last executing test programs:

1.618536692s ago: executing program 4 (id=1450):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000001000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32, @ANYRES32=0x0], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r2}, 0x10)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz0\x00', 0x200002, 0x0)
syz_genetlink_get_family_id$smc(&(0x7f0000000040), r1)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x9}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x694, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8c0}, 0x0)

1.538182754s ago: executing program 2 (id=1452):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x76}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000680)='kfree\x00', r1}, 0x18)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$xdp(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)

1.522428485s ago: executing program 1 (id=1453):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x61680, 0x20, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000e40)="d8000000180081064a81f782da02b904021d080400007c09e8fe55a10a0015c0050014a603600e1208000f0000000401a00016009a00014004000000036010fab94dcf5c0461c1d6900094007134cf6ee080000190d0a2ac922353a606487ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00320db70103000040fad95667dc06dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x48084)
r2 = io_uring_setup(0x3454, &(0x7f0000000080)={0x0, 0xffffeffe, 0x400, 0x2})
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="800009e92208a1ce", 0xfdef, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x1c)
read(0xffffffffffffffff, &(0x7f0000000b00)=""/207, 0xcf)
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

1.435195036s ago: executing program 2 (id=1455):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r0, 0x2)
r1 = open(&(0x7f0000000300)='.\x00', 0x100000, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000b80)=ANY=[@ANYRESOCT=r1, @ANYBLOB="8c0e47704bb352b42b359f29e559899afdca8c8ac4e7d4cb2bcf8dfe4f56ce1e9e72e10cfbe1695a67809755aa94a4e09c15f75a69685add37296d9caf8bc2a1731805d8ff87c039d6dcdba1362794b059778fedc9eec4ff8e0d233139c0a07f61e65ac2f79ba2666a33386af99f4e3548e3103116be1aa396", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, r1}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
unshare(0x68040200)
flock(r1, 0x1)
flock(r1, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_clone(0x1000000, &(0x7f00000004c0)="77bd5c357bf48edd6d8475485fbb4923cbc52ab5afcb01b560ccf57effae60e1d0a6bdcefd9d217442b028850ae063e2d049c4c19a7ec406ecf675fa2c8d87991b0b59b80ba432c2656f41b50c03a742b6d9d38c9327118be7b902fa80801e2a56704b43ecb3a1c0046125ab7a76d49d09d0e816766af00c1d191f614100ed85f516448d9a6ae23acc37f965486d1855c0c44920c17bf3989f92b6cc905e05efa0e72d56f5f2c2bb1fae4ef97aff", 0xae, &(0x7f0000000200), &(0x7f0000000280), &(0x7f0000000380)="6559400543f973867ac6e7f28e94f201aaf4b5")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000", @ANYRES8=r2, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, 0x0, 0x0)
sendto$inet6(r3, &(0x7f0000f6f000), 0x0, 0x20000004, 0x0, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
r5 = add_key$keyring(&(0x7f00000001c0), 0x0, 0x0, 0x0, 0xffffffffffffffff)
r6 = add_key$user(&(0x7f0000000080), &(0x7f0000000480)={'syz', 0x3}, &(0x7f0000000a00)="920c6d6eb99d849bd9d5a9b82ac12c8d9de121501e38d175e0b2508967806e74421f47a8e1eab6114860dca6511e5c27e71b39d1db8146900806a0c83fdad2bb28aa2cd786b9347217c0b51fa183f3002602b69bb8b325d1ed6c4d4f8590fdc01d3bb91f0eff175ef598d07e89a4fe0d5c38bf5f9b1dec71373236fb93351d43e2a18c6da00d16b75049a93854139813f913ffffff7fc10f6e6aa3ee5019060aa8678d7029f875f179e018cea748e7d2246290d2faee0bb2ab14f83db11d43ab0e12e97a465385f64ef5eb64469148a56be597cb4bdd38b83ed68ac75ac752891f6f48821eb40809fbe1ac2944e9eb37222b6bb012a1f0e85a", 0xf9, r5)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000140)=@keyring={'key_or_keyring:', r6})
r7 = add_key$keyring(&(0x7f0000000300), &(0x7f0000000380)={'syz', 0x2}, 0x0, 0x0, r5)
close_range(r4, 0xffffffffffffffff, 0x0)
flock(r0, 0x1)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, r8}, 0x18)
keyctl$invalidate(0x15, r7)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x50}, 0x0)

1.429853996s ago: executing program 4 (id=1456):
r0 = epoll_create1(0x80000)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/wakeup_count', 0x80800, 0x8)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f00000000c0)={0xe000001a})
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r3, &(0x7f0000000000))

1.414131876s ago: executing program 1 (id=1457):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x1008a, &(0x7f00000000c0)={[{@nomblk_io_submit}, {@usrjquota, 0x22}, {@errors_continue}, {@noload}, {@mblk_io_submit}, {@grpjquota, 0x22}, {@errors_continue}, {@errors_remount}, {@jqfmt_vfsv1}]}, 0xfe, 0x455, &(0x7f0000000fc0)="$eJzs3M9PHFUcAPDv7rJQ2iJY649iq2g1En9AoT/swUuNJh40MdFDjScE2mC3xRRMbEMUPeDRNPFuPJr4F3ixXox6MvGqd2NCDBerpzWzO0O3sAssLGx1P59k4L19b/Ped2be7ts3OxtAxxpK/uQiDkbErxHRX83eWWGo+u/WysLk3ysLk7kol9/4M1ep99fKwmRWNXvegWqmXN6g3aW3IyZKpemraX50/vJ7o3PXrj83c3ni4vTF6SvjZ8+eOnms+8z46ZbE2Zf0dfDD2aNHXnnrxmuT52+88+PXSX8PpuW1cbTKUHXv1vVkqxtrs76adK6rjR2hKYWISA5XsTL++6MQvatl/fHyJ23tHLCryuV8uadx8WIZ+B9LJupAJ8re6JPPv9m2R1OPu8LyuVhdx7iVbtWSrsindYrpZ6TdMBQR5xf/+SLZYpfWIQAAat08FxHP1pv/5eOBmnr3pNeGBiLi3og4FBH3RcThiLg/olL3wYh4qMn2114hWT//KfdvK7AtSuZ/L6TXtu6c/2WzvxgopLm+SvzF3IWZ0vSJdJ8MR7EnyY9t0MZ3L/3yWaOy2vlfsiXtZ3PBtB9/dK1ZoJuamJ/YScy1lj+OGOyqF39udc6bzI+PRMTgNtuYefqro43KNo9/Ay2YlJe/jHiqevwXY038mVzD65Njz58ZPz26L0rTJ0azs2K9n35eer1R+zuKvwWWb5Zjf93zfzX+gdy+iLlr1y9VrtfONd/G0m+fNvxMs93zvzv3ZiXdnT72wcT8/NWxiO7cq+sfH7/93Cyf1U/O/+Hj9cf/obi9Jx6OiOQkPhYRj0TEo2nfH4uIxyPi+Abx//DiE+82H/8Gq/ItlMQ/tdnxj9rj33yicOn7b5qPP5Mc/1OV1HD6yFZe/7bawZ3sOwAAAPivyFe+A5/Lj6ym8/mRkep3+A/H/nxpdm7+mQuz71+Zqn5XfiCK+Wylq79mPXQsXRvO8uNr8ifTdePPC72V/MjkbGmq3cFDhzvQYPwnfi+0u3fArnO/FnQu4x86l/EPncv4h85l/EPnqjf+P2pDP4C9t8n7f+9e9QPYe+b/0LmMf+hcxj90pIb3xud3dMu/RJsS33bv7Lcatp6I/F0S8q4neiNiL9oqRjXRExE1RV1b/jGLbSZ66ha1+5UJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4NAAD//xwt370=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
fstat(r0, &(0x7f0000001240))
syz_mount_image$ext4(&(0x7f0000000740)='ext3\x00', &(0x7f00000001c0)='./bus\x00', 0x240445, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpquota}, {@noquota}, {@quota}, {@noload}, {@noload}]}, 0x0, 0x50c, &(0x7f0000001440)="$eJzs3c9rHG0dAPDvbHZr06Zv8qoHfcH6o5W0aHeTxrbBQ60geiqo9V5jsgkhm2zIbtomFE3xDxBEVPCkFy+Cf4AgBS8eRSjoWVFRRFs9eNCO7O4kTdPdZNtus2n284HJPM8zM/t9ng0zO8/Mw0wAA+tjEXEjIp6maXoxIkaz8lw2xVZraqz35PH92caURJre+kcSSVa2/VlJNj+dbXYyIr76pYhvJC/GrW1sLs1UKuW1LF+qL6+WahublxaXZxbKC+WVqanJq9PXpq9MT/SknWci4voX/vL97/z0i9d/+em7f7z9twvfbFRrJFu+ux0vKb/fwlbTC83vYvcGa68Y7CjKN1uYGW63xtALJQ/ecJ0AAGivcY7//oj4RERcjNEY2v90FgAAAHgLpZ8bif8mEWl7JzqUAwAAAG+RXHMMbJIrZmMBRiKXKxZbY3g/GKdylWqt/qn56vrKXGus7FgUcvOLlfJENlZ4LApJIz/ZTD/LX96Tn4qIdyPie6PDzXxxtlqZ6/fFDwAAABgQp/f0//892ur/AwAAAMfMWL8rAAAAALxx+v8AAABw/On/AwAAwLH25Zs3G1O6/f7ruTsb60vVO5fmyrWl4vL6bHG2urZaXKhWF5rP7Fs+6PMq1erqZ2Jl/V6pXq7VS7WNzdvL1fWV+u3F516BDQAAAByidz/68PdJRGx9drg5NZzobtMuVwOOqvxOKsnmbXbrP7zTmv/5kCoFHIqhflcA6Jt8vysA9E2h3xUA+i45YHnHwTu/yeYf7219AACA3hv/cOf7/7l9t9zafzFw5NmJYXC5/w+Dq3n/v9uRvE4W4FgpOAOAgffa9/8PlKYvVSEAAKDnRppTkitml/dGIpcrFiPONF8LUEjmFyvliYh4JyJ+N1p4XyM/2dwyObDPAAAAAAAAAAAAAAAAAAAAAAAAAAC0pGkSKQAAAHCsReT+mvyq9Sz/8dHzI3uvD5xI/jMa2StC7/7o1g/uzdTra5ON8n/ulNd/mJVf7scVDAAAABgIL/UC/+1++nY/HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB66cnj+7Pb02HG/fvnI2KsXfx8nGzOT0YhIk79K4n8ru2SiBjqQfzhxp8PtYufNKq1E7Jd/OEexN96sG/8GMu+hXbxT/cgPgyyh43jz409+1+6e432+18+4rn8q+p8/Iud499Qh/3/TJcx3nv081LH+A8i3su3P/5sx086xD/XZfyvf21zs9Oy9McR421/f5LnYpXqy6ul2sbmpcXlmYXyQnllamry6vS16SvTE6X5xUo5+9s2xnc/8oun+7X/VIf4Ywe0/3yX7f/fo3uPP9BKFtrFv3CuTfxf/yRb48X4uey375NZurF8fDu91UrvdvZnvz27X/vnOrT/oP//hS7bf/Er3/5Tl6sCAIegtrG5NFOplNeObaLRSz8C1RjMxI2jUY1OiW/19APTNG32HF/jc5I4Cl9LM9HvIxMAANBrz076+10TAAAAAAAAAAAAAAAAAAAAGFyH8TixvTG3dlJJLx6hDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQE/8PAAD//xaa2hE=")
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', <r2=>0x0, 0x7800, 0x8000, 0x1, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x3, 0x0, 0x0, 0x0, 0x0, @dev, @private=0x10000}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f00000001c0)={'syztnl1\x00', &(0x7f0000000000)={'ip_vti0\x00', r2, 0x8000, 0x8, 0x5058, 0x2, {{0x7, 0x4, 0x0, 0x3, 0x1c, 0x65, 0x0, 0x7, 0x2f, 0x0, @empty, @local, {[@ra={0x94, 0x4, 0x1}, @ra={0x94, 0x4}]}}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0xfffffffffffffdf0, 0x0, 0x0, 0x0, 0x4, 0x0, @local, @broadcast}}}})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r3}, 0x18)
sync()
open(&(0x7f0000000040)='./bus\x00', 0x4e142, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000000)={@in6={{0xa, 0x0, 0x9, @loopback}}, 0x0, 0x0, 0x46, 0x0, "2431d0edd9b36cb74d7df7671eacf04be3b08353efa3641776f56c7556fd3713097bd0072577bc6fefb4cdc9e94e420b0ea4fbc5b07a32056eff5e6c42784b46ddab72b1b8fc87f208ad6db80d8dfe25"}, 0xd8)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000220000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x61]}}, 0x0, 0x34}, 0x28)
socket$nl_netfilter(0x10, 0x3, 0xc)

1.364753077s ago: executing program 4 (id=1458):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x1008a, &(0x7f00000000c0)={[{@nomblk_io_submit}, {@usrjquota, 0x22}, {@errors_continue}, {@noload}, {@mblk_io_submit}, {@grpjquota, 0x22}, {@errors_continue}, {@errors_remount}, {@jqfmt_vfsv1}]}, 0xfe, 0x455, &(0x7f0000000fc0)="$eJzs3M9PHFUcAPDv7rJQ2iJY649iq2g1En9AoT/swUuNJh40MdFDjScE2mC3xRRMbEMUPeDRNPFuPJr4F3ixXox6MvGqd2NCDBerpzWzO0O3sAssLGx1P59k4L19b/Ped2be7ts3OxtAxxpK/uQiDkbErxHRX83eWWGo+u/WysLk3ysLk7kol9/4M1ep99fKwmRWNXvegWqmXN6g3aW3IyZKpemraX50/vJ7o3PXrj83c3ni4vTF6SvjZ8+eOnms+8z46ZbE2Zf0dfDD2aNHXnnrxmuT52+88+PXSX8PpuW1cbTKUHXv1vVkqxtrs76adK6rjR2hKYWISA5XsTL++6MQvatl/fHyJ23tHLCryuV8uadx8WIZ+B9LJupAJ8re6JPPv9m2R1OPu8LyuVhdx7iVbtWSrsindYrpZ6TdMBQR5xf/+SLZYpfWIQAAat08FxHP1pv/5eOBmnr3pNeGBiLi3og4FBH3RcThiLg/olL3wYh4qMn2114hWT//KfdvK7AtSuZ/L6TXtu6c/2WzvxgopLm+SvzF3IWZ0vSJdJ8MR7EnyY9t0MZ3L/3yWaOy2vlfsiXtZ3PBtB9/dK1ZoJuamJ/YScy1lj+OGOyqF39udc6bzI+PRMTgNtuYefqro43KNo9/Ay2YlJe/jHiqevwXY038mVzD65Njz58ZPz26L0rTJ0azs2K9n35eer1R+zuKvwWWb5Zjf93zfzX+gdy+iLlr1y9VrtfONd/G0m+fNvxMs93zvzv3ZiXdnT72wcT8/NWxiO7cq+sfH7/93Cyf1U/O/+Hj9cf/obi9Jx6OiOQkPhYRj0TEo2nfH4uIxyPi+Abx//DiE+82H/8Gq/ItlMQ/tdnxj9rj33yicOn7b5qPP5Mc/1OV1HD6yFZe/7bawZ3sOwAAAPivyFe+A5/Lj6ym8/mRkep3+A/H/nxpdm7+mQuz71+Zqn5XfiCK+Wylq79mPXQsXRvO8uNr8ifTdePPC72V/MjkbGmq3cFDhzvQYPwnfi+0u3fArnO/FnQu4x86l/EPncv4h85l/EPnqjf+P2pDP4C9t8n7f+9e9QPYe+b/0LmMf+hcxj90pIb3xud3dMu/RJsS33bv7Lcatp6I/F0S8q4neiNiL9oqRjXRExE1RV1b/jGLbSZ66ha1+5UJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4NAAD//xwt370=")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
fstat(r0, &(0x7f0000001240))
syz_mount_image$ext4(&(0x7f0000000740)='ext3\x00', &(0x7f00000001c0)='./bus\x00', 0x240445, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpquota}, {@noquota}, {@quota}, {@noload}, {@noload}]}, 0x0, 0x50c, &(0x7f0000001440)="$eJzs3c9rHG0dAPDvbHZr06Zv8qoHfcH6o5W0aHeTxrbBQ60geiqo9V5jsgkhm2zIbtomFE3xDxBEVPCkFy+Cf4AgBS8eRSjoWVFRRFs9eNCO7O4kTdPdZNtus2n284HJPM8zM/t9ng0zO8/Mw0wAA+tjEXEjIp6maXoxIkaz8lw2xVZraqz35PH92caURJre+kcSSVa2/VlJNj+dbXYyIr76pYhvJC/GrW1sLs1UKuW1LF+qL6+WahublxaXZxbKC+WVqanJq9PXpq9MT/SknWci4voX/vL97/z0i9d/+em7f7z9twvfbFRrJFu+ux0vKb/fwlbTC83vYvcGa68Y7CjKN1uYGW63xtALJQ/ecJ0AAGivcY7//oj4RERcjNEY2v90FgAAAHgLpZ8bif8mEWl7JzqUAwAAAG+RXHMMbJIrZmMBRiKXKxZbY3g/GKdylWqt/qn56vrKXGus7FgUcvOLlfJENlZ4LApJIz/ZTD/LX96Tn4qIdyPie6PDzXxxtlqZ6/fFDwAAABgQp/f0//892ur/AwAAAMfMWL8rAAAAALxx+v8AAABw/On/AwAAwLH25Zs3G1O6/f7ruTsb60vVO5fmyrWl4vL6bHG2urZaXKhWF5rP7Fs+6PMq1erqZ2Jl/V6pXq7VS7WNzdvL1fWV+u3F516BDQAAAByidz/68PdJRGx9drg5NZzobtMuVwOOqvxOKsnmbXbrP7zTmv/5kCoFHIqhflcA6Jt8vysA9E2h3xUA+i45YHnHwTu/yeYf7219AACA3hv/cOf7/7l9t9zafzFw5NmJYXC5/w+Dq3n/v9uRvE4W4FgpOAOAgffa9/8PlKYvVSEAAKDnRppTkitml/dGIpcrFiPONF8LUEjmFyvliYh4JyJ+N1p4XyM/2dwyObDPAAAAAAAAAAAAAAAAAAAAAAAAAAC0pGkSKQAAAHCsReT+mvyq9Sz/8dHzI3uvD5xI/jMa2StC7/7o1g/uzdTra5ON8n/ulNd/mJVf7scVDAAAABgIL/UC/+1++nY/HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB66cnj+7Pb02HG/fvnI2KsXfx8nGzOT0YhIk79K4n8ru2SiBjqQfzhxp8PtYufNKq1E7Jd/OEexN96sG/8GMu+hXbxT/cgPgyyh43jz409+1+6e432+18+4rn8q+p8/Iud499Qh/3/TJcx3nv081LH+A8i3su3P/5sx086xD/XZfyvf21zs9Oy9McR421/f5LnYpXqy6ul2sbmpcXlmYXyQnllamry6vS16SvTE6X5xUo5+9s2xnc/8oun+7X/VIf4Ywe0/3yX7f/fo3uPP9BKFtrFv3CuTfxf/yRb48X4uey375NZurF8fDu91UrvdvZnvz27X/vnOrT/oP//hS7bf/Er3/5Tl6sCAIegtrG5NFOplNeObaLRSz8C1RjMxI2jUY1OiW/19APTNG32HF/jc5I4Cl9LM9HvIxMAANBrz076+10TAAAAAAAAAAAAAAAAAAAAGFyH8TixvTG3dlJJLx6hDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQE/8PAAD//xaa2hE=")
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', <r2=>0x0, 0x7800, 0x8000, 0x1, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x3, 0x0, 0x0, 0x0, 0x0, @dev, @private=0x10000}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f00000001c0)={'syztnl1\x00', &(0x7f0000000000)={'ip_vti0\x00', r2, 0x8000, 0x8, 0x5058, 0x2, {{0x7, 0x4, 0x0, 0x3, 0x1c, 0x65, 0x0, 0x7, 0x2f, 0x0, @empty, @local, {[@ra={0x94, 0x4, 0x1}, @ra={0x94, 0x4}]}}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0xfffffffffffffdf0, 0x0, 0x0, 0x0, 0x4, 0x0, @local, @broadcast}}}})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r3}, 0x18)
statx(0xffffffffffffffff, 0x0, 0x2000, 0x400, 0x0)
sync()
open(&(0x7f0000000040)='./bus\x00', 0x4e142, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000000)={@in6={{0xa, 0x0, 0x9, @loopback}}, 0x0, 0x0, 0x46, 0x0, "2431d0edd9b36cb74d7df7671eacf04be3b08353efa3641776f56c7556fd3713097bd0072577bc6fefb4cdc9e94e420b0ea4fbc5b07a32056eff5e6c42784b46ddab72b1b8fc87f208ad6db80d8dfe25"}, 0xd8)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000220000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x61]}}, 0x0, 0x34}, 0x28)
socket$nl_netfilter(0x10, 0x3, 0xc)

1.206422659s ago: executing program 0 (id=1460):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x8, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x4c)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
r6 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x5, 0xfff3}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x8, 0x2, [@TCA_MATCHALL_ACT={0x4}]}}, @TCA_RATE={0x6, 0x5, {0xab, 0x8e}}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x0)

