.144347][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.152165][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.159733][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.167185][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.174759][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.182204][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.189614][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.197059][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.198256][ T7852] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1498'.
[  114.204500][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.213492][ T7852] unsupported nlmsg_type 40
[  114.220860][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.232912][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.240368][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.247786][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.255290][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.262783][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.270239][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.277739][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.285316][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.292778][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.300215][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  114.310610][ T7852] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1498'.
[  114.311139][   T36] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  114.329508][ T7852] netem: change failed
[  114.353025][ T7854] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1498'.
[  114.401859][ T7858] SELinux:  Context system_u:object_r:netutils_exec_t:s0 is not valid (left unmapped).
[  114.476211][ T7865] ip6gre1: left allmulticast mode
[  114.593310][   T29] kauditd_printk_skb: 1292 callbacks suppressed
[  114.593325][   T29] audit: type=1400 audit(2000000042.719:9665): avc:  denied  { write } for  pid=7873 comm="syz.3.1505" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  114.660698][   T29] audit: type=1400 audit(2000000042.789:9666): avc:  denied  { create } for  pid=7873 comm="syz.3.1505" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  114.687680][   T29] audit: type=1326 audit(2000000042.789:9667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7880 comm="syz.0.1507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[  114.711191][   T29] audit: type=1326 audit(2000000042.789:9668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7880 comm="syz.0.1507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[  114.734855][   T29] audit: type=1326 audit(2000000042.789:9669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7880 comm="syz.0.1507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[  114.758346][   T29] audit: type=1326 audit(2000000042.789:9670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7880 comm="syz.0.1507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[  114.781898][   T29] audit: type=1326 audit(2000000042.789:9671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7880 comm="syz.0.1507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[  114.805455][   T29] audit: type=1326 audit(2000000042.789:9672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7880 comm="syz.0.1507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[  114.828885][   T29] audit: type=1326 audit(2000000042.789:9673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7880 comm="syz.0.1507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[  114.852416][   T29] audit: type=1326 audit(2000000042.789:9674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7880 comm="syz.0.1507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[  115.409155][ T3361] lo speed is unknown, defaulting to 1000
[  115.415046][ T3361] syz0: Port: 1 Link DOWN
[  115.619150][ T7937] loop1: detected capacity change from 0 to 512
[  115.665354][ T7937] EXT4-fs: Ignoring removed nobh option
[  115.686599][ T7937] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.1526: iget: bad i_size value: 38620345925642
[  115.786476][ T7937] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.1526: couldn't read orphan inode 15 (err -117)
[  115.854152][ T7937] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.876454][ T7937] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1526: bg 0: block 5: invalid block bitmap
[  115.924257][ T7957] netlink: 'syz.2.1533': attribute type 13 has an invalid length.
[  115.955167][ T7957] 8021q: adding VLAN 0 to HW filter on device bond0
[  115.964016][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.986426][ T7957] 8021q: adding VLAN 0 to HW filter on device team0
[  116.005088][ T7957] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  116.073741][ T7969] Failed to initialize the IGMP autojoin socket (err -2)
[  116.312260][ T7985] Failed to initialize the IGMP autojoin socket (err -2)
[  116.363512][ T7987] Failed to initialize the IGMP autojoin socket (err -2)
[  116.453399][ T7995] loop1: detected capacity change from 0 to 512
[  116.467428][ T7995] EXT4-fs: Ignoring removed nobh option
[  116.489815][ T7995] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.1548: iget: bad i_size value: 38620345925642
[  116.525437][ T7995] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.1548: couldn't read orphan inode 15 (err -117)
[  116.539124][ T7995] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.598390][ T7995] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1548: bg 0: block 5: invalid block bitmap
[  116.624604][ T8008] random: crng reseeded on system resumption
[  116.641439][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.661535][ T7999] loop4: detected capacity change from 0 to 8192
[  116.702895][ T7999] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF
[  116.711550][ T7999] FAT-fs (loop4): Filesystem has been set read-only
[  116.778009][ T8018] IPv6: Can't replace route, no match found
[  116.784860][ T8014] netlink: 'syz.2.1557': attribute type 13 has an invalid length.
[  116.798303][ T8014] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  116.856929][ T8022] FAULT_INJECTION: forcing a failure.
