last executing test programs:

1m33.242780154s ago: executing program 4 (id=98):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x54, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0xd}, 0x10000, 0x10000, 0x0, 0x1, 0x8, 0x20006, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mlock2(&(0x7f0000d92000/0x4000)=nil, 0x4000, 0x0)
munmap(&(0x7f000060f000/0x4000)=nil, 0x4000)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f0000000440)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r4, 0x0)
connect$unix(r3, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
accept(r4, 0x0, 0x0)
bind$bt_hci(r1, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8f0, &(0x7f0000002400)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r1, &(0x7f0000000040)='\x00\x00\x00\x00\x00\x00', 0x6, 0x0, 0x0, 0x2}])
io_cancel(r5, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xfff7, r0, &(0x7f0000000280)="cbaf10586cae2482207b272e6f65febad7542d456c398f83a2acf98addb0012936adcd96a3030ea9cb619b93378546ec62bb42a6ff52a98b05ac57d4a787c4dc661c6c47905085f278b51093e6d835", 0x4f, 0x6, 0x0, 0x1}, &(0x7f0000000100))
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000240)={'wg1\x00'})
pwritev2(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x3000, 0x3)

1m33.046234531s ago: executing program 4 (id=100):
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f0000000240)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xffb}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x4000}}, {@errors_remount}, {@jqfmt_vfsold}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2, 0x2010, r0, 0xa00ab000)
unshare(0x22020600)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents(r1, &(0x7f0000000040)=""/215, 0xd7)

1m32.880420867s ago: executing program 4 (id=103):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f0000000040)='%ps    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), r2)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f0000000080)={'wg2\x00', <r4=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000d00)={&(0x7f0000000880)=ANY=[@ANYBLOB="2c020000", @ANYRES16=r3, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d7843e40108804400208024000100000000000100000000000000fdffff01000000000000000000000000000000001400040003000000ac1414bb00000000000000000600050000000000000100802400020073e591ec06154031d3954ac0e16752e72640f08b5281a8461d17d26d12f2bbb6060005000021000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39228c00098028000080060001000a0000001400020020010000000000000000000002000001050003000000000088000080060001000a000000140002002001000000f800000000000000000002050003000000001003800080060001008c0e000008000200ac1414aa05000300000000001c000080060001000200000008000200ac1414bb0500030000000000200004000e00000000000000fe800000000000000000000000000000000000009c0000802400020073961633df6dc9cb418b15afd0bae7b90f1e6cfed8bb423cf9285c474163154908000a00010000002400010000000000000000000000000000000000000000000000000000000000000000004800098028000080060001000a00000014000200fe8000000000000000000000000000bb05000300000000001c000080060001000200000008000200000000000500030000000000080005000100000008000100", @ANYRES32=r4], 0x22c}}, 0x0)

1m32.79737028s ago: executing program 4 (id=108):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000580)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000000}}, {@noauto_da_alloc}, {@dioread_nolock}, {@dax_inode}, {@nobarrier}, {@nodelalloc}, {@minixdf}, {@lazytime}]}, 0x1, 0xba6, &(0x7f0000000c00)="$eJzs3M1rXFUUAPDzXj7bRicVEeumEZEWxGlaSbFFsJWKGxeCboWGdFJCph8kkZo0i4n+A6KuBTeCWpQu7LobBbdutG4tLoQisVEQ0cibjyQ2M0naTvJq8vvBzbt3zpvcc/KYeffCTALYsQayH2nEvog4nUQU6o+nEdFd7fVGVGrnLczPjvwxPzuSxOLi678mkUTE7fnZkcbvSurHPfVBb0R891ISj7y7et7J6Znx4XK5NFEfH5o6d/HQ5PTMs2Pnhs+WzpbOHz76/NCRoaODx4baVuufP5249vuTr/xc+euzv6/89sEnSZyIvnpsZR3tMhADS3+TlTojYrjdk+Wko17PyjqTznWelG5yUgAAtJSuWMM9FoXoiOXFWyG+/j7X5AAAAIC2WOyIWAQAAAC2ucT+HwAAALa5xucAbs/PjjRavp9I2Fq3TkZEf63+hXqrRTqjUj32RldE7L6dxMqvtSa1p923gYi4+eOxL7MWm/Q95LVU5iLi8WbXP6nW31/9Fvfq+tOIGGzD/AN3jP9P9Z9ow/x51w/AznT9ZO1Gtvr+ly6tf6LJ/a+zyb3rXuR9/2us/xZWrf+W6+9osf57bYNzXP70o0utYln9L1x7+YtGy+bPjvdV1F24NRfxRGez+pOl+pMW9Z/e4ByFfy6VWsXyrn/x44gD0bz+hmTt/090aHSsXBqs/Ww6x9y3Q5+3mj/v+rPrv7tF/etd/4sbnOPNU6eutoqtX3/6S3fyRrXXXX/k7eGpqYnDEd3Jq6sfP7J2Lo1zGr8jq//gU2u//pvVn70nVOp/h2wvMFc/ZuN37pjzxSuXv1qr/mzvl+f1P3OP1/+9Dc7x9DfvH2wVW7n/zVo2/82kthcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIY0IvoiSYtL/TQtFiP2RMSjsTstX5icemb0wlvnz2SxiP7oSkfHyqXBiCjUxkk2PlztL4+P3DF+LiL2RsSHhV3VcXHkQvlM3sUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwZE9E9EWSFiMijYiFQpoWi3lnBQAAALRdf94JAAAAAJvO/h8AAAC2P/t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANtne/ddvJBFROb6r2jLd9VhXrpkBmy3NOwEgNx15JwDkpjPvBIDc3OUe33IBtqFknXhvy0hP23MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4MF1YN/1G0lEVI7vqrZMdz3W1fQZ+7cwO2AzpXknAOSmY61g59blAWw9L3HYuZrv8YGdJFkn3rt8TuW/kZ5NywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAB09ftSVpMSLSaj9Ni8WIhyKiP7qS0bFyaTAiHo6IHwpdPdm4J++kAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLvJ6Znx4XK5NKGjo5NvJ3kw0qh18n5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD5PTM+PD5XJpYjLvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC8TU7PjA+Xy6WJDXSu3s3JKzp51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+DQAA//+LYA3r")
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1b73404, 0x0)
chroot(&(0x7f0000000000)='./file0\x00')
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000032500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000850000000f000000bf91000000000000b7020000002000008500000084000000b70000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000680)='kfree\x00', r3}, 0x18)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REG(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)={0x58, r6, 0x1, 0x70bd2c, 0x25dfdc00, {}, [@NL80211_ATTR_REG_RULES={0x3c, 0x22, 0x0, 0x1, [{0x4}, {0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x3}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x660}]}, {0x4}, {0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x7}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x2}]}, {0x4}, {0x4}]}, @NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'a\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x4040001}, 0x8000)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_DEL_PMK(r7, 0x0, 0x4840)
sendmsg$NL80211_CMD_VENDOR(r4, 0x0, 0x48010)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a0000"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syslog(0x1, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r8}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = mq_open(&(0x7f0000000680)='\xa1sxt\x1a\x00\x00\x01\x88\xc7d\x00\x00\x00\x00\x00\xf6\xf1\\\'\xbb|\xe2\xd1\x8b}\x8cI\xc5\xb3\x15\xd7\xd6,\x10V\a\x11\xb3l\xa6\xed\x8e\xaf\xa7y\f\x9d[\xe4\xa3\xa8y\'(\xad\xc3\x1e\xb2P\xb0+\x97\x9e\t\x9b\xba\xf6=AP\xcb\xc2\x8f\xf3o\x81\x9bQ\v\xacc(|\v~\x02F\x17\x02;\b\xbcq\x10R\x1e\xc7\xdd\xb4\x88\x9d\xf3K\x9a\xa8\xbb\xd0%\xa9\xd4\x1a\xb5\x81v@\r\xcao\x99,\xbe\xe5W E\xc5C\x84B\x88\xd2a\x1e\x15\a\x92\x89V\x18\xbb\xdb\xfbf\xf9\xc02\xb3nW>\x1ex\xfb\x91Z\x91#\x00\r\xb1u\xa3]S\x91C\x8d\xc4\xe3\x87\x80\xde\x116m\xe0=J\xb0\xc6\xd6I~EY\xed\x1a\ben\xa2\v\xc2((\xd0\x8b\xe8^\xb0\x01\x00\xdb\xa6=\x9dD\x80DY\x9f\x83|f\a}{\xa9q`\xa7\xaaT\xacX\xc7\x89\xda\x19\xf5\x97\xab\xc9\xda\x06\xfc\xd3=\"+~\x8e\\\xe6\x0f\xa1\a\x04\xf1/X\xb79\x02\xed\xab\x04r{\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x100, &(0x7f0000000300)={0x0, 0x1, 0x8})
mq_timedsend(r9, 0x0, 0x0, 0x0, 0x0)

1m32.636420675s ago: executing program 4 (id=114):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x111, 0x4}}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e}, 0x94)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000280)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x7fe, @empty, 0x1}, {0xa, 0x4e20, 0x1ff, @dev={0xfe, 0x80, '\x00', 0x1d}, 0x2}, r2, 0xb}}, 0x48)

1m32.439970653s ago: executing program 4 (id=118):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00'}, 0x10)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201"], 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1m32.328567236s ago: executing program 32 (id=118):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00'}, 0x10)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201"], 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

19.757357754s ago: executing program 0 (id=1476):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r3, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20040018}, 0x0)
r4 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r4, 0x402, 0x5)
r5 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r5, 0x402, 0x8000001f)
r6 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r6, 0x402, 0x8000003d)
close_range(r5, r6, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r8 = openat$cgroup_devices(r7, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r8, &(0x7f0000000140)=ANY=[@ANYBLOB='c 75:*\tmmm'], 0xa)
sendmsg$inet(r3, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0xff0f}], 0x1}, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x21, &(0x7f0000000040), 0x4)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001180)=@newtaction={0x898, 0x30, 0x12f, 0x0, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x2, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x247ecded, 0x0, 0x80000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xb, 0x37, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0xb, 0x0, 0x0, 0x9, 0xfffffffd, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x5, 0x0, 0x0, 0x0, 0x9, 0x5, 0x0, 0x0, 0x3, 0x0, 0x1]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x10000004a56}, @TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x5, 0x0, 0x2, 0xb, 0xfffffffb, 0x0, 0x7, 0xfea7, 0x1, 0xffff8000, 0x90, 0x9fd, 0x2, 0xb8, 0xca2, 0x6, 0x3c, 0x7, 0x1, 0xa89c, 0x400, 0xc, 0x492217a0, 0xff, 0x5, 0x3, 0x1ff, 0xe5, 0x2d, 0xd, 0x3, 0xa, 0x3, 0x1, 0x9, 0x11, 0x188, 0x6, 0x3ff, 0x7, 0xd, 0x3, 0xc0000, 0x8, 0x8, 0xffffff40, 0x100, 0x3, 0x5, 0x7, 0xe0b2, 0x1, 0x8fc, 0xbf0, 0x9, 0x3, 0x9, 0x7ffffffd, 0x6, 0x0, 0x8, 0x800, 0x9, 0x4, 0x100, 0x401, 0x8, 0x3, 0xb5, 0x10001, 0x401, 0x1, 0x7f, 0x0, 0x8, 0x2, 0x7f, 0x0, 0x2, 0x4, 0x0, 0x1000004, 0x8000, 0x0, 0x9, 0x80, 0x7, 0x5, 0x1, 0x0, 0x7, 0xeb22, 0xd, 0x8000, 0xfffffff7, 0x0, 0x4, 0x3ff, 0x400000, 0x10, 0x5, 0x3, 0x10000, 0x5, 0x1, 0x0, 0x2, 0x6, 0x5, 0x6, 0xe5a, 0x4, 0x2, 0x81, 0xd44, 0x10, 0x6, 0x7fff, 0x800, 0xfffffff4, 0x10000, 0x5, 0x8, 0xba, 0x2, 0x89, 0x2, 0x6, 0x6, 0x9, 0xffffa3e0, 0x86b9, 0xff, 0x1, 0x2, 0xf, 0x24b9, 0x3a, 0xe01, 0x1, 0x6430, 0xd, 0x8, 0x0, 0x3, 0x7eb6, 0x3, 0x0, 0x200, 0xfffffeff, 0x9, 0xff, 0xa, 0x6, 0x7, 0x100, 0x1, 0x8001, 0x100, 0xffff9c71, 0x8, 0x101, 0x6, 0x2, 0xfffffc00, 0x81, 0x81, 0x200, 0x80000001, 0x1, 0xfffffffd, 0x9, 0x7, 0x4, 0xb, 0x80, 0x0, 0x0, 0x0, 0x5, 0x2, 0x65, 0x4, 0xfffffa0c, 0x3, 0x0, 0x2, 0x4, 0x35bc0, 0x9, 0xfffffffa, 0x7, 0x5, 0x3, 0x0, 0x6, 0x8, 0x28, 0x2, 0x5, 0x10001, 0x2, 0xf, 0xffffffff, 0x1, 0x723, 0x0, 0x9, 0x9, 0x4, 0x6, 0x7, 0x200, 0xfffffbff, 0x7, 0x3, 0x8, 0x5, 0xfffffffb, 0x2, 0x7f, 0x2, 0x80000002, 0x0, 0x9, 0x1ff, 0xfffffffe, 0x928, 0x4, 0xffffffff, 0x5, 0x6042, 0xb85, 0x6, 0x8d8d, 0x55, 0x101, 0x3, 0x64e8, 0x8, 0x82f, 0x772, 0x80a, 0xffe, 0x6, 0x3f7, 0x4, 0x8, 0x8, 0x1, 0x5d, 0x9, 0xd, 0x80]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x3}}}}]}]}, 0x898}, 0x1, 0x0, 0x0, 0x50}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)=@gettfilter={0x2c, 0x2e, 0x400, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xa, 0x3}, {0x2, 0x8}, {0xfff2, 0xffe0}}, [{0x8, 0xb, 0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)
recvmsg(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)
close(r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='rxrpc_rx_eproto\x00', r0, 0x0, 0x81}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r10 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000080)={'veth0_to_hsr\x00', <r11=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newqdisc={0x58, 0x24, 0xd0f, 0x70bd2b, 0x25dfdbfe, {0x60, 0x0, 0x0, r11, {0x0, 0x8}, {0xffff, 0xffff}, {0xfff2, 0xc}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x5, 0x29f1, 0x4, 0x4, 0x4, 0x1, 0x0, 0x8, 0xcc97bc8}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000000}, 0x3000c81c)

19.502681893s ago: executing program 0 (id=1484):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00'}, 0x10)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0x511e36599023629, 0x100040, 0x1b35, 0x2, 0x2, 0x2, 0x0, 0x0, 0x5, 0x1})
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f00000004c0)={{0x80}, 'port0\x00', 0x8, 0x100c75, 0xffefffff, 0x4, 0x1ff, 0x0, 0x0, 0x0, 0x6})

19.493153323s ago: executing program 0 (id=1486):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f0000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000000), &(0x7f0000000040)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r2}, 0x10)
pipe2$9p(&(0x7f0000001900)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
r6 = dup(r5)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x4000, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[], [], 0x6b}})

19.418751876s ago: executing program 0 (id=1488):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[], 0x57)
r1 = socket(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_NON_HH_WEIGHT={0x8}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80884}, 0x20000000)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1)

19.352329878s ago: executing program 0 (id=1490):
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2, &(0x7f0000000280)={[{@jqfmt_vfsold}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@nombcache}, {@noload}, {@debug}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@bsdgroups}, {@barrier_val={'barrier', 0x3d, 0x53}}]}, 0xfa, 0x477, &(0x7f0000001380)="$eJzs3M9vFFUcAPDvTH/w21bEHyBIFY3EHy0tP+TgRaMJB01M9IDxVNtCKgs1tCZCiFYPeDQk3o3/hfGkF6NeNPGqd0NCDBdQL2tmZwaWZbfd0m0X2M8nme57M6/73ndm3u6bebsbQM8ayf4kEVsj4o+IGMqztxYYyR+uX70w9c/VC1NJVKtv/53Uyl27emGqLFr+35Y8U60W+Q1N6r34XsRkpTJztsiPLZz+cGz+3PkXZ09Pnpw5OXNm4ujRQwf3DB6ZONyROLO4ru36ZG73zmPvXnpz6vil939O0sjjjoY4OmUk37tNPdPpyrpsW1066a/fsvfXm+lmZwLd1BcR2eEaqPX/oeiLTTe2DcXrn3e1ccCaqlar1SVelRerwH0siW63AOiO8o0+u/4tl3UaetwVrrySXwBlcV8vlnxLf6R5Yu9Aw/Xt1g7WPxIRxxf//TpbYo3uQwAA1Ps+G/+80Gz8l8YjeWIw+/NAMYcyHBEPRsT2iHgoInZExMMRtbKPRsRjK6y/cYbk9vFPevmOg2tDNv57uZjbunX8l5ZFhvuK3LZa/APJidnKzIFin+yPgQ0nZpOZ8SXq+OG1379sta1+/JctWf3lWLBox+X+hht005MLk6uJud6VzyJ29TeLP4lyGieJiJ0RsesO65h9rr/ltuXjX0Lrp21b9ZuIZ/PjvxgN8ZeSlvOT4y8dmTg8tjEqMwfGyrPidr/8dvGtVvWvKv4OyI7/5qbn/434h5ONEfPnzp+qzdfOr+jps64TF//8ouU1TRF/1r3aOf+PbSvO/8HkndqKwWLDx5MLC2fHIwaTN25fP3Hz2cp8WT6Lf/++5v1/e9zcE49HxO6I2BMRT2QXhUXbn4yIpyJi3xI74adXn/5gmfibHP/1mSvN4p9e7vhH/fFfeaLv1I/fLR//xohodfwP1VL7izXtvP6128DV7DsAAAC4V+SfgU/S0RvpNB0dzT/DvyM2p5W5+YXnT8x9dGY6n/cejoG0vNM1VHc/dLy4N1zmJxryB4v7xl/1barlR6fmKtPdDh563JYW/T/zV1+3WwesuQ7MowH3KP0fepf+D70p0f+hp+n/0Lua9f9PW5Ye/XZNGwOsK+//0Lva6P+L+UPrUQFwb/L+D71L/4ee1PK78emqvvK/7on/it8zvFvac/8nIr0rmnH/J/rb/jGLFSSqQ3n/z9ZsaFqm269MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfF/AAAA//8Qi+Nc")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
io_setup(0x7d, &(0x7f0000000600))
socket$inet_udp(0x2, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x47)
syz_usbip_server_init(0x1)
r3 = syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
kcmp$KCMP_EPOLL_TFD(r3, r3, 0x7, 0xffffffffffffffff, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff, 0x8})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x9, 0x0, 0x0, 0x40f00, 0x46, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94)
futex(&(0x7f000000cffc)=0x1, 0x6, 0xffffffff, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x6, 0xf0, 0x0, 0x0, 0x0)
timer_create(0x7, &(0x7f0000000680)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
prlimit64(0x0, 0xc, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
mq_open(0x0, 0x40, 0x5e, &(0x7f0000000440)={0x2000000000002000, 0x2000005, 0x7fffffffffffffff, 0x3})
syz_emit_ethernet(0x16, &(0x7f0000000000)={@local, @empty, @val={@val={0x88a8, 0x0, 0x0, 0x2}, {0x8100, 0x5, 0x0, 0x4}}, {@generic={0x8100}}}, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)

15.90184326s ago: executing program 0 (id=1545):
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x7}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=r0, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000040), &(0x7f0000000080)=r2}, 0x20)
writev(r0, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}], 0x1)