1.152815191s ago: executing program 2 (id=1461):
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x8000, 0x1)
lsetxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), &(0x7f00000000c0)=@md5={0x1, "1b2b61049ce4faef2c7c01ae398dc87e"}, 0x11, 0x2)
lsetxattr$security_capability(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140), &(0x7f0000000180)=@v2={0x2000000, [{0x7, 0x7}, {0x6, 0x4}]}, 0x14, 0x3)
lstat(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
getgroups(0x3, &(0x7f00000003c0)=[0xee00, <r2=>0xffffffffffffffff, 0xffffffffffffffff])
lstat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r3=>0x0, <r4=>0x0})
r5 = getegid()
lstat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, <r6=>0x0, <r7=>0x0})
lsetxattr$system_posix_acl(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000580)={{}, {}, [{0x2, 0x3, r0}, {0x2, 0x2, r1}], {0x4, 0x3}, [{0x8, 0x6, r2}, {0x8, 0x6, r4}, {0x8, 0x6, r5}, {0x8, 0x0, 0xffffffffffffffff}, {}, {0x8, 0xa, r7}], {0x10, 0x1}, {0x20, 0x5}}, 0x64, 0x1)
r8 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000680)={0x1, 0x58, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0}}, 0x10)
setsockopt$RDS_GET_MR_FOR_DEST(r8, 0x114, 0x7, &(0x7f0000000800)={@can={0x1d, r9}, {&(0x7f00000006c0)=""/201, 0xc9}, &(0x7f00000007c0), 0x20}, 0xa0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000ac0)={0x2, <r10=>0x0}, 0x8)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x1b, 0x22, &(0x7f00000008c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffffc}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r8}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @tail_call={{0x18, 0x2, 0x1, 0x0, r8}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r8}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @btf_id={0x18, 0x0, 0x3, 0x0, 0x3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000a00)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41100, 0x28, '\x00', r9, @fallback=0x14, r8, 0x8, &(0x7f0000000a40)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000a80)={0x3, 0x2, 0x4, 0x9}, 0x10, r10, r8, 0x5, 0x0, &(0x7f0000000b00)=[{0x2, 0x3, 0xc, 0x3}, {0x4, 0x5, 0xf, 0x7}, {0x3, 0x1, 0x4, 0x8}, {0x2, 0x2, 0x3, 0x7}, {0x4, 0x3, 0x3, 0xa}], 0x10, 0xfffffff9}, 0x94)
r12 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000c40)={0x1b, 0x0, 0x0, 0x4, 0x0, r8, 0x8, '\x00', r9, 0xffffffffffffffff, 0x3, 0x3, 0x4}, 0x50)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r8, 0xc018937e, &(0x7f0000000f80)={{0x1, 0x1, 0x18, <r13=>r11, {0x2}}, './file0/file0\x00'})
r14 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001040)={0x18, 0x1e, &(0x7f0000000cc0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x401}, [@btf_id={0x18, 0x5, 0x3, 0x0, 0x1}, @tail_call={{0x18, 0x2, 0x1, 0x0, r8}}, @jmp={0x5, 0x1, 0x3, 0x4, 0x7, 0x18, 0x8}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffff8}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @btf_id={0x18, 0x3, 0x3, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @exit, @map_val={0x18, 0x7, 0x2, 0x0, r12}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r8}}]}, &(0x7f0000000dc0)='GPL\x00', 0x42e9, 0xc6, &(0x7f0000000e00)=""/198, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000f00)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000000f40)={0x5, 0x8, 0x4, 0xa5}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000fc0)=[r8, r13, r8, r8], &(0x7f0000001000)=[{0x5, 0x2, 0x2, 0x19190f68eabb875b}, {0x4, 0x5, 0xb, 0x3}, {0x3, 0x4, 0xb, 0x4}], 0x10, 0x8}, 0x94)
r15 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000001100), 0x0, 0x0)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r14, 0xc400941d, &(0x7f0000001140)={<r16=>0x0, 0x5, 0x200})
ioctl$BTRFS_IOC_GET_DEV_STATS(r15, 0xc4089434, &(0x7f0000001540)={r16, 0x4, 0x1, [0x7e6c1ac9, 0x2, 0xff, 0x7, 0x7ff], [0x5, 0x2, 0x3ff80000, 0x5, 0x200000000, 0x400000000000, 0xdca, 0xffffffffffffffff, 0x9ea2, 0x9, 0x9, 0xe, 0x9, 0xfffffffffffffffc, 0x7, 0xffff, 0x200, 0x8, 0x5, 0x6, 0x6221, 0x0, 0x0, 0xc0, 0x8, 0x80000001, 0x3, 0x5, 0x8d, 0x80000000, 0x2, 0x9, 0xffffffffffffffff, 0xffff, 0x10000, 0x6, 0xc, 0x5, 0x8230, 0x8001, 0x3, 0x3, 0x9, 0x7fffffff, 0x1000, 0xe6d, 0x1, 0x8, 0x8, 0x10000, 0x2, 0x8b, 0x5, 0x5b2, 0x7f48, 0x8, 0x3, 0x8000000000000000, 0x9065, 0x9, 0xffffffffffffffff, 0x9, 0x6c973e57, 0xf5, 0x4, 0xfffffffffffffff8, 0x200, 0x8, 0x8a5, 0x401, 0x5, 0x0, 0x0, 0x6, 0x2, 0xea23, 0x4, 0xe000000000000, 0x4, 0x4, 0x400, 0x0, 0x4, 0x400, 0x6, 0x7, 0xd, 0x7fffffffffffffff, 0x8, 0x100, 0xa01, 0x7, 0x6, 0x101, 0xdc, 0x960f, 0x80000000, 0x6, 0x6cedfb87, 0x40, 0x4, 0xff, 0x4, 0x7fffffff, 0x10, 0x4, 0x10001, 0x0, 0x1, 0x7, 0xff, 0x1c000000000, 0x10, 0x40, 0x3ff, 0xa, 0x6, 0x1, 0x8, 0x8001, 0x240000000]})
getresuid(&(0x7f0000001a00), &(0x7f0000001a40), &(0x7f0000001a80)=<r17=>0x0)
lsetxattr$system_posix_acl(&(0x7f0000001980)='./file0\x00', &(0x7f00000019c0)='system.posix_acl_default\x00', &(0x7f0000001ac0)={{}, {}, [{0x2, 0x4, r1}, {0x2, 0x5, r3}, {0x2, 0x3, r6}, {0x2, 0x5, r17}], {0x4, 0xb}, [{0x8, 0x0, r5}], {0x10, 0x6}, {0x20, 0x8}}, 0x4c, 0x1)
lgetxattr(&(0x7f0000001b40)='./file0/file0\x00', &(0x7f0000001b80)=@known='trusted.overlay.origin\x00', &(0x7f0000001bc0)=""/20, 0x14)
lchown(&(0x7f0000001c00)='./file0\x00', r3, r2)
r18 = openat$zero(0xffffffffffffff9c, &(0x7f0000001c40), 0x444002, 0x0)
write$cgroup_type(r18, &(0x7f0000001c80), 0x9)
creat(&(0x7f0000001cc0)='./file0/file0\x00', 0x10)
ioctl$RTC_ALM_READ(r8, 0x80247008, &(0x7f0000001d00))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d80)={&(0x7f0000001d40)='rpcgss_bad_seqno\x00', r15, 0x0, 0x8}, 0x18)

1.15222936s ago: executing program 1 (id=1462):
r0 = socket(0x1e, 0x805, 0x0)
connect$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{}, 0x2}}, 0x10)
connect$tipc(r0, &(0x7f0000000600)=@id={0x1e, 0x3, 0x3}, 0x10)
close(r0)

1.120976451s ago: executing program 2 (id=1463):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000014004000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r0}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

1.120287621s ago: executing program 1 (id=1464):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r4}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f00000001c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}]}, &(0x7f0000000300)='GPL\x00', 0x9, 0x1, &(0x7f0000000340)=""/1, 0x0, 0x3}, 0x94)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
r5 = openat2(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x450302, 0x0, 0x10}, 0x18)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000003c0)={'wg2\x00'})
sendmsg$TIPC_CMD_SHOW_PORTS(r5, 0x0, 0x220000a0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
fdatasync(r6)
memfd_create(0x0, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
exit(0x2)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r8 = open(&(0x7f0000000180)='./bus\x00', 0x14957e, 0x0)
readahead(r8, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f00000017c0)=[{{&(0x7f0000000380)={0xa, 0x4e21, 0x3c8, @private2, 0x9}, 0x1c, &(0x7f00000007c0)=[{&(0x7f0000000880)="f76b84d5c2c33f3ae0b423031a727e7ddb18d9558ef836c6f44f2629f30c1f9196e22e60e7b99d118e2c0ec0e5c8fd997923ed9c562ea35eb2007c436de6884d80f883e0e889230bb90ae6c5cce34109443692b56b7a0a003fccb1836701b710d697b01743ad931c223e37b4f93b9edb7b1103c9f25f49d018ef5c2b8bd370ef193f0200a4b44c0bd7ab638188934465b0a322b6db50ee732ff172310f4be6b19b90d00baf2104b918", 0xa9}, {&(0x7f0000000400)="1276febf3f3baa5dbcfaf8aa43f4b85347acfc34", 0x14}, {&(0x7f0000000440)="4487d218f361e08b247841455a3aaaedc7e1d60c2ebbda8a7d605feab18d81861d13", 0x22}], 0x3, &(0x7f0000000940)=[@hopopts_2292={{0xf8, 0x29, 0x36, {0x87, 0x1b, '\x00', [@generic={0x8, 0xdd, "81ea852d44e0481333238787df28db4cbbfe15d3e0ba136b9cc460134294f021a8992d7929711fb8a6237716c8a5f9224e6c4a44b80e723f2adbf15c0e5ef56621b2dc23b71c59aec0e6e651224980ee69e1ce1f7c2a6807af5ec40907f611b0917d1ee8eaad26df9f8ec3c3a7022fa907c4220f0a2886b5388617455c6686c788321fb5ebd77a355d45037d8bec3a8c5b091ad26bb2c48763e77697d28e2d24af9cb296cfa41c102930c77037394d2716922f146fe496886a6e9a89cc4c01267d05c34e4dd8f1a8831a44f10d6cecd8bdd171ceb7c8ae167a7d9f9fd8"}]}}}, @rthdrdstopts={{0x38, 0x29, 0x37, {0x87, 0x3, '\x00', [@enc_lim={0x4, 0x1, 0x6}, @enc_lim={0x4, 0x1, 0xa}, @ra={0x5, 0x2, 0xf1}, @calipso={0x7, 0x10, {0x1, 0x2, 0x6, 0x8, [0x9]}}, @enc_lim={0x4, 0x1, 0x8}]}}}], 0x130}}, {{0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000a80)="fb33ff218c63e1480b04f233f21444425af7a3d7ca119994705d46db6e8c9a84e09f3b707b5a28b745983a39b22e7ec5d0daa4bccb808dd3616779ec0310eb55268b068b5ae7bdf223d2c498fb47b0a7c948dfcaba50eb723241ec0420a55d7aa69d1935fb656ffc134838fd34a546cf6945a6441f23d9165f2e76d0a077ced669f11ae11a", 0x85}, {&(0x7f0000000800)}, {&(0x7f0000000b40)="d8994cd5e3dffa78bb17503069a6995c9b875d196e66", 0x16}, {&(0x7f0000000b80)="b35828555ee198d6e54e9841054ba010f994439f43fb0247148f84ff2b47ba00cc36a8d5c1cefa439b1e0693bca19f7d4684cf297d4d1fef8cae9b6379fd3dc4405dc25b302d9ed9d3f577081da7590d26eeb6bd5a85222e83819b15205406e475d901db41fa1c5845885dce541e7887f4a556422897286a74376f7fec48be85add640556ffbdba73a583e270567bc4f6d709f9d11b04b1791d7af59cb3881f9994d6b", 0xa3}, {&(0x7f0000000c40)="47c2ff373373dd06b3e1d715e6d3c5048cd804970c10bb0bdccfeb62e919ec5bb20bbdc7c8d4916f4313574ad1ba41cc56ab3c5e81372c77a49caa41d6b63a164ad07e605eb5288c3a9ad084beb92d86c27fe049aa9aede7f1896ba9ce4e529147827b26ecdd320d5c554cba1c4a6568091e8b1ed4b08762b127d782c663552ed27d7d71d5887db733f48c273fc3a82c80becbfe067c2a8f30cda2f52082c04df13bffb6df", 0xa5}, {&(0x7f0000000d00)}], 0x6}}, {{&(0x7f0000000800)={0xa, 0x4e20, 0xffffffff, @mcast1, 0xc}, 0x1c, &(0x7f0000001080)=[{&(0x7f0000000e00)="e0062ec1f2bc33aa72a9f9c2ca6fbf05fc6e2db0b04a457741e08f9092a0270e4a06d6372dd4d916fbc23982ea6da0e51576626ca64b12a929aa9aaddc113ed3eaee9c2fa7dd274045b95df1d7b7387fed49da67085fe2a7e085f65a7633362098574ba973ccdfbe6e800117527b0509d9ba245111d0347019822f1d3714371db3024ec92789123bc1a7d068445a", 0x8e}, {&(0x7f0000000ec0)="90f174e2ccb1abd9571c008f3e966727d8a1927a4c4258babcb730929e663ec4d2ed3ef62ea6d14ab1992691cbff73f44b483e7997994ed27735495abe05190ba1e1e577a24a481dd25ec71c1ce87999182446bdfa54eae314ad4dd30976f783fa7f695d32f9eeee774336750eef73a25b06c727c12e8d2964096c40a33c5de97552c29e0daaf6341a6ef58f007f1c413c8a8848449b788a96354729611255e0e4af02bdcf70929401d004afcd5a3f4f8f7cddad09d7293c520cdba7f869835b48bc114d2064", 0xc6}, {&(0x7f0000000fc0)="fc86880022adb75dc8c7afc7e5907e20db665551da7179d67e5010301c4d2f0d1d13c79d9397e08814f08a93cacdbd884b15dd6576028514de938af411efaa68603be718c92355d3a1ad80bf9c9d0dc370085b4249532ff0ad3201bd5f9aa28c76f8fce949a29d45091ab69acb50132167d33cdc9b7ed3520171cab33269d2913062d01d3de663b53bcfcc682cb6f2eb21b059639e64a085f6565319", 0x9c}], 0x3, &(0x7f00000010c0)=ANY=[@ANYBLOB="88000000000000002900000039000000040e010300000000ff020000000000000000000000000001fe8000000000000000000000000000aaff010000002100000000000000000001ff020000000000000000000000000001fc010000000000000000000000000000fc000000000000000000000000000000fe8800000000000000000000000000011400000000000000290000000b0000000000000300000000400000000000000029000000370000000004000000000000040109c204000002ff040109000100000100c91000000000000000000000ffffe00000020000000014000000000000002900000008000000008000000000000014000000000000002900000034ff7f00000000000000000014000000000000002900000034000000c200000000000000"], 0x128}}, {{&(0x7f0000001200)={0xa, 0x4e20, 0x4, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x6}, 0x1c, &(0x7f0000001400)=[{&(0x7f0000001240)="7dd66760d837c840836c87fe9de117e33ef61bfe573527271c3860f042448670b23557a8085a38f31f98b76c303baa0c62677c23041de73b9262e1aa7a9921ffe17ccd1ba4a3c87401f2235dc1971beaea0ae888285885873f2b7ce88ad742a0e148b5f74873bc53efdb0476542a1e9b7e13050d0eecb0eeefcbc53d411870a296720a5d5c30f1b01c1cecd40496a03572e0a4830adb6c6465bb7fb82eb65c1c17aa8832e9b3836f9edb6da93dd469209b17f8", 0xb3}, {&(0x7f0000001300)="b84a2bfad597f6675c588e6ab39c7cc75baf5d33196e13ad5372e69f19", 0x1d}, {0x0}], 0x3, &(0x7f0000001440)=[@dstopts={{0x48, 0x29, 0x37, {0x33, 0x5, '\x00', [@calipso={0x7, 0x28, {0x0, 0x8, 0x9, 0x9, [0x8, 0xce, 0x2, 0xffffffffffffe30c]}}, @ra={0x5, 0x2, 0x3}]}}}, @rthdrdstopts={{0x110, 0x29, 0x37, {0x1d, 0x1f, '\x00', [@enc_lim={0x4, 0x1, 0x7f}, @jumbo={0xc2, 0x4, 0x7}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @generic={0x7, 0xd1, "31f3faf6af8e2017ecc6bc19219a401374b21336e15965fe95ed191407f69fbc8770e3c02ff9d745c3829526c16022084e5aeec746f3e50c88f577cc09a687fd86fc1c4ec61a32c10846e269e2f4edd8938f76832f79d182a5fbcbd9a015bc0496d266aa5c7aba9c0a4a745d1d3aa31e7e2728838e831301f8eed28e97708d8a9561a5d1b720a6fb6552235d32f3d44d8e156b0879fa7890777b6dd5806112c20e0d44b43f25e66552db561aec744f0b74faaad04cba3a9cc92ecd1c1d7bc9f9093746e84c1c1d706458747ccb19aafb40"}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x9}]}}}, @dstopts={{0xf0, 0x29, 0x37, {0x0, 0x1a, '\x00', [@ra={0x5, 0x2, 0x8000}, @generic={0x9, 0xcc, "db73fdf051e9b28d6ce3ed3f9a55c3334e08b94fec44703b1aab637689f3f5bf95b2cded489e83289941a3878ba129c35e6fa93410c90c552c761e49c0e7efabfe5dfc1515da975dabc033f420b5af94d40e767a34f907e3c0b1d6f52377fb5956581e41c2f742472d6d381b190c8eb77818d1117c847a4cfecc3d603b30a0d9ff63ac18cf32e6fafb56009abc78908ae49c4ce3a13693edbf60fa9793b18ea611ea1bab50cad83fc253831af6f1b706df4766f363e386fc1e895bc88d47bde9b559fd34ff002a523e90589d"}]}}}, @hopopts_2292={{0x80, 0x29, 0x36, {0x2f, 0xc, '\x00', [@calipso={0x7, 0x40, {0x1, 0xe, 0x0, 0x61b, [0xe, 0x5, 0x7, 0x6, 0x4, 0x8001, 0xfff]}}, @jumbo={0xc2, 0x4, 0x5}, @hao={0xc9, 0x10, @empty}, @jumbo={0xc2, 0x4, 0x1}, @pad1, @pad1]}}}, @dstopts_2292={{0x78, 0x29, 0x4, {0xff, 0xb, '\x00', [@calipso={0x7, 0x50, {0x0, 0x12, 0x9, 0x8, [0x6bae, 0x10, 0x2633, 0xb, 0xfffffffffffffffe, 0x4, 0x5, 0x9, 0x1]}}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}}}], 0x340}}], 0x4, 0x0)

1.115764621s ago: executing program 2 (id=1465):
r0 = socket$unix(0x1, 0x5, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001a000100000000000000477ddec34cf30a70f591000c953f53ff12a2c3608bb925f96b290c769735520a13826aa4950f6801b116cf50825642f983cf9d69e7ab33fdaaa5ea625bce4fa8c4036c78f4d6a80a82190fd8de6f19b6f6aed464bc91639717ff77ea"], 0x14}}, 0x0)
dup(r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ipvlan0\x00'})
r1 = socket(0x10, 0x3, 0x9)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x3}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB], 0x28}}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
unshare(0x40000000)

1.112763131s ago: executing program 0 (id=1466):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x76}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000680)='kfree\x00', r1}, 0x18)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$xdp(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)

1.033750902s ago: executing program 4 (id=1468):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r1 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x2}, 0x0, 0x0, r0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040))
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
fstat(r2, &(0x7f0000000280))
ioctl$KDGKBMODE(r2, 0x4bfa, &(0x7f0000000080))
add_key(&(0x7f0000000340)='dns_resolver\x00', &(0x7f0000000540)={'syz', 0x1}, &(0x7f0000000580)="fb9c", 0xfffff, r1)
keyctl$read(0xb, r0, &(0x7f0000000300)=""/35, 0x23)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv6_getaddrlabel={0x30, 0x4a, 0x19, 0x70bd2c, 0x25dfdbfb, {0xa, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, [@IFAL_ADDRESS={0xff4b, 0x1, @local}]}, 0x30}, 0x1, 0x0, 0x0, 0x2004c0d0}, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r4, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970000303a00fc000018c6ba35000000000000000700ff020000000000000000000000000001"], 0xfdef)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000780)='mm_page_free\x00', r6}, 0x18)
accept4$nfc_llcp(0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000100)=0x60, 0x800)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
r9 = mq_open(&(0x7f0000000a00)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb\x00\x00\x00\x00\x00', 0x42, 0x1f0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000a00)={&(0x7f0000000840)=ANY=[@ANYBLOB="9feb010018000000000000001000000010000000070000000600000000000001000000000d000d02005f2e00cb00000ce1340ea4b819aaf4a53a4b3b4f0a240352394a83bd6fdda32e223881e9f26b07b4dcb0944917ea5592dfe3597ceb42d25c64a380829a89d4f067564124bae0844ff08efcb1cf31676085bff6c2aa5004fc810bae4c5c6ba319ee735c0c1de8fe522761823d3a28fe09639cb8760e8ec9a6f3c990fdf7bc218957fd5a2e398603fa995fb9cc0e3b941a9c1a4c737949d4c69245d56046bbc71da56c186b4242"], 0x0, 0x2f, 0x0, 0x1, 0x9}, 0x28)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', &(0x7f0000000cc0)=ANY=[@ANYBLOB="14"], &(0x7f0000002300), 0x200)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000803000021"], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES8=r5, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r10}, 0x18)
mq_timedsend(r9, 0x0, 0x0, 0x0, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')

985.351403ms ago: executing program 0 (id=1469):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4004110)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000000009000300737975320000000014"], 0x7c}, 0x1, 0x0, 0x0, 0x480d5}, 0x0)

852.427736ms ago: executing program 0 (id=1472):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
perf_event_open(&(0x7f00000004c0)={0x8, 0x80, 0x0, 0xf, 0x0, 0x0, 0x82, 0x200000000, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x9}, 0x18204, 0x0, 0x3, 0x0, 0x0, 0x5338c7af, 0x0, 0x0, 0x1, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 5)

637.732679ms ago: executing program 3 (id=1474):
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000200)=""/137, 0x9}, 0x20)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'bridge0\x00', 0x100})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x5, 0xd, 0x7, 0x0, 0x7fffffff, 0x7a5d4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xdfffffff, 0x1, @perf_bp={0x0, 0xe}, 0x101000, 0x7ff, 0x10000007, 0x0, 0xaf, 0x3, 0x34, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x409, 0xffffffffffffffff, 0x3)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f0, &(0x7f0000000080)) (fail_nth: 5)

553.55106ms ago: executing program 3 (id=1475):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000014004000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r0}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

552.46304ms ago: executing program 3 (id=1476):
r0 = socket(0x1e, 0x805, 0x0)
connect$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{}, 0x2}}, 0x10)
connect$tipc(r0, &(0x7f0000000600)=@id={0x1e, 0x3, 0x3}, 0x10)
close(r0)

516.013731ms ago: executing program 3 (id=1477):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x8, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x4c)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x8c, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0x5, 0xfff3}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x58, 0x2, [@TCA_MATCHALL_ACT={0x54, 0x2, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x6fe2}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0xb380, 0x4, 0x0, 0xd87, 0x6}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x10}, 0x0)

