last executing test programs:

3.140833515s ago: executing program 0 (id=5146):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
close(r3)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)
recvmmsg(r7, &(0x7f0000005140)=[{{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000640)=""/216, 0xd8}, {&(0x7f00000052c0)=""/235, 0xeb}, {&(0x7f0000003080)=""/4096, 0x1000}], 0x3}, 0x3}], 0x1b00, 0x0, 0x0)

2.940338773s ago: executing program 3 (id=5153):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
signalfd4(0xffffffffffffffff, &(0x7f0000000180)={[0xffffffffffffffff]}, 0x8, 0x800)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f00000004c0), 0x208e24b)
ftruncate(r4, 0xb35)
socket$inet(0xa, 0x1, 0x0)

2.805610319s ago: executing program 0 (id=5159):
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000640), 0x1, 0x5c0, &(0x7f0000000c40)="$eJzs3V+IHHcdAPDv7u2m7SWYVmo11TZXq23sn73cXQmmFiSP2qbU/nkyEo9kcwm3l423G+xdLVwpQgUjofqkTwqCig8RQUF8KIj1UfBNKRUsogRCsRRFU12Z2Zmw8TZ3ud6fsTefD8zdb34ze7/v7Jfv7M4vs5sASmss+VGJ2BURr0bE7v7q1TuM9X+dn7pwMlkq0es99WYl3e/5qQsn813zx+1MflQjPpT8+nXEzvrycTsLi7PTrVZzPlsf786dGe8sLD54am56pjnTPD05NXFg/+SBiQMHN+xYf/jcy599/bnHLp+7NPr91/bs/UcS765s2+BxbJSxGMuek3p8dHBDJeLTGz1YQUYiohYRHyg6ENbsyO++/kyev3pa/7tjJF2LGJ068tbuOPdI0TECm6eXutbWkR6wnVWi6AiAYuSv9Mn1b75s1XuP2e1yEfwedulQ/wLw+Wxu5/yV/Neimu1T36Tr+71/jRiL7n0XPnPXV5MlNmkehmtbeiHSibrl9V9J58Zuzva7OyL2RcTHIuLjEXFPRNy7zrGf/kKS/z9+c7BP/rfW9eb/ExHRiIj7IuL+iHggIh5c59i3HU7yv/OLg33yXx63f67oCCjSb18qOgLS8//+Wm3Y+b+6zr991yrbe+m/Ky69Mdjn/F8eTz5VdAQU6fEDRUdAkb7zZtER8Mqh/sXc8tf/atw2sF/S/mD/UjH2JO/dI+LDEfGRiLgjIu6MiL35/UTX6SuPJvs3moN9y1//qxfXc3ys7NKhiEcG7u06P5D/zM0j2Vo9nQ+oV06cajX3R8T70jmh+g3J+sQKY3xt6VePDuv/8R1J/j/1eD7/lyzJ+PlcYBbHxdoNVz/u+HR3er3HTd+lFyJurw3LfyW7E6h/X18vIsbf5Rgv7vvJb4b1f/LJJP/3PLBy/tlMve/253GH5T9XWfn+zPH0fDCenxWWezFuPTes/4nLSf7f+IP8Fyep/9GV85+e/6/cr9tZ+xi18xe/MbR/Lsn/n3/5bs7/OypPpwHuyPqene525ycidlQeW94/ufaYt6v8+cifryT/++4e/vr//uwxyROaVPa/I+I/EfHPiPhXRFyOiHci4m8R8dYKY/7i5Yd/Pqx/6pkk/395Vf0XJ8n/8VXqv3JV/a+98e07D3552Ng/+F6S/9HG6vX/UBrMvqzH+7/VXW+Cio4TAAAAAAAAgI1RTb8Dr1JtXGlXq41G/zv8bo3Raqvd6d5/on329PHIPg9ar+Z3eu0euB90IvusaL4++T/rUxFxS0S8NHJTut441m4dL/rgoZxquyJe/+mXju3YeY36T7w2UnSYwGZI6v/Et0aWkvbb6hxKJan/H709l34uS/1Duah/KJvaO3lL/UN5qX8oL/UP5aX+obzUP5SX+ofyUv9QXoP1D5TTE4cPJ0sv/97P0+2ZU7Mnzxyc3N+YO3uscaw9f6Yx027PpJ/YmVv977Xa7TMTD8XZZ8e7zU53vLOweHSuffZ092j6vdFHm/UtOCZgdX//0+d/dsveV35fiYilh29Klxj47my1CtubS38or1rRAQCF8R4fqKyy/cZrbTiy8bEAW2O9/8c/8N517x7z/1BW5v+hvMz/Q3l5jw+Y/4fyMf8P5dWc7ywszk63WssaRUcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFBOnYXF2elWqzmvsfmNG7Mn/f8lHo3SN/4bAAD//x/0RNY=") (async)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x0, 0x80) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000300)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0x6}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0xe, 0x1}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48801}, 0x0) (async)
getdents64(r0, 0x0, 0x0)

2.722062403s ago: executing program 1 (id=5161):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=@newqdisc={0x60, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0xf}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x30, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}, [@TCA_NETEM_RATE={0x14, 0x6, {0x3, 0xffff, 0x9, 0x7}}]}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40088c1}, 0x4000080)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70b927, 0x25dfdc01, {0x0, 0x0, 0x0, r3, {0x0, 0x3}, {0xffff, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
r4 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r4, &(0x7f00000024c0)="bad330fbc9b50756000000000000", 0xe, 0x20040, &(0x7f00000001c0)={0x11, 0xf5, r3, 0x1, 0xd8, 0x6, @broadcast}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = semget(0x1, 0x4, 0x3be)
semop(r5, &(0x7f0000000080)=[{0x1, 0x8001, 0x1000}], 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
personality(0x500006)
semctl$SETALL(r5, 0x0, 0x11, &(0x7f0000000140))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5f}, 0x94)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x37b, &(0x7f0000001200)="$eJzs3U+IG1UcwPFfZrOzSUp3chBFQfZhEfQy7EbPYpAWhIBl24itIEy7Ew0ZkyUTViPi7p48Kt49CR5KbxY8FLRnYS/e9CKCt70IClZQR+ZfMklmmk3MbrD9fiDM5L33m3kv81J+k+7MHL/x6buthms2rJ5oBSU5EZH7ImXRJJaLllqwrot88t2g7kCeP/fbD09fuVYvhAXqUvXqCxWl1PrGN+99WIya3V2To/Jbx79Wfjl6/OjJ43+uvtN0VdNV7U5PWepG56eedcOx1U7TbZlKXXZsy7VVs+3a3bD+q2g7Tmd3t6+s9s750m7Xdl1ltfuqZfdVr6N63b6y3raabWWapjpfEkxTv7W9bVXnDL654M7glHS7VWtFRIoTNfVbS+kQAABYqvH8X/NT+mn5f8Ig/78u67XaxW3lNx7m/7efudc79/qd9Sj/v6un5f8v/hhuayT/908nhvl/Jzw/aEzP/z+XGfL/yYzo0TJ3/l8+hc5gPhv6RFFu5J2f/5ei72/g8M3bm8EK+T8AAAAAAAAAAAAAAAAAAAAAAP8H9z3P8DzPiJfxK7yEwDP8V/AeD6Ws478mIgV/Bngc/4fZlWvXpRBcuOcfY+fjvfpePVxGDe6JiCP23944f27EVx4pX1m+dfaj+P29+kpQU21I04+XLTGkHMynRLznXXq1dnFLhaL4wWVKpWR8RQx5LBn/dTA7/fjKaHy0f12eu5CIN8WQ729KRxzZCSKH+/9oS6lXXquNxReDdiLy85kfFAAAAAAAFsxUA6nn76aZVR/eZaTaCH4msmVTDPkr/fx+M/X8PG88lV/26AEAAAAAeDS4/Q9almh2N1hxnLSVomRWLWAlP1KyKiKpjfWxktXsLWvOSmKEJ+2PLuETTP7ruL6IP9VZouI/pPA7PqiKnqgiDwwvZA0wHn9Qkss/+3tU9ees48odSDABDpJVmpwgPD/e+Q2/QKU2vpC5ncNoIIOS+GcjPeNzlsuT29EeMBNWJ0q83HwT4InPvvxjcV+Ql+5EM+D96Y0PHdvbl5MclIn5kxa1eur/8AAAAAA4c8OkPy55OVmdfJBI8mE5/M89AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALNONtyfR5bo+Xvfe1sxwqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsHT/BgAA//+hG/S2")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r7, 0x0, 0x0)
sendfile(r7, r6, 0x0, 0x3ffff)

2.393875227s ago: executing program 0 (id=5163):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
close(r0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r1, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f00000000c0), 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r1, &(0x7f0000000080)="b1", 0xffc2, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

2.274366232s ago: executing program 0 (id=5164):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000003800)=@newtaction={0x488, 0x30, 0x12f, 0x0, 0x0, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x9, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0xffffffff, 0xfffffffd, 0x0, 0xfffffffe, 0xb84, 0x3, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x100, 0x0, 0x0, 0xc74, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, 0x9, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x100, 0x5, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x100, 0x0, 0x7, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffff002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffe, 0x0, 0xfffffffd, 0x0, 0x0, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x3, 0xffffffff, 0x0, 0x200, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0xfffffffc, 0x6, 0x0, 0x0, 0x0, 0xf, 0xf, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x1, 0x5, 0x1000000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5, 0xfffffffc, 0x0, 0x0, 0xfffffffc, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5, 0x0, 0x7, 0x0, 0xfffffffc, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0xffff, 0x0, 0x1, 0x9, 0x100, {0x4, 0x2, 0x7, 0x2, 0x8000, 0x3}, {0x8, 0x0, 0x7fff, 0x8, 0x1, 0x100}, 0x2, 0x10, 0xe723}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x1, 0x2}}}}]}]}, 0x488}}, 0xc0) (fail_nth: 10)

2.257047992s ago: executing program 2 (id=5165):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_udp(0x2, 0x2, 0x0)
syz_clone(0x28080000, &(0x7f0000000080)="ef16218b1553de42d16a5015de4e42f7998634ab4cb49f48c72a53fffb9f1697dd8a17db6460", 0x26, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="8f45e1aaa1bfa175088f3da2025ed7ba404b298b")
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000068000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c0011800a0001006c696d69740000001c0002800c00024000000000000000030c0001400000000200000101480000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000001c0003800c00008008000340000000020c0000800800034000000002"], 0xf8}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$inet_udp(0x2, 0x2, 0x0) (async)
syz_clone(0x28080000, &(0x7f0000000080)="ef16218b1553de42d16a5015de4e42f7998634ab4cb49f48c72a53fffb9f1697dd8a17db6460", 0x26, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="8f45e1aaa1bfa175088f3da2025ed7ba404b298b") (async)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000068000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c0011800a0001006c696d69740000001c0002800c00024000000000000000030c0001400000000200000101480000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000001c0003800c00008008000340000000020c0000800800034000000002"], 0xf8}}, 0x0) (async)

1.936229706s ago: executing program 2 (id=5166):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(r3)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)
recvmmsg(r7, &(0x7f0000005140)=[{{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000640)=""/216, 0xd8}, {&(0x7f00000052c0)=""/235, 0xeb}, {&(0x7f0000003080)=""/4096, 0x1000}], 0x3}, 0x3}], 0x1b00, 0x0, 0x0)

1.924664167s ago: executing program 0 (id=5168):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{r2}, &(0x7f00000005c0), &(0x7f0000000600)=r3}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)
recvmmsg(r7, &(0x7f0000005140)=[{{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000640)=""/216, 0xd8}, {&(0x7f00000052c0)=""/235, 0xeb}, {&(0x7f0000003080)=""/4096, 0x1000}], 0x3}, 0x3}], 0x1b00, 0x0, 0x0)

1.817381731s ago: executing program 3 (id=5169):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000007}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x2}, 0x18)
r1 = socket(0x2, 0x400000000002, 0x0)
bind(r1, &(0x7f0000000340)=@un=@abs={0x0, 0x0, 0x2}, 0x8)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_CLEAR_HALT(r2, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r5}, 0x10)
r6 = socket(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000f203010a140000000000000000000000000a000000000000c515499eae4f7c5c0700000000000000"], 0x28}}, 0x0)
recvmsg(r3, &(0x7f00000001c0)={&(0x7f0000000080)=@xdp, 0x80, &(0x7f0000000180)=[{&(0x7f0000000140)=""/53, 0x35}], 0x1, &(0x7f0000000380)=""/212, 0xd4}, 0x1)

1.805968132s ago: executing program 2 (id=5170):
syz_mount_image$vfat(&(0x7f0000001800), &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8, &(0x7f00000002c0)=ANY=[@ANYRES64], 0x4, 0x276, &(0x7f0000000a40)="$eJzs281OE18Yx/EfL3/gD8JUURSM8YludDOBegUNgcTYRIPU+JKYDDLVpkNLOg2mxgg7t14HcenOxHgDbLwCF+7YuGRhHNNOhRbGqAuZaL+fzXnI4deck+dMcxad3buv1srF0C16dfX3mQalLe1JGfVrQLG+9tjfqofUaUtXJ/MfL9y+d/9GLp9fWDJbzC1fy5rZxMV3T5+/vvS+PnbnzcTbYe1kHu5+zn7amdqZ3v26/KQUWim0SrVunq1Uq3VvJfBttRSWXbNbge+FvpUqoV/rmi8G1fX1hnmV1fHR9ZofhuZVGlb2G1avWr3WMO+xV6qY67o2Pir8TGF7acnLpb0K/Fm1Ws6blzRzZKawncqCAABAqrj/9zLu/72gef9/0H5+u3H/BwAAAAAAAAAAAAAAAAAAAADgb7AXRU4URc738T9Jw5Ki9t//SxqVNCbphKRxSROSHEkZSSclnZI0Kem0pDOSpiSdlXRO0nTHZ6W9VxyV1P8hSQP0vyf8qP88/72B/ve2jhd3R6S1lxuFjUI8xvO5okoK5GtWjr60etkW14vX8wuz1pLR+bXNdn5zozDQnZ+T0zwwSfm5OG/d+eHWudvPZ+U0D1hSPpuYH9GVyx15V44+PFJVgVZbZ/Ig/2LObP5m/lB+pvV//zrX9iX2z3W75+O3wZvzcf4Xzkc0m9ifQc0Mprt3SGHjWdkLAr9GQUFBsV+k/c2E43DQ9LRXAgAAAAAAAAAAAAAAAAD4Hcfxc8K09wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGHfAgAA//+iVF53")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
getsockname$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev}, &(0x7f0000000100)=0x20)
openat(0xffffffffffffff9c, &(0x7f0000000800)='./file2\x00', 0x125042, 0x144)
r1 = socket$kcm(0x29, 0x5, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x82881, 0x0)
ioctl$TCSETSW2(r2, 0x5434, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000004f40)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0xd0}}, {{0x0, 0x0, &(0x7f0000004400)}}, {{&(0x7f0000004940)={0x2, 0x4e20, @remote}, 0x10, &(0x7f0000005080)}}], 0x3, 0xf884c60699f8bd98)
close(r1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000900)='kfree\x00', r3}, 0x18)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x6, 0x2, 0x3, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xd}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r4}, 0x18)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', 0x0, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, 0x0)
mknod$loop(0x0, 0x100000000000600d, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x2, &(0x7f0000000340)=[{0x6, 0xfd, 0x0, 0x1}, {0x3, 0x9, 0xfc, 0x4}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
futex(0x0, 0x5, 0xf2, 0x0, 0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r7=>0x0}, 0x0)
setresuid(0x0, r7, 0x0)
syz_clone3(&(0x7f0000000d00)={0x10000000, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0, 0x0, {r5}}, 0x58)
sendmsg$DEVLINK_CMD_PORT_SET(0xffffffffffffffff, 0x0, 0x40020)

1.761678044s ago: executing program 0 (id=5172):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000d40)=ANY=[@ANYBLOB="180000000000e3ff000000000000000018110000", @ANYRES32=r0, @ANYRES32], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
setgroups(0x0, 0x0)
semget$private(0x0, 0x5, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x248, &(0x7f0000000400)={[{@dax_always}, {@jqfmt_vfsold}, {@data_err_abort}, {@usrquota}, {@dax_never}]}, 0xfd, 0x4a0, &(0x7f0000000e00)="$eJzs3MtrXNUfAPDvnZkkfSe//uqjtdpoFYuPpEmrFhR8gOBCQdBFXUlM0lKbNtJEsCXYKKVuBC24F8GN4F/gypWoK8Gt7qVQpJtWVyM3c+90kszk0Ztkms7nAzdzzsy5c873Ps89d24C6Fj96Z8kYkdE/BERvRFRaiywtTal5W5enxn95/rMaBLV6lt/J+lsceP6zGheNMlet9cylfSLSpeSeKlJvVPnL5wemZgYP5flB6fPfDA4df7C06fOjJwcPzl+dvjYsaNHhp57dviZNYkzbdONfR9P7t/72jtX3hg9fuW9X75PGhrdGEdBz/fWkzP1ZbLQY2tU2Z1iZ0M6qbSxIaxKT0Skq6trbv/vjfKlXfXPeuPVT9vaOGBdVavV6nDrj2erwF0siXa3AGiP/ESfXv/m0wZ1Pe4I116uXQClcd/Mptonldo4SE/t2mjnOtXfHxHHZ//9Op1i1eMQXevUKgDgbvZj2v95qkn/rxJxb0O5Xdm9ob6I+F9E7I6I/0fEnoi4J2pl74uI+5tX0/9ui/r7F+QX939KVwuEt6y0//dCdm9rfv+vfhesr5zlds7F35WcODUxfjhbJoeiqyfNDzX99iRiNn39/YtW9Tf2/9IprT/vC2btuFrpmT/P2Mj0SOHAM9c+idhXaRZ/EpVbUcTeiNh3m3WceuK7/fPfKddTy8e/hDW4z1T9JuLx2vqfjQXx55Kl708ObomJ8cOD+Vax2K+/XX6zVf21+EuxdPxbiwfaQrr+tzXb/l+sx9+XNN6vnVr0Fd3L1XH5z89aXtPcWv8RW+beWdn23528Pa/yj0amp88NRXQnry9+v2GAO8/n5dP4Dx1svv/vzuZJ438gItKN+MGIeCgiDmRtfzgiHomIg0vE//Mrj77fMv4DBbb/NZDGP9b0+Ndq/a8+UT790w+t6l/Z8e9onplr1EqOfyttYJFlBwAAAJtFKSJ2RFIaqKdLpYGB2u/l98S20sTk1PSTJyY/PDtWe0agL7pK+UhXb8N46FA2Npznh7P8xSx/JBs3/qq8dS4/MDo5Mdbu4KHDbW+x/6f+KjeZYf2GooF28LwWdK7V7//L3vMFNonbP//rOcBmt8xeXNqodgAbz1kcOlez/f9iYyaJ2q/kgbuO8z90rvr+/+UKCjcM/S98eBPYfJY6/1d7N7AhwIbT/4eOVOS5/jwRUWj2Yon4NmLpMkl7GlYw8XmR2Ssb0MIotXH5dLdlpQyX27qpV1b6Xy3ifPVi4UrbfWQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYG/8FAAD//64O3bE=")
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$kcm(0x2d, 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000340)='attr/sockcreate\x00')
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, &(0x7f0000000340)={r3})
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)
syz_usb_connect(0x2, 0xfffffffffffffe86, 0x0, 0x0)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f00000002c0)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000040)='westwood', 0x8)
sendto$inet(r5, 0x0, 0x0, 0x12, 0x0, 0x0)
recvfrom$inet(r5, &(0x7f0000000100)=""/24, 0xfffffffffffffd5b, 0xc9100120, 0x0, 0xfffffffffffffd25)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="d8000000210081044e81f782db44b90402000000008000000000150010001400259070f409000d2000000a000e4006000000036010fab94dcf5c0468c1d67f6f94007134cf6ee05e6756cfb39b0590b4800089e408e8d8ef52b49816277cf4090000001fb791643a5e08001b14d6d930dfe1d9db22fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db701000000eafad95667e006dcdf969b3ef35ce3bb9ad809d561cace81ed0bffece0b42a9ecbee5de6cce50dd6e4edef3d939acd92954b43370e970100"/216, 0xd8}], 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2, 0x0, 0x6}, 0x18)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x511a01, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000049f789c050f00000010000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0), 0xc)

1.720726516s ago: executing program 2 (id=5173):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c000000020000000000000002000084ffffffff000000000300000000000000000000000200000000000000000000000000000a03000000000000000000001302"], 0x0, 0x56}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x3, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x4, 0x138, 0x0, 0x1040, r1, 0x80000000, '\x00', 0x0, r0, 0x2, 0x3, 0x5, 0x3}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x5, &(0x7f0000000200)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[r2]}, 0x94)
r3 = getpid()
fcntl$lock(r1, 0x21, &(0x7f0000000200)={0x2, 0x1, 0x8d, 0x4})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r5, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r3}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)

1.717533396s ago: executing program 1 (id=5175):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x11e)
renameat2(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file0\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='kfree\x00', r0, 0x0, 0x4804}, 0x18)
symlinkat(&(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
lgetxattr(&(0x7f0000004040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', &(0x7f0000000080)=ANY=[@ANYBLOB='suri'], 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
unshare(0x64000600)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x5, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000003, 0x20000000ec072, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], 0x0, 0x6, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0xffffffffffffffff}, 0x18)
setxattr$incfs_id(&(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000140), &(0x7f00000001c0)={'0000000000000000000000000000000', 0x33}, 0x20, 0x0)
umount2(&(0x7f00000002c0)='./file0/../file0\x00', 0x0)

1.501645755s ago: executing program 1 (id=5176):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', '#\x00'}, 0x28)
writev(r2, &(0x7f0000000740)=[{&(0x7f0000005240)='X', 0x1}, {0x0}], 0x2)
sendto(r2, &(0x7f00000007c0)="9a268543a64a00d0b03408ee1cfd288ed275999fae8678bfb59d5c62fc9117ccb01fdcdf490da553e77887765613bba98620b6bde8b372cb7e465b8fb54a8ca6f4538afdbbf402296940e5574b3e233e43f57c184dd2d5ba054a2de3fdc8508f70a91f2bc079d19155c95cfec0622c2560e810f6d260378c0396f69b42f08a293ef0d783abb80c8325311c40ccb163955f549e4a1f8380daeb3fa6ed79c9ade54c948247a5593245446f26711971129fda8ae243eda0218329129f55b8b5a420f911adba9319971b15b3559546e2c36cfe76f5d4bbcdfbd5c3837dc538c0aba88799f53b230b91", 0xe7, 0x40, &(0x7f00000008c0)=@pppoe={0x18, 0x0, {0x3, @multicast, 'batadv0\x00'}}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x18)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="18010000fcff0000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r3, 0x0, 0x401}, 0x11)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYRESHEX=r3, @ANYRES32=0x0], 0x50)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000600)={'wg2\x00', <r4=>0x0})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x1f, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@alu={0x1241b5d141ef3bb9, 0x1, 0x1, 0x8, 0xa, 0x30, 0xffffffffffffffff}, @func={0x85, 0x0, 0x1, 0x0, 0x2}, @alu={0x7, 0x0, 0x4, 0x2, 0x2, 0x80, 0x4}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000780)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', r4, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x18)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kmem_cache_free\x00', r7}, 0x18)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$tipc(r8, &(0x7f0000004440)={&(0x7f0000000ec0)=@name={0x1e, 0x2, 0x3, {{0x2}, 0x2}}, 0x10, 0x0}, 0x0)
unshare(0x22020400)
syz_clone(0x6a26800, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
perf_event_open(&(0x7f0000001100)={0x5, 0x80, 0x19, 0xa, 0xb, 0xfb, 0x0, 0x3c, 0xc002, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x11ac4b, 0x0, 0x7fffffff, 0x7, 0x9, 0x41, 0x7, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)
fsmount(0xffffffffffffffff, 0x0, 0x0)
lstat(0x0, 0x0)