1.12687646s ago: executing program 5 (id=1905):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="9feb01001800000000000000a8000000a800000003000000020000000100000604000000080000000400000006000000000000020100000003000000060000060400000010000000070000000b0000004d0a000009000000020400000200000007000000080000000200000003000000040000000f0001000000000b000000000d0000000000000903000000030000000000000a040000000000001b00000003000000000400000005000000050000000a00000000000001000000092f0049020000003f88c3befb88d6c49b0741379142cbafd6ed50a9a4580e564ed2789f8121256121e894826870c5dacbd454d9ba0405a1595cf7602d26b77bd010e2b2ee774e477acf97a3a91ed414c1aa6eb1f822500556fd959fa46c92c44144404e7c8bcce5b6ff22f8ec218b1fd24750a561d149d49504d2eee4604806d3529bcfb23701e73c3ffd396b223cf58ebe49243ff715f0f1487e51ac80cc799a17f473018f149602beb6665afb1c697afd7cf6e58b8ad6b40e28bf2d9ca905a3dd457cbfe1c8f8bc244b12e7aa7e145ad2fc937f2d04377817a670abc9e016fd295cf9713b92f5cb0483cb0afd751a209f50c52c70861bae"], &(0x7f0000000780)=""/248, 0xc3, 0xf8, 0x0, 0x1, 0x10000}, 0x28)
r1 = socket(0x25, 0x3, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x7, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x58, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x4, 0x5}}, @TCA_STAB={0x22, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}]}]}, 0x58}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', r3, @fallback, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r5 = eventfd2(0xce77, 0x800)
r6 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x141840, 0x0)
splice(r1, &(0x7f00000000c0)=0x200, r6, &(0x7f0000000240)=0x4b7f, 0xfffffffffffffffa, 0x4)
r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x8000)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r7, 0x40345410, &(0x7f00000083c0)={{0x1}})
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x3c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r8, 0x0, 0x1}, 0x18)
close_range(r5, r7, 0x0)
r9 = socket$kcm(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000480)={{r1}, &(0x7f0000000340), &(0x7f0000000440)='%pI4   \x00'}, 0x20)
setsockopt$sock_attach_bpf(r9, 0x1, 0x2e, &(0x7f0000000640)=r4, 0x4)
recvmsg(r9, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xff79}, 0x60)
open(&(0x7f0000000280)='./file0\x00', 0x401, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xa9fc7550312ef961, @perf_config_ext={0x8000, 0x1ff}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x2c, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="b4000000", @ANYRES16=r11, @ANYBLOB="0100000000000000000001000000680008806400008024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39223c0009801c0000800600010002000000080002000000000005000397490000001c0000800600010002000000080002007f000001050003000300000024000300b08073e8d44e91e3da922c22438244bb885c69e269c8e9d835b114293a4ddc6e140002007767300000eadd5f9400000000000000"], 0xb4}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000)
fcntl$notify(0xffffffffffffffff, 0x402, 0xf)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYRESDEC=r7, @ANYRES32=r12, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.052475183s ago: executing program 5 (id=1907):
r0 = syz_pidfd_open(0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, 0x0, &(0x7f00000000c0)=0xc00)
close(r0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
eventfd(0x8)

982.656785ms ago: executing program 5 (id=1909):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x18)
r1 = fsopen(&(0x7f0000000580)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
close(r1)

930.600187ms ago: executing program 5 (id=1911):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xa6}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x0, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x94)

930.283407ms ago: executing program 5 (id=1912):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0x10, &(0x7f0000000600), 0x1, 0x59d, &(0x7f0000001100)="$eJzs3c9vFGUfAPDvs7stlAItb97kfZGDTUiERG1pwWiMiRDx5sEfJJ5IrG0hhAUaWhNBjJDgf6B/gIk3E2M8EmOIevHqzcSriSESA714WzO7s2WB3f7cMsh8PsnQ55mnk+8zu3z7zDw7MxtAaY1l/1Qi9kbEfIoY6WirRd441vq9u3euzCzduTKTotF4568UKV/X/v2U/xzON94eEb/8kOI/1YfjLly6fHa6Xp+7mNcnFs/NTyxcuvz8mXPTp+dOz52fmnxx8oUjh6eOHOrLfu6KiJ/Gj9eun3pt3zczX+755LuvbqQ4Gjvz9s796JexGFt+TTplr+tL/Q5WkGq+P51vcaoV2CHWpf3+DUTE/2IkqnHvzRuJT98qtHPAlmqkiAZQUkn+Q0m1jwOy89/2UuwRCfCo3D7WmgC4m1pze0vL+V9rzQ3G9ubcwI6lFJ3TOiki+jEzl8WYfyaNZEts0Twc0N3VaxHx/27jf2rm5mhzFj/L/8p9+V+JiDfzn9n6tzcYf+yBuvyHR2cz+f9eR/6/v8H48h8AAAAAAAD65+axiHiu2+d/leXrf6LL9T/DEXG0D/FX//yvcqsPYYAubh+LeCUi2tf+LXXkf260mtd2Na8HGEinztTnDkXE7og4GAPbsvrkCjHG9v080LOt4/q/bMnit68FzPtxq7bt/m1mpxenN7PPQMvtaxFP1brlf1oe/1OX8T8b++fXGKNx/NUfe7Wtnv/AVml8EXGg6/h/78kVaeXnc0w0jwcm2kcFD/vo5I1ve8WX/1CcbPzfsXL+j6bO5/UsrD/Gx3/+ton87378P5hONB85M5iv+3B6cfHiZMRgeuPh9VPr7zM8idr50M6XLP8P7u9+/r/S8f9QRFxdY8wT379+vVeb8R+KM3QtYnZd4//6C/vf/fzvXvHXNv4faY7pB/M15v9gZWtN0KL7CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/RpWI2BmpMr5crlTGxyOGI+K/saNSv7Cw+OypCx+cn83amt//X2l/0+9Iq57a3/8/2lGfeqB+OCL2RMRn1aFmfXzmQn226J0HAAAAAAAAAAAAAAAAAACAx8Rwj/v/M39Ui+4dsOVqRXcAKIz8h/KS/1Be8h/KS/5Decl/KC/5D+Ul/6G85D+UV7Xx9cmi+wAAAAAAAPTNnqdv/poi4urLQ80lM5i3DRTaM2CrHS26A0BhPOIHysulf1Beq53jmwOAJ19apX37hrcEAAAAAAAAAAAAAPrlwF73/0NZVYruAFCY3vf/ezIAPOnc/w/l5RwfcP8/AAAAAAAAAAAAADz+Fi5dPjtdr89d3Ghh2+Y2V1BYa+H33a3/s49Lf9ZfiNSHjHtEhaL/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG3/BAAA//9r5fVk")

792.603192ms ago: executing program 33 (id=1545):
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x7}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=r0, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000040), &(0x7f0000000080)=r2}, 0x20)
writev(r0, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}], 0x1)

788.118262ms ago: executing program 2 (id=1914):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="8b332abd700000000000150000000c009900c70000003a00000010001d800c00008008000d8004000300837818a12de567e57b3599cc2673adb5e21d9cb135930c003d"], 0x30}}, 0x0)

721.189834ms ago: executing program 2 (id=1915):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES64=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdc78}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r3, &(0x7f0000000380)={0x2a, 0xffffffff00000002, 0x7ffe}, 0xc)
bind$qrtr(r3, &(0x7f0000000500)={0x2a, 0x1, 0x4001}, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
memfd_secret(0x80000)
bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
socket$inet_tcp(0x2, 0x1, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
getpeername$packet(r5, &(0x7f0000000000)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(0xffffffffffffffff, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r6}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

593.390099ms ago: executing program 2 (id=1916):
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x2}, 0x18)
r1 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=[{0x18, 0x110, 0x1, 'p'}], 0x18}, 0x0)

593.056709ms ago: executing program 2 (id=1917):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r2 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f00000005c0)='\x00H\xeb', 0x0, r2)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000040)='syzkaller\x00', &(0x7f0000001140)='\xf1\x95\xb3>-\x8c\xd4\r\x01\xfa\xe2{eED\x0e\xaaPV\x11\xff\xb6j\xd4~6\x82^\x9b b', 0x0)
close(r2)

502.552702ms ago: executing program 2 (id=1918):
r0 = syz_pidfd_open(0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, 0x0, &(0x7f00000000c0)=0xc00)
close(r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r2}, 0x10)
quotactl_fd$Q_GETINFO(0xffffffffffffffff, 0xffffffff80000500, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000a80)='kfree\x00', r5, 0x0, 0x1}, 0x18)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0x3fe3aa0262d8c783, 0x20, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xa}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x3, 0x0, 0x7ff, 0x1}, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0xfffffffc, 0x0, 0xff}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
eventfd(0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f00000004c0)='kfree\x00', r9}, 0x10)
r10 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
sendfile(r10, r10, 0x0, 0x3fffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a050000000000000000001c0000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002106000d40931000005c0000000c0a01020000000000000000075600000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c0001"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r11 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDSKBENT(r11, 0x4b47, &(0x7f0000000400)={0x0, 0x7f, 0x700})
add_key$keyring(&(0x7f0000000100), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET(r12, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x20, 0x1, 0x7, 0x801, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFACCT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x44000}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)

453.780604ms ago: executing program 2 (id=1919):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f00000039c0)=ANY=[@ANYBLOB="180000000300000000000000a012544f95002b000000000093adffa82255f674412d020000000000005ab527ee3697f1ed4436dd1164b1b3f427f6ba6b34f98125f30e631d273683626e00dc254d570d4a6b78a5833488cfe410090000004aa900003d3cd62f00158e6eee8501000000520a0000151d016e6cafbe9309aba218812868a51d129e78f6ae170bf5a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b000024b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e8b701d2d17ebc406e89dcbb7677e6528b0856e31eb9474c0106fc48e1f8c1a5f6945ac24cf609068f6ff21e88b3cfc22df01d51e242443618c02e0a428da651366e4bac9d97328fa2a82b5e8741e02056d933bedf59ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e148bf56497e5d56d06c7551b870b2851c3f0a1aab7158edeeccd92e3a88dc0f432187ce92d7b17a21c8f1b3369ebfcb4cb2946601b0f04edb256c604f068773f6db9d661bd7f0e2536f00000000000000005521458b7d1e341c6f864f983d745f5865aad41d29158ae7602a2d6cd415e8351ebc283df54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121a96eb373845255012e028cb2654d493afb4b35faae176f99b745eda2967199cc93685bb444f9bc50713061385537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d0007ae4e1e347c0cff28235a6bb7aa3804b907a8f2880c5cb1cb385e6add14652003c7cdd3324f07d1ff07000000000000000009dd872ec64fa6c718bbd1aa591140cff0be4c6f8df084c5e9734ae30aa9afdc7125f01ab03a9b1074407136b4506000f0916aada035df2e0452a9b39e73aeeb6eaf14652dda689e2051d9b7eb85f3f2d5ab2c51944da8d7391d5b6b97419a3b76600cd1aa0afe5f8f46df4c5124ca425d374b371867a79b31f3f514573f1e30d1fd2d763f3ee9210b15c1d60be2168fffcd599a2cb77f124e22f87673675805494db821f39b50d5fd8c6b2a3a324c257bc97def5f07f2b77f05a4f81a9cf8110971b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c4407eca22debc99335583b00013c3130978fa069af8223b38ced735c2d90c6d84c30a0d87d42647489b39601be5c27696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f240080000534187738655d7a6240412c8f283cc0c1eba2866dc9580000000000000007fffffffff554b82d9c162f3556076b80552d961ca74d1ffdaccf0ea5f02e0163a9ccb9087e6c3b3917bb74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb01f7ada800e50000000000fdaf2f7b3b79a433e08074ea2462974ab2cbd2190780fa39c43ea647eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433d866665b98ca2002c836e89feef904c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc8d0834fb8d124638fec58faeb4c16abb440df2a694f4cdcaa4f65c22f000000000000000000000000000d503d79906958102000000000000000000001ffff0ef89b2a68d2bb2dd163e863314e8449801b52bb93f6c9084659ce777dda8563c859656a357770289a61faa95a82bf1cfb7f2f97252e9322abe282c3344fc6738b4467893b9bf0000000000000001062a35376413c29f7c6f7bde29b9f4bddd5e328661f4615e627a6f608ad53a4168fe8e5d7d934aa289b4bd2b870000000000000000000000000000fc4b4ff50000009b777883a02ffd92dfc4cb4114b9f9cf4ad155110cd3ace2b322ae31bfa27847c799c8869a1ea5018e525e6383ad7fd9795170e7b11e247603000000001459c7f606d721d3979676bffb3049166ab84ac1061991bd57c2566c10c296352a5105b6164e3f2491e4793e2b70590dcc71f110da96366c40dd44a2c9882d3aa0f8a797b8fea6efcfb5276b7679f15559cdaabf5fc14add71d0bca37405ded69b77ab4a3d7487fd50c5002adef9546abb7a2d9c085b189b5ff30e4e0c13f60870fde1f88d830b11002135e8e7262f29b6d7923bfbe0bd2a8be179e56b41ff3792cee2fc37eee739c3008ce740d8804f8e705f0dc59d000021363e8df94ff175b48dc8c12def681a11647946595445bf1cb7d2778cd27a6b3b2966b08be600000020a8a711d193bae0ab2db9ed9c6cb3c3de42ab89524414cae922141f7baf17ebb790ad60bd0387837e63f9880fd70259e35590afb4843cd4e9989398eaa89cefb3aa13cab8d015cbaf1561d95362decd73b8f8cbf8269cac091cfaaa3c7e46d6e79145fc0f1d1b383752ccb40515a772356d746914540216adf4c0f44f1cff3760afa252720ec6dad3a98671ecdaff46cddffb1f05a0c0976070d603a442d014822369fa3eacbb69bd1b0a074357acd5d02161fed146ad3aa15d2b8101b7bd1e091ada78ecd50181f4b35cae1b29aff91494c916323b61f815c4e0701657087ad11eef97952921365bc898ba2c76a9b6e0052f43b1ad2dfdf3f958fc1d32e692bc8846c78a956ada453c67c1c2cdc4f8b1c94e9adc106e85b31e030d955c5578e107a6e8ca0d4dd05344c3e2af25d9a3b0f7805624016aeab271a75f0bacb101a156ef8948064569154a7de08f80e4df4c339b69431b0a5671097d89212b465b0b32275deae10a77e334c9fc074d181bdeb5be80a6249d472e78e6be57a5ccd354cf181e099605a644ecade221a2be926210b2690d09e4b7a3dea25403397439979c27d5613262de10bacecfff2d58437f012df4252c018795310c25e8fce18ed366ac2caade564ca869727a7d63c26271e17d7aba48971835530311545273d3caadeb5d2017dc816126b6f2068f68a4111ddd587b5df4b5d8f1ce00231a2092eb2e797c491a1e66f73606fd95bb01b53a2d862b6262f0259da51ff7517ace7361460a4669a97f7d0bf095c2787f00bdbfee19670d1e0ec5e6c3cb09972fa4d94986157b96d6695177c99d83716651129320924352cda7b8ead91c3301af620c1e8d7004d29ad77f54836779600bb0b247139d429df96362db3ecfbd36fa8164fabdcf2e58b720e8e1c03a74daf593f92a8ecc03f8c8e3af9ae07dc03780cc0d69da9e3528c1693fb51998731992ceb27dcc0be5be4decefe41b78bc1847bf54b087e095172f06cfa6d4bf958b1d4544947ff1230655199db4f475006047fe83caca97758dffa53cee764f85932eb20d54241b2d515c0826dfe1f0f40ae920455a4548fb35e2a345c05b1c252b7877bb3d834b0b3579a36249146f832ef258df5127318c7017ac1a996c4f902f82deb60fd113ccf812d55ffd625057bd4ff3960992b85bc8d32edfca386be16b1c549aec52e31e1405f86c7760282901750b732ec06b0db735222a56f3ebb16fad3e9269495230cd88b0ea2e3affa196a2f0adf733bc6afd37a659ecc933d636c1b27d3a16c5ea25301f9b5789e4aa8e7228e3002f146aa5e575bb74b1ebb82147edf8161d362704377058e887c608be8719ea1b6c490f79e0832e2ddd7e217c7adddd4731e032d7eb35bdc38160c676d840e2e8be9033a686cf7061f5f55e2851736aa8c2f3bad8ac05c048e20d8c03b68008a70b8f80c93ebd2ababb5c65fe9abc"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0xb7, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
r2 = socket$kcm(0x29, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000180)={r0, r1})
sendmsg$rds(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000002800)=[{&(0x7f0000002980)=""/4112, 0x1010}], 0x1}, 0x0)
write(r2, 0x0, 0x0)
recvmmsg(r2, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}, 0x45}, {{0x0, 0x0, 0x0}, 0x8}], 0x2, 0x40012010, 0x0)

237.321491ms ago: executing program 1 (id=1921):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES64=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdc78}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r3, &(0x7f0000000380)={0x2a, 0xffffffff00000002, 0x7ffe}, 0xc)
bind$qrtr(r3, &(0x7f0000000500)={0x2a, 0x1, 0x4001}, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
memfd_secret(0x80000)
bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
getpeername$packet(r5, &(0x7f0000000000)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r4, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r6}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

214.945702ms ago: executing program 3 (id=1922):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb39}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x61, '\x00', 0x0, @fallback=0x7e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f00000001c0), 0x4)

172.094014ms ago: executing program 3 (id=1923):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=[{0x18, 0x110, 0x1, 'p'}], 0x18}, 0x0)

156.949494ms ago: executing program 3 (id=1924):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f00000004c0)='kfree\x00', r1}, 0x10)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
sendfile(r2, r2, 0x0, 0x3fffff)

136.916945ms ago: executing program 1 (id=1925):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
creat(0x0, 0x90)
r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)

136.625325ms ago: executing program 3 (id=1926):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)

112.440536ms ago: executing program 5 (id=1927):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x54, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0xd}, 0x10000, 0x10000, 0x0, 0x1, 0x8, 0x20006, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mlock2(&(0x7f0000d92000/0x4000)=nil, 0x4000, 0x0)
munmap(&(0x7f000060f000/0x4000)=nil, 0x4000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x18)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r5, &(0x7f0000000440)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r5, 0x0)
connect$unix(r4, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
accept(r5, 0x0, 0x0)
bind$bt_hci(r2, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8f0, &(0x7f0000002400)=<r6=>0x0)
io_submit(r6, 0x0, &(0x7f0000000340))
io_cancel(r6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xfff7, r1, &(0x7f0000000280)="cbaf10586cae2482207b272e6f65febad7542d456c398f83a2acf98addb0012936adcd96a3030ea9cb619b93378546ec62bb42a6ff52a98b05ac57d4a787c4dc661c6c47905085f278b51093e6d835", 0x4f, 0x6, 0x0, 0x1}, &(0x7f0000000100))
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000240)={'wg1\x00', <r7=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000000c0)=ANY=[@ANYBLOB="24000000180083ad0400000000000000020000000000fe020c00000008000400", @ANYRES32=r7], 0x24}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYRESHEX=r7, @ANYBLOB="c14c849011c1bc1beeae", @ANYRES8=r0, @ANYRESOCT=0x0], 0x24}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x20c006, &(0x7f0000000480)={[{@debug}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@discard}, {@grpquota}], [{@seclabel}]}, 0x1, 0x446, &(0x7f0000000d40)="$eJzs28tvG8UfAPDv2kn6/P1qqvLoAwgURMQjadJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSd8QRib+AE1wQcELiCndUqUK5tMDFaOPdxHbttA5ONtSfj7TJzO44M1/vjj07kw2gbw2nP5KIvRHxa0Tsq2ebCwzXf91cXpz6c3lxKola7Y0/kpVyN5YXp/Ki+ev25JmBiNInSRxuU+/8pcvnJqvVmYtZfmzh/Ltj85cuPzN7fvLszNmZCxOnTp04Pv7cyYlnexJnGteNQx/MHTn4yltXX5s6ffXtH79O8vhb4uiR4fUOPl6r9bi6Yv2vIZ0MFNgQulKud9MYXOn/+6IcaydvX7z8caGNAzZVrVar3df58FINuIslUXQLgGLkX/Tp/W++bdHQY1u4/kL9BiiN+2a21Y8MRCkrM9hyf9tLwxFxeumvL9ItNmceAgCgybfp+OfpbPzXtPBTisZ5of9nayiViLgnIvZHxMmIOBAR90aslL0/Ih7osv7WRZJbxz+la13+ya6k47/ns7Wt5vFfPvqLSjni73y4XInB5MxsdeZY9p6MxOCOND++Th3fvfTLZ52ONY7/0i2tPx8LZu24NrCj+TXTkwuT/ybmRtc/ijg00C7+ZHUlIL0sDkbEoQ3WMfvkV0c6Hbt9/M2GGjM9WGeqfRnxRP38L0VL/Llk/fXJsZ1RnTk2ll8Vt/rp5yuvd6q/2/h7LT3/u9te/6vxV5LG9dr57uu48tunHe9pNnr9DyVvNu17f3Jh4eJ4xFDyar3RjfsnWspNrJVP4x852r7/74+1d+JwRKQX8YMR8VBEPJy1/ZGIeDQijq4T/w8vPvZO856ki/g3Vxr/dFfnfy0xFK172ifK577/pqnSSnQRf3r+T6ykRrI9d/L5dyft2tjVDAAAAP89pYjYG0lpdDVdKo2O1v+H/0DsLlXn5heeOjP33oXp+jMClRgs5TNd9fng+nzoeHZbn+cnWvLHs3njz8u7VvKjU3PV6aKDhz63p0P/T/1eLrp1wKbzvBb0L/0f+pf+D/1L/4f+1ab/7yqiHcDWa/f9/2EB7QC2Xkv/t+wHfcT9P/Qv/R/6l/4PfWl+V9z+Ifntmti5PZrRn4koFVd7PkNV+JtwFycK/mACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokX8CAAD//2Ts5lU=")
r8 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r8, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x3000, 0x3)