425.646373ms ago: executing program 3 (id=1478):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x1008a, &(0x7f00000000c0)={[{@nomblk_io_submit}, {@usrjquota, 0x22}, {@errors_continue}, {@noload}, {@mblk_io_submit}, {@grpjquota, 0x22}, {@errors_continue}, {@errors_remount}, {@jqfmt_vfsv1}]}, 0xfe, 0x455, &(0x7f0000000fc0)="$eJzs3M9PHFUcAPDv7rJQ2iJY649iq2g1En9AoT/swUuNJh40MdFDjScE2mC3xRRMbEMUPeDRNPFuPJr4F3ixXox6MvGqd2NCDBerpzWzO0O3sAssLGx1P59k4L19b/Ped2be7ts3OxtAxxpK/uQiDkbErxHRX83eWWGo+u/WysLk3ysLk7kol9/4M1ep99fKwmRWNXvegWqmXN6g3aW3IyZKpemraX50/vJ7o3PXrj83c3ni4vTF6SvjZ8+eOnms+8z46ZbE2Zf0dfDD2aNHXnnrxmuT52+88+PXSX8PpuW1cbTKUHXv1vVkqxtrs76adK6rjR2hKYWISA5XsTL++6MQvatl/fHyJ23tHLCryuV8uadx8WIZ+B9LJupAJ8re6JPPv9m2R1OPu8LyuVhdx7iVbtWSrsindYrpZ6TdMBQR5xf/+SLZYpfWIQAAat08FxHP1pv/5eOBmnr3pNeGBiLi3og4FBH3RcThiLg/olL3wYh4qMn2114hWT//KfdvK7AtSuZ/L6TXtu6c/2WzvxgopLm+SvzF3IWZ0vSJdJ8MR7EnyY9t0MZ3L/3yWaOy2vlfsiXtZ3PBtB9/dK1ZoJuamJ/YScy1lj+OGOyqF39udc6bzI+PRMTgNtuYefqro43KNo9/Ay2YlJe/jHiqevwXY038mVzD65Njz58ZPz26L0rTJ0azs2K9n35eer1R+zuKvwWWb5Zjf93zfzX+gdy+iLlr1y9VrtfONd/G0m+fNvxMs93zvzv3ZiXdnT72wcT8/NWxiO7cq+sfH7/93Cyf1U/O/+Hj9cf/obi9Jx6OiOQkPhYRj0TEo2nfH4uIxyPi+Abx//DiE+82H/8Gq/ItlMQ/tdnxj9rj33yicOn7b5qPP5Mc/1OV1HD6yFZe/7bawZ3sOwAAAPivyFe+A5/Lj6ym8/mRkep3+A/H/nxpdm7+mQuz71+Zqn5XfiCK+Wylq79mPXQsXRvO8uNr8ifTdePPC72V/MjkbGmq3cFDhzvQYPwnfi+0u3fArnO/FnQu4x86l/EPncv4h85l/EPnqjf+P2pDP4C9t8n7f+9e9QPYe+b/0LmMf+hcxj90pIb3xud3dMu/RJsS33bv7Lcatp6I/F0S8q4neiNiL9oqRjXRExE1RV1b/jGLbSZ66ha1+5UJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4NAAD//xwt370=")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
fstat(r0, &(0x7f0000001240))
syz_mount_image$ext4(&(0x7f0000000740)='ext3\x00', &(0x7f00000001c0)='./bus\x00', 0x240445, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpquota}, {@noquota}, {@quota}, {@noload}, {@noload}]}, 0x0, 0x50c, &(0x7f0000001440)="$eJzs3c9rHG0dAPDvbHZr06Zv8qoHfcH6o5W0aHeTxrbBQ60geiqo9V5jsgkhm2zIbtomFE3xDxBEVPCkFy+Cf4AgBS8eRSjoWVFRRFs9eNCO7O4kTdPdZNtus2n284HJPM8zM/t9ng0zO8/Mw0wAA+tjEXEjIp6maXoxIkaz8lw2xVZraqz35PH92caURJre+kcSSVa2/VlJNj+dbXYyIr76pYhvJC/GrW1sLs1UKuW1LF+qL6+WahublxaXZxbKC+WVqanJq9PXpq9MT/SknWci4voX/vL97/z0i9d/+em7f7z9twvfbFRrJFu+ux0vKb/fwlbTC83vYvcGa68Y7CjKN1uYGW63xtALJQ/ecJ0AAGivcY7//oj4RERcjNEY2v90FgAAAHgLpZ8bif8mEWl7JzqUAwAAAG+RXHMMbJIrZmMBRiKXKxZbY3g/GKdylWqt/qn56vrKXGus7FgUcvOLlfJENlZ4LApJIz/ZTD/LX96Tn4qIdyPie6PDzXxxtlqZ6/fFDwAAABgQp/f0//892ur/AwAAAMfMWL8rAAAAALxx+v8AAABw/On/AwAAwLH25Zs3G1O6/f7ruTsb60vVO5fmyrWl4vL6bHG2urZaXKhWF5rP7Fs+6PMq1erqZ2Jl/V6pXq7VS7WNzdvL1fWV+u3F516BDQAAAByidz/68PdJRGx9drg5NZzobtMuVwOOqvxOKsnmbXbrP7zTmv/5kCoFHIqhflcA6Jt8vysA9E2h3xUA+i45YHnHwTu/yeYf7219AACA3hv/cOf7/7l9t9zafzFw5NmJYXC5/w+Dq3n/v9uRvE4W4FgpOAOAgffa9/8PlKYvVSEAAKDnRppTkitml/dGIpcrFiPONF8LUEjmFyvliYh4JyJ+N1p4XyM/2dwyObDPAAAAAAAAAAAAAAAAAAAAAAAAAAC0pGkSKQAAAHCsReT+mvyq9Sz/8dHzI3uvD5xI/jMa2StC7/7o1g/uzdTra5ON8n/ulNd/mJVf7scVDAAAABgIL/UC/+1++nY/HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB66cnj+7Pb02HG/fvnI2KsXfx8nGzOT0YhIk79K4n8ru2SiBjqQfzhxp8PtYufNKq1E7Jd/OEexN96sG/8GMu+hXbxT/cgPgyyh43jz409+1+6e432+18+4rn8q+p8/Iud499Qh/3/TJcx3nv081LH+A8i3su3P/5sx086xD/XZfyvf21zs9Oy9McR421/f5LnYpXqy6ul2sbmpcXlmYXyQnllamry6vS16SvTE6X5xUo5+9s2xnc/8oun+7X/VIf4Ywe0/3yX7f/fo3uPP9BKFtrFv3CuTfxf/yRb48X4uey375NZurF8fDu91UrvdvZnvz27X/vnOrT/oP//hS7bf/Er3/5Tl6sCAIegtrG5NFOplNeObaLRSz8C1RjMxI2jUY1OiW/19APTNG32HF/jc5I4Cl9LM9HvIxMAANBrz076+10TAAAAAAAAAAAAAAAAAAAAGFyH8TixvTG3dlJJLx6hDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQE/8PAAD//xaa2hE=")
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', <r2=>0x0, 0x7800, 0x8000, 0x1, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x3, 0x0, 0x0, 0x0, 0x0, @dev, @private=0x10000}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f00000001c0)={'syztnl1\x00', &(0x7f0000000000)={'ip_vti0\x00', r2, 0x8000, 0x8, 0x5058, 0x2, {{0x7, 0x4, 0x0, 0x3, 0x1c, 0x65, 0x0, 0x7, 0x2f, 0x0, @empty, @local, {[@ra={0x94, 0x4, 0x1}, @ra={0x94, 0x4}]}}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0xfffffffffffffdf0, 0x0, 0x0, 0x0, 0x4, 0x0, @local, @broadcast}}}})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r3}, 0x18)
statx(0xffffffffffffffff, 0x0, 0x2000, 0x400, 0x0)
sync()
open(&(0x7f0000000040)='./bus\x00', 0x4e142, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000000)={@in6={{0xa, 0x0, 0x9, @loopback}}, 0x0, 0x0, 0x46, 0x0, "2431d0edd9b36cb74d7df7671eacf04be3b08353efa3641776f56c7556fd3713097bd0072577bc6fefb4cdc9e94e420b0ea4fbc5b07a32056eff5e6c42784b46ddab72b1b8fc87f208ad6db80d8dfe25"}, 0xd8)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000220000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x61]}}, 0x0, 0x34}, 0x28)
socket$nl_netfilter(0x10, 0x3, 0xc)

304.383364ms ago: executing program 4 (id=1479):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x76}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000680)='kfree\x00', r1}, 0x18)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$xdp(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)

272.127995ms ago: executing program 4 (id=1480):
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x7000000)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
r3 = epoll_create(0x3ff)
epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, 0xffffffffffffffff, &(0x7f0000000280)={0x2000000})
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x100000)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = syz_open_dev$loop(&(0x7f0000000140), 0x760, 0xa382)
r6 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x2)
pwritev(r6, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r5, 0x4c00, r6)
sendfile(r5, r5, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r5, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x3, 0x0, 0x11, 0x1, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e17bd5bba7663c435aff94793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d541", "07a9310978072a8b070006584a128d7469166ffbffffff19e7df4af14e1df82d", [0x1, 0x7]})
ioctl$LOOP_CHANGE_FD(r5, 0x4c06, r4)

159.815747ms ago: executing program 0 (id=1481):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000440)={0x58, 0x2, 0x6, 0x201, 0x0, 0x0, {0x6, 0x0, 0x2}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffffffc}]}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x58}}, 0x8000)

153.851627ms ago: executing program 1 (id=1482):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000008000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r2}, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000"], 0x50)
r4 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x8, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x408003, 0xaea}, 0x14105, 0x32, 0xfffffbff, 0x3, 0x1, 0x0, 0xfffa, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f00000001c0)='cpu<-0\t\t\t')
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000140)={0x100, <r7=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x7, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b7"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7, r6, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_procs(r8, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r9, &(0x7f00000000c0), 0x12)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x238, 0x0, 0x0, 0x40f00, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x203}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r11, 0x0, 0xffffffffffffffff}, 0x13)
r12 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r12, &(0x7f0000001200), 0x10)
close(r12)
write$UHID_CREATE2(r10, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r10, 0x0)
io_uring_enter(0xffffffffffffffff, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

133.319778ms ago: executing program 0 (id=1483):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
fstat(r0, &(0x7f0000001240))
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', <r2=>0x0, 0x7800, 0x8000, 0x1, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x3, 0x0, 0x0, 0x0, 0x0, @dev, @private=0x10000}}}})
getsockopt$inet_mtu(r1, 0x0, 0xa, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f00000001c0)={'syztnl1\x00', &(0x7f0000000000)={'ip_vti0\x00', r2, 0x8000, 0x8, 0x5058, 0x2, {{0x6, 0x4, 0x0, 0x3, 0x18, 0x65, 0x0, 0x7, 0x2f, 0x0, @empty, @local, {[@ra={0x94, 0x4, 0x1}]}}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f3, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r3}, 0x18)
statx(0xffffffffffffffff, 0x0, 0x2000, 0x400, 0x0)
sync()
open(&(0x7f0000000040)='./bus\x00', 0x4e142, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000000)={@in6={{0xa, 0x0, 0x9, @loopback}}, 0x0, 0x0, 0x46, 0x0, "2431d0edd9b36cb74d7df7671eacf04be3b08353efa3641776f56c7556fd3713097bd0072577bc6fefb4cdc9e94e420b0ea4fbc5b07a32056eff5e6c42784b46ddab72b1b8fc87f208ad6db80d8dfe25"}, 0xd8)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x61]}}, 0x0, 0x34}, 0x28)
socket$nl_netfilter(0x10, 0x3, 0xc)

25.150669ms ago: executing program 2 (id=1484):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001812", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x61680, 0x20, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000e40)="d8000000180081064a81f782da02b904021d080400007c09e8fe55a10a0015c0050014a603600e1208000f0000000401a00016009a00014004000000036010fab94dcf5c0461c1d6900094007134cf6ee080000190d0a2ac922353a606487ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00320db70103000040fad95667dc06dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x48084)
r2 = io_uring_setup(0x3454, &(0x7f0000000080)={0x0, 0xffffeffe, 0x400, 0x2})
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="800009e92208a1ce", 0xfdef, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x1c)
read(0xffffffffffffffff, &(0x7f0000000b00)=""/207, 0xcf)
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

847.049µs ago: executing program 1 (id=1485):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
fstat(r0, &(0x7f0000001240))
syz_mount_image$ext4(&(0x7f0000000740)='ext3\x00', &(0x7f00000001c0)='./bus\x00', 0x240445, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpquota}, {@noquota}, {@quota}, {@noload}, {@noload}]}, 0x0, 0x50c, &(0x7f0000001440)="$eJzs3c9rHG0dAPDvbHZr06Zv8qoHfcH6o5W0aHeTxrbBQ60geiqo9V5jsgkhm2zIbtomFE3xDxBEVPCkFy+Cf4AgBS8eRSjoWVFRRFs9eNCO7O4kTdPdZNtus2n284HJPM8zM/t9ng0zO8/Mw0wAA+tjEXEjIp6maXoxIkaz8lw2xVZraqz35PH92caURJre+kcSSVa2/VlJNj+dbXYyIr76pYhvJC/GrW1sLs1UKuW1LF+qL6+WahublxaXZxbKC+WVqanJq9PXpq9MT/SknWci4voX/vL97/z0i9d/+em7f7z9twvfbFRrJFu+ux0vKb/fwlbTC83vYvcGa68Y7CjKN1uYGW63xtALJQ/ecJ0AAGivcY7//oj4RERcjNEY2v90FgAAAHgLpZ8bif8mEWl7JzqUAwAAAG+RXHMMbJIrZmMBRiKXKxZbY3g/GKdylWqt/qn56vrKXGus7FgUcvOLlfJENlZ4LApJIz/ZTD/LX96Tn4qIdyPie6PDzXxxtlqZ6/fFDwAAABgQp/f0//892ur/AwAAAMfMWL8rAAAAALxx+v8AAABw/On/AwAAwLH25Zs3G1O6/f7ruTsb60vVO5fmyrWl4vL6bHG2urZaXKhWF5rP7Fs+6PMq1erqZ2Jl/V6pXq7VS7WNzdvL1fWV+u3F516BDQAAAByidz/68PdJRGx9drg5NZzobtMuVwOOqvxOKsnmbXbrP7zTmv/5kCoFHIqhflcA6Jt8vysA9E2h3xUA+i45YHnHwTu/yeYf7219AACA3hv/cOf7/7l9t9zafzFw5NmJYXC5/w+Dq3n/v9uRvE4W4FgpOAOAgffa9/8PlKYvVSEAAKDnRppTkitml/dGIpcrFiPONF8LUEjmFyvliYh4JyJ+N1p4XyM/2dwyObDPAAAAAAAAAAAAAAAAAAAAAAAAAAC0pGkSKQAAAHCsReT+mvyq9Sz/8dHzI3uvD5xI/jMa2StC7/7o1g/uzdTra5ON8n/ulNd/mJVf7scVDAAAABgIL/UC/+1++nY/HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB66cnj+7Pb02HG/fvnI2KsXfx8nGzOT0YhIk79K4n8ru2SiBjqQfzhxp8PtYufNKq1E7Jd/OEexN96sG/8GMu+hXbxT/cgPgyyh43jz409+1+6e432+18+4rn8q+p8/Iud499Qh/3/TJcx3nv081LH+A8i3su3P/5sx086xD/XZfyvf21zs9Oy9McR421/f5LnYpXqy6ul2sbmpcXlmYXyQnllamry6vS16SvTE6X5xUo5+9s2xnc/8oun+7X/VIf4Ywe0/3yX7f/fo3uPP9BKFtrFv3CuTfxf/yRb48X4uey375NZurF8fDu91UrvdvZnvz27X/vnOrT/oP//hS7bf/Er3/5Tl6sCAIegtrG5NFOplNeObaLRSz8C1RjMxI2jUY1OiW/19APTNG32HF/jc5I4Cl9LM9HvIxMAANBrz076+10TAAAAAAAAAAAAAAAAAAAAGFyH8TixvTG3dlJJLx6hDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQE/8PAAD//xaa2hE=")
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', <r2=>0x0, 0x7800, 0x8000, 0x1, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x3, 0x0, 0x0, 0x0, 0x0, @dev, @private=0x10000}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f00000001c0)={'syztnl1\x00', &(0x7f0000000000)={'ip_vti0\x00', r2, 0x8000, 0x8, 0x5058, 0x2, {{0x7, 0x4, 0x0, 0x3, 0x1c, 0x65, 0x0, 0x7, 0x2f, 0x0, @empty, @local, {[@ra={0x94, 0x4, 0x1}, @ra={0x94, 0x4}]}}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0xfffffffffffffdf0, 0x0, 0x0, 0x0, 0x4, 0x0, @local, @broadcast}}}})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r3}, 0x18)
sync()
open(&(0x7f0000000040)='./bus\x00', 0x4e142, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000000)={@in6={{0xa, 0x0, 0x9, @loopback}}, 0x0, 0x0, 0x46, 0x0, "2431d0edd9b36cb74d7df7671eacf04be3b08353efa3641776f56c7556fd3713097bd0072577bc6fefb4cdc9e94e420b0ea4fbc5b07a32056eff5e6c42784b46ddab72b1b8fc87f208ad6db80d8dfe25"}, 0xd8)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000220000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x61]}}, 0x0, 0x34}, 0x28)
socket$nl_netfilter(0x10, 0x3, 0xc)

0s ago: executing program 3 (id=1486):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000006c0)={0x1, &(0x7f0000000500)=[{0x6, 0x43, 0x0, 0x7fff0000}]})
r1 = socket(0x10, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffe7ffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=@newqdisc={0x14c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_bfifo={{0xa}, {0x8}}, @qdisc_kind_options=@q_netem={{0xa}, {0x108, 0x2, {{}, [@TCA_NETEM_RATE={0x14}, @TCA_NETEM_CORR={0x10}, @TCA_NETEM_SLOT={0x2c}, @TCA_NETEM_CORRUPT={0xc}, @TCA_NETEM_JITTER64={0xc}, @TCA_NETEM_LOSS={0x44, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18}, @NETEM_LOSS_GE={0x14}, @NETEM_LOSS_GE={0x14}]}, @TCA_NETEM_DELAY_DIST={0x3e, 0x2, "bb31dd582025a5bfe05b342a891035fe2abd168e2c8b8d284dcd49405a3da4233a46fc0f50f25bb2abef41f435190e7d58e97dac5d759d1138e8"}]}}}]}, 0x14c}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4b)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r6}, 0x18)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{}, &(0x7f0000000080), 0x0}, 0x20)
r7 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$selinux_validatetrans(r7, &(0x7f0000000180)=ANY=[@ANYBLOB='system_u:object_r:semanage_t system_u:object_r:fixed_disk_device_t:s0 00'], 0x79)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r5}, 0x10)
syz_open_dev$tty20(0xc, 0x4, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e23f992a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a9214a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a6683e941fdbdff03cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c99b6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109becb1b9bafcb2b47e940000000000e540d8b0db3774effb7469a21f96e2594b2973ebf7a1bd9ace2ed4d6eb1735f85885be5be74dc2ea5d7d499bd28271b98f187f5879b16b409a04d78175cc8d0f707c822805d7011ed4b22419186dd2b22aadf15828db2ca19d79e1bf2f7989237ee5cb2e1eb7b2bfc92d3aa95a26f060935c4fee8b2d7d0bf3c6d82d04329164bd4ee0b8060183f36762b0440d9082d7c8b06e4c2024f77e1018758d28e7ee290f32a48bfc2aa10b3dba9bff00d2410f3477a8e0df689c880dc9a677cfaa16603527c06625a3363744cea5f2d350224cc0fea76c72ca08507235c67346722f20690fde0790f040f5fd3eff75f9b291cc5e9c686ebaadbe756c6fa039ff441e427ed12578d5cb041ebf729cfaa575cc852fbdb54e60435e6d62b9d270433b220ed9ff1ff042b8d3d866231c460765"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x1f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="ffffffffffff0180c200000308060001080006040002aaaaaaaaaabbac1414bbaaaaaaaaaafbac"], 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r9, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)

kernel console output (not intermixed with test programs):