1.500848985s ago: executing program 1 (id=5177):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000180)=[@in6={0xa, 0x4e24, 0x4, @loopback}], 0x1c)
sendto$inet6(r2, &(0x7f0000000080)="ac", 0xfffd, 0x44004, &(0x7f0000000100)={0xa, 0x4e24, 0x8, @loopback, 0xc5f}, 0x1c)
r3 = socket$netlink(0x10, 0x3, 0x4)
writev(r3, &(0x7f0000000080)=[{&(0x7f0000000000)="480000001400190d09004beafd0d36020a8429000b4e230f00000000a2bc5603ca00000f7f89004e002050da742dac0000000101ff05020003000200000000000100000000005839", 0x48}], 0x1)
syz_clone(0xf5982500, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x50)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f0000000200)=@id={0x1e, 0x3, 0x1, {0x4e21, 0x3}}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x10, 0xc, &(0x7f0000000600)=ANY=[@ANYRES32=r6, @ANYRES16=r6, @ANYRESDEC=r5], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x18)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000000c0)="010001000000000000001000015b097ead85847817353d2dbad05d", 0x1b, 0xfffffffffffffffd)
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="3800000003140100c68f7bec9aff06860900020073796232000000000800410073697700140033006272696467653000"], 0x38}, 0x1, 0x0, 0x0, 0x44805}, 0x50)
syz_usbip_server_init(0x6)
bind$tipc(r4, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x20000003}}}, 0x10)
bind$tipc(r4, &(0x7f0000000300)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10)
bind$tipc(r5, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x3, 0x3}}, 0x10)
bind$tipc(r4, 0x0, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x46, &(0x7f00000002c0)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000002c0)='xdp_exception\x00', r9}, 0x18)
r10 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r10, 0x84, 0x7d, &(0x7f0000000340)={0xa, 0x77, 0x6, 0x10, 0x39c1, 0x4, 0x4}, &(0x7f0000000840)=0xd)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})

1.327366493s ago: executing program 2 (id=5180):
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x81, 0x5, 0x0)
set_mempolicy_home_node(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0xa2f01, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000480)={0xa, 0x0, 0x0, @loopback}, 0x1c) (async)
connect$inet6(r0, &(0x7f0000000480)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000100), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_256={{0x303}, "3d8b00", "eb8e7ba12faf3700", "8000", "c16cb41f00bd22fc"}, 0x38)
sendto$inet6(r0, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137) (async)
sendto$inet6(r0, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', '#\x00'}, 0x28)
writev(r1, &(0x7f0000000740)=[{&(0x7f00000002c0)="589224d2c334c1f63d8a621843f389412830dbab71374ae05f97e6e70c4963661dfdab277efd0f190d8751d9d425965e353e53940b202700ca7397ce47d12c2f1442b0af79f7afbc60261390920f78d8f8798aa12e3305b6400000020000000077148704b6cbfbb42d3228e32f061093a3e22906aed35e4407f6f2384f03957aa93423e7c21735d372423f3f1cc868b904373f127f13c5d68b907c74fdcc8d105e2e2538000000", 0xfeb7}], 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]}) (async)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=ANY=[@ANYBLOB="380000001000030428b57000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="a10000001000000008000500", @ANYRES32=r4, @ANYBLOB="08000500", @ANYRES32=r4, @ANYBLOB="0a200200", @ANYRES32=r4, @ANYBLOB], 0x38}, 0x1, 0xba01, 0x0, 0x4004}, 0x810)
ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x1) (async)
ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x1)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) (async)
r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
r6 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f8b)
ioctl$BLKTRACESETUP(r6, 0xc0481273, &(0x7f0000000000)={'\x00', 0xc, 0x2, 0x803fd, 0x1, 0x800}) (async)
ioctl$BLKTRACESETUP(r6, 0xc0481273, &(0x7f0000000000)={'\x00', 0xc, 0x2, 0x803fd, 0x1, 0x800})
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$UHID_CREATE2(r7, &(0x7f0000000180)=ANY=[], 0x118)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x9, '\x00', r4, 0xffffffffffffffff, 0x5, 0x3}, 0x50) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x9, '\x00', r4, 0xffffffffffffffff, 0x5, 0x3}, 0x50)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x100000d, 0x12, r7, 0x0)
sendmsg$nl_route_sched_retired(r6, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000600)=@newtclass={0x960, 0x28, 0x200, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x10, 0xfff2}, {0xb, 0xfff1}, {0x0, 0x5}}, [@c_cbq={{0x8}, {0x480, 0x2, [@TCA_CBQ_FOPT={0x10, 0x3, {{0xd, 0xfff1}, 0x2, 0x2}}, @TCA_CBQ_LSSOPT={0x18, 0x1, {0x6, 0x3, 0x4, 0x4, 0x4, 0x7, 0x1000, 0x73abb306}}, @TCA_CBQ_RATE={0x10, 0x5, {0x1, 0x0, 0x7ff, 0xf, 0x7, 0x7}}, @TCA_CBQ_RATE={0x10, 0x5, {0x7, 0x1, 0x872f, 0x6, 0x4, 0x3}}, @TCA_CBQ_FOPT={0x10, 0x3, {{0x6, 0xc}, 0x7b, 0x5}}, @TCA_CBQ_RATE={0x10, 0x5, {0xb, 0x1, 0x6, 0x9, 0x3}}, @TCA_CBQ_RTAB={0x404, 0x6, [0x7, 0x9, 0x7fff, 0x6, 0x3ff, 0x1ff, 0x7, 0x9, 0x8, 0x8, 0xd3, 0x4, 0x8, 0xfffffffb, 0xfffffff1, 0x1, 0x451, 0xd6cd, 0x9, 0x12a, 0x7fffffff, 0xfffffffa, 0x800, 0x46, 0x95d, 0x4, 0x9, 0x0, 0x3, 0xc, 0x184, 0x3, 0x2000000, 0x6, 0xfffffffe, 0xa1ca, 0x7, 0x40, 0xe10b, 0xa4a, 0x0, 0x9cd4, 0x4, 0x2cc, 0x8005, 0xd, 0x8, 0x6, 0x2, 0x9, 0x29, 0x8001, 0x6, 0xd209, 0x3, 0x10, 0x7, 0x6, 0x1, 0x7ff, 0x8, 0x5, 0x3, 0x7f, 0x4, 0xfb18, 0x0, 0x7fffffff, 0xae4e6400, 0x1, 0x3, 0x4, 0x6, 0x3, 0x5, 0xb, 0x4, 0xc5, 0x5, 0x3, 0xbb9, 0x404, 0x0, 0xea, 0x5, 0x9, 0x3, 0x5, 0xffff, 0x1, 0x8, 0x6, 0x1, 0x2, 0x2, 0xfffffff8, 0x3, 0x8, 0x3, 0x8, 0xea, 0x4, 0x6, 0x2, 0x2, 0x1, 0x322b, 0x0, 0x10001, 0xd, 0x8, 0x5, 0xff, 0xcf9, 0xd, 0x80, 0x5, 0x200, 0x0, 0x80, 0x6, 0x6, 0xfffffff7, 0x9, 0x4, 0xfffffffc, 0xf, 0x5, 0x0, 0x6, 0x4, 0xa, 0x7, 0x3b, 0x80, 0x1a3150ac, 0x6, 0x0, 0xf, 0x6, 0x5, 0x9, 0x9, 0x2, 0xfffffffe, 0x8, 0xfffffffe, 0x80000000, 0x1, 0xecc, 0x7, 0x4, 0x2, 0x1, 0x8, 0x1, 0x10000, 0x0, 0x101, 0x75, 0x10, 0x7, 0x8, 0x7, 0x8, 0x4, 0x4, 0x7, 0x9, 0x800, 0xfffffffc, 0xc, 0x83, 0x81, 0xb, 0x9, 0x80000001, 0x10001, 0x7, 0x1, 0x7, 0x8, 0x3ff, 0x3, 0x5, 0x3, 0x7, 0x7, 0xd3d2, 0x1, 0xffff7fff, 0x81, 0xdd6000, 0xf2, 0x3, 0x6, 0xffffffff, 0x3, 0x1, 0x1f2e, 0x1, 0x0, 0xfffffffb, 0x7, 0x4, 0xce, 0x4, 0x5, 0x2, 0xaf2, 0x6, 0x10000, 0x79528b3c, 0x3, 0x6, 0x4, 0x5, 0x7, 0x4, 0x7, 0x80, 0x18, 0xf61, 0xc1f, 0x5, 0x2, 0x401, 0x2, 0x6, 0x7, 0x7, 0x0, 0x9, 0x9, 0x560000, 0xe7, 0x1, 0x7, 0x9, 0x3, 0xfffffff4, 0x1, 0x0, 0xa, 0x4, 0x42f, 0x4, 0x8, 0x3, 0x4, 0x2, 0xb40, 0x5, 0xffffffff, 0x6, 0x6]}, @TCA_CBQ_RATE={0x10, 0x5, {0x9, 0x0, 0x94e2, 0x9, 0x8, 0xffff8001}}]}}, @c_cbq={{0x8}, {0x428, 0x2, [@TCA_CBQ_FOPT={0x10, 0x3, {{0xfff1, 0x1}, 0x6fe0, 0xf}}, @TCA_CBQ_RTAB={0x404, 0x6, [0x6cfe, 0x4, 0xfffffffd, 0x8, 0x6, 0x4, 0x8000, 0x85f, 0xb0, 0x9670, 0x5, 0x7, 0x5, 0x0, 0xe95d, 0x43, 0xffff9122, 0x2, 0x2, 0x7, 0x1, 0x1c00000, 0x1, 0x4, 0x1, 0x8, 0x7, 0xd5, 0x9, 0x7fff, 0xfffffffe, 0xe, 0x9, 0x6247, 0x0, 0x3ff, 0x8, 0x1, 0x4, 0x3ff, 0xfffffff8, 0x9, 0x200, 0x28, 0x934e, 0x9, 0x200, 0x4, 0x3ff, 0xcb, 0x0, 0x4, 0x10001, 0x5, 0x3ff, 0x400, 0x7, 0x7f, 0x3, 0x8, 0x7, 0x9, 0x4, 0x3, 0x2, 0x101, 0x3, 0x14, 0x7, 0xb4c, 0xffffffff, 0xb, 0x1, 0xc1b7, 0x6, 0x401, 0x8, 0x613, 0x100, 0x7, 0x81, 0x3, 0x7f, 0x5, 0xffffffff, 0x6, 0x8, 0x89d7, 0xfff, 0xa687, 0x6, 0x2, 0x4, 0x9, 0x1000, 0x7, 0x4, 0x9, 0x4, 0x3ff, 0x7, 0x0, 0x0, 0xb, 0x84, 0x7, 0x800, 0x1, 0x4, 0x1ff, 0x7fff, 0x0, 0x9, 0x10001, 0x2, 0x0, 0x3, 0x7, 0x4, 0x8, 0x4fd1, 0x8, 0x4, 0xfff, 0x7, 0x3, 0x40, 0x8, 0xaf, 0x7fffffff, 0x3, 0x200, 0xfffffffd, 0x8, 0x7, 0x7, 0x5, 0x7, 0x3, 0xc0000, 0x4, 0xffffffff, 0x10, 0x2, 0x8000, 0x6, 0xab, 0x7, 0x0, 0x3, 0x4, 0x5, 0xc434, 0x620, 0x0, 0x1, 0x2, 0x4, 0x604, 0xa7a, 0x7, 0xe62, 0x1d31213, 0x6, 0x4, 0x1, 0xf8, 0xfffffffe, 0x10000, 0xbd2, 0xfffffff9, 0x2, 0x7f, 0x9, 0x77ec0000, 0x4, 0xf, 0x6, 0x8001, 0x9, 0x0, 0x6, 0x8, 0xfffffff9, 0x0, 0x7, 0x7f3b, 0x7, 0x1, 0x200, 0x4, 0x16d0000, 0x2, 0x209, 0x8000, 0x401, 0xfffffffe, 0x1, 0x1ff, 0x125d, 0x3, 0xe, 0x9d, 0xfff, 0x4, 0x9027, 0x1, 0x2, 0xc102, 0x1, 0x4, 0x741, 0x4, 0x9, 0x7, 0x10000, 0x5, 0x7f, 0x9, 0x9, 0xfff, 0x200, 0x0, 0x10, 0x101, 0xa9, 0x8, 0x9, 0x38, 0x170, 0x8, 0x4, 0xfffffffa, 0x1, 0x800, 0x2, 0xf5, 0x9, 0x5, 0x9, 0x4, 0x7, 0x1, 0x9, 0x3, 0x948c, 0x81, 0x7, 0x8fc, 0x8001, 0x8001, 0x5, 0x3d4, 0x400, 0x7, 0x80000001]}, @TCA_CBQ_RATE={0x10, 0x5, {0x5, 0x0, 0xff, 0x3, 0x0, 0x800}}]}}, @c_atm={{0x8}, {0x7c, 0x2, [@TCA_ATM_FD={0x8, 0x1, r3}, @TCA_ATM_EXCESS={0x8, 0x4, {0x10, 0x2}}, @TCA_ATM_FD={0x8, 0x1, r5}, @TCA_ATM_HDR={0x32, 0x3, "1fadae3d7ce3dd830602cbe298eed7950ec9cfa736ab0927c6db1d008cc8834b21de386fd841bd2a83e521d0efca"}, @TCA_ATM_FD={0x8, 0x1, r3}, @TCA_ATM_HDR={0x12, 0x3, "97bc2bf7fc81a2cd467ddcc0d3f6"}, @TCA_ATM_EXCESS={0x8, 0x4, {0xf920c17fe7d07652, 0x2}}, @TCA_ATM_FD={0x8, 0x1, r7}]}}]}, 0x960}, 0x1, 0x0, 0x0, 0x20040800}, 0xa894) (async)
sendmsg$nl_route_sched_retired(r6, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000600)=@newtclass={0x960, 0x28, 0x200, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x10, 0xfff2}, {0xb, 0xfff1}, {0x0, 0x5}}, [@c_cbq={{0x8}, {0x480, 0x2, [@TCA_CBQ_FOPT={0x10, 0x3, {{0xd, 0xfff1}, 0x2, 0x2}}, @TCA_CBQ_LSSOPT={0x18, 0x1, {0x6, 0x3, 0x4, 0x4, 0x4, 0x7, 0x1000, 0x73abb306}}, @TCA_CBQ_RATE={0x10, 0x5, {0x1, 0x0, 0x7ff, 0xf, 0x7, 0x7}}, @TCA_CBQ_RATE={0x10, 0x5, {0x7, 0x1, 0x872f, 0x6, 0x4, 0x3}}, @TCA_CBQ_FOPT={0x10, 0x3, {{0x6, 0xc}, 0x7b, 0x5}}, @TCA_CBQ_RATE={0x10, 0x5, {0xb, 0x1, 0x6, 0x9, 0x3}}, @TCA_CBQ_RTAB={0x404, 0x6, [0x7, 0x9, 0x7fff, 0x6, 0x3ff, 0x1ff, 0x7, 0x9, 0x8, 0x8, 0xd3, 0x4, 0x8, 0xfffffffb, 0xfffffff1, 0x1, 0x451, 0xd6cd, 0x9, 0x12a, 0x7fffffff, 0xfffffffa, 0x800, 0x46, 0x95d, 0x4, 0x9, 0x0, 0x3, 0xc, 0x184, 0x3, 0x2000000, 0x6, 0xfffffffe, 0xa1ca, 0x7, 0x40, 0xe10b, 0xa4a, 0x0, 0x9cd4, 0x4, 0x2cc, 0x8005, 0xd, 0x8, 0x6, 0x2, 0x9, 0x29, 0x8001, 0x6, 0xd209, 0x3, 0x10, 0x7, 0x6, 0x1, 0x7ff, 0x8, 0x5, 0x3, 0x7f, 0x4, 0xfb18, 0x0, 0x7fffffff, 0xae4e6400, 0x1, 0x3, 0x4, 0x6, 0x3, 0x5, 0xb, 0x4, 0xc5, 0x5, 0x3, 0xbb9, 0x404, 0x0, 0xea, 0x5, 0x9, 0x3, 0x5, 0xffff, 0x1, 0x8, 0x6, 0x1, 0x2, 0x2, 0xfffffff8, 0x3, 0x8, 0x3, 0x8, 0xea, 0x4, 0x6, 0x2, 0x2, 0x1, 0x322b, 0x0, 0x10001, 0xd, 0x8, 0x5, 0xff, 0xcf9, 0xd, 0x80, 0x5, 0x200, 0x0, 0x80, 0x6, 0x6, 0xfffffff7, 0x9, 0x4, 0xfffffffc, 0xf, 0x5, 0x0, 0x6, 0x4, 0xa, 0x7, 0x3b, 0x80, 0x1a3150ac, 0x6, 0x0, 0xf, 0x6, 0x5, 0x9, 0x9, 0x2, 0xfffffffe, 0x8, 0xfffffffe, 0x80000000, 0x1, 0xecc, 0x7, 0x4, 0x2, 0x1, 0x8, 0x1, 0x10000, 0x0, 0x101, 0x75, 0x10, 0x7, 0x8, 0x7, 0x8, 0x4, 0x4, 0x7, 0x9, 0x800, 0xfffffffc, 0xc, 0x83, 0x81, 0xb, 0x9, 0x80000001, 0x10001, 0x7, 0x1, 0x7, 0x8, 0x3ff, 0x3, 0x5, 0x3, 0x7, 0x7, 0xd3d2, 0x1, 0xffff7fff, 0x81, 0xdd6000, 0xf2, 0x3, 0x6, 0xffffffff, 0x3, 0x1, 0x1f2e, 0x1, 0x0, 0xfffffffb, 0x7, 0x4, 0xce, 0x4, 0x5, 0x2, 0xaf2, 0x6, 0x10000, 0x79528b3c, 0x3, 0x6, 0x4, 0x5, 0x7, 0x4, 0x7, 0x80, 0x18, 0xf61, 0xc1f, 0x5, 0x2, 0x401, 0x2, 0x6, 0x7, 0x7, 0x0, 0x9, 0x9, 0x560000, 0xe7, 0x1, 0x7, 0x9, 0x3, 0xfffffff4, 0x1, 0x0, 0xa, 0x4, 0x42f, 0x4, 0x8, 0x3, 0x4, 0x2, 0xb40, 0x5, 0xffffffff, 0x6, 0x6]}, @TCA_CBQ_RATE={0x10, 0x5, {0x9, 0x0, 0x94e2, 0x9, 0x8, 0xffff8001}}]}}, @c_cbq={{0x8}, {0x428, 0x2, [@TCA_CBQ_FOPT={0x10, 0x3, {{0xfff1, 0x1}, 0x6fe0, 0xf}}, @TCA_CBQ_RTAB={0x404, 0x6, [0x6cfe, 0x4, 0xfffffffd, 0x8, 0x6, 0x4, 0x8000, 0x85f, 0xb0, 0x9670, 0x5, 0x7, 0x5, 0x0, 0xe95d, 0x43, 0xffff9122, 0x2, 0x2, 0x7, 0x1, 0x1c00000, 0x1, 0x4, 0x1, 0x8, 0x7, 0xd5, 0x9, 0x7fff, 0xfffffffe, 0xe, 0x9, 0x6247, 0x0, 0x3ff, 0x8, 0x1, 0x4, 0x3ff, 0xfffffff8, 0x9, 0x200, 0x28, 0x934e, 0x9, 0x200, 0x4, 0x3ff, 0xcb, 0x0, 0x4, 0x10001, 0x5, 0x3ff, 0x400, 0x7, 0x7f, 0x3, 0x8, 0x7, 0x9, 0x4, 0x3, 0x2, 0x101, 0x3, 0x14, 0x7, 0xb4c, 0xffffffff, 0xb, 0x1, 0xc1b7, 0x6, 0x401, 0x8, 0x613, 0x100, 0x7, 0x81, 0x3, 0x7f, 0x5, 0xffffffff, 0x6, 0x8, 0x89d7, 0xfff, 0xa687, 0x6, 0x2, 0x4, 0x9, 0x1000, 0x7, 0x4, 0x9, 0x4, 0x3ff, 0x7, 0x0, 0x0, 0xb, 0x84, 0x7, 0x800, 0x1, 0x4, 0x1ff, 0x7fff, 0x0, 0x9, 0x10001, 0x2, 0x0, 0x3, 0x7, 0x4, 0x8, 0x4fd1, 0x8, 0x4, 0xfff, 0x7, 0x3, 0x40, 0x8, 0xaf, 0x7fffffff, 0x3, 0x200, 0xfffffffd, 0x8, 0x7, 0x7, 0x5, 0x7, 0x3, 0xc0000, 0x4, 0xffffffff, 0x10, 0x2, 0x8000, 0x6, 0xab, 0x7, 0x0, 0x3, 0x4, 0x5, 0xc434, 0x620, 0x0, 0x1, 0x2, 0x4, 0x604, 0xa7a, 0x7, 0xe62, 0x1d31213, 0x6, 0x4, 0x1, 0xf8, 0xfffffffe, 0x10000, 0xbd2, 0xfffffff9, 0x2, 0x7f, 0x9, 0x77ec0000, 0x4, 0xf, 0x6, 0x8001, 0x9, 0x0, 0x6, 0x8, 0xfffffff9, 0x0, 0x7, 0x7f3b, 0x7, 0x1, 0x200, 0x4, 0x16d0000, 0x2, 0x209, 0x8000, 0x401, 0xfffffffe, 0x1, 0x1ff, 0x125d, 0x3, 0xe, 0x9d, 0xfff, 0x4, 0x9027, 0x1, 0x2, 0xc102, 0x1, 0x4, 0x741, 0x4, 0x9, 0x7, 0x10000, 0x5, 0x7f, 0x9, 0x9, 0xfff, 0x200, 0x0, 0x10, 0x101, 0xa9, 0x8, 0x9, 0x38, 0x170, 0x8, 0x4, 0xfffffffa, 0x1, 0x800, 0x2, 0xf5, 0x9, 0x5, 0x9, 0x4, 0x7, 0x1, 0x9, 0x3, 0x948c, 0x81, 0x7, 0x8fc, 0x8001, 0x8001, 0x5, 0x3d4, 0x400, 0x7, 0x80000001]}, @TCA_CBQ_RATE={0x10, 0x5, {0x5, 0x0, 0xff, 0x3, 0x0, 0x800}}]}}, @c_atm={{0x8}, {0x7c, 0x2, [@TCA_ATM_FD={0x8, 0x1, r3}, @TCA_ATM_EXCESS={0x8, 0x4, {0x10, 0x2}}, @TCA_ATM_FD={0x8, 0x1, r5}, @TCA_ATM_HDR={0x32, 0x3, "1fadae3d7ce3dd830602cbe298eed7950ec9cfa736ab0927c6db1d008cc8834b21de386fd841bd2a83e521d0efca"}, @TCA_ATM_FD={0x8, 0x1, r3}, @TCA_ATM_HDR={0x12, 0x3, "97bc2bf7fc81a2cd467ddcc0d3f6"}, @TCA_ATM_EXCESS={0x8, 0x4, {0xf920c17fe7d07652, 0x2}}, @TCA_ATM_FD={0x8, 0x1, r7}]}}]}, 0x960}, 0x1, 0x0, 0x0, 0x20040800}, 0xa894)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r6, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, &(0x7f0000000f80)=""/4096, 0x1000, 0x1, &(0x7f0000000180)=""/174, 0xae}, &(0x7f0000000240)=0x40)

1.128897521s ago: executing program 2 (id=5181):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)

951.119909ms ago: executing program 3 (id=5182):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_DELRULE={0x38, 0x6, 0xa, 0x135cfb4307d517, 0x24, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x2}]}], {0x14}}, 0x60}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

920.71973ms ago: executing program 3 (id=5183):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{r2}, &(0x7f00000005c0), &(0x7f0000000600)=r3}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)
recvmmsg(r7, &(0x7f0000005140)=[{{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000640)=""/216, 0xd8}, {&(0x7f00000052c0)=""/235, 0xeb}, {&(0x7f0000003080)=""/4096, 0x1000}], 0x3}, 0x3}], 0x1b00, 0x0, 0x0)

740.160868ms ago: executing program 3 (id=5184):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) (async)
setpgid(0x0, 0x0)
r1 = syz_io_uring_setup(0x10e, &(0x7f0000001cc0)={0x0, 0xf07d, 0x400, 0x40000, 0x101}, &(0x7f0000000400)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x4004, @fd_index=0x1, 0x8, 0x0, 0x0, 0x1d}) (async)
io_uring_enter(r1, 0x8aa, 0x0, 0x0, 0x0, 0x0) (async)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180), 0x8) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r4, 0x0, 0x9}, 0x18) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000007000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)

