last executing test programs:

54.880718335s ago: executing program 3 (id=352):
socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000240)={'#! ', './file0'}, 0xb)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
timer_create(0x1, &(0x7f0000000580)={0x0, 0x41, 0x0, @thr={&(0x7f0000000440)="315abb176b62d0bdf5901ae34e91792d8a60c4960befe2375eafab4ad136fd59ccccbbc1a17ad25fc4d9fe9d489baf50272a099b5c683e0a878ca8ba8cfb420cf4dfb8316a1cf851a0ee7658b3b9548f2aaa06947129f0905d357ebe", &(0x7f0000000200)="b0d963f88a77c87d9dabc1172b3d97e35173c1194f8b9332"}}, &(0x7f0000000600))
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000140)='sched_switch\x00', r1, 0x0, 0xa}, 0x18)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000080000000b"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r4, @ANYRES32=r2], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000001600)=""/4094, 0xffe}], 0x1, 0xf0, 0xd215)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$inet6_tcp_TLS_TX(r3, 0x6, 0x1, &(0x7f0000000640)=@gcm_128={{0x7}, "4980c4e170cf339f", "0363a9374deeeea86e366e0be8f5e021", "f545d4f9", "30991b3e09d64b43"}, 0x28)
sysinfo(&(0x7f0000000000)=""/92)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00'}, 0x18)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x1b, &(0x7f0000000480)={@dev}, 0x20)

53.816130682s ago: executing program 4 (id=365):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x200000006c8b, 0x37}, 0x7, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f00000003c0), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_usb_disconnect(0xffffffffffffffff)
add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x0, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x3}, 0x10)
r3 = fsmount(0xffffffffffffffff, 0x0, 0x20)
symlinkat(&(0x7f0000000000)='.\x00', r3, &(0x7f0000000140)='./file0\x00')
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000003c0)=0x1)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x2)
capset(&(0x7f0000000ac0)={0x19980330}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)

53.160428614s ago: executing program 3 (id=376):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', 0xffffffffffffffff, 0x0, 0x8000000000000}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_io_uring_setup(0x5bf, &(0x7f0000000440)={0x0, 0x7aca, 0x1, 0x1, 0x294}, &(0x7f0000000240)=<r0=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000040), 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")

52.760000316s ago: executing program 4 (id=384):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000000000)=0x1, 0x4)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000080)=0x40, 0x4)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000600)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000380)="248f0ef3cf", 0x5}], 0x1}}], 0x1, 0x2b332e019dd83bf)

52.699960401s ago: executing program 4 (id=386):
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0xd3283d036ae269b3, 0x8031, 0xffffffffffffffff, 0x99cf0000)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @empty, 0x4}, 0x1c)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
sendto$inet(r1, &(0x7f0000000080)='\x00'/10, 0xfcf5, 0x0, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
recvmsg(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}], 0x1}, 0x0)

52.633780457s ago: executing program 4 (id=388):
socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000240)={'#! ', './file0'}, 0xb)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
timer_create(0x1, &(0x7f0000000580)={0x0, 0x41, 0x0, @thr={&(0x7f0000000440)="315abb176b62d0bdf5901ae34e91792d8a60c4960befe2375eafab4ad136fd59ccccbbc1a17ad25fc4d9fe9d489baf50272a099b5c683e0a878ca8ba8cfb420cf4dfb8316a1cf851a0ee7658b3b9548f2aaa06947129f0905d357ebe", &(0x7f0000000200)="b0d963f88a77c87d9dabc1172b3d97e35173c1194f8b9332"}}, &(0x7f0000000600))
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000080000000b"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r3, @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000001600)=""/4094, 0xffe}], 0x1, 0xf0, 0xd215)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
setsockopt$inet6_tcp_TLS_TX(r2, 0x6, 0x1, &(0x7f0000000640)=@gcm_128={{0x7}, "4980c4e170cf339f", "0363a9374deeeea86e366e0be8f5e021", "f545d4f9", "30991b3e09d64b43"}, 0x28)
sysinfo(&(0x7f0000000000)=""/92)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="070000000400000008000000d900000000000000", @ANYRES32, @ANYBLOB="0000e8ffffffffffffff001be3b79142dfeae741", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00'}, 0x18)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x1b, &(0x7f0000000480)={@dev}, 0x20)

52.294179104s ago: executing program 3 (id=392):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x36e, &(0x7f00000007c0)="$eJzs3U1oM0UYwPEnaZImeXmbHERRkA6+CHpZ2uhZDNKCELC0jdgKwrbdaMialGyoRsS2J4+Kd0+Ch9KbBQ8F7VnoxZteRPDWi6BgBXVlv5LNV9PGpMH2/4OSycw8uzPZSXk27WYv3vj03UrJ0kp6Q6JJJRERkUuRrEQlEPEfo245IfLJd622A3n+wW8/PL22UUx6FWo5v/5CTik1N//Nex+m/G6ns3Kefevi19wv54+fP3nxz/o7ZUuVLVWtNZSutmo/NfQt01A7ZauiKbViGrplqHLVMupe+1f+dsza7m5T6dWdh+ndumFZSq82VcVoqkZNNepNpb+tl6tK0zT1MC0Ypni0uqrnRwzeHvNgMCH1el6fEZFUT0vxaCoDAgAAU9Wd/0edlH5Y/h/Syv83Za5QWFpVTud2/n/8zFnjwesnc37+f5rol/+/+KO3rY783zmdaOf/Ne/8oDQ8//9cbpD/92ZE98vI+X92AoPBaOYTPVWRjmdO/p/237+uwzePF9wC+T8AAAAAAAAAAAAAAAAAAAAAAP8Hl7adsW07EzwGP+1LCPznuJMGHf9ZEUk6R9/m+N9laxubknQv3HOOsfnxXnGv6D36Hc5ExBTjb7ubszaCK4+UIyvfmvt+/P5eccZtyZek7MTLomQk666nULxtL79aWFpUHj++dZlSOhyfk4w8Fo7/2l2dTnyuM97ff0KeexSK1yQj329LTUzZcSPb+/9oUalXXit0xafcfiLy860fFAAAAAAAxkxTLX3P3zVtULv3LSP5kvsxkSELkpG/+p/fL/Q9P49lnopNe/YAAAAAANwPVvODii5Ro+4WTLNfISUDm8ZQiHXUxEWkb+dEV038qi3PhGZ43fEkxLuDyX+d1xfBq3qTqOAfKZyBt5r8O6rIaOMJ5u/WRGLP/u43/XnTeUUOxF0AB+GmqFwjPNY9+HmnQvXt/Gjgdg79ibRqgo+NEgNeZ1np3U70ipUQ76mxI6MtgCc++/KP8b1BXjrxV8D7wzsfmoa9L9c5KF0FZxe9TfGJ/+IBAAAAcOvaSX9Q83K4OXwjkfDNcvjLPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYzSRr/TrKgze++xtThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYun8DAAD//7ct9c4=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
write$cgroup_subtree(r2, 0x0, 0x10d53)

52.22438043s ago: executing program 0 (id=394):
socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
setreuid(0xee00, 0x0)
r0 = getuid()
setreuid(0x0, r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r1, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x95, 0x3}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000a32a06fa00000400000000000cb9aa8f19eb8f5b6b1c2ef4d0", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r3, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0xf}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x19, 0x10, 0x0, &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r6}, 0x10)
symlink(0x0, &(0x7f0000000180)='./file0\x00')
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x26, 0x0, &(0x7f0000000180))
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000400000/0x3000)=nil, 0x3000, 0x2000009, 0x4d032, 0xffffffffffffffff, 0x0)

52.155217635s ago: executing program 0 (id=396):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @local}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0), 0x0, 0x0, 0x0, 0x804c040}, 0xc851)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r1=>0x0]}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000140)=r1, 0x4)

52.153730625s ago: executing program 3 (id=397):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
r2 = socket$netlink(0x10, 0x3, 0x14)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kfree\x00', r4}, 0x18)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDSKBENT(r5, 0x4b47, &(0x7f0000000400)={0x0, 0x7f, 0x700})
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f00"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000740)='./file0\x00', 0x24002, 0x92)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000980), r2)
sendmsg$NL80211_CMD_LEAVE_MESH(r6, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x28, r7, 0x2, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x5, 0x1}}}}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x40040}, 0x10008000)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000440)={'gretap0\x00', &(0x7f0000000580)={'tunl0\x00', <r8=>0x0, 0x40, 0x10, 0x7, 0xfffffff9, {{0x1e, 0x4, 0x2, 0x5, 0x78, 0x68, 0x0, 0x6, 0x29, 0x0, @multicast2, @rand_addr=0x64010101, {[@lsrr={0x83, 0x7, 0xf, [@local]}, @timestamp_prespec={0x44, 0x44, 0x97, 0x3, 0x7, [{@private=0xa010101, 0x101}, {@dev={0xac, 0x14, 0x14, 0x33}, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x9}, {@remote, 0xc33}, {@loopback, 0x800}, {@private=0xa010100, 0x7}, {@remote, 0x5c5a47db}, {@empty, 0xfffffffb}]}, @end, @lsrr={0x83, 0xf, 0x88, [@rand_addr=0x64010101, @multicast2, @broadcast]}, @cipso={0x86, 0x8, 0x2, [{0x1, 0x2}]}]}}}}})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f0000000480)={'gretap0\x00', &(0x7f0000000700)={'sit0\x00', r8, 0x7, 0x7, 0x8, 0x81, {{0x1a, 0x4, 0x2, 0x3a, 0x68, 0x67, 0x0, 0x10, 0x29, 0x0, @multicast1, @private=0xa010100, {[@timestamp_addr={0x44, 0x24, 0xbf, 0x1, 0x6, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x98b0}, {@dev={0xac, 0x14, 0x14, 0x3d}, 0xe}, {@multicast2, 0x7}, {@rand_addr=0x64010100, 0x7f}]}, @ssrr={0x89, 0xb, 0x2e, [@dev={0xac, 0x14, 0x14, 0x2f}, @private=0xa010100]}, @timestamp_prespec={0x44, 0x24, 0x61, 0x3, 0x6, [{@multicast1, 0x7}, {@multicast2, 0x56e}, {@rand_addr=0x64010100, 0x7fffffff}, {@multicast2}]}]}}}}})
connect$can_bcm(r1, &(0x7f0000000080), 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x68, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r9, 0x0, 0x8}, 0x18)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x20, 0x0, 0xc4fc9e906872338b, 0x70bd2a, 0x0, {{0x15}, {@void, @val={0xc, 0x99, {0xc7, 0x3a}}}}}, 0x20}}, 0x0)
r11 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x8, [@func={0x1, 0x0, 0x0, 0xc, 0x1}, @const={0x10}]}, {0x0, [0x61, 0x2e, 0x5f, 0x30, 0x61, 0x30]}}, &(0x7f00000002c0)=""/235, 0x38, 0xeb, 0x0, 0x82e, 0x10000}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000020000", @ANYRES32, @ANYRESHEX], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @cgroup_sock_addr, r11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r12}, 0x10)
set_tid_address(0x0)

52.125422377s ago: executing program 0 (id=398):
r0 = socket(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @local}, 0x10)
sendmsg$inet(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000800)=[{0x0}], 0x1}, 0x5)
recvfrom(r0, 0x0, 0x0, 0x1, 0x0, 0x0)

52.051372033s ago: executing program 0 (id=400):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
ioctl$USBDEVFS_REAPURBNDELAY(r2, 0x4004550d, 0x0)
r3 = creat(&(0x7f00000000c0)='./file0\x00', 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x18)
r6 = fsopen(&(0x7f0000000580)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r6, 0x2, &(0x7f0000000540)='\x00', &(0x7f0000001c80)="6ed4", 0x2)
fsconfig$FSCONFIG_SET_FD(r6, 0x5, &(0x7f00000005c0)='\x00H\xeb', 0x0, r6)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000040)='syzkaller\x00', &(0x7f0000001140)='\xf1\x95\xb3>-\x8c\xd4\r\x01\xfa\xe2{eED\x0e\xaaPV\x11\xff\xb6j\xd4~6\x82^\x9b b', 0x0)
close(r6)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='devpts\x00', 0x1010401, 0x0)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f00000006c0)=ANY=[@ANYRES32, @ANYRESHEX=r3, @ANYRES64=r6], &(0x7f0000000240)='GPL\x00', 0x0, 0x58, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x2000, 0x0)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r8, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r9 = dup(r8)
write$P9_RLERRORu(r3, &(0x7f0000000040)=ANY=[@ANYBLOB="8b", @ANYRES32=0x0, @ANYRES32=r0], 0x53)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r9, 0x8933, &(0x7f00000003c0))
write$RDMA_USER_CM_CMD_SET_OPTION(r9, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)

52.038749245s ago: executing program 0 (id=401):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, 0x0}, 0x4048043)
r2 = dup(r0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000600)={0x0, @in6={{0xa, 0x4e23, 0x7, @empty, 0x2001}}, 0x6, 0x6}, 0x90)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xfffffff2, @empty, 0x3}}, 0x1000000, 0x31, 0xffff1896, 0x3, 0x34, 0x40000000, 0x1b}, 0x9c)

52.034169945s ago: executing program 3 (id=402):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240))
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x7f, 0x0, &(0x7f0000000000))

51.703272661s ago: executing program 3 (id=403):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', 0xffffffffffffffff, 0x0, 0x8000000000000}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_io_uring_setup(0x5bf, &(0x7f0000000440)={0x0, 0x7aca, 0x1, 0x1, 0x294}, &(0x7f0000000240)=<r0=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000040), 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")

51.703057242s ago: executing program 0 (id=404):
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x1e8301, 0x0)
socket$packet(0x11, 0x2, 0x300)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0x334e, 0x100, 0x3, 0x41}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000300)=<r4=>0x0)
syz_io_uring_setup(0x2400, &(0x7f0000000240)={0x0, 0xbe44, 0x10000, 0xffffffff, 0x2be, 0x0, r2}, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x1, 0x7})
write$UHID_CREATE2(r5, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x60, 0x185100})
io_uring_enter(r2, 0x7277, 0x0, 0x28, 0x0, 0x0)

51.702973251s ago: executing program 32 (id=403):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', 0xffffffffffffffff, 0x0, 0x8000000000000}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_io_uring_setup(0x5bf, &(0x7f0000000440)={0x0, 0x7aca, 0x1, 0x1, 0x294}, &(0x7f0000000240)=<r0=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000040), 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")

51.701362642s ago: executing program 33 (id=404):
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x1e8301, 0x0)
socket$packet(0x11, 0x2, 0x300)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0x334e, 0x100, 0x3, 0x41}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000300)=<r4=>0x0)
syz_io_uring_setup(0x2400, &(0x7f0000000240)={0x0, 0xbe44, 0x10000, 0xffffffff, 0x2be, 0x0, r2}, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x1, 0x7})
write$UHID_CREATE2(r5, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x60, 0x185100})
io_uring_enter(r2, 0x7277, 0x0, 0x28, 0x0, 0x0)

51.697484662s ago: executing program 4 (id=407):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x36e, &(0x7f00000007c0)="$eJzs3U1oM0UYwPEnaZImeXmbHERRkA6+CHpZ2uhZDNKCELC0jdgKwrbdaMialGyoRsS2J4+Kd0+Ch9KbBQ8F7VnoxZteRPDWi6BgBXVlv5LNV9PGpMH2/4OSycw8uzPZSXk27WYv3vj03UrJ0kp6Q6JJJRERkUuRrEQlEPEfo245IfLJd622A3n+wW8/PL22UUx6FWo5v/5CTik1N//Nex+m/G6ns3Kefevi19wv54+fP3nxz/o7ZUuVLVWtNZSutmo/NfQt01A7ZauiKbViGrplqHLVMupe+1f+dsza7m5T6dWdh+ndumFZSq82VcVoqkZNNepNpb+tl6tK0zT1MC0Ypni0uqrnRwzeHvNgMCH1el6fEZFUT0vxaCoDAgAAU9Wd/0edlH5Y/h/Syv83Za5QWFpVTud2/n/8zFnjwesnc37+f5rol/+/+KO3rY783zmdaOf/Ne/8oDQ8//9cbpD/92ZE98vI+X92AoPBaOYTPVWRjmdO/p/237+uwzePF9wC+T8AAAAAAAAAAAAAAAAAAAAAAP8Hl7adsW07EzwGP+1LCPznuJMGHf9ZEUk6R9/m+N9laxubknQv3HOOsfnxXnGv6D36Hc5ExBTjb7ubszaCK4+UIyvfmvt+/P5eccZtyZek7MTLomQk666nULxtL79aWFpUHj++dZlSOhyfk4w8Fo7/2l2dTnyuM97ff0KeexSK1yQj329LTUzZcSPb+/9oUalXXit0xafcfiLy860fFAAAAAAAxkxTLX3P3zVtULv3LSP5kvsxkSELkpG/+p/fL/Q9P49lnopNe/YAAAAAANwPVvODii5Ro+4WTLNfISUDm8ZQiHXUxEWkb+dEV038qi3PhGZ43fEkxLuDyX+d1xfBq3qTqOAfKZyBt5r8O6rIaOMJ5u/WRGLP/u43/XnTeUUOxF0AB+GmqFwjPNY9+HmnQvXt/Gjgdg79ibRqgo+NEgNeZ1np3U70ipUQ76mxI6MtgCc++/KP8b1BXjrxV8D7wzsfmoa9L9c5KF0FZxe9TfGJ/+IBAAAAcOvaSX9Q83K4OXwjkfDNcvjLPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYzSRr/TrKgze++xtThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYun8DAAD//7ct9c4=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
write$cgroup_subtree(r2, 0x0, 0x10d53)

50.506422158s ago: executing program 4 (id=410):
r0 = socket(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @local}, 0x10)
sendmsg$inet(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000800)=[{0x0}], 0x1}, 0x5)
recvfrom(r0, 0x0, 0x0, 0x1, 0x0, 0x0)

50.506343498s ago: executing program 34 (id=410):
r0 = socket(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @local}, 0x10)
sendmsg$inet(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000800)=[{0x0}], 0x1}, 0x5)
recvfrom(r0, 0x0, 0x0, 0x1, 0x0, 0x0)

39.024937274s ago: executing program 5 (id=566):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
r2 = dup(r0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000600)={0x0, @in6={{0xa, 0x4e23, 0x7, @empty, 0x2001}}, 0x6, 0x6}, 0x90)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, 0x0, 0x0)

38.94331113s ago: executing program 5 (id=567):
r0 = syz_open_dev$usbfs(0x0, 0x70, 0x101301) (async)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000000)=<r1=>0x0, &(0x7f00000000c0)=0x4) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x20000, 0x0) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0xc00)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x80) (async)
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd6018232500082c"], 0x0) (async)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0xffc7, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x80}, 0x48)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETOFFLOAD(r2, 0x400454c9, 0xba98575a95aeb70d) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8927, &(0x7f0000000040)='\xd0\xb4\'') (async)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0b00000008000000070000000900000001"], 0x50) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f00000007c0)=ANY=[@ANYRES8=r2, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000ff0f00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r6}, 0x10) (async)
r7 = socket$inet(0x2, 0x2, 0xf4)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r7, 0x8982, &(0x7f00000002c0)={0x0, 'veth0_macvtap\x00', {}, 0x98b2}) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r8 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x80, 0x0)
mq_timedsend(r8, &(0x7f0000000600)="6d12483bb95dab4da2bccb9a5c51f7769b4aa2ed6f00bcfff2058843f7de72fa8f9dd7572991db9f2968c67d150dbd80321f91c14a7705c3d6e2292f74d074e24cdfdc28da61b60db4ac67a81c04430dd72555dcebe8193594b8fe29718d5781fe3f418379dab48089b86edc4facdbc388e30fdfabe867722b348dcfbff8f7745bb98584b3384eb1b1c541d05427c4e5c33b3692ebf599d4a179bcd27271d55e4a38ac7be3cae3e85eddbdcf574ac462df22b6b2242245f32d5826de908a96ea66331cad4d0ff094f552e118ee643f2f12f854c32d4e548bd82a69c4102bc516a41a52436f6dfd80133de801fdc8e75276c631f041d86269f2ba0791e8119868816c1fe9c78654919d6dcce67a5f32b77575867f43f76e99108bf9ee3fd550cc18f8bee8505da7ea8fe0a3a9e40c01be1d39435821c5f52cf39a7d5558f278b01be298e5460d3ebf011345ed0030603f767fe44876fdf1cb172a4cbfb2f7784ac61c4786a147b6d446eaf46d5b26c6b85580ba4913fc12a443d8dcf05d08513ae01a7f489826fdc8bff83c1708ebbc060aa72d25e6ce21521799bd37c34fdad973fd7e17070b7783bf341fc079c6b0c9811388430c84540d8d544d1887b73e3a9d2625358be4b09128ee7f8d2dacf2d9704b9143c0341568d1e39429e1d442d21878c87271e66651e12d077b8dd49c0bf285097e261a5116b91036368265c1c5b74353bb42ff4936e27a20c48dea290685b09c2e5baa29dbeb790969f793692fb112c973329236f30bd29c39ee6104e1e0ccd1f855e5837d156c83834661a2aa8929ad78c025413179d880ee905d0b1ee1c9c3eacb63ac807a6ce73d492502ce52beba9ea5214a9387e2c5a810a96e14956809b6865e46a9d9ce2deb4cce2155562dd7e3daef9b3c0c0a55f1fe1a89835971dbc9c09ee9d4abe827b0e87dcd08e5e7cf08869cdcd6fe7f42d93c075db2fec9d96aff21410c3cbd5d904ed147af08c297011ec105dec6fb319cc5637ac71dac05d01ef356dcc6b6bd3f8625204d92f6d0447c0ee5c72d13b4e951a5ba060d4e0ab4680bba08ca9e0079ed6332e6449e01ec480903b0f377e08e8146c8a1e86df678dd88f3768e0958b04f24d58f39a15ee93e4b3e1e2dcd91f8cd36c37b2806d5f7c1871d0e1d7496ac64b377a8fb32104166536597bbfd6d814b2eb41970ba1aef50238e34ec8069690029c58c8a01b28b711ff44aed4652629c7cdc7843d83efe9514bb5b1f80d1047e6075870c53505a142e48d6897d7811f84d8c3e8f9985f9a9d01c8fd68960aee376caa465f25622d7ff5deae8f0d628e048bc4387ca3046067768f3014a3ef4d1b55123ce45507ab1b6f587f6302bb9b715899d2fc20cabfd306549b6a2ec8ea5169e5be19cf59ef71cbb16d402cdc62a422b2bf5c01bb6139e60fd61ea4b77382c7e2e038c6511bfe08f7a3cea5e793f9e2cb4facce20e719d179104418f6745bf8065c70da3815c8e1a1b650d96865c41fd45dbcae51e1d54b41002c2f673cd1008dbf3f17847dd28d8fe3c24ef238000be692e05b0365cb7691fa8f134efe70df46b5cc4765def995971ae0c45f653292f4a3c26300e359afbe0c4f7b049f505ab8e8a0d4c7090cc07c62dbcb9bf6682425553de4ca63f98ac5d420d01bf729bf815683d11451eea0295675778f00bef94ac6e29dd2285847fd857cf2d204de3170e024169d568500befd5c6f34e9d3fcae78bd8fcd6d8f85fcf56241c7787d86bdfca06a6e69b996d72530c94eaa82e99f8ccbd66b53ce0f066fffcb3b643f84a1112c4c8a153ef745f7da3c4887f95de7df8dcf6653200eccb389a7aad4a874d347791cd00cf767bdd8d36de55cbc0879e11cddec175b36be0d1224d1dab7d8f8f3bab0f622d031be123b6ab48188716162afea5e0529830a39c3c9edc86b3e6020830f2f94060685d96887fb536afaedcd9523c53e5e210e87a07bc941b29b968ec9b0f6e5a74b929ad56ef7e80b981d39460040df8aedb253bc4681e72de2b3e886320b2f9a52f675bb08e4dee27b468d0822d6269ad1eee16d1c1781ad17b1fae21b44e427ace6d1fa932ca9c295c5ae74140ffea23ac2b70a6ca71af12c6d63adc32110521cee84dce3514c51417fa794fff4fb7b72844fbb3ba786173d3ffea23e03eb49acbd957d52494ffff3cd2dc420ace19bbe375aabb97953dd1b8adc24856a81b2888e2fb635332c2d4257cf6833ccb3135c0327f79c4846b691b693b066cd5de30ca40e29fe8775fd6a8844f566223008d017ccb6f2ee47496b61aa2900f64c1e2136c8dfbb6dd7ab368e0cfeb3e639657f16d9f26f0c575b61476ea7cd499e2fffe75f6118d19d6186e9433d1b92dc30e84bceba4c9bd8e889575c50da8e236d0ad184a2ae7e91e31485a44389a7c6a63c4d7588fa0755ae292102c46df1cfcc21eccfa5bc815a2491cb845de2feae93d5a9365cff327d048b7e66733b1d1cbf1eadae7296631f3f1681ab5878272a9b17e11f64e8ea8afbd297f388b951e39b94d909c74a4c667f6204128c84566c2347222a984f67177160e3f144518721f25aab93c9d0a34d407b84485bf1f2fa07af7de0617dbda0b2eb3ef839d6ad8649fa7133e14646cb30462e827a1bba8b6cf97c93c95552c70aae8ba4918f8b51275ed7e1f90f7ae7a5313aff699f54265adad4b0608a90165c8e7df729ceb0eda12357ea37e7bbb86fc542544c93d494d4edfd098432e389666a8a93f4333e630deefa87397ece144a59fbf736aeefb7b66744954e8076e9d0534508a3631dbdcd2c15b5fd844d62409bf6c63699ac5ff0cab98d4b7f0e33e5cb20853554c895ea26607e9554d74e1511c4c476c41aa7fa717259e5048d80f1f30f07dd5397c17d818dac1849b7ccf6425fa0265edfecb58a763615dedbe98e215ce63dd1688e191a191ccdb4e939bd370f68054440296cb511b5f070fb9479bdef321b7d124506f6345ac3c2ca0ef22292d3f83ec21908de3a3c7f98cc5e086034d0b08df704382a8ee9f6129542cac7dc5fd54e71270f5ea9739b625347f3200d6f74d41106aed8fa8af5a3a6cd58a44de62af681d449a44b5f86702e625a1658f2bb09e1c7a178ec27081bb8e0f3febf700a1663374325bbb17a17c6178fbc0424f83cfafdd8ed301450bc6822105e6033bc999c833ce3f60814f9db98c3880aae837027cc4fd82a1aa61d1c7fbacf0e5da0c820f97e35f52abb212dcfd77c7e159ef4f777a2cbf61508539660a577974291852a3dfdcb0706961faf65f62745240e281e9c1ea25a2bf29729008b59b5bac92c8ffc53b240761c0021edb53bad82a322510f480a53945c63803abb0b5947aa32a7ad5cf8059933ae4dc5d18a261b8d4a126dadd1d7f186cc0f3bc00c82c15516ea2a4b5a5517395d2a16a3beb920b16c706381bae273443ebfa3c37778596177de18a62cb96c08a35459a897ac87bcd87cdbcecae83c95cd4b5eb878a8d31e75955eb11e0cb58c6ad2b39f8f9350ff95778a961b07b4b0e4ff6b58caab6db44c6345c8ad9da0aef0c2b4a09e459a027d774da684ce2defd0b23b6e15ec573268050cba4cd1be4d899672ea3562f280df3b3ee878bd2e9989357829c363b4b47eacadeee76144957f4d76c3ea703aa5bf32f75a0370f49ae371f001eced8bbdaa781f66c83f959af0cb0ecbabeeeb0f91c26a22b430d5cae34e470f79f01446cdca5b70ba6448a8d9e4722dba03369b3204253eea942de2fb7b4408212a4c6a5d36c7e82417edd052a59d6d1ce2b0a2bd94f334647712cc2296e75db316be650195dd28a360e2e44fd32951b2b983d673bce51eea778d2ed2a2468c3b6b94b67ee175aa08f757d5522b43cefd5969511579cd79300802c811adad7b6bdf789f70bc76e94f8ea317043cf29b562a2041c553122ec338834455be1b68fe7470808451b0e1f1d444ae1e430c51c718a751142fa675a663e9d9f66a8a6199b56d18e4167e54942a37366fa0b5242de86bf1af6c758b2f0bb1f0fda16dc5241e3cc442326fdb501b95fe768c45781c8b60fbe576c7e790e2d5a2a76085cdca098fb3209b30a017eefbf6f8b315b38d8f8f194e456d1776cf6c9c4f4a99e9b50ca4bbc57ff1f035f13a3d8261617b5d55387488f9456a32400a84f95320e722c7abed22b9f8b574da8322fe104c12fb35c9d0c600dde78c47cd46647a8e24aafa53c68e2119ed1473bb3b7c9873d0a256e8eec8dc9f57820a7e23d49deb4041beae704b3fb527ce57316ff238515c248c80d51fd44e31dbb2d2e1d6b8007a03bf9b981fee094ee82f413698af66a3057621490d60207bca2e7a11e96cfb850a9a371ce672d0c4826be044acaa0a0a04fab4f2807eac896c48db2c35caf97fdf8bacb854f5351328cfbab2c3b251fc0abe20ba4b8fe8f4a98dfb76a0b1ea6b6463bdd900e23114c94f205f492a4acb30cc8a6efe6f73a96d3688853c60dce92732440db5ec245478bb64ebe9b60e7469ffb253febcda05613a8c1dbf72634e68d912e2fc98501d99c7dafb50081edcc60dc74daf9cecbcf65aa57661451fc6131f8c879b2181984bc4e0973ad6984837e19595caa35ff4713266b6a6c090a50afeb1461590c4c36f7fead0c9620af82302616c154e74199ee11353f6e9861472e2f1826afd0ce1a2ce9712b50019b32397960f54f4fce3c6655e13d8ef3ba20eaa3ca03a831a39732203dc3d2d3bf8de63fb4c96b3ec10cc852401f25a2575e98d9a25bf0767fc180f6fef5928565fa9ffdd620b6713f85bbc140060df1b50607b4eb51c0c71dac8ee2c19b9bd03b1840bb4d1f8a767d788a31926c9c39be4709dd57e856cb417d3947ce825f194fac18323f36a3b7743603abc628d477b3292a6b3f4965e882a110728f2a9f4fa8fd9d9d50859c48fe0f07f6a826bd5c5d8d645c0f7d8d03cf49be2419e2986f8ad55a228cacd0838f867a8612fd1c4b04d54dc9d5b05cc9395f5bb7fe918083bedfa33734a3f6afaf70379f4d423fa592dcfdeef84161df3f8f42204116442fc815a3cb3c79348d489296014fb8d4334c4ad776e14207ed2115781a0caac4cbfddf8f788f58cd9da9c33f145d87a187d7db78ce4368c5bdbba67fde5264a53a65a027a52aa09fd4943aeeae146a769a26a0f3597fd5004b60c179ce2bcafc78220d691c44c153c883bf942f01586b5321e4bbb28ab44d97bea3368f7c5d0c3dda0ef359065fd31f62060beb0b2a31f7164867e4b78f89f5ea0131aed7014ef3385f0b350ff847f4321b81c7dc9a484605ee397a2d5ea8ad9593020cea3acb6a106a560b4bf675c89aa3b14678dfef6602fdfa9afeeb6f16cb1b3cc944ad5d0492a3d07308c07dfc204c071d92f6b8b5694c70d166fe29f7894ceee7554dc32c71f3b971c8f20f2cafa4399a8755684090f90e6b45ee924d1205e0a075fd2259b6ca6430d28c780735353be38578b3cf1badcba4dae86419d4a0c1ec21f4a7510a08018e90974f0757aab8b51dc0fc068193d040cbd9706eeec02360da646b11cc5f1a544ecf24ce87c7165a0cb9bdb6990db03320ecf2f65fb6dfd1f3d32b2ae10723707cf5f30ea387f677aea100649c72e795b5f7d652e0e2fd0ae19eaf96f1b6453d056e01c97aa5c271b5e5f303fa4013f686cfbf64a1c1fe4263786b835e46a98699b8d5262520c4947987748ab21a48aef3", 0xfd1, 0x6, 0x0)
mq_timedreceive(r8, &(0x7f000001d600)=""/102389, 0x18ff5, 0x0, 0x0) (async)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffedf}, 0x94) (async)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)