] batman_adv: batadv0: Removing interface: batadv_slave_1
[   93.147354][ T6292] pim6reg: entered allmulticast mode
[   93.152787][ T6295] pim6reg: left allmulticast mode
[   93.176085][ T6289] loop4: detected capacity change from 0 to 512
[   93.192958][ T6289] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   93.249920][ T6289] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.886: corrupted in-inode xattr: e_value size too large
[   93.292336][ T6289] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.886: couldn't read orphan inode 15 (err -117)
[   93.315892][ T6310] loop1: detected capacity change from 0 to 512
[   93.337288][ T6310] EXT4-fs: Ignoring removed nomblk_io_submit option
[   93.366932][ T6310] EXT4-fs: Ignoring removed mblk_io_submit option
[   93.370295][ T6245] syz.2.869 (6245) used greatest stack depth: 6784 bytes left
[   93.391334][ T6287] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.886: corrupted in-inode xattr: e_value size too large
[   93.410042][ T6310] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[   93.419736][ T6310] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[   93.462939][ T6310] EXT4-fs (loop1): 1 truncate cleaned up
[   93.484164][ T6289] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.886: corrupted in-inode xattr: e_value size too large
[   93.735702][ T6331] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #2: block 4: comm syz.1.892: lblock 0 mapped to illegal pblock 4 (length 1)
[   93.799578][   T29] kauditd_printk_skb: 147 callbacks suppressed
[   93.799593][   T29] audit: type=1326 audit(1751195116.538:3156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6309 comm="syz.1.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2d4e2e929 code=0x7ffc0000
[   93.833386][   T29] audit: type=1400 audit(1751195116.558:3157): avc:  denied  { nlmsg_read } for  pid=6332 comm="syz.0.899" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   93.853836][   T29] audit: type=1326 audit(1751195116.578:3158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6309 comm="syz.1.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2d4e2e929 code=0x7ffc0000
[   93.879673][   T29] audit: type=1326 audit(1751195116.628:3159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6309 comm="syz.1.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fd2d4e2e929 code=0x7ffc0000
[   93.884291][ T6331] EXT4-fs (loop1): Remounting filesystem read-only
[   93.903002][   T29] audit: type=1326 audit(1751195116.628:3160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6309 comm="syz.1.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2d4e2e929 code=0x7ffc0000
[   93.932818][   T29] audit: type=1326 audit(1751195116.628:3161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6309 comm="syz.1.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2d4e2e929 code=0x7ffc0000
[   93.957329][   T29] audit: type=1326 audit(1751195116.708:3162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6309 comm="syz.1.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd2d4e2e929 code=0x7ffc0000
[   93.980569][   T29] audit: type=1326 audit(1751195116.708:3163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6309 comm="syz.1.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2d4e2e929 code=0x7ffc0000
[   94.003894][   T29] audit: type=1326 audit(1751195116.708:3164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6309 comm="syz.1.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2d4e2e929 code=0x7ffc0000
[   94.031930][   T29] audit: type=1326 audit(1751195116.778:3165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6309 comm="syz.1.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fd2d4e2e929 code=0x7ffc0000
[   94.179865][ T6342] netlink: 20 bytes leftover after parsing attributes in process `syz.1.901'.
[   94.410923][ T6364] loop2: detected capacity change from 0 to 512
[   94.420719][ T6364] EXT4-fs: Ignoring removed nomblk_io_submit option
[   94.431715][ T6364] EXT4-fs: Ignoring removed mblk_io_submit option
[   94.450738][ T6365] FAULT_INJECTION: forcing a failure.
[   94.450738][ T6365] name failslab, interval 1, probability 0, space 0, times 0
[   94.463498][ T6365] CPU: 0 UID: 0 PID: 6365 Comm: syz.4.910 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   94.463572][ T6365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.463583][ T6365] Call Trace:
[   94.463588][ T6365]  <TASK>
[   94.463594][ T6365]  __dump_stack+0x1d/0x30
[   94.463631][ T6365]  dump_stack_lvl+0xe8/0x140
[   94.463692][ T6365]  dump_stack+0x15/0x1b
[   94.463711][ T6365]  should_fail_ex+0x265/0x280
[   94.463747][ T6365]  should_failslab+0x8c/0xb0
[   94.463770][ T6365]  __kmalloc_noprof+0xa5/0x3e0
[   94.463799][ T6365]  ? bpf_test_init+0xa9/0x160
[   94.463937][ T6365]  bpf_test_init+0xa9/0x160
[   94.464027][ T6365]  bpf_prog_test_run_xdp+0x274/0x910
[   94.464113][ T6365]  ? __rcu_read_unlock+0x4f/0x70
[   94.464144][ T6365]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   94.464182][ T6365]  bpf_prog_test_run+0x227/0x390
[   94.464214][ T6365]  __sys_bpf+0x3dc/0x790
[   94.464263][ T6365]  __x64_sys_bpf+0x41/0x50
[   94.464294][ T6365]  x64_sys_call+0x2478/0x2fb0
[   94.464318][ T6365]  do_syscall_64+0xd2/0x200
[   94.464342][ T6365]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   94.464372][ T6365]  ? clear_bhb_loop+0x40/0x90
[   94.464470][ T6365]  ? clear_bhb_loop+0x40/0x90
[   94.464495][ T6365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.464520][ T6365] RIP: 0033:0x7fba3474e929
[   94.464536][ T6365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.464556][ T6365] RSP: 002b:00007fba32db7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   94.464651][ T6365] RAX: ffffffffffffffda RBX: 00007fba34975fa0 RCX: 00007fba3474e929
[   94.464661][ T6365] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[   94.464671][ T6365] RBP: 00007fba32db7090 R08: 0000000000000000 R09: 0000000000000000
[   94.464681][ T6365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.464694][ T6365] R13: 0000000000000000 R14: 00007fba34975fa0 R15: 00007ffc66df8fc8
[   94.464715][ T6365]  </TASK>
[   94.528953][ T6371] lo speed is unknown, defaulting to 1000
[   94.690164][ T6364] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[   94.724765][ T6364] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[   94.743286][ T6377] random: crng reseeded on system resumption
[   94.749952][ T6364] EXT4-fs (loop2): 1 truncate cleaned up
[   94.833160][ T6377] netlink: 8 bytes leftover after parsing attributes in process `syz.0.915'.
[   94.869521][ T6364] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #2: block 4: comm syz.2.911: lblock 0 mapped to illegal pblock 4 (length 1)
[   94.900612][ T6364] EXT4-fs (loop2): Remounting filesystem read-only
[   94.957131][ T6393] loop2: detected capacity change from 0 to 512
[   94.977242][ T6393] EXT4-fs: Ignoring removed nomblk_io_submit option
[   94.989500][ T6393] EXT4-fs: Ignoring removed mblk_io_submit option
[   95.041089][ T6393] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[   95.050179][ T6393] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[   95.058939][ T6393] EXT4-fs (loop2): 1 truncate cleaned up
[   95.123576][ T6406] lo speed is unknown, defaulting to 1000
[   95.139864][ T6393] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #2: block 4: comm syz.2.920: lblock 0 mapped to illegal pblock 4 (length 1)
[   95.160870][ T6393] EXT4-fs (loop2): Remounting filesystem read-only
[   95.164077][ T6413] loop1: detected capacity change from 0 to 512
[   95.175305][ T6413] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   95.191306][ T6413] EXT4-fs (loop1): 1 truncate cleaned up
[   95.249351][ T6417] netlink: 20 bytes leftover after parsing attributes in process `syz.0.929'.
[   95.266060][ T6422] loop1: detected capacity change from 0 to 512
[   95.272721][ T6422] EXT4-fs: Ignoring removed nomblk_io_submit option
[   95.279431][ T6422] EXT4-fs: Ignoring removed mblk_io_submit option
[   95.291876][ T6422] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[   95.300171][ T6422] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[   95.316550][ T6420] SELinux: failed to load policy
[   95.322067][ T6422] EXT4-fs (loop1): 1 truncate cleaned up
[   95.368273][ T6422] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #2: block 4: comm syz.1.931: lblock 0 mapped to illegal pblock 4 (length 1)
[   95.395046][ T6422] EXT4-fs (loop1): Remounting filesystem read-only
[   95.529236][ T6445] loop2: detected capacity change from 0 to 512
[   95.537082][ T6445] EXT4-fs: Ignoring removed nomblk_io_submit option
[   95.544088][ T6445] EXT4-fs: Ignoring removed mblk_io_submit option
[   95.607621][ T6446] lo speed is unknown, defaulting to 1000
[   95.708759][ T6445] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[   95.750802][ T6445] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[   95.798082][ T6449] loop4: detected capacity change from 0 to 128
[   95.815822][ T6445] EXT4-fs (loop2): 1 truncate cleaned up
[   95.894471][ T6452] bio_check_eod: 102 callbacks suppressed
[   95.894554][ T6452] syz.4.941: attempt to access beyond end of device
[   95.894554][ T6452] loop4: rw=2049, sector=145, nr_sectors = 16 limit=128
[   96.027551][  T166] kworker/u8:5: attempt to access beyond end of device
[   96.027551][  T166] loop4: rw=1, sector=185, nr_sectors = 8 limit=128
[   96.075644][ T6445] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #2: block 4: comm syz.2.940: lblock 0 mapped to illegal pblock 4 (length 1)
[   96.158172][  T166] kworker/u8:5: attempt to access beyond end of device
[   96.158172][  T166] loop4: rw=1, sector=201, nr_sectors = 8 limit=128
[   96.171636][  T166] kworker/u8:5: attempt to access beyond end of device
[   96.171636][  T166] loop4: rw=1, sector=217, nr_sectors = 8 limit=128
[   96.185171][ T6445] EXT4-fs (loop2): Remounting filesystem read-only
[   96.192007][  T166] kworker/u8:5: attempt to access beyond end of device
[   96.192007][  T166] loop4: rw=1, sector=233, nr_sectors = 8 limit=128
[   96.205477][  T166] kworker/u8:5: attempt to access beyond end of device
[   96.205477][  T166] loop4: rw=1, sector=249, nr_sectors = 8 limit=128
[   96.219020][  T166] kworker/u8:5: attempt to access beyond end of device
[   96.219020][  T166] loop4: rw=1, sector=265, nr_sectors = 8 limit=128
[   96.234203][  T166] kworker/u8:5: attempt to access beyond end of device
[   96.234203][  T166] loop4: rw=1, sector=281, nr_sectors = 8 limit=128
[   96.274336][ T6452] syz.4.941: attempt to access beyond end of device
[   96.274336][ T6452] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128
[   96.291529][ T6452] syz.4.941: attempt to access beyond end of device
[   96.291529][ T6452] loop4: rw=2049, sector=313, nr_sectors = 8 limit=128
[   96.353783][ T6476] lo speed is unknown, defaulting to 1000
[   96.378127][ T6472] netlink: 20 bytes leftover after parsing attributes in process `syz.3.948'.
[   96.468056][ T6480] netlink: 4 bytes leftover after parsing attributes in process `syz.0.952'.
[   96.477353][ T6480] netlink: 'syz.0.952': attribute type 13 has an invalid length.
[   96.486501][ T6485] loop2: detected capacity change from 0 to 1024
[   96.576104][ T6491] loop1: detected capacity change from 0 to 8192
[   96.606059][ T6495] loop2: detected capacity change from 0 to 128
[   96.623038][ T6491]  loop1: p1 < > p3 p4 < >
[   96.627645][ T6491] loop1: partition table partially beyond EOD, truncated
[   96.640898][ T6491] loop1: p1 start 131074 is beyond EOD, truncated
[   96.647449][ T6491] loop1: p3 start 64768 is beyond EOD, truncated
[   96.663597][ T6498] loop4: detected capacity change from 0 to 128
[   96.675866][ T6480] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   96.714074][ T6498] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   96.729148][ T6480] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   96.744092][ T6498] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   96.846984][ T6480] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   96.856480][ T6480] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   96.865641][ T6480] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   96.874571][ T6480] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   97.005809][ T6503] lo speed is unknown, defaulting to 1000
[   97.274042][ T6507] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[   97.280596][ T6507] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   97.288212][ T6507] vhci_hcd vhci_hcd.0: Device attached
[   97.353481][ T6498] netlink: 8 bytes leftover after parsing attributes in process `syz.4.959'.
[   97.362304][ T6498] netlink: 12 bytes leftover after parsing attributes in process `syz.4.959'.
[   97.398128][ T6510] vhci_hcd: connection closed
[   97.483489][ T3387] vhci_hcd: vhci_device speed not set
[   97.593392][ T3387] usb 1-1: new full-speed USB device number 2 using vhci_hcd
[   97.655911][ T6511] vhci_hcd: sendmsg failed!, ret=-32 for 48
[   97.709403][ T3323] vhci_hcd: stop threads
[   97.712663][ T6513] FAULT_INJECTION: forcing a failure.
[   97.712663][ T6513] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   97.713685][ T3323] vhci_hcd: release socket
[   97.726935][ T6513] CPU: 1 UID: 0 PID: 6513 Comm: syz.1.965 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   97.726968][ T6513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   97.726984][ T6513] Call Trace:
[   97.726992][ T6513]  <TASK>
[   97.727001][ T6513]  __dump_stack+0x1d/0x30
[   97.727027][ T6513]  dump_stack_lvl+0xe8/0x140
[   97.727091][ T6513]  dump_stack+0x15/0x1b
[   97.727112][ T6513]  should_fail_ex+0x265/0x280
[   97.727221][ T6513]  should_fail_alloc_page+0xf2/0x100
[   97.727251][ T6513]  __alloc_frozen_pages_noprof+0xff/0x360
[   97.727296][ T6513]  alloc_pages_mpol+0xb3/0x250
[   97.727391][ T6513]  vma_alloc_folio_noprof+0x1aa/0x300
[   97.727431][ T6513]  handle_mm_fault+0xec2/0x2be0
[   97.727520][ T6513]  ? __rcu_read_unlock+0x4f/0x70
[   97.727558][ T6513]  do_user_addr_fault+0x3fe/0x1090
[   97.727604][ T6513]  exc_page_fault+0x62/0xa0
[   97.727638][ T6513]  asm_exc_page_fault+0x26/0x30
[   97.727700][ T6513] RIP: 0010:__put_user_8+0xd/0x20
[   97.727739][ T6513] Code: 89 01 31 c9 0f 01 ca e9 51 7d 01 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <48> 89 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90
[   97.727834][ T6513] RSP: 0018:ffffc90010643e60 EFLAGS: 00050206
[   97.727852][ T6513] RAX: 0000000000010000 RBX: 0000000000000000 RCX: 0000200000001000
[   97.727867][ T6513] RDX: 0000000000000294 RSI: 0000000000000000 RDI: ffff8881005f0c88
[   97.727882][ T6513] RBP: 0000000080081272 R08: 00018881005f0c8f R09: 0000000000000000
[   97.727897][ T6513] R10: 00000000c0481273 R11: 0000000000000000 R12: ffff888130aac240
[   97.727912][ T6513] R13: ffffffff81e11440 R14: ffff8881005f0c80 R15: 0000000000000001
[   97.727969][ T6513]  ? __pfx_blkdev_ioctl+0x10/0x10
[   97.728011][ T6513]  blkdev_ioctl+0xe8/0x440
[   97.728050][ T6513]  __se_sys_ioctl+0xcb/0x140
[   97.728131][ T6513]  __x64_sys_ioctl+0x43/0x50
[   97.728186][ T6513]  x64_sys_call+0x19a8/0x2fb0
[   97.728262][ T6513]  do_syscall_64+0xd2/0x200
[   97.728282][ T6513]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.728321][ T6513]  ? clear_bhb_loop+0x40/0x90
[   97.728346][ T6513]  ? clear_bhb_loop+0x40/0x90
[   97.728373][ T6513]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.728399][ T6513] RIP: 0033:0x7fd2d4e2e929
[   97.728418][ T6513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.728454][ T6513] RSP: 002b:00007fd2d3497038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   97.728476][ T6513] RAX: ffffffffffffffda RBX: 00007fd2d5055fa0 RCX: 00007fd2d4e2e929
[   97.728491][ T6513] RDX: 0000200000001000 RSI: 0000000080081272 RDI: 0000000000000003
[   97.728506][ T6513] RBP: 00007fd2d3497090 R08: 0000000000000000 R09: 0000000000000000
[   97.728588][ T6513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.728602][ T6513] R13: 0000000000000000 R14: 00007fd2d5055fa0 R15: 00007fff28b1ce38
[   97.728625][ T6513]  </TASK>
[   97.731560][   T12] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   97.743670][ T3323] vhci_hcd: disconnect device
[   98.103205][ T6528] loop1: detected capacity change from 0 to 128
[   98.162279][ T6535] loop4: detected capacity change from 0 to 512
[   98.207607][ T6535] EXT4-fs: Ignoring removed nomblk_io_submit option
[   98.220599][ T6535] EXT4-fs: Ignoring removed mblk_io_submit option
[   98.234942][ T6535] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[   98.287382][ T6535] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[   98.326150][ T6535] EXT4-fs (loop4): 1 truncate cleaned up
[   98.338150][ T6535] EXT4-fs mount: 66 callbacks suppressed
[   98.338161][ T6535] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.442701][ T6546] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[   98.465751][ T6546] loop3: detected capacity change from 0 to 512
[   98.494208][ T6546] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   98.502164][ T6546] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[   98.506672][ T6553] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #2: block 4: comm syz.4.972: lblock 0 mapped to illegal pblock 4 (length 1)
[   98.510774][ T6546] System zones: 0-1, 15-15, 18-18, 34-34
[   98.530999][ T6546] EXT4-fs (loop3): orphan cleanup on readonly fs
[   98.537563][ T6546] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   98.552131][ T6546] EXT4-fs (loop3): Cannot turn on quotas: error -22
[   98.555548][ T6553] EXT4-fs (loop4): Remounting filesystem read-only
[   98.566737][ T6546] EXT4-fs (loop3): 1 truncate cleaned up
[   98.573015][ T6546] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   98.651606][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.693989][ T6559] netlink: 4 bytes leftover after parsing attributes in process `syz.4.978'.
[   98.727338][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.823708][ T6562] SELinux: failed to load policy
[   98.841675][ T6566] loop2: detected capacity change from 0 to 512
[   98.841996][ T6566] EXT4-fs: Ignoring removed nomblk_io_submit option
[   98.842070][ T6566] EXT4-fs: Ignoring removed mblk_io_submit option
[   98.868771][ T6566] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[   98.868798][ T6566] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[   98.869245][ T6566] EXT4-fs (loop2): 1 truncate cleaned up
[   98.869751][ T6566] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.873015][   T29] kauditd_printk_skb: 442 callbacks suppressed
[   98.873029][   T29] audit: type=1326 audit(98.856:3607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6565 comm="syz.2.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6379de929 code=0x7ffc0000
[   98.873066][   T29] audit: type=1326 audit(98.856:3608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6565 comm="syz.2.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6379de929 code=0x7ffc0000
[   98.873352][   T29] audit: type=1326 audit(98.856:3609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6565 comm="syz.2.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6379de929 code=0x7ffc0000
[   98.874632][   T29] audit: type=1326 audit(98.866:3610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6565 comm="syz.2.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6379de929 code=0x7ffc0000
[   98.874746][   T29] audit: type=1326 audit(98.866:3611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6565 comm="syz.2.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6379de929 code=0x7ffc0000
[   98.874783][   T29] audit: type=1326 audit(98.866:3612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6565 comm="syz.2.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=5 compat=0 ip=0x7fd6379de929 code=0x7ffc0000
[   98.874816][   T29] audit: type=1326 audit(98.866:3613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6565 comm="syz.2.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6379de929 code=0x7ffc0000
[   98.874847][   T29] audit: type=1326 audit(98.866:3614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6565 comm="syz.2.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fd6379de929 code=0x7ffc0000
[   98.874897][   T29] audit: type=1326 audit(98.866:3615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6565 comm="syz.2.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd6379de963 code=0x7ffc0000
[   98.881599][   T29] audit: type=1326 audit(98.866:3616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6565 comm="syz.2.981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd6379dd3df code=0x7ffc0000
[   99.115532][ T6573] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #2: block 4: comm syz.2.981: lblock 0 mapped to illegal pblock 4 (length 1)
[   99.115689][ T6573] EXT4-fs (loop2): Remounting filesystem read-only
[   99.126883][ T6571] loop3: detected capacity change from 0 to 1024
[   99.195644][ T6571] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.260363][ T6586] netlink: 'syz.4.987': attribute type 10 has an invalid length.
[   99.269097][ T6586] geneve1: entered promiscuous mode
[   99.308006][ T6586] bond0: (slave geneve1): Enslaving as an active interface with an up link
[   99.542777][ T6588] netlink: 4 bytes leftover after parsing attributes in process `syz.0.988'.
[   99.552877][ T6588] netlink: 'syz.0.988': attribute type 13 has an invalid length.
[   99.674597][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.697395][ T6594] loop4: detected capacity change from 0 to 2048
[   99.711219][ T6596] netlink: 8 bytes leftover after parsing attributes in process `syz.2.991'.
[   99.722638][ T6596] netlink: 4 bytes leftover after parsing attributes in process `syz.2.991'.
[   99.731453][ T6596] netlink: 4 bytes leftover after parsing attributes in process `syz.2.991'.
[   99.740509][ T6596] netlink: 4 bytes leftover after parsing attributes in process `syz.2.991'.
[   99.762354][ T6596] netlink: 4 bytes leftover after parsing attributes in process `syz.2.991'.
[   99.762996][ T6594] Alternate GPT is invalid, using primary GPT.
[   99.771187][ T6596] netlink: 4 bytes leftover after parsing attributes in process `syz.2.991'.
[   99.777416][ T6594]  loop4: p1 p2 p3
[   99.794089][ T6596] netlink: 4 bytes leftover after parsing attributes in process `syz.2.991'.
[   99.843073][   T31] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 372: padding at end of block bitmap is not set
[   99.864313][   T31] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2035 with error 117
[   99.874852][ T6596] netlink: 4 bytes leftover after parsing attributes in process `syz.2.991'.
[   99.876929][   T31] EXT4-fs (loop3): This should not happen!! Data will be lost
[   99.876929][   T31] 
[   99.885699][ T6596] netlink: 4 bytes leftover after parsing attributes in process `syz.2.991'.
[   99.920805][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.027275][ T6625] loop2: detected capacity change from 0 to 512
[  100.033963][ T6625] EXT4-fs: Ignoring removed nomblk_io_submit option
[  100.040652][ T6625] EXT4-fs: Ignoring removed mblk_io_submit option