652.684511ms ago: executing program 3 (id=5185):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=@newqdisc={0x60, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0xf}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x30, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}, [@TCA_NETEM_RATE={0x14, 0x6, {0x3, 0xffff, 0x9, 0x7}}]}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40088c1}, 0x4000080)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70b927, 0x25dfdc01, {0x0, 0x0, 0x0, r3, {0x0, 0x3}, {0xffff, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
r4 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r4, &(0x7f00000024c0)="bad330fbc9b50756000000000000", 0xe, 0x20040, &(0x7f00000001c0)={0x11, 0xf5, r3, 0x1, 0xd8, 0x6, @broadcast}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = semget(0x1, 0x4, 0x3be)
semop(r5, &(0x7f0000000080)=[{0x1, 0x8001, 0x1000}], 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
personality(0x500006)
semctl$SETALL(r5, 0x0, 0x11, &(0x7f0000000140))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5f}, 0x94)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x37b, &(0x7f0000001200)="$eJzs3U+IG1UcwPFfZrOzSUp3chBFQfZhEfQy7EbPYpAWhIBl24itIEy7Ew0ZkyUTViPi7p48Kt49CR5KbxY8FLRnYS/e9CKCt70IClZQR+ZfMklmmk3MbrD9fiDM5L33m3kv81J+k+7MHL/x6buthms2rJ5oBSU5EZH7ImXRJJaLllqwrot88t2g7kCeP/fbD09fuVYvhAXqUvXqCxWl1PrGN+99WIya3V2To/Jbx79Wfjl6/OjJ43+uvtN0VdNV7U5PWepG56eedcOx1U7TbZlKXXZsy7VVs+3a3bD+q2g7Tmd3t6+s9s750m7Xdl1ltfuqZfdVr6N63b6y3raabWWapjpfEkxTv7W9bVXnDL654M7glHS7VWtFRIoTNfVbS+kQAABYqvH8X/NT+mn5f8Ig/78u67XaxW3lNx7m/7efudc79/qd9Sj/v6un5f8v/hhuayT/908nhvl/Jzw/aEzP/z+XGfL/yYzo0TJ3/l8+hc5gPhv6RFFu5J2f/5ei72/g8M3bm8EK+T8AAAAAAAAAAAAAAAAAAAAAAP8H9z3P8DzPiJfxK7yEwDP8V/AeD6Ws478mIgV/Bngc/4fZlWvXpRBcuOcfY+fjvfpePVxGDe6JiCP23944f27EVx4pX1m+dfaj+P29+kpQU21I04+XLTGkHMynRLznXXq1dnFLhaL4wWVKpWR8RQx5LBn/dTA7/fjKaHy0f12eu5CIN8WQ729KRxzZCSKH+/9oS6lXXquNxReDdiLy85kfFAAAAAAAFsxUA6nn76aZVR/eZaTaCH4msmVTDPkr/fx+M/X8PG88lV/26AEAAAAAeDS4/Q9almh2N1hxnLSVomRWLWAlP1KyKiKpjfWxktXsLWvOSmKEJ+2PLuETTP7ruL6IP9VZouI/pPA7PqiKnqgiDwwvZA0wHn9Qkss/+3tU9ees48odSDABDpJVmpwgPD/e+Q2/QKU2vpC5ncNoIIOS+GcjPeNzlsuT29EeMBNWJ0q83HwT4InPvvxjcV+Ql+5EM+D96Y0PHdvbl5MclIn5kxa1eur/8AAAAAA4c8OkPy55OVmdfJBI8mE5/M89AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALNONtyfR5bo+Xvfe1sxwqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsHT/BgAA//+hG/S2")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r7, 0x0, 0x0)
sendfile(r7, r6, 0x0, 0x3ffff)

362.723325ms ago: executing program 4 (id=5186):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000700)="2e0000001000818807b62aa73f72cc9f0ba1f8483a0000005e120602000300000e000a0010000000028000001294", 0x2e}], 0x1}, 0x24000090) (fail_nth: 9)

283.561528ms ago: executing program 4 (id=5187):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000400)='signal_generate\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r2}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) (fail_nth: 1)

51.660108ms ago: executing program 4 (id=5188):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0900000004000000040000000c"], 0x50) (async)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
r2 = syz_open_pts(r1, 0x141601)
write(r2, &(0x7f0000000000), 0x0) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000850000000800000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000180)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%-5lx  \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000280)={r5}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000400008500000013000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) (async, rerun: 64)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) (async, rerun: 64)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000680)={'#! ', '.'}, 0x5) (async, rerun: 64)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f00000003c0)=[{0x200000000006, 0x8, 0x0, 0x7ffc0002}]}) (async, rerun: 64)
r7 = gettid()
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
rt_sigqueueinfo(r7, 0x21, &(0x7f0000000180)={0x33, 0x40000020, 0xfffffffb})
mmap$IORING_OFF_SQ_RING(&(0x7f0000003000/0x6000)=nil, 0x6000, 0x4, 0x88012, r6, 0x0) (async, rerun: 32)
perf_event_open(&(0x7f0000000a40)={0x8, 0x80, 0x0, 0x4, 0x0, 0x7, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x2, 0x0, 0x2, 0x0, 0x8000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) (rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x16, 0xe, &(0x7f0000002180)=ANY=[@ANYBLOB="b700000012edfffebfa3000000000000250a000028feffff6203f0fff8ffffff61a4f0ff000000007c0400000000000077000000000000002604000001ed0a00550a020017ffff17bf400000000000007b1a00fe000000001d04000000000000c60000000000000095000000000000000f3bc065b7a379d17cf9333379fc9e84af69002435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91082050e420fe275d0002000001b6482a0800000098efefb202ee010400006e7a1d03001f379cbf01de00b1b564fef3bef7d90692a4380548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc4b6cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff0f2ce39da8db04acd00009fbe4b61a615c6c57ac21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf28bf6d8e8afcb913466aaa7f6df70252e791665858fcd0e06dd31a76e42f2460d0b11008e59a5923906f88b53987ad1714d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7296e37c4f46010400000000c3d829faf75ddd1aa96960bca97af13382cb881cc1f62c0f8f8f0e8d76b85d9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1ba7ec6667e699fdc9a1f5a7b3caae05f13792292cbb49b3aab06b1e042ff2164d80c605532908ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c1e3fcd7071b53ac29df826f8ae6d6e18c1eac7e9bb5a05d8edf808df932c19e22ce67f1231bd236486727d970acc546087acbf30f2f8165b47ba56dfadd14b308008931485747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000400000000001800010300000000000000407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668238e85c79eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c0230ddfc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885f69754932609f19e2f615a01cb6d17fbf5cb539403cb057253472f054d5514ad8264f7b029b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f33400047445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8288e5aab6fec586d52386e8c07a88c88e8faee0beac08dfb8d3682ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3816953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347932a4bac694cd5fe9d145906d410f58f1951405d10504efe402cae085afef5dbd616e87ddbd239e4a50d7eb8e327fb5db12cbd6a9efe8e671c4f251cabdfe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f024f8da775f71150212b84fc0456351e096f1e7e6133ae14d1429cd4905dabb52e43af0065acf97b49512d1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa232c54226e24b6c38e70380bb2f57e8767dc811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed6caf0f467b6bbf3aa4371f5e76ab3f60afea80bb066aafb9517f787b0900278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f8089322d84ac523040d13e1f1300c2c6555bce60d95dd3288e5343571a95b12aec06a9f581ea97c3f03add23f14c8db5555c62de4f626483632a2ab549000ccd3a3477f88dd6e66bbb6a8083432a94081f72ed7fec73a0271a19ca3aa860aa4dcaeeb9bd91a0cb429efae2a5fcc08b3a572969bbe91c921ac1476027772c87d1767e38ba49e3e57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c827e0df6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007f00a292dd3b856faa4b7e66e1b64505f65900662201ae21ef164437f7ecf8ed9a22da26ae804bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2bd16adae02c821b62428902aad499825ab85a348638384cd1f8bb72b3e5250b0d0a20b4e2a2328d53b5cfe56557a129e6be231acf5f57995c60d9fca5f63a0dfd18054717719ca77a4e0a97c1c6ca791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65246fec3c34e2de044cdaa70b8a67b33fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2ccb1deee15b5d7d3e37e8b7d28921c4b9280979521173f322df408d9818b6cc400098abb869921911480a876fbba69060000008b4264eb6f5137bdaa075f1488d22230592a7900000000000037c8986c1c19100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b8697741ec03877afb5237ea1694addebc14c3ae49f88c462aa2050acf2d9a97d3be29a5614d1eba2c98cf0236401e029a210fa9274d4ad7c445e50f76419ab4f78f67a09e63dd4faa2e7b19399f055f2fa278783fefb0a5ef0b41e14a6fe6ba306206670b84894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e228cca07bab4770b4185de44db6bf21fef32a8d5b36d9016238fee012365f963b2a85e7d8075c333475b9f0284405e3127dde7e41285fbe0bdd37220e31d4731614a50c16c6a417442ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffeac350a5c554a387de4ee7aac6478dd82bef044a6d33c789d566c90c46ad581ac62f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119dcf5bdad938bdc527594a6c17aa9728af24e2bb7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8a9d3374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f9b180010000000000000c89f3fb2f951ae81d7fcc8bc0400000000000000000000000000000000009231feef311734493c9fd999c728e3e21bb4f2bafbcd197c7963c2ba910969f776c8b2ea3970f358107945d9e74e9bdfa58e80b65a9201bc4b730500df5a0100363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21d24fe6d953ed9438cad0f8dfe038c8348bcdd40a1792be952c17f56e5e2f73019352f1fb6822a99f933ee220d5233fa20595aa5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd957729d63dc1bfc7b772cb000000af22a16e19d1b5f52abb40b433983d0cf50234de659c1a397ce90146b444338c1f7a2e991888d64e861583f0e0022121248465d37e7c386f8c614dff95defb464172998a684e21ca960897c32a127453ffffffffffffffffbcfcd7e27e37ea9c80a5b073208d29f2e4ce9438bc39300bbcc27a457296cc27f224ef4ced0773ed6bdbe4c8965d7002fa8b4c1b11f3c5e74ecedeaf4221f17448241500000000b52ee61d77b0d5adb1ca7ab9c34e7d72738309da56d5fc96acb119283c534cd5b0429d3e923c4aba0000000000000000000000f30000c54e3614c328e472bbcab5010973f6887d602bbf2f090c8ca87e58621ed208b2c48e38d86b017657daa0371e96dee683d0ce64485c47d89b363dc2b5e3dc998181c150f1f963c52b8750d947448d29bfd944d350b83c2919b1eff72072a9e1e615f5ddd8cab9459689cf259acb61a73cfeffffffffffffff4a354904909e15a68b999a8b5e5f08fcdf295e6fb68fdba28e3c6f566246416b4cf698b6fc5e9e39eb4e15e2f74e76d40e8646f0bb5395c8e31f92ccb73ff45b2bef72b2ab4306708e8e2df01ee6eb2c61bca7a1c820b821e35ac210caa0e676ff182644678bf7c8fe554cf5b32c283b226b398e977d8455971bfa42bb733cd63123255acb793b35582ae61ca8834e9d6f0fd2c57a82c89bd2e6f8d3504135854c36179dc71eeeb7b89d697abe74bb0accb12cdb4e2b4666f0ab74f0bbec4deaf1ae8fb2f2666ca202a1547d3642046e3397617c3bc8c85616e1d0d45b08e5eea4962141ffcaadfeec7e7dda146b36e4f681e8318069e821dcbe9dd41c4fcf025402e38ad8dc5c9fb7329e3719ba226d58afbf1ab306a7b57740085a0df4a07346b75ba21f9513b269657b0483a4e7530db07e5b1354920153227389487b53b661033ff2c10ef982eeb7dafb460104ae0c779c521bfa7f9daf3d7085d7d80f279227aa4e8dbf672e0000000000000000000000000000000071b96aa2dcb74da616702edf6139d0ece1a10dc80bb31916cf3347e764a33fddeb5aba6e332a82117b7d3aa656455af4ed9fcc560645168173547a9d6efa2d167290c0e63e7b80a186cb34c18b422782ee5ec268c283231507ab4409442f5c125d97aae5a4c2960aab0c16ef54966d295f7e8db38d6e8200000000000000000000000024fbdc9c129b0861e0639f8237ee9b7ce67b1d4c786dad3685dc1c7cbf7a096dfa475303b606c5fc9e769122f41402b5976cf221af47eb9ceb279a08d8e084f4f808ad2ec841f86070eee32a4b4fbdc77f06fcdb3941aac633882c264a27e8784a9cc704939132e428317b68e80f805dbc19d6e09f1adb4fb706c5a280b1958800ef630517347fa2076a28081cca208a182efa4dbf9e7e6474ced53c36eefd000000000000000000000000000000000000000041bb141a12605fd0fe2534690caa2473d671911619a001462e0deb4e7b13b055f341af34d66f6501550206bad3d64eb498ba4070f8a5b1061d353bb74d521d52887c84c47fc8385e0590410203c3f13c53fd72c67d33b9aeeb1841bd2234efb055dc7c9031080cecc7ac4ff261d0810b67354f08fc2eada568ad49000000000000000000000000008210e99d338dbfc97441a9d7c5636616d31b5dc352adcbe84acf31652eec4ed2e1509232e23361548acf88e0333e2721d8f7fd1b3086b2dacd3624bec743821e9d39f6f5a5cd9b1483fdfec3412d0bfb18ca8df5d8904ec0f4c43c9348038c8b9d94b86025b46b96e825552880c94cb2bfecb6da827a56083923cd121d4b14df15b761028caab512f6bd749140a6639180a0172e0859ce1274afaacc997e2c468402c63c13decc3280955b92ef902274efd653eedc0bf3f066856bf5204036e0448a2f70d62c8467ee661b5fbc764f9c044eb14a4071078120d1b3ce85e955a3ffe48845af190ee8eceb97d22fa0829aa18042a450e73364c68f12e8c4821e5ba17d5d36847fa7516d511f92824f1d514847e34ce43cb2eec6a1dd3d16db2f7afad959b3777b6be9b18fed9d0ac9cd4f7fe97d38aef9bc4ad9a1bf9ec77c7a28d6bc6b14968c8f045bf81d3f8bbdd0d040c50dfc647307b1222b06439890ff618d2b2689ea4c5e4672b21726df2c2d69707def1fdd062fe49502064595d4854393f40444f80a7eb3eeb533b50aa4bcf563b4125219b9aa4f67830c7d475b99c07787fd286134d223d06eeb68b9a7bdf82c7bb7cf16e03d2313543e9f221a267808e0245500e4a712d25851697a939e097490d327e700a2a2674dc3867175f886c24791d3a100000000846e4eaa8631308dab74d0f45b4fb1081f753ae999241215627152f6a96a62250260255cb21181c53493419ecbf00c0a3c4fa674f744fcc020981e0896fd4d8199ef96cae461605ff2ca3e4c5db3de7eb1062a123650067cff0c7d433202249db2133781aac9c8a9815a4ef3805221219c3a9cd80c816cd83939bfddf17d8e99590b7387be9e440dc06d43ec40f0e8ab1ec008299f96ecc4b0e0e2e3d5e68b0686398e1197ed2c8ec536d4a62ba950e60ce28afe7296042e1a4c9c35b72e409e1a371b8ff9e3c972756b6c1685a6f9d9c97dde0d213c59068faf02f65943171bfb8cba50a2337ec4e51c2d75ee8fd76b0c0e39f2189a7a36a381ffea08e2feb64a3f37213292928c2db3353baafcadccc43a87e131cf88e801646ebffc99e7c2cc08cd30dd601c03da57a55ba661d9df114296b360f702179b16ac22f8e95621028b8747b7e68cae474ca00130f60fcb1a810a969329c9c5fa000000008313705e362202ccf47ef4fcb9045036095e7d7c0f240c858d565751c0b92d906100a04fc0cc40e4327c2798b85e416db5e8a64e7d81ebe888624f68ed3a0e138505c476941ae36a9373450d37b3bab73f8dd8e67c415805466724ebcc698a1876002f5b6a994e037c2991a0566dd92df6fcc9320feee693a80b4a18abce533b34a18e84f515217d"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x15}, 0x94)

51.253568ms ago: executing program 1 (id=5189):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000400)='signal_generate\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r2}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

50.528538ms ago: executing program 4 (id=5190):
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x88002, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x18, 0x2000000000000216, &(0x7f0000000a00)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00002000bfa10000000000d807010000f8ffffffb702000008000000b7030000000000008567b5280d0000009503ac24eb3def3b10036903a1ce7bf24f47593a8d11fe539325569a0104fc14e006cd2e9ad19a507a649f7fde716e77b7bd04f42de5137c3956f384ad2102cbc5cd1bf267bd8b45b51a9eb9eaedfe8bc5a41fcf08e0e0d47dd501791153aafea96ec444e63acb03f4acd1c1b4d4664cef18fafe3dadb0532d3eefb0cf947cc109ca09e2ec1f7fa2804566d54aea251b9fdc7e221259a7976e024fb53612674d94d4fb2ad28696c7c3fda2d25c64909838d09ca53be7bb02869705a468e52ca8683a4d4f631940e8a8ebda20b9c839e0162ece7fafde2956fd9f54ab5a7764ddc19beadaa9bc09ad592f38e0dde302f168a83bde93ace1db29871c406e3ede1c4df5eff37b6041b82ac3a3c4e661d7864e2f9cc6043274cd9d62d494e45f62cdcd9c882e2ca61e65db32fcb2209284c5431c521c752a74896dd8f344245fa4d98e7b2fca86fa1a6f84784a90"], 0x0, 0xfffffffd, 0x0, 0x0, 0x41000, 0x10, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x445bd}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000940)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='io_uring_register\x00', r2}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0x4, &(0x7f00000005c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007d00000095acbd6093f6accda2269a0370931edfaac95fe8a95b90c1c88ac97155f4cbd8825dc0a7000081c3c2bfa3ac043c0f761cd575437059c5bcc6ee2e1bc07e764cbc9377dbf9102d10267f894ccc6f0697fdb03f7c0cb0e0ad20afb2b3705d9527abf964a5bfc5efabdcf1389fbd9ecf72dc6e7009e7b219a74aaf1283701b0c8f8872e0ccad09851ffebc21463e08c8c18f8d9f3c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r3}, 0x10)
lsetxattr$security_capability(&(0x7f0000000080)='./cgroup/cgroup.procs\x00', &(0x7f0000000700), &(0x7f0000000040)=@v3={0x3000000, [{0x8, 0x8000}, {0x2, 0x2}], 0xee00}, 0x18, 0x1)
r4 = creat(&(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0xf21963aaf523cb02)
r5 = io_uring_setup(0x2a6a, &(0x7f00000002c0)={0x0, 0xd610, 0x0, 0x1, 0x28b})
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r5, 0xd, &(0x7f0000000140)={0x7, 0x0, 0x0, 0x0}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000050fb90000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080002000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000680)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41000, 0x3c, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000980)='jbd2_submit_inode_data\x00', r6}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r1}, &(0x7f00000008c0), &(0x7f0000000880)=r6}, 0x20)
pwritev(r0, &(0x7f0000000100)=[{0x0, 0x72}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x0, 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f00000000c0)=0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffe8}, 0x94)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f00000004c0), 0x800, 0x0)
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000100)={<r10=>0xffffffffffffffff}, 0x13f, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r9, &(0x7f00000002c0)={0x7, 0x8, 0xfa00, {r10, 0xce}}, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={<r11=>0xffffffffffffffff}, 0x111, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_DESTROY_ID(r9, &(0x7f0000000f80)={0x1, 0x10, 0xfa00, {&(0x7f00000001c0), r11}}, 0x18)
r12 = syz_open_dev$evdev(&(0x7f0000000300), 0x9b89, 0x20240)
ioctl$EVIOCGPROP(r12, 0x40047438, &(0x7f0000000c80)=""/241)
ioctl$PPPIOCSMRU1(r8, 0x40047452, 0x0)
mknod$loop(&(0x7f0000001b80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1e0)
renameat2(0xffffffffffffff9c, &(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2)

46.034878ms ago: executing program 1 (id=5191):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r0}, 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x13, 0xc, &(0x7f0000000940)=ANY=[@ANYRES8=0x0, @ANYRESDEC=r0, @ANYBLOB="4447a771121ad170aa4ea7f58b6d258b3290ce88fb0bcf14e7b041bd863bda18549b9ad973e25b82fa4f811d4275be60c84e38628a38380df99d8b4e1c8dfb1581bcad09ea9f3a663c0ea14149e43dc943db22bc9ca1f12e00a2f4ed77cd62ad8546ca36572b62d95ac9a53c0047e69c02d54e409235178ea2c4898bdc9f274757318e2935e4d5da78a2a0a0598dc0c57e5c05d66ed9a77ecd72ec00272d29515f68a6a26bb147680c6cb034d9fa7babe7718f377b375fc12d53357ec933b8dc4042"], &(0x7f0000000240)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x41000, 0x6, '\x00', 0x0, @fallback=0x21, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$xdp(0x2c, 0x3, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000100)={'bridge_slave_0\x00', &(0x7f0000002fc0)=@ethtool_link_settings={0x1d}})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r4, @ANYRES32=r3, @ANYRESHEX=r4], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
lsm_set_self_attr(0x66, 0x0, 0x43, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fallocate(r5, 0x2, 0x6, 0x7bc60221)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
r7 = syz_io_uring_setup(0x5c6, &(0x7f00000006c0)={0x0, 0x1001, 0x0, 0x6, 0xa8}, &(0x7f00000001c0)=<r8=>0x0, &(0x7f0000000580)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1a, 0x0, 0x0, 0x4, &(0x7f0000000300)={0x0, 0x989680}, 0x1, 0x40, 0x1})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000580)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x1000000000}, 0x18)
io_uring_enter(r7, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a20000000100a010100000000000000000a0000090900010073797a3000000000380000000e0a01020000000000000000030000060900020073797a31000000000900010073797a30000000000900020073797a31000000004c000000180a010400000000000000000000000508000740000000010900020073797a30000000000900020073797a32000000000c00054000000000000000030c0005400000000000000002140000001100010000000000000000000300000a"], 0xcc}}, 0x0)

37.993108ms ago: executing program 4 (id=5192):
r0 = socket$isdn_base(0x22, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
timer_create(0x3, 0x0, &(0x7f00000001c0))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
sendmsg$inet(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x4e23, @loopback}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)="9a41340f43f82e959f6881f7fa405a9e1c94", 0x12}], 0x1, &(0x7f0000000280)=[@ip_tos_int={{0x14}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x5}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xc}}, @ip_retopts={{0x78, 0x0, 0x7, {[@lsrr={0x83, 0xb, 0x5e, [@remote, @empty]}, @ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0xb, 0x10, [@initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010101]}, @generic={0x88, 0xb, "86f2ce2ce90c6bc2d3"}, @generic={0x89, 0x9, "7c3a6b09e3f7fd"}, @cipso={0x86, 0x38, 0x0, [{0x2, 0x10, "ca1316c81ee453a62f682e960bca"}, {0x0, 0x5, "b869a7"}, {0x5, 0x4, "5d9f"}, {0x6, 0xb, "ff6093aec57e1d04e8"}, {0x0, 0x8, "7bc3d7b77d10"}, {0x1, 0x2}, {0x2, 0x4, "e790"}]}]}}}, @ip_retopts={{0x10}}, @ip_retopts={{0x5c, 0x0, 0x7, {[@timestamp={0x44, 0x28, 0x1c, 0x0, 0x4, [0xfffff69c, 0x2, 0x7, 0x0, 0xbb, 0x6, 0x1000, 0x5, 0x6]}, @timestamp_prespec={0x44, 0x1c, 0x5a, 0x3, 0xf, [{@multicast2, 0x5}, {@private=0xa010102, 0x6}, {@empty}]}, @ra={0x94, 0x4}, @end]}}}, @ip_retopts={{0x30, 0x0, 0x7, {[@ssrr={0x89, 0x1b, 0x6b, [@rand_addr=0x64010100, @empty, @dev={0xac, 0x14, 0x14, 0x11}, @private=0xa010102, @local, @multicast1]}, @ra={0x94, 0x4}]}}}], 0x160}, 0x41)
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000380)="390000fa461aa0fbe8ab13aa2151b94dbe9e8a722e34d7e484893f", 0x1b}], 0x1)
r2 = syz_open_dev$sg(&(0x7f0000000280), 0x0, 0x8842)
ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f00000000c0)=ANY=[@ANYRES64=r2])
r3 = socket(0x200000000000011, 0x2, 0xd)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4)
syz_emit_ethernet(0x32, &(0x7f0000000040)={@random="e90c610faca2", @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2, 0x1, 0x2, 0xc, 0x100}}}}}}}, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./bus\x00', 0x18000, &(0x7f0000001040)=ANY=[], 0x8, 0x2f1, &(0x7f0000000d40)="$eJzs3M9PE0EUwPHXn7QlUA5Go4lhohe9bKB6VhoDibGJBKnxR2KywFabri3pNpgaI3ryavwjPBCO3EiUf4CLN7148cbFxIMcjDXd7lJoFwqlpQjfT0L2sTNvd2ZayJuGZePB++e5jKVl9JL4I0p8IiKbIkPiF5fPOfrtOCzbvZGr/b++Xrz38NGdZCo1PqXURHL6WkIpNTj86cWrqNNttU/Wh55s/Ez8WD+7fn7j7/SzrKWylsoXSkpXM4XvJX3GNNRc1sppSk2ahm4ZKpu3jGKtvVBrz5iF+fmy0vNzA7H5omFZSs+XVc4oq1JBlYplFXiqZ/NK0zQ1EBO0kl6amtKTbSbPdngw6JJiMakHRCTa1JJe6smAAABATzXW/35Rnaz/ly+tlfrvrww69f9q2Kv+v/6tdq0d9X9ERDzrf/f+nvW/frD6v7kiOl0OVf/jeBgON53y1cNqYzGpx5yfX9vbx8sjdkD9DwAAAAAAAAAAAAAAAAAAAADA/2CzUolXKpW4e3S/+kQkIiLu9x6pARG52YMho4MO8frjBKg/uBccFDHfLaQX0rWj02FNREwxZETi8sd+Pziqsfvkkaoaks/mopO/uJAO2C3JjGTt/FGJh6Qxv1KZuJ0aH1U1O/NDEtuen5C4nPHOT3jmh+XK5W35msTly6wUxJQ5exz1/NejSt26m2rIj9r9AAAAAAA4CTS1xXP/rmm7tdfyt/bXjZ8PBOr76xHP/XlQLgR7O3cAAAAAAE4Lq/wyp5umUdwjiErrPu0HwS5d2Z3hfrPcv2VobnJburgInreIOCf3dZ3qFfa7LL4DLMsugb+t1RiuzkYddsXcj4126yOTY116mUIt+pz78PF35256YyXSYqbtB4G93wChI/nlAwAAAOBI1Yt+98xYbwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAp1JV/k9YQ9HqOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwHHxLwAA//8eVv+1")
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0185879, &(0x7f0000000040)={@desc={0x1, 0x0, @desc2}})