38.937435511s ago: executing program 5 (id=568):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000140)={0x0, r0}, 0x8)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180), 0x121080, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0xa, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030008000000008500000070000000953fd66f289251260650f8a23b9af8492a781d3ccc6c39c2a447c3c905f7d66b1b71f8a0253c86d50b494562e88756714149cb1c3b47a92b9b74acaeb2584598758caa06e86a13b94a219bcc337cd27d7cb728d3c5dc7ff71ffbcce22ba2f4c6b71c2765f9907590fceb7a32c2b500b0d8ede159"], &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x30, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x749}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x1}, 0x18)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = syz_open_dev$evdev(&(0x7f0000000400), 0x0, 0x0)
syz_usb_disconnect(r3)
syz_usb_connect(0x4, 0x24, &(0x7f0000000480)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r3, 0x40095505, 0x0)
openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x3, 0x3, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8}}, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r4, 0x0, 0x0}, 0x10)

37.794442863s ago: executing program 5 (id=591):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f00000001c0)={0x3, &(0x7f0000000300)=[{0x1006}, {0x8, 0x0, 0x5d, 0x59c}, {0xff01, 0x0, 0x10, 0x2}]}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'bridge0\x00', <r1=>0x0})
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="3f043608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1506fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = open_tree(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x1c00)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
prlimit64(0x0, 0x425ea057ada49652, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x1, 0x1008, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000640)={r3, &(0x7f00000003c0), 0x0}, 0x20)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000580)='ext4_da_write_pages\x00'}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4c00000010000305000000000000000000000d0084e2e92ee4b31003dc31a089cda32a1e91441c793704", @ANYRES32=0x0, @ANYBLOB="9b150100000000002c0012800e00010069703665727370616e0000001800028004001200080014000002000008000d0000010200"], 0x4c}}, 0x0)
eventfd2(0x6, 0x80000)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)

37.219091689s ago: executing program 5 (id=594):
r0 = add_key$keyring(&(0x7f00000085c0), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r1 = add_key$keyring(&(0x7f0000008540), &(0x7f0000008580)={'syz', 0x3}, 0x0, 0x0, r0)
keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f0000000240)={r1}, &(0x7f0000000280)={'enc=', 'oaep', ' hash=', {'sha512-arm64\x00'}}, 0x0, 0x0)

36.639334136s ago: executing program 5 (id=609):
syz_emit_ethernet(0x5e, &(0x7f00000001c0)={@random="ed4e0300", @multicast, @void, {@ipv6={0x86dd, @udp={0xa, 0x6, "78be4d", 0x28, 0x11, 0x0, @ipv4={'\x00', '\xff\xff', @local}, @mcast2, {[], {0x4e20, 0x4e20, 0x28, 0x0, @opaque="bebc1ab3df8c36dc14456fc20dd74b416390763771db5655bb34db1db609a124"}}}}}}, 0x0)

36.455729201s ago: executing program 35 (id=609):
syz_emit_ethernet(0x5e, &(0x7f00000001c0)={@random="ed4e0300", @multicast, @void, {@ipv6={0x86dd, @udp={0xa, 0x6, "78be4d", 0x28, 0x11, 0x0, @ipv4={'\x00', '\xff\xff', @local}, @mcast2, {[], {0x4e20, 0x4e20, 0x28, 0x0, @opaque="bebc1ab3df8c36dc14456fc20dd74b416390763771db5655bb34db1db609a124"}}}}}}, 0x0)

1.957391862s ago: executing program 6 (id=1327):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff}, 0x0)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000000c0)={<r4=>0xffffffffffffffff}, 0x2, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r3, &(0x7f0000000200)={0x7, 0x8, 0xfa00, {r4, 0x800}}, 0x10)
close_range(r2, 0xffffffffffffffff, 0x0)

1.936496503s ago: executing program 6 (id=1329):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x0, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVex:Di', 0x0)

1.910930516s ago: executing program 6 (id=1330):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="070000000400000008000000d901000000000000", @ANYRES32, @ANYBLOB="000000000000744c000000000042590d8d1b53e833e3d628161e3904f20c57cad158c67160e84f8100000000000041a53d958921ee65516f23b72d8a69de6e203e14ef13b5fdacd821477ac3cc2d76d52deaaee3c09a39323c955cf4e7fc6f6ae81cc53570674d4eba5fb1c606d2ec99f7d8beab8f33d7308316601cf96cd14f6c232662f8b4673ad21149245c93e95fef57d42f1f4905723a0000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r4=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
unlinkat(0xffffffffffffff9c, &(0x7f0000000980)='./file0\x00', 0x200)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
writev(r7, &(0x7f0000000400)=[{&(0x7f0000000100)="92", 0x1}], 0x1)
pipe(&(0x7f0000000340)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
splice(r9, 0x0, r11, 0x0, 0xf3a, 0x0)
write$cgroup_pid(r11, &(0x7f0000000000), 0xffffff98)
splice(r6, 0x0, r11, 0x0, 0x80, 0x4)
write(r8, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000c00)={[], [{@smackfsroot={'smackfsroot', 0x3d, ')'}}, {@uid_lt}, {@audit}, {@context={'context', 0x3d, 'staff_u'}}, {@subj_user={'subj_user', 0x3d, 'GPL\x00'}}]}, 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000880), 0x145a80, 0x0)
close_range(0xffffffffffffffff, r10, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)={0xb0, 0x1403, 0xc23, 0x70bd2a, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'syz_tun\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'ip_vti0\x00'}}, {{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'pimreg1\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'geneve1\x00'}}]}, 0xb0}, 0x1, 0x0, 0x0, 0x48845}, 0x4000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x434, 0x24, 0x8, 0x8000000, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x2, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x40020000, 0x1000, 0x2, 0x0, 0x0, 0x8000002, 0x0, 0x7e150a0b, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x100000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x10000, 0x5d2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x1007, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x3, 0x0, 0x1, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x2, 0x9, 0x0, 0x0, 0x7, 0xfbfffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0xffffffff, 0x3, 0x0, 0x0, 0x4fd, 0x2000, 0x0, 0x0, 0x0, 0x3, 0x15d, 0xfffffffe, 0x10000, 0x7e98263b, 0x9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x9, 0x0, 0x2000000, 0x0, 0x8, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2d1, 0x0, 0x0, 0xb2e, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0xff, 0x1000, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, 0xc3f3, 0x1, 0x0, 0x800, 0x9, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0xfffffffc, 0xfffffffe, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xfffffffd, 0x0, 0x0, 0xd819ac9, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffff, 0x0, 0x0, 0x80000001, 0x0, 0x10, 0x20, 0x4, 0x400000b2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x1000, 0x100, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x1, 0x4, 0xfffffffe, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x0, 0x0, 0x20000040, 0xffffffff, 0x6e715b80, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0xaaf0]}]}}]}, 0x434}, 0x1, 0x0, 0x0, 0x40}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000008000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x801c6080, 0x0, 0x0, &(0x7f0000000900), 0x0, 0x0)
set_robust_list(0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)

1.599600961s ago: executing program 7 (id=1336):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000500)='workqueue_activate_work\x00', r1}, 0x18)
r2 = openat(r0, &(0x7f0000000340)='./file1\x00', 0x40c842, 0x13a)
write$binfmt_elf64(r2, &(0x7f0000000980)=ANY=[@ANYBLOB="7f454c4600000006010000000000000003003e000000000003000000000000004000000000000000980100000000000002000000000038000200000002000000000000600300000008000000000000000d00000000000000ed08000000000000f0ffffffffffffff0000000000000000080000000000000003000000cff5ffff800300000000000001000000000000000500000000000000ff"], 0x5b0)
close(r2)
sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB="6c000400", @ANYRES16=0x0, @ANYBLOB="04002bbd7000fddbdf250100000005002900000000000a0009000180c20000020000060028000300000008003400010000000a000900ffffffffffff000005002900000000000600280001000000080032004000000008003b0004000000080034000d000000"], 0x6c}, 0x1, 0x0, 0x0, 0x800}, 0x20000800)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
r3 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x100000001, 0x25400000000000}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pwrite64(r3, &(0x7f0000000140)="086f2f6cf58012c27df66bb7001818cbaff8d837c19e34853533bb68d0add27c6e87f37e9e8dae7e9fb02c6e9754aa556e16ecb6c49b0ceeb73dd4895d35d4770a1fc0dfbe34801859f9fb843cff4d60a6f4b1cf7df394cce2a2fd8b829d70bc394cadd974ead8833791f65ae5c49d98cbbcd1111d262aa4d6e387dfb6c25bf0ad3e03bc6f3d0de86a50af98d03e4143cb8451d61800472e0f78c1218e3d300a06939817c675d3d880ad2656bff2e44a022ecc00da10716ffe015027540a0416561c9b1c3ca605f8a61fe9bfa31a324a7e666b206cdf7eb27d09e2c27226835bc6c806dd8813a0f12735fd3d", 0xec, 0x6)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, 0x0, 0x0)
r5 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r5, 0x402, 0x1f)
close_range(r5, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
syz_io_uring_setup(0x6821, &(0x7f00000001c0)={0x0, 0x1, 0x8000, 0x4, 0x37c}, &(0x7f0000000080)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r2, 0xc02c5341, &(0x7f00000005c0))
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040))
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x20, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x2}})
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000240))
preadv(0xffffffffffffffff, &(0x7f0000000380)=[{&(0x7f0000000180)=""/38, 0x26}], 0x1, 0xffff, 0xddd073cf)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000100)={'veth0_to_team\x00', 0x400})
getpgrp(0x0)

1.545918985s ago: executing program 7 (id=1339):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
pipe2(&(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000000c0)={<r3=>0xffffffffffffffff}, 0x2, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r2, &(0x7f0000000200)={0x7, 0x8, 0xfa00, {r3, 0x800}}, 0x10)
close_range(r1, 0xffffffffffffffff, 0x0)

1.471191351s ago: executing program 7 (id=1340):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ptrace(0x10, r0)
ptrace$getregs(0xc, r0, 0xffffffffffffdcaf, &(0x7f0000000040)=""/45)

1.436289654s ago: executing program 7 (id=1341):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000aac020000060a0b040000000000000000020000003c020480380201800a0001006d6174636800000028020280080002400000000114020300d67a8527f76ec1d39e537c4c3060c6a405106c72848aa8bcb429b3a20d532452032d5f166334739d1719a5778bd4f724ee4ca57f2527aeeb0c75755d68fc6fa55f4825682ee95e581039823e5963beedcf65b8b005623d90772b8b6ebd2498b0aff725a3eabb6c99cb2edfe10b9c33be8a971e08401bc0807e75a2ff376b7934473bc1f02bb512b77414daf260c9c7d4e1f0758b56ec5823892af310e6252fcfb1d9dbad362baa26f43f12f831fd221926d6536eeff641db46920ae0e48f3ff5de599714ba6510ce479d4116a519792281736f39c9fc0e10ef557392c43389271cebcf36543fcf6f83bf74b93ee4eb5e8c82e35bb4784cc1ed0ad291b16e8368487589f7590bf5896f340a36555a1cf69736da230a809176dbdfba3d47efb9a6932e5503d277532b7d4e6f7c7373a298e5843a9f74d5fd07fbc6ad22bc644ba9b3c94ec3c8f0b9321b16e5826b1f058f781760a5d4b6a8880202b41689139c37cd51f65a92d883f8901add03b650c9ec182fb565a4d657ebba9d6a5eb426b22d5933b72362e6ec327fb679aa8034b8b3b6680ad138be47652a3e77981187d2921cebfc1639aa280e3d38dba9b1af49ceded79c78a2d656b3a3e946e17e6257def6679f70f11aa01a2d906aecf4dbc7d1a332a8932ed719ce7eecb5450f494f944b3f6b637502ddba609c6e45dcfad1db7c7dda3e2c8d5ddcf27132985442e9b8df16f96c82e72e3e2491856d07756b9f08000100627066000900010073797a30000000000900020073797a3200"], 0x2d4}}, 0x4048010)

1.229027571s ago: executing program 7 (id=1345):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="070000000400000008000000d901000000000000", @ANYRES32, @ANYBLOB="000000000000744c000000000042590d8d1b53e833e3d628161e3904f20c57cad158c67160e84f8100000000000041a53d958921ee65516f23b72d8a69de6e203e14ef13b5fdacd821477ac3cc2d76d52deaaee3c09a39323c955cf4e7fc6f6ae81cc53570674d4eba5fb1c606d2ec99f7d8beab8f33d7308316601cf96cd14f6c232662f8b4673ad21149245c93e95fef57d42f1f4905723a0000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
unlinkat(0xffffffffffffff9c, &(0x7f0000000980)='./file0\x00', 0x200)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
writev(r6, &(0x7f0000000400)=[{&(0x7f0000000100)="92", 0x1}], 0x1)
pipe(&(0x7f0000000340)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
splice(r8, 0x0, r10, 0x0, 0xf3a, 0x0)
write$cgroup_pid(r10, &(0x7f0000000000), 0xffffff98)
splice(r5, 0x0, r10, 0x0, 0x80, 0x4)
write(r7, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000c00)={[], [{@smackfsroot={'smackfsroot', 0x3d, ')'}}, {@uid_lt}, {@audit}, {@context={'context', 0x3d, 'staff_u'}}, {@subj_user={'subj_user', 0x3d, 'GPL\x00'}}]}, 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000880), 0x145a80, 0x0)
close_range(0xffffffffffffffff, r9, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)={0xb0, 0x1403, 0xc23, 0x70bd2a, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'syz_tun\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'ip_vti0\x00'}}, {{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'pimreg1\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'geneve1\x00'}}]}, 0xb0}, 0x1, 0x0, 0x0, 0x48845}, 0x4000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x45c, 0x24, 0x8, 0x8000000, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x2, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x40020000, 0x1000, 0x2, 0x0, 0x0, 0x8000002, 0x0, 0x7e150a0b, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x100000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x10000, 0x5d2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x1007, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x3, 0x0, 0x1, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x2, 0x9, 0x0, 0x0, 0x7, 0xfbfffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0xffffffff, 0x3, 0x0, 0x0, 0x4fd, 0x2000, 0x0, 0x0, 0x0, 0x3, 0x15d, 0xfffffffe, 0x10000, 0x7e98263b, 0x9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x9, 0x0, 0x2000000, 0x0, 0x8, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2d1, 0x0, 0x0, 0xb2e, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0xff, 0x1000, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, 0xc3f3, 0x1, 0x0, 0x800, 0x9, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0xfffffffc, 0xfffffffe, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xfffffffd, 0x0, 0x0, 0xd819ac9, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffff, 0x0, 0x0, 0x80000001, 0x0, 0x10, 0x20, 0x4, 0x400000b2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x1000, 0x100, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x1, 0x4, 0xfffffffe, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x0, 0x0, 0x20000040, 0xffffffff, 0x6e715b80, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0xaaf0]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x3, 0x0, 0x0, 0x0, 0xc0000001}, {0x3, 0x0, 0xb, 0x0, 0x0, 0xffffffff}, 0x2, 0x10, 0x2000000}}]}}]}, 0x45c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_clone(0x801c6080, 0x0, 0x0, &(0x7f0000000900), 0x0, 0x0)
set_robust_list(0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)

1.044754615s ago: executing program 2 (id=1347):
open(&(0x7f0000000000)='./file0\x00', 0x148640, 0x78e22799f4a46f8e)
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x101682, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9ff50100180000000000000034000000340000008200000000000000010500e020739251000988fb32c1c14428000000000000000000000002000200c687000000000000"], 0x0, 0x4e}, 0x28)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x17, 0xc, &(0x7f0000000100)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x18)
write$cgroup_subtree(r2, &(0x7f00000000c0)=ANY=[], 0x32600)

1.031738246s ago: executing program 6 (id=1348):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
pipe2(&(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000000c0)={<r3=>0xffffffffffffffff}, 0x2, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r2, &(0x7f0000000200)={0x7, 0x8, 0xfa00, {r3, 0x800}}, 0x10)
close_range(r1, 0xffffffffffffffff, 0x0)

1.003713479s ago: executing program 2 (id=1349):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000500)='workqueue_activate_work\x00', r1}, 0x18)
r2 = openat(r0, &(0x7f0000000340)='./file1\x00', 0x40c842, 0x13a)
write$binfmt_elf64(r2, &(0x7f0000000980)=ANY=[@ANYBLOB="7f454c4600000006010000000000000003003e000000000003000000000000004000000000000000980100000000000002000000000038000200000002000000000000600300000008000000000000000d00000000000000ed08000000000000f0ffffffffffffff0000000000000000080000000000000003000000cff5ffff800300000000000001000000000000000500000000000000ff"], 0x5b0)
close(r2)
sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB="6c000400", @ANYRES16=0x0, @ANYBLOB="04002bbd7000fddbdf250100000005002900000000000a0009000180c20000020000060028000300000008003400010000000a000900ffffffffffff000005002900000000000600280001000000080032004000000008003b0004000000080034000d000000"], 0x6c}, 0x1, 0x0, 0x0, 0x800}, 0x20000800)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
r3 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x100000001, 0x25400000000000}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pwrite64(r3, &(0x7f0000000140)="086f2f6cf58012c27df66bb7001818cbaff8d837c19e34853533bb68d0add27c6e87f37e9e8dae7e9fb02c6e9754aa556e16ecb6c49b0ceeb73dd4895d35d4770a1fc0dfbe34801859f9fb843cff4d60a6f4b1cf7df394cce2a2fd8b829d70bc394cadd974ead8833791f65ae5c49d98cbbcd1111d262aa4d6e387dfb6c25bf0ad3e03bc6f3d0de86a50af98d03e4143cb8451d61800472e0f78c1218e3d300a06939817c675d3d880ad2656bff2e44a022ecc00da10716ffe015027540a0416561c9b1c3ca605f8a61fe9bfa31a324a7e666b206cdf7eb27d09e2c27226835bc6c806dd8813a0f12735fd3d", 0xec, 0x6)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, 0x0, 0x0)
r5 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r5, 0x402, 0x1f)
close_range(r5, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
syz_io_uring_setup(0x6821, &(0x7f00000001c0)={0x0, 0x1, 0x8000, 0x4, 0x37c}, &(0x7f0000000080)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r2, 0xc02c5341, &(0x7f00000005c0))
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040))
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x20, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x2}})
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000240))
preadv(0xffffffffffffffff, &(0x7f0000000380)=[{&(0x7f0000000180)=""/38, 0x26}], 0x1, 0xffff, 0xddd073cf)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000100)={'veth0_to_team\x00', 0x400})
getpgrp(0x0)