98.692867ms ago: executing program 1 (id=1928):
r0 = syz_pidfd_open(0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, 0x0, &(0x7f00000000c0)=0xc00)
close(r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r2}, 0x10)
quotactl_fd$Q_GETINFO(0xffffffffffffffff, 0xffffffff80000500, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000a80)='kfree\x00', r5, 0x0, 0x1}, 0x18)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0x3fe3aa0262d8c783, 0x20, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xa}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x3, 0x0, 0x7ff, 0x1}, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0xfffffffc, 0x0, 0xff}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
eventfd(0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f00000004c0)='kfree\x00', r9}, 0x10)
r10 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
sendfile(r10, r10, 0x0, 0x3fffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a050000000000000000001c0000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002106000d40931000005c0000000c0a01020000000000000000075600000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c0001"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r11 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDSKBENT(r11, 0x4b47, &(0x7f0000000400)={0x0, 0x7f, 0x700})
add_key$keyring(&(0x7f0000000100), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET(r12, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x20, 0x1, 0x7, 0x801, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFACCT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x44000}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)

72.729167ms ago: executing program 3 (id=1929):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, 0x0, &(0x7f00000005c0)=r1}, 0x20)
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
pwritev2(r2, &(0x7f0000000780)=[{&(0x7f00000004c0)="25039b276ebc", 0x6}], 0x1, 0x77f, 0x4, 0x1)
sendfile(r2, r2, 0x0, 0x800000009)
syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)

44.211388ms ago: executing program 1 (id=1930):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7", @ANYRES32=r0, @ANYBLOB="0000000004000000b703000008000040850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='kfree\x00', r1}, 0x18)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)

30.111669ms ago: executing program 1 (id=1931):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f00000004c0)='kfree\x00', r1}, 0x10)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
sendfile(r2, r2, 0x0, 0x3fffff)

20.756369ms ago: executing program 3 (id=1932):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=[{0x18, 0x110, 0x1, 'p'}], 0x18}, 0x0)

0s ago: executing program 1 (id=1933):
r0 = syz_pidfd_open(0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, 0x0, &(0x7f00000000c0)=0xc00)
close(r0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
eventfd(0x8)

kernel console output (not intermixed with test programs):

4] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.825489][ T6490] loop2: detected capacity change from 0 to 512
[   95.846667][ T6490] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.860496][ T6490] ext4 filesystem being mounted at /206/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   95.889003][ T6492] netlink: 'syz.1.995': attribute type 1 has an invalid length.
[   95.896747][ T6492] netlink: 224 bytes leftover after parsing attributes in process `syz.1.995'.
[   95.922551][ T6490] EXT4-fs error (device loop2): ext4_readdir:264: inode #12: block 32: comm syz.2.994: path /206/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   95.943443][ T6490] EXT4-fs (loop2): Remounting filesystem read-only
[   96.056833][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.109311][ T6511] FAULT_INJECTION: forcing a failure.
[   96.109311][ T6511] name failslab, interval 1, probability 0, space 0, times 0
[   96.122038][ T6511] CPU: 1 UID: 0 PID: 6511 Comm: syz.2.1004 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[   96.122123][ T6511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   96.122133][ T6511] Call Trace:
[   96.122138][ T6511]  <TASK>
[   96.122144][ T6511]  __dump_stack+0x1d/0x30
[   96.122165][ T6511]  dump_stack_lvl+0xe8/0x140
[   96.122184][ T6511]  dump_stack+0x15/0x1b
[   96.122242][ T6511]  should_fail_ex+0x265/0x280
[   96.122274][ T6511]  should_failslab+0x8c/0xb0
[   96.122293][ T6511]  kmem_cache_alloc_noprof+0x50/0x310
[   96.122321][ T6511]  ? audit_log_start+0x365/0x6c0
[   96.122404][ T6511]  audit_log_start+0x365/0x6c0
[   96.122433][ T6511]  audit_seccomp+0x48/0x100
[   96.122525][ T6511]  ? __seccomp_filter+0x68c/0x10d0
[   96.122548][ T6511]  __seccomp_filter+0x69d/0x10d0
[   96.122573][ T6511]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   96.122609][ T6511]  ? vfs_write+0x75e/0x8e0
[   96.122652][ T6511]  ? __rcu_read_unlock+0x4f/0x70
[   96.122701][ T6511]  ? __fget_files+0x184/0x1c0
[   96.122719][ T6511]  __secure_computing+0x82/0x150
[   96.122797][ T6511]  syscall_trace_enter+0xcf/0x1e0
[   96.122819][ T6511]  do_syscall_64+0xac/0x200
[   96.122837][ T6511]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   96.122860][ T6511]  ? clear_bhb_loop+0x40/0x90
[   96.122888][ T6511]  ? clear_bhb_loop+0x40/0x90
[   96.122901][ T6505] loop5: detected capacity change from 0 to 2048
[   96.122911][ T6511]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.122933][ T6511] RIP: 0033:0x7f02d9eee9a9
[   96.122945][ T6511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.122963][ T6511] RSP: 002b:00007f02d8557038 EFLAGS: 00000246 ORIG_RAX: 00000000000001c3
[   96.123008][ T6511] RAX: ffffffffffffffda RBX: 00007f02da115fa0 RCX: 00007f02d9eee9a9
[   96.123021][ T6511] RDX: ffffffffffffffff RSI: 0000200000000040 RDI: ffffffffffffffff
[   96.123034][ T6511] RBP: 00007f02d8557090 R08: 0000000000000000 R09: 0000000000000000
[   96.123046][ T6511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.123058][ T6511] R13: 0000000000000000 R14: 00007f02da115fa0 R15: 00007ffd13a6f228
[   96.123094][ T6511]  </TASK>
[   96.235635][ T6516] loop2: detected capacity change from 0 to 1024
[   96.271677][ T6505] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.364176][ T6505] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.1002: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   96.369213][ T6516] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.406568][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.416629][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.435405][ T6522] netlink: 'syz.0.1007': attribute type 1 has an invalid length.
[   96.443197][ T6522] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1007'.
[   96.466738][ T6527] loop3: detected capacity change from 0 to 2048
[   96.477277][ T6528] loop5: detected capacity change from 0 to 512
[   96.483883][ T6528] EXT4-fs: Ignoring removed nobh option
[   96.494080][ T6530] loop2: detected capacity change from 0 to 512
[   96.500878][ T6530] EXT4-fs: Ignoring removed mblk_io_submit option
[   96.507517][ T6530] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   96.510132][ T6527]  loop3: p1 < > p4
[   96.519997][ T6530] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   96.523108][ T6527] loop3: p4 size 8388608 extends beyond EOD, truncated
[   96.538619][ T6528] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #3: comm syz.5.1008: corrupted inode contents
[   96.560691][ T6530] System zones: 1-12
[   96.564785][ T6528] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #3: comm syz.5.1008: mark_inode_dirty error
[   96.576657][ T6530] EXT4-fs (loop2): 1 truncate cleaned up
[   96.582838][ T6530] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.595981][ T6528] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #3: comm syz.5.1008: corrupted inode contents
[   96.609338][ T6528] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #3: comm syz.5.1008: mark_inode_dirty error
[   96.621922][ T6528] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1008: Failed to acquire dquot type 0
[   96.633810][ T6528] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #16: comm syz.5.1008: corrupted inode contents
[   96.648734][ T6528] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #16: comm syz.5.1008: mark_inode_dirty error
[   96.661616][ T6528] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #16: comm syz.5.1008: corrupted inode contents
[   96.673983][ T6528] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.1008: mark_inode_dirty error
[   96.687917][ T6528] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #16: comm syz.5.1008: corrupted inode contents
[   96.701256][ T6528] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[   96.710315][ T6528] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #16: comm syz.5.1008: corrupted inode contents
[   96.725528][ T6528] EXT4-fs error (device loop5): ext4_truncate:4597: inode #16: comm syz.5.1008: mark_inode_dirty error
[   96.736921][ T6528] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[   96.747542][ T6528] EXT4-fs (loop5): 1 truncate cleaned up
[   96.756322][ T6528] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.762376][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.778310][ T6528] ext4 filesystem being mounted at /192/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.793013][ T6528] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=43665 sclass=netlink_route_socket pid=6528 comm=syz.5.1008
[   96.832341][ T6541] program syz.0.1015 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   96.841882][ T6541] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[   96.865917][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.058671][ T6559] netlink: 'syz.5.1022': attribute type 1 has an invalid length.
[   97.076605][ T6562] loop2: detected capacity change from 0 to 512
[   97.085368][ T6562] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   97.133704][ T6562] EXT4-fs (loop2): 1 truncate cleaned up
[   97.150278][ T6562] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.165854][ T6562] hub 9-0:1.0: USB hub found
[   97.170628][ T6562] hub 9-0:1.0: 8 ports detected
[   97.441584][ T6591] netlink: 'syz.3.1036': attribute type 1 has an invalid length.
[   98.076296][ T6669] __nla_validate_parse: 5 callbacks suppressed
[   98.076313][ T6669] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1064'.
[   98.396454][ T6681] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1070'.
[   98.739653][ T6717] FAULT_INJECTION: forcing a failure.
[   98.739653][ T6717] name failslab, interval 1, probability 0, space 0, times 0
[   98.752439][ T6717] CPU: 1 UID: 0 PID: 6717 Comm: syz.1.1091 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[   98.752467][ T6717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   98.752478][ T6717] Call Trace:
[   98.752484][ T6717]  <TASK>
[   98.752491][ T6717]  __dump_stack+0x1d/0x30
[   98.752514][ T6717]  dump_stack_lvl+0xe8/0x140
[   98.752663][ T6717]  dump_stack+0x15/0x1b
[   98.752681][ T6717]  should_fail_ex+0x265/0x280
[   98.752762][ T6717]  should_failslab+0x8c/0xb0
[   98.752787][ T6717]  __kmalloc_cache_node_noprof+0x54/0x320
[   98.752817][ T6717]  ? __get_vm_area_node+0x106/0x1d0
[   98.752852][ T6717]  __get_vm_area_node+0x106/0x1d0
[   98.752878][ T6717]  __vmalloc_node_range_noprof+0x273/0xe00
[   98.752938][ T6717]  ? bpf_prog_alloc_no_stats+0x47/0x390
[   98.752968][ T6717]  ? mntput_no_expire+0x6f/0x3c0
[   98.753010][ T6717]  ? __rcu_read_unlock+0x4f/0x70
[   98.753033][ T6717]  ? selinux_capable+0x1f9/0x270
[   98.753137][ T6717]  ? bpf_prog_alloc_no_stats+0x47/0x390
[   98.753166][ T6717]  __vmalloc_noprof+0x83/0xc0
[   98.753192][ T6717]  ? bpf_prog_alloc_no_stats+0x47/0x390
[   98.753243][ T6717]  bpf_prog_alloc_no_stats+0x47/0x390
[   98.753273][ T6717]  ? bpf_prog_alloc+0x2a/0x150
[   98.753303][ T6717]  bpf_prog_alloc+0x3c/0x150
[   98.753392][ T6717]  bpf_prog_load+0x514/0x1070
[   98.753450][ T6717]  ? security_bpf+0x2b/0x90
[   98.753469][ T6717]  __sys_bpf+0x51d/0x790
[   98.753511][ T6717]  __x64_sys_bpf+0x41/0x50
[   98.753539][ T6717]  x64_sys_call+0x2478/0x2fb0
[   98.753562][ T6717]  do_syscall_64+0xd2/0x200
[   98.753581][ T6717]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   98.753604][ T6717]  ? clear_bhb_loop+0x40/0x90
[   98.753688][ T6717]  ? clear_bhb_loop+0x40/0x90
[   98.753710][ T6717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.753781][ T6717] RIP: 0033:0x7f28f43ce9a9
[   98.753806][ T6717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.753826][ T6717] RSP: 002b:00007f28f2a37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   98.753846][ T6717] RAX: ffffffffffffffda RBX: 00007f28f45f5fa0 RCX: 00007f28f43ce9a9
[   98.753907][ T6717] RDX: 0000000000000094 RSI: 00002000000001c0 RDI: 0000000000000005
[   98.753920][ T6717] RBP: 00007f28f2a37090 R08: 0000000000000000 R09: 0000000000000000
[   98.753932][ T6717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.753943][ T6717] R13: 0000000000000000 R14: 00007f28f45f5fa0 R15: 00007ffc5932c128
[   98.753958][ T6717]  </TASK>
[   98.753965][ T6717] syz.1.1091: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0
[   99.016073][ T6717] CPU: 1 UID: 0 PID: 6717 Comm: syz.1.1091 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[   99.016132][ T6717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   99.016144][ T6717] Call Trace:
[   99.016150][ T6717]  <TASK>
[   99.016156][ T6717]  __dump_stack+0x1d/0x30
[   99.016178][ T6717]  dump_stack_lvl+0xe8/0x140
[   99.016199][ T6717]  dump_stack+0x15/0x1b
[   99.016220][ T6717]  warn_alloc+0x12b/0x1a0
[   99.016252][ T6717]  __vmalloc_node_range_noprof+0x297/0xe00
[   99.016329][ T6717]  ? mntput_no_expire+0x6f/0x3c0
[   99.016369][ T6717]  ? __rcu_read_unlock+0x4f/0x70
[   99.016390][ T6717]  ? selinux_capable+0x1f9/0x270
[   99.016418][ T6717]  ? bpf_prog_alloc_no_stats+0x47/0x390
[   99.016450][ T6717]  __vmalloc_noprof+0x83/0xc0
[   99.016530][ T6717]  ? bpf_prog_alloc_no_stats+0x47/0x390
[   99.016638][ T6717]  bpf_prog_alloc_no_stats+0x47/0x390
[   99.016666][ T6717]  ? bpf_prog_alloc+0x2a/0x150
[   99.016697][ T6717]  bpf_prog_alloc+0x3c/0x150
[   99.016777][ T6717]  bpf_prog_load+0x514/0x1070
[   99.016816][ T6717]  ? security_bpf+0x2b/0x90
[   99.016833][ T6717]  __sys_bpf+0x51d/0x790
[   99.016865][ T6717]  __x64_sys_bpf+0x41/0x50
[   99.016913][ T6717]  x64_sys_call+0x2478/0x2fb0
[   99.016933][ T6717]  do_syscall_64+0xd2/0x200
[   99.016950][ T6717]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   99.016977][ T6717]  ? clear_bhb_loop+0x40/0x90
[   99.017000][ T6717]  ? clear_bhb_loop+0x40/0x90
[   99.017034][ T6717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.017058][ T6717] RIP: 0033:0x7f28f43ce9a9
[   99.017073][ T6717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.017160][ T6717] RSP: 002b:00007f28f2a37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   99.017177][ T6717] RAX: ffffffffffffffda RBX: 00007f28f45f5fa0 RCX: 00007f28f43ce9a9
[   99.017190][ T6717] RDX: 0000000000000094 RSI: 00002000000001c0 RDI: 0000000000000005
[   99.017203][ T6717] RBP: 00007f28f2a37090 R08: 0000000000000000 R09: 0000000000000000
[   99.017216][ T6717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.017270][ T6717] R13: 0000000000000000 R14: 00007f28f45f5fa0 R15: 00007ffc5932c128
[   99.017286][ T6717]  </TASK>
[   99.017291][ T6717] Mem-Info:
[   99.173186][ T6721] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1082'.
[   99.185322][ T6717] active_anon:5504 inactive_anon:0 isolated_anon:0
[   99.185322][ T6717]  active_file:7637 inactive_file:11508 isolated_file:0
[   99.185322][ T6717]  unevictable:3 dirty:230 writeback:0
[   99.185322][ T6717]  slab_reclaimable:3035 slab_unreclaimable:80551
[   99.185322][ T6717]  mapped:29674 shmem:239 pagetables:1566
[   99.185322][ T6717]  sec_pagetables:0 bounce:0
[   99.185322][ T6717]  kernel_misc_reclaimable:0
[   99.185322][ T6717]  free:1803258 free_pcp:32532 free_cma:0
[   99.185378][ T6717] Node 0 active_anon:22016kB inactive_anon:0kB active_file:30548kB inactive_file:46032kB unevictable:12kB isolated(anon):0kB isolated(file):0kB mapped:118696kB dirty:920kB writeback:0kB shmem:956kB writeback_tmp:0kB kernel_stack:3152kB pagetables:6264kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   99.322669][ T6717] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   99.351226][ T6717] lowmem_reserve[]: 0 2882 7860 7860
[   99.356603][ T6717] Node 0 DMA32 free:2947720kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2951348kB mlocked:0kB bounce:0kB free_pcp:3628kB local_pcp:3528kB free_cma:0kB
[   99.386992][ T6717] lowmem_reserve[]: 0 0 4978 4978
[   99.392106][ T6717] Node 0 Normal free:4249952kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:23176kB inactive_anon:0kB active_file:30548kB inactive_file:46032kB unevictable:12kB writepending:920kB present:5242880kB managed:5098240kB mlocked:12kB bounce:0kB free_pcp:125252kB local_pcp:35320kB free_cma:0kB
[   99.424436][ T6717] lowmem_reserve[]: 0 0 0 0
[   99.428985][ T6717] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   99.441747][ T6717] Node 0 DMA32: 4*4kB (M) 3*8kB (M) 2*16kB (M) 2*32kB (M) 4*64kB (M) 4*128kB (M) 3*256kB (M) 4*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2947720kB
[   99.457978][ T6717] Node 0 Normal: 2201*4kB (UME) 862*8kB (UM) 275*16kB (UME) 613*32kB (UME) 523*64kB (UM) 463*128kB (UME) 430*256kB (UM) 391*512kB (UME) 386*1024kB (UM) 234*2048kB (UME) 716*4096kB (UM) = 4249956kB
[   99.477543][ T6717] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   99.486918][ T6717] 19379 total pagecache pages
[   99.491606][ T6717] 0 pages in swap cache
[   99.495753][ T6717] Free swap  = 124996kB
[   99.500094][ T6717] Total swap = 124996kB
[   99.504330][ T6717] 2097051 pages RAM
[   99.508124][ T6717] 0 pages HighMem/MovableOnly
[   99.512803][ T6717] 80814 pages reserved
[   99.731862][ T6741] program syz.2.1093 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   99.749622][ T6741] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[   99.766178][ T6754] 9pnet_fd: Insufficient options for proto=fd
[  100.056716][ T6777] program syz.2.1109 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  100.079413][ T6777] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  100.191357][ T6789] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1113'.
[  100.195481][   T29] kauditd_printk_skb: 1148 callbacks suppressed
[  100.195549][   T29] audit: type=1326 audit(1753736737.081:6807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6788 comm="syz.0.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2492fde9a9 code=0x7ffc0000
[  100.229973][   T29] audit: type=1326 audit(1753736737.081:6808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6788 comm="syz.0.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f2492fde9a9 code=0x7ffc0000
[  100.253334][   T29] audit: type=1326 audit(1753736737.081:6809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6788 comm="syz.0.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2492fde9a9 code=0x7ffc0000
[  100.276805][   T29] audit: type=1326 audit(1753736737.081:6810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6788 comm="syz.0.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2492fde9a9 code=0x7ffc0000
[  100.300273][   T29] audit: type=1326 audit(1753736737.081:6811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6788 comm="syz.0.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f2492fde9a9 code=0x7ffc0000
[  100.323686][   T29] audit: type=1326 audit(1753736737.081:6812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6779 comm="syz.1.1110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28f43ce9a9 code=0x7ffc0000
[  100.347070][   T29] audit: type=1326 audit(1753736737.081:6813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6779 comm="syz.1.1110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28f43ce9a9 code=0x7ffc0000
[  100.371865][ T6796] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1110'.
[  100.382747][   T29] audit: type=1326 audit(1753736737.241:6814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6779 comm="syz.1.1110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f28f43ce9a9 code=0x7ffc0000
[  100.406070][   T29] audit: type=1326 audit(1753736737.241:6815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6779 comm="syz.1.1110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28f43ce9a9 code=0x7ffc0000
[  100.429453][   T29] audit: type=1326 audit(1753736737.241:6816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6779 comm="syz.1.1110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28f43ce9a9 code=0x7ffc0000
[  100.526752][ T6808] sd 0:0:1:0: device reset
[  100.657734][ T6821] program syz.0.1122 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  100.667546][ T6821] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  100.690549][ T6824] GUP no longer grows the stack in syz.1.1124 (6824): 200000004000-200000006000 (200000002000)
[  100.700980][ T6824] CPU: 0 UID: 0 PID: 6824 Comm: syz.1.1124 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[  100.701004][ T6824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  100.701016][ T6824] Call Trace:
[  100.701022][ T6824]  <TASK>
[  100.701029][ T6824]  __dump_stack+0x1d/0x30
[  100.701048][ T6824]  dump_stack_lvl+0xe8/0x140
[  100.701072][ T6824]  dump_stack+0x15/0x1b
[  100.701091][ T6824]  __get_user_pages+0x199d/0x1fb0
[  100.701117][ T6824]  ? __rcu_read_unlock+0x4f/0x70
[  100.701142][ T6824]  get_user_pages_remote+0x1dc/0x7a0
[  100.701216][ T6824]  __access_remote_vm+0x156/0x560
[  100.701276][ T6824]  access_remote_vm+0x32/0x40
[  100.701296][ T6824]  proc_pid_cmdline_read+0x30f/0x6a0
[  100.701409][ T6824]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  100.701437][ T6824]  vfs_readv+0x3f8/0x690
[  100.701470][ T6824]  __x64_sys_preadv+0xfd/0x1c0
[  100.701568][ T6824]  x64_sys_call+0x1503/0x2fb0
[  100.701591][ T6824]  do_syscall_64+0xd2/0x200
[  100.701609][ T6824]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.701683][ T6824]  ? clear_bhb_loop+0x40/0x90
[  100.701710][ T6824]  ? clear_bhb_loop+0x40/0x90
[  100.701736][ T6824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.701760][ T6824] RIP: 0033:0x7f28f43ce9a9
[  100.701776][ T6824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.701866][ T6824] RSP: 002b:00007f28f2a37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  100.701887][ T6824] RAX: ffffffffffffffda RBX: 00007f28f45f5fa0 RCX: 00007f28f43ce9a9
[  100.701902][ T6824] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 000000000000000a
[  100.701915][ T6824] RBP: 00007f28f4450d69 R08: 0000000000000000 R09: 0000000000000000
[  100.701928][ T6824] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  100.701939][ T6824] R13: 0000000000000000 R14: 00007f28f45f5fa0 R15: 00007ffc5932c128
[  100.702007][ T6824]  </TASK>
[  100.985530][ T6836] 9pnet_fd: Insufficient options for proto=fd
[  101.000407][ T6832] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1127'.
[  101.375358][ T6879] SELinux: syz.2.1146 (6879) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  101.416407][ T6887] FAULT_INJECTION: forcing a failure.
[  101.416407][ T6887] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.429554][ T6887] CPU: 1 UID: 0 PID: 6887 Comm: syz.2.1147 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[  101.429584][ T6887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  101.429676][ T6887] Call Trace:
[  101.429683][ T6887]  <TASK>
[  101.429691][ T6887]  __dump_stack+0x1d/0x30
[  101.429714][ T6887]  dump_stack_lvl+0xe8/0x140
[  101.429738][ T6887]  dump_stack+0x15/0x1b
[  101.429785][ T6887]  should_fail_ex+0x265/0x280
[  101.429844][ T6887]  should_fail+0xb/0x20
[  101.429878][ T6887]  should_fail_usercopy+0x1a/0x20
[  101.429909][ T6887]  _copy_from_user+0x1c/0xb0
[  101.429953][ T6887]  ___sys_sendmsg+0xc1/0x1d0
[  101.429984][ T6887]  __x64_sys_sendmsg+0xd4/0x160
[  101.430013][ T6887]  x64_sys_call+0x2999/0x2fb0
[  101.430100][ T6887]  do_syscall_64+0xd2/0x200
[  101.430120][ T6887]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.430145][ T6887]  ? clear_bhb_loop+0x40/0x90
[  101.430164][ T6887]  ? clear_bhb_loop+0x40/0x90
[  101.430269][ T6887]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.430292][ T6887] RIP: 0033:0x7f02d9eee9a9
[  101.430305][ T6887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.430324][ T6887] RSP: 002b:00007f02d8557038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  101.430374][ T6887] RAX: ffffffffffffffda RBX: 00007f02da115fa0 RCX: 00007f02d9eee9a9
[  101.430388][ T6887] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 000000000000000b
[  101.430402][ T6887] RBP: 00007f02d8557090 R08: 0000000000000000 R09: 0000000000000000
[  101.430413][ T6887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.430474][ T6887] R13: 0000000000000000 R14: 00007f02da115fa0 R15: 00007ffd13a6f228
[  101.430493][ T6887]  </TASK>
[  101.645324][ T6884] xt_CT: No such helper "pptp"
[  101.726479][ T6877] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1144'.
[  101.823916][ T6905] program syz.1.1153 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  101.840238][ T6905] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  101.852013][ T6912] loop5: detected capacity change from 0 to 128
[  101.866679][ T6913] netlink: 1204 bytes leftover after parsing attributes in process `syz.0.1155'.
[  101.899931][ T6912] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1157'.
[  102.004931][ T6932] netlink: 'syz.3.1165': attribute type 4 has an invalid length.
[  102.216337][ T6958] loop5: detected capacity change from 0 to 512
[  102.229285][ T6958] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002]
[  102.246662][ T6958] System zones: 0-7
[  102.259914][ T6958] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.299180][ T6967] netlink: 'syz.2.1179': attribute type 4 has an invalid length.
[  102.316343][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.459496][ T6979] loop5: detected capacity change from 0 to 1024
[  102.506203][ T6979] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.659210][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.784605][ T6998] loop5: detected capacity change from 0 to 512
[  102.807227][ T6998] EXT4-fs: Ignoring removed mblk_io_submit option
[  102.826480][ T6998] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  102.857304][ T6998] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  102.896956][ T6998] System zones: 1-12
[  102.923620][ T6998] EXT4-fs (loop5): 1 truncate cleaned up
[  102.941562][ T6998] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.173120][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.299478][ T7022] loop5: detected capacity change from 0 to 512
[  103.327648][ T7022] EXT4-fs: Ignoring removed mblk_io_submit option
[  103.355602][ T7022] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  103.362127][ T7025] netlink: 'syz.0.1202': attribute type 1 has an invalid length.
[  103.373315][ T7025] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1202'.