0s ago: executing program 4 (id=5193):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000003c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x8}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x55}, 0x1a) (fail_nth: 9)

kernel console output (not intermixed with test programs):

  syzkaller #0 PREEMPT(voluntary) 
[  312.729544][T16866] Tainted: [W]=WARN
[  312.729550][T16866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  312.729635][T16866] Call Trace:
[  312.729649][T16866]  <TASK>
[  312.729656][T16866]  __dump_stack+0x1d/0x30
[  312.729678][T16866]  dump_stack_lvl+0xe8/0x140
[  312.729700][T16866]  dump_stack+0x15/0x1b
[  312.729724][T16866]  warn_alloc+0x12b/0x1a0
[  312.729771][T16866]  ? __rcu_read_unlock+0x4f/0x70
[  312.729805][T16866]  __vmalloc_node_range_noprof+0x9d/0xed0
[  312.729864][T16866]  ? __futex_wait+0x1fa/0x260
[  312.729885][T16866]  ? __pfx_futex_wake_mark+0x10/0x10
[  312.729904][T16866]  ? __rcu_read_unlock+0x4f/0x70
[  312.729964][T16866]  ? avc_has_perm_noaudit+0x1b1/0x200
[  312.729988][T16866]  ? should_fail_ex+0x30/0x280
[  312.730005][T16866]  ? xskq_create+0x36/0xe0
[  312.730060][T16866]  vmalloc_user_noprof+0x7d/0xb0
[  312.730134][T16866]  ? xskq_create+0x80/0xe0
[  312.730163][T16866]  xskq_create+0x80/0xe0
[  312.730193][T16866]  xsk_init_queue+0x95/0xf0
[  312.730263][T16866]  xsk_setsockopt+0x3f5/0x640
[  312.730289][T16866]  ? __pfx_xsk_setsockopt+0x10/0x10
[  312.730355][T16866]  __sys_setsockopt+0x184/0x200
[  312.730398][T16866]  __x64_sys_setsockopt+0x64/0x80
[  312.730430][T16866]  x64_sys_call+0x20ec/0x3000
[  312.730452][T16866]  do_syscall_64+0xd2/0x200
[  312.730498][T16866]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  312.730536][T16866]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  312.730585][T16866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.730677][T16866] RIP: 0033:0x7fd0f2cbf749
[  312.730695][T16866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.730780][T16866] RSP: 002b:00007fd0f1727038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  312.730798][T16866] RAX: ffffffffffffffda RBX: 00007fd0f2f15fa0 RCX: 00007fd0f2cbf749
[  312.730811][T16866] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[  312.730825][T16866] RBP: 00007fd0f2d43f91 R08: 0000000000000004 R09: 0000000000000000
[  312.730841][T16866] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  312.730853][T16866] R13: 00007fd0f2f16038 R14: 00007fd0f2f15fa0 R15: 00007ffd3d048ae8
[  312.730872][T16866]  </TASK>
[  312.959689][T16866] Mem-Info:
[  312.962835][T16866] active_anon:6474 inactive_anon:3 isolated_anon:0
[  312.962835][T16866]  active_file:25564 inactive_file:2385 isolated_file:0
[  312.962835][T16866]  unevictable:19780 dirty:106 writeback:2
[  312.962835][T16866]  slab_reclaimable:3557 slab_unreclaimable:30754
[  312.962835][T16866]  mapped:32599 shmem:3063 pagetables:973
[  312.962835][T16866]  sec_pagetables:0 bounce:0
[  312.962835][T16866]  kernel_misc_reclaimable:0
[  312.962835][T16866]  free:1843523 free_pcp:12647 free_cma:0
[  312.965799][T16867] program syz.4.4777 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  313.008175][T16866] Node 0 active_anon:25896kB inactive_anon:12kB active_file:102256kB inactive_file:9540kB unevictable:79120kB isolated(anon):0kB isolated(file):0kB mapped:130396kB dirty:424kB writeback:8kB shmem:12252kB kernel_stack:4240kB pagetables:3892kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  313.045391][T16866] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  313.075297][T16866] lowmem_reserve[]: 0 2881 7859 7859
[  313.080726][T16866] Node 0 DMA32 free:2946728kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2950256kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:3528kB free_cma:0kB
[  313.112261][T16866] lowmem_reserve[]: 0 0 4978 4978
[  313.117418][T16866] Node 0 Normal free:4412004kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:26012kB inactive_anon:12kB active_file:102256kB inactive_file:9540kB unevictable:79120kB writepending:432kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:46944kB local_pcp:17340kB free_cma:0kB
[  313.150998][T16866] lowmem_reserve[]: 0 0 0 0
[  313.155628][T16866] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  313.168382][T16866] Node 0 DMA32: 6*4kB (M) 4*8kB (M) 3*16kB (M) 2*32kB (M) 4*64kB (M) 2*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2946728kB
[  313.184538][T16866] Node 0 Normal: 1184*4kB (UME) 1208*8kB (UME) 542*16kB (UME) 384*32kB (UME) 233*64kB (UME) 271*128kB (UME) 195*256kB (UME) 114*512kB (UME) 76*1024kB (UME) 84*2048kB (UME) 969*4096kB (UM) = 4412128kB
[  313.204413][T16866] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  313.213868][T16866] 50788 total pagecache pages
[  313.218563][T16866] 5 pages in swap cache
[  313.222792][T16866] Free swap  = 124724kB
[  313.226963][T16866] Total swap = 124996kB
[  313.231901][T16866] 2097051 pages RAM
[  313.235733][T16866] 0 pages HighMem/MovableOnly
[  313.240473][T16866] 81087 pages reserved
[  313.397939][T16879] program syz.0.4783 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  313.459742][T16881] option changes via remount are deprecated (pid=16880 comm=syz.2.4782)
[  313.489536][ T3509] Bluetooth: hci1: command 0x1003 tx timeout
[  313.495578][   T44] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  313.603108][T16885] syzkaller0: entered promiscuous mode
[  313.608636][T16885] syzkaller0: entered allmulticast mode
[  313.624622][T16895] loop3: detected capacity change from 0 to 512
[  313.653510][T16895] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.707728][T16895] netlink: 176 bytes leftover after parsing attributes in process `syz.3.4790'.
[  313.793241][T11698] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.871757][T16911] program syz.3.4794 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  313.884172][T16913] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4795'.
[  313.894702][T16914] xt_TPROXY: Can be used only with -p tcp or -p udp
[  313.895236][T16911] loop3: detected capacity change from 0 to 128
[  313.956797][T16917] option changes via remount are deprecated (pid=16915 comm=syz.3.4796)
[  313.988626][T16919] loop2: detected capacity change from 0 to 128
[  314.017103][T16919] bio_check_eod: 1 callbacks suppressed
[  314.017122][T16919] syz.2.4792: attempt to access beyond end of device
[  314.017122][T16919] loop2: rw=2049, sector=138, nr_sectors = 112 limit=128
[  314.024639][T16921] FAULT_INJECTION: forcing a failure.
[  314.024639][T16921] name failslab, interval 1, probability 0, space 0, times 0
[  314.048986][T16921] CPU: 1 UID: 0 PID: 16921 Comm: syz.0.4798 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  314.049081][T16921] Tainted: [W]=WARN
[  314.049087][T16921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  314.049101][T16921] Call Trace:
[  314.049109][T16921]  <TASK>
[  314.049120][T16921]  __dump_stack+0x1d/0x30
[  314.049189][T16921]  dump_stack_lvl+0xe8/0x140
[  314.049223][T16921]  dump_stack+0x15/0x1b
[  314.049244][T16921]  should_fail_ex+0x265/0x280
[  314.049269][T16921]  ? alloc_tty_struct+0x4c/0x400
[  314.049368][T16921]  should_failslab+0x8c/0xb0
[  314.049404][T16921]  __kmalloc_cache_noprof+0x4c/0x4a0
[  314.049443][T16921]  alloc_tty_struct+0x4c/0x400
[  314.049539][T16921]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  314.049578][T16921]  pty_unix98_install+0x105/0x390
[  314.049706][T16921]  tty_init_dev+0x7c/0x330
[  314.049733][T16921]  ptmx_open+0xda/0x240
[  314.049771][T16921]  chrdev_open+0x2eb/0x3a0
[  314.049878][T16921]  do_dentry_open+0x649/0xa20
[  314.049896][T16921]  ? __pfx_chrdev_open+0x10/0x10
[  314.049928][T16921]  vfs_open+0x37/0x1e0
[  314.049945][T16921]  path_openat+0x1c5e/0x2170
[  314.050001][T16921]  ? path_openat+0x1bf8/0x2170
[  314.050028][T16921]  ? _parse_integer_limit+0x170/0x190
[  314.050073][T16921]  do_filp_open+0x109/0x230
[  314.050173][T16921]  file_open_name+0xfa/0x120
[  314.050196][T16921]  __se_sys_acct+0xeb/0x530
[  314.050259][T16921]  __x64_sys_acct+0x1f/0x30
[  314.050301][T16921]  x64_sys_call+0x2f3a/0x3000
[  314.050325][T16921]  do_syscall_64+0xd2/0x200
[  314.050349][T16921]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  314.050385][T16921]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  314.050462][T16921]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.050487][T16921] RIP: 0033:0x7fd0f2cbf749
[  314.050505][T16921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.050528][T16921] RSP: 002b:00007fd0f1727038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3
[  314.050551][T16921] RAX: ffffffffffffffda RBX: 00007fd0f2f15fa0 RCX: 00007fd0f2cbf749
[  314.050565][T16921] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[  314.050581][T16921] RBP: 00007fd0f1727090 R08: 0000000000000000 R09: 0000000000000000
[  314.050593][T16921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  314.050604][T16921] R13: 00007fd0f2f16038 R14: 00007fd0f2f15fa0 R15: 00007ffd3d048ae8
[  314.050690][T16921]  </TASK>
[  314.071927][   T29] kauditd_printk_skb: 277 callbacks suppressed
[  314.071944][   T29] audit: type=1326 audit(1764607067.185:15449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16901 comm="syz.2.4792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeb0e1f749 code=0x7ffc0000
[  314.079357][T16924] syz.2.4792: attempt to access beyond end of device
[  314.079357][T16924] loop2: rw=2049, sector=142, nr_sectors = 2 limit=128
[  314.095813][   T29] audit: type=1326 audit(1764607067.205:15450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16901 comm="syz.2.4792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeb0e1f749 code=0x7ffc0000
[  314.099557][T16924] Buffer I/O error on dev loop2, logical block 71, lost async page write
[  314.567062][   T29] audit: type=1326 audit(1764607067.345:15451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16901 comm="syz.2.4792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbeb0e1f749 code=0x7ffc0000
[  314.590748][   T29] audit: type=1326 audit(1764607067.345:15452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16901 comm="syz.2.4792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeb0e1f749 code=0x7ffc0000
[  314.614360][   T29] audit: type=1326 audit(1764607067.345:15453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16901 comm="syz.2.4792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeb0e1f749 code=0x7ffc0000
[  314.640942][T16928] syzkaller0: entered promiscuous mode
[  314.646452][T16928] syzkaller0: entered allmulticast mode
[  314.725469][T16932] syzkaller0: entered promiscuous mode
[  314.731123][T16932] syzkaller0: entered allmulticast mode
[  314.829815][T16939] program syz.1.4806 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  314.840952][T16939] loop1: detected capacity change from 0 to 128
[  314.894458][T16937] syzkaller0: entered promiscuous mode
[  314.900095][T16937] syzkaller0: entered allmulticast mode
[  314.928830][T16948] option changes via remount are deprecated (pid=16947 comm=syz.1.4809)
[  314.958765][T16950] netlink: 14 bytes leftover after parsing attributes in process `syz.3.4810'.
[  314.985287][T16950] bond0 (unregistering): Released all slaves
[  315.007564][   T29] audit: type=1326 audit(1764607068.116:15454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16951 comm="syz.1.4811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe08e72f749 code=0x7ffc0000
[  315.057417][   T29] audit: type=1326 audit(1764607068.116:15455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16951 comm="syz.1.4811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe08e72f749 code=0x7ffc0000
[  315.081188][   T29] audit: type=1326 audit(1764607068.116:15456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16951 comm="syz.1.4811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe08e72f749 code=0x7ffc0000
[  315.104911][   T29] audit: type=1326 audit(1764607068.116:15457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16951 comm="syz.1.4811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe08e72f749 code=0x7ffc0000
[  315.128858][   T29] audit: type=1326 audit(1764607068.116:15458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16951 comm="syz.1.4811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe08e72f749 code=0x7ffc0000
[  315.170424][T16955] FAULT_INJECTION: forcing a failure.
[  315.170424][T16955] name failslab, interval 1, probability 0, space 0, times 0
[  315.183153][T16955] CPU: 1 UID: 0 PID: 16955 Comm: syz.1.4812 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  315.183185][T16955] Tainted: [W]=WARN
[  315.183193][T16955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  315.183257][T16955] Call Trace:
[  315.183264][T16955]  <TASK>
[  315.183272][T16955]  __dump_stack+0x1d/0x30
[  315.183340][T16955]  dump_stack_lvl+0xe8/0x140
[  315.183366][T16955]  dump_stack+0x15/0x1b
[  315.183388][T16955]  should_fail_ex+0x265/0x280
[  315.183411][T16955]  should_failslab+0x8c/0xb0
[  315.183458][T16955]  kmem_cache_alloc_noprof+0x50/0x480
[  315.183485][T16955]  ? audit_log_start+0x342/0x720
[  315.183506][T16955]  audit_log_start+0x342/0x720
[  315.183546][T16955]  ? kstrtouint+0x76/0xc0
[  315.183587][T16955]  audit_seccomp+0x48/0x100
[  315.183625][T16955]  ? __seccomp_filter+0x82d/0x1250
[  315.183715][T16955]  __seccomp_filter+0x83e/0x1250
[  315.183750][T16955]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  315.183790][T16955]  ? vfs_write+0x7e8/0x960
[  315.183837][T16955]  ? __rcu_read_unlock+0x4f/0x70
[  315.183870][T16955]  ? __fget_files+0x184/0x1c0
[  315.183946][T16955]  __secure_computing+0x82/0x150
[  315.183973][T16955]  syscall_trace_enter+0xcf/0x1e0
[  315.184063][T16955]  do_syscall_64+0xac/0x200
[  315.184090][T16955]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  315.184199][T16955]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  315.184244][T16955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.184270][T16955] RIP: 0033:0x7fe08e72f749
[  315.184287][T16955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.184317][T16955] RSP: 002b:00007fe08d18f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000109
[  315.184340][T16955] RAX: ffffffffffffffda RBX: 00007fe08e985fa0 RCX: 00007fe08e72f749
[  315.184356][T16955] RDX: ffffffffffffff9c RSI: 00002000000006c0 RDI: ffffffffffffff9c
[  315.184372][T16955] RBP: 00007fe08d18f090 R08: 0000000000001000 R09: 0000000000000000
[  315.184388][T16955] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  315.184400][T16955] R13: 00007fe08e986038 R14: 00007fe08e985fa0 R15: 00007ffe557a6ad8
[  315.184468][T16955]  </TASK>
[  315.431414][T16968] program syz.4.4817 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  315.442944][T16968] loop4: detected capacity change from 0 to 128
[  315.525713][T16975] loop2: detected capacity change from 0 to 1024
[  315.542815][T16975] EXT4-fs: Ignoring removed nomblk_io_submit option
[  315.549979][T16971] syzkaller0: entered promiscuous mode
[  315.555516][T16971] syzkaller0: entered allmulticast mode
[  315.581476][T16975] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  315.592862][T16973] syzkaller0: entered promiscuous mode
[  315.599476][T16973] syzkaller0: entered allmulticast mode
[  315.634038][T12340] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  315.671922][T16985] option changes via remount are deprecated (pid=16984 comm=syz.2.4822)
[  315.722736][T16987] netlink: 176 bytes leftover after parsing attributes in process `syz.1.4823'.
[  315.740599][T16992] xt_TPROXY: Can be used only with -p tcp or -p udp
[  315.796985][T16996] syzkaller0: entered promiscuous mode
[  315.802572][T16996] syzkaller0: entered allmulticast mode
[  316.868547][T17001] program syz.0.4830 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  316.892678][T17009] loop1: detected capacity change from 0 to 128
[  316.905102][T17009] syz.1.4828: attempt to access beyond end of device
[  316.905102][T17009] loop1: rw=2049, sector=138, nr_sectors = 112 limit=128
[  316.919987][T17009] syz.1.4828: attempt to access beyond end of device
[  316.919987][T17009] loop1: rw=2049, sector=142, nr_sectors = 2 limit=128
[  316.933525][T17009] Buffer I/O error on dev loop1, logical block 71, lost async page write
[  317.347262][T17034] option changes via remount are deprecated (pid=17033 comm=syz.4.4838)
[  317.364914][T17028] syzkaller0: entered promiscuous mode
[  317.370474][T17028] syzkaller0: entered allmulticast mode
[  317.395542][T17037] loop4: detected capacity change from 0 to 1024
[  317.403100][T17019] syzkaller0: entered promiscuous mode
[  317.408665][T17019] syzkaller0: entered allmulticast mode
[  317.409164][T17037] EXT4-fs: Ignoring removed orlov option
[  317.445365][T17037] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  317.461103][T17031] syzkaller0: entered promiscuous mode
[  317.466648][T17031] syzkaller0: entered allmulticast mode
[  317.510599][T11963] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.539191][T17047] loop3: detected capacity change from 0 to 512
[  317.557197][T17047] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  317.574400][T17047] ext4 filesystem being mounted at /357/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  317.601845][T17047] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.4842: corrupted inode contents
[  317.618139][T17055] loop4: detected capacity change from 0 to 512
[  317.624695][T17047] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #2: comm syz.3.4842: mark_inode_dirty error
[  317.637391][T17047] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.4842: corrupted inode contents
[  317.664729][T17055] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  317.692636][T17055] netlink: 176 bytes leftover after parsing attributes in process `syz.4.4845'.
[  317.704098][T11698] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.743059][T11963] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.750701][T17064] option changes via remount are deprecated (pid=17063 comm=syz.3.4849)
[  317.807497][T17066] syzkaller0: entered promiscuous mode
[  317.813009][T17066] syzkaller0: entered allmulticast mode
[  317.822493][T17067] loop1: detected capacity change from 0 to 128
[  318.041492][T17076] veth2: entered promiscuous mode
[  318.046604][T17076] veth2: entered allmulticast mode
[  318.090220][T17077] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4852'.
[  318.246181][T17060] syz.1.4846: attempt to access beyond end of device
[  318.246181][T17060] loop1: rw=2049, sector=138, nr_sectors = 112 limit=128
[  318.260806][T17060] syz.1.4846: attempt to access beyond end of device
[  318.260806][T17060] loop1: rw=2049, sector=142, nr_sectors = 2 limit=128
[  318.274292][T17060] Buffer I/O error on dev loop1, logical block 71, lost async page write
[  318.292661][T17085] loop2: detected capacity change from 0 to 512
[  318.306293][T17085] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.319476][T17085] ext4 filesystem being mounted at /341/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  318.332283][T17085] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #2: comm syz.2.4855: corrupted inode contents
[  318.346720][T17085] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #2: comm syz.2.4855: mark_inode_dirty error
[  318.358366][T17085] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #2: comm syz.2.4855: corrupted inode contents
[  318.400845][T17100] xt_TPROXY: Can be used only with -p tcp or -p udp
[  318.422441][T12340] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.467277][T17105] syzkaller0: entered promiscuous mode
[  318.472798][T17105] syzkaller0: entered allmulticast mode
[  318.485989][T17108] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4863'.
[  318.531737][T17109] syzkaller0: entered promiscuous mode
[  318.537480][T17109] syzkaller0: entered allmulticast mode
[  318.544993][T17108] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4863'.
[  318.641766][T17112] syzkaller0: entered promiscuous mode
[  318.647390][T17112] syzkaller0: entered allmulticast mode
[  318.701056][T17114] syzkaller0: entered promiscuous mode
[  318.706668][T17114] syzkaller0: entered allmulticast mode
[  318.802987][T17120] loop1: detected capacity change from 0 to 128
[  318.979441][T17135] netlink: 'syz.2.4874': attribute type 10 has an invalid length.
[  318.988020][T17135] hsr_slave_0: left promiscuous mode
[  318.995635][T17135] hsr_slave_1: left promiscuous mode
[  319.080244][T17139] syzkaller0: entered promiscuous mode
[  319.085789][T17139] syzkaller0: entered allmulticast mode
[  319.174000][T17144] Cannot find add_set index 0 as target
[  319.224772][T17143] syzkaller0: entered promiscuous mode
[  319.230296][T17143] syzkaller0: entered allmulticast mode
[  319.240064][T17145] loop4: detected capacity change from 0 to 128
[  319.252812][T17145] syz.4.4875: attempt to access beyond end of device
[  319.252812][T17145] loop4: rw=2049, sector=138, nr_sectors = 112 limit=128
[  319.268703][T17145] syz.4.4875: attempt to access beyond end of device
[  319.268703][T17145] loop4: rw=2049, sector=142, nr_sectors = 2 limit=128
[  319.282222][T17145] Buffer I/O error on dev loop4, logical block 71, lost async page write
[  319.457100][   T29] kauditd_printk_skb: 191 callbacks suppressed
[  319.457120][   T29] audit: type=1326 audit(1764607072.580:15648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17149 comm="syz.2.4880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeb0e1f749 code=0x7ffc0000
[  319.632941][   T29] audit: type=1326 audit(1764607072.610:15649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17149 comm="syz.2.4880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbeb0e1f749 code=0x7ffc0000
[  319.634666][T17153] loop3: detected capacity change from 0 to 512
[  319.656629][   T29] audit: type=1326 audit(1764607072.610:15650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17149 comm="syz.2.4880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeb0e1f749 code=0x7ffc0000
[  319.681698][T17153] EXT4-fs: dax option not supported
[  319.686502][   T29] audit: type=1326 audit(1764607072.610:15651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17149 comm="syz.2.4880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeb0e1f749 code=0x7ffc0000
[  319.715360][   T29] audit: type=1326 audit(1764607072.610:15652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17149 comm="syz.2.4880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbeb0e1f749 code=0x7ffc0000
[  319.739006][   T29] audit: type=1326 audit(1764607072.610:15653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17149 comm="syz.2.4880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeb0e1f749 code=0x7ffc0000
[  319.762757][   T29] audit: type=1326 audit(1764607072.610:15654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17149 comm="syz.2.4880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeb0e1f749 code=0x7ffc0000
[  319.786406][   T29] audit: type=1326 audit(1764607072.610:15655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17149 comm="syz.2.4880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbeb0e1f749 code=0x7ffc0000
[  319.809988][   T29] audit: type=1326 audit(1764607072.610:15656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17149 comm="syz.2.4880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeb0e1f749 code=0x7ffc0000
[  319.833690][   T29] audit: type=1326 audit(1764607072.610:15657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17149 comm="syz.2.4880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbeb0e1f749 code=0x7ffc0000
[  319.899098][T17166] program syz.0.4887 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  319.921605][T17167] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2304 sclass=netlink_route_socket pid=17167 comm=syz.1.4884
[  319.973785][T17169] syzkaller0: entered promiscuous mode
[  319.979389][T17169] syzkaller0: entered allmulticast mode
[  320.059216][T17173] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4889'.