950.711833ms ago: executing program 6 (id=1350):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f00000004c0)={[{@mblk_io_submit}, {@dioread_nolock}, {@bh}, {@errors_continue}, {@nouid32}, {@quota}, {@noinit_itable}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='io_uring_defer\x00', r0}, 0x18)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
fdatasync(r0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
sendmsg$TIPC_NL_NET_GET(r0, &(0x7f0000000680)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000540)={&(0x7f00000010c0)=ANY=[@ANYBLOB="9802", @ANYRES16, @ANYBLOB="000427bd7000fddbdf250e0000004c000680040002004100040067636d28616573290000000000000000000000000000000000000000000000001900000098bcfef104d88759f785cca438bb8cd96df3f0eff4a8c6c943000000a400028004000400140003800800020005000000080001eb25714250fe5f828693dc587a000400000008000100000800010098000000080001000500000008000200ff07000008004c00038008000200b10c000008000100000000000800010001001080080001007791000008000200fbffffff08000200be0000000800020008000000080001000800000008000200050000000400040004000400600007306bc20780080001000e000000080001000f000000080001001e000000080001001a00000014000780080001001b000000080003000900000024000780080003009acd000008000200a30300000800040000000000080003003cf9ffff7c0005801c0002800800020004000000080003000000000008000300040000004c000280080003000080000008000200ffff0000080003000100008008000200020000000800030001000000080003000900000008000400ed00000008000100140000000800040007000000080001007564700008000100756470001400038008000100040000000800030007000000440004801400078008000300dd33000008000300030000001300010062726f6164636173742d6c696e6b00000900010073797a31000000000c000780080001000b0000002400038008000100030000000800030007000000080002007b52000008000300020000003c000280040004002c0003800800010001010000080001000600000008000100010000000800010001000000080002000800000004"], 0x298}, 0x1, 0x0, 0x0, 0x4004011}, 0x40000)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r2 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x2, &(0x7f0000000540)='\x00', &(0x7f0000001c80)='n', 0x1)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f00000005c0)='\x00H\xeb', 0x0, r2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x2}, 0x18)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x2, &(0x7f00000002c0)='\x04\x00\x00\x00\x01\x00\x00\x00\x00', &(0x7f0000000940)="ad", 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000700)='\x83free\x00n\x7fk\f\xe3\xcb:$\xf6\xff_e]\xf2t\x110q\xe8\x97\x19\xb0\x81!\xb1{\a\xcd\xc0R\xa2\xfd\x1d+\xc1r\xb0\x8em\xd4\xa6\xa6\x82v\xc9\xe3\xca\x84\xb3\x97\xd1\x88\xdd\r\xc7\xee\x18h\x13\x18\xa2\x87]@\xaa.\xcb\x971\xd5h\a0\xe5\xb3X\xac\xddU\x85\x87\x94\x8bZQ\x8b\xbeZ\x1b\xa0\xb9<\x86!RB\xa5\xfa\x04\x1e\xee\x1b\x92rB\x01\xaflPh\xfc\xa8J\x9aE\xa0Y\xc5\xb9\xc8CE\xa6:\x8f\x86\xb9\xc4x\xe5\x95\x1cX>d\xcaxY\x1e\xe2\x18E\xd6L3\x8d/?m\xa3Y\x8c\xec\xeb\xaa\r?\x96ut\x14\xe7s5\xb5\x93\xa3\xb4\xe3\xc9\xef$\x01]&\x90_9\xd0~Y\x8a\'9\x02\x9d\x05\xbc\x94\x16j\xb6\xcba\x1a\x10Jt!\x8e,\x047', &(0x7f0000000180)='\xfa.O\x80', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000a40)='t`\x16{\xf9\x8eE5\xf7\xbbE\xc94I\xb4\xbap\xc7\x13\x0f\xa8\x8c.\xc8\xe5\xbc\xbeQ#\v$z\x7f:\xe5J\xad\xf1\xdc\x8dE\x90\xf8\x01\x1f\xdd\xa6!\xf0\x1a\x9b\'\x8a\x83Y\x8d\x01\xf8\xda$\x93\xbb|\x00', &(0x7f0000000a80)='U&~=\xd8G\x93\x14\xc9o\xaf\x8b\xd4-\xc5\x12\x8d\xc8\xf1\'\xcf\x92V\xceKg\x8b\xc3\x9e\xd6H\xad0`\xaf\x06\x00xOq\xb6H\x11', 0x0)
close(r2)
r5 = socket$netlink(0x10, 0x3, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
vmsplice(r6, &(0x7f00000013c0)=[{&(0x7f0000000080)='4', 0xfee1}, {&(0x7f0000000100)="a7", 0x1}, {&(0x7f0000000240)="9f", 0x1}, {&(0x7f0000000300)='b', 0x1}], 0x10000000000000e0, 0x1)
sendmsg$netlink(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf"], 0x2c}], 0x1}, 0x0)

949.955343ms ago: executing program 2 (id=1351):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ptrace(0x10, r0)
ptrace$getregs(0xc, r0, 0xffffffffffffdcaf, &(0x7f0000000040)=""/45)

917.760596ms ago: executing program 2 (id=1352):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{0x0, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

885.048639ms ago: executing program 8 (id=1354):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
pipe2(&(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000000c0)={<r3=>0xffffffffffffffff}, 0x2, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r2, &(0x7f0000000200)={0x7, 0x8, 0xfa00, {r3, 0x800}}, 0x10)
close_range(r1, 0xffffffffffffffff, 0x0)

873.231309ms ago: executing program 2 (id=1355):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000aac020000060a0b040000000000000000020000003c020480380201800a0001006d6174636800000028020280080002400000000114020300d67a8527f76ec1d39e537c4c3060c6a405106c72848aa8bcb429b3a20d532452032d5f166334739d1719a5778bd4f724ee4ca57f2527aeeb0c75755d68fc6fa55f4825682ee95e581039823e5963beedcf65b8b005623d90772b8b6ebd2498b0aff725a3eabb6c99cb2edfe10b9c33be8a971e08401bc0807e75a2ff376b7934473bc1f02bb512b77414daf260c9c7d4e1f0758b56ec5823892af310e6252fcfb1d9dbad362baa26f43f12f831fd221926d6536eeff641db46920ae0e48f3ff5de599714ba6510ce479d4116a519792281736f39c9fc0e10ef557392c43389271cebcf36543fcf6f83bf74b93ee4eb5e8c82e35bb4784cc1ed0ad291b16e8368487589f7590bf5896f340a36555a1cf69736da230a809176dbdfba3d47efb9a6932e5503d277532b7d4e6f7c7373a298e5843a9f74d5fd07fbc6ad22bc644ba9b3c94ec3c8f0b9321b16e5826b1f058f781760a5d4b6a8880202b41689139c37cd51f65a92d883f8901add03b650c9ec182fb565a4d657ebba9d6a5eb426b22d5933b72362e6ec327fb679aa8034b8b3b6680ad138be47652a3e77981187d2921cebfc1639aa280e3d38dba9b1af49ceded79c78a2d656b3a3e946e17e6257def6679f70f11aa01a2d906aecf4dbc7d1a332a8932ed719ce7eecb5450f494f944b3f6b637502ddba609c6e45dcfad1db7c7dda3e2c8d5ddcf27132985442e9b8df16f96c82e72e3e2491856d07756b9f08000100627066000900010073797a30000000000900020073797a3200"], 0x2d4}}, 0x4048010)

836.837382ms ago: executing program 2 (id=1356):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000000000)=0x1, 0x4)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000080)=0x40, 0x4)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000600)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000180)="d2cf4071eedf8b7b757a6ae20539519ec6afbc267e1742070caeb3", 0x1b}, {&(0x7f0000002440)="4137a29b582bd471798f15f967e7f8118e1abf61ebd7d146a12a42f6ffd2340daaa8dcf6da818cc0efac75e8c35abbde7a18e0226b424f5557c71db5d327baccef203377178ddb12221cdaf45711a2535ae87e6ab62ccba71b6f2ac0f6c9ead0ec52116d305204537900daaad0d6e4dd9d3ad654711b72964f28b8b5d231d709bf3cd4a0477ef446e7da5eaa15cc39e9c57d89217e33a93e0132269c182e5d0186448a8e871cf560229a3cc36317ac47bae1596458badc9ebde2c707dea2e18f859e20f7595cce0a88485e5223b2c8fc383e37cbbfe8353e2a8eb6dc65d76746a31d8f206f3152176a502d3e582a31933e40cff645d93afca045741f99af1cba5b3b6dd6c2edd5e6c4505ae594aa23cbc8a143512180028d9b3984a2517ac9a15154460ff0f654df3f8cf1c13455cb5f440a67de7a6dad269c76e2625c35222985a47aa3b920d97dea05c43bc937361d33781f8057097ca11a9d90eea3d8ae56f0e57f3a6f32f8786e165305301a3d86367337d2651a27b8c222f349491648ba165a6ed9a1e5e5397a1ee963651c2d9c79d6d5b34941375b6b53abcc7882c4e57a63de2e32c30e41030f24ae6efee9e3446eab3b5407cc20f581095dde95241e3853c4864ea7ecd07888956d9375b9ef74be4454d7693b53ed6bd0644cd93945b2eb35a6ac7c34aa11facf27ca4463e2bb1eef71", 0x1f4}, {&(0x7f00000001c0)="9dab6c735c518ca8adbba2311f75377a4bded2c33218d4125d069dcc6c96dc2dc7b9df5f79585eb646b33916", 0x2c}], 0x3}}, {{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000380)="248f0ef3cf", 0x5}], 0x1}}], 0x2, 0x2b332e019dd83bf)

836.427682ms ago: executing program 1 (id=1357):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000680)='./file0\x00', 0x10e, &(0x7f0000000280)={[{@errors_remount}, {@nodelalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@jqfmt_vfsv0}, {@quota}]}, 0x3, 0x44d, &(0x7f0000000a40)="$eJzs28tvG8UfAPDvrpP219cvoZRHH0CgICIeSZMW6IEDIJA4gITEpRxDklalboOaINGqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrlQuFktPZu/IjtJsGJS/35SNvM7I498/Xs2LM73QAG1lj2TxKxNyJ+jYiRWra5wFjtz82VK7N/rVyZTaJSefOPpFruz5Urs0XR4nV78sx4GpF+ksThNvUuXrp8bqZcnr+Y5yeXzr87uXjp8tNnz8+cmT8zf2H65MkTx6eee3b6mZ7EeVfW1kMfLBw5+Opb116fPXXt7R+/Tor4W+LokbFuBx+rVHpcXX/ta0gnQ31sCBtSioisu4ar438kSlHvvJF45eO+Ng7YUpVch8PLFeAOlkS/WwD0R/FDn13/Ftv2zT7678aLtQugLO6b+VY7MhRp1C6Mhluub3tpLCJOLf/9RbbF1tyHAABo8m02/3mq3fwvjXsbyv0/XxsazddS9kfE3RFxICLuiaiWvS8i7t9g/a2LJGvnP+n1TQW2Ttn87/l8bat5/pcWRUZLeW5fNTOcnD5bnj+WfybjMbwzy091qeO7l3/5rNOxxvlftmX1F3PBvB3Xh3Y2v2ZuZmnm38Tc6MZHEYeG2sWfrK4EJBFxMCIObbKOs098daTTsdb4K0m3d3qhOduDdabKlxGP1/p/OVriLyTd1ycn/xfl+WOTxVmx1k8/X32jU/237v+tlfX/7rbn/2r8o0njeu3ixuu4+tunHa9pJjZ1/td37Mj/vj+ztHRxKmJH8lqt0Y37p+uvLfJF+Sz+8aPtx//+qH8ShyMiO4kfiIgHI+KhvO8ejohHIuJol/h/eOnRdzodux36f66l/0ebi7T0fz2xI1r3tE+Uzn3/TfM71pPr+/47UU2N53vW8/23nnZt7mwGAACA/540IvZGkk6sptN0YqL2f/gPxO60vLC49OTphfcuzNWeERiN4bS401W7H1y7HzqVX9YX+emW/PH8vvHnpV3V/MTsQnmu38HDgNvTYfxnfi/1u3XAlvO8Fgwu4x8Gl/EPg8v4h8HVZvzv6kc7gO3X7vf/w3qyMrKdjQG2Vcv4t+wHA8T1Pwwu4x8GV+P47/r8PXAnWdwVt35IXkJiTSLS26IZvUkkWzwK9vY7wI0n+v3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA///oO+WP")
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x130)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000140)={0x4200, 0x100, 0x5, 0x5}, 0x10)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

781.144667ms ago: executing program 8 (id=1358):
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x2, 0x6}, 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)

622.10354ms ago: executing program 8 (id=1359):
open(&(0x7f0000000000)='./file0\x00', 0x148640, 0x78e22799f4a46f8e)
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x101682, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9ff50100180000000000000034000000340000008200000000000000010500e020739251000988fb32c1c14428000000000000000000000002000200c687000000000000"], 0x0, 0x4e}, 0x28)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x17, 0xc, &(0x7f0000000100)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x18)
write$cgroup_subtree(r1, &(0x7f00000000c0)=ANY=[], 0x32600)

579.028783ms ago: executing program 1 (id=1360):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
pipe2(&(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000000c0)={<r3=>0xffffffffffffffff}, 0x2, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r2, &(0x7f0000000200)={0x7, 0x8, 0xfa00, {r3, 0x800}}, 0x10)
close_range(r1, 0xffffffffffffffff, 0x0)

498.669909ms ago: executing program 1 (id=1361):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000500)='workqueue_activate_work\x00', r1}, 0x18)
r2 = openat(r0, &(0x7f0000000340)='./file1\x00', 0x40c842, 0x13a)
write$binfmt_elf64(r2, &(0x7f0000000980)=ANY=[@ANYBLOB="7f454c4600000006010000000000000003003e000000000003000000000000004000000000000000980100000000000002000000000038000200000002000000000000600300000008000000000000000d00000000000000ed08000000000000f0ffffffffffffff0000000000000000080000000000000003000000cff5ffff800300000000000001000000000000000500000000000000ff"], 0x5b0)
close(r2)
sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB="6c000400", @ANYRES16=0x0, @ANYBLOB="04002bbd7000fddbdf250100000005002900000000000a0009000180c20000020000060028000300000008003400010000000a000900ffffffffffff000005002900000000000600280001000000080032004000000008003b0004000000080034000d000000"], 0x6c}, 0x1, 0x0, 0x0, 0x800}, 0x20000800)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
r3 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x100000001, 0x25400000000000}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pwrite64(r3, &(0x7f0000000140)="086f2f6cf58012c27df66bb7001818cbaff8d837c19e34853533bb68d0add27c6e87f37e9e8dae7e9fb02c6e9754aa556e16ecb6c49b0ceeb73dd4895d35d4770a1fc0dfbe34801859f9fb843cff4d60a6f4b1cf7df394cce2a2fd8b829d70bc394cadd974ead8833791f65ae5c49d98cbbcd1111d262aa4d6e387dfb6c25bf0ad3e03bc6f3d0de86a50af98d03e4143cb8451d61800472e0f78c1218e3d300a06939817c675d3d880ad2656bff2e44a022ecc00da10716ffe015027540a0416561c9b1c3ca605f8a61fe9bfa31a324a7e666b206cdf7eb27d09e2c27226835bc6c806dd8813a0f12735fd3d", 0xec, 0x6)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, 0x0, 0x0)
r5 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r5, 0x402, 0x1f)
close_range(r5, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
syz_io_uring_setup(0x6821, &(0x7f00000001c0)={0x0, 0x1, 0x8000, 0x4, 0x37c}, &(0x7f0000000080)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r2, 0xc02c5341, &(0x7f00000005c0))
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040))
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x20, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x2}})
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000240))
preadv(0xffffffffffffffff, &(0x7f0000000380)=[{&(0x7f0000000180)=""/38, 0x26}], 0x1, 0xffff, 0xddd073cf)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000100)={'veth0_to_team\x00', 0x400})
getpgrp(0x0)

348.362551ms ago: executing program 7 (id=1362):
socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000240)={'#! ', './file0'}, 0xb)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
timer_create(0x1, &(0x7f0000000580)={0x0, 0x41, 0x0, @thr={&(0x7f0000000440)="315abb176b62d0bdf5901ae34e91792d8a60c4960befe2375eafab4ad136fd59ccccbbc1a17ad25fc4d9fe9d489baf50272a099b5c683e0a878ca8ba8cfb420cf4dfb8316a1cf851a0ee7658b3b9548f2aaa06947129f0905d357ebe", &(0x7f0000000200)="b0d963f88a77c87d9dabc1172b3d97e35173c1194f8b9332"}}, &(0x7f0000000600))
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000140)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0xa}, 0x18)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000080000000b"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r3, @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000001600)=""/4094, 0xffe}], 0x1, 0xf0, 0xd215)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000180)={0x5, &(0x7f0000000340)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}, {0xa6, 0x11, 0x9, 0xbc}, {0x8, 0xa, 0x5, 0x2}, {0x8000, 0x2, 0x2, 0x9}, {0x4d, 0x4f, 0x7f, 0x1}]})
setsockopt$inet6_tcp_TLS_TX(r2, 0x6, 0x1, &(0x7f0000000640)=@gcm_128={{0x7}, "4980c4e170cf339f", "0363a9374deeeea86e366e0be8f5e021", "f545d4f9", "30991b3e09d64b43"}, 0x28)
sysinfo(&(0x7f0000000000)=""/92)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00'}, 0x18)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x1b, &(0x7f0000000480)={@dev}, 0x20)

310.891204ms ago: executing program 1 (id=1363):
open(&(0x7f0000000000)='./file0\x00', 0x148640, 0x78e22799f4a46f8e)
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x101682, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9ff50100180000000000000034000000340000008200000000000000010500e020739251000988fb32c1c14428000000000000000000000002000200c687000000000000"], 0x0, 0x4e}, 0x28)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x18)
rename(&(0x7f0000000000)='./file2\x00', 0x0)
write$cgroup_subtree(r0, &(0x7f00000000c0)=ANY=[], 0x32600)

213.763582ms ago: executing program 8 (id=1364):
socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000140)='sched_switch\x00', r1, 0x0, 0xa}, 0x18)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32, @ANYRES32], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000001600)=""/4094, 0xffe}], 0x1, 0xf0, 0xd215)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000180)={0x5, &(0x7f0000000340)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}, {0xa6, 0x11, 0x9, 0xbc}, {0x8, 0xa, 0x5, 0x2}, {0x8000, 0x2, 0x2, 0x9}, {0x4d, 0x4f, 0x7f, 0x1}]})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000480)={@dev}, 0x20)

182.719315ms ago: executing program 1 (id=1365):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{0x0, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

163.750497ms ago: executing program 1 (id=1366):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
ptrace$ARCH_SHSTK_DISABLE(0x1e, 0x0, 0x2, 0x5002)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f00000000c0)='./file0\x00', 0x204888, &(0x7f0000000380)=ANY=[@ANYBLOB="756e695f786c6174653d312c696f636861727365743d757466382c0097b75cbdde02821d0f899c2377ee9577397fc18b433d0c59e692b381740ca495e1c145c5922679338b5ff21c0653a98440a5725268a242c0263564f988d3c178704feaf8a412df818275708882ea9a4048c6e458a1f05b83f2e69b965b1df203b21de2b0ee375647f886a5310889982079aa7b1fb42e2382d40feefe7f768eec58b19cf50faaf129503175f4262df740183df51d3641ff78b86127c1db8ef165bfa3bd20797fde6ff91a0e45d3d7c1c6d1ce0a72be8c1fdb00000000"], 0x1, 0x336, &(0x7f0000000880)="$eJzs3cFrI1UcB/DfxrXdXe2mBxEUxIde9DK09R8wyC6IBaVuZfUgzNqphswmJRNWsoi7N/Hm37F49CaI4LkX79689eJxD4uRJm23ienBhTSWfD4Q3i/z8mXeJEz4XZJ3cPuHu63dKtvNe1F7N8XViKg9jliNWhy7dDTWhvVSnPYw3q7f/uO1jz/97IPG5uaNrZRuNm69s5FSuv76L19/8+Mbv/Ze+OSn6z8vx/7q5wd/bfy5//L+Kwd/3/qqWaVmldqdXsrTnU6nl98pi7TTrFpZSh+VRV4Vqdmuiu7Y/G7Z2dvrp7y9s3Jtr1tUVcrb/dQq+qnXSb1uP+Vf5s12yrIsrVyLxfIs17v9aGsrb8xgMZyj7ycPXB1/2u028sN7ePlfye1HM10YAPC/NNn/1+LK8Pic+v/jFuW/9/+XFr3/fxb6/0Vw2P8vHd2/4/T/AAAAAAAAAAAAAABwETweDOqDwaB+PE4+5r0+Zsvnv9hO/XDvSkT53b3te9ujcTTf2I1mlFHEWtTjScTgxKi++f7mjbU0tBordx+M8ofjc+P59ajH6vT8ekpp8CCl8fzzw3+0OMlvRD1emp7fGJ1/Ir8Ub715Kp9FPX7/IjpRxk4cZp/mv11P6b0PNyfyy8PXAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALAYsnRi6v79WXbW/Ch/sr/+WtTjyfT9+dem7s9/OV69PN9rBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBjVf9+Ky/Lonv+xcM4Y2pwZF4LO/8iYman+O3FOOt9VijOLub9zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn7+mm3/NeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPNU9e+38rIsujMs5n2NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF8k/AQAA//8A7ioD")
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)

152.241108ms ago: executing program 8 (id=1367):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000aac020000060a0b040000000000000000020000003c020480380201800a0001006d6174636800000028020280080002400000000114020300d67a8527f76ec1d39e537c4c3060c6a405106c72848aa8bcb429b3a20d532452032d5f166334739d1719a5778bd4f724ee4ca57f2527aeeb0c75755d68fc6fa55f4825682ee95e581039823e5963beedcf65b8b005623d90772b8b6ebd2498b0aff725a3eabb6c99cb2edfe10b9c33be8a971e08401bc0807e75a2ff376b7934473bc1f02bb512b77414daf260c9c7d4e1f0758b56ec5823892af310e6252fcfb1d9dbad362baa26f43f12f831fd221926d6536eeff641db46920ae0e48f3ff5de599714ba6510ce479d4116a519792281736f39c9fc0e10ef557392c43389271cebcf36543fcf6f83bf74b93ee4eb5e8c82e35bb4784cc1ed0ad291b16e8368487589f7590bf5896f340a36555a1cf69736da230a809176dbdfba3d47efb9a6932e5503d277532b7d4e6f7c7373a298e5843a9f74d5fd07fbc6ad22bc644ba9b3c94ec3c8f0b9321b16e5826b1f058f781760a5d4b6a8880202b41689139c37cd51f65a92d883f8901add03b650c9ec182fb565a4d657ebba9d6a5eb426b22d5933b72362e6ec327fb679aa8034b8b3b6680ad138be47652a3e77981187d2921cebfc1639aa280e3d38dba9b1af49ceded79c78a2d656b3a3e946e17e6257def6679f70f11aa01a2d906aecf4dbc7d1a332a8932ed719ce7eecb5450f494f944b3f6b637502ddba609c6e45dcfad1db7c7dda3e2c8d5ddcf27132985442e9b8df16f96c82e72e3e2491856d07756b9f08000100627066000900010073797a30000000000900020073797a3200"], 0x2d4}}, 0x4048010)

48.180756ms ago: executing program 8 (id=1368):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
rmdir(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00')

0s ago: executing program 6 (id=1369):
socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000240)={'#! ', './file0'}, 0xb)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
timer_create(0x1, &(0x7f0000000580)={0x0, 0x41, 0x0, @thr={&(0x7f0000000440)="315abb176b62d0bdf5901ae34e91792d8a60c4960befe2375eafab4ad136fd59ccccbbc1a17ad25fc4d9fe9d489baf50272a099b5c683e0a878ca8ba8cfb420cf4dfb8316a1cf851a0ee7658b3b9548f2aaa06947129f0905d357ebe", &(0x7f0000000200)="b0d963f88a77c87d9dabc1172b3d97e35173c1194f8b9332"}}, &(0x7f0000000600))
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000140)='sched_switch\x00', r1, 0x0, 0xa}, 0x18)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000080000000b"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r3, @ANYRES32], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000001600)=""/4094, 0xffe}], 0x1, 0xf0, 0xd215)

kernel console output (not intermixed with test programs):