[  100.055119][ T6625] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  100.073296][ T6625] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  100.081747][ T6625] EXT4-fs (loop2): 1 truncate cleaned up
[  100.096211][ T6625] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.137155][ T6634] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11)
[  100.143815][ T6634] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  100.151503][ T6634] vhci_hcd vhci_hcd.0: Device attached
[  100.198320][ T6634] loop3: detected capacity change from 0 to 2048
[  100.228123][ T6625] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #2: block 4: comm syz.2.1002: lblock 0 mapped to illegal pblock 4 (length 1)
[  100.244033][ T6625] EXT4-fs (loop2): Remounting filesystem read-only
[  100.254171][ T6634] Alternate GPT is invalid, using primary GPT.
[  100.260609][ T6634]  loop3: p2 p3 p7
[  100.269643][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.299799][ T6635] vhci_hcd: connection closed
[  100.300228][  T166] vhci_hcd: stop threads
[  100.309212][  T166] vhci_hcd: release socket
[  100.313745][  T166] vhci_hcd: disconnect device
[  100.343438][ T3380] vhci_hcd: vhci_device speed not set
[  100.409227][ T6653] loop1: detected capacity change from 0 to 128
[  100.513069][ T6660] netlink: 'syz.1.1011': attribute type 13 has an invalid length.
[  100.541798][ T6660] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  100.557246][ T3394] lo speed is unknown, defaulting to 1000
[  100.948163][ T6667] loop1: detected capacity change from 0 to 512
[  100.975479][ T6671] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2064 sclass=netlink_route_socket pid=6671 comm=syz.4.1015
[  100.992507][ T6667] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  101.006602][ T6667] EXT4-fs (loop1): orphan cleanup on readonly fs
[  101.013289][ T6675] loop4: detected capacity change from 0 to 512
[  101.019796][ T6675] EXT4-fs: Ignoring removed nomblk_io_submit option
[  101.026647][ T6675] EXT4-fs: Ignoring removed mblk_io_submit option
[  101.028466][ T6667] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.1014: corrupted inode contents
[  101.066740][ T6675] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  101.084173][ T6667] EXT4-fs (loop1): Remounting filesystem read-only
[  101.090900][ T6667] EXT4-fs (loop1): 1 truncate cleaned up
[  101.096764][ T6675] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  101.105914][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  101.116525][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  101.116881][ T6675] EXT4-fs (loop4): 1 truncate cleaned up
[  101.127615][   T12] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  101.143314][ T6667] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  101.156333][ T6675] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.217885][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.284571][ T6690] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #2: block 4: comm syz.4.1016: lblock 0 mapped to illegal pblock 4 (length 1)
[  101.301815][ T6691] loop2: detected capacity change from 0 to 128
[  101.327191][ T6693] lo speed is unknown, defaulting to 1000
[  101.333064][ T6690] EXT4-fs (loop4): Remounting filesystem read-only
[  101.423926][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.542974][ T6722] loop1: detected capacity change from 0 to 512
[  101.549961][ T6710] lo speed is unknown, defaulting to 1000
[  101.588352][ T6722] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1031: Failed to acquire dquot type 1
[  101.629891][ T6738] loop3: detected capacity change from 0 to 128
[  101.645708][ T6742] loop2: detected capacity change from 0 to 512
[  101.652362][ T6722] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.1031: corrupted inode contents
[  101.665493][ T6742] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[  101.676378][ T6742] xt_hashlimit: max too large, truncated to 1048576
[  101.684041][ T6744] FAULT_INJECTION: forcing a failure.
[  101.684041][ T6744] name failslab, interval 1, probability 0, space 0, times 0
[  101.696850][ T6744] CPU: 1 UID: 0 PID: 6744 Comm: syz.4.1040 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  101.696879][ T6744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  101.696892][ T6744] Call Trace:
[  101.696898][ T6744]  <TASK>
[  101.696951][ T6744]  __dump_stack+0x1d/0x30
[  101.696975][ T6744]  dump_stack_lvl+0xe8/0x140
[  101.696996][ T6744]  dump_stack+0x15/0x1b
[  101.697080][ T6744]  should_fail_ex+0x265/0x280
[  101.697107][ T6744]  should_failslab+0x8c/0xb0
[  101.697129][ T6744]  __kvmalloc_node_noprof+0x123/0x4e0
[  101.697155][ T6744]  ? alloc_netdev_mqs+0x5ac/0xab0
[  101.697270][ T6744]  alloc_netdev_mqs+0x5ac/0xab0
[  101.697301][ T6744]  rtnl_create_link+0x239/0x710
[  101.697330][ T6744]  rtnl_newlink_create+0x14c/0x620
[  101.697461][ T6744]  ? security_capable+0x83/0x90
[  101.697485][ T6744]  ? netlink_ns_capable+0x86/0xa0
[  101.697514][ T6744]  rtnl_newlink+0xf29/0x12d0
[  101.697562][ T6744]  ? __pfx_packet_rcv+0x10/0x10
[  101.697580][ T6744]  ? __rcu_read_unlock+0x34/0x70
[  101.697598][ T6744]  ? __slab_free+0x77/0x270
[  101.697619][ T6744]  ? __rcu_read_unlock+0x4f/0x70
[  101.697642][ T6744]  ? avc_has_perm_noaudit+0x1b1/0x200
[  101.697752][ T6744]  ? selinux_capable+0x1f9/0x270
[  101.697785][ T6744]  ? security_capable+0x83/0x90
[  101.697807][ T6744]  ? ns_capable+0x7d/0xb0
[  101.697884][ T6744]  ? __pfx_rtnl_newlink+0x10/0x10
[  101.697950][ T6744]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  101.697978][ T6744]  netlink_rcv_skb+0x123/0x220
[  101.698006][ T6744]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  101.698038][ T6744]  rtnetlink_rcv+0x1c/0x30
[  101.698070][ T6744]  netlink_unicast+0x59e/0x670
[  101.698112][ T6744]  netlink_sendmsg+0x58b/0x6b0
[  101.698138][ T6744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  101.698154][ T6744]  __sock_sendmsg+0x145/0x180
[  101.698174][ T6744]  ____sys_sendmsg+0x31e/0x4e0
[  101.698213][ T6744]  ___sys_sendmsg+0x17b/0x1d0
[  101.698258][ T6744]  __x64_sys_sendmsg+0xd4/0x160
[  101.698293][ T6744]  x64_sys_call+0x2999/0x2fb0
[  101.698317][ T6744]  do_syscall_64+0xd2/0x200
[  101.698334][ T6744]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.698406][ T6744]  ? clear_bhb_loop+0x40/0x90
[  101.698423][ T6744]  ? clear_bhb_loop+0x40/0x90
[  101.698445][ T6744]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.698467][ T6744] RIP: 0033:0x7fba3474e929
[  101.698479][ T6744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.698656][ T6744] RSP: 002b:00007fba32db7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  101.698674][ T6744] RAX: ffffffffffffffda RBX: 00007fba34975fa0 RCX: 00007fba3474e929
[  101.698689][ T6744] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000007
[  101.698699][ T6744] RBP: 00007fba32db7090 R08: 0000000000000000 R09: 0000000000000000
[  101.698769][ T6744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  101.698781][ T6744] R13: 0000000000000000 R14: 00007fba34975fa0 R15: 00007ffc66df8fc8
[  101.698802][ T6744]  </TASK>
[  101.701048][ T6722] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #16: comm syz.1.1031: mark_inode_dirty error
[  102.006686][ T6722] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.1031: corrupted inode contents
[  102.019555][ T6722] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.1031: mark_inode_dirty error
[  102.031185][ T6722] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.1031: corrupted inode contents
[  102.043490][ T6722] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  102.066274][ T6722] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.1031: corrupted inode contents
[  102.080205][ T6722] EXT4-fs error (device loop1): ext4_truncate:4597: inode #16: comm syz.1.1031: mark_inode_dirty error
[  102.092724][ T6722] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  102.112962][ T6722] EXT4-fs (loop1): 1 truncate cleaned up
[  102.125246][ T6722] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.145553][ T6722] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.1031: iget: bad i_size value: 360287970189639690
[  102.209302][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.215664][ T6767] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  102.387514][ T6780] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  102.460099][ T6784] lo speed is unknown, defaulting to 1000
[  102.600851][ T6780] IPVS: Error connecting to the multicast addr
[  102.651198][ T6780] netlink: 'syz.0.1054': attribute type 27 has an invalid length.
[  102.678668][ T3387] usb 1-1: enqueue for inactive port 0
[  102.692957][ T6788] unsupported nla_type 65024
[  102.713041][ T6780] bridge0: left allmulticast mode
[  102.723133][ T3387] usb 1-1: enqueue for inactive port 0
[  102.841000][ T6801] loop2: detected capacity change from 0 to 1024
[  102.847580][ T3387] vhci_hcd: vhci_device speed not set
[  102.865887][ T6801] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.888191][ T6801] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  102.908491][ T6801] EXT4-fs (loop2): Remounting filesystem read-only
[  102.915087][ T6801] EXT4-fs (loop2): error restoring inline_data for inode -- potential data loss! (inode 15, error -30)
[  102.967733][ T6816] loop4: detected capacity change from 0 to 1024
[  102.996168][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.007257][ T6816] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.022784][ T6816] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: inode #11: comm syz.4.1068: missing EA_INODE flag
[  103.035378][ T6816] EXT4-fs (loop4): Remounting filesystem read-only
[  103.052533][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.682471][ T6837] lo speed is unknown, defaulting to 1000
[  103.944237][   T29] kauditd_printk_skb: 220 callbacks suppressed
[  103.944269][   T29] audit: type=1400 audit(103.896:3829): avc:  denied  { name_bind } for  pid=6832 comm="syz.3.1073" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  103.971148][   T29] audit: type=1400 audit(103.896:3830): avc:  denied  { node_bind } for  pid=6832 comm="syz.3.1073" saddr=::1 src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  104.023593][ T6842] loop1: detected capacity change from 0 to 1024
[  104.145470][ T6842] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.199324][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.252456][ T6855] loop1: detected capacity change from 0 to 512
[  104.272786][ T6855] journal_path: Lookup failure for './file0/../file0'
[  104.279605][ T6855] EXT4-fs: error: could not find journal device path
[  104.304475][   T29] audit: type=1400 audit(104.286:3831): avc:  denied  { relabelfrom } for  pid=6854 comm="syz.1.1080" name="NETLINK" dev="sockfs" ino=15761 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  104.328268][   T29] audit: type=1400 audit(104.286:3832): avc:  denied  { relabelto } for  pid=6854 comm="syz.1.1080" name="NETLINK" dev="sockfs" ino=15761 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=netlink_netfilter_socket permissive=1
[  104.352753][   T29] audit: type=1400 audit(104.286:3833): avc:  denied  { write } for  pid=6854 comm="syz.1.1080" path="socket:[15761]" dev="sockfs" ino=15761 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=sock_file permissive=1
[  104.415558][   T29] audit: type=1400 audit(104.396:3834): avc:  denied  { ioctl } for  pid=6862 comm="syz.4.1085" path="socket:[14675]" dev="sockfs" ino=14675 ioctlcmd=0x8905 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  104.439673][   T29] audit: type=1400 audit(104.396:3835): avc:  denied  { ioctl } for  pid=6862 comm="syz.4.1085" path="/dev/ppp" dev="devtmpfs" ino=139 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  104.463767][   T29] audit: type=1400 audit(104.396:3836): avc:  denied  { write } for  pid=6862 comm="syz.4.1085" name="ppp" dev="devtmpfs" ino=139 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  104.507010][   T29] audit: type=1400 audit(104.496:3837): avc:  denied  { connect } for  pid=6865 comm="syz.3.1086" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  104.526896][   T29] audit: type=1326 audit(104.496:3838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6865 comm="syz.3.1086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e27a3e929 code=0x7ffc0000
[  104.582798][ T6874] netlink: 'syz.2.1089': attribute type 3 has an invalid length.
[  104.590577][ T6874] __nla_validate_parse: 14 callbacks suppressed
[  104.590586][ T6874] netlink: 666 bytes leftover after parsing attributes in process `syz.2.1089'.
[  104.620923][ T6874] FAULT_INJECTION: forcing a failure.
[  104.620923][ T6874] name failslab, interval 1, probability 0, space 0, times 0
[  104.633730][ T6874] CPU: 0 UID: 0 PID: 6874 Comm: syz.2.1089 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  104.633810][ T6874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  104.633821][ T6874] Call Trace:
[  104.633826][ T6874]  <TASK>
[  104.633832][ T6874]  __dump_stack+0x1d/0x30
[  104.633853][ T6874]  dump_stack_lvl+0xe8/0x140
[  104.633874][ T6874]  dump_stack+0x15/0x1b
[  104.633970][ T6874]  should_fail_ex+0x265/0x280
[  104.634048][ T6874]  should_failslab+0x8c/0xb0
[  104.634095][ T6874]  kmem_cache_alloc_node_noprof+0x57/0x320
[  104.634121][ T6874]  ? __alloc_skb+0x101/0x320
[  104.634146][ T6874]  ? __rtnl_unlock+0x95/0xb0
[  104.634224][ T6874]  __alloc_skb+0x101/0x320
[  104.634249][ T6874]  netlink_ack+0xfd/0x500
[  104.634279][ T6874]  netlink_rcv_skb+0x192/0x220
[  104.634369][ T6874]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  104.634394][ T6874]  rtnetlink_rcv+0x1c/0x30
[  104.634411][ T6874]  netlink_unicast+0x59e/0x670
[  104.634514][ T6874]  netlink_sendmsg+0x58b/0x6b0
[  104.634532][ T6874]  ? __pfx_netlink_sendmsg+0x10/0x10
[  104.634548][ T6874]  __sock_sendmsg+0x145/0x180
[  104.634569][ T6874]  sock_write_iter+0x165/0x1b0
[  104.634591][ T6874]  ? __pfx_sock_write_iter+0x10/0x10
[  104.634627][ T6874]  vfs_write+0x49d/0x8e0
[  104.634701][ T6874]  ksys_write+0xda/0x1a0
[  104.634736][ T6874]  __x64_sys_write+0x40/0x50
[  104.634772][ T6874]  x64_sys_call+0x2cdd/0x2fb0
[  104.634855][ T6874]  do_syscall_64+0xd2/0x200
[  104.634870][ T6874]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  104.634896][ T6874]  ? clear_bhb_loop+0x40/0x90
[  104.634918][ T6874]  ? clear_bhb_loop+0x40/0x90
[  104.635005][ T6874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.635022][ T6874] RIP: 0033:0x7fd6379de929
[  104.635037][ T6874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.635055][ T6874] RSP: 002b:00007fd636047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  104.635075][ T6874] RAX: ffffffffffffffda RBX: 00007fd637c05fa0 RCX: 00007fd6379de929
[  104.635088][ T6874] RDX: 000000000000033a RSI: 0000200000000040 RDI: 0000000000000003
[  104.635131][ T6874] RBP: 00007fd636047090 R08: 0000000000000000 R09: 0000000000000000
[  104.635141][ T6874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.635151][ T6874] R13: 0000000000000000 R14: 00007fd637c05fa0 R15: 00007fff7c490b88
[  104.635198][ T6874]  </TASK>
[  104.897902][ T6880] loop2: detected capacity change from 0 to 1024
[  104.911382][ T6882] loop3: detected capacity change from 0 to 512
[  104.915459][ T6880] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.918456][ T6882] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  104.940560][ T6882] EXT4-fs (loop3): 1 truncate cleaned up
[  104.946784][ T6882] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.959883][ T6882] random: crng reseeded on system resumption
[  104.966539][ T6882] FAULT_INJECTION: forcing a failure.
[  104.966539][ T6882] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  104.968545][ T6878] lo speed is unknown, defaulting to 1000
[  104.979783][ T6882] CPU: 0 UID: 0 PID: 6882 Comm: syz.3.1093 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  104.979881][ T6882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  104.979896][ T6882] Call Trace:
[  104.979904][ T6882]  <TASK>
[  104.979912][ T6882]  __dump_stack+0x1d/0x30
[  104.979938][ T6882]  dump_stack_lvl+0xe8/0x140
[  104.979960][ T6882]  dump_stack+0x15/0x1b
[  104.979981][ T6882]  should_fail_ex+0x265/0x280
[  104.980078][ T6882]  should_fail_alloc_page+0xf2/0x100
[  104.980118][ T6882]  __alloc_frozen_pages_noprof+0xff/0x360
[  104.980204][ T6882]  alloc_pages_mpol+0xb3/0x250
[  104.980241][ T6882]  alloc_pages_noprof+0x90/0x130
[  104.980355][ T6882]  get_zeroed_page_noprof+0x1a/0x40
[  104.980432][ T6882]  get_image_page+0x2b/0x420
[  104.980466][ T6882]  memory_bm_create+0x520/0xd90
[  104.980502][ T6882]  create_basic_memory_bitmaps+0xa6/0x450
[  104.980537][ T6882]  snapshot_open+0x1b4/0x270
[  104.980605][ T6882]  ? __pfx_snapshot_open+0x10/0x10
[  104.980670][ T6882]  misc_open+0x1d3/0x200
[  104.980697][ T6882]  chrdev_open+0x2eb/0x3a0
[  104.980723][ T6882]  do_dentry_open+0x649/0xa20
[  104.980752][ T6882]  ? __pfx_chrdev_open+0x10/0x10
[  104.980808][ T6882]  vfs_open+0x37/0x1e0
[  104.980836][ T6882]  path_openat+0x1c5e/0x2170
[  104.980942][ T6882]  do_filp_open+0x109/0x230
[  104.980986][ T6882]  do_sys_openat2+0xa6/0x110
[  104.981020][ T6882]  __x64_sys_openat+0xf2/0x120
[  104.981053][ T6882]  x64_sys_call+0x1af/0x2fb0
[  104.981150][ T6882]  do_syscall_64+0xd2/0x200
[  104.981170][ T6882]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  104.981201][ T6882]  ? clear_bhb_loop+0x40/0x90
[  104.981240][ T6882]  ? clear_bhb_loop+0x40/0x90
[  104.981322][ T6882]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.981352][ T6882] RIP: 0033:0x7f5e27a3e929
[  104.981366][ T6882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.981380][ T6882] RSP: 002b:00007f5e260a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  104.981398][ T6882] RAX: ffffffffffffffda RBX: 00007f5e27c65fa0 RCX: 00007f5e27a3e929
[  104.981413][ T6882] RDX: 0000000000000481 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  104.981463][ T6882] RBP: 00007f5e260a7090 R08: 0000000000000000 R09: 0000000000000000
[  104.981478][ T6882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.981492][ T6882] R13: 0000000000000000 R14: 00007f5e27c65fa0 R15: 00007ffd961a4b58
[  104.981514][ T6882]  </TASK>
[  105.050625][ T6887] netlink: 'syz.1.1094': attribute type 21 has an invalid length.
[  105.091484][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.101901][ T6887] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1094'.
[  105.107680][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.161111][ T6887] tmpfs: Unknown parameter 'usrquota_inode_hardlimit'
[  105.295211][ T6899] FAULT_INJECTION: forcing a failure.
[  105.295211][ T6899] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  105.308548][ T6899] CPU: 1 UID: 0 PID: 6899 Comm: syz.1.1099 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  105.308578][ T6899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  105.308591][ T6899] Call Trace:
[  105.308598][ T6899]  <TASK>
[  105.308605][ T6899]  __dump_stack+0x1d/0x30
[  105.308629][ T6899]  dump_stack_lvl+0xe8/0x140
[  105.308730][ T6899]  dump_stack+0x15/0x1b
[  105.308800][ T6899]  should_fail_ex+0x265/0x280
[  105.308835][ T6899]  should_fail_alloc_page+0xf2/0x100
[  105.308905][ T6899]  __alloc_frozen_pages_noprof+0xff/0x360
[  105.308939][ T6899]  alloc_pages_mpol+0xb3/0x250
[  105.308971][ T6899]  vma_alloc_folio_noprof+0x1aa/0x300
[  105.309082][ T6899]  handle_mm_fault+0xec2/0x2be0
[  105.309109][ T6899]  ? mas_walk+0xf2/0x120
[  105.309149][ T6899]  do_user_addr_fault+0x636/0x1090
[  105.309207][ T6899]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  105.309241][ T6899]  exc_page_fault+0x62/0xa0
[  105.309300][ T6899]  asm_exc_page_fault+0x26/0x30
[  105.309321][ T6899] RIP: 0033:0x7fd2d4cf0ca3
[  105.309404][ T6899] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  105.309426][ T6899] RSP: 002b:00007fd2d34964a0 EFLAGS: 00010206
[  105.309480][ T6899] RAX: 000000000000c000 RBX: 00007fd2d3496540 RCX: 00007fd2cb077000
[  105.309490][ T6899] RDX: 00007fd2d34966e0 RSI: 0000000000000000 RDI: 00007fd2d34965e0
[  105.309500][ T6899] RBP: 00000000000000fa R08: 0000000000000007 R09: 000000000000003c
[  105.309510][ T6899] R10: 0000000000000050 R11: 00007fd2d3496540 R12: 0000000000000001
[  105.309522][ T6899] R13: 00007fd2d4ecc200 R14: 0000000000000005 R15: 00007fd2d34965e0
[  105.309542][ T6899]  </TASK>
[  105.309551][ T6899] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  105.491192][ T6899] loop1: detected capacity change from 0 to 512
[  105.504040][ T6899] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  105.525952][ T6899] EXT4-fs (loop1): orphan cleanup on readonly fs
[  105.549783][ T6899] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.1099: corrupted inode contents
[  105.567794][ T6899] EXT4-fs (loop1): Remounting filesystem read-only
[  105.576326][ T6899] EXT4-fs (loop1): 1 truncate cleaned up
[  105.582311][ T3323] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  105.592865][ T3323] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  105.616152][ T3323] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  105.641448][ T6899] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  105.702862][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.811527][ T6923] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1107'.
[  105.925561][ T6931] lo speed is unknown, defaulting to 1000
[  106.040755][ T6940] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1113'.
[  106.069323][ T6940] netlink: 'syz.2.1113': attribute type 13 has an invalid length.
[  106.111812][ T6940] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  106.136694][ T6941] lo speed is unknown, defaulting to 1000
[  106.338961][ T6960] lo speed is unknown, defaulting to 1000
[  106.692395][ T3475] hid (null): unknown global tag 0xc
[  106.698486][ T3475] hid (null): unknown global tag 0xd
[  106.705766][ T3475] hid-generic 0005:0001:80000000.0004: unknown main item tag 0x1
[  106.713576][ T3475] hid-generic 0005:0001:80000000.0004: ignoring exceeding usage max
[  106.724983][ T3475] hid-generic 0005:0001:80000000.0004: unknown global tag 0xc
[  106.732514][ T3475] hid-generic 0005:0001:80000000.0004: item 0 1 1 12 parsing failed
[  106.740923][ T3475] hid-generic 0005:0001:80000000.0004: probe with driver hid-generic failed with error -22
[  106.770593][ T6982] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1128'.
[  106.779877][ T6982] netlink: 'syz.1.1128': attribute type 13 has an invalid length.
[  106.843297][ T6982] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  106.859990][ T6984] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1126'.
[  107.013477][ T6997] netlink: 'syz.4.1131': attribute type 1 has an invalid length.
[  107.021255][ T6997] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1131'.
[  107.212196][ T7009] loop3: detected capacity change from 0 to 512
[  107.218896][ T7009] EXT4-fs: Ignoring removed nomblk_io_submit option
[  107.226894][ T7009] EXT4-fs: Ignoring removed mblk_io_submit option
[  107.252911][ T7009] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  107.261277][ T7009] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[  107.277077][ T7009] EXT4-fs (loop3): 1 truncate cleaned up