[  103.393601][ T7022] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  103.410698][ T7022] System zones: 1-12
[  103.425563][ T7022] EXT4-fs (loop5): 1 truncate cleaned up
[  103.443558][ T7022] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.515654][ T7037] program syz.2.1206 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  103.557931][ T7037] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  103.702651][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.728419][ T7049] program syz.2.1212 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  103.738050][ T7049] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  103.756414][ T7052] loop5: detected capacity change from 0 to 1024
[  103.790911][ T7052] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1213: Failed to acquire dquot type 0
[  103.821975][ T7052] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  103.879995][ T7052] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1213: corrupted inode contents
[  103.922258][ T7052] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #13: comm syz.5.1213: mark_inode_dirty error
[  103.973774][ T7052] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1213: corrupted inode contents
[  104.002065][ T7052] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #13: comm syz.5.1213: mark_inode_dirty error
[  104.020134][ T7052] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1213: corrupted inode contents
[  104.040617][ T7052] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  104.057916][ T7052] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1213: corrupted inode contents
[  104.071322][ T7052] EXT4-fs error (device loop5): ext4_truncate:4597: inode #13: comm syz.5.1213: mark_inode_dirty error
[  104.083660][ T7052] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  104.107093][ T7052] EXT4-fs (loop5): 1 truncate cleaned up
[  104.113195][ T7052] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.183256][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.262697][ T7070] program syz.5.1220 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  104.272101][ T7070] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  104.459803][ T7081] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1224'.
[  104.497882][ T7082] loop5: detected capacity change from 0 to 2048
[  104.530296][ T7082] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.576716][ T7082] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.1225: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  104.712974][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.771584][ T7093] loop5: detected capacity change from 0 to 1024
[  104.829381][ T7093] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.903922][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.950363][ T7108] loop5: detected capacity change from 0 to 1024
[  104.981495][ T7108] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.017008][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.153878][ T7116] ALSA: seq fatal error: cannot create timer (-19)
[  105.206798][   T29] kauditd_printk_skb: 457 callbacks suppressed
[  105.206810][   T29] audit: type=1326 audit(1753736742.091:7272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7119 comm="syz.2.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f02d9eee9e3 code=0x7ffc0000
[  105.236225][   T29] audit: type=1326 audit(1753736742.091:7273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7119 comm="syz.2.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  105.260963][   T29] audit: type=1326 audit(1753736742.151:7274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7119 comm="syz.2.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  105.310825][   T29] audit: type=1326 audit(1753736742.171:7275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7119 comm="syz.2.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  105.334289][   T29] audit: type=1326 audit(1753736742.191:7276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7119 comm="syz.2.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  105.357750][   T29] audit: type=1326 audit(1753736742.191:7277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7119 comm="syz.2.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  105.383828][   T29] audit: type=1326 audit(1753736742.271:7278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7119 comm="syz.2.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  105.407190][   T29] audit: type=1326 audit(1753736742.271:7279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7119 comm="syz.2.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  105.430801][   T29] audit: type=1326 audit(1753736742.271:7280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7119 comm="syz.2.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  105.441114][ T7121] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1238'.
[  105.454354][   T29] audit: type=1400 audit(1753736742.271:7281): avc:  denied  { mount } for  pid=7120 comm="syz.0.1237" name="/" dev="hugetlbfs" ino=17894 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  105.534624][ T7133] program syz.5.1240 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  105.544059][ T7133] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  105.573688][ T7137] loop5: detected capacity change from 0 to 1024
[  105.588112][ T7137] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1241: Failed to acquire dquot type 0
[  105.604550][ T7137] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  105.619977][ T7137] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1241: corrupted inode contents
[  105.662371][ T7137] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #13: comm syz.5.1241: mark_inode_dirty error
[  105.679545][ T7137] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1241: corrupted inode contents
[  105.716150][ T7137] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #13: comm syz.5.1241: mark_inode_dirty error
[  105.729088][ T7140] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1242'.
[  105.738983][ T7137] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1241: corrupted inode contents
[  105.753752][ T7137] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  105.780294][ T7137] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1241: corrupted inode contents
[  105.802423][ T7137] EXT4-fs error (device loop5): ext4_truncate:4597: inode #13: comm syz.5.1241: mark_inode_dirty error
[  105.833089][ T7137] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  105.852066][ T7150] program syz.2.1245 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  105.861428][ T7150] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  105.865560][ T7137] EXT4-fs (loop5): 1 truncate cleaned up
[  105.875208][ T7148] program syz.0.1244 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  105.884888][ T7148] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  105.893695][ T7137] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.972699][ T7162] netlink: 'syz.0.1251': attribute type 4 has an invalid length.
[  106.009163][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.083745][ T7170] netlink: 'syz.3.1254': attribute type 1 has an invalid length.
[  106.091582][ T7170] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1254'.
[  106.105177][ T7164] program syz.0.1253 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  106.114767][ T7164] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  106.138450][ T7179] netlink: 'syz.5.1258': attribute type 23 has an invalid length.
[  106.179579][ T7185] program syz.1.1261 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  106.190141][ T7185] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  106.215984][ T7190] netlink: 'syz.0.1263': attribute type 4 has an invalid length.
[  106.277300][ T7194] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1265'.
[  106.546453][ T7179] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  106.764842][ T7225] program syz.1.1277 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  106.798187][ T7225] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  106.849798][ T7228] xt_CT: No such helper "pptp"
[  106.953597][ T7238] netlink: 1204 bytes leftover after parsing attributes in process `syz.5.1280'.
[  107.052757][ T7243] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1284'.
[  107.191793][ T7256] program syz.1.1290 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  107.202166][ T7254] program syz.0.1289 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  107.211555][ T7256] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  107.220081][ T7254] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  107.286320][ T7265] 9pnet_fd: Insufficient options for proto=fd
[  107.294583][ T7265] 9pnet_fd: Insufficient options for proto=fd
[  107.313436][ T7266] netlink: 'syz.1.1292': attribute type 1 has an invalid length.
[  107.321282][ T7266] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1292'.
[  107.558000][ T7268] xt_CT: No such helper "pptp"
[  107.588183][ T7279] tipc: Started in network mode
[  107.593167][ T7279] tipc: Node identity ea0d6d65b024, cluster identity 4711
[  107.600412][ T7279] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  107.633793][ T7282] FAULT_INJECTION: forcing a failure.
[  107.633793][ T7282] name failslab, interval 1, probability 0, space 0, times 0
[  107.646495][ T7282] CPU: 0 UID: 0 PID: 7282 Comm: syz.1.1299 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[  107.646521][ T7282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  107.646532][ T7282] Call Trace:
[  107.646562][ T7282]  <TASK>
[  107.646568][ T7282]  __dump_stack+0x1d/0x30
[  107.646587][ T7282]  dump_stack_lvl+0xe8/0x140
[  107.646604][ T7282]  dump_stack+0x15/0x1b
[  107.646619][ T7282]  should_fail_ex+0x265/0x280
[  107.646688][ T7282]  should_failslab+0x8c/0xb0
[  107.646713][ T7282]  kmem_cache_alloc_noprof+0x50/0x310
[  107.646739][ T7282]  ? skb_clone+0x151/0x1f0
[  107.646757][ T7282]  skb_clone+0x151/0x1f0
[  107.646812][ T7282]  bpf_clone_redirect+0x7a/0x200
[  107.646832][ T7282]  ? __account_obj_stock+0x211/0x350
[  107.646853][ T7282]  bpf_prog_973cd02a7a0e8181+0x5f/0x68
[  107.646868][ T7282]  ? obj_cgroup_charge_account+0x122/0x1a0
[  107.646898][ T7282]  ? should_fail_ex+0x30/0x280
[  107.646960][ T7282]  ? __rcu_read_unlock+0x4f/0x70
[  107.646979][ T7282]  ? avc_has_perm_noaudit+0x1b1/0x200
[  107.647008][ T7282]  ? avc_has_perm+0xd3/0x150
[  107.647050][ T7282]  ? __rcu_read_unlock+0x4f/0x70
[  107.647069][ T7282]  ? is_bpf_text_address+0x141/0x160
[  107.647111][ T7282]  ? kernel_text_address+0x94/0xb0
[  107.647136][ T7282]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  107.647239][ T7282]  ? __kernel_text_address+0xd/0x40
[  107.647261][ T7282]  ? unwind_get_return_address+0x16/0x40
[  107.647288][ T7282]  ? arch_stack_walk+0xfc/0x150
[  107.647310][ T7282]  ? filter_irq_stacks+0x1d/0x70
[  107.647361][ T7282]  ? stack_depot_save_flags+0xa6a/0xb60
[  107.647424][ T7282]  ? read_tsc+0x9/0x20
[  107.647447][ T7282]  ? ktime_get+0x1eb/0x210
[  107.647481][ T7282]  bpf_test_run+0x1e3/0x490
[  107.647499][ T7282]  ? __list_add_valid_or_report+0x38/0xe0
[  107.647511][ T7282]  ? bpf_test_run+0xf6/0x490
[  107.647532][ T7282]  bpf_prog_test_run_skb+0x834/0xbd0
[  107.647570][ T7282]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  107.647635][ T7282]  bpf_prog_test_run+0x227/0x390
[  107.647653][ T7282]  __sys_bpf+0x3dc/0x790
[  107.647690][ T7282]  __x64_sys_bpf+0x41/0x50
[  107.647714][ T7282]  x64_sys_call+0x2478/0x2fb0
[  107.647746][ T7282]  do_syscall_64+0xd2/0x200
[  107.647764][ T7282]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  107.647871][ T7282]  ? clear_bhb_loop+0x40/0x90
[  107.647883][ T7282]  ? clear_bhb_loop+0x40/0x90
[  107.647895][ T7282]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.647908][ T7282] RIP: 0033:0x7f28f43ce9a9
[  107.647917][ T7282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.647995][ T7282] RSP: 002b:00007f28f2a37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  107.648073][ T7282] RAX: ffffffffffffffda RBX: 00007f28f45f5fa0 RCX: 00007f28f43ce9a9
[  107.648080][ T7282] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[  107.648087][ T7282] RBP: 00007f28f2a37090 R08: 0000000000000000 R09: 0000000000000000
[  107.648094][ T7282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.648101][ T7282] R13: 0000000000000000 R14: 00007f28f45f5fa0 R15: 00007ffc5932c128
[  107.648111][ T7282]  </TASK>
[  107.650060][ T7279] syzkaller0: entered promiscuous mode
[  107.777541][ T7290] FAULT_INJECTION: forcing a failure.
[  107.777541][ T7290] name failslab, interval 1, probability 0, space 0, times 0
[  107.781359][ T7279] syzkaller0: entered allmulticast mode
[  107.980157][ T7290] CPU: 0 UID: 0 PID: 7290 Comm: syz.2.1301 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[  107.980228][ T7290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  107.980241][ T7290] Call Trace:
[  107.980249][ T7290]  <TASK>
[  107.980256][ T7290]  __dump_stack+0x1d/0x30
[  107.980278][ T7290]  dump_stack_lvl+0xe8/0x140
[  107.980298][ T7290]  dump_stack+0x15/0x1b
[  107.980318][ T7290]  should_fail_ex+0x265/0x280
[  107.980407][ T7290]  should_failslab+0x8c/0xb0
[  107.980430][ T7290]  kmem_cache_alloc_node_noprof+0x57/0x320
[  107.980481][ T7290]  ? __alloc_skb+0x101/0x320
[  107.980509][ T7290]  __alloc_skb+0x101/0x320
[  107.980537][ T7290]  netlink_ack+0xfd/0x500
[  107.980568][ T7290]  ? __pfx_ethnl_act_module_fw_flash+0x10/0x10
[  107.980623][ T7290]  netlink_rcv_skb+0x192/0x220
[  107.980656][ T7290]  ? __pfx_genl_rcv_msg+0x10/0x10
[  107.980703][ T7290]  genl_rcv+0x28/0x40
[  107.980726][ T7290]  netlink_unicast+0x5a8/0x680
[  107.980756][ T7290]  netlink_sendmsg+0x58b/0x6b0
[  107.980797][ T7290]  ? __pfx_netlink_sendmsg+0x10/0x10
[  107.980819][ T7290]  __sock_sendmsg+0x142/0x180
[  107.980863][ T7290]  ____sys_sendmsg+0x31e/0x4e0
[  107.980885][ T7290]  ___sys_sendmsg+0x17b/0x1d0
[  107.980912][ T7290]  __x64_sys_sendmsg+0xd4/0x160
[  107.980982][ T7290]  x64_sys_call+0x2999/0x2fb0
[  107.981006][ T7290]  do_syscall_64+0xd2/0x200
[  107.981028][ T7290]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  107.981130][ T7290]  ? clear_bhb_loop+0x40/0x90
[  107.981151][ T7290]  ? clear_bhb_loop+0x40/0x90
[  107.981175][ T7290]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.981193][ T7290] RIP: 0033:0x7f02d9eee9a9
[  107.981208][ T7290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.981254][ T7290] RSP: 002b:00007f02d8536038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  107.981271][ T7290] RAX: ffffffffffffffda RBX: 00007f02da116080 RCX: 00007f02d9eee9a9
[  107.981284][ T7290] RDX: 000000002000c800 RSI: 0000200000000380 RDI: 0000000000000003
[  107.981297][ T7290] RBP: 00007f02d8536090 R08: 0000000000000000 R09: 0000000000000000
[  107.981318][ T7290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.981329][ T7290] R13: 0000000000000000 R14: 00007f02da116080 R15: 00007ffd13a6f228
[  107.981345][ T7290]  </TASK>
[  108.217679][ T7289] tipc: Resetting bearer <eth:syzkaller0>
[  108.225340][ T7289] tipc: Disabling bearer <eth:syzkaller0>
[  108.244383][ T7291] program syz.1.1302 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  108.255357][ T7291] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  108.382929][ T7310] ALSA: seq fatal error: cannot create timer (-19)
[  108.478825][ T7322] ALSA: seq fatal error: cannot create timer (-19)
[  108.493722][ T7325] netlink: 'syz.5.1316': attribute type 1 has an invalid length.
[  108.501517][ T7325] __nla_validate_parse: 1 callbacks suppressed
[  108.501530][ T7325] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1316'.
[  108.632146][ T7335] loop5: detected capacity change from 0 to 512
[  108.671593][ T7346] ALSA: seq fatal error: cannot create timer (-19)
[  108.678694][ T7335] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002]
[  108.687168][ T7335] System zones: 0-7
[  108.703979][ T7335] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.738695][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.784428][ T7363] SELinux:  Context system_u:object_r:inetd_var_run_t:s0 is not valid (left unmapped).
[  108.784610][ T7358] program syz.1.1330 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  108.805285][ T7358] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  108.831233][ T7366] netlink: 'syz.2.1331': attribute type 1 has an invalid length.
[  108.839012][ T7366] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1331'.
[  108.869270][ T7357] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1328'.
[  108.951740][ T7369] loop5: detected capacity change from 0 to 512
[  108.963464][ T7369] EXT4-fs: Ignoring removed mblk_io_submit option
[  108.977690][ T7369] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  108.998249][ T7369] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  109.007433][ T7369] System zones: 1-12
[  109.016911][ T7369] EXT4-fs (loop5): 1 truncate cleaned up
[  109.023124][ T7369] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.091421][ T7392] netlink: '+}[@': attribute type 13 has an invalid length.
[  109.108659][ T7392] gretap0: refused to change device tx_queue_len
[  109.115200][ T7392] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  109.244171][ T7406] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8187 sclass=netlink_route_socket pid=7406 comm=syz.0.1348
[  109.278668][ T7412] FAULT_INJECTION: forcing a failure.
[  109.278668][ T7412] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  109.291888][ T7412] CPU: 1 UID: 0 PID: 7412 Comm: syz.1.1351 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[  109.291958][ T7412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  109.292035][ T7412] Call Trace:
[  109.292042][ T7412]  <TASK>
[  109.292050][ T7412]  __dump_stack+0x1d/0x30
[  109.292072][ T7412]  dump_stack_lvl+0xe8/0x140
[  109.292093][ T7412]  dump_stack+0x15/0x1b
[  109.292111][ T7412]  should_fail_ex+0x265/0x280
[  109.292141][ T7412]  should_fail+0xb/0x20
[  109.292175][ T7412]  should_fail_usercopy+0x1a/0x20
[  109.292212][ T7412]  _copy_from_user+0x1c/0xb0
[  109.292234][ T7412]  do_ipv6_setsockopt+0x220/0x22e0
[  109.292323][ T7412]  ? kstrtoull+0x111/0x140
[  109.292397][ T7412]  ? avc_has_perm_noaudit+0x1b1/0x200
[  109.292488][ T7412]  ? selinux_netlbl_socket_setsockopt+0x1f9/0x2d0
[  109.292526][ T7412]  ipv6_setsockopt+0x59/0x130
[  109.292628][ T7412]  udpv6_setsockopt+0x99/0xb0
[  109.292646][ T7412]  sock_common_setsockopt+0x66/0x80
[  109.292670][ T7412]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  109.292763][ T7412]  __sys_setsockopt+0x181/0x200
[  109.292793][ T7412]  __x64_sys_setsockopt+0x64/0x80
[  109.292821][ T7412]  x64_sys_call+0x2bd5/0x2fb0
[  109.292841][ T7412]  do_syscall_64+0xd2/0x200
[  109.292899][ T7412]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  109.292994][ T7412]  ? clear_bhb_loop+0x40/0x90
[  109.293015][ T7412]  ? clear_bhb_loop+0x40/0x90
[  109.293036][ T7412]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.293125][ T7412] RIP: 0033:0x7f28f43ce9a9
[  109.293139][ T7412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.293156][ T7412] RSP: 002b:00007f28f2a37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  109.293224][ T7412] RAX: ffffffffffffffda RBX: 00007f28f45f5fa0 RCX: 00007f28f43ce9a9
[  109.293236][ T7412] RDX: 0000000000000030 RSI: 0000000000000029 RDI: 0000000000000003
[  109.293247][ T7412] RBP: 00007f28f2a37090 R08: 0000000000005000 R09: 0000000000000000
[  109.293258][ T7412] R10: 00002000000004c0 R11: 0000000000000246 R12: 0000000000000001
[  109.293270][ T7412] R13: 0000000000000000 R14: 00007f28f45f5fa0 R15: 00007ffc5932c128
[  109.293304][ T7412]  </TASK>
[  109.294316][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.469258][ T7414] program syz.3.1355 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  109.553587][ T7414] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  109.599517][ T7432] loop5: detected capacity change from 0 to 2048
[  109.643122][ T7432] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.661007][ T7432] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.1352: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  109.687166][ T7446] FAULT_INJECTION: forcing a failure.
[  109.687166][ T7446] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  109.700309][ T7446] CPU: 0 UID: 0 PID: 7446 Comm: syz.1.1364 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[  109.700335][ T7446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  109.700348][ T7446] Call Trace:
[  109.700356][ T7446]  <TASK>
[  109.700364][ T7446]  __dump_stack+0x1d/0x30
[  109.700387][ T7446]  dump_stack_lvl+0xe8/0x140
[  109.700439][ T7446]  dump_stack+0x15/0x1b
[  109.700455][ T7446]  should_fail_ex+0x265/0x280
[  109.700488][ T7446]  should_fail+0xb/0x20
[  109.700634][ T7446]  should_fail_usercopy+0x1a/0x20
[  109.700690][ T7446]  _copy_to_user+0x20/0xa0
[  109.700710][ T7446]  simple_read_from_buffer+0xb5/0x130
[  109.700741][ T7446]  proc_fail_nth_read+0x100/0x140
[  109.700852][ T7446]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  109.700903][ T7446]  vfs_read+0x1a0/0x6f0
[  109.700982][ T7446]  ? __rcu_read_unlock+0x4f/0x70
[  109.701068][ T7446]  ? __rcu_read_unlock+0x4f/0x70
[  109.701090][ T7446]  ? __fget_files+0x184/0x1c0
[  109.701112][ T7446]  ksys_read+0xda/0x1a0
[  109.701143][ T7446]  __x64_sys_read+0x40/0x50
[  109.701197][ T7446]  x64_sys_call+0x2d77/0x2fb0
[  109.701219][ T7446]  do_syscall_64+0xd2/0x200
[  109.701239][ T7446]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  109.701327][ T7446]  ? clear_bhb_loop+0x40/0x90
[  109.701347][ T7446]  ? clear_bhb_loop+0x40/0x90
[  109.701370][ T7446]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.701392][ T7446] RIP: 0033:0x7f28f43cd3bc
[  109.701407][ T7446] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  109.701430][ T7446] RSP: 002b:00007f28f2a37030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  109.701450][ T7446] RAX: ffffffffffffffda RBX: 00007f28f45f5fa0 RCX: 00007f28f43cd3bc
[  109.701461][ T7446] RDX: 000000000000000f RSI: 00007f28f2a370a0 RDI: 0000000000000006
[  109.701472][ T7446] RBP: 00007f28f2a37090 R08: 0000000000000000 R09: 0000000000000000
[  109.701483][ T7446] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000001
[  109.701494][ T7446] R13: 0000000000000000 R14: 00007f28f45f5fa0 R15: 00007ffc5932c128
[  109.701535][ T7446]  </TASK>
[  109.981250][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.035095][ T7463] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8187 sclass=netlink_route_socket pid=7463 comm=syz.5.1370
[  110.065133][ T7463] loop5: detected capacity change from 0 to 512
[  110.088167][ T7463] EXT4-fs: Ignoring removed mblk_io_submit option
[  110.106224][ T7470] xt_CT: No such helper "pptp"
[  110.111143][ T7463] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  110.124953][ T7463] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  110.134658][ T7469] program syz.2.1373 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  110.156214][ T7469] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  110.164709][ T7463] System zones: 1-12
[  110.176267][ T7463] EXT4-fs (loop5): 1 truncate cleaned up
[  110.190377][ T7463] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.210475][   T29] kauditd_printk_skb: 799 callbacks suppressed
[  110.210489][   T29] audit: type=1326 audit(1753736747.101:8079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7462 comm="syz.5.1370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2aa7de9a9 code=0x7ffc0000
[  110.242937][ T7484] audit: audit_lost=4 audit_rate_limit=0 audit_backlog_limit=64
[  110.248594][ T7479] program syz.3.1376 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  110.250793][ T7484] audit: out of memory in audit_log_start
[  110.259914][   T29] audit: type=1326 audit(1753736747.101:8080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7462 comm="syz.5.1370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2aa7de9a9 code=0x7ffc0000