824.648:8395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5476 comm="syz.6.682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa30997ebe9 code=0x7ffc0000
[   72.909284][   T29] audit: type=1326 audit(1754803824.668:8396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5476 comm="syz.6.682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa30997ebe9 code=0x7ffc0000
[   72.932757][   T29] audit: type=1326 audit(1754803824.668:8397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5476 comm="syz.6.682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa30997ebe9 code=0x7ffc0000
[   72.956067][   T29] audit: type=1326 audit(1754803824.668:8398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5476 comm="syz.6.682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa30997ebe9 code=0x7ffc0000
[   72.979355][   T29] audit: type=1326 audit(1754803824.668:8399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5476 comm="syz.6.682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa30997ebe9 code=0x7ffc0000
[   73.002617][   T29] audit: type=1326 audit(1754803824.668:8400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5476 comm="syz.6.682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa30997ebe9 code=0x7ffc0000
[   73.086486][ T5512] netlink: 12 bytes leftover after parsing attributes in process `syz.7.697'.
[   73.117193][ T4547] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.191532][ T5526] FAULT_INJECTION: forcing a failure.
[   73.191532][ T5526] name failslab, interval 1, probability 0, space 0, times 0
[   73.204267][ T5526] CPU: 1 UID: 0 PID: 5526 Comm: syz.7.704 Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(voluntary) 
[   73.204364][ T5526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   73.204394][ T5526] Call Trace:
[   73.204401][ T5526]  <TASK>
[   73.204409][ T5526]  __dump_stack+0x1d/0x30
[   73.204433][ T5526]  dump_stack_lvl+0xe8/0x140
[   73.204487][ T5526]  dump_stack+0x15/0x1b
[   73.204507][ T5526]  should_fail_ex+0x265/0x280
[   73.204554][ T5526]  should_failslab+0x8c/0xb0
[   73.204661][ T5526]  kmem_cache_alloc_node_noprof+0x57/0x320
[   73.204697][ T5526]  ? __alloc_skb+0x101/0x320
[   73.204793][ T5526]  __alloc_skb+0x101/0x320
[   73.204826][ T5526]  ? audit_log_start+0x365/0x6c0
[   73.204901][ T5526]  audit_log_start+0x380/0x6c0
[   73.204940][ T5526]  audit_seccomp+0x48/0x100
[   73.205041][ T5526]  ? __seccomp_filter+0x68c/0x10d0
[   73.205066][ T5526]  __seccomp_filter+0x69d/0x10d0
[   73.205090][ T5526]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   73.205171][ T5526]  ? vfs_write+0x7e8/0x960
[   73.205192][ T5526]  ? __rcu_read_unlock+0x4f/0x70
[   73.205266][ T5526]  ? __fget_files+0x184/0x1c0
[   73.205376][ T5526]  __secure_computing+0x82/0x150
[   73.205415][ T5526]  syscall_trace_enter+0xcf/0x1e0
[   73.205443][ T5526]  do_syscall_64+0xac/0x200
[   73.205473][ T5526]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   73.205512][ T5526]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   73.205545][ T5526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.205569][ T5526] RIP: 0033:0x7f82cf6bebe9
[   73.205586][ T5526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.205608][ T5526] RSP: 002b:00007f82ce127038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   73.205639][ T5526] RAX: ffffffffffffffda RBX: 00007f82cf8e5fa0 RCX: 00007f82cf6bebe9
[   73.205676][ T5526] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006
[   73.205689][ T5526] RBP: 00007f82ce127090 R08: 0000000000000000 R09: 0000000000000000
[   73.205703][ T5526] R10: 0001000000201005 R11: 0000000000000246 R12: 0000000000000001
[   73.205717][ T5526] R13: 00007f82cf8e6038 R14: 00007f82cf8e5fa0 R15: 00007ffdbae96608
[   73.205743][ T5526]  </TASK>
[   73.214834][ T5528] veth1_to_team: entered promiscuous mode
[   73.434874][ T5528] bond_slave_0: entered promiscuous mode
[   73.441099][ T5528] bond_slave_0: left promiscuous mode
[   73.449253][ T5528] veth1_to_team: left promiscuous mode
[   73.589666][ T5551] loop1: detected capacity change from 0 to 1024
[   73.640571][ T5551] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.653474][ T5536] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   73.662012][ T5536] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   73.692099][ T5557] netlink: 48 bytes leftover after parsing attributes in process `syz.7.711'.
[   73.705659][ T5536] netlink: 108 bytes leftover after parsing attributes in process `syz.6.708'.
[   73.727230][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.778275][ T5562] loop1: detected capacity change from 0 to 1024
[   73.913246][ T5570] loop2: detected capacity change from 0 to 512
[   73.933256][ T5570] EXT4-fs: Ignoring removed mblk_io_submit option
[   73.939781][ T5570] EXT4-fs: Ignoring removed bh option
[   73.955271][ T5562] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.970655][ T5574] netlink: 12 bytes leftover after parsing attributes in process `syz.8.709'.
[   73.999734][ T5570] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   74.020761][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.038129][ T5570] EXT4-fs (loop2): 1 truncate cleaned up
[   74.053671][ T5570] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.069172][ T5560] netlink: 20 bytes leftover after parsing attributes in process `syz.8.709'.
[   74.129061][ T5579] FAULT_INJECTION: forcing a failure.
[   74.129061][ T5579] name failslab, interval 1, probability 0, space 0, times 0
[   74.141879][ T5579] CPU: 0 UID: 0 PID: 5579 Comm: syz.1.721 Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(voluntary) 
[   74.141927][ T5579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   74.141940][ T5579] Call Trace:
[   74.141947][ T5579]  <TASK>
[   74.141954][ T5579]  __dump_stack+0x1d/0x30
[   74.141976][ T5579]  dump_stack_lvl+0xe8/0x140
[   74.141999][ T5579]  dump_stack+0x15/0x1b
[   74.142019][ T5579]  should_fail_ex+0x265/0x280
[   74.142111][ T5579]  should_failslab+0x8c/0xb0
[   74.142135][ T5579]  kmem_cache_alloc_node_noprof+0x57/0x320
[   74.142166][ T5579]  ? __alloc_skb+0x101/0x320
[   74.142292][ T5579]  __alloc_skb+0x101/0x320
[   74.142326][ T5579]  rtmsg_fib+0x99/0x230
[   74.142359][ T5579]  fib_table_delete+0x777/0x830
[   74.142391][ T5579]  fib_magic+0x1ba/0x1f0
[   74.142430][ T5579]  fib_del_ifaddr+0x1cf/0xa90
[   74.142472][ T5579]  ? nlmsg_notify+0xcf/0x170
[   74.142553][ T5579]  ? nlmsg_notify+0x12e/0x170
[   74.142576][ T5579]  fib_inetaddr_event+0x79/0x1f0
[   74.142599][ T5579]  ? inetaddr_event+0x71/0xa0
[   74.142633][ T5579]  ? __pfx_fib_inetaddr_event+0x10/0x10
[   74.142718][ T5579]  blocking_notifier_call_chain+0x98/0x1f0
[   74.142743][ T5579]  __inet_del_ifa+0x4e5/0x7f0
[   74.142776][ T5579]  ? netdev_name_node_lookup+0xa4/0xd0
[   74.142861][ T5579]  devinet_ioctl+0x7bd/0xe40
[   74.142946][ T5579]  inet_ioctl+0x2f8/0x3a0
[   74.142972][ T5579]  sock_do_ioctl+0x70/0x220
[   74.143001][ T5579]  sock_ioctl+0x41b/0x610
[   74.143052][ T5579]  ? __pfx_sock_ioctl+0x10/0x10
[   74.143081][ T5579]  __se_sys_ioctl+0xce/0x140
[   74.143133][ T5579]  __x64_sys_ioctl+0x43/0x50
[   74.143175][ T5579]  x64_sys_call+0x1816/0x2ff0
[   74.143196][ T5579]  do_syscall_64+0xd2/0x200
[   74.143230][ T5579]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   74.143264][ T5579]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   74.143309][ T5579]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.143341][ T5579] RIP: 0033:0x7fa6ffeeebe9
[   74.143402][ T5579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.143423][ T5579] RSP: 002b:00007fa6fe936038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   74.143445][ T5579] RAX: ffffffffffffffda RBX: 00007fa700116090 RCX: 00007fa6ffeeebe9
[   74.143460][ T5579] RDX: 0000200000000040 RSI: 0000000000008916 RDI: 0000000000000006
[   74.143475][ T5579] RBP: 00007fa6fe936090 R08: 0000000000000000 R09: 0000000000000000
[   74.143487][ T5579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.143499][ T5579] R13: 00007fa700116128 R14: 00007fa700116090 R15: 00007fff0e995c28
[   74.143516][ T5579]  </TASK>
[   74.537249][ T5581] loop9: detected capacity change from 0 to 7
[   74.545601][ T5570] netlink: 12 bytes leftover after parsing attributes in process `syz.2.720'.
[   74.556928][ T5581] Buffer I/O error on dev loop9, logical block 0, async page read
[   74.575133][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.584589][ T5581] Buffer I/O error on dev loop9, logical block 0, async page read
[   74.592557][ T5581]  loop9: unable to read partition table
[   74.603161][ T5581] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   74.603161][ T5581] 
) failed (rc=-5)
[   74.669533][ T5590] loop2: detected capacity change from 0 to 512
[   74.697924][ T5590] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.726: corrupted in-inode xattr: invalid ea_ino
[   74.724695][ T5590] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.726: couldn't read orphan inode 15 (err -117)
[   74.740573][ T5594] netlink: 8 bytes leftover after parsing attributes in process `syz.7.728'.
[   74.751872][ T5594] vlan1: entered allmulticast mode
[   74.756996][ T5594] dummy0: entered allmulticast mode
[   74.795219][ T5590] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.822899][ T5604] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5604 comm=syz.6.732
[   74.891405][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.905391][ T5610] SELinux:  Context (8%: is not valid (left unmapped).
[   74.922974][ T5613] loop6: detected capacity change from 0 to 512
[   74.933147][ T5613] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   74.955439][ T5613] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.732: bg 0: block 4: invalid block bitmap
[   74.969144][ T5613] EXT4-fs (loop6): Remounting filesystem read-only
[   74.975697][ T5613] EXT4-fs (loop6): 1 truncate cleaned up
[   74.988489][ T5613] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.033023][ T5626] loop1: detected capacity change from 0 to 2048
[   75.072281][ T4547] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.086714][ T5626]  loop1: p2 p3 p7
[   75.090620][ T5626] netlink: 8 bytes leftover after parsing attributes in process `syz.1.734'.
[   75.201498][ T5636] netlink: 44 bytes leftover after parsing attributes in process `syz.1.738'.
[   75.274128][ T5642] mmap: syz.2.741 (5642) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   75.458588][ T5649] sch_fq: defrate 4294967295 ignored.
[   75.514502][ T5654] loop2: detected capacity change from 0 to 1024
[   75.529119][ T5654] EXT4-fs: Ignoring removed oldalloc option
[   75.535102][ T5654] EXT4-fs: Ignoring removed bh option
[   75.642773][ T5654] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.747366][ T5665] lo speed is unknown, defaulting to 1000
[   75.755542][ T5665] geneve1 speed is unknown, defaulting to 1000
[   75.795654][ T5672] SELinux:  policydb string  does not match my string SE Linux
[   75.832526][ T5672] SELinux: failed to load policy
[   75.836249][ T5628] syz.6.735 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[   75.851501][ T5628] CPU: 0 UID: 0 PID: 5628 Comm: syz.6.735 Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(voluntary) 
[   75.851535][ T5628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   75.851548][ T5628] Call Trace:
[   75.851554][ T5628]  <TASK>
[   75.851563][ T5628]  __dump_stack+0x1d/0x30
[   75.851626][ T5628]  dump_stack_lvl+0xe8/0x140
[   75.851651][ T5628]  dump_stack+0x15/0x1b
[   75.851671][ T5628]  dump_header+0x81/0x220
[   75.851704][ T5628]  oom_kill_process+0x342/0x400
[   75.851746][ T5628]  out_of_memory+0x979/0xb80
[   75.851816][ T5628]  try_charge_memcg+0x5e6/0x9e0
[   75.851849][ T5628]  obj_cgroup_charge_pages+0xa6/0x150
[   75.851917][ T5628]  __memcg_kmem_charge_page+0x9f/0x170
[   75.851951][ T5628]  __alloc_frozen_pages_noprof+0x188/0x360
[   75.852073][ T5628]  alloc_pages_mpol+0xb3/0x250
[   75.852126][ T5628]  alloc_pages_noprof+0x90/0x130
[   75.852160][ T5628]  __vmalloc_node_range_noprof+0x6f2/0xe00
[   75.852213][ T5628]  __kvmalloc_node_noprof+0x30f/0x4e0
[   75.852255][ T5628]  ? ip_set_alloc+0x1f/0x30
[   75.852331][ T5628]  ? ip_set_alloc+0x1f/0x30
[   75.852365][ T5628]  ? hash_netiface_create+0x21b/0x740
[   75.852423][ T5628]  ? __kmalloc_cache_noprof+0x189/0x320
[   75.852460][ T5628]  ip_set_alloc+0x1f/0x30
[   75.852519][ T5628]  hash_netiface_create+0x282/0x740
[   75.852558][ T5628]  ? __pfx_hash_netiface_create+0x10/0x10
[   75.852615][ T5628]  ip_set_create+0x3c9/0x960
[   75.852692][ T5628]  ? __nla_parse+0x40/0x60
[   75.852723][ T5628]  nfnetlink_rcv_msg+0x4c6/0x590
[   75.852773][ T5628]  netlink_rcv_skb+0x120/0x220
[   75.852837][ T5628]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   75.852874][ T5628]  nfnetlink_rcv+0x16b/0x1690
[   75.852910][ T5628]  ? nlmon_xmit+0x4f/0x60
[   75.852937][ T5628]  ? consume_skb+0x49/0x150
[   75.852989][ T5628]  ? nlmon_xmit+0x4f/0x60
[   75.853015][ T5628]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   75.853120][ T5628]  ? __dev_queue_xmit+0x1200/0x2000
[   75.853149][ T5628]  ? __dev_queue_xmit+0x182/0x2000
[   75.853170][ T5628]  ? __alloc_frozen_pages_noprof+0x188/0x360
[   75.853210][ T5628]  ? ref_tracker_free+0x37d/0x3e0
[   75.853242][ T5628]  ? __netlink_deliver_tap+0x4dc/0x500
[   75.853273][ T5628]  netlink_unicast+0x5c0/0x690
[   75.853313][ T5628]  netlink_sendmsg+0x58b/0x6b0
[   75.853339][ T5628]  ? __pfx_netlink_sendmsg+0x10/0x10
[   75.853366][ T5628]  __sock_sendmsg+0x142/0x180
[   75.853480][ T5628]  ____sys_sendmsg+0x31e/0x4e0
[   75.853588][ T5628]  ___sys_sendmsg+0x17b/0x1d0
[   75.853628][ T5628]  __x64_sys_sendmsg+0xd4/0x160
[   75.853670][ T5628]  x64_sys_call+0x191e/0x2ff0
[   75.853751][ T5628]  do_syscall_64+0xd2/0x200
[   75.853779][ T5628]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   75.853806][ T5628]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   75.853882][ T5628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.853904][ T5628] RIP: 0033:0x7fa30997ebe9
[   75.853918][ T5628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.853940][ T5628] RSP: 002b:00007fa3083df038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   75.853963][ T5628] RAX: ffffffffffffffda RBX: 00007fa309ba5fa0 RCX: 00007fa30997ebe9
[   75.853985][ T5628] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[   75.853998][ T5628] RBP: 00007fa309a01e19 R08: 0000000000000000 R09: 0000000000000000
[   75.854010][ T5628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.854023][ T5628] R13: 00007fa309ba6038 R14: 00007fa309ba5fa0 R15: 00007ffe29342bc8
[   75.854041][ T5628]  </TASK>
[   75.854047][ T5628] memory: usage 307200kB, limit 307200kB, failcnt 150
[   76.161120][ T5680] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   76.162411][ T5628] memory+swap: usage 307396kB, limit 9007199254740988kB, failcnt 0
[   76.170380][ T5680] IPv6: NLM_F_CREATE should be set when creating new route
[   76.178318][ T5628] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[   76.178333][ T5628] Memory cgroup stats for /syz6:
[   76.234174][ T5628] cache 0
[   76.242123][ T5628] rss 4096
[   76.245136][ T5628] shmem 0
[   76.248047][ T5628] mapped_file 0
[   76.251532][ T5628] dirty 0
[   76.254441][ T5628] writeback 0
[   76.257713][ T5628] workingset_refault_anon 38
[   76.262295][ T5628] workingset_refault_file 0
[   76.266768][ T5628] swap 200704
[   76.270142][ T5628] swapcached 4096
[   76.273761][ T5628] pgpgin 48277
[   76.277207][ T5628] pgpgout 48275
[   76.280683][ T5628] pgfault 22965
[   76.284112][ T5628] pgmajfault 16
[   76.287621][ T5628] inactive_anon 0
[   76.291305][ T5628] active_anon 4096
[   76.295005][ T5628] inactive_file 4096
[   76.298872][ T5628] active_file 0
[   76.302339][ T5628] unevictable 0
[   76.305770][ T5628] hierarchical_memory_limit 314572800
[   76.311203][ T5628] hierarchical_memsw_limit 9223372036854771712
[   76.317420][ T5628] total_cache 0
[   76.320897][ T5628] total_rss 4096
[   76.324425][ T5628] total_shmem 0
[   76.327887][ T5628] total_mapped_file 0
[   76.331850][ T5628] total_dirty 0
[   76.335281][ T5628] total_writeback 0
[   76.339061][ T5628] total_workingset_refault_anon 38
[   76.344198][ T5628] total_workingset_refault_file 0
[   76.349244][ T5628] total_swap 200704
[   76.353098][ T5628] total_swapcached 4096
[   76.357243][ T5628] total_pgpgin 48277
[   76.361143][ T5628] total_pgpgout 48275
[   76.365093][ T5628] total_pgfault 22965
[   76.369042][ T5628] total_pgmajfault 16
[   76.373054][ T5628] total_inactive_anon 0
[   76.377250][ T5628] total_active_anon 4096
[   76.381571][ T5628] total_inactive_file 4096
[   76.385958][ T5628] total_active_file 0
[   76.389931][ T5628] total_unevictable 0
[   76.393888][ T5628] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.735,pid=5627,uid=0
[   76.408421][ T5628] Memory cgroup out of memory: Killed process 5627 (syz.6.735) total-vm:95812kB, anon-rss:944kB, file-rss:22340kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[   76.635302][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.666091][ T5694] loop2: detected capacity change from 0 to 1024
[   76.688357][ T5700] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   76.695577][ T5700] IPv6: NLM_F_CREATE should be set when creating new route
[   76.695750][   T36] kernel write not supported for file /key-users (pid: 36 comm: kworker/1:1)
[   76.703690][ T5699] loop9: detected capacity change from 0 to 7
[   76.718073][ T5699] Buffer I/O error on dev loop9, logical block 0, async page read
[   76.726244][ T5699] Buffer I/O error on dev loop9, logical block 0, async page read
[   76.727542][ T5694] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.734255][ T5699]  loop9: unable to read partition table
[   76.752726][ T5699] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   76.752726][ T5699] 
) failed (rc=-5)
[   76.807668][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.823980][ T5714] loop8: detected capacity change from 0 to 1024
[   76.835161][ T5714] EXT4-fs: Ignoring removed oldalloc option
[   76.836569][ T5716] veth1_to_team: entered promiscuous mode
[   76.841144][ T5714] EXT4-fs: Ignoring removed bh option
[   76.853882][ T5716] bond_slave_0: entered promiscuous mode
[   76.860344][ T5716] hsr1: Slave A (veth1_to_team) is not up; please bring it up to get a fully working HSR network
[   76.870911][ T5716] hsr1: Slave B (bond_slave_0) is not up; please bring it up to get a fully working HSR network
[   76.881808][ T5716] hsr1: entered promiscuous mode
[   76.895992][ T5714] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.915465][ T5723] loop2: detected capacity change from 0 to 1024
[   76.925986][ T5714] __nla_validate_parse: 1 callbacks suppressed
[   76.925995][ T5714] netlink: 68 bytes leftover after parsing attributes in process `syz.8.766'.
[   76.931589][ T5723] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.966379][ T5219] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.978359][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.993420][ T5729] netlink: 32 bytes leftover after parsing attributes in process `syz.6.771'.
[   77.080189][ T5743] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   77.087427][ T5743] IPv6: NLM_F_CREATE should be set when creating new route
[   77.131359][ T5748] loop6: detected capacity change from 0 to 1024
[   77.152460][ T5748] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.180629][ T5755] loop8: detected capacity change from 0 to 1024
[   77.187739][ T5755] EXT4-fs: Ignoring removed oldalloc option
[   77.188214][ T4547] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.193859][ T5755] EXT4-fs: Ignoring removed bh option
[   77.223908][ T5755] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.243176][ T5755] netlink: 68 bytes leftover after parsing attributes in process `syz.8.779'.
[   77.266094][ T5219] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.286621][ T5761] netlink: 8 bytes leftover after parsing attributes in process `syz.2.781'.
[   77.297855][ T5761] netlink: 112 bytes leftover after parsing attributes in process `syz.2.781'.
[   77.450803][ T5785] loop2: detected capacity change from 0 to 1024
[   77.475686][ T5785] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.528159][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.611581][ T5806] devpts: Bad value for 'mode'
[   77.618267][ T5806] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   77.626934][ T5808] loop6: detected capacity change from 0 to 512
[   77.642498][ T5808] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[   77.672780][ T5808] ext4 filesystem being mounted at /76/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   77.704969][ T5808] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   77.781404][ T5824] loop1: detected capacity change from 0 to 1024
[   77.788218][ T5824] EXT4-fs: Ignoring removed orlov option
[   77.822959][ T5824] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.868004][   T29] kauditd_printk_skb: 358 callbacks suppressed
[   77.868018][   T29] audit: type=1400 audit(1754803829.718:8757): avc:  denied  { add_name } for  pid=5818 comm="syz.1.799" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   77.895050][   T29] audit: type=1400 audit(1754803829.718:8758): avc:  denied  { create } for  pid=5818 comm="syz.1.799" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   77.909674][ T5765] syz.8.783 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[   77.929276][ T5765] CPU: 0 UID: 0 PID: 5765 Comm: syz.8.783 Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(voluntary) 
[   77.929324][ T5765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   77.929343][ T5765] Call Trace:
[   77.929350][ T5765]  <TASK>
[   77.929358][ T5765]  __dump_stack+0x1d/0x30
[   77.929384][ T5765]  dump_stack_lvl+0xe8/0x140
[   77.929406][ T5765]  dump_stack+0x15/0x1b
[   77.929424][ T5765]  dump_header+0x81/0x220
[   77.929504][ T5765]  oom_kill_process+0x342/0x400
[   77.929543][ T5765]  out_of_memory+0x979/0xb80
[   77.929577][ T5765]  try_charge_memcg+0x5e6/0x9e0
[   77.929671][ T5765]  obj_cgroup_charge_pages+0xa6/0x150
[   77.929751][ T5765]  __memcg_kmem_charge_page+0x9f/0x170
[   77.929792][ T5765]  __alloc_frozen_pages_noprof+0x188/0x360
[   77.929912][ T5765]  alloc_pages_mpol+0xb3/0x250
[   77.929956][ T5765]  alloc_pages_noprof+0x90/0x130
[   77.930035][ T5765]  __vmalloc_node_range_noprof+0x6f2/0xe00
[   77.930089][ T5765]  __kvmalloc_node_noprof+0x30f/0x4e0
[   77.930195][ T5765]  ? ip_set_alloc+0x1f/0x30
[   77.930234][ T5765]  ? ip_set_alloc+0x1f/0x30
[   77.930354][ T5765]  ? __kmalloc_cache_noprof+0x189/0x320
[   77.930393][ T5765]  ip_set_alloc+0x1f/0x30
[   77.930445][ T5765]  hash_netiface_create+0x282/0x740
[   77.930591][ T5765]  ? __pfx_hash_netiface_create+0x10/0x10
[   77.930632][ T5765]  ip_set_create+0x3c9/0x960
[   77.930707][ T5765]  ? __nla_parse+0x40/0x60
[   77.930792][ T5765]  nfnetlink_rcv_msg+0x4c6/0x590
[   77.930854][ T5765]  netlink_rcv_skb+0x120/0x220
[   77.930877][ T5765]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   77.930945][ T5765]  nfnetlink_rcv+0x16b/0x1690
[   77.930985][ T5765]  ? nlmon_xmit+0x4f/0x60
[   77.931017][ T5765]  ? consume_skb+0x49/0x150
[   77.931092][ T5765]  ? nlmon_xmit+0x4f/0x60
[   77.931182][ T5765]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   77.931212][ T5765]  ? __dev_queue_xmit+0x1200/0x2000
[   77.931238][ T5765]  ? __dev_queue_xmit+0x182/0x2000
[   77.931263][ T5765]  ? __alloc_frozen_pages_noprof+0x188/0x360
[   77.931324][ T5765]  ? ref_tracker_free+0x37d/0x3e0
[   77.931357][ T5765]  ? __netlink_deliver_tap+0x4dc/0x500
[   77.931387][ T5765]  netlink_unicast+0x5c0/0x690
[   77.931454][ T5765]  netlink_sendmsg+0x58b/0x6b0
[   77.931483][ T5765]  ? __pfx_netlink_sendmsg+0x10/0x10
[   77.931509][ T5765]  __sock_sendmsg+0x142/0x180
[   77.931614][ T5765]  ____sys_sendmsg+0x31e/0x4e0
[   77.931644][ T5765]  ___sys_sendmsg+0x17b/0x1d0
[   77.931740][ T5765]  __x64_sys_sendmsg+0xd4/0x160
[   77.931772][ T5765]  x64_sys_call+0x191e/0x2ff0
[   77.931850][ T5765]  do_syscall_64+0xd2/0x200
[   77.931884][ T5765]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   77.931995][ T5765]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   77.932028][ T5765]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.932055][ T5765] RIP: 0033:0x7f96c283ebe9
[   77.932074][ T5765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.932148][ T5765] RSP: 002b:00007f96c129f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   77.932167][ T5765] RAX: ffffffffffffffda RBX: 00007f96c2a65fa0 RCX: 00007f96c283ebe9
[   77.932180][ T5765] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[   77.932193][ T5765] RBP: 00007f96c28c1e19 R08: 0000000000000000 R09: 0000000000000000