[  116.856929][ T8022] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  116.870201][ T8022] CPU: 1 UID: 0 PID: 8022 Comm: syz.0.1559 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(voluntary) 
[  116.870236][ T8022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  116.870249][ T8022] Call Trace:
[  116.870255][ T8022]  <TASK>
[  116.870262][ T8022]  __dump_stack+0x1d/0x30
[  116.870284][ T8022]  dump_stack_lvl+0xe8/0x140
[  116.870304][ T8022]  dump_stack+0x15/0x1b
[  116.870363][ T8022]  should_fail_ex+0x265/0x280
[  116.870394][ T8022]  should_fail+0xb/0x20
[  116.870421][ T8022]  should_fail_usercopy+0x1a/0x20
[  116.870472][ T8022]  _copy_from_user+0x1c/0xb0
[  116.870493][ T8022]  get_timespec64+0x4c/0x100
[  116.870514][ T8022]  __x64_sys_clock_settime+0x116/0x190
[  116.870549][ T8022]  x64_sys_call+0x2870/0x2fb0
[  116.870594][ T8022]  do_syscall_64+0xd2/0x200
[  116.870613][ T8022]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  116.870640][ T8022]  ? clear_bhb_loop+0x40/0x90
[  116.870661][ T8022]  ? clear_bhb_loop+0x40/0x90
[  116.870761][ T8022]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.870782][ T8022] RIP: 0033:0x7fa52ce8e9a9
[  116.870797][ T8022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.870815][ T8022] RSP: 002b:00007fa52b4f7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e3
[  116.870901][ T8022] RAX: ffffffffffffffda RBX: 00007fa52d0b5fa0 RCX: 00007fa52ce8e9a9
[  116.870939][ T8022] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 00000000fffffffb
[  116.870951][ T8022] RBP: 00007fa52b4f7090 R08: 0000000000000000 R09: 0000000000000000
[  116.870964][ T8022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.870975][ T8022] R13: 0000000000000000 R14: 00007fa52d0b5fa0 R15: 00007ffdebfb9698
[  116.870994][ T8022]  </TASK>
[  117.199732][ T8037] IPv6: Can't replace route, no match found
[  117.206545][ T8034] netlink: 'syz.0.1565': attribute type 13 has an invalid length.
[  117.225841][ T8034] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  117.290417][ T8042] Failed to initialize the IGMP autojoin socket (err -2)
[  117.469796][ T8060] bridge0: entered promiscuous mode
[  117.475986][ T8060] bond0: entered promiscuous mode
[  117.481077][ T8060] bond_slave_0: entered promiscuous mode
[  117.486890][ T8060] bond_slave_1: entered promiscuous mode
[  117.501493][ T8060] hsr1: Slave A (bridge0) is not up; please bring it up to get a fully working HSR network
[  117.559259][ T8060] hsr1: entered allmulticast mode
[  117.564464][ T8060] bridge0: entered allmulticast mode
[  117.569794][ T8060] bond0: entered allmulticast mode
[  117.575004][ T8060] bond_slave_0: entered allmulticast mode
[  117.580793][ T8060] bond_slave_1: entered allmulticast mode
[  117.758686][ T8072] Failed to initialize the IGMP autojoin socket (err -2)
[  118.134128][ T8083] __nla_validate_parse: 14 callbacks suppressed
[  118.134144][ T8083] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1584'.
[  118.200432][ T8089] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1585'.
[  118.811934][ T8105] Failed to initialize the IGMP autojoin socket (err -2)
[  119.199371][ T8128] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1596'.
[  119.257663][ T8134] netlink: 'syz.3.1599': attribute type 13 has an invalid length.
[  119.289753][ T8134] 8021q: adding VLAN 0 to HW filter on device bond0
[  119.299393][ T8134] 8021q: adding VLAN 0 to HW filter on device team0
[  119.311689][ T8134] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  119.334205][ T8140] Failed to initialize the IGMP autojoin socket (err -2)
[  119.345321][ T8139] Failed to initialize the IGMP autojoin socket (err -2)
[  119.353817][ T8142] Failed to initialize the IGMP autojoin socket (err -2)
[  119.578931][ T8161] hsr1: left allmulticast mode
[  119.583910][ T8161] bridge0: left allmulticast mode
[  119.589022][ T8161] bond0: left allmulticast mode
[  119.594006][ T8161] bond_slave_0: left allmulticast mode
[  119.599500][ T8161] bond_slave_1: left allmulticast mode
[  119.605483][   T29] kauditd_printk_skb: 392 callbacks suppressed
[  119.605501][   T29] audit: type=1326 audit(2000000047.739:10067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8130 comm="syz.0.1598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa52ce85967 code=0x7ffc0000
[  119.636134][   T29] audit: type=1326 audit(2000000047.739:10068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8130 comm="syz.0.1598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa52ce2ab89 code=0x7ffc0000
[  119.659670][   T29] audit: type=1326 audit(2000000047.739:10069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8130 comm="syz.0.1598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[  119.681182][ T8174] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1611'.