[  110.288965][   T29] audit: type=1326 audit(1753736747.101:8081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7462 comm="syz.5.1370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7fd2aa7de9a9 code=0x7ffc0000
[  110.312680][   T29] audit: type=1326 audit(1753736747.101:8082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7462 comm="syz.5.1370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2aa7de9a9 code=0x7ffc0000
[  110.336128][   T29] audit: type=1326 audit(1753736747.101:8083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7462 comm="syz.5.1370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2aa7de9a9 code=0x7ffc0000
[  110.359552][   T29] audit: type=1326 audit(1753736747.131:8084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7481 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  110.359875][ T7485] syzkaller0: entered promiscuous mode
[  110.383049][   T29] audit: type=1326 audit(1753736747.131:8085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7481 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  110.388505][ T7485] syzkaller0: entered allmulticast mode
[  110.411844][   T29] audit: type=1326 audit(1753736747.131:8086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7481 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  110.412106][ T7479] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  110.559533][ T7499] netlink: 'syz.3.1383': attribute type 1 has an invalid length.
[  110.567475][ T7499] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1383'.
[  110.591112][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.700970][ T7510] program syz.5.1388 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  110.719871][ T7510] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  110.844617][ T7505] xt_CT: No such helper "pptp"
[  110.861454][ T7513] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1389'.
[  110.912398][ T7537] netlink: 'syz.0.1396': attribute type 1 has an invalid length.
[  110.920205][ T7537] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1396'.
[  110.930874][ T7535] loop5: detected capacity change from 0 to 2048
[  110.987923][ T7535] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.032100][ T7535] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.1395: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  111.136662][ T7564] netlink: 'syz.3.1406': attribute type 4 has an invalid length.
[  111.160102][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.288158][ T7589] SET target dimension over the limit!
[  111.334664][ T7594] loop5: detected capacity change from 0 to 2048
[  111.342905][ T7603] netlink: 'syz.3.1421': attribute type 4 has an invalid length.
[  111.347035][ T7588] program syz.0.1416 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  111.361447][ T7588] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  111.376191][ T7594] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.444261][ T7594] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.1420: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  111.446065][ T7596] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1419'.
[  111.484878][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.522110][ T7621] program syz.0.1427 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  111.540722][ T7621] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  111.582645][ T7633] ALSA: seq fatal error: cannot create timer (-19)
[  111.604496][ T7637] netlink: 'syz.0.1434': attribute type 4 has an invalid length.
[  111.641105][ T7632] program syz.3.1432 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  111.653547][ T7632] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  111.668937][ T7646] ALSA: seq fatal error: cannot create timer (-19)
[  111.762029][ T7665] loop5: detected capacity change from 0 to 512
[  111.780342][ T7665] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.793234][ T7665] ext4 filesystem being mounted at /247/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  111.809343][ T7668] netlink: 'syz.2.1448': attribute type 4 has an invalid length.
[  111.889630][ T7679] EXT4-fs error (device loop5): ext4_readdir:264: inode #12: block 32: comm syz.5.1447: path /247/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  111.918227][ T7679] EXT4-fs (loop5): Remounting filesystem read-only
[  111.976305][ T7689] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  111.987392][ T7688] IPVS: stopping master sync thread 7689 ...
[  112.039197][ T7695] FAULT_INJECTION: forcing a failure.
[  112.039197][ T7695] name failslab, interval 1, probability 0, space 0, times 0
[  112.051978][ T7695] CPU: 1 UID: 0 PID: 7695 Comm: syz.3.1458 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[  112.052012][ T7695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  112.052026][ T7695] Call Trace:
[  112.052033][ T7695]  <TASK>
[  112.052041][ T7695]  __dump_stack+0x1d/0x30
[  112.052064][ T7695]  dump_stack_lvl+0xe8/0x140
[  112.052125][ T7695]  dump_stack+0x15/0x1b
[  112.052140][ T7695]  should_fail_ex+0x265/0x280
[  112.052171][ T7695]  ? _request_firmware+0x1a3/0xbb0
[  112.052217][ T7695]  should_failslab+0x8c/0xb0
[  112.052241][ T7695]  __kmalloc_cache_noprof+0x4c/0x320
[  112.052275][ T7695]  _request_firmware+0x1a3/0xbb0
[  112.052305][ T7695]  ? __rtnl_unlock+0x95/0xb0
[  112.052366][ T7695]  ? netdev_run_todo+0x7cc/0x820
[  112.052400][ T7695]  request_firmware+0x36/0x50
[  112.052431][ T7695]  reg_reload_regdb+0x57/0x250
[  112.052452][ T7695]  nl80211_reload_regdb+0xe/0x20
[  112.052502][ T7695]  genl_family_rcv_msg_doit+0x143/0x1b0
[  112.052533][ T7695]  genl_rcv_msg+0x422/0x460
[  112.052555][ T7695]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  112.052583][ T7695]  ? __pfx_nl80211_reload_regdb+0x10/0x10
[  112.052644][ T7695]  ? __pfx_nl80211_post_doit+0x10/0x10
[  112.052670][ T7695]  netlink_rcv_skb+0x123/0x220
[  112.052699][ T7695]  ? __pfx_genl_rcv_msg+0x10/0x10
[  112.052854][ T7695]  genl_rcv+0x28/0x40
[  112.052878][ T7695]  netlink_unicast+0x5a8/0x680
[  112.052911][ T7695]  netlink_sendmsg+0x58b/0x6b0
[  112.052935][ T7695]  ? __pfx_netlink_sendmsg+0x10/0x10
[  112.053000][ T7695]  __sock_sendmsg+0x142/0x180
[  112.053028][ T7695]  ____sys_sendmsg+0x31e/0x4e0
[  112.053051][ T7695]  ___sys_sendmsg+0x17b/0x1d0
[  112.053152][ T7695]  __x64_sys_sendmsg+0xd4/0x160
[  112.053176][ T7695]  x64_sys_call+0x2999/0x2fb0
[  112.053200][ T7695]  do_syscall_64+0xd2/0x200
[  112.053221][ T7695]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  112.053252][ T7695]  ? clear_bhb_loop+0x40/0x90
[  112.053275][ T7695]  ? clear_bhb_loop+0x40/0x90
[  112.053299][ T7695]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.053388][ T7695] RIP: 0033:0x7fae6355e9a9
[  112.053404][ T7695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.053455][ T7695] RSP: 002b:00007fae61bc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  112.053476][ T7695] RAX: ffffffffffffffda RBX: 00007fae63785fa0 RCX: 00007fae6355e9a9
[  112.053489][ T7695] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000008
[  112.053502][ T7695] RBP: 00007fae61bc7090 R08: 0000000000000000 R09: 0000000000000000
[  112.053515][ T7695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  112.053528][ T7695] R13: 0000000000000000 R14: 00007fae63785fa0 R15: 00007ffc4680e9c8
[  112.053548][ T7695]  </TASK>
[  112.053587][ T7695] platform regulatory.0: _request_firmware_prepare: kmalloc(struct firmware) failed
[  112.362541][ T7702] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8187 sclass=netlink_route_socket pid=7702 comm=syz.0.1460
[  112.426641][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.504277][ T7721] SET target dimension over the limit!
[  112.543668][ T7724] program syz.0.1469 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  112.556333][ T7724] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  112.711821][ T7745] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1478'.
[  112.954272][ T7774] netlink: 'syz.0.1488': attribute type 4 has an invalid length.
[  112.985615][ T7772] program syz.2.1487 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  113.005007][ T7772] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  113.024162][ T7779] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  113.030709][ T7779] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  113.038211][ T7779] vhci_hcd vhci_hcd.0: Device attached
[  113.136822][ T7784] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1492'.
[  113.376853][ T7810] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1499'.
[  113.390799][ T7810] bridge0: entered promiscuous mode
[  113.396827][ T7810] bridge0: port 1(macvlan0) entered blocking state
[  113.403515][ T7810] bridge0: port 1(macvlan0) entered disabled state
[  113.425195][ T7810] macvlan0: entered allmulticast mode
[  113.430658][ T7810] bridge0: entered allmulticast mode
[  113.457809][ T7810] macvlan0: left allmulticast mode
[  113.463014][ T7810] bridge0: left allmulticast mode
[  113.531854][ T7810] bridge0: left promiscuous mode
[  113.551452][ T7816] netlink: 1204 bytes leftover after parsing attributes in process `syz.5.1502'.
[  114.071275][ T7842] netlink: 'syz.1.1512': attribute type 1 has an invalid length.
[  114.079038][ T7842] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1512'.
[  114.349644][ T7853] loop5: detected capacity change from 0 to 512
[  114.370121][ T7850] netem: change failed
[  114.401779][ T7853] EXT4-fs: Ignoring removed nobh option
[  114.449648][ T7853] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #3: comm syz.5.1517: corrupted inode contents
[  114.512119][ T7853] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #3: comm syz.5.1517: mark_inode_dirty error
[  114.535644][ T7853] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #3: comm syz.5.1517: corrupted inode contents
[  114.548683][ T7853] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #3: comm syz.5.1517: mark_inode_dirty error
[  114.580216][ T7853] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1517: Failed to acquire dquot type 0
[  114.588336][ T7870] program syz.2.1523 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  114.601018][ T7870] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  114.611390][ T7853] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #16: comm syz.5.1517: corrupted inode contents
[  114.623672][ T7853] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #16: comm syz.5.1517: mark_inode_dirty error
[  114.637200][ T7853] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #16: comm syz.5.1517: corrupted inode contents
[  114.673805][ T7853] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.1517: mark_inode_dirty error
[  114.697325][ T7853] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #16: comm syz.5.1517: corrupted inode contents
[  114.739065][ T7853] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  114.749969][ T7853] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #16: comm syz.5.1517: corrupted inode contents
[  114.770634][ T7876] FAULT_INJECTION: forcing a failure.
[  114.770634][ T7876] name failslab, interval 1, probability 0, space 0, times 0
[  114.783420][ T7876] CPU: 0 UID: 0 PID: 7876 Comm: syz.2.1525 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[  114.783444][ T7876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  114.783454][ T7876] Call Trace:
[  114.783569][ T7876]  <TASK>
[  114.783577][ T7876]  __dump_stack+0x1d/0x30
[  114.783599][ T7876]  dump_stack_lvl+0xe8/0x140
[  114.783620][ T7876]  dump_stack+0x15/0x1b
[  114.783639][ T7876]  should_fail_ex+0x265/0x280
[  114.783695][ T7876]  ? __se_sys_mount+0xef/0x2e0
[  114.783730][ T7876]  should_failslab+0x8c/0xb0
[  114.783796][ T7876]  __kmalloc_cache_noprof+0x4c/0x320
[  114.783825][ T7876]  ? memdup_user+0x99/0xd0
[  114.783849][ T7876]  __se_sys_mount+0xef/0x2e0
[  114.783933][ T7876]  ? fput+0x8f/0xc0
[  114.783958][ T7876]  ? ksys_write+0x192/0x1a0
[  114.783992][ T7876]  __x64_sys_mount+0x67/0x80
[  114.784024][ T7876]  x64_sys_call+0xd36/0x2fb0
[  114.784117][ T7876]  do_syscall_64+0xd2/0x200
[  114.784135][ T7876]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  114.784211][ T7876]  ? clear_bhb_loop+0x40/0x90
[  114.784234][ T7876]  ? clear_bhb_loop+0x40/0x90
[  114.784257][ T7876]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.784279][ T7876] RIP: 0033:0x7f02d9eee9a9
[  114.784293][ T7876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.784317][ T7876] RSP: 002b:00007f02d8557038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  114.784364][ T7876] RAX: ffffffffffffffda RBX: 00007f02da115fa0 RCX: 00007f02d9eee9a9
[  114.784378][ T7876] RDX: 00002000000001c0 RSI: 0000200000000040 RDI: 0000000000000000
[  114.784457][ T7876] RBP: 00007f02d8557090 R08: 0000200000000440 R09: 0000000000000000
[  114.784469][ T7876] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000001
[  114.784522][ T7876] R13: 0000000000000000 R14: 00007f02da115fa0 R15: 00007ffd13a6f228
[  114.784548][ T7876]  </TASK>
[  114.785357][ T7853] EXT4-fs error (device loop5): ext4_truncate:4597: inode #16: comm syz.5.1517: mark_inode_dirty error
[  114.987805][ T7853] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  115.009369][ T7853] EXT4-fs (loop5): 1 truncate cleaned up
[  115.015358][ T7853] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.033056][ T7853] ext4 filesystem being mounted at /252/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.071135][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.134239][ T7888] loop5: detected capacity change from 0 to 1024
[  115.170917][ T7888] EXT4-fs: Ignoring removed bh option
[  115.241398][ T7888] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.306451][ T7906] FAULT_INJECTION: forcing a failure.
[  115.306451][ T7906] name failslab, interval 1, probability 0, space 0, times 0
[  115.319163][ T7906] CPU: 0 UID: 0 PID: 7906 Comm: syz.2.1535 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[  115.319266][ T7906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  115.319279][ T7906] Call Trace:
[  115.319285][ T7906]  <TASK>
[  115.319291][ T7906]  __dump_stack+0x1d/0x30
[  115.319328][ T7906]  dump_stack_lvl+0xe8/0x140
[  115.319348][ T7906]  dump_stack+0x15/0x1b
[  115.319415][ T7906]  should_fail_ex+0x265/0x280
[  115.319448][ T7906]  should_failslab+0x8c/0xb0
[  115.319518][ T7906]  __kmalloc_noprof+0xa5/0x3e0
[  115.319589][ T7906]  ? iovec_from_user+0x84/0x210
[  115.319609][ T7906]  iovec_from_user+0x84/0x210
[  115.319703][ T7906]  __import_iovec+0xf3/0x540
[  115.319728][ T7906]  io_sendmsg_setup+0x1d1/0x290
[  115.319824][ T7906]  io_sendmsg_prep+0x3b8/0x5e0
[  115.319911][ T7906]  io_submit_sqes+0x5e2/0xfd0
[  115.319981][ T7906]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  115.320059][ T7906]  ? 0xffffffff81000000
[  115.320070][ T7906]  ? __rcu_read_unlock+0x4f/0x70
[  115.320095][ T7906]  ? get_pid_task+0x96/0xd0
[  115.320116][ T7906]  ? proc_fail_nth_write+0x12d/0x160
[  115.320167][ T7906]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  115.320202][ T7906]  ? vfs_write+0x75e/0x8e0
[  115.320235][ T7906]  ? __rcu_read_unlock+0x4f/0x70
[  115.320321][ T7906]  ? __fget_files+0x184/0x1c0
[  115.320342][ T7906]  ? fput+0x8f/0xc0
[  115.320366][ T7906]  __x64_sys_io_uring_enter+0x78/0x90
[  115.320405][ T7906]  x64_sys_call+0x28c8/0x2fb0
[  115.320429][ T7906]  do_syscall_64+0xd2/0x200
[  115.320448][ T7906]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  115.320472][ T7906]  ? clear_bhb_loop+0x40/0x90
[  115.320570][ T7906]  ? clear_bhb_loop+0x40/0x90
[  115.320591][ T7906]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.320610][ T7906] RIP: 0033:0x7f02d9eee9a9
[  115.320622][ T7906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.320696][ T7906] RSP: 002b:00007f02d8557038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  115.320771][ T7906] RAX: ffffffffffffffda RBX: 00007f02da115fa0 RCX: 00007f02d9eee9a9
[  115.320785][ T7906] RDX: 0000000000000000 RSI: 00000000000047f8 RDI: 0000000000000003
[  115.320798][ T7906] RBP: 00007f02d8557090 R08: 0000000000000000 R09: 0000000000000000
[  115.320811][ T7906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  115.320825][ T7906] R13: 0000000000000000 R14: 00007f02da115fa0 R15: 00007ffd13a6f228
[  115.320844][ T7906]  </TASK>
[  115.628757][   T29] kauditd_printk_skb: 1109 callbacks suppressed
[  115.628774][   T29] audit: type=1400 audit(1753736752.451:9192): avc:  denied  { setopt } for  pid=7887 comm="syz.5.1528" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  115.686508][ T7780] vhci_hcd: connection closed
[  115.686651][   T41] vhci_hcd: stop threads
[  115.695625][   T41] vhci_hcd: release socket
[  115.700193][   T41] vhci_hcd: disconnect device
[  115.710260][   T29] audit: type=1400 audit(1753736752.571:9193): avc:  denied  { write } for  pid=7887 comm="syz.5.1528" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  115.731079][   T29] audit: type=1400 audit(1753736752.571:9194): avc:  denied  { read } for  pid=7887 comm="syz.5.1528" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  115.751918][   T29] audit: type=1400 audit(1753736752.601:9195): avc:  denied  { remove_name } for  pid=7887 comm="syz.5.1528" name="file0" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  115.774540][   T29] audit: type=1400 audit(1753736752.601:9196): avc:  denied  { rmdir } for  pid=7887 comm="syz.5.1528" name="file0" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  115.802362][   T29] audit: type=1400 audit(1753736752.691:9197): avc:  denied  { connect } for  pid=7887 comm="syz.5.1528" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  115.823243][ T7912] netlink: 1204 bytes leftover after parsing attributes in process `syz.1.1536'.
[  115.839360][   T29] audit: type=1400 audit(1753736752.691:9198): avc:  denied  { create } for  pid=7887 comm="syz.5.1528" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  115.859002][   T29] audit: type=1400 audit(1753736752.691:9199): avc:  denied  { getopt } for  pid=7887 comm="syz.5.1528" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  115.957834][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.967957][ T7916] ALSA: seq fatal error: cannot create timer (-19)
[  115.992468][ T7919] loop5: detected capacity change from 0 to 512
[  116.015637][ T7919] EXT4-fs: Ignoring removed nobh option
[  116.036428][   T29] audit: type=1326 audit(1753736752.921:9200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7920 comm="syz.2.1540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  116.059985][   T29] audit: type=1326 audit(1753736752.921:9201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7920 comm="syz.2.1540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  116.137366][ T7919] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #3: comm syz.5.1539: corrupted inode contents
[  116.149434][ T7919] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #3: comm syz.5.1539: mark_inode_dirty error
[  116.171132][ T7919] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #3: comm syz.5.1539: corrupted inode contents
[  116.190920][ T7919] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #3: comm syz.5.1539: mark_inode_dirty error
[  116.245707][ T7919] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1539: Failed to acquire dquot type 0
[  116.257505][ T7919] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #16: comm syz.5.1539: corrupted inode contents
[  116.269684][ T7919] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #16: comm syz.5.1539: mark_inode_dirty error
[  116.282148][ T7919] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #16: comm syz.5.1539: corrupted inode contents
[  116.294495][ T7919] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.1539: mark_inode_dirty error
[  116.314241][ T7919] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #16: comm syz.5.1539: corrupted inode contents
[  116.315142][ T7927] sd 0:0:1:0: device reset
[  116.327274][ T7919] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  116.339361][ T7919] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #16: comm syz.5.1539: corrupted inode contents
[  116.354002][ T7919] EXT4-fs error (device loop5): ext4_truncate:4597: inode #16: comm syz.5.1539: mark_inode_dirty error
[  116.369991][ T7919] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  116.379619][ T7919] EXT4-fs (loop5): 1 truncate cleaned up
[  116.386777][ T7919] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.399591][ T7919] ext4 filesystem being mounted at /254/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.422837][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.464321][ T7934] netlink: 'syz.2.1546': attribute type 1 has an invalid length.
[  116.472155][ T7934] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1546'.
[  116.565579][ T7941] netlink: 'syz.2.1547': attribute type 1 has an invalid length.
[  116.573548][ T7941] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1547'.
[  116.645452][ T7949] netlink: 'syz.5.1553': attribute type 1 has an invalid length.
[  116.668904][ T7953] sd 0:0:1:0: device reset
[  116.717904][ T7961] netlink: 'syz.2.1557': attribute type 1 has an invalid length.
[  116.725794][ T7961] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1557'.
[  116.816324][ T7970] FAULT_INJECTION: forcing a failure.
[  116.816324][ T7970] name failslab, interval 1, probability 0, space 0, times 0
[  116.829125][ T7970] CPU: 1 UID: 0 PID: 7970 Comm: syz.5.1561 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[  116.829153][ T7970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  116.829165][ T7970] Call Trace:
[  116.829169][ T7970]  <TASK>
[  116.829175][ T7970]  __dump_stack+0x1d/0x30
[  116.829255][ T7970]  dump_stack_lvl+0xe8/0x140
[  116.829276][ T7970]  dump_stack+0x15/0x1b
[  116.829294][ T7970]  should_fail_ex+0x265/0x280
[  116.829323][ T7970]  ? __se_sys_mount+0xef/0x2e0
[  116.829398][ T7970]  should_failslab+0x8c/0xb0
[  116.829420][ T7970]  __kmalloc_cache_noprof+0x4c/0x320
[  116.829486][ T7970]  ? memdup_user+0x99/0xd0
[  116.829511][ T7970]  __se_sys_mount+0xef/0x2e0
[  116.829539][ T7970]  ? fput+0x8f/0xc0
[  116.829559][ T7970]  ? ksys_write+0x192/0x1a0
[  116.829659][ T7970]  __x64_sys_mount+0x67/0x80
[  116.829694][ T7970]  x64_sys_call+0xd36/0x2fb0
[  116.829758][ T7970]  do_syscall_64+0xd2/0x200
[  116.829776][ T7970]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  116.829847][ T7970]  ? clear_bhb_loop+0x40/0x90
[  116.829905][ T7970]  ? clear_bhb_loop+0x40/0x90
[  116.829927][ T7970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.829951][ T7970] RIP: 0033:0x7fd2aa7de9a9
[  116.829966][ T7970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.829982][ T7970] RSP: 002b:00007fd2a8e3f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  116.830045][ T7970] RAX: ffffffffffffffda RBX: 00007fd2aaa05fa0 RCX: 00007fd2aa7de9a9
[  116.830059][ T7970] RDX: 00002000000001c0 RSI: 0000200000000040 RDI: 0000000000000000
[  116.830073][ T7970] RBP: 00007fd2a8e3f090 R08: 0000200000000440 R09: 0000000000000000
[  116.830087][ T7970] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000001
[  116.830101][ T7970] R13: 0000000000000000 R14: 00007fd2aaa05fa0 R15: 00007ffe4bf02e38
[  116.830117][ T7970]  </TASK>
[  117.075381][ T7979] loop5: detected capacity change from 0 to 512
[  117.082189][ T7979] EXT4-fs: Ignoring removed mblk_io_submit option
[  117.090280][ T7979] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  117.136133][ T7979] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  117.160015][ T7979] System zones: 1-12
[  117.164619][ T7979] EXT4-fs (loop5): 1 truncate cleaned up
[  117.184408][ T7979] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.385962][ T8005] program syz.1.1575 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  117.402299][ T8005] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  117.429841][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.485373][ T8014] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1580'.
[  117.496463][ T8016] ALSA: seq fatal error: cannot create timer (-19)
[  117.583613][ T8030] netlink: 'syz.2.1584': attribute type 5 has an invalid length.
[  117.619076][ T8035] netlink: 1204 bytes leftover after parsing attributes in process `syz.5.1583'.