[  107.283185][ T7009] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.317399][ T7019] pim6reg: entered allmulticast mode
[  107.330903][ T7019] pim6reg: left allmulticast mode
[  107.369837][ T7009] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #2: block 4: comm syz.3.1136: lblock 0 mapped to illegal pblock 4 (length 1)
[  107.384361][ T7009] EXT4-fs (loop3): Remounting filesystem read-only
[  107.479115][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.549008][ T7025] lo speed is unknown, defaulting to 1000
[  107.580101][ T7032] netlink: 'syz.3.1142': attribute type 10 has an invalid length.
[  107.879501][ T7040] FAULT_INJECTION: forcing a failure.
[  107.879501][ T7040] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  107.892749][ T7040] CPU: 0 UID: 0 PID: 7040 Comm: syz.3.1146 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  107.892794][ T7040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  107.892808][ T7040] Call Trace:
[  107.892814][ T7040]  <TASK>
[  107.892820][ T7040]  __dump_stack+0x1d/0x30
[  107.892854][ T7040]  dump_stack_lvl+0xe8/0x140
[  107.892872][ T7040]  dump_stack+0x15/0x1b
[  107.892894][ T7040]  should_fail_ex+0x265/0x280
[  107.892999][ T7040]  should_fail+0xb/0x20
[  107.893058][ T7040]  should_fail_usercopy+0x1a/0x20
[  107.893118][ T7040]  _copy_from_iter+0xcf/0xe40
[  107.893147][ T7040]  ? __build_skb_around+0x1a0/0x200
[  107.893228][ T7040]  ? __alloc_skb+0x223/0x320
[  107.893265][ T7040]  netlink_sendmsg+0x471/0x6b0
[  107.893299][ T7040]  ? __pfx_netlink_sendmsg+0x10/0x10
[  107.893322][ T7040]  __sock_sendmsg+0x145/0x180
[  107.893373][ T7040]  ____sys_sendmsg+0x31e/0x4e0
[  107.893421][ T7040]  ___sys_sendmsg+0x17b/0x1d0
[  107.893540][ T7040]  __x64_sys_sendmsg+0xd4/0x160
[  107.893581][ T7040]  x64_sys_call+0x2999/0x2fb0
[  107.893600][ T7040]  do_syscall_64+0xd2/0x200
[  107.893614][ T7040]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  107.893650][ T7040]  ? clear_bhb_loop+0x40/0x90
[  107.893670][ T7040]  ? clear_bhb_loop+0x40/0x90
[  107.893693][ T7040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.893789][ T7040] RIP: 0033:0x7f5e27a3e929
[  107.893805][ T7040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.893824][ T7040] RSP: 002b:00007f5e260a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  107.893843][ T7040] RAX: ffffffffffffffda RBX: 00007f5e27c65fa0 RCX: 00007f5e27a3e929
[  107.893856][ T7040] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004
[  107.893869][ T7040] RBP: 00007f5e260a7090 R08: 0000000000000000 R09: 0000000000000000
[  107.893879][ T7040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.893932][ T7040] R13: 0000000000000000 R14: 00007f5e27c65fa0 R15: 00007ffd961a4b58
[  107.893952][ T7040]  </TASK>
[  108.123049][ T7042] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1147'.
[  108.132261][ T7042] 0�: renamed from hsr_slave_1 (while UP)
[  108.139808][ T7042] 0�: entered allmulticast mode
[  108.145596][ T7042] A link change request failed with some changes committed already. Interface 
c0� may have been left with an inconsistent configuration, please check.
[  108.219605][ T7044] lo speed is unknown, defaulting to 1000
[  108.431167][ T7052] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1151'.
[  108.520278][ T7054] netlink: 'syz.3.1151': attribute type 13 has an invalid length.
[  108.602429][ T7054] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  108.685073][ T7063] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  108.691765][ T7063] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  108.699471][ T7063] vhci_hcd vhci_hcd.0: Device attached
[  108.798259][ T7064] vhci_hcd: connection closed
[  108.798546][ T3656] vhci_hcd: stop threads
[  108.807587][ T3656] vhci_hcd: release socket
[  108.812027][ T3656] vhci_hcd: disconnect device
[  108.952962][ T7073] netlink: 'syz.0.1157': attribute type 10 has an invalid length.
[  108.992133][ T7075] FAULT_INJECTION: forcing a failure.
[  108.992133][ T7075] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  109.005444][ T7075] CPU: 1 UID: 0 PID: 7075 Comm: syz.4.1158 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  109.005474][ T7075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  109.005541][ T7075] Call Trace:
[  109.005546][ T7075]  <TASK>
[  109.005552][ T7075]  __dump_stack+0x1d/0x30
[  109.005571][ T7075]  dump_stack_lvl+0xe8/0x140
[  109.005592][ T7075]  dump_stack+0x15/0x1b
[  109.005610][ T7075]  should_fail_ex+0x265/0x280
[  109.005665][ T7075]  should_fail_alloc_page+0xf2/0x100
[  109.005695][ T7075]  __alloc_frozen_pages_noprof+0xff/0x360
[  109.005776][ T7075]  alloc_pages_mpol+0xb3/0x250
[  109.005810][ T7075]  folio_alloc_mpol_noprof+0x39/0x80
[  109.005837][ T7075]  shmem_get_folio_gfp+0x3cf/0xd60
[  109.005922][ T7075]  shmem_write_begin+0xa8/0x190
[  109.005959][ T7075]  generic_perform_write+0x184/0x490
[  109.005988][ T7075]  shmem_file_write_iter+0xc5/0xf0
[  109.006074][ T7075]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  109.006094][ T7075]  vfs_write+0x49d/0x8e0
[  109.006172][ T7075]  ksys_write+0xda/0x1a0
[  109.006206][ T7075]  __x64_sys_write+0x40/0x50
[  109.006242][ T7075]  x64_sys_call+0x2cdd/0x2fb0
[  109.006262][ T7075]  do_syscall_64+0xd2/0x200
[  109.006325][ T7075]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  109.006351][ T7075]  ? clear_bhb_loop+0x40/0x90
[  109.006387][ T7075]  ? clear_bhb_loop+0x40/0x90
[  109.006405][ T7075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.006468][ T7075] RIP: 0033:0x7fba3474e929
[  109.006480][ T7075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.006495][ T7075] RSP: 002b:00007fba32db7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  109.006514][ T7075] RAX: ffffffffffffffda RBX: 00007fba34975fa0 RCX: 00007fba3474e929
[  109.006591][ T7075] RDX: 0000000000040010 RSI: 0000200000000180 RDI: 0000000000000007
[  109.006604][ T7075] RBP: 00007fba32db7090 R08: 0000000000000000 R09: 0000000000000000
[  109.006617][ T7075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  109.006637][ T7075] R13: 0000000000000000 R14: 00007fba34975fa0 R15: 00007ffc66df8fc8
[  109.006658][ T7075]  </TASK>
[  109.007014][ T7073] geneve1: entered promiscuous mode
[  109.275569][ T7073] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.284377][ T7073] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.293123][ T7073] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.301835][ T7073] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.331012][ T7073] bond0: (slave geneve1): Enslaving as an active interface with an up link
[  109.418311][   T29] kauditd_printk_skb: 217 callbacks suppressed
[  109.418323][   T29] audit: type=1326 audit(109.406:4050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7072 comm="syz.0.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fee84e929 code=0x7ffc0000
[  109.447364][   T29] audit: type=1326 audit(109.406:4051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7072 comm="syz.0.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fee84e929 code=0x7ffc0000
[  109.479288][ T7083] lo speed is unknown, defaulting to 1000
[  109.515731][ T7085] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.1162' sets config #0
[  109.539348][   T29] audit: type=1326 audit(109.526:4052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7084 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2d4e2e929 code=0x7ffc0000
[  109.562157][   T29] audit: type=1326 audit(109.526:4053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7084 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2d4e2e929 code=0x7ffc0000
[  109.585673][   T29] audit: type=1326 audit(109.526:4054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7084 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fd2d4e2e929 code=0x7ffc0000
[  109.608498][   T29] audit: type=1326 audit(109.526:4055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7084 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2d4e2e929 code=0x7ffc0000
[  109.631316][   T29] audit: type=1326 audit(109.526:4056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7084 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7fd2d4e2e929 code=0x7ffc0000
[  109.666087][   T29] audit: type=1326 audit(109.636:4057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7084 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2d4e2e929 code=0x7ffc0000
[  109.688994][   T29] audit: type=1326 audit(109.636:4058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7084 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2d4e2e929 code=0x7ffc0000
[  109.711801][   T29] audit: type=1326 audit(109.636:4059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7084 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd2d4e2e929 code=0x7ffc0000
[  109.753580][ T7096] loop3: detected capacity change from 0 to 128
[  109.767213][ T7098] netlink: 'syz.0.1168': attribute type 10 has an invalid length.
[  109.775758][ T7098] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  109.784767][ T7098] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  109.793689][ T7098] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  109.802562][ T7098] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  109.850507][ T7100] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1169'.
[  109.871898][ T7103] FAULT_INJECTION: forcing a failure.
[  109.871898][ T7103] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  109.881447][ T7105] loop1: detected capacity change from 0 to 512
[  109.885282][ T7103] CPU: 0 UID: 0 PID: 7103 Comm: syz.2.1170 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  109.885321][ T7103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  109.885336][ T7103] Call Trace:
[  109.885343][ T7103]  <TASK>
[  109.885350][ T7103]  __dump_stack+0x1d/0x30
[  109.885380][ T7103]  dump_stack_lvl+0xe8/0x140
[  109.885415][ T7103]  dump_stack+0x15/0x1b
[  109.885435][ T7103]  should_fail_ex+0x265/0x280
[  109.885476][ T7103]  should_fail_alloc_page+0xf2/0x100
[  109.885506][ T7103]  __alloc_frozen_pages_noprof+0xff/0x360
[  109.885549][ T7103]  alloc_pages_mpol+0xb3/0x250
[  109.885587][ T7103]  alloc_pages_noprof+0x90/0x130
[  109.885655][ T7103]  pte_alloc_one+0x2d/0x120
[  109.885680][ T7103]  __pte_alloc+0x32/0x2b0
[  109.885714][ T7103]  ? mas_state_walk+0x574/0x650
[  109.885766][ T7103]  handle_mm_fault+0x1c16/0x2be0
[  109.885844][ T7103]  ? mas_walk+0xf2/0x120
[  109.885887][ T7103]  do_user_addr_fault+0x636/0x1090
[  109.885971][ T7103]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  109.886004][ T7103]  exc_page_fault+0x62/0xa0
[  109.886038][ T7103]  asm_exc_page_fault+0x26/0x30
[  109.886060][ T7103] RIP: 0033:0x7fd6378a0d46
[  109.886134][ T7103] Code: f0 72 6e 48 63 cd 48 01 c1 49 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 49 89 c1 49 29 f1 <47> 0f b6 0c 08 45 84 c9 74 08 45 88 0c 00 49 8b 47 10 48 83 c0 01
[  109.886155][ T7103] RSP: 002b:00007fd6360464a0 EFLAGS: 00010246
[  109.886212][ T7103] RAX: 0000000000000001 RBX: 00007fd636046540 RCX: 0000000000000101
[  109.886226][ T7103] RDX: 0000000000000070 RSI: 0000000000000001 RDI: 00007fd6360465e0
[  109.886240][ T7103] RBP: 0000000000000102 R08: 00007fd62dc27000 R09: 0000000000000000
[  109.886255][ T7103] R10: 0000000000000000 R11: 00007fd636046550 R12: 0000000000000001
[  109.886269][ T7103] R13: 00007fd637a7c200 R14: 0000000000000000 R15: 00007fd6360465e0
[  109.886293][ T7103]  </TASK>
[  109.886303][ T7103] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  109.891859][ T7105] EXT4-fs: Ignoring removed nomblk_io_submit option
[  109.914159][ T7103] loop2: detected capacity change from 0 to 512
[  109.927640][ T7105] EXT4-fs: Ignoring removed mblk_io_submit option
[  110.104662][ T7105] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  110.112785][ T7105] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[  110.122244][ T7105] EXT4-fs (loop1): 1 truncate cleaned up
[  110.128728][ T7105] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.268552][ T7117] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #2: block 4: comm syz.1.1171: lblock 0 mapped to illegal pblock 4 (length 1)
[  110.282991][ T7117] EXT4-fs (loop1): Remounting filesystem read-only
[  110.511708][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.637564][ T7137] lo speed is unknown, defaulting to 1000
[  110.687933][ T7137] lo speed is unknown, defaulting to 1000
[  110.702496][ T7147] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1186'.
[  110.768127][ T7153] netlink: 'syz.3.1189': attribute type 1 has an invalid length.
[  110.784722][ T7153] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1189'.
[  110.793740][ T7153] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1189'.
[  110.819950][ T7156] FAULT_INJECTION: forcing a failure.
[  110.819950][ T7156] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  110.833072][ T7156] CPU: 0 UID: 0 PID: 7156 Comm: syz.3.1190 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  110.833101][ T7156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  110.833115][ T7156] Call Trace:
[  110.833173][ T7156]  <TASK>
[  110.833178][ T7156]  __dump_stack+0x1d/0x30
[  110.833237][ T7156]  dump_stack_lvl+0xe8/0x140
[  110.833339][ T7156]  dump_stack+0x15/0x1b
[  110.833357][ T7156]  should_fail_ex+0x265/0x280
[  110.833419][ T7156]  should_fail+0xb/0x20
[  110.833516][ T7156]  should_fail_usercopy+0x1a/0x20
[  110.833541][ T7156]  _copy_from_user+0x1c/0xb0
[  110.833557][ T7156]  ethtool_set_per_queue+0x4c/0x100
[  110.833646][ T7156]  dev_ethtool+0x1531/0x1650
[  110.833661][ T7156]  ? full_name_hash+0x92/0xe0
[  110.833722][ T7156]  dev_ioctl+0x2e0/0x960
[  110.833815][ T7156]  sock_do_ioctl+0x197/0x220
[  110.833917][ T7156]  sock_ioctl+0x41b/0x610
[  110.833945][ T7156]  ? __pfx_sock_ioctl+0x10/0x10
[  110.834062][ T7156]  __se_sys_ioctl+0xcb/0x140
[  110.834084][ T7156]  __x64_sys_ioctl+0x43/0x50
[  110.834113][ T7156]  x64_sys_call+0x19a8/0x2fb0
[  110.834137][ T7156]  do_syscall_64+0xd2/0x200
[  110.834183][ T7156]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  110.834205][ T7156]  ? clear_bhb_loop+0x40/0x90
[  110.834221][ T7156]  ? clear_bhb_loop+0x40/0x90
[  110.834237][ T7156]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.834261][ T7156] RIP: 0033:0x7f5e27a3e929
[  110.834295][ T7156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.834313][ T7156] RSP: 002b:00007f5e260a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  110.834350][ T7156] RAX: ffffffffffffffda RBX: 00007f5e27c65fa0 RCX: 00007f5e27a3e929
[  110.834359][ T7156] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 000000000000001e
[  110.834368][ T7156] RBP: 00007f5e260a7090 R08: 0000000000000000 R09: 0000000000000000
[  110.834378][ T7156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.834386][ T7156] R13: 0000000000000000 R14: 00007f5e27c65fa0 R15: 00007ffd961a4b58
[  110.834401][ T7156]  </TASK>
[  111.112486][ T7159] loop3: detected capacity change from 0 to 1024
[  111.124608][ T7159] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.152938][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.502391][ T7188] FAULT_INJECTION: forcing a failure.
[  111.502391][ T7188] name failslab, interval 1, probability 0, space 0, times 0
[  111.515242][ T7188] CPU: 0 UID: 0 PID: 7188 Comm: syz.2.1199 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  111.515339][ T7188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  111.515353][ T7188] Call Trace:
[  111.515359][ T7188]  <TASK>
[  111.515365][ T7188]  __dump_stack+0x1d/0x30
[  111.515387][ T7188]  dump_stack_lvl+0xe8/0x140
[  111.515405][ T7188]  dump_stack+0x15/0x1b
[  111.515480][ T7188]  should_fail_ex+0x265/0x280
[  111.515508][ T7188]  ? nft_delchain+0x34/0x220
[  111.515527][ T7188]  should_failslab+0x8c/0xb0
[  111.515548][ T7188]  __kmalloc_cache_noprof+0x4c/0x320
[  111.515577][ T7188]  nft_delchain+0x34/0x220
[  111.515627][ T7188]  nft_flush_table+0x58d/0x790
[  111.515661][ T7188]  nf_tables_deltable+0x37f/0x8c0
[  111.515696][ T7188]  nfnetlink_rcv+0xb96/0x1690
[  111.515781][ T7188]  netlink_unicast+0x59e/0x670
[  111.515811][ T7188]  netlink_sendmsg+0x58b/0x6b0
[  111.515857][ T7188]  ? __pfx_netlink_sendmsg+0x10/0x10
[  111.515875][ T7188]  __sock_sendmsg+0x145/0x180
[  111.515899][ T7188]  ____sys_sendmsg+0x31e/0x4e0
[  111.515995][ T7188]  ___sys_sendmsg+0x17b/0x1d0
[  111.516039][ T7188]  __x64_sys_sendmsg+0xd4/0x160
[  111.516111][ T7188]  x64_sys_call+0x2999/0x2fb0
[  111.516130][ T7188]  do_syscall_64+0xd2/0x200
[  111.516190][ T7188]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  111.516214][ T7188]  ? clear_bhb_loop+0x40/0x90
[  111.516234][ T7188]  ? clear_bhb_loop+0x40/0x90
[  111.516253][ T7188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.516322][ T7188] RIP: 0033:0x7fd6379de929
[  111.516336][ T7188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.516395][ T7188] RSP: 002b:00007fd636047038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  111.516414][ T7188] RAX: ffffffffffffffda RBX: 00007fd637c05fa0 RCX: 00007fd6379de929
[  111.516478][ T7188] RDX: 0000000004000094 RSI: 0000200000000480 RDI: 0000000000000003
[  111.516491][ T7188] RBP: 00007fd636047090 R08: 0000000000000000 R09: 0000000000000000
[  111.516503][ T7188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.516516][ T7188] R13: 0000000000000000 R14: 00007fd637c05fa0 R15: 00007fff7c490b88
[  111.516533][ T7188]  </TASK>
[  111.769940][ T7190] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1200'.
[  111.779080][ T7190] netem: change failed
[  111.791501][ T7194] loop2: detected capacity change from 0 to 512
[  111.813356][ T7194] EXT4-fs: quotafile must be on filesystem root
[  111.818125][ T7192] lo speed is unknown, defaulting to 1000
[  111.830148][ T7194] FAULT_INJECTION: forcing a failure.
[  111.830148][ T7194] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  111.843535][ T7194] CPU: 1 UID: 0 PID: 7194 Comm: syz.2.1202 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  111.843609][ T7194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  111.843619][ T7194] Call Trace:
[  111.843624][ T7194]  <TASK>
[  111.843630][ T7194]  __dump_stack+0x1d/0x30
[  111.843647][ T7194]  dump_stack_lvl+0xe8/0x140
[  111.843666][ T7194]  dump_stack+0x15/0x1b
[  111.843683][ T7194]  should_fail_ex+0x265/0x280
[  111.843735][ T7194]  should_fail_alloc_page+0xf2/0x100
[  111.843763][ T7194]  __alloc_frozen_pages_noprof+0xff/0x360
[  111.843826][ T7194]  alloc_pages_mpol+0xb3/0x250
[  111.844004][ T7194]  vma_alloc_folio_noprof+0x1aa/0x300
[  111.844040][ T7194]  handle_mm_fault+0xec2/0x2be0
[  111.844057][ T7194]  ? __rcu_read_unlock+0x4f/0x70
[  111.844090][ T7194]  do_user_addr_fault+0x3fe/0x1090
[  111.844166][ T7194]  exc_page_fault+0x62/0xa0
[  111.844193][ T7194]  asm_exc_page_fault+0x26/0x30
[  111.844214][ T7194] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  111.844241][ T7194] Code: f1 01 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  111.844272][ T7194] RSP: 0018:ffffc90001177b50 EFLAGS: 00050206
[  111.844288][ T7194] RAX: ffff888104586c18 RBX: ffffc90001177ce0 RCX: 0000000000000e80
[  111.844301][ T7194] RDX: 0000000000000000 RSI: ffff888008e17180 RDI: 0000200000003000
[  111.844321][ T7194] RBP: 0000000000002b80 R08: 0000000000000a5e R09: 0000000000000000
[  111.844335][ T7194] R10: 0001888008e17000 R11: 0001888008e17fff R12: ffffc90001177cc8
[  111.844348][ T7194] R13: 0000000000001000 R14: 0000000000001000 R15: 0000000000001000
[  111.844366][ T7194]  _copy_to_iter+0x2d9/0xe30
[  111.844469][ T7194]  ? should_fail_ex+0xdb/0x280
[  111.844536][ T7194]  copy_page_to_iter+0x18f/0x2d0
[  111.844552][ T7194]  process_vm_rw+0x672/0x950
[  111.844602][ T7194]  ? __bpf_trace_sys_enter+0x10/0x30
[  111.844628][ T7194]  __x64_sys_process_vm_readv+0x78/0x90
[  111.844679][ T7194]  x64_sys_call+0x2978/0x2fb0
[  111.844697][ T7194]  do_syscall_64+0xd2/0x200
[  111.844715][ T7194]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  111.844769][ T7194]  ? clear_bhb_loop+0x40/0x90
[  111.844790][ T7194]  ? clear_bhb_loop+0x40/0x90
[  111.844808][ T7194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.844875][ T7194] RIP: 0033:0x7fd6379de929
[  111.844890][ T7194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.844927][ T7194] RSP: 002b:00007fd636047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[  111.844944][ T7194] RAX: ffffffffffffffda RBX: 00007fd637c05fa0 RCX: 00007fd6379de929
[  111.844956][ T7194] RDX: 0000000000000002 RSI: 0000200000008400 RDI: 0000000000000248
[  111.844968][ T7194] RBP: 00007fd636047090 R08: 0000000000000286 R09: 0000000000000000
[  111.845025][ T7194] R10: 0000200000008640 R11: 0000000000000246 R12: 0000000000000001
[  111.845034][ T7194] R13: 0000000000000000 R14: 00007fd637c05fa0 R15: 00007fff7c490b88
[  111.845120][ T7194]  </TASK>
[  112.155726][ T7198] loop4: detected capacity change from 0 to 512
[  112.163436][ T7197] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1203'.
[  112.173278][ T7197] netlink: 'syz.3.1203': attribute type 13 has an invalid length.
[  112.193555][ T7198] EXT4-fs: Ignoring removed nobh option
[  112.207000][ T7197] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  112.259098][ T7198] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84ec018, mo2=0002]
[  112.268814][ T7198] System zones: 0-2, 18-18, 34-34
[  112.278715][ T7198] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.329767][ T7198] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  112.455071][ T7216] lo speed is unknown, defaulting to 1000
[  112.467829][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.574117][ T7224] lo speed is unknown, defaulting to 1000
[  112.839566][ T7231] xt_CT: You must specify a L4 protocol and not use inversions on it
[  113.382198][ T7254] loop4: detected capacity change from 0 to 512
[  113.415047][ T7250] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1223'.
[  113.620748][ T7270] loop1: detected capacity change from 0 to 128
[  113.681816][ T3323] bio_check_eod: 11072 callbacks suppressed
[  113.681875][ T3323] kworker/u8:6: attempt to access beyond end of device
[  113.681875][ T3323] loop1: rw=1, sector=145, nr_sectors = 16 limit=128
[  113.714408][ T3323] kworker/u8:6: attempt to access beyond end of device
[  113.714408][ T3323] loop1: rw=1, sector=169, nr_sectors = 8 limit=128
[  113.728445][ T7270] syz.1.1231: attempt to access beyond end of device
[  113.728445][ T7270] loop1: rw=2049, sector=201, nr_sectors = 8 limit=128
[  113.742359][ T7270] syz.1.1231: attempt to access beyond end of device
[  113.742359][ T7270] loop1: rw=2049, sector=217, nr_sectors = 8 limit=128
[  113.757751][ T3323] kworker/u8:6: attempt to access beyond end of device
[  113.757751][ T3323] loop1: rw=1, sector=185, nr_sectors = 8 limit=128
[  113.771283][ T3323] kworker/u8:6: attempt to access beyond end of device
[  113.771283][ T3323] loop1: rw=1, sector=249, nr_sectors = 8 limit=128
[  113.787473][ T7270] syz.1.1231: attempt to access beyond end of device
[  113.787473][ T7270] loop1: rw=2049, sector=233, nr_sectors = 8 limit=128
[  113.801800][ T7270] syz.1.1231: attempt to access beyond end of device
[  113.801800][ T7270] loop1: rw=2049, sector=281, nr_sectors = 8 limit=128