[   77.932206][ T5765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   77.932218][ T5765] R13: 00007f96c2a66038 R14: 00007f96c2a65fa0 R15: 00007ffc3483fef8
[   77.932238][ T5765]  </TASK>
[   77.932246][ T5765] memory: usage 307196kB, limit 307200kB, failcnt 73
[   78.020310][   T29] audit: type=1400 audit(1754803829.788:8759): avc:  denied  { write } for  pid=5818 comm="syz.1.799" name="file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   78.024532][ T5765] memory+swap: usage 307368kB, limit 9007199254740988kB, failcnt 0
[   78.024549][ T5765] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0
[   78.029963][   T29] audit: type=1400 audit(1754803829.788:8760): avc:  denied  { execmem } for  pid=5818 comm="syz.1.799" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   78.034393][ T5765] Memory cgroup stats for /syz8
[   78.064928][ T5828] lo speed is unknown, defaulting to 1000
[   78.068581][ T5765] :
[   78.163938][ T5765] cache 0
[   78.348693][ T5765] rss 32768
[   78.351895][ T5765] shmem 0
[   78.354829][ T5765] mapped_file 0
[   78.358329][ T5765] dirty 0
[   78.360133][   T29] audit: type=1400 audit(1754803830.198:8761): avc:  denied  { tracepoint } for  pid=5827 comm="syz.2.802" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   78.361283][ T5765] writeback 0
[   78.361292][ T5765] workingset_refault_anon 23
[   78.361302][ T5765] workingset_refault_file 0
[   78.393297][ T5765] swap 172032
[   78.396369][ T5828] geneve1 speed is unknown, defaulting to 1000
[   78.396567][ T5765] swapcached 24576
[   78.396576][ T5765] pgpgin 8056
[   78.409731][ T5765] pgpgout 8048
[   78.413175][ T5765] pgfault 10506
[   78.416623][ T5765] pgmajfault 11
[   78.420105][ T5765] inactive_anon 24576
[   78.424068][ T5765] active_anon 8192
[   78.427771][ T5765] inactive_file 0
[   78.431453][ T5765] active_file 0
[   78.434919][ T5765] unevictable 0
[   78.438667][ T5765] hierarchical_memory_limit 314572800
[   78.444045][ T5765] hierarchical_memsw_limit 9223372036854771712
[   78.450269][ T5765] total_cache 0
[   78.453709][ T5765] total_rss 32768
[   78.457330][ T5765] total_shmem 0
[   78.460849][ T5765] total_mapped_file 0
[   78.464816][ T5765] total_dirty 0
[   78.468305][ T5765] total_writeback 0
[   78.472144][ T5765] total_workingset_refault_anon 23
[   78.474029][   T29] audit: type=1400 audit(1754803830.338:8762): avc:  denied  { create } for  pid=5835 comm="syz.6.805" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   78.477244][ T5765] total_workingset_refault_file 0
[   78.477255][ T5765] total_swap 172032
[   78.497910][ T5836] netlink: 44 bytes leftover after parsing attributes in process `syz.6.805'.
[   78.502347][ T5765] total_swapcached 24576
[   78.502358][ T5765] total_pgpgin 8056
[   78.502365][ T5765] total_pgpgout 8048
[   78.502373][ T5765] total_pgfault 10506
[   78.502391][ T5765] total_pgmajfault 11
[   78.502398][ T5765] total_inactive_anon 24576
[   78.525583][   T29] audit: type=1400 audit(1754803830.358:8763): avc:  denied  { write } for  pid=5835 comm="syz.6.805" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   78.526973][ T5765] total_active_anon 8192
[   78.526983][ T5765] total_inactive_file 0
[   78.526994][ T5765] total_active_file 0
[   78.530996][   T29] audit: type=1400 audit(1754803830.358:8764): avc:  denied  { nlmsg_write } for  pid=5835 comm="syz.6.805" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   78.592412][ T5765] total_unevictable 0
[   78.596460][ T5765] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz8,task_memcg=/syz8,task=syz.8.783,pid=5764,uid=0
[   78.611010][ T5765] Memory cgroup out of memory: Killed process 5764 (syz.8.783) total-vm:93764kB, anon-rss:944kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   78.694130][   T29] audit: type=1400 audit(1754803830.548:8765): avc:  denied  { read write } for  pid=5837 comm="syz.6.806" name="uhid" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   78.717550][   T29] audit: type=1400 audit(1754803830.548:8766): avc:  denied  { open } for  pid=5837 comm="syz.6.806" path="/dev/uhid" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   78.780377][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.966983][ T5856] netlink: 16 bytes leftover after parsing attributes in process `syz.6.808'.
[   79.002993][ T5860] vlan2: entered allmulticast mode
[   79.013323][ T5861] vlan2: entered allmulticast mode
[   79.092844][ T5872] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   79.096845][ T5874] netlink: 44 bytes leftover after parsing attributes in process `syz.7.816'.
[   79.100091][ T5872] IPv6: NLM_F_CREATE should be set when creating new route
[   79.260836][ T5895] loop9: detected capacity change from 0 to 7
[   79.267033][ T5895] Buffer I/O error on dev loop9, logical block 0, async page read
[   79.275347][ T5895] Buffer I/O error on dev loop9, logical block 0, async page read
[   79.283293][ T5895]  loop9: unable to read partition table
[   79.288932][ T5895] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   79.288932][ T5895] 
) failed (rc=-5)
[   79.343359][ T5897] loop7: detected capacity change from 0 to 128
[   79.375370][ T5897] syz.7.827: attempt to access beyond end of device
[   79.375370][ T5897] loop7: rw=0, sector=2072, nr_sectors = 1 limit=128
[   79.443810][ T5902] netlink: 44 bytes leftover after parsing attributes in process `syz.7.829'.
[   79.535118][ T5909] loop1: detected capacity change from 0 to 1024
[   79.542160][ T5909] EXT4-fs: Ignoring removed bh option
[   79.549305][ T5909] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   79.582441][ T5909] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.614099][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.697500][ T5918] loop7: detected capacity change from 0 to 1024
[   79.711055][ T5918] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   79.722762][ T5910] rdma_rxe: rxe_newlink: failed to add geneve1
[   79.765529][ T5920] siw: device registration error -23
[   79.821037][ T5929] loop2: detected capacity change from 0 to 1024
[   79.832192][ T5929] EXT4-fs: Ignoring removed oldalloc option
[   79.838282][ T5929] EXT4-fs: Ignoring removed bh option
[   79.980836][ T5939] loop9: detected capacity change from 0 to 7
[   79.987101][ T5939] Buffer I/O error on dev loop9, logical block 0, async page read
[   79.995237][ T5939] Buffer I/O error on dev loop9, logical block 0, async page read
[   80.003089][ T5939]  loop9: unable to read partition table
[   80.011142][ T5929] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.030046][ T5939] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   80.030046][ T5939] 
) failed (rc=-5)
[   80.075988][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.284327][ T5947] loop2: detected capacity change from 0 to 1024
[   80.308316][ T5947] EXT4-fs: Ignoring removed bh option
[   80.314233][ T5947] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   80.332112][ T5947] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.402121][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.566425][ T5966] siw: device registration error -23
[   80.646965][ T5974] loop2: detected capacity change from 0 to 1024
[   80.664417][ T5974] EXT4-fs: Ignoring removed oldalloc option
[   80.664980][ T5977] loop9: detected capacity change from 0 to 7
[   80.670548][ T5974] EXT4-fs: Ignoring removed bh option
[   80.682321][ T5977] Buffer I/O error on dev loop9, logical block 0, async page read
[   80.695593][ T5978] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   80.702897][ T5978] IPv6: NLM_F_CREATE should be set when creating new route
[   80.707016][ T5977] Buffer I/O error on dev loop9, logical block 0, async page read
[   80.717947][ T5977]  loop9: unable to read partition table
[   80.726191][ T5974] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.739181][ T5977] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   80.739181][ T5977] 
) failed (rc=-5)
[   80.900501][ T5994] siw: device registration error -23
[   80.950528][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.081456][ T6010] loop1: detected capacity change from 0 to 512
[   81.110714][ T6010] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.868: iget: bad i_size value: 38620345925642
[   81.124789][ T6014] loop9: detected capacity change from 0 to 7
[   81.133190][ T6014] Buffer I/O error on dev loop9, logical block 0, async page read
[   81.133539][ T6010] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.868: couldn't read orphan inode 15 (err -117)
[   81.141221][ T6014] Buffer I/O error on dev loop9, logical block 0, async page read
[   81.160711][ T6014]  loop9: unable to read partition table
[   81.168759][ T6014] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   81.168759][ T6014] 
) failed (rc=-5)
[   81.185298][ T6010] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.212774][ T6022] siw: device registration error -23
[   81.215039][ T6024] loop2: detected capacity change from 0 to 1024
[   81.225226][ T6024] EXT4-fs: Ignoring removed oldalloc option
[   81.231392][ T6024] EXT4-fs: Ignoring removed bh option
[   81.252043][ T6024] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.272364][ T6010] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.868: bg 0: block 5: invalid block bitmap
[   81.310087][ T6028] loop9: detected capacity change from 0 to 7
[   81.316425][ T6028] Buffer I/O error on dev loop9, logical block 0, async page read
[   81.324659][ T6010] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 64 with error 28
[   81.336998][ T6010] EXT4-fs (loop1): This should not happen!! Data will be lost
[   81.336998][ T6010] 
[   81.339281][ T6028] Buffer I/O error on dev loop9, logical block 0, async page read
[   81.346647][ T6010] EXT4-fs (loop1): Total free blocks count 0
[   81.354546][ T6028]  loop9: unable to read partition table
[   81.360510][ T6010] EXT4-fs (loop1): Free/Dirty block details
[   81.360525][ T6010] EXT4-fs (loop1): free_blocks=0
[   81.360540][ T6010] EXT4-fs (loop1): dirty_blocks=64
[   81.360552][ T6010] EXT4-fs (loop1): Block reservation details
[   81.360564][ T6010] EXT4-fs (loop1): i_reserved_data_blocks=64
[   81.395872][ T6028] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   81.395872][ T6028] 
) failed (rc=-5)
[   81.568219][ T6053] loop9: detected capacity change from 0 to 7
[   81.587170][ T6053] Buffer I/O error on dev loop9, logical block 0, async page read
[   81.604444][ T6053] Buffer I/O error on dev loop9, logical block 0, async page read
[   81.612289][ T6053]  loop9: unable to read partition table
[   81.631445][ T6053] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   81.631445][ T6053] 
) failed (rc=-5)
[   81.792492][ T6066] siw: device registration error -23
[   81.851031][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.922197][ T6082] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   82.044579][ T6030] syz.6.879 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[   82.058700][ T6030] CPU: 1 UID: 0 PID: 6030 Comm: syz.6.879 Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(voluntary) 
[   82.058812][ T6030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   82.058826][ T6030] Call Trace:
[   82.058833][ T6030]  <TASK>
[   82.058841][ T6030]  __dump_stack+0x1d/0x30
[   82.058862][ T6030]  dump_stack_lvl+0xe8/0x140
[   82.058882][ T6030]  dump_stack+0x15/0x1b
[   82.058977][ T6030]  dump_header+0x81/0x220
[   82.059013][ T6030]  oom_kill_process+0x342/0x400
[   82.059127][ T6030]  out_of_memory+0x979/0xb80
[   82.059169][ T6030]  try_charge_memcg+0x5e6/0x9e0
[   82.059199][ T6030]  obj_cgroup_charge_pages+0xa6/0x150
[   82.059302][ T6030]  __memcg_kmem_charge_page+0x9f/0x170
[   82.059336][ T6030]  __alloc_frozen_pages_noprof+0x188/0x360
[   82.059377][ T6030]  alloc_pages_mpol+0xb3/0x250
[   82.059418][ T6030]  alloc_pages_noprof+0x90/0x130
[   82.059453][ T6030]  __vmalloc_node_range_noprof+0x6f2/0xe00
[   82.059594][ T6030]  __kvmalloc_node_noprof+0x30f/0x4e0
[   82.059631][ T6030]  ? ip_set_alloc+0x1f/0x30
[   82.059673][ T6030]  ? ip_set_alloc+0x1f/0x30
[   82.059721][ T6030]  ? __kmalloc_cache_noprof+0x189/0x320
[   82.059814][ T6030]  ip_set_alloc+0x1f/0x30
[   82.059849][ T6030]  hash_netiface_create+0x282/0x740
[   82.059892][ T6030]  ? __pfx_hash_netiface_create+0x10/0x10
[   82.059927][ T6030]  ip_set_create+0x3c9/0x960
[   82.059999][ T6030]  ? __nla_parse+0x40/0x60
[   82.060064][ T6030]  nfnetlink_rcv_msg+0x4c6/0x590
[   82.060168][ T6030]  netlink_rcv_skb+0x120/0x220
[   82.060189][ T6030]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   82.060226][ T6030]  nfnetlink_rcv+0x16b/0x1690
[   82.060317][ T6030]  ? nlmon_xmit+0x4f/0x60
[   82.060348][ T6030]  ? consume_skb+0x49/0x150
[   82.060384][ T6030]  ? nlmon_xmit+0x4f/0x60
[   82.060410][ T6030]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   82.060484][ T6030]  ? __dev_queue_xmit+0x1200/0x2000
[   82.060510][ T6030]  ? __dev_queue_xmit+0x182/0x2000
[   82.060537][ T6030]  ? ref_tracker_free+0x37d/0x3e0
[   82.060593][ T6030]  ? __netlink_deliver_tap+0x4dc/0x500
[   82.060619][ T6030]  netlink_unicast+0x5c0/0x690
[   82.060675][ T6030]  netlink_sendmsg+0x58b/0x6b0
[   82.060704][ T6030]  ? __pfx_netlink_sendmsg+0x10/0x10
[   82.060728][ T6030]  __sock_sendmsg+0x142/0x180
[   82.060815][ T6030]  ____sys_sendmsg+0x31e/0x4e0
[   82.060840][ T6030]  ___sys_sendmsg+0x17b/0x1d0
[   82.060880][ T6030]  __x64_sys_sendmsg+0xd4/0x160
[   82.060963][ T6030]  x64_sys_call+0x191e/0x2ff0
[   82.060991][ T6030]  do_syscall_64+0xd2/0x200
[   82.061023][ T6030]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   82.061050][ T6030]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   82.061103][ T6030]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.061196][ T6030] RIP: 0033:0x7fa30997ebe9
[   82.061214][ T6030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.061235][ T6030] RSP: 002b:00007fa3083df038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   82.061254][ T6030] RAX: ffffffffffffffda RBX: 00007fa309ba5fa0 RCX: 00007fa30997ebe9
[   82.061348][ T6030] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[   82.061362][ T6030] RBP: 00007fa309a01e19 R08: 0000000000000000 R09: 0000000000000000
[   82.061374][ T6030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   82.061386][ T6030] R13: 00007fa309ba6038 R14: 00007fa309ba5fa0 R15: 00007ffe29342bc8
[   82.061405][ T6030]  </TASK>
[   82.391084][ T6030] memory: usage 307200kB, limit 307200kB, failcnt 411
[   82.397842][ T6030] memory+swap: usage 307404kB, limit 9007199254740988kB, failcnt 0
[   82.405795][ T6030] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[   82.413107][ T6030] Memory cgroup stats for /syz6:
[   82.413376][ T6030] cache 0
[   82.421246][ T6030] rss 0
[   82.423992][ T6030] shmem 0
[   82.426899][ T6030] mapped_file 0
[   82.430384][ T6030] dirty 0
[   82.433334][ T6030] writeback 0
[   82.436593][ T6030] workingset_refault_anon 63
[   82.441203][ T6030] workingset_refault_file 0
[   82.445689][ T6030] swap 208896
[   82.448972][ T6030] swapcached 4096
[   82.452655][ T6030] pgpgin 49762
[   82.456047][ T6030] pgpgout 49760
[   82.459505][ T6030] pgfault 26395
[   82.462937][ T6030] pgmajfault 33
[   82.466378][ T6030] inactive_anon 0
[   82.470004][ T6030] active_anon 4096
[   82.473703][ T6030] inactive_file 0
[   82.477312][ T6030] active_file 4096
[   82.481020][ T6030] unevictable 0
[   82.484528][ T6030] hierarchical_memory_limit 314572800
[   82.489904][ T6030] hierarchical_memsw_limit 9223372036854771712
[   82.496049][ T6030] total_cache 0
[   82.499589][ T6030] total_rss 0
[   82.502875][ T6030] total_shmem 0
[   82.506312][ T6030] total_mapped_file 0
[   82.510371][ T6030] total_dirty 0
[   82.513802][ T6030] total_writeback 0
[   82.517584][ T6030] total_workingset_refault_anon 63
[   82.522743][ T6030] total_workingset_refault_file 0
[   82.527765][ T6030] total_swap 208896
[   82.531593][ T6030] total_swapcached 4096
[   82.535749][ T6030] total_pgpgin 49762
[   82.539634][ T6030] total_pgpgout 49760
[   82.543620][ T6030] total_pgfault 26395
[   82.547573][ T6030] total_pgmajfault 33
[   82.551557][ T6030] total_inactive_anon 0
[   82.555696][ T6030] total_active_anon 4096
[   82.559933][ T6030] total_inactive_file 0
[   82.564060][ T6030] total_active_file 4096
[   82.568278][ T6030] total_unevictable 0
[   82.572248][ T6030] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.879,pid=6029,uid=0
[   82.586766][ T6030] Memory cgroup out of memory: Killed process 6029 (syz.6.879) total-vm:93896kB, anon-rss:944kB, file-rss:22180kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[   82.838551][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.890941][ T6098] loop9: detected capacity change from 0 to 7
[   82.906793][ T6098]  loop9: unable to read partition table
[   82.911698][   T29] kauditd_printk_skb: 735 callbacks suppressed
[   82.911712][   T29] audit: type=1326 audit(1754803834.768:9502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6100 comm="syz.6.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa30997ebe9 code=0x7ffc0000
[   82.913603][ T6098] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   82.913603][ T6098] 
) failed (rc=-5)
[   82.960222][ T6101] siw: device registration error -23
[   82.965888][ T6105] __nla_validate_parse: 9 callbacks suppressed
[   82.965902][ T6105] netlink: 44 bytes leftover after parsing attributes in process `syz.7.909'.
[   82.987888][   T29] audit: type=1326 audit(1754803834.798:9503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6100 comm="syz.6.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa30997ebe9 code=0x7ffc0000
[   83.011172][   T29] audit: type=1326 audit(1754803834.798:9504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6100 comm="syz.6.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa30997ebe9 code=0x7ffc0000
[   83.034479][   T29] audit: type=1326 audit(1754803834.798:9505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6100 comm="syz.6.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa30997ebe9 code=0x7ffc0000
[   83.057687][   T29] audit: type=1326 audit(1754803834.798:9506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6100 comm="syz.6.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa30997ebe9 code=0x7ffc0000
[   83.081119][   T29] audit: type=1326 audit(1754803834.798:9507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6100 comm="syz.6.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa30997ebe9 code=0x7ffc0000
[   83.104413][   T29] audit: type=1326 audit(1754803834.798:9508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6100 comm="syz.6.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa30997ebe9 code=0x7ffc0000
[   83.127703][   T29] audit: type=1326 audit(1754803834.798:9509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6100 comm="syz.6.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa30997ebe9 code=0x7ffc0000
[   83.151012][   T29] audit: type=1326 audit(1754803834.798:9510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6100 comm="syz.6.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa30997ebe9 code=0x7ffc0000
[   83.170463][ T6122] netlink: 16 bytes leftover after parsing attributes in process `syz.7.910'.
[   83.174334][   T29] audit: type=1326 audit(1754803834.798:9511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6100 comm="syz.6.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa30997ebe9 code=0x7ffc0000
[   83.217823][ T6102] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   83.225095][ T6102] IPv6: NLM_F_CREATE should be set when creating new route
[   83.335337][ T6134] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   83.342599][ T6134] IPv6: NLM_F_CREATE should be set when creating new route
[   83.342680][ T6131] loop6: detected capacity change from 0 to 1024
[   83.356552][ T6131] EXT4-fs: Ignoring removed orlov option
[   83.366460][ T6115] loop1: detected capacity change from 0 to 1024
[   83.370855][ T6131] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.374157][ T6115] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   83.399028][ T6115] syz2: rxe_newlink: already configured on geneve1
[   83.603196][ T4547] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.624408][ T6142] loop6: detected capacity change from 0 to 1024
[   83.631199][ T6142] EXT4-fs: Ignoring removed oldalloc option
[   83.637128][ T6142] EXT4-fs: Ignoring removed bh option
[   83.680956][ T6142] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.703345][ T6142] netlink: 68 bytes leftover after parsing attributes in process `syz.6.916'.
[   83.984029][ T6157] siw: device registration error -23
[   84.153252][ T6169] loop9: detected capacity change from 0 to 7
[   84.168308][ T6169]  loop9: unable to read partition table
[   84.183149][ T6169] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   84.183149][ T6169] 
) failed (rc=-5)
[   84.198279][ T6171] FAULT_INJECTION: forcing a failure.
[   84.198279][ T6171] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   84.211361][ T6171] CPU: 1 UID: 0 PID: 6171 Comm: syz.7.928 Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(voluntary) 
[   84.211392][ T6171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   84.211408][ T6171] Call Trace:
[   84.211415][ T6171]  <TASK>
[   84.211423][ T6171]  __dump_stack+0x1d/0x30
[   84.211497][ T6171]  dump_stack_lvl+0xe8/0x140
[   84.211591][ T6171]  dump_stack+0x15/0x1b
[   84.211607][ T6171]  should_fail_ex+0x265/0x280
[   84.211662][ T6171]  should_fail+0xb/0x20
[   84.211682][ T6171]  should_fail_usercopy+0x1a/0x20
[   84.211706][ T6171]  _copy_to_user+0x20/0xa0
[   84.211735][ T6171]  simple_read_from_buffer+0xb5/0x130
[   84.211830][ T6171]  proc_fail_nth_read+0x10e/0x150
[   84.211862][ T6171]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   84.211951][ T6171]  vfs_read+0x1a8/0x770
[   84.211988][ T6171]  ? do_handle_open+0x584/0x6b0
[   84.212015][ T6171]  ? __rcu_read_unlock+0x4f/0x70
[   84.212042][ T6171]  ? __fget_files+0x184/0x1c0
[   84.212123][ T6171]  ? kfree+0xd9/0x320
[   84.212155][ T6171]  ksys_read+0xda/0x1a0
[   84.212182][ T6171]  __x64_sys_read+0x40/0x50
[   84.212204][ T6171]  x64_sys_call+0x27bc/0x2ff0
[   84.212227][ T6171]  do_syscall_64+0xd2/0x200
[   84.212273][ T6171]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   84.212302][ T6171]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   84.212363][ T6171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.212389][ T6171] RIP: 0033:0x7f82cf6bd5fc
[   84.212407][ T6171] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   84.212429][ T6171] RSP: 002b:00007f82ce127030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   84.212447][ T6171] RAX: ffffffffffffffda RBX: 00007f82cf8e5fa0 RCX: 00007f82cf6bd5fc
[   84.212460][ T6171] RDX: 000000000000000f RSI: 00007f82ce1270a0 RDI: 0000000000000005
[   84.212481][ T6171] RBP: 00007f82ce127090 R08: 0000000000000000 R09: 0000000000000000
[   84.212522][ T6171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   84.212534][ T6171] R13: 00007f82cf8e6038 R14: 00007f82cf8e5fa0 R15: 00007ffdbae96608
[   84.212553][ T6171]  </TASK>
[   84.651154][ T4547] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.676179][ T6186] netlink: 12 bytes leftover after parsing attributes in process `syz.7.935'.
[   84.685232][ T6186] netlink: 152 bytes leftover after parsing attributes in process `syz.7.935'.
[   84.900751][ T6222] loop8: detected capacity change from 0 to 128
[   84.937545][ T6222] syz.8.942: attempt to access beyond end of device
[   84.937545][ T6222] loop8: rw=0, sector=2072, nr_sectors = 1 limit=128
[   85.008463][ T6234] loop8: detected capacity change from 0 to 1024
[   85.020565][ T6234] EXT4-fs: Ignoring removed oldalloc option
[   85.026507][ T6234] EXT4-fs: Ignoring removed bh option
[   85.062440][ T6234] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.077985][ T6234] netlink: 68 bytes leftover after parsing attributes in process `syz.8.944'.
[   85.132825][ T5219] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.451561][ T6311] loop1: detected capacity change from 0 to 128
[   85.460725][ T6311] syz.1.954: attempt to access beyond end of device
[   85.460725][ T6311] loop1: rw=0, sector=2072, nr_sectors = 1 limit=128
[   85.517047][ T6315] SELinux:  Context system_u:object_r:netutils_exec_t:s0 is not valid (left unmapped).
[   85.886364][ T6259] syz.8.946 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[   85.900550][ T6259] CPU: 1 UID: 0 PID: 6259 Comm: syz.8.946 Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(voluntary) 
[   85.900610][ T6259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   85.900623][ T6259] Call Trace:
[   85.900629][ T6259]  <TASK>