[  320.068359][T17173] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4889'.
[  320.068494][T17175] loop1: detected capacity change from 0 to 512
[  320.135621][T17175] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  320.153198][T17175] ext4 filesystem being mounted at /346/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  320.175341][T17175] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.4890: corrupted inode contents
[  320.202362][T17173] loop4: detected capacity change from 0 to 8192
[  320.208891][T17175] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #2: comm syz.1.4890: mark_inode_dirty error
[  320.210167][T17173] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  320.245538][T17173] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4889'.
[  320.264678][T17175] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.4890: corrupted inode contents
[  320.343344][T17187] program syz.0.4895 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  320.353767][T17189] syzkaller0: entered promiscuous mode
[  320.359366][T17189] syzkaller0: entered allmulticast mode
[  320.440395][T17197] loop4: detected capacity change from 0 to 128
[  320.933119][T12170] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.257425][T17226] program syz.4.4907 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  321.284434][T17226] loop4: detected capacity change from 0 to 128
[  321.326300][T17231] syz!: rxe_newlink: already configured on team_slave_0
[  321.334420][T17231] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  321.343245][T17231] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  321.377016][T17239] netlink: 176 bytes leftover after parsing attributes in process `syz.4.4912'.
[  321.377675][T17231] loop2: detected capacity change from 0 to 1024
[  321.406348][T17231] loop2: detected capacity change from 0 to 2048
[  321.416456][T17240] xt_TPROXY: Can be used only with -p tcp or -p udp
[  321.433326][T17231] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  321.477686][T17244] loop4: detected capacity change from 0 to 164
[  321.485150][T17244] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  321.494629][T17244] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  321.505070][T17244] Symlink component flag not implemented
[  321.510730][T17244] Symlink component flag not implemented
[  321.516631][T17244] Symlink component flag not implemented (7)
[  321.522656][T17244] Symlink component flag not implemented (116)
[  321.690049][T17251] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4916'.
[  321.707535][T17251] FAULT_INJECTION: forcing a failure.
[  321.707535][T17251] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  321.720673][T17251] CPU: 1 UID: 0 PID: 17251 Comm: syz.0.4916 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  321.720707][T17251] Tainted: [W]=WARN
[  321.720716][T17251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  321.720733][T17251] Call Trace:
[  321.720741][T17251]  <TASK>
[  321.720781][T17251]  __dump_stack+0x1d/0x30
[  321.720803][T17251]  dump_stack_lvl+0xe8/0x140
[  321.720823][T17251]  dump_stack+0x15/0x1b
[  321.720845][T17251]  should_fail_ex+0x265/0x280
[  321.720875][T17251]  should_fail+0xb/0x20
[  321.720896][T17251]  should_fail_usercopy+0x1a/0x20
[  321.721047][T17251]  _copy_from_user+0x1c/0xb0
[  321.721073][T17251]  ___sys_sendmsg+0xc1/0x1d0
[  321.721105][T17251]  __x64_sys_sendmsg+0xd4/0x160
[  321.721199][T17251]  x64_sys_call+0x191e/0x3000
[  321.721221][T17251]  do_syscall_64+0xd2/0x200
[  321.721251][T17251]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  321.721286][T17251]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  321.721371][T17251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.721398][T17251] RIP: 0033:0x7fd0f2cbf749
[  321.721416][T17251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  321.721438][T17251] RSP: 002b:00007fd0f1727038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  321.721461][T17251] RAX: ffffffffffffffda RBX: 00007fd0f2f15fa0 RCX: 00007fd0f2cbf749
[  321.721511][T17251] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004
[  321.721523][T17251] RBP: 00007fd0f1727090 R08: 0000000000000000 R09: 0000000000000000
[  321.721535][T17251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  321.721546][T17251] R13: 00007fd0f2f16038 R14: 00007fd0f2f15fa0 R15: 00007ffd3d048ae8
[  321.721566][T17251]  </TASK>
[  321.896431][T17252] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4916'.
[  321.901156][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  321.905462][ T3509] Bluetooth: hci0: command 0x1003 tx timeout
[  321.928538][T17254] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17254 comm=syz.4.4917
[  321.977614][T17256] syzkaller0: entered promiscuous mode
[  321.983181][T17256] syzkaller0: entered allmulticast mode
[  322.010521][T12340] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.072672][T17263] program syz.2.4921 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  322.082317][T17261] loop4: detected capacity change from 0 to 128
[  322.094436][T17263] loop2: detected capacity change from 0 to 128
[  322.174561][T17271] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4925'.
[  322.243565][T17283] syzkaller0: entered promiscuous mode
[  322.249086][T17283] syzkaller0: entered allmulticast mode
[  322.294739][T17293] FAULT_INJECTION: forcing a failure.
[  322.294739][T17293] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  322.308030][T17293] CPU: 1 UID: 0 PID: 17293 Comm: syz.0.4929 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  322.308065][T17293] Tainted: [W]=WARN
[  322.308073][T17293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  322.308089][T17293] Call Trace:
[  322.308097][T17293]  <TASK>
[  322.308107][T17293]  __dump_stack+0x1d/0x30
[  322.308171][T17293]  dump_stack_lvl+0xe8/0x140
[  322.308223][T17293]  dump_stack+0x15/0x1b
[  322.308246][T17293]  should_fail_ex+0x265/0x280
[  322.308270][T17293]  should_fail+0xb/0x20
[  322.308291][T17293]  should_fail_usercopy+0x1a/0x20
[  322.308316][T17293]  _copy_from_user+0x1c/0xb0
[  322.308414][T17293]  ___sys_sendmsg+0xc1/0x1d0
[  322.308477][T17293]  __x64_sys_sendmsg+0xd4/0x160
[  322.308505][T17293]  x64_sys_call+0x191e/0x3000
[  322.308581][T17293]  do_syscall_64+0xd2/0x200
[  322.308673][T17293]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  322.308701][T17293]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  322.308734][T17293]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.308802][T17293] RIP: 0033:0x7fd0f2cbf749
[  322.308821][T17293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.308844][T17293] RSP: 002b:00007fd0f1706038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  322.308894][T17293] RAX: ffffffffffffffda RBX: 00007fd0f2f16090 RCX: 00007fd0f2cbf749
[  322.308907][T17293] RDX: 0000000000008890 RSI: 0000200000000040 RDI: 0000000000000009
[  322.308920][T17293] RBP: 00007fd0f1706090 R08: 0000000000000000 R09: 0000000000000000
[  322.308932][T17293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  322.308944][T17293] R13: 00007fd0f2f16128 R14: 00007fd0f2f16090 R15: 00007ffd3d048ae8
[  322.308966][T17293]  </TASK>
[  322.511345][T17299] netlink: 64 bytes leftover after parsing attributes in process `syz.2.4933'.
[  322.511522][T17298] netlink: 64 bytes leftover after parsing attributes in process `syz.1.4932'.
[  322.540816][T17301] program syz.2.4934 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  322.552008][T17301] loop2: detected capacity change from 0 to 128
[  322.576381][T17303] syzkaller0: entered promiscuous mode
[  322.581944][T17303] syzkaller0: entered allmulticast mode
[  322.646583][T17311] FAULT_INJECTION: forcing a failure.
[  322.646583][T17311] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  322.660149][T17311] CPU: 0 UID: 0 PID: 17311 Comm: syz.1.4939 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  322.660184][T17311] Tainted: [W]=WARN
[  322.660263][T17311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  322.660274][T17311] Call Trace:
[  322.660280][T17311]  <TASK>
[  322.660287][T17311]  __dump_stack+0x1d/0x30
[  322.660316][T17311]  dump_stack_lvl+0xe8/0x140
[  322.660342][T17311]  dump_stack+0x15/0x1b
[  322.660364][T17311]  should_fail_ex+0x265/0x280
[  322.660406][T17311]  should_fail+0xb/0x20
[  322.660421][T17311]  should_fail_usercopy+0x1a/0x20
[  322.660439][T17311]  _copy_from_user+0x1c/0xb0
[  322.660514][T17311]  ___sys_sendmsg+0xc1/0x1d0
[  322.660544][T17311]  __sys_sendmmsg+0x178/0x300
[  322.660576][T17311]  __x64_sys_sendmmsg+0x57/0x70
[  322.660660][T17311]  x64_sys_call+0x1c4a/0x3000
[  322.660680][T17311]  do_syscall_64+0xd2/0x200
[  322.660700][T17311]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  322.660725][T17311]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  322.660836][T17311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.660856][T17311] RIP: 0033:0x7fe08e72f749
[  322.660870][T17311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.660894][T17311] RSP: 002b:00007fe08d18f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  322.660917][T17311] RAX: ffffffffffffffda RBX: 00007fe08e985fa0 RCX: 00007fe08e72f749
[  322.661007][T17311] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003
[  322.661019][T17311] RBP: 00007fe08d18f090 R08: 0000000000000000 R09: 0000000000000000
[  322.661030][T17311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  322.661085][T17311] R13: 00007fe08e986038 R14: 00007fe08e985fa0 R15: 00007ffe557a6ad8
[  322.661103][T17311]  </TASK>
[  323.050725][T17334] FAULT_INJECTION: forcing a failure.
[  323.050725][T17334] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  323.050760][T17334] CPU: 1 UID: 0 PID: 17334 Comm: syz.4.4942 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  323.050869][T17334] Tainted: [W]=WARN
[  323.050878][T17334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  323.050894][T17334] Call Trace:
[  323.050902][T17334]  <TASK>
[  323.050912][T17334]  __dump_stack+0x1d/0x30
[  323.050939][T17334]  dump_stack_lvl+0xe8/0x140
[  323.050960][T17334]  dump_stack+0x15/0x1b
[  323.051032][T17334]  should_fail_ex+0x265/0x280
[  323.051057][T17334]  should_fail+0xb/0x20
[  323.051077][T17334]  should_fail_usercopy+0x1a/0x20
[  323.051104][T17334]  _copy_to_user+0x20/0xa0
[  323.051170][T17334]  simple_read_from_buffer+0xb5/0x130
[  323.051203][T17334]  proc_fail_nth_read+0x10e/0x150
[  323.051238][T17334]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  323.051292][T17334]  vfs_read+0x1a8/0x770
[  323.051322][T17334]  ? __rcu_read_unlock+0x4f/0x70
[  323.051386][T17334]  ? __fget_files+0x184/0x1c0
[  323.051417][T17334]  ? tiocsti+0x19b/0x1d0
[  323.051449][T17334]  ksys_read+0xda/0x1a0
[  323.051482][T17334]  __x64_sys_read+0x40/0x50
[  323.051590][T17334]  x64_sys_call+0x27c0/0x3000
[  323.051620][T17334]  do_syscall_64+0xd2/0x200
[  323.051657][T17334]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  323.051745][T17334]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  323.051792][T17334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.051822][T17334] RIP: 0033:0x7f55c641e15c
[  323.051898][T17334] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  323.051924][T17334] RSP: 002b:00007f55c4e5e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  323.051951][T17334] RAX: ffffffffffffffda RBX: 00007f55c6676090 RCX: 00007f55c641e15c
[  323.052004][T17334] RDX: 000000000000000f RSI: 00007f55c4e5e0a0 RDI: 0000000000000006
[  323.052025][T17334] RBP: 00007f55c4e5e090 R08: 0000000000000000 R09: 0000000000000000
[  323.052043][T17334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  323.052059][T17334] R13: 00007f55c6676128 R14: 00007f55c6676090 R15: 00007ffc4bfc2f68
[  323.052085][T17334]  </TASK>
[  323.065327][T17336] program syz.2.4946 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  323.144697][T17337] loop2: detected capacity change from 0 to 128
[  323.225240][T17339] warn_alloc: 8 callbacks suppressed
[  323.225260][T17339] syz.0.4947: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  323.294659][T17339] CPU: 1 UID: 0 PID: 17339 Comm: syz.0.4947 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  323.294715][T17339] Tainted: [W]=WARN
[  323.294721][T17339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  323.294782][T17339] Call Trace:
[  323.294790][T17339]  <TASK>
[  323.294797][T17339]  __dump_stack+0x1d/0x30
[  323.294818][T17339]  dump_stack_lvl+0xe8/0x140
[  323.294841][T17339]  dump_stack+0x15/0x1b
[  323.294859][T17339]  warn_alloc+0x12b/0x1a0
[  323.294898][T17339]  ? __rcu_read_unlock+0x4f/0x70
[  323.294972][T17339]  __vmalloc_node_range_noprof+0x9d/0xed0
[  323.295026][T17339]  ? __futex_wait+0x1fa/0x260
[  323.295048][T17339]  ? __pfx_futex_wake_mark+0x10/0x10
[  323.295075][T17339]  ? __rcu_read_unlock+0x4f/0x70
[  323.295103][T17339]  ? avc_has_perm_noaudit+0x1b1/0x200
[  323.295128][T17339]  ? should_fail_ex+0x30/0x280
[  323.295219][T17339]  ? xskq_create+0x36/0xe0
[  323.295247][T17339]  vmalloc_user_noprof+0x7d/0xb0
[  323.295287][T17339]  ? xskq_create+0x80/0xe0
[  323.295325][T17339]  xskq_create+0x80/0xe0
[  323.295421][T17339]  xsk_init_queue+0x95/0xf0
[  323.295450][T17339]  xsk_setsockopt+0x3f5/0x640
[  323.295477][T17339]  ? __pfx_xsk_setsockopt+0x10/0x10
[  323.295545][T17339]  __sys_setsockopt+0x184/0x200
[  323.295599][T17339]  __x64_sys_setsockopt+0x64/0x80
[  323.295635][T17339]  x64_sys_call+0x20ec/0x3000
[  323.295657][T17339]  do_syscall_64+0xd2/0x200
[  323.295696][T17339]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  323.295728][T17339]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  323.295824][T17339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.295897][T17339] RIP: 0033:0x7fd0f2cbf749
[  323.295916][T17339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  323.295956][T17339] RSP: 002b:00007fd0f1727038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  323.295976][T17339] RAX: ffffffffffffffda RBX: 00007fd0f2f15fa0 RCX: 00007fd0f2cbf749
[  323.295988][T17339] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[  323.295999][T17339] RBP: 00007fd0f2d43f91 R08: 0000000000000004 R09: 0000000000000000
[  323.296010][T17339] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  323.296021][T17339] R13: 00007fd0f2f16038 R14: 00007fd0f2f15fa0 R15: 00007ffd3d048ae8
[  323.296041][T17339]  </TASK>
[  323.296088][T17339] Mem-Info:
[  323.296094][T17339] active_anon:3493 inactive_anon:4 isolated_anon:0
[  323.296094][T17339]  active_file:25561 inactive_file:2392 isolated_file:0
[  323.296094][T17339]  unevictable:19780 dirty:276 writeback:0
[  323.296094][T17339]  slab_reclaimable:3557 slab_unreclaimable:30727
[  323.296094][T17339]  mapped:29707 shmem:193 pagetables:908
[  323.296094][T17339]  sec_pagetables:0 bounce:0
[  323.296094][T17339]  kernel_misc_reclaimable:0
[  323.296094][T17339]  free:1851196 free_pcp:7991 free_cma:0
[  323.588951][T17339] Node 0 active_anon:13844kB inactive_anon:16kB active_file:102244kB inactive_file:9556kB unevictable:79120kB isolated(anon):0kB isolated(file):0kB mapped:118788kB dirty:1128kB writeback:0kB shmem:772kB kernel_stack:4192kB pagetables:3744kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  323.616723][T17339] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  323.616824][T17339] lowmem_reserve[]: 0 2881 7859 7859
[  323.616855][T17339] Node 0 DMA32 free:2946728kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2950256kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:0kB free_cma:0kB
[  323.617035][T17339] lowmem_reserve[]: 0 0 4978 4978
[  323.617070][T17339] Node 0 Normal free:4444436kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:13844kB inactive_anon:16kB active_file:102244kB inactive_file:9556kB unevictable:79120kB writepending:1128kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:26576kB local_pcp:11160kB free_cma:0kB
[  323.617209][T17339] lowmem_reserve[]: 0 0 0 0
[  323.617243][T17339] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  323.617393][T17339] Node 0 DMA32: 6*4kB (M) 4*8kB (M) 3*16kB (M) 2*32kB (M) 4*64kB (M) 2*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2946728kB
[  323.617700][T17339] Node 0 Normal: 1509*4kB (UME) 1018*8kB (UME) 698*16kB (UME) 580*32kB (UME) 351*64kB 
[  323.653853][T17345] option changes via remount are deprecated (pid=17344 comm=syz.4.4949)
[  323.684225][T17339] (UME) 319*128kB (UME) 210*256kB (UME) 110*512kB (UME) 74*1024kB (UME) 83*2048kB (UME) 972*4096kB (UM) = 4444356kB
[  323.773702][T17339] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  323.773725][T17339] 47920 total pagecache pages
[  323.773803][T17339] 6 pages in swap cache
[  323.773810][T17339] Free swap  = 124720kB
[  323.773819][T17339] Total swap = 124996kB
[  323.773828][T17339] 2097051 pages RAM
[  323.773836][T17339] 0 pages HighMem/MovableOnly
[  323.773845][T17339] 81087 pages reserved
[  323.842159][T17349] FAULT_INJECTION: forcing a failure.
[  323.842159][T17349] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  323.855400][T17349] CPU: 0 UID: 0 PID: 17349 Comm: syz.3.4951 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  323.855444][T17349] Tainted: [W]=WARN
[  323.855450][T17349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  323.855465][T17349] Call Trace:
[  323.855473][T17349]  <TASK>
[  323.855482][T17349]  __dump_stack+0x1d/0x30
[  323.855510][T17349]  dump_stack_lvl+0xe8/0x140
[  323.855594][T17349]  dump_stack+0x15/0x1b
[  323.855697][T17349]  should_fail_ex+0x265/0x280
[  323.855720][T17349]  should_fail+0xb/0x20
[  323.855739][T17349]  should_fail_usercopy+0x1a/0x20
[  323.855766][T17349]  _copy_from_user+0x1c/0xb0
[  323.855798][T17349]  ___sys_sendmsg+0xc1/0x1d0
[  323.855886][T17349]  __x64_sys_sendmsg+0xd4/0x160
[  323.855909][T17349]  x64_sys_call+0x191e/0x3000
[  323.855938][T17349]  do_syscall_64+0xd2/0x200
[  323.855965][T17349]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  323.856077][T17349]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  323.856121][T17349]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.856149][T17349] RIP: 0033:0x7fdea363f749
[  323.856167][T17349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  323.856207][T17349] RSP: 002b:00007fdea209f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  323.856230][T17349] RAX: ffffffffffffffda RBX: 00007fdea3895fa0 RCX: 00007fdea363f749
[  323.856246][T17349] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[  323.856285][T17349] RBP: 00007fdea209f090 R08: 0000000000000000 R09: 0000000000000000
[  323.856301][T17349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  323.856316][T17349] R13: 00007fdea3896038 R14: 00007fdea3895fa0 R15: 00007fff7a1ea148
[  323.856335][T17349]  </TASK>
[  324.044381][T17352] syzkaller0: entered promiscuous mode
[  324.049908][T17352] syzkaller0: entered allmulticast mode
[  324.131762][T17362] loop3: detected capacity change from 0 to 764
[  324.134783][T17366] loop1: detected capacity change from 0 to 764
[  324.145554][T17366] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  324.156873][T17362] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  324.163117][T17366] FAULT_INJECTION: forcing a failure.
[  324.163117][T17366] name failslab, interval 1, probability 0, space 0, times 0
[  324.177528][T17366] CPU: 0 UID: 0 PID: 17366 Comm: syz.1.4956 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  324.177593][T17366] Tainted: [W]=WARN
[  324.177602][T17366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  324.177617][T17366] Call Trace:
[  324.177626][T17366]  <TASK>
[  324.177636][T17366]  __dump_stack+0x1d/0x30
[  324.177680][T17366]  dump_stack_lvl+0xe8/0x140
[  324.177711][T17366]  dump_stack+0x15/0x1b
[  324.177737][T17366]  should_fail_ex+0x265/0x280
[  324.177780][T17366]  should_failslab+0x8c/0xb0
[  324.177820][T17366]  kmem_cache_alloc_noprof+0x50/0x480
[  324.177938][T17366]  ? getname_flags+0x80/0x3b0
[  324.177982][T17366]  getname_flags+0x80/0x3b0
[  324.178099][T17366]  do_sys_openat2+0x60/0x110
[  324.178152][T17366]  __x64_sys_open+0xe6/0x110
[  324.178180][T17366]  x64_sys_call+0x1457/0x3000
[  324.178213][T17366]  do_syscall_64+0xd2/0x200
[  324.178242][T17366]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  324.178351][T17366]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  324.178417][T17366]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.178447][T17366] RIP: 0033:0x7fe08e72f749
[  324.178467][T17366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  324.178544][T17366] RSP: 002b:00007fe08d18f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  324.178571][T17366] RAX: ffffffffffffffda RBX: 00007fe08e985fa0 RCX: 00007fe08e72f749
[  324.178653][T17366] RDX: 0000000000000040 RSI: 0000000000000200 RDI: 0000200000000080
[  324.178678][T17366] RBP: 00007fe08d18f090 R08: 0000000000000000 R09: 0000000000000000
[  324.178696][T17366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  324.178742][T17366] R13: 00007fe08e986038 R14: 00007fe08e985fa0 R15: 00007ffe557a6ad8
[  324.178848][T17366]  </TASK>
[  324.361438][T17362] Symlink component flag not implemented
[  324.367312][T17362] Symlink component flag not implemented (7)
[  324.404430][T17373] option changes via remount are deprecated (pid=17372 comm=syz.3.4960)
[  324.466003][T17377] loop1: detected capacity change from 0 to 512
[  324.472776][T17377] EXT4-fs: dax option not supported
[  324.481107][T11079] Bluetooth: hci0: Frame reassembly failed (-84)
[  324.510845][T17383] program syz.3.4964 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  324.523932][T17383] loop3: detected capacity change from 0 to 128
[  324.564494][T17385] loop2: detected capacity change from 0 to 128
[  324.577358][T17385] syz.2.4959: attempt to access beyond end of device
[  324.577358][T17385] loop2: rw=2049, sector=138, nr_sectors = 112 limit=128
[  324.593959][T17385] syz.2.4959: attempt to access beyond end of device
[  324.593959][T17385] loop2: rw=2049, sector=142, nr_sectors = 2 limit=128
[  324.607497][T17385] Buffer I/O error on dev loop2, logical block 71, lost async page write
[  324.680231][T17387] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4965'.
[  324.833002][T17394] syzkaller0: entered promiscuous mode
[  324.838551][T17394] syzkaller0: entered allmulticast mode
[  324.929645][   T29] kauditd_printk_skb: 149 callbacks suppressed
[  324.929663][   T29] audit: type=1326 audit(1764607078.056:15807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17399 comm="syz.4.4969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55c641f749 code=0x7ffc0000
[  324.959652][   T29] audit: type=1326 audit(1764607078.056:15808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17399 comm="syz.4.4969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55c641f749 code=0x7ffc0000
[  324.984591][   T29] audit: type=1326 audit(1764607078.056:15809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17399 comm="syz.4.4969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7f55c641f749 code=0x7ffc0000
[  325.008223][   T29] audit: type=1326 audit(1764607078.056:15810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17399 comm="syz.4.4969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55c641f749 code=0x7ffc0000
[  325.032586][   T29] audit: type=1326 audit(1764607078.056:15811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17399 comm="syz.4.4969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55c641f749 code=0x7ffc0000
[  325.112843][T17418] program syz.0.4975 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  325.129510][   T29] audit: type=1326 audit(1764607078.256:15812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17419 comm="syz.4.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55c641f749 code=0x7ffc0000
[  325.153534][   T29] audit: type=1326 audit(1764607078.256:15813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17419 comm="syz.4.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=221 compat=0 ip=0x7f55c641f749 code=0x7ffc0000