[  119.683451][   T29] audit: type=1326 audit(2000000047.739:10070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8130 comm="syz.0.1598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa52ce85967 code=0x7ffc0000
[  119.693023][ T8161] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1606'.
[  119.715837][   T29] audit: type=1326 audit(2000000047.739:10071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8130 comm="syz.0.1598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa52ce2ab89 code=0x7ffc0000
[  119.748717][   T29] audit: type=1326 audit(2000000047.739:10072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8130 comm="syz.0.1598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[  119.772424][   T29] audit: type=1326 audit(2000000047.759:10073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8130 comm="syz.0.1598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa52ce85967 code=0x7ffc0000
[  119.796113][   T29] audit: type=1326 audit(2000000047.759:10074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8130 comm="syz.0.1598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa52ce2ab89 code=0x7ffc0000
[  119.819595][   T29] audit: type=1326 audit(2000000047.759:10075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8130 comm="syz.0.1598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7fa52ce8e9a9 code=0x7ffc0000
[  119.845344][   T29] audit: type=1326 audit(2000000047.859:10076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8130 comm="syz.0.1598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa52ce85967 code=0x7ffc0000
[  119.916669][ T8193] Failed to initialize the IGMP autojoin socket (err -2)
[  120.014096][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.021773][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.029600][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.037234][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.044823][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.052688][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.060123][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.067670][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.075105][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.082629][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.090065][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.097496][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.104943][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.112445][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.119936][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.127411][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.134848][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.142288][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.149714][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.157179][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.164615][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.172219][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.179682][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.187226][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.194658][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.202091][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.209512][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.217046][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.224527][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.232073][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.239521][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.247065][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  120.265524][   T10] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  120.351267][ T8228] loop1: detected capacity change from 0 to 1024
[  120.358093][ T8228] EXT4-fs: Ignoring removed nomblk_io_submit option
[  120.368641][ T8216] ==================================================================
[  120.376774][ T8216] BUG: KCSAN: data-race in __anon_vma_prepare / handle_mm_fault
[  120.384467][ T8216] 
[  120.386820][ T8216] write to 0xffff888115e641c0 of 8 bytes by task 8215 on cpu 1:
[  120.394487][ T8216]  __anon_vma_prepare+0x172/0x2f0
[  120.399568][ T8216]  handle_mm_fault+0x1d19/0x2be0
[  120.404540][ T8216]  do_user_addr_fault+0x3fe/0x1090
[  120.409711][ T8216]  exc_page_fault+0x62/0xa0
[  120.414274][ T8216]  asm_exc_page_fault+0x26/0x30
[  120.419159][ T8216] 
[  120.421520][ T8216] read to 0xffff888115e641c0 of 8 bytes by task 8216 on cpu 0:
[  120.429106][ T8216]  handle_mm_fault+0xe8e/0x2be0
[  120.434015][ T8216]  __get_user_pages+0x1036/0x1fb0
[  120.439085][ T8216]  __mm_populate+0x243/0x3a0
[  120.443715][ T8216]  vm_mmap_pgoff+0x232/0x2e0
[  120.448351][ T8216]  ksys_mmap_pgoff+0xc2/0x310
[  120.453080][ T8216]  x64_sys_call+0x1602/0x2fb0
[  120.457979][ T8216]  do_syscall_64+0xd2/0x200
[  120.462522][ T8216]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.468457][ T8216] 
[  120.470804][ T8216] value changed: 0x0000000000000000 -> 0xffff888106017548
[  120.477950][ T8216] 
[  120.480304][ T8216] Reported by Kernel Concurrency Sanitizer on:
[  120.486509][ T8216] CPU: 0 UID: 0 PID: 8216 Comm: syz.2.1623 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(voluntary) 
[  120.498963][ T8216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  120.509136][ T8216] ==================================================================
[  120.539355][ T8228] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  120.592022][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.