[   85.900637][ T6259]  __dump_stack+0x1d/0x30
[   85.900662][ T6259]  dump_stack_lvl+0xe8/0x140
[   85.900743][ T6259]  dump_stack+0x15/0x1b
[   85.900759][ T6259]  dump_header+0x81/0x220
[   85.900798][ T6259]  oom_kill_process+0x342/0x400
[   85.900871][ T6259]  out_of_memory+0x979/0xb80
[   85.900931][ T6259]  try_charge_memcg+0x5e6/0x9e0
[   85.900966][ T6259]  obj_cgroup_charge_pages+0xa6/0x150
[   85.901066][ T6259]  __memcg_kmem_charge_page+0x9f/0x170
[   85.901104][ T6259]  __alloc_frozen_pages_noprof+0x188/0x360
[   85.901148][ T6259]  alloc_pages_mpol+0xb3/0x250
[   85.901182][ T6259]  alloc_pages_noprof+0x90/0x130
[   85.901296][ T6259]  __vmalloc_node_range_noprof+0x6f2/0xe00
[   85.901346][ T6259]  __kvmalloc_node_noprof+0x30f/0x4e0
[   85.901397][ T6259]  ? ip_set_alloc+0x1f/0x30
[   85.901468][ T6259]  ? ip_set_alloc+0x1f/0x30
[   85.901542][ T6259]  ? __kmalloc_cache_noprof+0x189/0x320
[   85.901579][ T6259]  ip_set_alloc+0x1f/0x30
[   85.901664][ T6259]  hash_netiface_create+0x282/0x740
[   85.901705][ T6259]  ? __pfx_hash_netiface_create+0x10/0x10
[   85.901742][ T6259]  ip_set_create+0x3c9/0x960
[   85.901768][ T6259]  ? __nla_parse+0x40/0x60
[   85.901832][ T6259]  nfnetlink_rcv_msg+0x4c6/0x590
[   85.901880][ T6259]  netlink_rcv_skb+0x120/0x220
[   85.901943][ T6259]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   85.902058][ T6259]  nfnetlink_rcv+0x16b/0x1690
[   85.902141][ T6259]  ? nlmon_xmit+0x4f/0x60
[   85.902170][ T6259]  ? consume_skb+0x49/0x150
[   85.902210][ T6259]  ? nlmon_xmit+0x4f/0x60
[   85.902241][ T6259]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   85.902290][ T6259]  ? __dev_queue_xmit+0x1200/0x2000
[   85.902310][ T6259]  ? __dev_queue_xmit+0x182/0x2000
[   85.902332][ T6259]  ? __alloc_frozen_pages_noprof+0x188/0x360
[   85.902385][ T6259]  ? ref_tracker_free+0x37d/0x3e0
[   85.902416][ T6259]  ? __netlink_deliver_tap+0x4dc/0x500
[   85.902446][ T6259]  netlink_unicast+0x5c0/0x690
[   85.902497][ T6259]  netlink_sendmsg+0x58b/0x6b0
[   85.902524][ T6259]  ? __pfx_netlink_sendmsg+0x10/0x10
[   85.902550][ T6259]  __sock_sendmsg+0x142/0x180
[   85.902579][ T6259]  ____sys_sendmsg+0x31e/0x4e0
[   85.902603][ T6259]  ___sys_sendmsg+0x17b/0x1d0
[   85.902750][ T6259]  __x64_sys_sendmsg+0xd4/0x160
[   85.902780][ T6259]  x64_sys_call+0x191e/0x2ff0
[   85.902841][ T6259]  do_syscall_64+0xd2/0x200
[   85.902873][ T6259]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   85.902902][ T6259]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   85.902933][ T6259]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.902979][ T6259] RIP: 0033:0x7f96c283ebe9
[   85.902997][ T6259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.903078][ T6259] RSP: 002b:00007f96c129f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   85.903097][ T6259] RAX: ffffffffffffffda RBX: 00007f96c2a65fa0 RCX: 00007f96c283ebe9
[   85.903110][ T6259] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[   85.903125][ T6259] RBP: 00007f96c28c1e19 R08: 0000000000000000 R09: 0000000000000000
[   85.903176][ T6259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   85.903231][ T6259] R13: 00007f96c2a66038 R14: 00007f96c2a65fa0 R15: 00007ffc3483fef8
[   85.903249][ T6259]  </TASK>
[   85.903276][ T6259] memory: usage 307200kB, limit 307200kB, failcnt 312
[   86.248125][ T6259] memory+swap: usage 304356kB, limit 9007199254740988kB, failcnt 0
[   86.256048][ T6259] kmem: usage 303912kB, limit 9007199254740988kB, failcnt 0
[   86.263365][ T6259] Memory cgroup stats for /syz8:
[   86.264138][ T6259] cache 0
[   86.272025][ T6259] rss 118784
[   86.275260][ T6259] shmem 0
[   86.278263][ T6259] mapped_file 0
[   86.281722][ T6259] dirty 0
[   86.284727][ T6259] writeback 0
[   86.288013][ T6259] workingset_refault_anon 157
[   86.292697][ T6259] workingset_refault_file 0
[   86.297182][ T6259] swap 69632
[   86.300373][ T6259] swapcached 126976
[   86.304163][ T6259] pgpgin 12295
[   86.307512][ T6259] pgpgout 12262
[   86.311028][ T6259] pgfault 16448
[   86.314486][ T6259] pgmajfault 69
[   86.317957][ T6259] inactive_anon 0
[   86.321584][ T6259] active_anon 135168
[   86.325515][ T6259] inactive_file 0
[   86.329151][ T6259] active_file 0
[   86.332596][ T6259] unevictable 0
[   86.336037][ T6259] hierarchical_memory_limit 314572800
[   86.341415][ T6259] hierarchical_memsw_limit 9223372036854771712
[   86.347645][ T6259] total_cache 0
[   86.351126][ T6259] total_rss 118784
[   86.354831][ T6259] total_shmem 0
[   86.358278][ T6259] total_mapped_file 0
[   86.362272][ T6259] total_dirty 0
[   86.365716][ T6259] total_writeback 0
[   86.369632][ T6259] total_workingset_refault_anon 157
[   86.374828][ T6259] total_workingset_refault_file 0
[   86.379925][ T6259] total_swap 69632
[   86.383733][ T6259] total_swapcached 126976
[   86.388136][ T6259] total_pgpgin 12295
[   86.392043][ T6259] total_pgpgout 12262
[   86.396015][ T6259] total_pgfault 16448
[   86.400073][ T6259] total_pgmajfault 69
[   86.404055][ T6259] total_inactive_anon 0
[   86.408217][ T6259] total_active_anon 135168
[   86.412647][ T6259] total_inactive_file 0
[   86.416798][ T6259] total_active_file 0
[   86.420857][ T6259] total_unevictable 0
[   86.424842][ T6259] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz8,task_memcg=/syz8,task=syz.8.946,pid=6257,uid=0
[   86.439523][ T6259] Memory cgroup out of memory: Killed process 6259 (syz.8.946) total-vm:93764kB, anon-rss:944kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   86.715715][ T6394] loop8: detected capacity change from 0 to 128
[   86.752929][ T6394] syz.8.965: attempt to access beyond end of device
[   86.752929][ T6394] loop8: rw=0, sector=2072, nr_sectors = 1 limit=128
[   86.856955][ T6412] Illegal XDP return value 1102030070 on prog  (id 413) dev N/A, expect packet loss!
[   86.938627][ T6400] loop2: detected capacity change from 0 to 1024
[   86.945334][ T6400] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   86.956719][ T6400] rdma_rxe: rxe_newlink: failed to add geneve1
[   87.231983][ T6439] loop6: detected capacity change from 0 to 128
[   87.248272][ T6439] syz.6.983: attempt to access beyond end of device
[   87.248272][ T6439] loop6: rw=0, sector=2072, nr_sectors = 1 limit=128
[   87.505770][ T6459] loop6: detected capacity change from 0 to 512
[   87.521852][ T6459] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   87.591409][ T6463] loop7: detected capacity change from 0 to 512
[   87.623443][ T6463] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[   87.657747][ T6463] EXT4-fs (loop7): 1 orphan inode deleted
[   87.663599][ T6463] EXT4-fs (loop7): 1 truncate cleaned up
[   87.670706][ T6463] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.688410][ T6463] EXT4-fs error (device loop7): ext4_inlinedir_to_tree:1314: inode #12: block 7: comm syz.7.995: path /154/file0/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0
[   87.711318][ T6463] EXT4-fs (loop7): Remounting filesystem read-only
[   87.744342][ T6424] syz.8.976 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[   87.758377][ T6424] CPU: 1 UID: 0 PID: 6424 Comm: syz.8.976 Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(voluntary) 
[   87.758434][ T6424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   87.758446][ T6424] Call Trace:
[   87.758452][ T6424]  <TASK>
[   87.758458][ T6424]  __dump_stack+0x1d/0x30
[   87.758479][ T6424]  dump_stack_lvl+0xe8/0x140
[   87.758502][ T6424]  dump_stack+0x15/0x1b
[   87.758520][ T6424]  dump_header+0x81/0x220
[   87.758603][ T6424]  oom_kill_process+0x342/0x400
[   87.758642][ T6424]  out_of_memory+0x979/0xb80
[   87.758721][ T6424]  try_charge_memcg+0x5e6/0x9e0
[   87.758818][ T6424]  obj_cgroup_charge_pages+0xa6/0x150
[   87.758852][ T6424]  __memcg_kmem_charge_page+0x9f/0x170
[   87.758886][ T6424]  __alloc_frozen_pages_noprof+0x188/0x360
[   87.758949][ T6424]  alloc_pages_mpol+0xb3/0x250
[   87.758987][ T6424]  alloc_pages_noprof+0x90/0x130
[   87.759036][ T6424]  __vmalloc_node_range_noprof+0x6f2/0xe00
[   87.759136][ T6424]  __kvmalloc_node_noprof+0x30f/0x4e0
[   87.759182][ T6424]  ? ip_set_alloc+0x1f/0x30
[   87.759216][ T6424]  ? ip_set_alloc+0x1f/0x30
[   87.759321][ T6424]  ? __kmalloc_cache_noprof+0x189/0x320
[   87.759352][ T6424]  ip_set_alloc+0x1f/0x30
[   87.759384][ T6424]  hash_netiface_create+0x282/0x740
[   87.759457][ T6424]  ? __pfx_hash_netiface_create+0x10/0x10
[   87.759491][ T6424]  ip_set_create+0x3c9/0x960
[   87.759591][ T6424]  ? __nla_parse+0x40/0x60
[   87.759616][ T6424]  nfnetlink_rcv_msg+0x4c6/0x590
[   87.759746][ T6424]  netlink_rcv_skb+0x120/0x220
[   87.759768][ T6424]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   87.759810][ T6424]  nfnetlink_rcv+0x16b/0x1690
[   87.759897][ T6424]  ? nlmon_xmit+0x4f/0x60
[   87.759927][ T6424]  ? consume_skb+0x49/0x150
[   87.759962][ T6424]  ? nlmon_xmit+0x4f/0x60
[   87.760015][ T6424]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   87.760043][ T6424]  ? __dev_queue_xmit+0x1200/0x2000
[   87.760109][ T6424]  ? __dev_queue_xmit+0x182/0x2000
[   87.760132][ T6424]  ? __alloc_frozen_pages_noprof+0x188/0x360
[   87.760169][ T6424]  ? ref_tracker_free+0x37d/0x3e0
[   87.760269][ T6424]  ? __netlink_deliver_tap+0x4dc/0x500
[   87.760294][ T6424]  netlink_unicast+0x5c0/0x690
[   87.760334][ T6424]  netlink_sendmsg+0x58b/0x6b0
[   87.760407][ T6424]  ? __pfx_netlink_sendmsg+0x10/0x10
[   87.760499][ T6424]  __sock_sendmsg+0x142/0x180
[   87.760527][ T6424]  ____sys_sendmsg+0x31e/0x4e0
[   87.760673][ T6424]  ___sys_sendmsg+0x17b/0x1d0
[   87.760710][ T6424]  __x64_sys_sendmsg+0xd4/0x160
[   87.760739][ T6424]  x64_sys_call+0x191e/0x2ff0
[   87.760765][ T6424]  do_syscall_64+0xd2/0x200
[   87.760815][ T6424]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   87.760844][ T6424]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   87.760871][ T6424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.760941][ T6424] RIP: 0033:0x7f96c283ebe9
[   87.760959][ T6424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.760980][ T6424] RSP: 002b:00007f96c129f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   87.761003][ T6424] RAX: ffffffffffffffda RBX: 00007f96c2a65fa0 RCX: 00007f96c283ebe9
[   87.761016][ T6424] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[   87.761030][ T6424] RBP: 00007f96c28c1e19 R08: 0000000000000000 R09: 0000000000000000
[   87.761045][ T6424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   87.761125][ T6424] R13: 00007f96c2a66038 R14: 00007f96c2a65fa0 R15: 00007ffc3483fef8
[   87.761263][ T6424]  </TASK>
[   88.097248][ T6424] memory: usage 307200kB, limit 307200kB, failcnt 503
[   88.104368][ T6424] memory+swap: usage 307400kB, limit 9007199254740988kB, failcnt 0
[   88.112405][ T6424] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[   88.119842][ T6424] Memory cgroup stats for /syz8:
[   88.120895][ T4551] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.163048][ T6424] cache 0
[   88.166012][ T6424] rss 0
[   88.168759][ T6424] shmem 0
[   88.171720][ T6424] mapped_file 0
[   88.175168][ T6424] dirty 0
[   88.178088][ T6424] writeback 0
[   88.181383][ T6424] workingset_refault_anon 176
[   88.186107][ T6424] workingset_refault_file 0
[   88.190605][ T6424] swap 200704
[   88.193879][ T6424] swapcached 4096
[   88.197490][ T6424] pgpgin 12628
[   88.200924][ T6424] pgpgout 12627
[   88.204382][ T6424] pgfault 17253
[   88.207820][ T6424] pgmajfault 82
[   88.211291][ T6424] inactive_anon 4096
[   88.215194][ T6424] active_anon 0
[   88.218659][ T6424] inactive_file 0
[   88.222383][ T6424] active_file 0
[   88.225826][ T6424] unevictable 0
[   88.229361][ T6424] hierarchical_memory_limit 314572800
[   88.234716][ T6424] hierarchical_memsw_limit 9223372036854771712
[   88.240928][ T6424] total_cache 0
[   88.244392][ T6424] total_rss 0
[   88.247657][ T6424] total_shmem 0
[   88.251171][ T6424] total_mapped_file 0
[   88.255140][ T6424] total_dirty 0
[   88.258602][ T6424] total_writeback 0
[   88.262412][ T6424] total_workingset_refault_anon 176
[   88.267651][ T6424] total_workingset_refault_file 0
[   88.272684][ T6424] total_swap 200704
[   88.276472][ T6424] total_swapcached 4096
[   88.280670][ T6424] total_pgpgin 12628
[   88.284626][ T6424] total_pgpgout 12627
[   88.288593][ T6424] total_pgfault 17253
[   88.292581][ T6424] total_pgmajfault 82
[   88.293493][ T6484] loop1: detected capacity change from 0 to 1024
[   88.296628][ T6424] total_inactive_anon 4096
[   88.296638][ T6424] total_active_anon 0
[   88.296646][ T6424] total_inactive_file 0
[   88.304942][ T6484] EXT4-fs: Ignoring removed oldalloc option
[   88.307365][ T6424] total_active_file 0
[   88.307375][ T6424] total_unevictable 0
[   88.307382][ T6424] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz8
[   88.311414][ T6484] EXT4-fs: Ignoring removed bh option
[   88.315524][ T6424] ,task_memcg=/syz8,task=syz.8.976,pid=6423,uid=0
[   88.332025][ T6485] devpts: Bad value for 'mode'
[   88.339677][ T6424] Memory cgroup out of memory: Killed process 6423 (syz.8.976) total-vm:93764kB, anon-rss:1072kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   88.450283][ T6492] FAULT_INJECTION: forcing a failure.
[   88.450283][ T6492] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   88.463477][ T6492] CPU: 1 UID: 0 PID: 6492 Comm: syz.2.1004 Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(voluntary) 
[   88.463551][ T6492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   88.463566][ T6492] Call Trace:
[   88.463573][ T6492]  <TASK>
[   88.463581][ T6492]  __dump_stack+0x1d/0x30
[   88.463606][ T6492]  dump_stack_lvl+0xe8/0x140
[   88.463627][ T6492]  dump_stack+0x15/0x1b
[   88.463644][ T6492]  should_fail_ex+0x265/0x280
[   88.463739][ T6492]  should_fail+0xb/0x20
[   88.463766][ T6492]  should_fail_usercopy+0x1a/0x20
[   88.463794][ T6492]  _copy_from_iter+0xcf/0xe40
[   88.463820][ T6492]  ? __build_skb_around+0x1a0/0x200
[   88.463959][ T6492]  ? __alloc_skb+0x223/0x320
[   88.464059][ T6492]  ? skb_set_owner_w+0x16a/0x1c0
[   88.464081][ T6492]  pppol2tp_sendmsg+0x2f8/0x440
[   88.464103][ T6492]  ? __pfx_pppol2tp_sendmsg+0x10/0x10
[   88.464156][ T6492]  __sock_sendmsg+0x142/0x180
[   88.464189][ T6492]  sock_write_iter+0x165/0x1b0
[   88.464267][ T6492]  do_iter_readv_writev+0x499/0x540
[   88.464301][ T6492]  vfs_writev+0x2df/0x8b0
[   88.464343][ T6492]  do_writev+0xe7/0x210
[   88.464401][ T6492]  __x64_sys_writev+0x45/0x50
[   88.464440][ T6492]  x64_sys_call+0x1e9a/0x2ff0
[   88.464471][ T6492]  do_syscall_64+0xd2/0x200
[   88.464539][ T6492]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   88.464563][ T6492]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   88.464588][ T6492]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.464610][ T6492] RIP: 0033:0x7f4e90d9ebe9
[   88.464677][ T6492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.464743][ T6492] RSP: 002b:00007f4e8f7ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   88.464764][ T6492] RAX: ffffffffffffffda RBX: 00007f4e90fc5fa0 RCX: 00007f4e90d9ebe9
[   88.464777][ T6492] RDX: 0000000000000001 RSI: 0000200000000180 RDI: 0000000000000003
[   88.464835][ T6492] RBP: 00007f4e8f7ff090 R08: 0000000000000000 R09: 0000000000000000
[   88.464850][ T6492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.464865][ T6492] R13: 00007f4e90fc6038 R14: 00007f4e90fc5fa0 R15: 00007ffd928f1648
[   88.464911][ T6492]  </TASK>
[   88.712062][   T29] kauditd_printk_skb: 427 callbacks suppressed
[   88.712077][   T29] audit: type=1326 audit(1754803840.568:9939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.2.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e90d9ebe9 code=0x7ffc0000
[   88.742077][ T6497] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1002'.
[   88.790625][   T29] audit: type=1326 audit(1754803840.618:9940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.2.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4e90d9ebe9 code=0x7ffc0000
[   88.814084][   T29] audit: type=1326 audit(1754803840.618:9941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.2.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e90d9ebe9 code=0x7ffc0000
[   88.837516][   T29] audit: type=1326 audit(1754803840.618:9942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.2.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4e90d9ebe9 code=0x7ffc0000
[   88.860911][   T29] audit: type=1326 audit(1754803840.618:9943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.2.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e90d9ebe9 code=0x7ffc0000
[   88.884471][   T29] audit: type=1326 audit(1754803840.618:9944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.2.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4e90d9ebe9 code=0x7ffc0000
[   88.908017][   T29] audit: type=1326 audit(1754803840.618:9945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.2.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e90d9ebe9 code=0x7ffc0000
[   88.931534][   T29] audit: type=1326 audit(1754803840.618:9946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.2.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4e90d9ebe9 code=0x7ffc0000
[   88.954931][   T29] audit: type=1326 audit(1754803840.618:9947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.2.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e90d9ebe9 code=0x7ffc0000
[   88.978330][   T29] audit: type=1326 audit(1754803840.618:9948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.2.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f4e90d9ebe9 code=0x7ffc0000
[   89.250863][ T6530] loop1: detected capacity change from 0 to 128
[   89.266610][ T6530] syz.1.1020: attempt to access beyond end of device
[   89.266610][ T6530] loop1: rw=0, sector=2072, nr_sectors = 1 limit=128
[   89.276671][ T6534] loop6: detected capacity change from 0 to 1024
[   89.305971][ T6533] loop7: detected capacity change from 0 to 128
[   89.325889][ T6534] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[   89.347017][ T6533] syz.7.1021: attempt to access beyond end of device
[   89.347017][ T6533] loop7: rw=0, sector=2072, nr_sectors = 1 limit=128
[   89.362098][ T6534] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   89.374346][ T6534] EXT4-fs (loop6): This should not happen!! Data will be lost
[   89.374346][ T6534] 
[   89.374567][ T6541] loop8: detected capacity change from 0 to 1024
[   89.383996][ T6534] EXT4-fs (loop6): Total free blocks count 0
[   89.390964][ T6541] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   89.396290][ T6534] EXT4-fs (loop6): Free/Dirty block details
[   89.408683][ T6523] rdma_rxe: rxe_newlink: failed to add geneve1
[   89.410476][ T6534] EXT4-fs (loop6): free_blocks=20480
[   89.421940][ T6534] EXT4-fs (loop6): dirty_blocks=80
[   89.427051][ T6534] EXT4-fs (loop6): Block reservation details
[   89.433055][ T6534] EXT4-fs (loop6): i_reserved_data_blocks=5
[   89.446236][ T6543] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1022'.
[   89.469603][ T6544] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 4 with error 28
[   89.481979][ T6544] EXT4-fs (loop6): This should not happen!! Data will be lost
[   89.481979][ T6544] 
[   89.509103][ T6543] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   89.516477][ T6543] batman_adv: batadv0: Removing interface: batadv_slave_0
[   89.544064][ T6543] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   89.551585][ T6543] batman_adv: batadv0: Removing interface: batadv_slave_1
[   89.595963][ T6550] loop7: detected capacity change from 0 to 512
[   89.607490][ T6550] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -2
[   89.628205][ T6550] EXT4-fs error (device loop7): ext4_orphan_get:1392: inode #13: comm syz.7.1024: iget: bad i_size value: 12154757448730
[   89.645582][ T6550] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.1024: couldn't read orphan inode 13 (err -117)
[   89.691829][ T6550] EXT4-fs error (device loop7): ext4_iget_extra_inode:5104: inode #15: comm syz.7.1024: corrupted in-inode xattr: overlapping e_value 
[   89.961566][ T6563] devpts: Bad value for 'mode'
[   90.003377][ T6570] loop1: detected capacity change from 0 to 512
[   90.041362][ T6570] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   90.113629][ T6570] EXT4-fs (loop1): 1 truncate cleaned up
[   90.139711][ T6570] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1033'.
[   90.149933][ T6570] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1033'.
[   90.182235][ T6580] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1037'.
[   90.210635][ T6578] loop8: detected capacity change from 0 to 512
[   90.565576][ T6602] loop2: detected capacity change from 0 to 512
[   90.588968][ T6602] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   90.597985][ T6598] devpts: Bad value for 'mode'
[   90.609313][ T6578] EXT4-fs (loop8): Cannot turn on journaled quota: type 1: error -2
[   90.649644][ T6578] EXT4-fs error (device loop8): ext4_orphan_get:1392: inode #13: comm syz.8.1036: iget: bad i_size value: 12154757448730
[   90.667515][ T6606] siw: device registration error -23
[   90.696628][ T6602] loop2: detected capacity change from 0 to 164
[   90.715136][ T6578] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.1036: couldn't read orphan inode 13 (err -117)
[   90.734193][ T6602] syz.2.1045: attempt to access beyond end of device
[   90.734193][ T6602] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   90.742797][ T6609] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1047'.
[   90.769110][ T6602] syz.2.1045: attempt to access beyond end of device
[   90.769110][ T6602] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[   90.811233][ T6602] iso9660: Corrupted directory entry in block 4 of inode 1792
[   90.837182][ T6578] EXT4-fs error (device loop8): ext4_iget_extra_inode:5104: inode #15: comm syz.8.1036: corrupted in-inode xattr: overlapping e_value 
[   90.888556][ T6613] loop2: detected capacity change from 0 to 128
[   90.947989][ T6616] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1060'.
[   90.948882][ T6613] syz.2.1048: attempt to access beyond end of device
[   90.948882][ T6613] loop2: rw=0, sector=2072, nr_sectors = 1 limit=128
[   91.017410][ T6622] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1051'.
[   91.167646][ T6634] loop7: detected capacity change from 0 to 1024
[   91.205916][ T6639] siw: device registration error -23
[   91.219556][ T6634] EXT4-fs: Ignoring removed oldalloc option
[   91.225613][ T6634] EXT4-fs: Ignoring removed bh option
[   91.244343][ T6643] loop6: detected capacity change from 0 to 512
[   91.265765][ T6643] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[   91.288563][ T6643] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #13: comm syz.6.1061: iget: bad i_size value: 12154757448730
[   91.325904][ T6634] netlink: 68 bytes leftover after parsing attributes in process `syz.7.1056'.
[   91.339990][ T6643] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.1061: couldn't read orphan inode 13 (err -117)
[   91.486076][ T6656] loop7: detected capacity change from 0 to 128
[   91.525588][ T6656] syz.7.1066: attempt to access beyond end of device
[   91.525588][ T6656] loop7: rw=0, sector=2072, nr_sectors = 1 limit=128
[   91.736668][ T6674] loop2: detected capacity change from 0 to 512
[   91.762919][ T6674] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   91.783343][ T6664] loop7: detected capacity change from 0 to 1024
[   91.844499][ T6664] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   91.856967][ T6664] rdma_rxe: rxe_newlink: failed to add geneve1
[   91.905672][ T6684] loop6: detected capacity change from 0 to 512
[   91.923672][ T6686] loop2: detected capacity change from 0 to 512
[   91.939369][ T6684] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[   91.951308][ T6686] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   91.967392][ T6684] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #13: comm syz.6.1075: iget: bad i_size value: 12154757448730
[   91.991879][ T6684] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.1075: couldn't read orphan inode 13 (err -117)
[   92.012586][ T6686] EXT4-fs (loop2): 1 orphan inode deleted
[   92.018333][ T6686] EXT4-fs (loop2): 1 truncate cleaned up
[   92.183685][ T6653] syz.8.1064 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[   92.194706][ T6653] CPU: 0 UID: 0 PID: 6653 Comm: syz.8.1064 Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(voluntary) 
[   92.194737][ T6653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   92.194750][ T6653] Call Trace:
[   92.194757][ T6653]  <TASK>
[   92.194832][ T6653]  __dump_stack+0x1d/0x30
[   92.194856][ T6653]  dump_stack_lvl+0xe8/0x140
[   92.194879][ T6653]  dump_stack+0x15/0x1b