[  113.802616][ T7287] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1237'.
[  113.816340][ T7270] syz.1.1231: attempt to access beyond end of device
[  113.816340][ T7270] loop1: rw=2049, sector=297, nr_sectors = 8 limit=128
[  113.838462][ T3323] kworker/u8:6: attempt to access beyond end of device
[  113.838462][ T3323] loop1: rw=1, sector=265, nr_sectors = 8 limit=128
[  113.879552][ T7296] netlink: 'syz.2.1239': attribute type 49 has an invalid length.
[  113.946631][ T7307] loop3: detected capacity change from 0 to 512
[  113.958654][ T7307] EXT4-fs (loop3): corrupt root inode, run e2fsck
[  113.964163][ T7310] loop2: detected capacity change from 0 to 512
[  113.971856][ T7307] EXT4-fs (loop3): mount failed
[  113.972368][ T7310] EXT4-fs: Ignoring removed mblk_io_submit option
[  113.987201][ T7310] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  114.007484][ T7310] EXT4-fs (loop2): 1 truncate cleaned up
[  114.014293][ T7310] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.029114][ T7310] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  114.051558][ T7310] bridge_slave_0: left allmulticast mode
[  114.057270][ T7310] bridge_slave_0: left promiscuous mode
[  114.062956][ T7310] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.074028][ T7310] bridge_slave_1: left allmulticast mode
[  114.079699][ T7310] bridge_slave_1: left promiscuous mode
[  114.085431][ T7310] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.101510][ T7310] bond0: (slave bond_slave_0): Releasing backup interface
[  114.111793][ T7310] bond0: (slave bond_slave_1): Releasing backup interface
[  114.131796][ T7310] team0: Port device team_slave_0 removed
[  114.139676][ T7310] team0: Port device team_slave_1 removed
[  114.146451][ T7310] batman_adv: batadv0: Removing interface: batadv_slave_0
[  114.155129][ T7310] batman_adv: batadv0: Removing interface: batadv_slave_1
[  114.174801][ T7318] lo speed is unknown, defaulting to 1000
[  114.192229][ T7321] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  114.212574][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.238574][ T7321] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  114.306473][ T7328] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1249'.
[  114.348216][ T7336] lo speed is unknown, defaulting to 1000
[  114.401324][ T7340] lo speed is unknown, defaulting to 1000
[  114.455203][ T7336] netlink: 'syz.2.1254': attribute type 10 has an invalid length.
[  114.466812][ T7336] ipvlan0: entered allmulticast mode
[  114.472192][ T7336] veth0_vlan: entered allmulticast mode
[  114.477884][   T29] kauditd_printk_skb: 350 callbacks suppressed
[  114.477896][   T29] audit: type=1400 audit(114.456:4410): avc:  denied  { setopt } for  pid=7351 comm="syz.4.1259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  114.485149][ T7352] loop4: detected capacity change from 0 to 1764
[  114.503539][ T7336] team0: Device ipvlan0 failed to register rx_handler
[  114.521063][   T29] audit: type=1326 audit(114.506:4411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7317 comm="syz.3.1247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e27a3e929 code=0x7ffc0000
[  114.543932][   T29] audit: type=1326 audit(114.506:4412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7317 comm="syz.3.1247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f5e27a3e929 code=0x7ffc0000
[  114.566652][   T29] audit: type=1326 audit(114.506:4413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7317 comm="syz.3.1247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e27a3e929 code=0x7ffc0000
[  114.589458][   T29] audit: type=1326 audit(114.506:4414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7317 comm="syz.3.1247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5e27a3d290 code=0x7ffc0000
[  114.612262][   T29] audit: type=1326 audit(114.506:4415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7317 comm="syz.3.1247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f5e27a40157 code=0x7ffc0000
[  114.613365][ T7357] loop1: detected capacity change from 0 to 512
[  114.635171][   T29] audit: type=1326 audit(114.506:4416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7317 comm="syz.3.1247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5e27a3e929 code=0x7ffc0000
[  114.643814][ T7357] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  114.664120][   T29] audit: type=1326 audit(114.506:4417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7317 comm="syz.3.1247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f5e27a40157 code=0x7ffc0000
[  114.676070][ T7357] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.1260: invalid block
[  114.695323][   T29] audit: type=1326 audit(114.506:4418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7317 comm="syz.3.1247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5e27a3d58a code=0x7ffc0000
[  114.707828][ T7357] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1260: invalid indirect mapped block 4294967295 (level 1)
[  114.729830][   T29] audit: type=1326 audit(114.506:4419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7317 comm="syz.3.1247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e27a3e929 code=0x7ffc0000
[  114.743892][ T7357] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1260: invalid indirect mapped block 4294967295 (level 1)
[  114.781050][ T7357] EXT4-fs (loop1): 2 truncates cleaned up
[  114.787951][ T7357] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.810807][ T7354] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1260: bg 0: block 5: invalid block bitmap
[  114.830430][ T7362] loop2: detected capacity change from 0 to 1024
[  114.847929][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.862464][ T7362] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.890721][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.981137][ T7378] Driver unsupported XDP return value 0 on prog  (id 1110) dev N/A, expect packet loss!
[  115.258300][ T7393] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1273'.
[  115.440448][ T7396] loop2: detected capacity change from 0 to 512
[  115.447230][ T7396] EXT4-fs: Ignoring removed nomblk_io_submit option
[  115.454292][ T7396] EXT4-fs: Ignoring removed mblk_io_submit option
[  115.462083][ T7396] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  115.471237][ T7396] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  115.480464][ T7396] EXT4-fs (loop2): 1 truncate cleaned up
[  115.487724][ T7396] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.570556][ T7400] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #2: block 4: comm syz.2.1274: lblock 0 mapped to illegal pblock 4 (length 1)
[  115.585931][ T7400] EXT4-fs (loop2): Remounting filesystem read-only
[  115.614773][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.649111][ T7404] loop2: detected capacity change from 0 to 1024
[  115.676291][ T7404] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.709356][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.760011][ T7413] loop2: detected capacity change from 0 to 128
[  116.263391][ T7427] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1284'.
[  116.272479][ T7427] netlink: 'syz.1.1284': attribute type 13 has an invalid length.
[  116.289422][ T7427] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  116.486221][ T7439] FAULT_INJECTION: forcing a failure.
[  116.486221][ T7439] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  116.499317][ T7439] CPU: 0 UID: 0 PID: 7439 Comm: syz.4.1290 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  116.499345][ T7439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  116.499356][ T7439] Call Trace:
[  116.499363][ T7439]  <TASK>
[  116.499438][ T7439]  __dump_stack+0x1d/0x30
[  116.499523][ T7439]  dump_stack_lvl+0xe8/0x140
[  116.499540][ T7439]  dump_stack+0x15/0x1b
[  116.499554][ T7439]  should_fail_ex+0x265/0x280
[  116.499619][ T7439]  should_fail+0xb/0x20
[  116.499649][ T7439]  should_fail_usercopy+0x1a/0x20
[  116.499686][ T7439]  _copy_to_user+0x20/0xa0
[  116.499752][ T7439]  simple_read_from_buffer+0xb5/0x130
[  116.499831][ T7439]  proc_fail_nth_read+0x100/0x140
[  116.499937][ T7439]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  116.499971][ T7439]  vfs_read+0x19d/0x6f0
[  116.500002][ T7439]  ? __rcu_read_unlock+0x4f/0x70
[  116.500026][ T7439]  ? __fget_files+0x184/0x1c0
[  116.500089][ T7439]  ksys_read+0xda/0x1a0
[  116.500117][ T7439]  __x64_sys_read+0x40/0x50
[  116.500207][ T7439]  x64_sys_call+0x2d77/0x2fb0
[  116.500279][ T7439]  do_syscall_64+0xd2/0x200
[  116.500298][ T7439]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  116.500376][ T7439]  ? clear_bhb_loop+0x40/0x90
[  116.500395][ T7439]  ? clear_bhb_loop+0x40/0x90
[  116.500420][ T7439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.500444][ T7439] RIP: 0033:0x7fba3474d33c
[  116.500493][ T7439] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  116.500513][ T7439] RSP: 002b:00007fba32db7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  116.500533][ T7439] RAX: ffffffffffffffda RBX: 00007fba34975fa0 RCX: 00007fba3474d33c
[  116.500547][ T7439] RDX: 000000000000000f RSI: 00007fba32db70a0 RDI: 0000000000000005
[  116.500560][ T7439] RBP: 00007fba32db7090 R08: 0000000000000000 R09: 0000000000000000
[  116.500574][ T7439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.500585][ T7439] R13: 0000000000000000 R14: 00007fba34975fa0 R15: 00007ffc66df8fc8
[  116.500635][ T7439]  </TASK>
[  116.831684][ T7450] FAULT_INJECTION: forcing a failure.
[  116.831684][ T7450] name failslab, interval 1, probability 0, space 0, times 0
[  116.845026][ T7450] CPU: 1 UID: 0 PID: 7450 Comm: syz.2.1295 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  116.845052][ T7450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  116.845063][ T7450] Call Trace:
[  116.845068][ T7450]  <TASK>
[  116.845074][ T7450]  __dump_stack+0x1d/0x30
[  116.845164][ T7450]  dump_stack_lvl+0xe8/0x140
[  116.845182][ T7450]  dump_stack+0x15/0x1b
[  116.845197][ T7450]  should_fail_ex+0x265/0x280
[  116.845226][ T7450]  should_failslab+0x8c/0xb0
[  116.845317][ T7450]  kmem_cache_alloc_noprof+0x50/0x310
[  116.845345][ T7450]  ? getname_flags+0x80/0x3b0
[  116.845369][ T7450]  getname_flags+0x80/0x3b0
[  116.845411][ T7450]  do_sys_openat2+0x60/0x110
[  116.845440][ T7450]  __x64_sys_openat+0xf2/0x120
[  116.845469][ T7450]  x64_sys_call+0x1af/0x2fb0
[  116.845508][ T7450]  do_syscall_64+0xd2/0x200
[  116.845526][ T7450]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  116.845603][ T7450]  ? clear_bhb_loop+0x40/0x90
[  116.845626][ T7450]  ? clear_bhb_loop+0x40/0x90
[  116.845649][ T7450]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.845716][ T7450] RIP: 0033:0x7fd6379de929
[  116.845731][ T7450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.845750][ T7450] RSP: 002b:00007fd636047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  116.845775][ T7450] RAX: ffffffffffffffda RBX: 00007fd637c05fa0 RCX: 00007fd6379de929
[  116.845786][ T7450] RDX: 0000000000000002 RSI: 0000200000000840 RDI: 0000000000000003
[  116.845803][ T7450] RBP: 00007fd636047090 R08: 0000000000000000 R09: 0000000000000000
[  116.845816][ T7450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.845871][ T7450] R13: 0000000000000000 R14: 00007fd637c05fa0 R15: 00007fff7c490b88
[  116.845893][ T7450]  </TASK>
[  116.847279][ T7452] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1296'.
[  116.952976][ T7454] netlink: 'syz.0.1296': attribute type 13 has an invalid length.
[  117.186405][ T7463] loop1: detected capacity change from 0 to 512
[  117.230563][ T7454] 8021q: adding VLAN 0 to HW filter on device bond0
[  117.233597][ T7463] EXT4-fs: Ignoring removed nomblk_io_submit option
[  117.242753][ T7454] 8021q: adding VLAN 0 to HW filter on device team0
[  117.244640][ T7463] EXT4-fs: Ignoring removed mblk_io_submit option
[  117.264345][ T7454] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  117.287991][ T7459] lo speed is unknown, defaulting to 1000
[  117.309361][ T7463] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  117.323288][ T7463] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[  117.342049][ T7463] EXT4-fs (loop1): 1 truncate cleaned up
[  117.379858][ T7463] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.394259][ T7467] netlink: 'syz.0.1301': attribute type 10 has an invalid length.
[  117.523363][ T7472] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #2: block 4: comm syz.1.1299: lblock 0 mapped to illegal pblock 4 (length 1)
[  117.546124][ T7472] EXT4-fs (loop1): Remounting filesystem read-only
[  117.658788][ T7474] lo speed is unknown, defaulting to 1000
[  118.036498][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.123288][ T7489] lo speed is unknown, defaulting to 1000
[  118.136798][ T7489] lo speed is unknown, defaulting to 1000
[  118.151791][ T7489] lo speed is unknown, defaulting to 1000
[  118.211406][ T7489] infiniband qyz2: RDMA CMA: cma_listen_on_dev, error -98
[  118.296037][ T7489] lo speed is unknown, defaulting to 1000
[  118.304159][ T7489] lo speed is unknown, defaulting to 1000
[  118.312254][ T7489] lo speed is unknown, defaulting to 1000
[  118.320005][ T7489] lo speed is unknown, defaulting to 1000
[  118.360998][ T7489] lo speed is unknown, defaulting to 1000
[  118.376352][ T7510] loop1: detected capacity change from 0 to 512
[  118.376655][ T7489] lo speed is unknown, defaulting to 1000
[  118.395201][ T7512] netlink: 'syz.4.1320': attribute type 298 has an invalid length.
[  118.402701][ T7504] loop2: detected capacity change from 0 to 512
[  118.432957][ T7510] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.436455][ T7516] loop4: detected capacity change from 0 to 512
[  118.453774][ T7516] EXT4-fs: Ignoring removed nomblk_io_submit option
[  118.460577][ T7516] EXT4-fs: Ignoring removed mblk_io_submit option
[  118.477699][ T7516] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  118.494030][ T7516] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  118.508105][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.519653][ T7504] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.532705][ T7516] EXT4-fs (loop4): 1 truncate cleaned up
[  118.545180][ T7516] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.593478][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.630023][ T7526] loop3: detected capacity change from 0 to 512
[  118.649312][ T7526] EXT4-fs: Ignoring removed nomblk_io_submit option
[  118.657253][ T7526] EXT4-fs: Ignoring removed mblk_io_submit option
[  118.666672][ T7526] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  118.675555][ T7526] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[  118.684042][ T7526] EXT4-fs (loop3): 1 truncate cleaned up
[  118.692925][ T7539] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #2: block 4: comm syz.4.1321: lblock 0 mapped to illegal pblock 4 (length 1)
[  118.700384][ T7526] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.720590][ T7539] EXT4-fs (loop4): Remounting filesystem read-only
[  118.724903][ T7533] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1326'.
[  118.754342][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.786023][ T7526] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #2: block 4: comm syz.3.1317: lblock 0 mapped to illegal pblock 4 (length 1)
[  118.816637][ T7526] EXT4-fs (loop3): Remounting filesystem read-only
[  118.891303][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.949691][ T7560] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1333'.
[  118.959324][ T7560] netlink: 'syz.1.1333': attribute type 13 has an invalid length.
[  118.988462][ T7556] netlink: 'syz.0.1332': attribute type 10 has an invalid length.
[  119.019107][ T7560] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  119.046348][ T7562] lo speed is unknown, defaulting to 1000
[  119.052655][ T7562] lo speed is unknown, defaulting to 1000
[  119.268692][ T7569] xt_hashlimit: max too large, truncated to 1048576
[  119.302655][ T7572] loop3: detected capacity change from 0 to 1024
[  119.334639][ T7572] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.365219][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.484806][ T7586] loop3: detected capacity change from 0 to 512
[  119.505515][ T7586] EXT4-fs: Ignoring removed nomblk_io_submit option
[  119.512694][ T7586] EXT4-fs: Ignoring removed mblk_io_submit option
[  119.524037][ T7586] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  119.566727][ T7586] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[  119.606417][ T7586] EXT4-fs (loop3): 1 truncate cleaned up
[  119.612443][ T7586] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.751416][   T29] kauditd_printk_skb: 328 callbacks suppressed
[  119.751430][   T29] audit: type=1326 audit(119.696:4748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7584 comm="syz.3.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e27a3e929 code=0x7ffc0000
[  119.780632][   T29] audit: type=1326 audit(119.696:4749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7584 comm="syz.3.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e27a3e929 code=0x7ffc0000
[  119.803449][   T29] audit: type=1326 audit(119.696:4750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7584 comm="syz.3.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e27a3e929 code=0x7ffc0000
[  119.826351][   T29] audit: type=1326 audit(119.696:4751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7584 comm="syz.3.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e27a3e929 code=0x7ffc0000
[  119.849248][   T29] audit: type=1326 audit(119.696:4752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7584 comm="syz.3.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e27a3e929 code=0x7ffc0000
[  119.872499][   T29] audit: type=1326 audit(119.696:4753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7584 comm="syz.3.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5e27a3e929 code=0x7ffc0000
[  119.888512][ T7603] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #2: block 4: comm syz.3.1342: lblock 0 mapped to illegal pblock 4 (length 1)
[  119.895379][   T29] audit: type=1326 audit(119.696:4754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7584 comm="syz.3.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5e27a3e963 code=0x7ffc0000
[  119.931949][   T29] audit: type=1326 audit(119.696:4755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7584 comm="syz.3.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5e27a3d3df code=0x7ffc0000
[  119.954677][   T29] audit: type=1326 audit(119.696:4756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7584 comm="syz.3.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f5e27a3e9b7 code=0x7ffc0000
[  119.960966][ T7603] EXT4-fs (loop3): Remounting filesystem read-only
[  119.977397][   T29] audit: type=1326 audit(119.696:4757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7584 comm="syz.3.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5e27a3d290 code=0x7ffc0000
[  120.041637][ T7609] pim6reg: entered allmulticast mode
[  120.048399][ T7609] pim6reg: left allmulticast mode
[  120.071716][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.073751][ T7605] lo speed is unknown, defaulting to 1000
[  120.086706][ T7605] lo speed is unknown, defaulting to 1000
[  120.595768][ T7629] FAULT_INJECTION: forcing a failure.
[  120.595768][ T7629] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  120.609213][ T7629] CPU: 0 UID: 0 PID: 7629 Comm: syz.0.1354 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  120.609243][ T7629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  120.609330][ T7629] Call Trace:
[  120.609336][ T7629]  <TASK>
[  120.609343][ T7629]  __dump_stack+0x1d/0x30
[  120.609465][ T7629]  dump_stack_lvl+0xe8/0x140
[  120.609485][ T7629]  dump_stack+0x15/0x1b
[  120.609574][ T7629]  should_fail_ex+0x265/0x280
[  120.609609][ T7629]  should_fail_alloc_page+0xf2/0x100
[  120.609630][ T7629]  __alloc_frozen_pages_noprof+0xff/0x360
[  120.609738][ T7629]  alloc_pages_mpol+0xb3/0x250
[  120.609767][ T7629]  alloc_pages_noprof+0x90/0x130
[  120.609801][ T7629]  __pud_alloc+0x47/0x4c0
[  120.609819][ T7629]  handle_mm_fault+0x1882/0x2be0
[  120.609921][ T7629]  ? check_vma_flags+0x26e/0x340
[  120.609948][ T7629]  __get_user_pages+0x1036/0x1fb0
[  120.609983][ T7629]  get_user_pages_remote+0x1dc/0x7a0
[  120.610056][ T7629]  get_arg_page+0x8e/0x1e0
[  120.610088][ T7629]  copy_string_kernel+0x134/0x340
[  120.610126][ T7629]  do_execveat_common+0x5ad/0x750
[  120.610166][ T7629]  __x64_sys_execve+0x5c/0x70
[  120.610208][ T7629]  x64_sys_call+0x13ab/0x2fb0
[  120.610226][ T7629]  do_syscall_64+0xd2/0x200
[  120.610249][ T7629]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  120.610279][ T7629]  ? clear_bhb_loop+0x40/0x90
[  120.610300][ T7629]  ? clear_bhb_loop+0x40/0x90
[  120.610316][ T7629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.610332][ T7629] RIP: 0033:0x7f7fee84e929
[  120.610344][ T7629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.610385][ T7629] RSP: 002b:00007f7feceb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  120.610398][ T7629] RAX: ffffffffffffffda RBX: 00007f7feea75fa0 RCX: 00007f7fee84e929
[  120.610407][ T7629] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180
[  120.610416][ T7629] RBP: 00007f7feceb7090 R08: 0000000000000000 R09: 0000000000000000
[  120.610458][ T7629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  120.610467][ T7629] R13: 0000000000000000 R14: 00007f7feea75fa0 R15: 00007ffd573359a8
[  120.610482][ T7629]  </TASK>
[  120.900683][ T7642] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1356'.
[  120.915844][ T7649] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1357'.
[  120.924751][ T7649] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1357'.
[  120.972738][ T7642] gretap0: entered promiscuous mode
[  120.998809][ T7662] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1356'.
[  121.047132][ T7642] ip6gretap0: vlans aren't supported yet for dev_uc|mc_add()
[  121.268599][ T7673] FAULT_INJECTION: forcing a failure.
[  121.268599][ T7673] name failslab, interval 1, probability 0, space 0, times 0
[  121.275491][ T7670] lo speed is unknown, defaulting to 1000
[  121.281296][ T7673] CPU: 0 UID: 0 PID: 7673 Comm: syz.3.1364 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  121.281332][ T7673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  121.281346][ T7673] Call Trace:
[  121.281386][ T7673]  <TASK>
[  121.281394][ T7673]  __dump_stack+0x1d/0x30
[  121.281435][ T7673]  dump_stack_lvl+0xe8/0x140
[  121.281459][ T7673]  dump_stack+0x15/0x1b
[  121.281477][ T7673]  should_fail_ex+0x265/0x280
[  121.281521][ T7673]  should_failslab+0x8c/0xb0
[  121.281676][ T7673]  kmem_cache_alloc_noprof+0x50/0x310
[  121.281761][ T7673]  ? alloc_empty_file+0x76/0x200
[  121.281793][ T7673]  alloc_empty_file+0x76/0x200
[  121.281828][ T7673]  alloc_file_pseudo+0xc6/0x160
[  121.281861][ T7673]  sock_alloc_file+0x9c/0x1e0
[  121.281890][ T7673]  __sys_socketpair+0x23d/0x430
[  121.281971][ T7673]  __x64_sys_socketpair+0x52/0x60
[  121.282108][ T7673]  x64_sys_call+0x23f2/0x2fb0