[  117.788930][ T8051] sd 0:0:1:0: device reset
[  117.872740][ T8058] netlink: 'syz.1.1595': attribute type 1 has an invalid length.
[  117.880534][ T8058] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1595'.
[  117.965905][ T8068] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1598'.
[  118.237972][ T8092] sd 0:0:1:0: device reset
[  118.250690][ T8097] netlink: 'syz.1.1608': attribute type 1 has an invalid length.
[  118.301645][ T8099] program syz.3.1609 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  118.312765][ T8099] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  118.377085][ T8104] ALSA: seq fatal error: cannot create timer (-19)
[  118.526545][ T8126] sd 0:0:1:0: device reset
[  118.551506][ T8130] netlink: 'syz.3.1621': attribute type 1 has an invalid length.
[  118.677648][ T8139] program syz.1.1623 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  118.707667][ T8139] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  118.774461][ T8149] FAULT_INJECTION: forcing a failure.
[  118.774461][ T8149] name failslab, interval 1, probability 0, space 0, times 0
[  118.787128][ T8149] CPU: 0 UID: 0 PID: 8149 Comm: syz.3.1628 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[  118.787187][ T8149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  118.787200][ T8149] Call Trace:
[  118.787207][ T8149]  <TASK>
[  118.787215][ T8149]  __dump_stack+0x1d/0x30
[  118.787237][ T8149]  dump_stack_lvl+0xe8/0x140
[  118.787254][ T8149]  dump_stack+0x15/0x1b
[  118.787269][ T8149]  should_fail_ex+0x265/0x280
[  118.787374][ T8149]  should_failslab+0x8c/0xb0
[  118.787393][ T8149]  kmem_cache_alloc_noprof+0x50/0x310
[  118.787418][ T8149]  ? audit_log_start+0x365/0x6c0
[  118.787493][ T8149]  audit_log_start+0x365/0x6c0
[  118.787526][ T8149]  audit_seccomp+0x48/0x100
[  118.787550][ T8149]  ? __seccomp_filter+0x68c/0x10d0
[  118.787613][ T8149]  __seccomp_filter+0x69d/0x10d0
[  118.787634][ T8149]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  118.787739][ T8149]  ? vfs_write+0x75e/0x8e0
[  118.787853][ T8149]  ? __rcu_read_unlock+0x4f/0x70
[  118.787891][ T8149]  ? __fget_files+0x184/0x1c0
[  118.787913][ T8149]  __secure_computing+0x82/0x150
[  118.787935][ T8149]  syscall_trace_enter+0xcf/0x1e0
[  118.787988][ T8149]  do_syscall_64+0xac/0x200
[  118.788005][ T8149]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  118.788031][ T8149]  ? clear_bhb_loop+0x40/0x90
[  118.788053][ T8149]  ? clear_bhb_loop+0x40/0x90
[  118.788089][ T8149]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.788111][ T8149] RIP: 0033:0x7fae6355e9a9
[  118.788127][ T8149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.788188][ T8149] RSP: 002b:00007fae61bc7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  118.788207][ T8149] RAX: ffffffffffffffda RBX: 00007fae63785fa0 RCX: 00007fae6355e9a9
[  118.788219][ T8149] RDX: 0000200000000000 RSI: 000000001ddc56b8 RDI: 000000000000001d
[  118.788230][ T8149] RBP: 00007fae61bc7090 R08: 0000000000000000 R09: 0000000000000000
[  118.788243][ T8149] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  118.788327][ T8149] R13: 0000000000000000 R14: 00007fae63785fa0 R15: 00007ffc4680e9c8
[  118.788345][ T8149]  </TASK>
[  119.293820][ T8175] FAULT_INJECTION: forcing a failure.
[  119.293820][ T8175] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  119.306949][ T8175] CPU: 0 UID: 0 PID: 8175 Comm: syz.1.1639 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[  119.306976][ T8175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  119.307047][ T8175] Call Trace:
[  119.307054][ T8175]  <TASK>
[  119.307062][ T8175]  __dump_stack+0x1d/0x30
[  119.307085][ T8175]  dump_stack_lvl+0xe8/0x140
[  119.307118][ T8175]  dump_stack+0x15/0x1b
[  119.307153][ T8175]  should_fail_ex+0x265/0x280
[  119.307226][ T8175]  should_fail+0xb/0x20
[  119.307287][ T8175]  should_fail_usercopy+0x1a/0x20
[  119.307322][ T8175]  _copy_to_user+0x20/0xa0
[  119.307419][ T8175]  simple_read_from_buffer+0xb5/0x130
[  119.307453][ T8175]  proc_fail_nth_read+0x100/0x140
[  119.307489][ T8175]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  119.307600][ T8175]  vfs_read+0x1a0/0x6f0
[  119.307626][ T8175]  ? user_path_at+0x109/0x130
[  119.307684][ T8175]  ? __rcu_read_unlock+0x4f/0x70
[  119.307810][ T8175]  ? __fget_files+0x184/0x1c0
[  119.307869][ T8175]  ksys_read+0xda/0x1a0
[  119.307898][ T8175]  __x64_sys_read+0x40/0x50
[  119.307955][ T8175]  x64_sys_call+0x2d77/0x2fb0
[  119.307978][ T8175]  do_syscall_64+0xd2/0x200
[  119.307996][ T8175]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  119.308023][ T8175]  ? clear_bhb_loop+0x40/0x90
[  119.308110][ T8175]  ? clear_bhb_loop+0x40/0x90
[  119.308130][ T8175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.308222][ T8175] RIP: 0033:0x7f28f43cd3bc
[  119.308237][ T8175] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  119.308254][ T8175] RSP: 002b:00007f28f2a37030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  119.308275][ T8175] RAX: ffffffffffffffda RBX: 00007f28f45f5fa0 RCX: 00007f28f43cd3bc
[  119.308349][ T8175] RDX: 000000000000000f RSI: 00007f28f2a370a0 RDI: 0000000000000003
[  119.308396][ T8175] RBP: 00007f28f2a37090 R08: 0000000000000000 R09: 0000000000000000
[  119.308415][ T8175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  119.308429][ T8175] R13: 0000000000000000 R14: 00007f28f45f5fa0 R15: 00007ffc5932c128
[  119.308447][ T8175]  </TASK>
[  119.325512][ T8170] program syz.3.1637 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  119.560410][ T8170] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  119.608824][ T8180] program syz.2.1640 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  119.649900][ T8180] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  119.966363][ T8211] __nla_validate_parse: 5 callbacks suppressed
[  119.966382][ T8211] netlink: 4 bytes leftover after parsing attributes in process `'.
[  120.023241][ T8225] loop5: detected capacity change from 0 to 1024
[  120.034933][ T8225] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1660: Failed to acquire dquot type 0
[  120.047578][ T8225] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  120.063093][ T8225] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1660: corrupted inode contents
[  120.075206][ T8225] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #13: comm syz.5.1660: mark_inode_dirty error
[  120.100672][ T8225] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1660: corrupted inode contents
[  120.133212][ T8225] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #13: comm syz.5.1660: mark_inode_dirty error
[  120.158895][ T8225] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1660: corrupted inode contents
[  120.171248][ T8225] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  120.187076][ T8225] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1660: corrupted inode contents
[  120.209351][ T8225] EXT4-fs error (device loop5): ext4_truncate:4597: inode #13: comm syz.5.1660: mark_inode_dirty error
[  120.224186][ T8225] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  120.249283][ T8225] EXT4-fs (loop5): 1 truncate cleaned up
[  120.257393][ T8225] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.307485][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.388965][ T8249] loop5: detected capacity change from 0 to 512
[  120.420976][ T8249] EXT4-fs: Ignoring removed nobh option
[  120.450964][ T8249] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #3: comm syz.5.1669: corrupted inode contents
[  120.490751][ T8249] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #3: comm syz.5.1669: mark_inode_dirty error
[  120.534983][ T8249] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #3: comm syz.5.1669: corrupted inode contents
[  120.561591][ T8260] netem: change failed
[  120.598220][ T8266] program syz.1.1676 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  120.607807][ T8266] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  120.617313][ T8249] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #3: comm syz.5.1669: mark_inode_dirty error
[  120.643944][ T8249] __quota_error: 696 callbacks suppressed
[  120.643962][ T8249] Quota error (device loop5): write_blk: dquota write failed
[  120.690402][ T8249] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  120.730323][ T8249] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1669: Failed to acquire dquot type 0
[  120.743981][ T8281] netlink: 'syz.2.1681': attribute type 4 has an invalid length.
[  120.770082][ T8249] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #16: comm syz.5.1669: corrupted inode contents
[  120.802956][ T8249] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #16: comm syz.5.1669: mark_inode_dirty error
[  120.816409][ T8249] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #16: comm syz.5.1669: corrupted inode contents
[  120.845539][   T29] audit: type=1326 audit(1753736757.731:9892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8283 comm="syz.2.1683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  120.872194][ T8249] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.1669: mark_inode_dirty error
[  120.899582][ T8289] program syz.1.1685 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  120.909005][   T29] audit: type=1326 audit(1753736757.731:9893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8283 comm="syz.2.1683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  120.932616][   T29] audit: type=1326 audit(1753736757.731:9894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8283 comm="syz.2.1683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  120.955922][   T29] audit: type=1326 audit(1753736757.731:9895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8283 comm="syz.2.1683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  120.979394][   T29] audit: type=1326 audit(1753736757.731:9896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8283 comm="syz.2.1683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  121.002822][   T29] audit: type=1326 audit(1753736757.731:9897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8283 comm="syz.2.1683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  121.010628][ T8249] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #16: comm syz.5.1669: corrupted inode contents
[  121.026255][   T29] audit: type=1326 audit(1753736757.731:9898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8283 comm="syz.2.1683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  121.061552][   T29] audit: type=1326 audit(1753736757.761:9899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8283 comm="syz.2.1683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02d9eee9a9 code=0x7ffc0000
[  121.085296][ T8249] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  121.085352][ T8289] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  121.129185][ T8249] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #16: comm syz.5.1669: corrupted inode contents
[  121.143609][ T8249] EXT4-fs error (device loop5): ext4_truncate:4597: inode #16: comm syz.5.1669: mark_inode_dirty error
[  121.180385][ T8249] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  121.254125][ T8304] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1691'.
[  121.263498][ T8304] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1691'.
[  121.292396][ T8249] EXT4-fs (loop5): 1 truncate cleaned up
[  121.299704][ T8249] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.316771][ T8249] ext4 filesystem being mounted at /273/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.338581][ T8308] netlink: 'syz.1.1693': attribute type 4 has an invalid length.
[  121.358603][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.424398][ T8316] SELinux:  Context system_u:object is not valid (left unmapped).
[  121.488329][ T8321] program syz.5.1699 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  121.498745][ T8321] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  121.580984][ T8328] loop5: detected capacity change from 0 to 2048
[  121.611689][ T8328] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.642107][ T8328] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.1702: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  121.696506][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.735405][ T8338] loop5: detected capacity change from 0 to 512
[  121.754412][ T8338] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.788137][ T8338] ext4 filesystem being mounted at /279/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  121.887461][ T8351] EXT4-fs error (device loop5): ext4_readdir:264: inode #12: block 32: comm syz.5.1705: path /279/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  121.891683][ T8348] sd 0:0:1:0: device reset
[  121.936780][ T8351] EXT4-fs (loop5): Remounting filesystem read-only
[  122.022639][ T8355] program syz.1.1712 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  122.043083][ T8355] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  122.060216][ T8360] FAULT_INJECTION: forcing a failure.
[  122.060216][ T8360] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  122.073450][ T8360] CPU: 0 UID: 0 PID: 8360 Comm: syz.3.1714 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[  122.073478][ T8360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  122.073491][ T8360] Call Trace:
[  122.073497][ T8360]  <TASK>
[  122.073506][ T8360]  __dump_stack+0x1d/0x30
[  122.073528][ T8360]  dump_stack_lvl+0xe8/0x140
[  122.073548][ T8360]  dump_stack+0x15/0x1b
[  122.073566][ T8360]  should_fail_ex+0x265/0x280
[  122.073642][ T8360]  should_fail+0xb/0x20
[  122.073671][ T8360]  should_fail_usercopy+0x1a/0x20
[  122.073706][ T8360]  _copy_from_user+0x1c/0xb0
[  122.073771][ T8360]  __se_sys_name_to_handle_at+0x233/0x5d0
[  122.073885][ T8360]  __x64_sys_name_to_handle_at+0x67/0x80
[  122.073990][ T8360]  x64_sys_call+0x279f/0x2fb0
[  122.074014][ T8360]  do_syscall_64+0xd2/0x200
[  122.074034][ T8360]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  122.074062][ T8360]  ? clear_bhb_loop+0x40/0x90
[  122.074103][ T8360]  ? clear_bhb_loop+0x40/0x90
[  122.074180][ T8360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.074201][ T8360] RIP: 0033:0x7fae6355e9a9
[  122.074215][ T8360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.074230][ T8360] RSP: 002b:00007fae61bc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012f
[  122.074249][ T8360] RAX: ffffffffffffffda RBX: 00007fae63785fa0 RCX: 00007fae6355e9a9
[  122.074307][ T8360] RDX: 00002000000000c0 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  122.074319][ T8360] RBP: 00007fae61bc7090 R08: 0000000000000000 R09: 0000000000000000
[  122.074337][ T8360] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.074348][ T8360] R13: 0000000000000000 R14: 00007fae63785fa0 R15: 00007ffc4680e9c8
[  122.074368][ T8360]  </TASK>
[  122.321804][ T8370] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1718'.
[  122.354529][ T8368] ALSA: seq fatal error: cannot create timer (-19)
[  122.397692][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.484674][ T8386] program syz.3.1726 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  122.494309][ T8386] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  122.597243][ T8396] program syz.3.1728 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  122.606672][ T8396] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  122.649554][ T8405] ALSA: seq fatal error: cannot create timer (-19)
[  122.750098][ T8422] tipc: Started in network mode
[  122.755156][ T8422] tipc: Node identity ac1414aa, cluster identity 4711
[  122.764230][ T8422] tipc: Enabled bearer <udp:syz2>, priority 10
[  122.771911][ T8422] tipc: Enabled bearer <eth:team0>, priority 0
[  122.844031][ T8429] veth0_to_team: entered promiscuous mode
[  122.849909][ T8429] veth0_to_team: entered allmulticast mode
[  122.970301][ T8433] program syz.3.1744 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  122.985729][ T8433] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  123.115181][ T8444] ALSA: seq fatal error: cannot create timer (-19)
[  123.431992][ T8457] program syz.3.1752 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  123.465209][ T8457] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  123.514099][ T8469] loop5: detected capacity change from 0 to 512
[  123.543614][ T8471] ALSA: seq fatal error: cannot create timer (-19)
[  123.557615][ T8469] ext4 filesystem being mounted at /285/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  123.650693][ T8483] FAULT_INJECTION: forcing a failure.
[  123.650693][ T8483] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.663996][ T8483] CPU: 0 UID: 0 PID: 8483 Comm: syz.3.1762 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[  123.664022][ T8483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  123.664095][ T8483] Call Trace:
[  123.664101][ T8483]  <TASK>
[  123.664108][ T8483]  __dump_stack+0x1d/0x30
[  123.664131][ T8483]  dump_stack_lvl+0xe8/0x140
[  123.664209][ T8483]  dump_stack+0x15/0x1b
[  123.664226][ T8483]  should_fail_ex+0x265/0x280
[  123.664258][ T8483]  should_fail+0xb/0x20
[  123.664295][ T8483]  should_fail_usercopy+0x1a/0x20
[  123.664328][ T8483]  _copy_from_user+0x1c/0xb0
[  123.664348][ T8483]  ___sys_sendmsg+0xc1/0x1d0
[  123.664432][ T8483]  __x64_sys_sendmsg+0xd4/0x160
[  123.664474][ T8483]  x64_sys_call+0x2999/0x2fb0
[  123.664495][ T8483]  do_syscall_64+0xd2/0x200
[  123.664565][ T8483]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  123.664590][ T8483]  ? clear_bhb_loop+0x40/0x90
[  123.664693][ T8483]  ? clear_bhb_loop+0x40/0x90
[  123.664715][ T8483]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.664734][ T8483] RIP: 0033:0x7fae6355e9a9
[  123.664747][ T8483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.664835][ T8483] RSP: 002b:00007fae61bc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  123.664853][ T8483] RAX: ffffffffffffffda RBX: 00007fae63785fa0 RCX: 00007fae6355e9a9
[  123.664866][ T8483] RDX: 0000000004008800 RSI: 0000200000000240 RDI: 0000000000000003
[  123.664878][ T8483] RBP: 00007fae61bc7090 R08: 0000000000000000 R09: 0000000000000000
[  123.664951][ T8483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.664964][ T8483] R13: 0000000000000000 R14: 00007fae63785fa0 R15: 00007ffc4680e9c8
[  123.664983][ T8483]  </TASK>
[  123.859838][   T36] tipc: Node number set to 2886997162
[  123.963139][ T8486] EXT4-fs error (device loop5): ext4_readdir:264: inode #12: block 32: comm syz.5.1757: path /285/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  124.025112][ T8486] EXT4-fs (loop5): Remounting filesystem read-only
[  124.299568][ T8506] loop5: detected capacity change from 0 to 2048
[  124.329836][ T8506] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.1771: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  124.760867][ T8526] program syz.2.1779 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  124.785665][ T8526] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  125.172724][ T8543] ALSA: seq fatal error: cannot create timer (-19)
[  125.192912][ T8538] program syz.3.1784 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  125.212440][ T8538] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  125.394062][ T8563] netlink: 1204 bytes leftover after parsing attributes in process `syz.5.1792'.
[  125.458733][ T8566] sd 0:0:1:0: device reset
[  125.485787][ T8572] netlink: 'syz.1.1798': attribute type 4 has an invalid length.
[  125.790423][ T8598] ALSA: seq fatal error: cannot create timer (-19)
[  125.959978][ T8612] program syz.1.1813 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  125.980554][ T8612] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  126.074783][   T29] kauditd_printk_skb: 470 callbacks suppressed
[  126.074797][   T29] audit: type=1326 audit(1753736762.961:10368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8616 comm="syz.1.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28f43ce9a9 code=0x7ffc0000
[  126.126009][   T29] audit: type=1326 audit(1753736763.001:10369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8616 comm="syz.1.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f28f43ce9a9 code=0x7ffc0000
[  126.149590][   T29] audit: type=1326 audit(1753736763.001:10370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8616 comm="syz.1.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28f43ce9a9 code=0x7ffc0000
[  126.173108][   T29] audit: type=1326 audit(1753736763.001:10371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8616 comm="syz.1.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28f43ce9a9 code=0x7ffc0000
[  126.196719][   T29] audit: type=1326 audit(1753736763.001:10372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8616 comm="syz.1.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f28f43ce9a9 code=0x7ffc0000
[  126.220201][   T29] audit: type=1326 audit(1753736763.001:10373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8616 comm="syz.1.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28f43ce9a9 code=0x7ffc0000
[  126.243760][   T29] audit: type=1326 audit(1753736763.001:10374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8616 comm="syz.1.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28f43ce9a9 code=0x7ffc0000
[  126.267306][   T29] audit: type=1326 audit(1753736763.001:10375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8616 comm="syz.1.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f28f43ce9a9 code=0x7ffc0000
[  126.290865][   T29] audit: type=1326 audit(1753736763.001:10376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8616 comm="syz.1.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28f43ce9a9 code=0x7ffc0000
[  126.314385][   T29] audit: type=1326 audit(1753736763.001:10377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8616 comm="syz.1.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f28f43ce9a9 code=0x7ffc0000
[  126.448442][ T8626] loop5: detected capacity change from 0 to 1024
[  126.488963][ T8626] EXT4-fs mount: 4 callbacks suppressed
[  126.488978][ T8626] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.530327][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.556864][ T8633] netlink: 'syz.1.1821': attribute type 1 has an invalid length.
[  126.564723][ T8633] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1821'.
[  126.809876][ T8651] ALSA: seq fatal error: cannot create timer (-19)
[  126.863592][ T8658] netlink: 1204 bytes leftover after parsing attributes in process `syz.3.1830'.
[  126.913167][ T8659] netlink: 'syz.5.1827': attribute type 29 has an invalid length.
[  127.163281][ T8661] netlink: 'syz.1.1832': attribute type 1 has an invalid length.
[  127.171086][ T8661] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1832'.
[  127.532388][ T8676] FAULT_INJECTION: forcing a failure.
[  127.532388][ T8676] name failslab, interval 1, probability 0, space 0, times 0
[  127.545066][ T8676] CPU: 1 UID: 0 PID: 8676 Comm: syz.1.1838 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[  127.545168][ T8676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  127.545180][ T8676] Call Trace:
[  127.545188][ T8676]  <TASK>
[  127.545197][ T8676]  __dump_stack+0x1d/0x30
[  127.545220][ T8676]  dump_stack_lvl+0xe8/0x140
[  127.545241][ T8676]  dump_stack+0x15/0x1b
[  127.545277][ T8676]  should_fail_ex+0x265/0x280
[  127.545309][ T8676]  should_failslab+0x8c/0xb0
[  127.545358][ T8676]  kmem_cache_alloc_node_noprof+0x57/0x320
[  127.545388][ T8676]  ? __alloc_skb+0x101/0x320
[  127.545422][ T8676]  __alloc_skb+0x101/0x320
[  127.545489][ T8676]  ? audit_log_start+0x365/0x6c0
[  127.545520][ T8676]  audit_log_start+0x380/0x6c0
[  127.545552][ T8676]  ? do_user_addr_fault+0xceb/0x1090
[  127.545642][ T8676]  audit_seccomp+0x48/0x100
[  127.545667][ T8676]  ? __seccomp_filter+0x68c/0x10d0
[  127.545690][ T8676]  __seccomp_filter+0x69d/0x10d0
[  127.545715][ T8676]  ? save_fpregs_to_fpstate+0x100/0x160
[  127.545804][ T8676]  ? _raw_spin_unlock+0x26/0x50
[  127.545832][ T8676]  __secure_computing+0x82/0x150
[  127.545870][ T8676]  syscall_trace_enter+0xcf/0x1e0