[   92.194968][ T6653]  dump_header+0x81/0x220
[   92.195006][ T6653]  oom_kill_process+0x342/0x400
[   92.195050][ T6653]  out_of_memory+0x979/0xb80
[   92.195087][ T6653]  try_charge_memcg+0x5e6/0x9e0
[   92.195186][ T6653]  charge_memcg+0x51/0xc0
[   92.195256][ T6653]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[   92.195283][ T6653]  __read_swap_cache_async+0x1df/0x350
[   92.195323][ T6653]  swap_cluster_readahead+0x277/0x3e0
[   92.195411][ T6653]  swapin_readahead+0xde/0x6f0
[   92.195444][ T6653]  ? __filemap_get_folio+0x4f7/0x6b0
[   92.195561][ T6653]  ? swap_cache_get_folio+0x77/0x200
[   92.195597][ T6653]  do_swap_page+0x301/0x2430
[   92.195622][ T6653]  ? css_rstat_updated+0xb7/0x240
[   92.195656][ T6653]  ? __pfx_default_wake_function+0x10/0x10
[   92.195681][ T6653]  handle_mm_fault+0x9a5/0x2c20
[   92.195725][ T6653]  do_user_addr_fault+0x636/0x1090
[   92.195764][ T6653]  ? fpregs_restore_userregs+0xad/0x1d0
[   92.195807][ T6653]  ? switch_fpu_return+0xe/0x20
[   92.195836][ T6653]  ? fpregs_assert_state_consistent+0xb4/0xe0
[   92.195870][ T6653]  exc_page_fault+0x62/0xa0
[   92.195971][ T6653]  asm_exc_page_fault+0x26/0x30
[   92.195996][ T6653] RIP: 0033:0x7f96c271563c
[   92.196011][ T6653] Code: 66 0f 1f 44 00 00 69 3d 76 00 e8 00 e8 03 00 00 48 8d 1d 77 09 35 00 e8 12 95 12 00 eb 0c 48 81 c3 f0 00 00 00 48 39 eb 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 f0 00 00
[   92.196049][ T6653] RSP: 002b:00007ffc34840060 EFLAGS: 00010202
[   92.196064][ T6653] RAX: 0000000000000000 RBX: 00007f96c2a65fa0 RCX: 0000000000000000
[   92.196077][ T6653] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005555597f3808
[   92.196090][ T6653] RBP: 00007f96c2a67da0 R08: 0000000000000000 R09: 7fffffffffffffff
[   92.196106][ T6653] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000016861
[   92.196122][ T6653] R13: 00007f96c2a66090 R14: ffffffffffffffff R15: 00007ffc34840170
[   92.196144][ T6653]  </TASK>
[   92.196152][ T6653] memory: usage 307200kB, limit 307200kB, failcnt 655
[   92.211990][ T6686] EXT4-fs error (device loop2): ext4_inlinedir_to_tree:1314: inode #12: block 7: comm syz.2.1076: path /217/file0/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0
[   92.218433][ T6653] memory+swap: usage 307388kB, limit 9007199254740988kB, failcnt 0
[   92.266387][ T6686] EXT4-fs (loop2): Remounting filesystem read-only
[   92.266539][ T6653] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[   92.429901][ T6694] 9pnet: Could not find request transport: 0xffffffffffffffff
[   92.444999][ T6653] Memory cgroup stats for /syz8:
[   92.445366][ T6653] cache 0
[   92.482276][ T6653] rss 0
[   92.485033][ T6653] shmem 0
[   92.487979][ T6653] mapped_file 0
[   92.491453][ T6653] dirty 0
[   92.494424][ T6653] writeback 4096
[   92.497953][ T6653] workingset_refault_anon 201
[   92.502736][ T6653] workingset_refault_file 0
[   92.507220][ T6653] swap 192512
[   92.510503][ T6653] swapcached 12288
[   92.514218][ T6653] pgpgin 30585
[   92.517573][ T6653] pgpgout 30582
[   92.521039][ T6653] pgfault 19010
[   92.524485][ T6653] pgmajfault 94
[   92.526640][ T6698] loop1: detected capacity change from 0 to 764
[   92.527927][ T6653] inactive_anon 12288
[   92.527936][ T6653] active_anon 0
[   92.527944][ T6653] inactive_file 0
[   92.545235][ T6653] active_file 0
[   92.548680][ T6653] unevictable 0
[   92.552196][ T6653] hierarchical_memory_limit 314572800
[   92.557557][ T6653] hierarchical_memsw_limit 9223372036854771712
[   92.563773][ T6653] total_cache 0
[   92.567215][ T6653] total_rss 0
[   92.570520][ T6653] total_shmem 0
[   92.573968][ T6653] total_mapped_file 0
[   92.577936][ T6653] total_dirty 0
[   92.579412][ T6698] iso9660: Unknown parameter '`��D��`X>������:� ��z�`�jٹz��hHf���o�:��k�㵜��ZW'
[   92.581415][ T6653] total_writeback 4096
[   92.594966][ T6653] total_workingset_refault_anon 201
[   92.600246][ T6653] total_workingset_refault_file 0
[   92.605258][ T6653] total_swap 192512
[   92.609054][ T6653] total_swapcached 12288
[   92.613343][ T6653] total_pgpgin 30585
[   92.617218][ T6653] total_pgpgout 30582
[   92.621229][ T6653] total_pgfault 19010
[   92.625258][ T6653] total_pgmajfault 94
[   92.629240][ T6653] total_inactive_anon 12288
[   92.633729][ T6653] total_active_anon 0
[   92.637707][ T6653] total_inactive_file 0
[   92.641921][ T6653] total_active_file 0
[   92.645921][ T6653] total_unevictable 0
[   92.649904][ T6653] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz8,task_memcg=/syz8,task=syz.8.1064,pid=6653,uid=0
[   92.664566][ T6653] Memory cgroup out of memory: Killed process 6653 (syz.8.1064) total-vm:93764kB, anon-rss:944kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   92.696235][ T6699] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.781953][ T6699] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.852199][ T6699] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.963738][ T6699] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.990335][ T6710] loop1: detected capacity change from 0 to 1024
[   92.997059][ T6710] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   93.009396][ T6710] syz2: rxe_newlink: already configured on geneve1
[   93.089087][   T51] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.459397][   T51] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.476063][   T51] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.521975][   T51] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.666164][ T6740] 9pnet: Could not find request transport: 0xffffffffffffffff
[   93.723638][ T6740] loop6: detected capacity change from 0 to 764
[   93.755465][ T6743] loop1: detected capacity change from 0 to 128
[   93.762271][ T6740] iso9660: Unknown parameter '`��D��`X>������:� ��z�`�jٹz��hHf���o�:��k�㵜��ZW'
[   93.824786][ T6743] syz.1.1097: attempt to access beyond end of device
[   93.824786][ T6743] loop1: rw=0, sector=2072, nr_sectors = 1 limit=128
[   93.906013][   T29] kauditd_printk_skb: 410 callbacks suppressed
[   93.906029][   T29] audit: type=1400 audit(1754803845.758:10359): avc:  denied  { create } for  pid=6746 comm="syz.6.1100" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   93.912186][ T6749] loop7: detected capacity change from 0 to 128
[   93.912344][   T29] audit: type=1400 audit(1754803845.758:10360): avc:  denied  { setopt } for  pid=6746 comm="syz.6.1100" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   93.938269][ T6749] syz.7.1099: attempt to access beyond end of device
[   93.938269][ T6749] loop7: rw=0, sector=2072, nr_sectors = 1 limit=128
[   93.974442][ T6747] macvtap0: entered allmulticast mode
[   93.979847][ T6747] bond0: entered allmulticast mode
[   93.998744][ T6747] 8021q: adding VLAN 0 to HW filter on device macvtap0
[   94.034443][ T6747] bond0: left allmulticast mode
[   94.039558][   T29] audit: type=1400 audit(1754803845.848:10361): avc:  denied  { setopt } for  pid=6746 comm="syz.6.1100" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   94.041344][ T6752] loop1: detected capacity change from 0 to 1024
[   94.087932][ T6752] EXT4-fs: Ignoring removed oldalloc option
[   94.093896][ T6752] EXT4-fs: Ignoring removed bh option
[   94.113739][ T6755] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1103'.
[   94.164530][ T6758] devpts: Bad value for 'mode'
[   94.169432][   T29] audit: type=1400 audit(1754803846.018:10362): avc:  denied  { remount } for  pid=6757 comm="syz.6.1104" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[   94.205618][ T6769] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1101'.
[   94.280059][ T6775] loop6: detected capacity change from 0 to 1024
[   94.286797][ T6775] EXT4-fs: Ignoring removed orlov option
[   94.304626][   T29] audit: type=1400 audit(1754803846.158:10363): avc:  denied  { create } for  pid=6776 comm="syz.7.1110" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   94.328394][ T6779] loop2: detected capacity change from 0 to 512
[   94.337904][ T6779] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   94.354214][   T29] audit: type=1400 audit(1754803846.198:10364): avc:  denied  { read write } for  pid=6774 comm="syz.6.1109" name="file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   94.377092][   T29] audit: type=1400 audit(1754803846.198:10365): avc:  denied  { open } for  pid=6774 comm="syz.6.1109" path="/134/file1/file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   94.401244][   T29] audit: type=1400 audit(1754803846.258:10366): avc:  denied  { ioctl } for  pid=6774 comm="syz.6.1109" path="/134/file1/file1" dev="loop6" ino=15 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   94.419801][ T6779] EXT4-fs (loop2): 1 orphan inode deleted
[   94.431621][ T6779] EXT4-fs (loop2): 1 truncate cleaned up
[   94.492958][ T6791] bond_slave_0: entered promiscuous mode
[   94.498642][ T6791] bond_slave_1: entered promiscuous mode
[   94.509625][ T6779] EXT4-fs error (device loop2): ext4_inlinedir_to_tree:1314: inode #12: block 7: comm syz.2.1111: path /225/file0/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0
[   94.559713][ T6796] loop8: detected capacity change from 0 to 512
[   94.567487][ T6791] macvtap1: entered allmulticast mode
[   94.572968][ T6791] bond0: entered allmulticast mode
[   94.575913][ T6796] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   94.578083][ T6791] bond_slave_0: entered allmulticast mode
[   94.588255][ T6779] EXT4-fs (loop2): Remounting filesystem read-only
[   94.592110][ T6791] bond_slave_1: entered allmulticast mode
[   94.606337][ T6791] 8021q: adding VLAN 0 to HW filter on device macvtap1
[   94.613580][ T6796] loop8: detected capacity change from 0 to 164
[   94.621701][ T6791] bond0: left allmulticast mode
[   94.626586][ T6791] bond_slave_0: left allmulticast mode
[   94.627066][   T29] audit: type=1400 audit(1754803846.478:10367): avc:  denied  { mount } for  pid=6794 comm="syz.8.1116" name="/" dev="loop8" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   94.632079][ T6791] bond_slave_1: left allmulticast mode
[   94.658052][ T6796] syz.8.1116: attempt to access beyond end of device
[   94.658052][ T6796] loop8: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   94.659958][ T6791] bond_slave_0: left promiscuous mode
[   94.675948][ T6796] syz.8.1116: attempt to access beyond end of device
[   94.675948][ T6796] loop8: rw=0, sector=263328, nr_sectors = 4 limit=164
[   94.679085][ T6791] bond_slave_1: left promiscuous mode
[   94.722251][ T6802] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6802 comm=syz.2.1118
[   94.751890][ T6808] netlink: 68 bytes leftover after parsing attributes in process `syz.6.1121'.
[   94.781769][   T29] audit: type=1400 audit(1754803846.638:10368): avc:  denied  { listen } for  pid=6801 comm="syz.2.1118" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[   94.806551][ T6802] loop2: detected capacity change from 0 to 512
[   94.822006][ T6812] loop8: detected capacity change from 0 to 1024
[   94.828847][ T6812] EXT4-fs: Ignoring removed orlov option
[   94.838800][ T6802] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   94.859668][ T6802] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1118: bg 0: block 4: invalid block bitmap
[   94.878620][ T6802] EXT4-fs (loop2): Remounting filesystem read-only
[   94.885525][ T6802] EXT4-fs (loop2): 1 truncate cleaned up
[   94.911204][ T6823] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1127'.
[   95.005066][ T6836] loop2: detected capacity change from 0 to 512
[   95.017815][ T6836] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   95.032835][ T6836] loop2: detected capacity change from 0 to 164
[   95.053167][ T6836] syz.2.1133: attempt to access beyond end of device
[   95.053167][ T6836] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   95.073084][ T6836] syz.2.1133: attempt to access beyond end of device
[   95.073084][ T6836] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[   95.105518][ T6843] loop1: detected capacity change from 0 to 128
[   95.381684][ T6853] loop1: detected capacity change from 0 to 1024
[   95.388410][ T6853] EXT4-fs: Ignoring removed oldalloc option
[   95.394430][ T6853] EXT4-fs: Ignoring removed bh option
[   95.470364][ T6856] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1140'.
[   95.473402][ T6831] syz.8.1130 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[   95.493425][ T6831] CPU: 1 UID: 0 PID: 6831 Comm: syz.8.1130 Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(voluntary) 
[   95.493475][ T6831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   95.493488][ T6831] Call Trace:
[   95.493495][ T6831]  <TASK>
[   95.493504][ T6831]  __dump_stack+0x1d/0x30
[   95.493545][ T6831]  dump_stack_lvl+0xe8/0x140
[   95.493568][ T6831]  dump_stack+0x15/0x1b
[   95.493684][ T6831]  dump_header+0x81/0x220
[   95.493724][ T6831]  oom_kill_process+0x342/0x400
[   95.493760][ T6831]  out_of_memory+0x979/0xb80
[   95.493796][ T6831]  try_charge_memcg+0x5e6/0x9e0
[   95.493848][ T6831]  obj_cgroup_charge_pages+0xa6/0x150
[   95.493911][ T6831]  __memcg_kmem_charge_page+0x9f/0x170
[   95.493946][ T6831]  __alloc_frozen_pages_noprof+0x188/0x360
[   95.494036][ T6831]  alloc_pages_mpol+0xb3/0x250
[   95.494106][ T6831]  alloc_pages_noprof+0x90/0x130
[   95.494146][ T6831]  __vmalloc_node_range_noprof+0x6f2/0xe00
[   95.494206][ T6831]  __kvmalloc_node_noprof+0x30f/0x4e0
[   95.494237][ T6831]  ? ip_set_alloc+0x1f/0x30
[   95.494275][ T6831]  ? ip_set_alloc+0x1f/0x30
[   95.494327][ T6831]  ? __kmalloc_cache_noprof+0x189/0x320
[   95.494361][ T6831]  ip_set_alloc+0x1f/0x30
[   95.494392][ T6831]  hash_netiface_create+0x282/0x740
[   95.494485][ T6831]  ? __pfx_hash_netiface_create+0x10/0x10
[   95.494583][ T6831]  ip_set_create+0x3c9/0x960
[   95.494619][ T6831]  ? __nla_parse+0x40/0x60
[   95.494648][ T6831]  nfnetlink_rcv_msg+0x4c6/0x590
[   95.494700][ T6831]  netlink_rcv_skb+0x120/0x220
[   95.494727][ T6831]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   95.494765][ T6831]  nfnetlink_rcv+0x16b/0x1690
[   95.494800][ T6831]  ? nlmon_xmit+0x4f/0x60
[   95.494827][ T6831]  ? consume_skb+0x49/0x150
[   95.494938][ T6831]  ? nlmon_xmit+0x4f/0x60
[   95.494964][ T6831]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   95.494987][ T6831]  ? __dev_queue_xmit+0x1200/0x2000
[   95.495031][ T6831]  ? __dev_queue_xmit+0x182/0x2000
[   95.495056][ T6831]  ? __alloc_frozen_pages_noprof+0x188/0x360
[   95.495157][ T6831]  ? ref_tracker_free+0x37d/0x3e0
[   95.495200][ T6831]  ? __netlink_deliver_tap+0x4dc/0x500
[   95.495223][ T6831]  netlink_unicast+0x5c0/0x690
[   95.495265][ T6831]  netlink_sendmsg+0x58b/0x6b0
[   95.495314][ T6831]  ? __pfx_netlink_sendmsg+0x10/0x10
[   95.495400][ T6831]  __sock_sendmsg+0x142/0x180
[   95.495433][ T6831]  ____sys_sendmsg+0x31e/0x4e0
[   95.495461][ T6831]  ___sys_sendmsg+0x17b/0x1d0
[   95.495501][ T6831]  __x64_sys_sendmsg+0xd4/0x160
[   95.495529][ T6831]  x64_sys_call+0x191e/0x2ff0
[   95.495552][ T6831]  do_syscall_64+0xd2/0x200
[   95.495613][ T6831]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   95.495642][ T6831]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   95.495734][ T6831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.495757][ T6831] RIP: 0033:0x7f96c283ebe9
[   95.495775][ T6831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.495798][ T6831] RSP: 002b:00007f96c129f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   95.495818][ T6831] RAX: ffffffffffffffda RBX: 00007f96c2a65fa0 RCX: 00007f96c283ebe9
[   95.495831][ T6831] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[   95.495848][ T6831] RBP: 00007f96c28c1e19 R08: 0000000000000000 R09: 0000000000000000
[   95.495862][ T6831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   95.495877][ T6831] R13: 00007f96c2a66038 R14: 00007f96c2a65fa0 R15: 00007ffc3483fef8
[   95.495895][ T6831]  </TASK>
[   95.495901][ T6831] memory: usage 307200kB, limit 307200kB, failcnt 934
[   95.693783][ T6859] loop7: detected capacity change from 0 to 1024
[   95.697079][ T6831] memory+swap: usage 307388kB, limit 9007199254740988kB, failcnt 0
[   95.697096][ T6831] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[   95.697110][ T6831] Memory cgroup stats for 
[   95.703212][ T6859] EXT4-fs: Ignoring removed orlov option
[   95.706720][ T6831] /syz8:
[   95.707160][ T6831] cache 0
[   95.877286][ T6831] rss 0
[   95.880205][ T6831] shmem 0
[   95.883139][ T6831] mapped_file 0
[   95.886572][ T6831] dirty 0
[   95.889500][ T6831] writeback 0
[   95.892818][ T6831] workingset_refault_anon 250
[   95.897484][ T6831] workingset_refault_file 0
[   95.902024][ T6831] swap 192512
[   95.905292][ T6831] swapcached 12288
[   95.908981][ T6831] pgpgin 31554
[   95.912335][ T6831] pgpgout 31551
[   95.915766][ T6831] pgfault 20251
[   95.919216][ T6831] pgmajfault 127
[   95.922784][ T6831] inactive_anon 0
[   95.926385][ T6831] active_anon 12288
[   95.930182][ T6831] inactive_file 0
[   95.933786][ T6831] active_file 0
[   95.937292][ T6831] unevictable 0
[   95.940738][ T6831] hierarchical_memory_limit 314572800
[   95.946082][ T6831] hierarchical_memsw_limit 9223372036854771712
[   95.952267][ T6831] total_cache 0
[   95.955703][ T6831] total_rss 0
[   95.959034][ T6831] total_shmem 0
[   95.962489][ T6831] total_mapped_file 0
[   95.966439][ T6831] total_dirty 0
[   95.969896][ T6831] total_writeback 0
[   95.973672][ T6831] total_workingset_refault_anon 250
[   95.978922][ T6831] total_workingset_refault_file 0
[   95.983943][ T6831] total_swap 192512
[   95.987738][ T6831] total_swapcached 12288
[   95.991996][ T6831] total_pgpgin 31554
[   95.994420][ T6865] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1144'.
[   95.995870][ T6831] total_pgpgout 31551
[   96.008946][ T6831] total_pgfault 20251
[   96.012931][ T6831] total_pgmajfault 127
[   96.016972][ T6831] total_inactive_anon 0
[   96.021174][ T6831] total_active_anon 12288
[   96.025474][ T6831] total_inactive_file 0
[   96.029646][ T6831] total_active_file 0
[   96.033667][ T6831] total_unevictable 0
[   96.037615][ T6831] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz8,task_memcg=/syz8,task=syz.8.1130,pid=6829,uid=0
[   96.052245][ T6831] Memory cgroup out of memory: Killed process 6829 (syz.8.1130) total-vm:95812kB, anon-rss:944kB, file-rss:22332kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   96.257217][ T6867] loop7: detected capacity change from 0 to 1024
[   96.269270][ T6867] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   96.282541][ T6867] rdma_rxe: rxe_newlink: failed to add geneve1
[   96.293616][ T6889] loop1: detected capacity change from 0 to 1024
[   96.301548][ T6889] EXT4-fs: Ignoring removed orlov option
[   96.308015][ T6895] loop9: detected capacity change from 0 to 7
[   96.314464][ T6895] buffer_io_error: 4 callbacks suppressed
[   96.314477][ T6895] Buffer I/O error on dev loop9, logical block 0, async page read
[   96.322123][ T6897] loop6: detected capacity change from 0 to 512
[   96.328332][ T6895] Buffer I/O error on dev loop9, logical block 0, async page read
[   96.342187][ T6895]  loop9: unable to read partition table
[   96.349722][ T6895] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   96.349722][ T6895] 
) failed (rc=-5)
[   96.376844][ T6897] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   96.430656][ T6897] EXT4-fs (loop6): 1 orphan inode deleted
[   96.436408][ T6897] EXT4-fs (loop6): 1 truncate cleaned up
[   96.444839][ T6897] EXT4-fs error (device loop6): ext4_inlinedir_to_tree:1314: inode #12: block 7: comm syz.6.1155: path /150/file0/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0
[   96.467174][ T6897] EXT4-fs (loop6): Remounting filesystem read-only
[   96.590386][ T6916] loop8: detected capacity change from 0 to 128
[   96.610518][ T6919] loop1: detected capacity change from 0 to 1024
[   96.623667][ T6916] bio_check_eod: 1 callbacks suppressed
[   96.623679][ T6916] syz.8.1161: attempt to access beyond end of device
[   96.623679][ T6916] loop8: rw=0, sector=2072, nr_sectors = 1 limit=128
[   96.627417][ T6919] EXT4-fs: Ignoring removed oldalloc option
[   96.648513][ T6919] EXT4-fs: Ignoring removed bh option
[   96.691896][ T6919] EXT4-fs mount: 36 callbacks suppressed
[   96.691910][ T6919] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.719815][ T6924] loop2: detected capacity change from 0 to 128
[   96.786361][ T6931] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1162'.
[   96.800426][ T6930] loop8: detected capacity change from 0 to 512
[   96.812759][ T6933] loop2: detected capacity change from 0 to 1024
[   96.869576][ T6930] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   96.882795][ T6933] EXT4-fs: Ignoring removed orlov option
[   96.908349][ T6933] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.974081][ T6941] loop7: detected capacity change from 0 to 128
[   97.027800][ T6941] syz.7.1170: attempt to access beyond end of device
[   97.027800][ T6941] loop7: rw=0, sector=2072, nr_sectors = 1 limit=128
[   97.058247][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.079444][ T6946] siw: device registration error -23
[   97.121837][ T6949] loop8: detected capacity change from 0 to 512
[   97.135224][ T6949] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[   97.172481][ T6949] EXT4-fs (loop8): 1 orphan inode deleted
[   97.178213][ T6949] EXT4-fs (loop8): 1 truncate cleaned up
[   97.190243][ T6949] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.243631][ T6960] netlink: 68 bytes leftover after parsing attributes in process `syz.6.1178'.
[   97.253348][ T6949] EXT4-fs error (device loop8): ext4_inlinedir_to_tree:1314: inode #12: block 7: comm syz.8.1174: path /84/file0/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0
[   97.275256][ T6949] EXT4-fs (loop8): Remounting filesystem read-only
[   97.301278][ T5219] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.322281][ T6962] loop2: detected capacity change from 0 to 512
[   97.324469][ T6965] loop7: detected capacity change from 0 to 512
[   97.336900][ T6962] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   97.337575][ T6965] EXT4-fs: Ignoring removed mblk_io_submit option
[   97.355107][ T6965] EXT4-fs: Ignoring removed bh option
[   97.355163][ T6968] loop8: detected capacity change from 0 to 164
[   97.361573][ T6965] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[   97.398248][ T6965] EXT4-fs (loop7): 1 truncate cleaned up
[   97.405375][ T6968] syz.8.1179: attempt to access beyond end of device
[   97.405375][ T6968] loop8: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   97.413946][ T6965] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.432187][ T6968] syz.8.1179: attempt to access beyond end of device
[   97.432187][ T6968] loop8: rw=0, sector=263328, nr_sectors = 4 limit=164
[   97.481988][ T6975] loop2: detected capacity change from 0 to 1024
[   97.489674][ T6975] EXT4-fs: Ignoring removed orlov option
[   97.496245][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.510977][ T6975] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.550768][ T4551] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.578008][ T6990] loop8: detected capacity change from 0 to 128
[   97.604420][ T6997] netlink: 68 bytes leftover after parsing attributes in process `syz.8.1194'.
[   97.631545][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.641778][ T7000] loop6: detected capacity change from 0 to 128
[   97.685457][ T7002] netlink: 256 bytes leftover after parsing attributes in process `syz.7.1197'.
[   97.703757][ T7006] loop8: detected capacity change from 0 to 1024
[   97.716439][ T7012] loop9: detected capacity change from 0 to 7
[   97.723361][ T7012] Buffer I/O error on dev loop9, logical block 0, async page read
[   97.731769][ T7012] Buffer I/O error on dev loop9, logical block 0, async page read
[   97.739715][ T7012]  loop9: unable to read partition table
[   97.765586][ T7012] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   97.765586][ T7012] 
) failed (rc=-5)
[   97.780222][ T7018] loop1: detected capacity change from 0 to 512
[   97.786712][ T7018] EXT4-fs: Ignoring removed mblk_io_submit option
[   97.787572][ T7020] loop6: detected capacity change from 0 to 128
[   97.793177][ T7018] EXT4-fs: Ignoring removed bh option
[   97.800570][ T7006] EXT4-fs: Ignoring removed oldalloc option
[   97.810819][ T7006] EXT4-fs: Ignoring removed bh option
[   97.823868][ T7018] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   97.839453][ T7018] EXT4-fs (loop1): 1 truncate cleaned up
[   97.845436][ T7018] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.847647][ T7006] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.925831][ T7034] loop6: detected capacity change from 0 to 1024
[   97.932867][ T7034] EXT4-fs: Ignoring removed orlov option