[  121.282133][ T7673]  do_syscall_64+0xd2/0x200
[  121.282154][ T7673]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  121.282186][ T7673]  ? clear_bhb_loop+0x40/0x90
[  121.282255][ T7673]  ? clear_bhb_loop+0x40/0x90
[  121.282280][ T7673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.282331][ T7673] RIP: 0033:0x7f5e27a3e929
[  121.282348][ T7673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.282369][ T7673] RSP: 002b:00007f5e260a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  121.282392][ T7673] RAX: ffffffffffffffda RBX: 00007f5e27c65fa0 RCX: 00007f5e27a3e929
[  121.282406][ T7673] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 000000000000001e
[  121.282420][ T7673] RBP: 00007f5e260a7090 R08: 0000000000000000 R09: 0000000000000000
[  121.282434][ T7673] R10: 0000200000000940 R11: 0000000000000246 R12: 0000000000000002
[  121.282488][ T7673] R13: 0000000000000000 R14: 00007f5e27c65fa0 R15: 00007ffd961a4b58
[  121.282511][ T7673]  </TASK>
[  121.465371][ T7680] pim6reg: entered allmulticast mode
[  121.487358][ T7670] lo speed is unknown, defaulting to 1000
[  121.490298][ T7679] loop1: detected capacity change from 0 to 512
[  121.512804][ T7680] pim6reg: left allmulticast mode
[  121.535701][ T7679] SELinux:  Context system_u:object_r:crond_var_run_t:s0 is not valid (left unmapped).
[  121.611443][ T7690] loop1: detected capacity change from 0 to 128
[  121.618004][ T7690] EXT4-fs: test_dummy_encryption option not supported
[  121.629670][ T7690] loop1: detected capacity change from 0 to 512
[  121.636806][ T7690] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  121.645901][ T7690] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  121.654909][ T7690] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  121.656954][ T7692] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1372'.
[  121.662941][ T7690] System zones: 0-2, 18-18, 34-34
[  121.677029][ T7688] loop4: detected capacity change from 0 to 1024
[  121.678022][ T7690] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.1371: iget: bad i_size value: 360287970189639680
[  121.694796][ T7688] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.697548][ T7690] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.1371: couldn't read orphan inode 15 (err -117)
[  121.720948][ T7690] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.852487][ T7690] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  121.860981][ T7690] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  122.233471][ T7710] lo speed is unknown, defaulting to 1000
[  122.239859][ T7710] lo speed is unknown, defaulting to 1000
[  122.428030][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.798333][ T7719] lo speed is unknown, defaulting to 1000
[  122.804710][ T7719] lo speed is unknown, defaulting to 1000
[  123.010122][ T7721] loop4: detected capacity change from 0 to 1024
[  123.034132][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.115970][ T7731] loop1: detected capacity change from 0 to 128
[  123.159722][ T7734] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1384'.
[  123.268716][ T7739] loop4: detected capacity change from 0 to 1024
[  123.352552][ T7747] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1389'.
[  123.372252][ T7747] veth0: entered promiscuous mode
[  123.382447][ T7751] netlink: 'syz.2.1391': attribute type 10 has an invalid length.
[  123.391357][ T7751] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  123.400199][ T7751] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  123.409075][ T7751] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  123.417903][ T7751] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  123.457723][ T7751] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  123.466788][ T7751] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  123.475797][ T7751] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  123.484689][ T7751] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  123.498268][ T7747] veth0: left promiscuous mode
[  123.637684][ T7768] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1396'.
[  123.647871][ T7770] FAULT_INJECTION: forcing a failure.
[  123.647871][ T7770] name failslab, interval 1, probability 0, space 0, times 0
[  123.660493][ T7770] CPU: 0 UID: 0 PID: 7770 Comm: syz.2.1397 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  123.660523][ T7770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  123.660536][ T7770] Call Trace:
[  123.660542][ T7770]  <TASK>
[  123.660550][ T7770]  __dump_stack+0x1d/0x30
[  123.660572][ T7770]  dump_stack_lvl+0xe8/0x140
[  123.660668][ T7770]  dump_stack+0x15/0x1b
[  123.660687][ T7770]  should_fail_ex+0x265/0x280
[  123.660722][ T7770]  should_failslab+0x8c/0xb0
[  123.660827][ T7770]  kmem_cache_alloc_noprof+0x50/0x310
[  123.660878][ T7770]  ? skb_clone+0x151/0x1f0
[  123.660896][ T7770]  skb_clone+0x151/0x1f0
[  123.660912][ T7770]  __netlink_deliver_tap+0x2c9/0x500
[  123.660945][ T7770]  netlink_unicast+0x64c/0x670
[  123.661043][ T7770]  netlink_sendmsg+0x58b/0x6b0
[  123.661068][ T7770]  ? __pfx_netlink_sendmsg+0x10/0x10
[  123.661089][ T7770]  __sock_sendmsg+0x145/0x180
[  123.661155][ T7770]  ____sys_sendmsg+0x31e/0x4e0
[  123.661246][ T7770]  ___sys_sendmsg+0x17b/0x1d0
[  123.661297][ T7770]  __x64_sys_sendmsg+0xd4/0x160
[  123.661332][ T7770]  x64_sys_call+0x2999/0x2fb0
[  123.661375][ T7770]  do_syscall_64+0xd2/0x200
[  123.661395][ T7770]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  123.661423][ T7770]  ? clear_bhb_loop+0x40/0x90
[  123.661446][ T7770]  ? clear_bhb_loop+0x40/0x90
[  123.661534][ T7770]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.661557][ T7770] RIP: 0033:0x7fd6379de929
[  123.661573][ T7770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.661641][ T7770] RSP: 002b:00007fd636047038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  123.661656][ T7770] RAX: ffffffffffffffda RBX: 00007fd637c05fa0 RCX: 00007fd6379de929
[  123.661687][ T7770] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000005
[  123.661700][ T7770] RBP: 00007fd636047090 R08: 0000000000000000 R09: 0000000000000000
[  123.661713][ T7770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.661725][ T7770] R13: 0000000000000000 R14: 00007fd637c05fa0 R15: 00007fff7c490b88
[  123.661742][ T7770]  </TASK>
[  123.929543][ T7778] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  123.929543][ T7778] �U�e�[���%#s'
[  124.004972][ T7783] loop3: detected capacity change from 0 to 1024
[  124.133149][ T7791] loop1: detected capacity change from 0 to 128
[  124.182503][ T7788] lo speed is unknown, defaulting to 1000
[  124.188817][ T7788] lo speed is unknown, defaulting to 1000
[  124.211808][ T7796] netlink: 'syz.2.1408': attribute type 10 has an invalid length.
[  124.225883][ T7796] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  124.233003][ T7798] random: crng reseeded on system resumption
[  124.234889][ T7796] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  124.249550][ T7796] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  124.258514][ T7796] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  124.273140][ T7798] loop4: detected capacity change from 0 to 4096
[  124.297304][ T7796] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  124.301037][ T3475] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x4
[  124.306216][ T7796] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  124.313899][ T3475] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x2
[  124.322761][ T7796] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  124.330824][ T3475] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0
[  124.339270][ T7796] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  124.347026][ T3475] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0
[  124.363585][ T3475] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0
[  124.371275][ T3475] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0
[  124.379081][ T3475] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0
[  124.386784][ T3475] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0
[  124.394475][ T3475] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0
[  124.402180][ T3475] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0
[  124.402383][ T7801] loop4: detected capacity change from 0 to 512
[  124.409850][ T3475] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0
[  124.409875][ T3475] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0
[  124.431537][ T3475] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0
[  124.439343][ T3475] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0
[  124.447096][ T3475] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0
[  124.454756][ T3475] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0
[  124.463523][ T3475] hid-generic 0000:3000000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  124.505344][ T7808] loop4: detected capacity change from 0 to 1024
[  124.512249][ T7808] EXT4-fs: Ignoring removed nobh option
[  124.518764][ T7808] EXT4-fs: Ignoring removed nobh option
[  124.524800][ T7808] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  124.534907][ T7808] EXT4-fs (loop4): filesystem has both journal inode and journal device!
[  124.647059][ T7818] loop4: detected capacity change from 0 to 512
[  124.672998][ T7818] EXT4-fs: Ignoring removed nomblk_io_submit option
[  124.682006][ T7818] EXT4-fs: Ignoring removed mblk_io_submit option
[  124.691598][ T7818] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  124.718025][ T7818] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  124.745732][ T7818] EXT4-fs (loop4): 1 truncate cleaned up
[  124.801455][   T29] kauditd_printk_skb: 100 callbacks suppressed
[  124.801470][   T29] audit: type=1400 audit(124.786:4858): avc:  denied  { read } for  pid=7830 comm="syz.3.1420" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  124.933838][ T7839] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #2: block 4: comm syz.4.1416: lblock 0 mapped to illegal pblock 4 (length 1)
[  124.960114][ T7839] EXT4-fs (loop4): Remounting filesystem read-only
[  124.966687][   T29] audit: type=1326 audit(124.946:4859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7836 comm="syz.0.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fee84e929 code=0x7ffc0000
[  124.966713][   T29] audit: type=1326 audit(124.946:4860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7836 comm="syz.0.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fee84e929 code=0x7ffc0000
[  124.966743][   T29] audit: type=1326 audit(124.946:4861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7836 comm="syz.0.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f7fee84e929 code=0x7ffc0000
[  124.966767][   T29] audit: type=1326 audit(124.946:4862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7836 comm="syz.0.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fee84e929 code=0x7ffc0000
[  125.057983][   T29] audit: type=1326 audit(124.946:4863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7836 comm="syz.0.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f7fee84e929 code=0x7ffc0000
[  125.064772][ T3475] IPVS: starting estimator thread 0...
[  125.080706][   T29] audit: type=1326 audit(124.946:4864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7836 comm="syz.0.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fee84e929 code=0x7ffc0000
[  125.080734][   T29] audit: type=1326 audit(124.946:4865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7836 comm="syz.0.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7fee84e929 code=0x7ffc0000
[  125.131732][   T29] audit: type=1326 audit(124.946:4866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7836 comm="syz.0.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fee84e929 code=0x7ffc0000
[  125.154606][   T29] audit: type=1326 audit(124.946:4867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7836 comm="syz.0.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7fee84e929 code=0x7ffc0000
[  125.173336][ T7847] IPVS: using max 2400 ests per chain, 120000 per kthread
[  125.252166][ T7848] lo speed is unknown, defaulting to 1000
[  125.258695][ T7848] lo speed is unknown, defaulting to 1000
[  125.598736][ T7865] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1431'.
[  125.758330][ T7879] loop2: detected capacity change from 0 to 512
[  125.765107][ T7879] EXT4-fs: Ignoring removed nomblk_io_submit option
[  125.771884][ T7879] EXT4-fs: Ignoring removed mblk_io_submit option
[  125.784411][ T7879] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  125.792603][ T7879] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  125.817212][ T7878] lo speed is unknown, defaulting to 1000
[  125.823370][ T7878] lo speed is unknown, defaulting to 1000
[  125.856767][ T7879] EXT4-fs (loop2): 1 truncate cleaned up
[  125.882482][ T7883] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1436'.
[  125.909137][ T7883] netlink: 'syz.4.1436': attribute type 13 has an invalid length.
[  125.966106][ T7883] 8021q: adding VLAN 0 to HW filter on device team0
[  125.983730][ T7883] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  126.038461][ T7879] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #2: block 4: comm syz.2.1435: lblock 0 mapped to illegal pblock 4 (length 1)
[  126.057480][ T7879] EXT4-fs (loop2): Remounting filesystem read-only
[  126.083851][ T7897] sctp: [Deprecated]: syz.1.1440 (pid 7897) Use of struct sctp_assoc_value in delayed_ack socket option.
[  126.083851][ T7897] Use struct sctp_sack_info instead
[  126.310153][ T7919] loop1: detected capacity change from 0 to 1024
[  126.349450][ T7924] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1450'.
[  126.407173][ T7927] netlink: 'syz.4.1450': attribute type 13 has an invalid length.
[  126.426342][ T7927] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  126.574946][ T7937] lo speed is unknown, defaulting to 1000
[  126.581198][ T7937] lo speed is unknown, defaulting to 1000
[  126.591288][ T7941] loop1: detected capacity change from 0 to 512
[  126.603796][ T7941] EXT4-fs: Ignoring removed nomblk_io_submit option
[  126.610838][ T7941] EXT4-fs: Ignoring removed mblk_io_submit option
[  126.634527][ T7941] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  126.643083][ T7941] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[  126.652450][ T7941] EXT4-fs (loop1): 1 truncate cleaned up
[  126.654590][ T7945] loop4: detected capacity change from 0 to 512
[  126.685209][ T7945] EXT4-fs: Ignoring removed nomblk_io_submit option
[  126.694271][ T7945] EXT4-fs: Ignoring removed mblk_io_submit option
[  126.704612][ T7945] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  126.717683][ T7945] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  126.727738][ T7945] EXT4-fs (loop4): 1 truncate cleaned up
[  126.761660][ T7952] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #2: block 4: comm syz.1.1457: lblock 0 mapped to illegal pblock 4 (length 1)
[  126.814210][ T7952] EXT4-fs (loop1): Remounting filesystem read-only
[  126.887442][ T7945] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #2: block 4: comm syz.4.1458: lblock 0 mapped to illegal pblock 4 (length 1)
[  126.906142][ T7945] EXT4-fs (loop4): Remounting filesystem read-only
[  126.927755][ T7966] loop1: detected capacity change from 0 to 128
[  127.090091][ T7973] lo speed is unknown, defaulting to 1000
[  127.096196][ T7973] lo speed is unknown, defaulting to 1000
[  127.146215][ T7979] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1468'.
[  127.162095][ T7987] FAULT_INJECTION: forcing a failure.
[  127.162095][ T7987] name failslab, interval 1, probability 0, space 0, times 0
[  127.174790][ T7987] CPU: 1 UID: 0 PID: 7987 Comm: syz.0.1472 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  127.174825][ T7987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  127.174837][ T7987] Call Trace:
[  127.174843][ T7987]  <TASK>
[  127.174851][ T7987]  __dump_stack+0x1d/0x30
[  127.174877][ T7987]  dump_stack_lvl+0xe8/0x140
[  127.174917][ T7987]  dump_stack+0x15/0x1b
[  127.174935][ T7987]  should_fail_ex+0x265/0x280
[  127.174968][ T7987]  should_failslab+0x8c/0xb0
[  127.175013][ T7987]  kmem_cache_alloc_noprof+0x50/0x310
[  127.175035][ T7987]  ? getname_kernel+0x3c/0x1f0
[  127.175055][ T7987]  getname_kernel+0x3c/0x1f0
[  127.175074][ T7987]  kern_path+0x23/0x130
[  127.175114][ T7987]  create_local_trace_uprobe+0x53/0x2c0
[  127.175142][ T7987]  perf_uprobe_init+0xc0/0x150
[  127.175251][ T7987]  perf_uprobe_event_init+0xea/0x150
[  127.175273][ T7987]  perf_try_init_event+0xd9/0x540
[  127.175295][ T7987]  ? perf_event_alloc+0xb1c/0x1680
[  127.175394][ T7987]  perf_event_alloc+0xb27/0x1680
[  127.175511][ T7987]  __se_sys_perf_event_open+0x4a5/0x11c0
[  127.175594][ T7987]  ? __rcu_read_unlock+0x4f/0x70
[  127.175626][ T7987]  __x64_sys_perf_event_open+0x67/0x80
[  127.175704][ T7987]  x64_sys_call+0x27ec/0x2fb0
[  127.175723][ T7987]  do_syscall_64+0xd2/0x200
[  127.175742][ T7987]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  127.175787][ T7987]  ? clear_bhb_loop+0x40/0x90
[  127.175811][ T7987]  ? clear_bhb_loop+0x40/0x90
[  127.175847][ T7987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.175871][ T7987] RIP: 0033:0x7f7fee84e929
[  127.175886][ T7987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.175905][ T7987] RSP: 002b:00007f7feceb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  127.175924][ T7987] RAX: ffffffffffffffda RBX: 00007f7feea75fa0 RCX: 00007f7fee84e929
[  127.176016][ T7987] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 00002000000004c0
[  127.176029][ T7987] RBP: 00007f7feceb7090 R08: 0000000000000000 R09: 0000000000000000
[  127.176042][ T7987] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  127.176055][ T7987] R13: 0000000000000000 R14: 00007f7feea75fa0 R15: 00007ffd573359a8
[  127.176136][ T7987]  </TASK>
[  127.376173][ T7991] FAULT_INJECTION: forcing a failure.
[  127.376173][ T7991] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  127.376199][ T7991] CPU: 0 UID: 0 PID: 7991 Comm: syz.3.1474 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  127.376228][ T7991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  127.376295][ T7991] Call Trace:
[  127.376300][ T7991]  <TASK>
[  127.376305][ T7991]  __dump_stack+0x1d/0x30
[  127.376323][ T7991]  dump_stack_lvl+0xe8/0x140
[  127.376344][ T7991]  dump_stack+0x15/0x1b
[  127.376362][ T7991]  should_fail_ex+0x265/0x280
[  127.376449][ T7991]  should_fail+0xb/0x20
[  127.376472][ T7991]  should_fail_usercopy+0x1a/0x20
[  127.376502][ T7991]  _copy_to_user+0x20/0xa0
[  127.376558][ T7991]  put_user_ifreq+0x58/0xa0
[  127.376578][ T7991]  sock_ioctl+0x5cc/0x610
[  127.376657][ T7991]  ? __pfx_sock_ioctl+0x10/0x10
[  127.376681][ T7991]  __se_sys_ioctl+0xcb/0x140
[  127.376753][ T7991]  __x64_sys_ioctl+0x43/0x50
[  127.376776][ T7991]  x64_sys_call+0x19a8/0x2fb0
[  127.376856][ T7991]  do_syscall_64+0xd2/0x200
[  127.376875][ T7991]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  127.376903][ T7991]  ? clear_bhb_loop+0x40/0x90
[  127.376922][ T7991]  ? clear_bhb_loop+0x40/0x90
[  127.376940][ T7991]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.377010][ T7991] RIP: 0033:0x7f5e27a3e929
[  127.377025][ T7991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.377041][ T7991] RSP: 002b:00007f5e260a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  127.377056][ T7991] RAX: ffffffffffffffda RBX: 00007f5e27c65fa0 RCX: 00007f5e27a3e929
[  127.377066][ T7991] RDX: 0000200000000080 RSI: 00000000000089f0 RDI: 0000000000000006
[  127.377077][ T7991] RBP: 00007f5e260a7090 R08: 0000000000000000 R09: 0000000000000000
[  127.377088][ T7991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.377101][ T7991] R13: 0000000000000000 R14: 00007f5e27c65fa0 R15: 00007ffd961a4b58
[  127.377187][ T7991]  </TASK>
[  127.585557][ T7999] loop3: detected capacity change from 0 to 512
[  127.585854][ T7999] EXT4-fs: Ignoring removed nomblk_io_submit option
[  127.585998][ T7999] EXT4-fs: Ignoring removed mblk_io_submit option
[  127.588759][ T7999] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  127.588777][ T7999] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[  127.589159][ T7999] EXT4-fs (loop3): 1 truncate cleaned up
[  127.669965][ T7999] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #2: block 4: comm syz.3.1478: lblock 0 mapped to illegal pblock 4 (length 1)
[  127.934682][ T7999] EXT4-fs (loop3): Remounting filesystem read-only
[  128.023661][ T8018] loop1: detected capacity change from 0 to 512
[  128.088267][ T8022] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1486'.
[  128.120783][ T3657] ==================================================================
[  128.128892][ T3657] BUG: KCSAN: data-race in xas_clear_mark / xas_find_marked
[  128.136192][ T3657] 
[  128.138517][ T3657] read-write to 0xffff88811ed80470 of 8 bytes by task 8005 on cpu 1:
[  128.146584][ T3657]  xas_clear_mark+0x91/0x180
[  128.151197][ T3657]  __folio_start_writeback+0x2ce/0x440
[  128.156667][ T3657]  __block_write_full_folio+0x53a/0x8f0
[  128.162228][ T3657]  block_write_full_folio+0x2c2/0x2e0
[  128.167605][ T3657]  blkdev_writepages+0x88/0x100
[  128.172459][ T3657]  do_writepages+0x1c6/0x310
[  128.177053][ T3657]  filemap_write_and_wait_range+0x144/0x340
[  128.182955][ T3657]  bdev_release+0xeb/0x3d0
[  128.187373][ T3657]  blkdev_release+0x15/0x20
[  128.191883][ T3657]  __fput+0x29b/0x650
[  128.195875][ T3657]  ____fput+0x1c/0x30
[  128.199868][ T3657]  task_work_run+0x12e/0x1a0
[  128.204458][ T3657]  exit_to_user_mode_loop+0xe4/0x100
[  128.209744][ T3657]  do_syscall_64+0x1d6/0x200
[  128.214330][ T3657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.220223][ T3657] 
[  128.222540][ T3657] read to 0xffff88811ed80470 of 8 bytes by task 3657 on cpu 0:
[  128.230078][ T3657]  xas_find_marked+0x218/0x620
[  128.234842][ T3657]  find_get_entry+0x5d/0x380
[  128.239439][ T3657]  filemap_get_folios_tag+0x13b/0x210
[  128.244823][ T3657]  writeback_iter+0x4bb/0x820
[  128.249501][ T3657]  blkdev_writepages+0xa7/0x100
[  128.254360][ T3657]  do_writepages+0x1c6/0x310
[  128.258957][ T3657]  __writeback_single_inode+0x80/0x7c0
[  128.264429][ T3657]  writeback_sb_inodes+0x480/0xa20
[  128.269546][ T3657]  __writeback_inodes_wb+0x94/0x1a0
[  128.274754][ T3657]  wb_writeback+0x266/0x5c0
[  128.279258][ T3657]  wb_workfn+0x4c9/0x910
[  128.283507][ T3657]  process_scheduled_works+0x4ce/0x9d0
[  128.288973][ T3657]  worker_thread+0x582/0x770
[  128.293576][ T3657]  kthread+0x486/0x510
[  128.297647][ T3657]  ret_from_fork+0xda/0x150
[  128.302148][ T3657]  ret_from_fork_asm+0x1a/0x30
[  128.306913][ T3657] 
[  128.309231][ T3657] value changed: 0xffc0000000000000 -> 0xff00000000000000
[  128.316335][ T3657] 
[  128.318658][ T3657] Reported by Kernel Concurrency Sanitizer on:
[  128.324802][ T3657] CPU: 0 UID: 0 PID: 3657 Comm: kworker/u8:9 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  128.337386][ T3657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  128.347441][ T3657] Workqueue: writeback wb_workfn (flush-7:8)
[  128.353434][ T3657] ==================================================================