[  127.545892][ T8676]  do_syscall_64+0xac/0x200
[  127.545909][ T8676]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  127.545937][ T8676]  ? clear_bhb_loop+0x40/0x90
[  127.546032][ T8676]  ? clear_bhb_loop+0x40/0x90
[  127.546053][ T8676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.546075][ T8676] RIP: 0033:0x7f28f43cd3bc
[  127.546091][ T8676] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  127.546112][ T8676] RSP: 002b:00007f28f2a37030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  127.546132][ T8676] RAX: ffffffffffffffda RBX: 00007f28f45f5fa0 RCX: 00007f28f43cd3bc
[  127.546221][ T8676] RDX: 000000000000000f RSI: 00007f28f2a370a0 RDI: 0000000000000003
[  127.546232][ T8676] RBP: 00007f28f2a37090 R08: 0000000000000000 R09: 0000000000000000
[  127.546244][ T8676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.546257][ T8676] R13: 0000000000000000 R14: 00007f28f45f5fa0 R15: 00007ffc5932c128
[  127.546327][ T8676]  </TASK>
[  127.805614][ T8679] FAULT_INJECTION: forcing a failure.
[  127.805614][ T8679] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  127.818894][ T8679] CPU: 0 UID: 0 PID: 8679 Comm: syz.1.1839 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[  127.818923][ T8679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  127.818936][ T8679] Call Trace:
[  127.818942][ T8679]  <TASK>
[  127.818950][ T8679]  __dump_stack+0x1d/0x30
[  127.819047][ T8679]  dump_stack_lvl+0xe8/0x140
[  127.819064][ T8679]  dump_stack+0x15/0x1b
[  127.819080][ T8679]  should_fail_ex+0x265/0x280
[  127.819107][ T8679]  should_fail+0xb/0x20
[  127.819134][ T8679]  should_fail_usercopy+0x1a/0x20
[  127.819240][ T8679]  _copy_from_user+0x1c/0xb0
[  127.819263][ T8679]  ___sys_sendmsg+0xc1/0x1d0
[  127.819298][ T8679]  __x64_sys_sendmsg+0xd4/0x160
[  127.819350][ T8679]  x64_sys_call+0x2999/0x2fb0
[  127.819370][ T8679]  do_syscall_64+0xd2/0x200
[  127.819391][ T8679]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  127.819421][ T8679]  ? clear_bhb_loop+0x40/0x90
[  127.819493][ T8679]  ? clear_bhb_loop+0x40/0x90
[  127.819513][ T8679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.819574][ T8679] RIP: 0033:0x7f28f43ce9a9
[  127.819590][ T8679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.819611][ T8679] RSP: 002b:00007f28f2a37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  127.819631][ T8679] RAX: ffffffffffffffda RBX: 00007f28f45f5fa0 RCX: 00007f28f43ce9a9
[  127.819644][ T8679] RDX: 0000000000002000 RSI: 0000200000000180 RDI: 0000000000000003
[  127.819658][ T8679] RBP: 00007f28f2a37090 R08: 0000000000000000 R09: 0000000000000000
[  127.819677][ T8679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.819692][ T8679] R13: 0000000000000000 R14: 00007f28f45f5fa0 R15: 00007ffc5932c128
[  127.819724][ T8679]  </TASK>
[  128.108641][ T8682] ALSA: seq fatal error: cannot create timer (-19)
[  128.190889][ T8690] netlink: 'syz.1.1844': attribute type 1 has an invalid length.
[  128.198638][ T8690] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1844'.
[  128.235305][ T8697] loop5: detected capacity change from 0 to 1024
[  128.251498][ T8699] netlink: 'syz.1.1849': attribute type 4 has an invalid length.
[  128.288575][ T8697] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1848: Failed to acquire dquot type 0
[  128.341144][ T8695] infiniband syz2: set active
[  128.345829][ T8695] infiniband syz2: added veth0_to_bond
[  128.361482][ T8697] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  128.379945][ T8697] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1848: corrupted inode contents
[  128.421798][ T8695] RDS/IB: syz2: added
[  128.425788][ T8695] smc: adding ib device syz2 with port count 1
[  128.435866][ T8697] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #13: comm syz.5.1848: mark_inode_dirty error
[  128.471545][ T8697] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1848: corrupted inode contents
[  128.479785][ T8695] smc:    ib device syz2 port 1 has pnetid 
[  128.494541][ T8697] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #13: comm syz.5.1848: mark_inode_dirty error
[  128.535490][ T8708] program syz.1.1852 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  128.536493][ T8697] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1848: corrupted inode contents
[  128.557275][ T8708] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  128.593589][ T8697] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  128.618518][ T8697] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1848: corrupted inode contents
[  128.631518][ T8697] EXT4-fs error (device loop5): ext4_truncate:4597: inode #13: comm syz.5.1848: mark_inode_dirty error
[  128.642830][ T8697] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  128.653128][ T8697] EXT4-fs (loop5): 1 truncate cleaned up
[  128.659177][ T8697] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.715027][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.725191][ T8717] ALSA: seq fatal error: cannot create timer (-19)
[  128.813220][ T8724] netlink: 'syz.2.1859': attribute type 1 has an invalid length.
[  128.821057][ T8724] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1859'.
[  128.914156][ T8730] FAULT_INJECTION: forcing a failure.
[  128.914156][ T8730] name failslab, interval 1, probability 0, space 0, times 0
[  128.926855][ T8730] CPU: 1 UID: 0 PID: 8730 Comm: syz.3.1862 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[  128.926934][ T8730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  128.926947][ T8730] Call Trace:
[  128.927003][ T8730]  <TASK>
[  128.927010][ T8730]  __dump_stack+0x1d/0x30
[  128.927029][ T8730]  dump_stack_lvl+0xe8/0x140
[  128.927048][ T8730]  dump_stack+0x15/0x1b
[  128.927067][ T8730]  should_fail_ex+0x265/0x280
[  128.927098][ T8730]  should_failslab+0x8c/0xb0
[  128.927200][ T8730]  kmem_cache_alloc_noprof+0x50/0x310
[  128.927229][ T8730]  ? copy_fs_struct+0x31/0x110
[  128.927255][ T8730]  copy_fs_struct+0x31/0x110
[  128.927279][ T8730]  copy_fs+0x58/0xf0
[  128.927367][ T8730]  copy_process+0xc6e/0x1f90
[  128.927396][ T8730]  kernel_clone+0x16c/0x5b0
[  128.927424][ T8730]  ? vfs_write+0x75e/0x8e0
[  128.927458][ T8730]  __x64_sys_clone+0xe6/0x120
[  128.927516][ T8730]  x64_sys_call+0x2c59/0x2fb0
[  128.927620][ T8730]  do_syscall_64+0xd2/0x200
[  128.927639][ T8730]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  128.927663][ T8730]  ? clear_bhb_loop+0x40/0x90
[  128.927708][ T8730]  ? clear_bhb_loop+0x40/0x90
[  128.927731][ T8730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.927802][ T8730] RIP: 0033:0x7fae6355e9a9
[  128.927818][ T8730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.927837][ T8730] RSP: 002b:00007fae61bc6fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  128.927854][ T8730] RAX: ffffffffffffffda RBX: 00007fae63785fa0 RCX: 00007fae6355e9a9
[  128.927865][ T8730] RDX: 0000000000000000 RSI: 0000000000009000 RDI: 0000000004021400
[  128.927876][ T8730] RBP: 00007fae61bc7090 R08: 0000000000000000 R09: 0000000000000000
[  128.927923][ T8730] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  128.927937][ T8730] R13: 0000000000000000 R14: 00007fae63785fa0 R15: 00007ffc4680e9c8
[  128.927957][ T8730]  </TASK>
[  129.125973][ T8726] syzkaller1: entered promiscuous mode
[  129.131675][ T8726] syzkaller1: entered allmulticast mode
[  129.141807][ T8726] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  129.155691][ T8726] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  129.194064][ T8734] netlink: 'syz.2.1864': attribute type 3 has an invalid length.
[  129.246307][ T8742] FAULT_INJECTION: forcing a failure.
[  129.246307][ T8742] name failslab, interval 1, probability 0, space 0, times 0
[  129.259130][ T8742] CPU: 1 UID: 0 PID: 8742 Comm: syz.3.1866 Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[  129.259155][ T8742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  129.259167][ T8742] Call Trace:
[  129.259173][ T8742]  <TASK>
[  129.259179][ T8742]  __dump_stack+0x1d/0x30
[  129.259264][ T8742]  dump_stack_lvl+0xe8/0x140
[  129.259284][ T8742]  dump_stack+0x15/0x1b
[  129.259305][ T8742]  should_fail_ex+0x265/0x280
[  129.259403][ T8742]  should_failslab+0x8c/0xb0
[  129.259422][ T8742]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  129.259451][ T8742]  ? sidtab_sid2str_get+0xa0/0x130
[  129.259474][ T8742]  kmemdup_noprof+0x2b/0x70
[  129.259494][ T8742]  sidtab_sid2str_get+0xa0/0x130
[  129.259594][ T8742]  security_sid_to_context_core+0x1eb/0x2e0
[  129.259620][ T8742]  security_sid_to_context+0x27/0x40
[  129.259643][ T8742]  selinux_lsmprop_to_secctx+0x67/0xf0
[  129.259668][ T8742]  security_lsmprop_to_secctx+0x43/0x80
[  129.259738][ T8742]  audit_log_task_context+0x77/0x190
[  129.259772][ T8742]  audit_log_task+0xf4/0x250
[  129.259800][ T8742]  audit_seccomp+0x61/0x100
[  129.259824][ T8742]  ? __seccomp_filter+0x68c/0x10d0
[  129.259920][ T8742]  __seccomp_filter+0x69d/0x10d0
[  129.259945][ T8742]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  129.260021][ T8742]  ? vfs_write+0x75e/0x8e0
[  129.260059][ T8742]  __secure_computing+0x82/0x150
[  129.260082][ T8742]  syscall_trace_enter+0xcf/0x1e0
[  129.260159][ T8742]  do_syscall_64+0xac/0x200
[  129.260179][ T8742]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  129.260208][ T8742]  ? clear_bhb_loop+0x40/0x90
[  129.260232][ T8742]  ? clear_bhb_loop+0x40/0x90
[  129.260327][ T8742]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.260350][ T8742] RIP: 0033:0x7fae6355e9a9
[  129.260430][ T8742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.260450][ T8742] RSP: 002b:00007fae61bc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000003d
[  129.260470][ T8742] RAX: ffffffffffffffda RBX: 00007fae63785fa0 RCX: 00007fae6355e9a9
[  129.260482][ T8742] RDX: 0000000040000000 RSI: 0000000000000000 RDI: 0000000000000304
[  129.260495][ T8742] RBP: 00007fae61bc7090 R08: 0000000000000000 R09: 0000000000000000
[  129.260509][ T8742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.260519][ T8742] R13: 0000000000000000 R14: 00007fae63785fa0 R15: 00007ffc4680e9c8
[  129.260559][ T8742]  </TASK>
[  129.749686][ T8754] program syz.1.1870 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  129.784361][ T8754] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  129.844576][ T8765] ALSA: seq fatal error: cannot create timer (-19)
[  129.914908][ T8771] netlink: 1204 bytes leftover after parsing attributes in process `syz.1.1875'.
[  129.949608][ T8773] loop5: detected capacity change from 0 to 2048
[  129.961367][ T8773] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.995246][ T8773] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.1877: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  130.034297][ T8777] netlink: 'syz.3.1878': attribute type 1 has an invalid length.
[  130.042083][ T8777] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1878'.
[  130.091437][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.215026][ T8781] program syz.3.1880 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  130.242541][ T8781] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  130.854477][ T8815] ALSA: seq fatal error: cannot create timer (-19)
[  130.888343][ T8818] netlink: 'syz.1.1895': attribute type 4 has an invalid length.
[  131.265862][ T8843] ALSA: seq fatal error: cannot create timer (-19)
[  131.423974][ T8852] netlink: 'syz.2.1910': attribute type 4 has an invalid length.
[  131.445317][ T8856] loop5: detected capacity change from 0 to 1024
[  131.463206][ T8856] __quota_error: 505 callbacks suppressed
[  131.463220][ T8856] Quota error (device loop5): do_check_range: Getting block 64 out of range 1-5
[  131.478134][ T8856] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[  131.487579][ T8856] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1912: Failed to acquire dquot type 0
[  131.577520][ T8861] netlink: 'syz.2.1914': attribute type 29 has an invalid length.
[  131.652865][   T29] audit: type=1400 audit(1753736768.541:10878): avc:  denied  { mounton } for  pid=8862 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  131.677245][ T8856] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  131.740161][ T8856] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1912: corrupted inode contents
[  131.777782][ T8856] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #13: comm syz.5.1912: mark_inode_dirty error
[  131.823981][ T8856] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1912: corrupted inode contents
[  131.850474][ T8856] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #13: comm syz.5.1912: mark_inode_dirty error
[  131.876392][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.899048][ T8856] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1912: corrupted inode contents
[  131.925528][   T29] audit: type=1400 audit(1753736768.811:10879): avc:  denied  { name_bind } for  pid=8880 comm="syz.2.1919" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  131.947392][   T29] audit: type=1400 audit(1753736768.811:10880): avc:  denied  { node_bind } for  pid=8880 comm="syz.2.1919" saddr=224.0.0.1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  131.976256][ T8856] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  131.991693][   T29] audit: type=1400 audit(1753736768.881:10881): avc:  denied  { create } for  pid=8880 comm="syz.2.1919" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  131.995986][ T8856] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1912: corrupted inode contents
[  132.039838][   T29] audit: type=1400 audit(1753736768.881:10882): avc:  denied  { ioctl } for  pid=8880 comm="syz.2.1919" path="socket:[24655]" dev="sockfs" ino=24655 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  132.064737][   T29] audit: type=1400 audit(1753736768.881:10883): avc:  denied  { write } for  pid=8880 comm="syz.2.1919" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  132.064877][ T8856] EXT4-fs error (device loop5): ext4_truncate:4597: inode #13: comm syz.5.1912: mark_inode_dirty error
[  132.084147][   T29] audit: type=1400 audit(1753736768.881:10884): avc:  denied  { read } for  pid=8880 comm="syz.2.1919" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  132.120971][ T8856] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  132.130989][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.143309][   T29] audit: type=1326 audit(1753736769.031:10885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8887 comm="syz.3.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae6355e9a9 code=0x7ffc0000
[  132.143333][ T8856] EXT4-fs (loop5): 1 truncate cleaned up
[  132.143716][ T8856] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.204713][ T8862] chnl_net:caif_netlink_parms(): no params data found
[  132.240954][ T3840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.265848][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.313109][ T8902] loop5: detected capacity change from 0 to 512
[  132.335089][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.338238][ T8902] EXT4-fs: Ignoring removed mblk_io_submit option
[  132.354951][ T8862] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.354968][ T8902] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  132.355083][ T8862] ==================================================================
[  132.355115][ T8862] BUG: KCSAN: data-race in data_push_tail / vsnprintf
[  132.355156][ T8862] 
[  132.355164][ T8862] write to 0xffffffff88e6d163 of 69 bytes by task 8902 on cpu 0:
[  132.355182][ T8862]  vsnprintf+0x2ce/0x890
[  132.355207][ T8862]  pointer+0x833/0xcf0
[  132.355230][ T8862]  vsnprintf+0x491/0x890
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  132.355255][ T8862]  vscnprintf+0x41/0x90
[  132.355276][ T8862]  printk_sprint+0x30/0x2d0
[  132.355304][ T8862]  vprintk_store+0x599/0x860
[  132.355323][ T8862]  vprintk_emit+0x178/0x650
[  132.355341][ T8862]  vprintk_default+0x26/0x30
[  132.355358][ T8862]  vprintk+0x1d/0x30
[  132.355380][ T8862]  _printk+0x79/0xa0
[  132.355407][ T8862]  __ext4_msg+0x18f/0x1a0
[  132.355430][ T8862]  ext4_fill_super+0x1b68/0x34e0
[  132.355452][ T8862]  get_tree_bdev_flags+0x291/0x300
[  132.355485][ T8862]  get_tree_bdev+0x1f/0x30
[  132.355516][ T8862]  ext4_get_tree+0x1c/0x30
[  132.355538][ T8862]  vfs_get_tree+0x54/0x1d0
[  132.355568][ T8862]  do_new_mount+0x207/0x680
[  132.355601][ T8862]  path_mount+0x4a4/0xb20
[  132.355631][ T8862]  __se_sys_mount+0x28f/0x2e0
[  132.355665][ T8862]  __x64_sys_mount+0x67/0x80
[  132.355701][ T8862]  x64_sys_call+0xd36/0x2fb0
[  132.355724][ T8862]  do_syscall_64+0xd2/0x200
[  132.355744][ T8862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.355767][ T8862] 
[  132.355774][ T8862] read to 0xffffffff88e6d168 of 8 bytes by task 8862 on cpu 1:
[  132.355792][ T8862]  data_push_tail+0xfd/0x420
[  132.355827][ T8862]  data_alloc+0xbf/0x2b0
[  132.355856][ T8862]  prb_reserve+0x808/0xaf0
[  132.355887][ T8862]  vprintk_store+0x56d/0x860
[  132.355906][ T8862]  vprintk_emit+0x178/0x650
[  132.355925][ T8862]  vprintk_default+0x26/0x30
[  132.355944][ T8862]  vprintk+0x1d/0x30
[  132.355968][ T8862]  _printk+0x79/0xa0
[  132.355996][ T8862]  br_set_state+0x28c/0x390
[  132.356031][ T8862]  br_init_port+0x5c/0xf0
[  132.356051][ T8862]  new_nbp+0x22b/0x300
[  132.356079][ T8862]  br_add_if+0x1e7/0xa60
[  132.356108][ T8862]  br_add_slave+0x2c/0x40
[  132.356130][ T8862]  do_set_master+0x390/0x460
[  132.356155][ T8862]  do_setlink+0xa43/0x2810
[  132.356178][ T8862]  rtnl_newlink+0xe75/0x12d0
[  132.356200][ T8862]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  132.356222][ T8862]  netlink_rcv_skb+0x123/0x220
[  132.356257][ T8862]  rtnetlink_rcv+0x1c/0x30
[  132.356278][ T8862]  netlink_unicast+0x5a8/0x680
[  132.356315][ T8862]  netlink_sendmsg+0x58b/0x6b0
[  132.356335][ T8862]  __sock_sendmsg+0x142/0x180
[  132.356359][ T8862]  __sys_sendto+0x268/0x330
[  132.356387][ T8862]  __x64_sys_sendto+0x76/0x90
[  132.356417][ T8862]  x64_sys_call+0x2eb6/0x2fb0
[  132.356440][ T8862]  do_syscall_64+0xd2/0x200
[  132.356459][ T8862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.356482][ T8862] 
[  132.356487][ T8862] value changed: 0x00000000ffffec69 -> 0x73656c6966206465
[  132.356501][ T8862] 
[  132.356506][ T8862] Reported by Kernel Concurrency Sanitizer on:
[  132.356519][ T8862] CPU: 1 UID: 0 PID: 8862 Comm: syz-executor Not tainted 6.16.0-syzkaller #0 PREEMPT(voluntary) 
[  132.356546][ T8862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  132.356559][ T8862] ==================================================================
[  132.374286][ T8902] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  132.381584][ T8862] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.388900][ T8902] System zones: 
[  132.391566][ T8862] bridge_slave_0: entered allmulticast mode
[  132.398374][ T8902] 1-12
[  132.403367][ T8862] bridge_slave_0: entered promiscuous mode
[  132.406695][ T8902] 
[  132.716630][ T8902] EXT4-fs (loop5): 1 truncate cleaned up
[  132.722504][ T8881] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.722931][ T8902] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.766988][   T12] bridge_slave_1: left allmulticast mode
[  132.772709][   T12] bridge_slave_1: left promiscuous mode
[  132.778350][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.786084][   T12] bridge_slave_0: left allmulticast mode
[  132.791783][   T12] bridge_slave_0: left promiscuous mode
[  132.797390][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.830652][ T8902] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.923104][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  132.933148][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  132.942448][   T12] bond0 (unregistering): Released all slaves
[  132.990862][   T12] tipc: Left network mode
[  133.009025][   T12] hsr_slave_0: left promiscuous mode
[  133.014679][   T12] hsr_slave_1: left promiscuous mode
[  133.020632][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  133.028021][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  133.036992][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  133.044468][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  133.053738][   T12] veth1_macvtap: left promiscuous mode
[  133.059239][   T12] veth0_macvtap: left promiscuous mode
[  133.096360][   T12] team0 (unregistering): Port device team_slave_1 removed
[  133.106234][   T12] team0 (unregistering): Port device team_slave_0 removed
[  133.403038][   T12] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.452240][   T12] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.521412][   T12] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.611924][   T12] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.682063][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.731731][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.781770][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.841660][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.102080][   T12] bridge_slave_1: left allmulticast mode
[  134.107772][   T12] bridge_slave_1: left promiscuous mode
[  134.113464][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.121244][   T12] bridge_slave_0: left allmulticast mode
[  134.126864][   T12] bridge_slave_0: left promiscuous mode
[  134.132676][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.140922][   T12] bridge_slave_0: left allmulticast mode
[  134.146620][   T12] bridge_slave_0: left promiscuous mode
[  134.152368][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.160310][   T12] bridge_slave_1: left allmulticast mode
[  134.165979][   T12] bridge_slave_1: left promiscuous mode
[  134.171706][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.179072][   T12] bridge_slave_0: left allmulticast mode
[  134.184750][   T12] bridge_slave_0: left promiscuous mode
[  134.190521][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.302144][   T12] bond0 (unregistering): Released all slaves
[  134.342135][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  134.351802][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  134.360770][   T12] bond0 (unregistering): Released all slaves
[  134.368954][   T12] bond1 (unregistering): (slave batadv1): Releasing active interface
[  134.377744][   T12] bond1 (unregistering): Released all slaves
[  134.421071][   T12] bond0 (unregistering): Released all slaves
[  134.551404][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  134.560630][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  134.569467][   T12] bond0 (unregistering): Released all slaves
[  134.577833][   T10] syz2: Port: 1 Link DOWN
[  134.593476][   T12] tipc: Disabling bearer <udp:syz2>
[  134.598690][   T12] tipc: Disabling bearer <eth:team0>
[  134.604212][   T12] tipc: Left network mode
[  134.655103][   T12] hsr_slave_0: left promiscuous mode
[  134.660676][   T12] hsr_slave_1: left promiscuous mode
[  134.666623][   T12] hsr_slave_0: left promiscuous mode
[  134.673877][   T12] hsr_slave_1: left promiscuous mode
[  134.679401][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  134.686833][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  134.695208][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  134.702594][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  134.710771][   T12] hsr_slave_0: left promiscuous mode
[  134.716218][   T12] hsr_slave_1: left promiscuous mode
[  134.721722][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  134.729148][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  134.739855][   T12] veth1_macvtap: left promiscuous mode
[  134.745460][   T12] veth0_macvtap: left promiscuous mode
[  134.751331][   T12] veth1_macvtap: left promiscuous mode
[  134.756787][   T12] veth0_macvtap: left promiscuous mode
[  134.842572][   T12] team0 (unregistering): Port device team_slave_1 removed
[  134.851707][   T12] team0 (unregistering): Port device team_slave_0 removed
[  134.862729][   T41] smc: removing ib device syz2
[  134.903485][   T12] team0 (unregistering): Port device team_slave_1 removed
[  134.913473][   T12] team0 (unregistering): Port device team_slave_0 removed