[  325.173447][T17420] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2304 sclass=netlink_route_socket pid=17420 comm=syz.4.4976
[  325.177236][   T29] audit: type=1326 audit(1764607078.256:15814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17419 comm="syz.4.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55c641f749 code=0x7ffc0000
[  325.177271][   T29] audit: type=1326 audit(1764607078.256:15815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17419 comm="syz.4.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f55c641f749 code=0x7ffc0000
[  325.237176][   T29] audit: type=1326 audit(1764607078.256:15816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17419 comm="syz.4.4976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55c641f749 code=0x7ffc0000
[  325.316070][T17431] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17431 comm=syz.2.4980
[  325.369137][T17435] syzkaller0: entered promiscuous mode
[  325.374742][T17435] syzkaller0: entered allmulticast mode
[  325.386381][T17437] syzkaller0: entered promiscuous mode
[  325.391925][T17437] syzkaller0: entered allmulticast mode
[  325.460741][T17442] loop2: detected capacity change from 0 to 128
[  325.748486][T17454] loop3: detected capacity change from 0 to 764
[  325.756467][T17454] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  325.766645][T17453] syzkaller0: entered promiscuous mode
[  325.772328][T17453] syzkaller0: entered allmulticast mode
[  325.824202][T17457] Symlink component flag not implemented
[  325.830114][T17457] Symlink component flag not implemented (7)
[  325.881156][T17459] FAULT_INJECTION: forcing a failure.
[  325.881156][T17459] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  325.894474][T17459] CPU: 1 UID: 0 PID: 17459 Comm: syz.3.4991 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  325.894514][T17459] Tainted: [W]=WARN
[  325.894523][T17459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  325.894538][T17459] Call Trace:
[  325.894546][T17459]  <TASK>
[  325.894554][T17459]  __dump_stack+0x1d/0x30
[  325.894639][T17459]  dump_stack_lvl+0xe8/0x140
[  325.894747][T17459]  dump_stack+0x15/0x1b
[  325.894769][T17459]  should_fail_ex+0x265/0x280
[  325.894794][T17459]  should_fail+0xb/0x20
[  325.894890][T17459]  should_fail_usercopy+0x1a/0x20
[  325.894929][T17459]  _copy_from_iter+0xd2/0xe80
[  325.894955][T17459]  ? __build_skb_around+0x1ab/0x200
[  325.895008][T17459]  ? __alloc_skb+0x223/0x320
[  325.895114][T17459]  netlink_sendmsg+0x471/0x6b0
[  325.895139][T17459]  ? __pfx_netlink_sendmsg+0x10/0x10
[  325.895158][T17459]  __sock_sendmsg+0x145/0x180
[  325.895191][T17459]  ____sys_sendmsg+0x31e/0x4e0
[  325.895212][T17459]  ___sys_sendmsg+0x17b/0x1d0
[  325.895314][T17459]  __x64_sys_sendmsg+0xd4/0x160
[  325.895370][T17459]  x64_sys_call+0x191e/0x3000
[  325.895465][T17459]  do_syscall_64+0xd2/0x200
[  325.895483][T17459]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  325.895602][T17459]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  325.895632][T17459]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  325.895650][T17459] RIP: 0033:0x7fdea363f749
[  325.895664][T17459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  325.895696][T17459] RSP: 002b:00007fdea209f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  325.895726][T17459] RAX: ffffffffffffffda RBX: 00007fdea3895fa0 RCX: 00007fdea363f749
[  325.895738][T17459] RDX: 0000000000040004 RSI: 0000200000000280 RDI: 0000000000000009
[  325.895749][T17459] RBP: 00007fdea209f090 R08: 0000000000000000 R09: 0000000000000000
[  325.895760][T17459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  325.895771][T17459] R13: 00007fdea3896038 R14: 00007fdea3895fa0 R15: 00007fff7a1ea148
[  325.895790][T17459]  </TASK>
[  326.307572][T17468] loop4: detected capacity change from 0 to 128
[  326.420710][T17468] syz.4.4992: attempt to access beyond end of device
[  326.420710][T17468] loop4: rw=2049, sector=138, nr_sectors = 112 limit=128
[  326.436283][T17468] syz.4.4992: attempt to access beyond end of device
[  326.436283][T17468] loop4: rw=2049, sector=142, nr_sectors = 2 limit=128
[  326.449762][T17468] Buffer I/O error on dev loop4, logical block 71, lost async page write
[  326.483759][T17470] loop2: detected capacity change from 0 to 512
[  326.519195][ T3509] Bluetooth: hci0: command 0x1003 tx timeout
[  326.556458][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  326.565263][T17470] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  326.590608][T17470] ext4 filesystem being mounted at /382/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  326.644870][T17470] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #2: comm syz.2.4994: corrupted inode contents
[  326.666534][T17470] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #2: comm syz.2.4994: mark_inode_dirty error
[  326.666733][T17463] xt_TPROXY: Can be used only with -p tcp or -p udp
[  326.679766][T17470] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #2: comm syz.2.4994: corrupted inode contents
[  326.801565][T17480] FAULT_INJECTION: forcing a failure.
[  326.801565][T17480] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  326.814718][T17480] CPU: 1 UID: 0 PID: 17480 Comm: syz.3.4998 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  326.814746][T17480] Tainted: [W]=WARN
[  326.814752][T17480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  326.814763][T17480] Call Trace:
[  326.814771][T17480]  <TASK>
[  326.814780][T17480]  __dump_stack+0x1d/0x30
[  326.814804][T17480]  dump_stack_lvl+0xe8/0x140
[  326.814851][T17480]  dump_stack+0x15/0x1b
[  326.814867][T17480]  should_fail_ex+0x265/0x280
[  326.814889][T17480]  should_fail+0xb/0x20
[  326.814903][T17480]  should_fail_usercopy+0x1a/0x20
[  326.814922][T17480]  copy_fpstate_to_sigframe+0x628/0x7d0
[  326.814985][T17480]  ? copy_fpstate_to_sigframe+0xe6/0x7d0
[  326.815110][T17480]  ? x86_task_fpu+0x36/0x60
[  326.815135][T17480]  get_sigframe+0x34d/0x490
[  326.815151][T17480]  ? get_signal+0xdc7/0xf70
[  326.815179][T17480]  x64_setup_rt_frame+0xa8/0x580
[  326.815223][T17480]  arch_do_signal_or_restart+0x23e/0x440
[  326.815255][T17480]  exit_to_user_mode_loop+0x77/0x110
[  326.815294][T17480]  do_syscall_64+0x1d6/0x200
[  326.815319][T17480]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  326.815346][T17480]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  326.815383][T17480]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.815479][T17480] RIP: 0033:0x7fdea363e1ff
[  326.815494][T17480] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  326.815513][T17480] RSP: 002b:00007fdea209f030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  326.815534][T17480] RAX: 0000000000000001 RBX: 0000000000000004 RCX: 00007fdea363e1ff
[  326.815547][T17480] RDX: 0000000000000001 RSI: 00007fdea209f090 RDI: 0000000000000004
[  326.815561][T17480] RBP: 00007fdea209f090 R08: 0000000000000000 R09: 00007fdea209edf7
[  326.815574][T17480] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  326.815616][T17480] R13: 00007fdea3896038 R14: 00007fdea3895fa0 R15: 00007fff7a1ea148
[  326.815632][T17480]  </TASK>
[  327.223953][T17484] loop3: detected capacity change from 0 to 1024
[  327.243455][T17484] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  327.278221][T17484] netlink: 92 bytes leftover after parsing attributes in process `syz.3.5000'.
[  327.282770][T17489] ------------[ cut here ]------------
[  327.292740][T17489] verifier bug: REG INVARIANTS VIOLATION (false_reg1): range bounds violation u64=[0x2, 0x0] s64=[0x2, 0x0] u32=[0x2, 0x0] s32=[0x2, 0x0] var_off=(0x0, 0x0)
[  327.292852][T17485] loop4: detected capacity change from 0 to 8192
[  327.292941][T17484] netlink: 32 bytes leftover after parsing attributes in process `syz.3.5000'.
[  327.308804][T17489] WARNING: CPU: 1 PID: 17489 at kernel/bpf/verifier.c:2721 reg_bounds_sanity_check+0x673/0x680
[  327.334419][T17489] Modules linked in:
[  327.338373][T17489] CPU: 1 UID: 0 PID: 17489 Comm: syz.1.5001 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  327.349914][T17489] Tainted: [W]=WARN
[  327.353727][T17489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  327.363908][T17489] RIP: 0010:reg_bounds_sanity_check+0x673/0x680
[  327.370202][T17489] Code: 7c 24 18 41 ff 74 24 20 55 41 56 4d 89 ee 53 48 8b 5c 24 30 ff 74 24 40 ff 74 24 50 ff 74 24 30 e8 f2 f6 ba ff 48 83 c4 38 90 <0f> 0b 90 90 e9 02 fb ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90
[  327.389891][T17489] RSP: 0018:ffffc90005cef408 EFLAGS: 00010282
[  327.396008][T17489] RAX: dbd11acf51286400 RBX: ffff88810a076b50 RCX: ffff8881037ec200
[  327.404140][T17489] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[  327.412251][T17489] RBP: 0000000000000000 R08: 0001ffff86a2401f R09: 0000000000000000
[  327.420303][T17489] R10: ffffffff88e9a948 R11: ffffffff82229620 R12: ffff88810a076b10
[  327.428326][T17489] R13: ffff8881196e8000 R14: ffff8881196e8000 R15: ffff88810a076b48
[  327.436351][T17489] FS:  00007fe08d18f6c0(0000) GS:ffff8882aef10000(0000) knlGS:0000000000000000
[  327.445651][T17489] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  327.452356][T17489] CR2: 0000200000001000 CR3: 0000000118064000 CR4: 00000000003506f0
[  327.460411][T17489] DR0: 0000200000000300 DR1: 0000000000000000 DR2: 0000000000000000
[  327.468572][T17489] DR3: 0000000000000000 DR6: 00000000ffff0ff1 DR7: 0000000000000600
[  327.476661][T17489] Call Trace:
[  327.479952][T17489]  <TASK>
[  327.482896][T17489]  reg_set_min_max+0x215/0x260
[  327.487784][T17489]  check_cond_jmp_op+0x130d/0x19e0
[  327.493009][T17489]  do_check+0x3363/0x8460
[  327.497436][T17489]  ? __memcg_slab_post_alloc_hook+0x44c/0x580
[  327.503582][T17489]  ? __pfx_verbose+0x10/0x10
[  327.508272][T17489]  ? __pfx_disasm_kfunc_name+0x10/0x10
[  327.514044][T17489]  do_check_common+0xc5e/0x12b0
[  327.519096][T17489]  bpf_check+0xaaae/0xd9d0
[  327.523590][T17489]  ? __alloc_frozen_pages_noprof+0x188/0x360
[  327.529729][T17489]  ? alloc_pages_bulk_noprof+0x4a6/0x530
[  327.535490][T17489]  ? __vmap_pages_range_noflush+0xbc4/0xcf0
[  327.541432][T17489]  ? _find_next_zero_bit+0x64/0xa0
[  327.546586][T17489]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[  327.552674][T17489]  ? __rcu_read_unlock+0x4f/0x70
[  327.557717][T17489]  ? __perf_event_task_sched_in+0xa5b/0xac0
[  327.563713][T17489]  ? perf_cgroup_switch+0x10c/0x480
[  327.568962][T17489]  ? update_load_avg+0x1da/0x820
[  327.574019][T17489]  ? __list_add_valid_or_report+0x38/0xe0
[  327.579804][T17489]  ? finish_task_switch+0xad/0x2b0
[  327.585071][T17489]  ? __schedule+0x6b9/0xb30
[  327.589667][T17489]  ? should_fail_ex+0x30/0x280
[  327.594603][T17489]  ? should_failslab+0x8c/0xb0
[  327.599432][T17489]  ? __kmalloc_noprof+0x2a2/0x570
[  327.604499][T17489]  ? security_bpf_prog_load+0x60/0x140
[  327.610018][T17489]  ? selinux_bpf_prog_load+0xad/0xd0
[  327.615377][T17489]  ? security_bpf_prog_load+0x9e/0x140
[  327.620887][T17489]  bpf_prog_load+0xf6e/0x1100
[  327.625693][T17489]  ? security_bpf+0x2b/0x90
[  327.630227][T17489]  __sys_bpf+0x469/0x7c0
[  327.634519][T17489]  __x64_sys_bpf+0x41/0x50
[  327.639181][T17489]  x64_sys_call+0x2aee/0x3000
[  327.643909][T17489]  do_syscall_64+0xd2/0x200
[  327.648457][T17489]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  327.654547][T17489]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  327.660331][T17489]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.666269][T17489] RIP: 0033:0x7fe08e72f749
[  327.670697][T17489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  327.690636][T17489] RSP: 002b:00007fe08d18f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  327.699156][T17489] RAX: ffffffffffffffda RBX: 00007fe08e985fa0 RCX: 00007fe08e72f749
[  327.707157][T17489] RDX: 0000000000000048 RSI: 0000200000000100 RDI: 0000000000000005
[  327.715458][T17489] RBP: 00007fe08e7b3f91 R08: 0000000000000000 R09: 0000000000000000
[  327.723437][T17489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  327.731481][T17489] R13: 00007fe08e986038 R14: 00007fe08e985fa0 R15: 00007ffe557a6ad8
[  327.739487][T17489]  </TASK>
[  327.742544][T17489] ---[ end trace 0000000000000000 ]---
[  327.748925][T11698] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.758698][T12340] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.994245][T17516] program syz.3.5010 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  328.005923][T17516] loop3: detected capacity change from 0 to 128
[  328.096898][T17527] loop2: detected capacity change from 0 to 128
[  328.108792][T17527] syz.2.5009: attempt to access beyond end of device
[  328.108792][T17527] loop2: rw=2049, sector=138, nr_sectors = 112 limit=128
[  328.124497][T17527] syz.2.5009: attempt to access beyond end of device
[  328.124497][T17527] loop2: rw=2049, sector=142, nr_sectors = 2 limit=128
[  328.137965][T17527] Buffer I/O error on dev loop2, logical block 71, lost async page write
[  328.438477][T17518] syzkaller0: entered promiscuous mode
[  328.438500][T17518] syzkaller0: entered allmulticast mode
[  328.459578][T17537] FAULT_INJECTION: forcing a failure.
[  328.459578][T17537] name failslab, interval 1, probability 0, space 0, times 0
[  328.472366][T17537] CPU: 0 UID: 0 PID: 17537 Comm: syz.0.5015 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  328.472432][T17537] Tainted: [W]=WARN
[  328.472499][T17537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  328.472511][T17537] Call Trace:
[  328.472517][T17537]  <TASK>
[  328.472597][T17537]  __dump_stack+0x1d/0x30
[  328.472619][T17537]  dump_stack_lvl+0xe8/0x140
[  328.472639][T17537]  dump_stack+0x15/0x1b
[  328.472706][T17537]  should_fail_ex+0x265/0x280
[  328.472730][T17537]  should_failslab+0x8c/0xb0
[  328.472760][T17537]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  328.472832][T17537]  ? __alloc_skb+0x101/0x320
[  328.472870][T17537]  __alloc_skb+0x101/0x320
[  328.472897][T17537]  ? audit_log_start+0x342/0x720
[  328.472923][T17537]  audit_log_start+0x3a0/0x720
[  328.473004][T17537]  ? kstrtouint+0x76/0xc0
[  328.473035][T17537]  audit_seccomp+0x48/0x100
[  328.473080][T17537]  ? __seccomp_filter+0x82d/0x1250
[  328.473193][T17537]  __seccomp_filter+0x83e/0x1250
[  328.473259][T17537]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  328.473299][T17537]  ? vfs_write+0x7e8/0x960
[  328.473330][T17537]  ? __rcu_read_unlock+0x4f/0x70
[  328.473414][T17537]  ? __fget_files+0x184/0x1c0
[  328.473443][T17537]  __secure_computing+0x82/0x150
[  328.473474][T17537]  syscall_trace_enter+0xcf/0x1e0
[  328.473501][T17537]  do_syscall_64+0xac/0x200
[  328.473583][T17537]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  328.473615][T17537]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  328.473651][T17537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.473676][T17537] RIP: 0033:0x7fd0f2cbf749
[  328.473740][T17537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  328.473800][T17537] RSP: 002b:00007fd0f1727038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  328.473821][T17537] RAX: ffffffffffffffda RBX: 00007fd0f2f15fa0 RCX: 00007fd0f2cbf749
[  328.473835][T17537] RDX: 0000000000000000 RSI: 0000000000000092 RDI: 0000200000000580
[  328.473849][T17537] RBP: 00007fd0f1727090 R08: 0000000000000000 R09: 0000000000000000
[  328.473862][T17537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  328.473876][T17537] R13: 00007fd0f2f16038 R14: 00007fd0f2f15fa0 R15: 00007ffd3d048ae8
[  328.473897][T17537]  </TASK>
[  328.494272][T17528] syzkaller0: entered promiscuous mode
[  328.494290][T17528] syzkaller0: entered allmulticast mode
[  328.536425][T17539] netlink: 8 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  328.561703][T17539] pimreg: entered allmulticast mode
[  328.562587][T17539] pimreg: left allmulticast mode
[  328.677369][T17556] loop3: detected capacity change from 0 to 256
[  328.816950][T17556] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  328.890922][T17566] loop1: detected capacity change from 0 to 1024
[  328.914531][T17566] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  328.930026][T17566] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  328.945475][T17566] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  328.963848][T17566] EXT4-fs (loop1): orphan cleanup on readonly fs
[  328.974654][T17572] syzkaller0: entered promiscuous mode
[  328.980219][T17572] syzkaller0: entered allmulticast mode
[  328.980610][T17566] EXT4-fs error (device loop1): ext4_read_inode_bitmap:167: comm syz.1.5026: Inode bitmap for bg 0 marked uninitialized
[  329.015836][T17566] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  329.047434][T17566] EXT4-fs error (device loop1): ext4_search_dir:1474: inode #2: block 16: comm syz.1.5026: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  329.050355][T17574] syzkaller0: entered promiscuous mode
[  329.071321][T17574] syzkaller0: entered allmulticast mode
[  329.103170][T17566] EXT4-fs error (device loop1): ext4_search_dir:1474: inode #2: block 16: comm syz.1.5026: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  329.139073][T12170] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.258781][T17582] xt_TPROXY: Can be used only with -p tcp or -p udp
[  329.343133][T17587] netem: incorrect gi model size
[  329.348243][T17587] netem: change failed
[  329.673040][T17599] loop4: detected capacity change from 0 to 128
[  329.685956][T17599] syz.4.5036: attempt to access beyond end of device
[  329.685956][T17599] loop4: rw=2049, sector=138, nr_sectors = 112 limit=128
[  329.702327][T17599] syz.4.5036: attempt to access beyond end of device
[  329.702327][T17599] loop4: rw=2049, sector=142, nr_sectors = 2 limit=128
[  329.715879][T17599] Buffer I/O error on dev loop4, logical block 71, lost async page write
[  329.939415][   T29] kauditd_printk_skb: 1340 callbacks suppressed
[  329.939446][   T29] audit: type=1326 audit(1764607083.070:17151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17579 comm="syz.1.5030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe08e7265e7 code=0x7ffc0000
[  329.969331][   T29] audit: type=1326 audit(1764607083.070:17152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17579 comm="syz.1.5030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe08e6cb829 code=0x7ffc0000
[  329.993712][   T29] audit: type=1326 audit(1764607083.070:17153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17579 comm="syz.1.5030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fe08e72f749 code=0x7ffc0000
[  330.017353][   T29] audit: type=1326 audit(1764607083.130:17154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17579 comm="syz.1.5030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe08e7265e7 code=0x7ffc0000
[  330.040910][   T29] audit: type=1326 audit(1764607083.130:17155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17579 comm="syz.1.5030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe08e6cb829 code=0x7ffc0000
[  330.064459][   T29] audit: type=1326 audit(1764607083.130:17156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17579 comm="syz.1.5030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fe08e72f749 code=0x7ffc0000
[  330.090453][   T29] audit: type=1326 audit(1764607083.200:17157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17579 comm="syz.1.5030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe08e7265e7 code=0x7ffc0000
[  330.114099][   T29] audit: type=1326 audit(1764607083.200:17158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17579 comm="syz.1.5030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe08e6cb829 code=0x7ffc0000
[  330.138003][   T29] audit: type=1326 audit(1764607083.200:17159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17579 comm="syz.1.5030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fe08e72f749 code=0x7ffc0000
[  330.161595][   T29] audit: type=1326 audit(1764607083.200:17160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17579 comm="syz.1.5030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe08e7265e7 code=0x7ffc0000
[  330.250555][T17605] loop2: detected capacity change from 0 to 512
[  330.259142][T17605] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  330.291357][T17605] EXT4-fs (loop2): 1 truncate cleaned up
[  330.314229][T17614] syzkaller0: entered promiscuous mode
[  330.319865][T17614] syzkaller0: entered allmulticast mode
[  330.329694][T17605] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  330.384358][T17618] syzkaller0: entered promiscuous mode
[  330.390268][T17618] syzkaller0: entered allmulticast mode
[  330.522748][T17625] netlink: 44 bytes leftover after parsing attributes in process `syz.4.5047'.
[  330.593155][T12340] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.672409][T17639] loop2: detected capacity change from 0 to 128
[  330.694081][T17639] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  330.705636][T17644] FAULT_INJECTION: forcing a failure.
[  330.705636][T17644] name failslab, interval 1, probability 0, space 0, times 0
[  330.718312][T17644] CPU: 1 UID: 0 PID: 17644 Comm: syz.4.5054 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  330.718341][T17644] Tainted: [W]=WARN
[  330.718347][T17644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  330.718358][T17644] Call Trace:
[  330.718364][T17644]  <TASK>
[  330.718373][T17644]  __dump_stack+0x1d/0x30
[  330.718410][T17644]  dump_stack_lvl+0xe8/0x140
[  330.718432][T17644]  dump_stack+0x15/0x1b
[  330.718453][T17644]  should_fail_ex+0x265/0x280
[  330.718475][T17644]  should_failslab+0x8c/0xb0
[  330.718548][T17644]  kmem_cache_alloc_noprof+0x50/0x480
[  330.718641][T17644]  ? skb_clone+0x151/0x1f0
[  330.718667][T17644]  skb_clone+0x151/0x1f0
[  330.718690][T17644]  nfnetlink_rcv+0x2fc/0x16c0
[  330.718723][T17644]  ? kmem_cache_free+0xe4/0x3d0
[  330.718809][T17644]  ? __kfree_skb+0x109/0x150
[  330.718842][T17644]  ? nlmon_xmit+0x4f/0x60
[  330.718866][T17644]  ? nlmon_xmit+0x4f/0x60
[  330.718919][T17644]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  330.719030][T17644]  ? __dev_queue_xmit+0x1200/0x2000
[  330.719110][T17644]  ? __dev_queue_xmit+0x182/0x2000
[  330.719134][T17644]  ? ref_tracker_free+0x37d/0x3e0
[  330.719188][T17644]  netlink_unicast+0x5c0/0x690
[  330.719274][T17644]  netlink_sendmsg+0x58b/0x6b0
[  330.719295][T17644]  ? __pfx_netlink_sendmsg+0x10/0x10
[  330.719361][T17644]  __sock_sendmsg+0x145/0x180
[  330.719393][T17644]  ____sys_sendmsg+0x31e/0x4e0
[  330.719416][T17644]  ___sys_sendmsg+0x17b/0x1d0
[  330.719467][T17644]  __x64_sys_sendmsg+0xd4/0x160
[  330.719532][T17644]  x64_sys_call+0x191e/0x3000
[  330.719562][T17644]  do_syscall_64+0xd2/0x200
[  330.719584][T17644]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  330.719656][T17644]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  330.719731][T17644]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.719752][T17644] RIP: 0033:0x7f55c641f749
[  330.719822][T17644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  330.719845][T17644] RSP: 002b:00007f55c4e7f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  330.719868][T17644] RAX: ffffffffffffffda RBX: 00007f55c6675fa0 RCX: 00007f55c641f749
[  330.719884][T17644] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  330.719904][T17644] RBP: 00007f55c4e7f090 R08: 0000000000000000 R09: 0000000000000000
[  330.719916][T17644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  330.719955][T17644] R13: 00007f55c6676038 R14: 00007f55c6675fa0 R15: 00007ffc4bfc2f68
[  330.719976][T17644]  </TASK>
[  331.003001][T17645] syzkaller0: entered promiscuous mode
[  331.008587][T17645] syzkaller0: entered allmulticast mode
[  331.038720][T17650] loop2: detected capacity change from 0 to 512
[  331.046164][T17650] EXT4-fs: Ignoring removed orlov option
[  331.051968][T17650] EXT4-fs: Ignoring removed i_version option
[  331.058093][T17650] EXT4-fs: Ignoring removed nomblk_io_submit option