[   97.954059][ T7034] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.973552][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.026540][ T4547] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.042557][ T7052] loop1: detected capacity change from 0 to 512
[   98.049742][ T7052] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   98.061959][ T7052] EXT4-fs (loop1): 1 orphan inode deleted
[   98.067709][ T7052] EXT4-fs (loop1): 1 truncate cleaned up
[   98.074381][ T7052] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.097997][ T7057] loop9: detected capacity change from 0 to 7
[   98.104342][ T7057] Buffer I/O error on dev loop9, logical block 0, async page read
[   98.112375][ T7057] Buffer I/O error on dev loop9, logical block 0, async page read
[   98.112981][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.120211][ T7057]  loop9: unable to read partition table
[   98.120264][ T7057] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   98.120264][ T7057] 
) failed (rc=-5)
[   98.166602][ T7061] loop2: detected capacity change from 0 to 128
[   98.176713][ T7061] syz.2.1220: attempt to access beyond end of device
[   98.176713][ T7061] loop2: rw=0, sector=2072, nr_sectors = 1 limit=128
[   98.190538][ T7064] siw: device registration error -23
[   98.284396][ T7079] loop2: detected capacity change from 0 to 1024
[   98.291338][ T7079] EXT4-fs: Ignoring removed orlov option
[   98.315308][ T7079] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.341053][ T7089] loop1: detected capacity change from 0 to 128
[   98.349476][ T7089] syz.1.1229: attempt to access beyond end of device
[   98.349476][ T7089] loop1: rw=0, sector=2072, nr_sectors = 1 limit=128
[   98.384365][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.395178][ T7083] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   98.428111][ T7098] siw: device registration error -23
[   98.454732][ T7103] loop1: detected capacity change from 0 to 128
[   98.463973][ T7103] syz.1.1235: attempt to access beyond end of device
[   98.463973][ T7103] loop1: rw=0, sector=2072, nr_sectors = 1 limit=128
[   98.527805][ T5219] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.565799][ T7116] loop8: detected capacity change from 0 to 128
[   98.575003][ T7116] syz.8.1241: attempt to access beyond end of device
[   98.575003][ T7116] loop8: rw=0, sector=2072, nr_sectors = 1 limit=128
[   98.621230][ T7125] siw: device registration error -23
[   98.673592][ T7135] loop8: detected capacity change from 0 to 128
[   98.682224][ T7135] syz.8.1249: attempt to access beyond end of device
[   98.682224][ T7135] loop8: rw=0, sector=2072, nr_sectors = 1 limit=128
[   98.714184][ T7114] loop1: detected capacity change from 0 to 1024
[   98.722326][ T7114] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   98.734099][ T7114] syz2: rxe_newlink: already configured on geneve1
[   98.786491][ T7147] loop7: detected capacity change from 0 to 128
[   98.796463][ T7147] syz.7.1254: attempt to access beyond end of device
[   98.796463][ T7147] loop7: rw=0, sector=2072, nr_sectors = 1 limit=128
[   98.856444][ T7152] loop7: detected capacity change from 0 to 512
[   98.864758][ T7153] siw: device registration error -23
[   98.872190][ T7152] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[   98.898872][ T7152] EXT4-fs (loop7): 1 orphan inode deleted
[   98.904702][ T7152] EXT4-fs (loop7): 1 truncate cleaned up
[   98.910855][ T7152] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.926797][ T7152] EXT4-fs error (device loop7): ext4_inlinedir_to_tree:1314: inode #12: block 7: comm syz.7.1256: path /200/file0/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0
[   98.948405][ T7152] EXT4-fs (loop7): Remounting filesystem read-only
[   98.974042][ T4551] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.019853][ T7164] loop9: detected capacity change from 0 to 7
[   99.026147][ T7164] Buffer I/O error on dev loop9, logical block 0, async page read
[   99.041991][ T7164] Buffer I/O error on dev loop9, logical block 0, async page read
[   99.049918][ T7164]  loop9: unable to read partition table
[   99.096356][ T7164] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   99.096356][ T7164] 
) failed (rc=-5)
[   99.117472][ T7175] loop8: detected capacity change from 0 to 512
[   99.135880][ T7175] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[   99.165159][ T7180] loop6: detected capacity change from 0 to 164
[   99.219326][ T7175] EXT4-fs (loop8): 1 orphan inode deleted
[   99.225088][ T7175] EXT4-fs (loop8): 1 truncate cleaned up
[   99.233225][ T7175] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.257229][ T5219] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.329815][ T7188] __nla_validate_parse: 2 callbacks suppressed
[   99.329836][ T7188] netlink: 256 bytes leftover after parsing attributes in process `syz.8.1271'.
[   99.396544][   T29] kauditd_printk_skb: 205 callbacks suppressed
[   99.396561][   T29] audit: type=1326 audit(1754803851.228:10574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7113 comm="syz.1.1240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6ffeeebe9 code=0x7ffc0000
[   99.426203][   T29] audit: type=1326 audit(1754803851.228:10575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7113 comm="syz.1.1240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6ffeeebe9 code=0x7ffc0000
[   99.480303][ T7204] loop1: detected capacity change from 0 to 128
[   99.545432][ T7211] loop2: detected capacity change from 0 to 164
[   99.588564][ T7198] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   99.650272][ T7229] loop9: detected capacity change from 0 to 7
[   99.656515][ T7229] Buffer I/O error on dev loop9, logical block 0, async page read
[   99.664675][ T7229] Buffer I/O error on dev loop9, logical block 0, async page read
[   99.672535][ T7229]  loop9: unable to read partition table
[   99.678235][ T7229] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   99.678235][ T7229] 
) failed (rc=-5)
[   99.801501][ T7227] loop2: detected capacity change from 0 to 1024
[   99.808017][ T7237] loop1: detected capacity change from 0 to 1024
[   99.808881][ T7227] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   99.826856][ T7227] rdma_rxe: rxe_newlink: failed to add geneve1
[   99.833693][   T29] audit: type=1326 audit(1754803851.698:10576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7226 comm="syz.2.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e90d9ebe9 code=0x7ffc0000
[   99.858657][   T29] audit: type=1326 audit(1754803851.698:10577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7226 comm="syz.2.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e90d9ebe9 code=0x7ffc0000
[   99.882185][   T29] audit: type=1326 audit(1754803851.698:10578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7226 comm="syz.2.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f4e90d9ebe9 code=0x7ffc0000
[   99.905684][   T29] audit: type=1326 audit(1754803851.698:10579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7226 comm="syz.2.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e90d9ebe9 code=0x7ffc0000
[   99.929266][   T29] audit: type=1326 audit(1754803851.698:10580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7226 comm="syz.2.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4e90d9ebe9 code=0x7ffc0000
[   99.952813][   T29] audit: type=1326 audit(1754803851.698:10581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7226 comm="syz.2.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e90d9ebe9 code=0x7ffc0000
[   99.976650][   T29] audit: type=1326 audit(1754803851.698:10582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7226 comm="syz.2.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f4e90d9ebe9 code=0x7ffc0000
[  100.003319][ T7237] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.018516][ T7237] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  100.018677][ T7237] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  100.018705][ T7237] EXT4-fs (loop1): This should not happen!! Data will be lost
[  100.018705][ T7237] 
[  100.018720][ T7237] EXT4-fs (loop1): Total free blocks count 0
[  100.018735][ T7237] EXT4-fs (loop1): Free/Dirty block details
[  100.018748][ T7237] EXT4-fs (loop1): free_blocks=20480
[  100.018762][ T7237] EXT4-fs (loop1): dirty_blocks=80
[  100.018775][ T7237] EXT4-fs (loop1): Block reservation details
[  100.018858][ T7237] EXT4-fs (loop1): i_reserved_data_blocks=5
[  100.020357][ T7237] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 4 with error 28
[  100.087854][ T7243] siw: device registration error -23
[  100.254331][ T7245] loop6: detected capacity change from 0 to 1024
[  100.262694][ T7245] EXT4-fs: Ignoring removed orlov option
[  100.272080][ T7245] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.312930][   T29] audit: type=1326 audit(1754803852.168:10583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7244 comm="syz.6.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa30997ebe9 code=0x7ffc0000
[  100.369674][ T4547] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.425831][ T7259] loop8: detected capacity change from 0 to 128
[  100.444720][ T7262] loop7: detected capacity change from 0 to 512
[  100.473034][ T7262] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  100.485428][ T7262] EXT4-fs (loop7): 1 orphan inode deleted
[  100.491189][ T7262] EXT4-fs (loop7): 1 truncate cleaned up
[  100.497906][ T7262] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.515299][ T7262] EXT4-fs error (device loop7): ext4_inlinedir_to_tree:1314: inode #12: block 7: comm syz.7.1299: path /207/file0/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0
[  100.537898][ T7262] EXT4-fs (loop7): Remounting filesystem read-only
[  100.548046][ T7271] siw: device registration error -23
[  100.557469][ T4551] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.610846][ T7275] loop6: detected capacity change from 0 to 1024
[  100.617639][ T7275] EXT4-fs: Ignoring removed orlov option
[  100.645712][ T7275] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.660188][ T7281] netlink: 256 bytes leftover after parsing attributes in process `syz.8.1307'.
[  100.688150][ T7288] loop7: detected capacity change from 0 to 512
[  100.700446][ T7285] loop1: detected capacity change from 0 to 128
[  100.716544][ T7288] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  100.755437][ T7288] EXT4-fs (loop7): 1 orphan inode deleted
[  100.761275][ T7288] EXT4-fs (loop7): 1 truncate cleaned up
[  100.770545][ T4547] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.805003][ T7297] loop1: detected capacity change from 0 to 128
[  100.815631][ T7288] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.846816][ T7301] siw: device registration error -23
[  100.854015][ T7303] netlink: 256 bytes leftover after parsing attributes in process `syz.6.1314'.
[  100.941751][ T4551] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.010230][ T7305] loop2: detected capacity change from 0 to 1024
[  101.030021][ T7305] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.045071][ T7323] loop1: detected capacity change from 0 to 1024
[  101.052040][ T7323] EXT4-fs: Ignoring removed orlov option
[  101.081444][ T7323] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.097724][ T7305] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  101.112985][ T7305] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  101.125170][ T7305] EXT4-fs (loop2): This should not happen!! Data will be lost
[  101.125170][ T7305] 
[  101.134876][ T7305] EXT4-fs (loop2): Total free blocks count 0
[  101.140887][ T7305] EXT4-fs (loop2): Free/Dirty block details
[  101.146777][ T7305] EXT4-fs (loop2): free_blocks=20480
[  101.152074][ T7305] EXT4-fs (loop2): dirty_blocks=80
[  101.157234][ T7305] EXT4-fs (loop2): Block reservation details
[  101.163216][ T7305] EXT4-fs (loop2): i_reserved_data_blocks=5
[  101.178175][ T7329] loop8: detected capacity change from 0 to 1024
[  101.189494][ T7329] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  101.206223][ T7313] rdma_rxe: rxe_newlink: failed to add geneve1
[  101.223356][ T7305] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 4 with error 28
[  101.237008][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.488379][ T7340] netlink: 68 bytes leftover after parsing attributes in process `syz.7.1328'.
[  101.558330][ T7346] siw: device registration error -23
[  101.615656][ T7349] loop7: detected capacity change from 0 to 128
[  101.650205][ T7349] bio_check_eod: 2 callbacks suppressed
[  101.650219][ T7349] syz.7.1332: attempt to access beyond end of device
[  101.650219][ T7349] loop7: rw=0, sector=2072, nr_sectors = 1 limit=128
[  101.687338][ T7344] loop6: detected capacity change from 0 to 1024
[  101.709765][ T7344] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  101.738819][ T7344] rdma_rxe: rxe_newlink: failed to add geneve1
[  101.847815][ T7362] loop9: detected capacity change from 0 to 7
[  101.864118][ T7362] Buffer I/O error on dev loop9, logical block 0, async page read
[  101.875553][ T7364] loop8: detected capacity change from 0 to 512
[  101.880992][ T7362] Buffer I/O error on dev loop9, logical block 0, async page read
[  101.889645][ T7362]  loop9: unable to read partition table
[  101.900826][ T7362] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  101.900826][ T7362] 
) failed (rc=-5)
[  101.900981][ T7364] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  101.950214][ T7364] EXT4-fs (loop8): 1 orphan inode deleted
[  101.955985][ T7364] EXT4-fs (loop8): 1 truncate cleaned up
[  101.979692][ T7364] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.989407][ T7373] netlink: 68 bytes leftover after parsing attributes in process `syz.7.1341'.
[  102.255253][ T7383] loop2: detected capacity change from 0 to 128
[  102.269836][ T7364] EXT4-fs error (device loop8): ext4_inlinedir_to_tree:1314: inode #12: block 7: comm syz.8.1338: path /120/file0/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0
[  102.299733][ T7383] syz.2.1346: attempt to access beyond end of device
[  102.299733][ T7383] loop2: rw=0, sector=2072, nr_sectors = 1 limit=128
[  102.362667][ T7379] loop7: detected capacity change from 0 to 1024
[  102.389253][ T7379] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  102.430334][ T7379] rdma_rxe: rxe_newlink: failed to add geneve1
[  102.461085][ T7364] EXT4-fs (loop8): Remounting filesystem read-only
[  102.499300][ T7333] syz.1.1326 (7333) used greatest stack depth: 6416 bytes left
[  102.503161][ T7398] loop6: detected capacity change from 0 to 512
[  102.535347][ T5219] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.546510][ T7398] EXT4-fs: Ignoring removed mblk_io_submit option
[  102.552392][ T7402] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1355'.
[  102.553018][ T7398] EXT4-fs: Ignoring removed bh option
[  102.601530][ T7407] loop1: detected capacity change from 0 to 512
[  102.610726][ T7407] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  102.639170][ T7398] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  102.650687][ T7407] EXT4-fs (loop1): 1 orphan inode deleted
[  102.656423][ T7407] EXT4-fs (loop1): 1 truncate cleaned up
[  102.662547][ T7407] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.701125][ T7407] EXT4-fs error (device loop1): ext4_inlinedir_to_tree:1314: inode #12: block 7: comm syz.1.1357: path /273/file0/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0
[  102.789340][ T7407] EXT4-fs (loop1): Remounting filesystem read-only
[  102.804515][ T7398] EXT4-fs (loop6): 1 truncate cleaned up
[  102.840715][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.854116][ T7417] loop8: detected capacity change from 0 to 128
[  102.860825][ T7398] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.939434][ T7417] syz.8.1359: attempt to access beyond end of device
[  102.939434][ T7417] loop8: rw=0, sector=2072, nr_sectors = 1 limit=128
[  103.129384][ T7427] loop1: detected capacity change from 0 to 128
[  103.179331][ T7398] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1350'.
[  103.191603][ T7427] syz.1.1363: attempt to access beyond end of device
[  103.191603][ T7427] loop1: rw=0, sector=2072, nr_sectors = 1 limit=128
[  103.273195][ T7438] netlink: 68 bytes leftover after parsing attributes in process `syz.8.1367'.
[  103.274121][ T7436] loop1: detected capacity change from 0 to 512
[  103.299049][ T7436] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  103.432481][ T7425] ==================================================================
[  103.440579][ T7425] BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping
[  103.448370][ T7425] 
[  103.450673][ T7425] write to 0xffffea000572c558 of 8 bytes by task 7393 on cpu 1:
[  103.458276][ T7425]  __filemap_remove_folio+0x1a5/0x2a0
[  103.463635][ T7425]  filemap_remove_folio+0x6d/0x1d0
[  103.468731][ T7425]  truncate_inode_folio+0x42/0x50
[  103.473735][ T7425]  shmem_undo_range+0x244/0xa80
[  103.478567][ T7425]  shmem_evict_inode+0x134/0x520
[  103.483480][ T7425]  evict+0x2e3/0x550
[  103.487354][ T7425]  iput+0x447/0x5b0
[  103.491139][ T7425]  dentry_unlink_inode+0x24f/0x260
[  103.496230][ T7425]  __dentry_kill+0x18d/0x4b0
[  103.500795][ T7425]  dput+0x5e/0xd0
[  103.504408][ T7425]  __fput+0x444/0x650
[  103.508367][ T7425]  ____fput+0x1c/0x30
[  103.512326][ T7425]  task_work_run+0x131/0x1a0
[  103.516892][ T7425]  do_exit+0x483/0x15c0
[  103.521028][ T7425]  do_group_exit+0xff/0x140
[  103.525511][ T7425]  get_signal+0xe59/0xf70
[  103.529827][ T7425]  arch_do_signal_or_restart+0x96/0x480
[  103.535347][ T7425]  irqentry_exit_to_user_mode+0x5e/0xa0
[  103.540872][ T7425]  irqentry_exit+0x12/0x50
[  103.545263][ T7425]  asm_exc_page_fault+0x26/0x30
[  103.550104][ T7425] 
[  103.552403][ T7425] read to 0xffffea000572c558 of 8 bytes by task 7425 on cpu 0:
[  103.559914][ T7425]  folio_mapping+0xa1/0x120
[  103.564393][ T7425]  evict_folios+0xdd9/0x3520
[  103.568960][ T7425]  try_to_shrink_lruvec+0x5b5/0x950
[  103.574136][ T7425]  shrink_lruvec+0x22e/0x1b50
[  103.578785][ T7425]  shrink_node+0x686/0x2120
[  103.583267][ T7425]  do_try_to_free_pages+0x3f6/0xcd0
[  103.588441][ T7425]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  103.594310][ T7425]  try_charge_memcg+0x358/0x9e0
[  103.599134][ T7425]  obj_cgroup_charge_pages+0xa6/0x150
[  103.604487][ T7425]  __memcg_kmem_charge_page+0x9f/0x170
[  103.609929][ T7425]  __alloc_frozen_pages_noprof+0x188/0x360
[  103.615716][ T7425]  alloc_pages_mpol+0xb3/0x250
[  103.620459][ T7425]  alloc_pages_noprof+0x90/0x130
[  103.625373][ T7425]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  103.631157][ T7425]  __kvmalloc_node_noprof+0x30f/0x4e0
[  103.636514][ T7425]  ip_set_alloc+0x1f/0x30
[  103.640825][ T7425]  hash_netiface_create+0x282/0x740
[  103.646003][ T7425]  ip_set_create+0x3c9/0x960
[  103.650571][ T7425]  nfnetlink_rcv_msg+0x4c6/0x590
[  103.655500][ T7425]  netlink_rcv_skb+0x120/0x220
[  103.660241][ T7425]  nfnetlink_rcv+0x16b/0x1690
[  103.664903][ T7425]  netlink_unicast+0x5c0/0x690
[  103.669652][ T7425]  netlink_sendmsg+0x58b/0x6b0
[  103.674395][ T7425]  __sock_sendmsg+0x142/0x180
[  103.679050][ T7425]  ____sys_sendmsg+0x31e/0x4e0
[  103.683785][ T7425]  ___sys_sendmsg+0x17b/0x1d0
[  103.688452][ T7425]  __x64_sys_sendmsg+0xd4/0x160
[  103.693277][ T7425]  x64_sys_call+0x191e/0x2ff0
[  103.697929][ T7425]  do_syscall_64+0xd2/0x200
[  103.702408][ T7425]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.708275][ T7425] 
[  103.710570][ T7425] value changed: 0xffff88811ad51078 -> 0x0000000000000000
[  103.717648][ T7425] 
[  103.719946][ T7425] Reported by Kernel Concurrency Sanitizer on:
[  103.726066][ T7425] CPU: 0 UID: 0 PID: 7425 Comm: syz.7.1362 Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(voluntary) 
[  103.738099][ T7425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  103.748129][ T7425] ==================================================================
[  103.756859][ T4547] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.035405][ T7425] syz.7.1362 (7425) used greatest stack depth: 6224 bytes left
[  104.407147][ T7441] syz.6.1369 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  104.418131][ T7441] CPU: 1 UID: 0 PID: 7441 Comm: syz.6.1369 Not tainted 6.16.0-syzkaller-12256-g561c80369df0 #0 PREEMPT(voluntary) 
[  104.418213][ T7441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  104.418227][ T7441] Call Trace:
[  104.418234][ T7441]  <TASK>
[  104.418242][ T7441]  __dump_stack+0x1d/0x30
[  104.418265][ T7441]  dump_stack_lvl+0xe8/0x140
[  104.418286][ T7441]  dump_stack+0x15/0x1b
[  104.418314][ T7441]  dump_header+0x81/0x220
[  104.418346][ T7441]  oom_kill_process+0x342/0x400
[  104.418431][ T7441]  out_of_memory+0x979/0xb80
[  104.418552][ T7441]  try_charge_memcg+0x5e6/0x9e0
[  104.418579][ T7441]  charge_memcg+0x51/0xc0
[  104.418601][ T7441]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  104.418626][ T7441]  __read_swap_cache_async+0x1df/0x350
[  104.418720][ T7441]  swap_cluster_readahead+0x277/0x3e0
[  104.418762][ T7441]  swapin_readahead+0xde/0x6f0
[  104.418804][ T7441]  ? __filemap_get_folio+0x4f7/0x6b0
[  104.418843][ T7441]  ? swap_cache_get_folio+0x77/0x200
[  104.418910][ T7441]  do_swap_page+0x301/0x2430
[  104.418936][ T7441]  ? css_rstat_updated+0xb7/0x240
[  104.418968][ T7441]  ? __pfx_default_wake_function+0x10/0x10
[  104.418995][ T7441]  handle_mm_fault+0x9a5/0x2c20
[  104.419031][ T7441]  do_user_addr_fault+0x636/0x1090
[  104.419071][ T7441]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  104.419183][ T7441]  exc_page_fault+0x62/0xa0
[  104.419210][ T7441]  asm_exc_page_fault+0x26/0x30
[  104.419235][ T7441] RIP: 0033:0x7fa309855618
[  104.419253][ T7441] Code: 48 f7 f1 48 01 d8 49 39 c4 4c 0f 42 e0 83 3d aa 27 35 00 00 0f 8e 09 fe ff ff e8 43 9e fe ff 49 39 c4 72 66 66 0f 1f 44 00 00 <69> 3d 76 00 e8 00 e8 03 00 00 48 8d 1d 77 09 35 00 e8 12 95 12 00
[  104.419271][ T7441] RSP: 002b:00007ffe29342d30 EFLAGS: 00010202
[  104.419286][ T7441] RAX: 00000000000197bb RBX: 00007fa309ba7da0 RCX: 0000000000019640
[  104.419299][ T7441] RDX: 000000000000017b RSI: 00007ffe29342d10 RDI: 0000000000000001
[  104.419311][ T7441] RBP: 00007fa309ba7da0 R08: 0000000016991b6c R09: 7fffffffffffffff
[  104.419382][ T7441] R10: 3fffffffffffffff R11: 0000000000000293 R12: 00000000000198ce
[  104.419397][ T7441] R13: 00007fa309ba6090 R14: ffffffffffffffff R15: 00007ffe29342e40
[  104.419463][ T7441]  </TASK>
[  104.628706][ T7441] memory: usage 307200kB, limit 307200kB, failcnt 606
[  104.635479][ T7441] memory+swap: usage 307680kB, limit 9007199254740988kB, failcnt 0
[  104.643362][ T7441] kmem: usage 307176kB, limit 9007199254740988kB, failcnt 0
[  104.650629][ T7441] Memory cgroup stats for /syz6:
[  104.650899][ T7441] cache 0
[  104.658830][ T7441] rss 4096
[  104.661891][ T7441] shmem 0
[  104.664808][ T7441] mapped_file 0
[  104.668237][ T7441] dirty 0
[  104.671221][ T7441] writeback 8192
[  104.674752][ T7441] workingset_refault_anon 113
[  104.679452][ T7441] workingset_refault_file 0
[  104.683928][ T7441] swap 491520
[  104.687185][ T7441] swapcached 16384
[  104.690898][ T7441] pgpgin 98088
[  104.694323][ T7441] pgpgout 98082
[  104.697773][ T7441] pgfault 59329
[  104.701247][ T7441] pgmajfault 57
[  104.704697][ T7441] inactive_anon 16384
[  104.708653][ T7441] active_anon 0
[  104.712115][ T7441] inactive_file 8192
[  104.715982][ T7441] active_file 0
[  104.719441][ T7441] unevictable 0
[  104.722875][ T7441] hierarchical_memory_limit 314572800
[  104.728293][ T7441] hierarchical_memsw_limit 9223372036854771712
[  104.734459][ T7441] total_cache 0
[  104.737903][ T7441] total_rss 4096
[  104.741467][ T7441] total_shmem 0
[  104.744904][ T7441] total_mapped_file 0
[  104.748860][ T7441] total_dirty 0
[  104.752326][ T7441] total_writeback 8192
[  104.756366][ T7441] total_workingset_refault_anon 113
[  104.761576][ T7441] total_workingset_refault_file 0
[  104.766610][ T7441] total_swap 491520
[  104.770413][ T7441] total_swapcached 16384
[  104.774631][ T7441] total_pgpgin 98088
[  104.778498][ T7441] total_pgpgout 98082
[  104.782475][ T7441] total_pgfault 59329
[  104.786506][ T7441] total_pgmajfault 57
[  104.790482][ T7441] total_inactive_anon 16384
[  104.794961][ T7441] total_active_anon 0
[  104.798911][ T7441] total_inactive_file 8192
[  104.803341][ T7441] total_active_file 0
[  104.807331][ T7441] total_unevictable 0
[  104.811318][ T7441] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.1369,pid=7441,uid=0
[  104.826017][ T7441] Memory cgroup out of memory: Killed process 7441 (syz.6.1369) total-vm:93764kB, anon-rss:944kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000