[  331.075283][T17650] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  331.083226][T17650] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e118, mo2=0002]
[  331.091837][T17650] EXT4-fs (loop2): orphan cleanup on readonly fs
[  331.098335][T17650] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  331.113161][T17650] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  331.121951][T17650] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.5058: bg 0: block 40: padding at end of block bitmap is not set
[  331.148517][T17650] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  331.168818][T17650] EXT4-fs (loop2): 1 truncate cleaned up
[  331.175109][T17650] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  331.192914][T17657] xt_TPROXY: Can be used only with -p tcp or -p udp
[  331.212812][T17650] EXT4-fs error (device loop2): ext4_encrypted_get_link:46: inode #16: comm syz.2.5058: bad symlink.
[  331.233564][T17650] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5058'.
[  331.249207][T17659] loop3: detected capacity change from 0 to 128
[  331.262175][T17659] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  331.296143][T12340] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.307521][T17659] ext4 filesystem being mounted at /396/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  331.341762][T17661] syzkaller0: entered promiscuous mode
[  331.347331][T17661] syzkaller0: entered allmulticast mode
[  331.488090][T17673] loop4: detected capacity change from 0 to 128
[  331.519449][T17673] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  331.527334][T17673] FAT-fs (loop4): Filesystem has been set read-only
[  331.548430][T17671] syzkaller0: entered promiscuous mode
[  331.553963][T17671] syzkaller0: entered allmulticast mode
[  331.554186][T17673] syz.4.5066: attempt to access beyond end of device
[  331.554186][T17673] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  331.597270][T17673] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  331.605188][T17673] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  331.613297][T17673] syz.4.5066: attempt to access beyond end of device
[  331.613297][T17673] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  331.626997][T17673] syz.4.5066: attempt to access beyond end of device
[  331.626997][T17673] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  331.759606][T17684] FAULT_INJECTION: forcing a failure.
[  331.759606][T17684] name failslab, interval 1, probability 0, space 0, times 0
[  331.772371][T17684] CPU: 0 UID: 0 PID: 17684 Comm: syz.2.5071 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  331.772407][T17684] Tainted: [W]=WARN
[  331.772414][T17684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  331.772425][T17684] Call Trace:
[  331.772432][T17684]  <TASK>
[  331.772440][T17684]  __dump_stack+0x1d/0x30
[  331.772491][T17684]  dump_stack_lvl+0xe8/0x140
[  331.772517][T17684]  dump_stack+0x15/0x1b
[  331.772536][T17684]  should_fail_ex+0x265/0x280
[  331.772604][T17684]  should_failslab+0x8c/0xb0
[  331.772640][T17684]  __kvmalloc_node_noprof+0x12e/0x670
[  331.772809][T17684]  ? xt_alloc_entry_offsets+0x4d/0x60
[  331.772846][T17684]  xt_alloc_entry_offsets+0x4d/0x60
[  331.772901][T17684]  translate_table+0xa9/0x1070
[  331.772921][T17684]  ? __rcu_read_unlock+0x4f/0x70
[  331.772971][T17684]  ? __memcg_slab_post_alloc_hook+0x44c/0x580
[  331.772996][T17684]  ? should_fail_ex+0xdb/0x280
[  331.773015][T17684]  ? _copy_from_user+0x89/0xb0
[  331.773048][T17684]  do_ip6t_set_ctl+0x678/0x840
[  331.773081][T17684]  ? kstrtoull+0x111/0x140
[  331.773181][T17684]  ? __rcu_read_unlock+0x4f/0x70
[  331.773231][T17684]  nf_setsockopt+0x199/0x1b0
[  331.773262][T17684]  ipv6_setsockopt+0x11a/0x130
[  331.773280][T17684]  tcp_setsockopt+0x98/0xb0
[  331.773361][T17684]  sock_common_setsockopt+0x69/0x80
[  331.773394][T17684]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  331.773427][T17684]  __sys_setsockopt+0x184/0x200
[  331.773460][T17684]  __x64_sys_setsockopt+0x64/0x80
[  331.773562][T17684]  x64_sys_call+0x20ec/0x3000
[  331.773585][T17684]  do_syscall_64+0xd2/0x200
[  331.773606][T17684]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  331.773632][T17684]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  331.773737][T17684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.773764][T17684] RIP: 0033:0x7fbeb0e1f749
[  331.773781][T17684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  331.773801][T17684] RSP: 002b:00007fbeaf87f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  331.773867][T17684] RAX: ffffffffffffffda RBX: 00007fbeb1075fa0 RCX: 00007fbeb0e1f749
[  331.773880][T17684] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  331.773891][T17684] RBP: 00007fbeaf87f090 R08: 00000000000006f0 R09: 0000000000000000
[  331.773903][T17684] R10: 0000200000000700 R11: 0000000000000246 R12: 0000000000000001
[  331.773932][T17684] R13: 00007fbeb1076038 R14: 00007fbeb1075fa0 R15: 00007ffef8d91378
[  331.773955][T17684]  </TASK>
[  332.032544][T17677] loop4: detected capacity change from 0 to 8192
[  332.086684][T12333] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  332.094263][T12333] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  332.101719][T12333] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  332.109162][T12333] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  332.116625][T12333] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  332.124054][T12333] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  332.131494][T12333] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  332.138997][T12333] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  332.146423][T12333] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  332.153836][T12333] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  332.164986][T11698] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  332.187648][T17689] loop2: detected capacity change from 0 to 764
[  332.201469][T17689] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  332.211091][T17689] Symlink component flag not implemented
[  332.217462][T17689] Symlink component flag not implemented (7)
[  332.256057][T12333] hid-generic 0003:0004:0000.0001: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  332.299377][T17698] loop1: detected capacity change from 0 to 512
[  332.333609][T17698] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  332.372603][T17698] veth2: entered promiscuous mode
[  332.377952][T17698] veth2: entered allmulticast mode
[  332.477837][T17711] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5079'.
[  332.497353][T12170] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.509417][T17711] vlan2: entered promiscuous mode
[  332.514469][T17711] gretap0: entered promiscuous mode
[  332.538662][T17713] FAULT_INJECTION: forcing a failure.
[  332.538662][T17713] name failslab, interval 1, probability 0, space 0, times 0
[  332.551522][T17713] CPU: 1 UID: 0 PID: 17713 Comm: syz.2.5083 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  332.551592][T17713] Tainted: [W]=WARN
[  332.551601][T17713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  332.551616][T17713] Call Trace:
[  332.551624][T17713]  <TASK>
[  332.551631][T17713]  __dump_stack+0x1d/0x30
[  332.551652][T17713]  dump_stack_lvl+0xe8/0x140
[  332.551721][T17713]  dump_stack+0x15/0x1b
[  332.551742][T17713]  should_fail_ex+0x265/0x280
[  332.551773][T17713]  should_failslab+0x8c/0xb0
[  332.551816][T17713]  __kvmalloc_node_noprof+0x12e/0x670
[  332.551858][T17713]  ? pfifo_fast_init+0xce/0x360
[  332.551888][T17713]  ? __pfx_pfifo_fast_dequeue+0x10/0x10
[  332.551944][T17713]  pfifo_fast_init+0xce/0x360
[  332.552037][T17713]  qdisc_create_dflt+0xef/0x2d0
[  332.552114][T17713]  mq_init+0x1b6/0x380
[  332.552133][T17713]  ? __rcu_read_unlock+0x4f/0x70
[  332.552158][T17713]  qdisc_create_dflt+0xef/0x2d0
[  332.552200][T17713]  ? dev_activate+0xbb/0x9e0
[  332.552290][T17713]  dev_activate+0xde/0x9e0
[  332.552319][T17713]  ? _raw_spin_unlock_bh+0x36/0x40
[  332.552350][T17713]  __dev_open+0x472/0x530
[  332.552433][T17713]  __dev_change_flags+0x163/0x400
[  332.552472][T17713]  netif_change_flags+0x5a/0xd0
[  332.552576][T17713]  dev_change_flags+0xce/0x180
[  332.552606][T17713]  ? netdev_name_node_lookup+0xa4/0xd0
[  332.552706][T17713]  dev_ifsioc+0x44b/0xaa0
[  332.552725][T17713]  ? __rcu_read_unlock+0x4f/0x70
[  332.552749][T17713]  dev_ioctl+0x70a/0x960
[  332.552779][T17713]  sock_do_ioctl+0x197/0x220
[  332.552835][T17713]  sock_ioctl+0x41b/0x610
[  332.552862][T17713]  ? __pfx_sock_ioctl+0x10/0x10
[  332.552944][T17713]  __se_sys_ioctl+0xce/0x140
[  332.552963][T17713]  __x64_sys_ioctl+0x43/0x50
[  332.552984][T17713]  x64_sys_call+0x1816/0x3000
[  332.553004][T17713]  do_syscall_64+0xd2/0x200
[  332.553028][T17713]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  332.553131][T17713]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  332.553161][T17713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.553181][T17713] RIP: 0033:0x7fbeb0e1f749
[  332.553198][T17713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.553286][T17713] RSP: 002b:00007fbeaf87f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  332.553305][T17713] RAX: ffffffffffffffda RBX: 00007fbeb1075fa0 RCX: 00007fbeb0e1f749
[  332.553315][T17713] RDX: 00002000000000c0 RSI: 0000000000008914 RDI: 0000000000000004
[  332.553326][T17713] RBP: 00007fbeaf87f090 R08: 0000000000000000 R09: 0000000000000000
[  332.553339][T17713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  332.553401][T17713] R13: 00007fbeb1076038 R14: 00007fbeb1075fa0 R15: 00007ffef8d91378
[  332.553421][T17713]  </TASK>
[  332.553450][T17713] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  332.579945][T17715] FAULT_INJECTION: forcing a failure.
[  332.579945][T17715] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  332.600787][T17713] syzkaller0: entered promiscuous mode
[  332.602902][T17715] CPU: 0 UID: 0 PID: 17715 Comm: syz.4.5085 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  332.603028][T17715] Tainted: [W]=WARN
[  332.603035][T17715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  332.603059][T17715] Call Trace:
[  332.603067][T17715]  <TASK>
[  332.603075][T17715]  __dump_stack+0x1d/0x30
[  332.603107][T17715]  dump_stack_lvl+0xe8/0x140
[  332.603132][T17715]  dump_stack+0x15/0x1b
[  332.603152][T17715]  should_fail_ex+0x265/0x280
[  332.603175][T17715]  should_fail+0xb/0x20
[  332.603217][T17715]  should_fail_usercopy+0x1a/0x20
[  332.603245][T17715]  strncpy_from_user+0x25/0x230
[  332.603278][T17715]  ? kmem_cache_alloc_noprof+0x242/0x480
[  332.603346][T17715]  ? getname_flags+0x80/0x3b0
[  332.603399][T17715]  getname_flags+0xae/0x3b0
[  332.603476][T17715]  user_path_at+0x28/0x130
[  332.603500][T17715]  __x64_sys_umount+0x85/0xe0
[  332.603527][T17715]  x64_sys_call+0xdd2/0x3000
[  332.603553][T17715]  do_syscall_64+0xd2/0x200
[  332.603620][T17715]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  332.603697][T17715]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  332.603736][T17715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.603832][T17715] RIP: 0033:0x7f55c641f749
[  332.603849][T17715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.603870][T17715] RSP: 002b:00007f55c4e7f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  332.603893][T17715] RAX: ffffffffffffffda RBX: 00007f55c6675fa0 RCX: 00007f55c641f749
[  332.603908][T17715] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000002c0
[  332.603923][T17715] RBP: 00007f55c4e7f090 R08: 0000000000000000 R09: 0000000000000000
[  332.603973][T17715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  332.603988][T17715] R13: 00007f55c6676038 R14: 00007f55c6675fa0 R15: 00007ffc4bfc2f68
[  332.604010][T17715]  </TASK>
[  333.041428][T17713] syzkaller0: entered allmulticast mode
[  333.047994][T17717] program syz.0.5086 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  333.065203][T17726] loop1: detected capacity change from 0 to 128
[  333.080612][T17726] syz.1.5088: attempt to access beyond end of device
[  333.080612][T17726] loop1: rw=2049, sector=138, nr_sectors = 112 limit=128
[  333.114959][T17726] syz.1.5088: attempt to access beyond end of device
[  333.114959][T17726] loop1: rw=2049, sector=142, nr_sectors = 2 limit=128
[  333.128457][T17726] Buffer I/O error on dev loop1, logical block 71, lost async page write
[  333.154807][T17726] xt_TPROXY: Can be used only with -p tcp or -p udp
[  333.307057][T17742] netlink: 'syz.3.5091': attribute type 30 has an invalid length.
[  333.377877][T17749] FAULT_INJECTION: forcing a failure.
[  333.377877][T17749] name failslab, interval 1, probability 0, space 0, times 0
[  333.390585][T17749] CPU: 0 UID: 0 PID: 17749 Comm: syz.0.5096 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  333.390700][T17749] Tainted: [W]=WARN
[  333.390708][T17749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  333.390720][T17749] Call Trace:
[  333.390806][T17749]  <TASK>
[  333.390816][T17749]  __dump_stack+0x1d/0x30
[  333.390922][T17749]  dump_stack_lvl+0xe8/0x140
[  333.390946][T17749]  dump_stack+0x15/0x1b
[  333.390966][T17749]  should_fail_ex+0x265/0x280
[  333.390990][T17749]  should_failslab+0x8c/0xb0
[  333.391100][T17749]  __kmalloc_noprof+0xa5/0x570
[  333.391204][T17749]  ? security_prepare_creds+0x52/0x120
[  333.391251][T17749]  security_prepare_creds+0x52/0x120
[  333.391343][T17749]  prepare_creds+0x34a/0x4c0
[  333.391376][T17749]  selinux_lsm_setattr+0x1a4/0x660
[  333.391421][T17749]  selinux_setprocattr+0x4f/0x70
[  333.391459][T17749]  security_setprocattr+0x1a7/0x1d0
[  333.391498][T17749]  proc_pid_attr_write+0x1eb/0x220
[  333.391549][T17749]  ? __pfx_proc_pid_attr_write+0x10/0x10
[  333.391612][T17749]  vfs_write+0x269/0x960
[  333.391635][T17749]  ? __rcu_read_unlock+0x4f/0x70
[  333.391660][T17749]  ? __fget_files+0x184/0x1c0
[  333.391766][T17749]  ksys_write+0xda/0x1a0
[  333.391797][T17749]  __x64_sys_write+0x40/0x50
[  333.391845][T17749]  x64_sys_call+0x2802/0x3000
[  333.391892][T17749]  do_syscall_64+0xd2/0x200
[  333.391913][T17749]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  333.391946][T17749]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  333.392026][T17749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.392048][T17749] RIP: 0033:0x7fd0f2cbf749
[  333.392063][T17749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.392087][T17749] RSP: 002b:00007fd0f1727038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  333.392111][T17749] RAX: ffffffffffffffda RBX: 00007fd0f2f15fa0 RCX: 00007fd0f2cbf749
[  333.392126][T17749] RDX: 000000000000001d RSI: 0000200000000100 RDI: 0000000000000006
[  333.392139][T17749] RBP: 00007fd0f1727090 R08: 0000000000000000 R09: 0000000000000000
[  333.392151][T17749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  333.392164][T17749] R13: 00007fd0f2f16038 R14: 00007fd0f2f15fa0 R15: 00007ffd3d048ae8
[  333.392266][T17749]  </TASK>
[  333.466447][T17755] loop2: detected capacity change from 0 to 128
[  333.523026][T17756] xt_TPROXY: Can be used only with -p tcp or -p udp
[  333.673075][T17762] netlink: 80 bytes leftover after parsing attributes in process `syz.0.5102'.
[  333.700583][T17755] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  333.700769][T17755] ext4 filesystem being mounted at /403/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  333.795773][T17769] warn_alloc: 11 callbacks suppressed
[  333.795790][T17769] syz.0.5104: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  333.815804][T17769] CPU: 1 UID: 0 PID: 17769 Comm: syz.0.5104 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  333.815844][T17769] Tainted: [W]=WARN
[  333.815919][T17769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  333.815935][T17769] Call Trace:
[  333.815943][T17769]  <TASK>
[  333.815953][T17769]  __dump_stack+0x1d/0x30
[  333.815981][T17769]  dump_stack_lvl+0xe8/0x140
[  333.816083][T17769]  dump_stack+0x15/0x1b
[  333.816105][T17769]  warn_alloc+0x12b/0x1a0
[  333.816218][T17769]  ? __rcu_read_unlock+0x4f/0x70
[  333.816248][T17769]  __vmalloc_node_range_noprof+0x9d/0xed0
[  333.816280][T17769]  ? __futex_wait+0x1fa/0x260
[  333.816300][T17769]  ? __pfx_futex_wake_mark+0x10/0x10
[  333.816380][T17769]  ? __rcu_read_unlock+0x4f/0x70
[  333.816412][T17769]  ? avc_has_perm_noaudit+0x1b1/0x200
[  333.816437][T17769]  ? should_fail_ex+0x30/0x280
[  333.816509][T17769]  ? xskq_create+0x36/0xe0
[  333.816536][T17769]  vmalloc_user_noprof+0x7d/0xb0
[  333.816576][T17769]  ? xskq_create+0x80/0xe0
[  333.816609][T17769]  xskq_create+0x80/0xe0
[  333.816631][T17769]  xsk_init_queue+0x95/0xf0
[  333.816722][T17769]  xsk_setsockopt+0x3f5/0x640
[  333.816742][T17769]  ? __pfx_xsk_setsockopt+0x10/0x10
[  333.816768][T17769]  __sys_setsockopt+0x184/0x200
[  333.816856][T17769]  __x64_sys_setsockopt+0x64/0x80
[  333.816925][T17769]  x64_sys_call+0x20ec/0x3000
[  333.816965][T17769]  do_syscall_64+0xd2/0x200
[  333.816991][T17769]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  333.817094][T17769]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  333.817126][T17769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.817208][T17769] RIP: 0033:0x7fd0f2cbf749
[  333.817228][T17769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.817249][T17769] RSP: 002b:00007fd0f1727038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  333.817272][T17769] RAX: ffffffffffffffda RBX: 00007fd0f2f15fa0 RCX: 00007fd0f2cbf749
[  333.817323][T17769] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[  333.817336][T17769] RBP: 00007fd0f2d43f91 R08: 0000000000000004 R09: 0000000000000000
[  333.817403][T17769] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  333.817414][T17769] R13: 00007fd0f2f16038 R14: 00007fd0f2f15fa0 R15: 00007ffd3d048ae8
[  333.817432][T17769]  </TASK>
[  333.817506][T17769] Mem-Info:
[  334.052738][T17769] active_anon:7732 inactive_anon:4 isolated_anon:0
[  334.052738][T17769]  active_file:25561 inactive_file:2396 isolated_file:0
[  334.052738][T17769]  unevictable:19780 dirty:12 writeback:0
[  334.052738][T17769]  slab_reclaimable:3559 slab_unreclaimable:31588
[  334.052738][T17769]  mapped:33562 shmem:4412 pagetables:911
[  334.052738][T17769]  sec_pagetables:0 bounce:0
[  334.052738][T17769]  kernel_misc_reclaimable:0
[  334.052738][T17769]  free:1845299 free_pcp:8751 free_cma:0
[  334.097877][T17769] Node 0 active_anon:25708kB inactive_anon:16kB active_file:102244kB inactive_file:9584kB unevictable:79120kB isolated(anon):0kB isolated(file):0kB mapped:134248kB dirty:48kB writeback:0kB shmem:12428kB kernel_stack:4160kB pagetables:3644kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  334.125838][T17769] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  334.155462][T17769] lowmem_reserve[]: 0 2881 7859 7859
[  334.160859][T17769] Node 0 DMA32 free:2946728kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2950256kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:0kB free_cma:0kB
[  334.192442][T17769] lowmem_reserve[]: 0 0 4978 4978
[  334.197771][T17769] Node 0 Normal free:4419108kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:25708kB inactive_anon:16kB active_file:102244kB inactive_file:9584kB unevictable:79120kB writepending:48kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:36692kB local_pcp:21956kB free_cma:0kB
[  334.231185][T17769] lowmem_reserve[]: 0 0 0 0
[  334.235807][T17769] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  334.248561][T17769] Node 0 DMA32: 6*4kB (M) 4*8kB (M) 3*16kB (M) 2*32kB (M) 4*64kB (M) 2*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2946728kB
[  334.264743][T17769] Node 0 Normal: 555*4kB (UME) 605*8kB (UME) 681*16kB (UME) 26*32kB (UME) 367*64kB (UME) 328*128kB (UME) 209*256kB (UME) 108*512kB (UME) 71*1024kB (UME) 80*2048kB (UME) 974*4096kB (UM) = 4419108kB
[  334.284287][T17769] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  334.293602][T17769] 50870 total pagecache pages
[  334.298382][T17769] 6 pages in swap cache
[  334.302543][T17769] Free swap  = 124720kB
[  334.306732][T17769] Total swap = 124996kB
[  334.310894][T17769] 2097051 pages RAM
[  334.315145][T17769] 0 pages HighMem/MovableOnly
[  334.319866][T17769] 81087 pages reserved
[  334.324613][T12340] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  334.382049][T17778] FAULT_INJECTION: forcing a failure.
[  334.382049][T17778] name failslab, interval 1, probability 0, space 0, times 0
[  334.395122][T17778] CPU: 0 UID: 0 PID: 17778 Comm: syz.2.5106 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  334.395152][T17778] Tainted: [W]=WARN
[  334.395209][T17778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  334.395225][T17778] Call Trace:
[  334.395233][T17778]  <TASK>
[  334.395241][T17778]  __dump_stack+0x1d/0x30
[  334.395269][T17778]  dump_stack_lvl+0xe8/0x140
[  334.395353][T17778]  dump_stack+0x15/0x1b
[  334.395374][T17778]  should_fail_ex+0x265/0x280
[  334.395398][T17778]  should_failslab+0x8c/0xb0
[  334.395432][T17778]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[  334.395493][T17778]  ? sidtab_sid2str_get+0xa0/0x130
[  334.395536][T17778]  kmemdup_noprof+0x2b/0x70
[  334.395561][T17778]  sidtab_sid2str_get+0xa0/0x130
[  334.395594][T17778]  security_sid_to_context_core+0x1eb/0x2e0
[  334.395705][T17778]  security_sid_to_context+0x27/0x40
[  334.395732][T17778]  selinux_lsmprop_to_secctx+0x67/0xf0
[  334.395771][T17778]  security_lsmprop_to_secctx+0x1a3/0x1c0
[  334.395839][T17778]  audit_log_subj_ctx+0xa4/0x3e0
[  334.395859][T17778]  ? skb_put+0xa9/0xf0
[  334.395962][T17778]  audit_log_task_context+0x48/0x70
[  334.395989][T17778]  audit_log_task+0xf4/0x250
[  334.396020][T17778]  ? kstrtouint+0x76/0xc0
[  334.396122][T17778]  audit_seccomp+0x61/0x100
[  334.396216][T17778]  ? __seccomp_filter+0x82d/0x1250
[  334.396243][T17778]  __seccomp_filter+0x83e/0x1250
[  334.396276][T17778]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  334.396357][T17778]  ? vfs_write+0x7e8/0x960
[  334.396383][T17778]  ? __rcu_read_unlock+0x4f/0x70
[  334.396410][T17778]  ? __fget_files+0x184/0x1c0
[  334.396444][T17778]  __secure_computing+0x82/0x150
[  334.396500][T17778]  syscall_trace_enter+0xcf/0x1e0
[  334.396546][T17778]  do_syscall_64+0xac/0x200
[  334.396577][T17778]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  334.396629][T17778]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  334.396672][T17778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.396703][T17778] RIP: 0033:0x7fbeb0e1f749
[  334.396720][T17778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.396741][T17778] RSP: 002b:00007fbeaf87f038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d
[  334.396763][T17778] RAX: ffffffffffffffda RBX: 00007fbeb1075fa0 RCX: 00007fbeb0e1f749
[  334.396777][T17778] RDX: 00002000000009c0 RSI: 000000000000000e RDI: 0000000000000023
[  334.396798][T17778] RBP: 00007fbeaf87f090 R08: 0000000000000000 R09: 0000000000000000
[  334.396813][T17778] R10: 0000000000000068 R11: 0000000000000246 R12: 0000000000000001
[  334.396827][T17778] R13: 00007fbeb1076038 R14: 00007fbeb1075fa0 R15: 00007ffef8d91378
[  334.396845][T17778]  </TASK>
[  334.673567][T17778] loop2: detected capacity change from 0 to 512
[  334.696425][T17778] EXT4-fs (loop2): too many log groups per flexible block group
[  334.717140][T17778] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  334.723964][T17778] EXT4-fs (loop2): mount failed
[  335.146095][   T29] kauditd_printk_skb: 244 callbacks suppressed
[  335.146113][   T29] audit: type=1326 audit(1764607088.020:17403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17804 comm="syz.4.5115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55c641f749 code=0x7ffc0000
[  335.175857][   T29] audit: type=1326 audit(1764607088.020:17404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17804 comm="syz.4.5115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55c641f749 code=0x7ffc0000
[  335.199422][   T29] audit: type=1326 audit(1764607088.020:17405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17804 comm="syz.4.5115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f55c641f749 code=0x7ffc0000
[  335.223082][   T29] audit: type=1326 audit(1764607088.020:17406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17804 comm="syz.4.5115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55c641f749 code=0x7ffc0000
[  335.246664][   T29] audit: type=1326 audit(1764607088.020:17407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17804 comm="syz.4.5115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f55c641f749 code=0x7ffc0000
[  335.270398][   T29] audit: type=1326 audit(1764607088.020:17408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17804 comm="syz.4.5115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55c641f749 code=0x7ffc0000
[  335.294064][   T29] audit: type=1326 audit(1764607088.020:17409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17804 comm="syz.4.5115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f55c641f749 code=0x7ffc0000
[  335.317861][   T29] audit: type=1326 audit(1764607088.020:17410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17804 comm="syz.4.5115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55c641f749 code=0x7ffc0000
[  335.341462][   T29] audit: type=1326 audit(1764607088.020:17411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17804 comm="syz.4.5115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f55c641f749 code=0x7ffc0000
[  335.365104][   T29] audit: type=1326 audit(1764607088.020:17412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17804 comm="syz.4.5115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55c641f749 code=0x7ffc0000
[  335.398261][T17805] loop4: detected capacity change from 0 to 512
[  335.426702][T17805] EXT4-fs (loop4): too many log groups per flexible block group
[  335.434507][T17805] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  335.441567][T17805] EXT4-fs (loop4): mount failed
[  335.664512][T17817] syzkaller0: entered promiscuous mode
[  335.670107][T17817] syzkaller0: entered allmulticast mode
[  335.738934][T17825] FAULT_INJECTION: forcing a failure.
[  335.738934][T17825] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  335.752074][T17825] CPU: 1 UID: 0 PID: 17825 Comm: syz.1.5120 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  335.752113][T17825] Tainted: [W]=WARN
[  335.752120][T17825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  335.752147][T17825] Call Trace:
[  335.752156][T17825]  <TASK>
[  335.752166][T17825]  __dump_stack+0x1d/0x30
[  335.752192][T17825]  dump_stack_lvl+0xe8/0x140
[  335.752212][T17825]  dump_stack+0x15/0x1b
[  335.752234][T17825]  should_fail_ex+0x265/0x280
[  335.752307][T17825]  should_fail+0xb/0x20
[  335.752335][T17825]  should_fail_usercopy+0x1a/0x20
[  335.752362][T17825]  _copy_to_iter+0x251/0xe70
[  335.752530][T17825]  ? should_fail_ex+0x30/0x280
[  335.752607][T17825]  ? should_fail_ex+0xdb/0x280
[  335.752631][T17825]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  335.752652][T17825]  __skb_datagram_iter+0xc6/0x690
[  335.752671][T17825]  ? __account_obj_stock+0x211/0x350
[  335.752782][T17825]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  335.752805][T17825]  __skb_datagram_iter+0x526/0x690
[  335.752823][T17825]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  335.752867][T17825]  skb_copy_datagram_iter+0x3d/0x110
[  335.752893][T17825]  tipc_recvmsg+0x4cc/0x9d0
[  335.753004][T17825]  ? __pfx_tipc_recvmsg+0x10/0x10
[  335.753054][T17825]  sock_recvmsg+0x139/0x170
[  335.753133][T17825]  ____sys_recvmsg+0xf5/0x280
[  335.753276][T17825]  ___sys_recvmsg+0x11f/0x370
[  335.753309][T17825]  do_recvmmsg+0x1ef/0x540
[  335.753340][T17825]  ? fput+0x8f/0xc0
[  335.753399][T17825]  __x64_sys_recvmmsg+0xe5/0x170
[  335.753420][T17825]  x64_sys_call+0x27aa/0x3000
[  335.753446][T17825]  do_syscall_64+0xd2/0x200
[  335.753505][T17825]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  335.753536][T17825]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  335.753568][T17825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.753594][T17825] RIP: 0033:0x7fe08e72f749
[  335.753613][T17825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.753663][T17825] RSP: 002b:00007fe08d16e038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  335.753684][T17825] RAX: ffffffffffffffda RBX: 00007fe08e986090 RCX: 00007fe08e72f749
[  335.753696][T17825] RDX: 0000000000000001 RSI: 00002000000023c0 RDI: 0000000000000003
[  335.753709][T17825] RBP: 00007fe08d16e090 R08: 0000000000000000 R09: 0000000000000000
[  335.753724][T17825] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000001
[  335.753772][T17825] R13: 00007fe08e986128 R14: 00007fe08e986090 R15: 00007ffe557a6ad8
[  335.753789][T17825]  </TASK>
[  336.058883][T17832] xt_TPROXY: Can be used only with -p tcp or -p udp
[  336.385437][T17831] netlink: 199828 bytes leftover after parsing attributes in process `syz.4.5122'.
[  336.708095][T17848] loop4: detected capacity change from 0 to 764
[  336.722941][T17848] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  336.747483][T17848] Symlink component flag not implemented
[  336.757733][T17848] Symlink component flag not implemented (7)
[  336.774491][T17867] syzkaller0: entered promiscuous mode
[  336.780087][T17867] syzkaller0: entered allmulticast mode
[  336.855731][T17874] loop1: detected capacity change from 0 to 128
[  336.923251][T17865] netlink: 'syz.3.5133': attribute type 1 has an invalid length.
[  336.951682][T17865] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5133'.
[  337.053144][T17881] xt_TPROXY: Can be used only with -p tcp or -p udp
[  337.081488][T17884] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5127 sclass=netlink_route_socket pid=17884 comm=syz.4.5140
[  337.110461][T17884] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5127 sclass=netlink_route_socket pid=17884 comm=syz.4.5140
[  337.135236][T17884] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5127 sclass=netlink_route_socket pid=17884 comm=syz.4.5140
[  337.160771][T17884] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5127 sclass=netlink_route_socket pid=17884 comm=syz.4.5140
[  337.181080][T17884] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5127 sclass=netlink_route_socket pid=17884 comm=syz.4.5140
[  337.211713][T17884] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5127 sclass=netlink_route_socket pid=17884 comm=syz.4.5140
[  337.233007][T17884] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5127 sclass=netlink_route_socket pid=17884 comm=syz.4.5140
[  337.258174][T17884] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5127 sclass=netlink_route_socket pid=17884 comm=syz.4.5140
[  337.287375][T17884] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5127 sclass=netlink_route_socket pid=17884 comm=syz.4.5140
[  337.303687][T17879] netlink: 199828 bytes leftover after parsing attributes in process `syz.3.5138'.
[  337.313891][T17884] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5127 sclass=netlink_route_socket pid=17884 comm=syz.4.5140
[  337.427400][T17897] FAULT_INJECTION: forcing a failure.
[  337.427400][T17897] name failslab, interval 1, probability 0, space 0, times 0
[  337.440275][T17897] CPU: 1 UID: 0 PID: 17897 Comm: syz.0.5144 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  337.440335][T17897] Tainted: [W]=WARN
[  337.440344][T17897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  337.440360][T17897] Call Trace:
[  337.440368][T17897]  <TASK>
[  337.440387][T17897]  __dump_stack+0x1d/0x30
[  337.440409][T17897]  dump_stack_lvl+0xe8/0x140
[  337.440434][T17897]  dump_stack+0x15/0x1b
[  337.440457][T17897]  should_fail_ex+0x265/0x280
[  337.440500][T17897]  should_failslab+0x8c/0xb0
[  337.440535][T17897]  __kmalloc_noprof+0xa5/0x570
[  337.440578][T17897]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[  337.440614][T17897]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[  337.440647][T17897]  genl_family_rcv_msg_doit+0x48/0x1b0
[  337.440699][T17897]  ? selinux_capable+0x31/0x40
[  337.440728][T17897]  ? security_capable+0x83/0x90
[  337.440816][T17897]  ? ns_capable+0x7d/0xb0
[  337.440849][T17897]  genl_rcv_msg+0x422/0x460
[  337.440882][T17897]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  337.440911][T17897]  netlink_rcv_skb+0x123/0x220
[  337.440952][T17897]  ? __pfx_genl_rcv_msg+0x10/0x10
[  337.440992][T17897]  genl_rcv+0x28/0x40
[  337.441020][T17897]  netlink_unicast+0x5c0/0x690
[  337.441074][T17897]  netlink_sendmsg+0x58b/0x6b0
[  337.441096][T17897]  ? __pfx_netlink_sendmsg+0x10/0x10
[  337.441122][T17897]  __sock_sendmsg+0x145/0x180
[  337.441156][T17897]  ____sys_sendmsg+0x31e/0x4e0
[  337.441184][T17897]  ___sys_sendmsg+0x17b/0x1d0
[  337.441229][T17897]  __x64_sys_sendmsg+0xd4/0x160
[  337.441280][T17897]  x64_sys_call+0x191e/0x3000
[  337.441309][T17897]  do_syscall_64+0xd2/0x200
[  337.441336][T17897]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  337.441459][T17897]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  337.441502][T17897]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.441535][T17897] RIP: 0033:0x7fd0f2cbf749
[  337.441550][T17897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.441569][T17897] RSP: 002b:00007fd0f1727038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  337.441637][T17897] RAX: ffffffffffffffda RBX: 00007fd0f2f15fa0 RCX: 00007fd0f2cbf749
[  337.441649][T17897] RDX: 0000000000000014 RSI: 0000200000000280 RDI: 0000000000000003
[  337.441660][T17897] RBP: 00007fd0f1727090 R08: 0000000000000000 R09: 0000000000000000
[  337.441677][T17897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  337.441688][T17897] R13: 00007fd0f2f16038 R14: 00007fd0f2f15fa0 R15: 00007ffd3d048ae8
[  337.441710][T17897]  </TASK>
[  337.861077][T17903] syzkaller0: entered promiscuous mode
[  337.866667][T17903] syzkaller0: entered allmulticast mode
[  337.944260][T17921] loop2: detected capacity change from 0 to 512
[  338.043690][T17927] loop2: detected capacity change from 0 to 128
[  338.157554][T17940] loop3: detected capacity change from 0 to 128
[  338.172747][T17940] syz.3.5153: attempt to access beyond end of device
[  338.172747][T17940] loop3: rw=2049, sector=138, nr_sectors = 112 limit=128
[  338.192625][T17940] syz.3.5153: attempt to access beyond end of device
[  338.192625][T17940] loop3: rw=2049, sector=142, nr_sectors = 2 limit=128
[  338.206084][T17940] Buffer I/O error on dev loop3, logical block 71, lost async page write
[  338.234966][T17941] syzkaller0: entered promiscuous mode
[  338.240541][T17941] syzkaller0: entered allmulticast mode
[  338.351785][T17943] loop1: detected capacity change from 0 to 128
[  338.426566][T11062] kworker/u8:39: attempt to access beyond end of device
[  338.426566][T11062] loop2: rw=1, sector=153, nr_sectors = 8 limit=128
[  338.467123][T11062] kworker/u8:39: attempt to access beyond end of device
[  338.467123][T11062] loop2: rw=1, sector=169, nr_sectors = 8 limit=128
[  338.489859][T11062] kworker/u8:39: attempt to access beyond end of device
[  338.489859][T11062] loop2: rw=1, sector=185, nr_sectors = 8 limit=128
[  338.505494][T11062] kworker/u8:39: attempt to access beyond end of device
[  338.505494][T11062] loop2: rw=1, sector=201, nr_sectors = 8 limit=128
[  338.520106][T11062] kworker/u8:39: attempt to access beyond end of device
[  338.520106][T11062] loop2: rw=1, sector=217, nr_sectors = 8 limit=128
[  338.534007][T11062] kworker/u8:39: attempt to access beyond end of device
[  338.534007][T11062] loop2: rw=1, sector=233, nr_sectors = 8 limit=128
[  338.547602][T11062] kworker/u8:39: attempt to access beyond end of device
[  338.547602][T11062] loop2: rw=1, sector=249, nr_sectors = 8 limit=128
[  338.561133][T11062] kworker/u8:39: attempt to access beyond end of device
[  338.561133][T11062] loop2: rw=1, sector=265, nr_sectors = 8 limit=128
[  338.591555][T17949] FAULT_INJECTION: forcing a failure.
[  338.591555][T17949] name failslab, interval 1, probability 0, space 0, times 0
[  338.604226][T17949] CPU: 0 UID: 0 PID: 17949 Comm: syz.0.5164 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  338.604265][T17949] Tainted: [W]=WARN
[  338.604273][T17949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  338.604465][T17949] Call Trace:
[  338.604473][T17949]  <TASK>
[  338.604482][T17949]  __dump_stack+0x1d/0x30
[  338.604571][T17949]  dump_stack_lvl+0xe8/0x140
[  338.604596][T17949]  dump_stack+0x15/0x1b
[  338.604698][T17949]  should_fail_ex+0x265/0x280
[  338.604722][T17949]  should_failslab+0x8c/0xb0
[  338.604758][T17949]  __kmalloc_noprof+0xa5/0x570
[  338.604792][T17949]  ? tcf_idr_create+0x41/0x4a0
[  338.604846][T17949]  tcf_idr_create+0x41/0x4a0
[  338.604876][T17949]  tcf_police_init+0x296/0xc70
[  338.604985][T17949]  tcf_action_init_1+0x36a/0x4a0
[  338.605047][T17949]  tcf_action_init+0x267/0x6d0
[  338.605168][T17949]  tc_ctl_action+0x291/0x830
[  338.605220][T17949]  ? __pfx_tc_ctl_action+0x10/0x10
[  338.605253][T17949]  rtnetlink_rcv_msg+0x65a/0x6d0
[  338.605289][T17949]  netlink_rcv_skb+0x123/0x220
[  338.605328][T17949]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  338.605479][T17949]  rtnetlink_rcv+0x1c/0x30
[  338.605507][T17949]  netlink_unicast+0x5c0/0x690
[  338.605548][T17949]  netlink_sendmsg+0x58b/0x6b0
[  338.605575][T17949]  ? __pfx_netlink_sendmsg+0x10/0x10
[  338.605619][T17949]  __sock_sendmsg+0x145/0x180
[  338.605651][T17949]  ____sys_sendmsg+0x31e/0x4e0
[  338.605679][T17949]  ___sys_sendmsg+0x17b/0x1d0
[  338.605737][T17949]  __x64_sys_sendmsg+0xd4/0x160
[  338.605836][T17949]  x64_sys_call+0x191e/0x3000
[  338.605874][T17949]  do_syscall_64+0xd2/0x200
[  338.605899][T17949]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  338.605931][T17949]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  338.606005][T17949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.606030][T17949] RIP: 0033:0x7fd0f2cbf749
[  338.606133][T17949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.606154][T17949] RSP: 002b:00007fd0f1727038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  338.606173][T17949] RAX: ffffffffffffffda RBX: 00007fd0f2f15fa0 RCX: 00007fd0f2cbf749
[  338.606184][T17949] RDX: 00000000000000c0 RSI: 00002000000037c0 RDI: 0000000000000006
[  338.606214][T17949] RBP: 00007fd0f1727090 R08: 0000000000000000 R09: 0000000000000000
[  338.606282][T17949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  338.606297][T17949] R13: 00007fd0f2f16038 R14: 00007fd0f2f15fa0 R15: 00007ffd3d048ae8
[  338.606319][T17949]  </TASK>
[  338.917114][T17957] syzkaller0: entered promiscuous mode
[  338.922763][T17957] syzkaller0: entered allmulticast mode
[  338.941148][T17959] syzkaller1: entered promiscuous mode
[  338.946760][T17959] syzkaller1: entered allmulticast mode
[  339.000810][T17961] syzkaller0: entered promiscuous mode
[  339.006343][T17961] syzkaller0: entered allmulticast mode
[  339.053603][T17963] usb usb8: usbfs: process 17963 (syz.3.5169) did not claim interface 0 before use
[  339.068185][T17965] loop2: detected capacity change from 0 to 128
[  339.074816][T17965] vfat: Unknown parameter 'ÿÿÿÿÿÿÿÿ'
[  339.117533][T17972] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.133558][T17974] atomic_op ffff88811a28f928 conn xmit_atomic 0000000000000000
[  339.172952][T17972] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.229034][T17972] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.268750][   T36] hid_parser_main: 8 callbacks suppressed
[  339.268772][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x4
[  339.282726][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x2
[  339.292406][   T36] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x3
[  339.314459][   T36] hid-generic 0000:3000000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  339.328119][T17972] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.345355][T17984] netlink: 172 bytes leftover after parsing attributes in process `syz.0.5172'.
[  339.435153][T11077] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  339.476510][T11079] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  339.485315][T11079] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  339.493512][T11079] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  339.585573][T17992] infiniband syb2: RDMA CMA: cma_listen_on_dev, error -98
[  339.691431][T18001] xt_TPROXY: Can be used only with -p tcp or -p udp
[  339.753528][T18003] syzkaller0: entered promiscuous mode
[  339.759087][T18003] syzkaller0: entered allmulticast mode
[  340.005252][T18008] syzkaller0: entered promiscuous mode
[  340.010765][T18008] syzkaller0: entered allmulticast mode
[  340.187070][T18015] syzkaller0: entered promiscuous mode
[  340.192653][T18015] syzkaller0: entered allmulticast mode
[  340.271883][   T29] kauditd_printk_skb: 232 callbacks suppressed
[  340.271902][   T29] audit: type=1326 audit(1764607094.395:17645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18014 comm="syz.3.5185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdea363f749 code=0x7ffc0000
[  340.314224][   T29] audit: type=1326 audit(1764607094.435:17646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18014 comm="syz.3.5185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7fdea363f749 code=0x7ffc0000
[  340.337973][   T29] audit: type=1326 audit(1764607094.435:17647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18014 comm="syz.3.5185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdea363f749 code=0x7ffc0000
[  340.361603][   T29] audit: type=1326 audit(1764607094.435:17648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18014 comm="syz.3.5185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7fdea363f749 code=0x7ffc0000
[  340.385253][   T29] audit: type=1326 audit(1764607094.435:17649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18014 comm="syz.3.5185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdea363f749 code=0x7ffc0000
[  340.385617][T18016] loop3: detected capacity change from 0 to 128
[  340.408926][   T29] audit: type=1326 audit(1764607094.435:17650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18014 comm="syz.3.5185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdea363f749 code=0x7ffc0000
[  340.438767][   T29] audit: type=1326 audit(1764607094.435:17651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18014 comm="syz.3.5185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdea363f749 code=0x7ffc0000
[  340.464114][   T29] audit: type=1326 audit(1764607094.475:17652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18014 comm="syz.3.5185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fdea363f749 code=0x7ffc0000
[  340.487838][   T29] audit: type=1326 audit(1764607094.475:17653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18014 comm="syz.3.5185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fdea363f783 code=0x7ffc0000
[  340.511311][   T29] audit: type=1326 audit(1764607094.475:17654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18014 comm="syz.3.5185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fdea363e1ff code=0x7ffc0000
[  340.515183][T18018] netlink: 'syz.4.5186': attribute type 10 has an invalid length.
[  340.542864][T18018] ipvlan0: entered allmulticast mode
[  340.548268][T18018] veth0_vlan: entered allmulticast mode
[  340.583066][T18020] FAULT_INJECTION: forcing a failure.
[  340.583066][T18020] name failslab, interval 1, probability 0, space 0, times 0
[  340.595702][T18020] CPU: 1 UID: 0 PID: 18020 Comm: syz.4.5187 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  340.595742][T18020] Tainted: [W]=WARN
[  340.595751][T18020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  340.595766][T18020] Call Trace:
[  340.595774][T18020]  <TASK>
[  340.595782][T18020]  __dump_stack+0x1d/0x30
[  340.595866][T18020]  dump_stack_lvl+0xe8/0x140
[  340.595886][T18020]  dump_stack+0x15/0x1b
[  340.595904][T18020]  should_fail_ex+0x265/0x280
[  340.595926][T18020]  should_failslab+0x8c/0xb0
[  340.595962][T18020]  kmem_cache_alloc_noprof+0x50/0x480
[  340.596068][T18020]  ? __send_signal_locked+0x154/0x760
[  340.596122][T18020]  __send_signal_locked+0x154/0x760
[  340.596156][T18020]  send_signal_locked+0x34e/0x3c0
[  340.596260][T18020]  force_sig_info_to_task+0x1fb/0x290
[  340.596323][T18020]  force_sig+0x68/0x90
[  340.596356][T18020]  exc_general_protection+0xc5/0x1f0
[  340.596408][T18020]  asm_exc_general_protection+0x26/0x30
[  340.596431][T18020] RIP: 0033:0x7f55c63f8179
[  340.596443][T18020] Code: f8 77 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 89 f8 48 89 fa c5 f9 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 27 01 00 00 <c5> fd 74 0f c5 fd d7 c1 85 c0 74 5b f3 0f bc c0 e9 30 01 00 00 66
[  340.596472][T18020] RSP: 002b:00007f55c4e7e7c8 EFLAGS: 00010283
[  340.596485][T18020] RAX: 0000000000000999 RBX: 00007f55c4e7ed30 RCX: 00007f55c663b120
[  340.596495][T18020] RDX: 9999999999999999 RSI: 00007f55c64a3ca9 RDI: 9999999999999999
[  340.596505][T18020] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000
[  340.596515][T18020] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000000073
[  340.596604][T18020] R13: 00007f55c4e7eeb0 R14: 9999999999999999 R15: 0000000000000000
[  340.596626][T18020]  </TASK>
[  340.828371][T18033] program syz.4.5192 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  340.840699][T18033] loop4: detected capacity change from 0 to 128
[  340.899854][T18034] ==================================================================
[  340.907961][T18034] BUG: KCSAN: data-race in io_flush_timeouts / io_issue_sqe
[  340.915251][T18034] 
[  340.917559][T18034] read-write to 0xffff888119747a10 of 4 bytes by task 18040 on cpu 0:
[  340.925691][T18034]  io_issue_sqe+0x1f9/0xa80
[  340.930192][T18034]  io_wq_submit_work+0x3f7/0x5f0
[  340.935159][T18034]  io_worker_handle_work+0x44e/0x9b0
[  340.940443][T18034]  io_wq_worker+0x22e/0x860
[  340.944947][T18034]  ret_from_fork+0x122/0x1b0
[  340.949531][T18034]  ret_from_fork_asm+0x1a/0x30
[  340.954288][T18034] 
[  340.956607][T18034] read to 0xffff888119747a10 of 4 bytes by task 18034 on cpu 1:
[  340.964262][T18034]  io_flush_timeouts+0x56/0x1d0
[  340.969117][T18034]  __io_commit_cqring_flush+0xeb/0x100
[  340.974580][T18034]  io_issue_sqe+0x8ab/0xa80
[  340.979080][T18034]  io_wq_submit_work+0x3f7/0x5f0
[  340.984025][T18034]  io_worker_handle_work+0x44e/0x9b0
[  340.989319][T18034]  io_wq_worker+0x22e/0x860
[  340.993824][T18034]  ret_from_fork+0x122/0x1b0
[  340.998407][T18034]  ret_from_fork_asm+0x1a/0x30
[  341.003177][T18034] 
[  341.005492][T18034] value changed: 0x00000073 -> 0x00000074
[  341.011200][T18034] 
[  341.013514][T18034] Reported by Kernel Concurrency Sanitizer on:
[  341.019656][T18034] CPU: 1 UID: 0 PID: 18034 Comm: iou-wrk-18031 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  341.031282][T18034] Tainted: [W]=WARN
[  341.035101][T18034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  341.045153][T18034] ==================================================================
[  341.070684][T18039] loop4: detected capacity change from 0 to 1024
[  341.078195][T18039] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  341.089134][T18039] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  341.099721][T18039] JBD2: no valid journal superblock found
[  341.105566][T18039] EXT4-fs (loop4): Could not load journal inode
[  341.115330][T18038] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5194'.
[  341.123817][T18039] netlink: 'syz.4.5194': attribute type 3 has an invalid length.
[  341.155290][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  346.526666][   T29] kauditd_printk_skb: 24 callbacks suppressed
[  346.526684][   T29] audit: type=1400 audit(1764607100.655:17679): avc:  denied  { egress } for  pid=14 comm="ksoftirqd/0" saddr=fe80::1c daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  346.556470][   T29] audit: type=1400 audit(1764607100.655:17680): avc:  denied  { sendto } for  pid=14 comm="ksoftirqd/0" saddr=fe80::1c daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1