last executing test programs:

3m36.091045679s ago: executing program 4 (id=487):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = socket(0x1e, 0x4, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x16, 0x0, 0x4, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x18)
r2 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
recvmsg$unix(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000001e00)=""/4096, 0x1000}], 0x1}, 0x40010000)

3m36.003836466s ago: executing program 4 (id=491):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000007750000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10)
epoll_create(0x3ff) (fail_nth: 1)

3m35.755207656s ago: executing program 4 (id=492):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000007750000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10)
epoll_create(0x3ff)

3m35.742651207s ago: executing program 4 (id=494):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a000000050000000300000004"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r1}, &(0x7f0000000280), &(0x7f00000002c0)}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{r1}, &(0x7f0000000240), &(0x7f0000000440)=r3}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYRES32=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10)
syz_open_procfs(0xffffffffffffffff, 0x0)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000340), 0x5, 0x59b, &(0x7f0000002480)="$eJzs3T1sG2UfAPD/2fGbfuRt+krvK72gDhUgFamqk/QDClO7IipV6oDEUizHjaI4cRQ70EQZ0r1CdECAupQNBkYQAwNiQWJhZQExI1U0AqnpAEb+StvEDk6p6zT+/aSz77nn7P/z3Pl/9nO6kwMYWEdrD6mIZyLiYhIx+kDdUDQrjzbWW19byd9bW8knUa1e+jWJJCLurq3kW+snzeeDEbEaEf+PiG8yEcdTW+OWl5ZncsViYaFZHqvMzo+Vl5ZPTM/mpgpThblTL79y5uzpMxMnJzo3PrOzvl7/6ca7179/7daNTz87spp/P5fEuRhp1j3Yj8epsU0ycW7T8tO9CNZHSb8bwCNJN/O8lkr/i9FIN7O+neroE20a0GPV4YjqTiSrO1od2M2SneU/sGe0fgfUxr9th9Pp3v7+uH2+MQCpxV9vTo2aoca5idhXH5sc+C15aGRSG28e7m3TGACr1yJifGio9vlrTY2apPn5e3Tjj6OB9NTX5xs7auv+T20cf6LN8Wekde70H2od/9a3HP/ux093OP5d7DLGH2/+/FHH+Ncinm0bP9mIn7SJn4qIt7qMf/ONL892qqt+HHEs2sdvSbY/Pzx2ZbpYGG88to3x1bEjr27X/wMd4jfO2e6rf8202/7zXfb/i28/f251m/gvPr/9/m+3/fdHxHtdxv/P3U9e71R3+1pyp/YrYKf7v7bsVpfxXzp39McOVfu7fAsAAAAAAAAAAKCNVP1atiSV3ZhPpbLZxj28/40DqWKpXDl+pbQ4N9m45u1wZFKtK61GG+WkVp5oXo/bKp/cVD7Vuo44vb9ezuZLxck+9x0AAAAAAAAAAAAAAAAAAAB2i4Ob7v//PV2//3/z31UDe1Xnv/wG9jr5D4Pr4fxPIob71hTgCfP9DwOrKv9hcMl/GFzyHwaX/IfBJf9hcMl/GFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAeuLihQu1qXpvbSVfK08OLS3OlN4+MVkoz2RnF/PZfGlhPjtVKk0VC9l8afbv3q9YKs2Px9zi1bFKoVwZKy8tX54tLc5VLk/P5qYKlwuZJ9IrAAAAAAAAAAAAAAAAAAAAeLqM1KcklY2IVH0+lcpmI/4dEYcjk1yZLhbGI+JQRPyQzgzXyhP9bjQAAAAAAAAAAAAAAAAAAADsMeWl5ZlcsVhYGJCZoS1Lvuu8ckSsPt5m1N5xR68anskVM819tVu24dM2c2j7ddLR9xbuxpk+H5gAAAAAAAAAAAAAAAAAAGAA3b/pt9tX/NnbBgEAAAAAAAAAAAAAAAAAAMBASv2SRERtOjb6wsjm2n8l6+n6c0S8c/PSB1dzlcrCRG35nY3llQ+by0/2o/1At1p52spjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4L7y0vJMrlgsLPRwpt99BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgUfwUAAP//H1DQ4Q==")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r5, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c460d04000c028000000000000003003e00ecffffff940200000000002172b4ce359280e2004d02000000000000000000000000380001"], 0x78)
close(r5)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x100)
r6 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)
readv(r6, &(0x7f0000001b40)=[{&(0x7f0000001a40)=""/208, 0xd0}], 0x1)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000002180)='/sys/power/sync_on_suspend', 0xa82, 0x0)
sendfile(r7, r7, 0x0, 0x6)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x1, 0x2, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080)}, 0x2405, 0x4, 0x0, 0x0, 0x21ca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xaa80}, 0x0, 0x0, 0xffffffffffffffff, 0xd)
r8 = getpid()
r9 = syz_pidfd_open(r8, 0x0)
setns(r9, 0x24020000)
syz_clone(0xf5982500, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)

3m35.514371735s ago: executing program 4 (id=495):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000780)='sys_enter\x00', r1}, 0x18)
pwritev(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f00000002c0)='\x00!G', 0x3}], 0x1, 0x8, 0x49d)

3m34.031215655s ago: executing program 4 (id=507):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x1, 0x8, 0xf79, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x200000000000006e, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800000000000000000000000000fe38e5b7fa5f818907eabfa10000180100002020641c000000000077db9149349f74e4000000bfa100000000000007010000f8ffffffb7020000080000009003000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007bd9f52775b724b45e6f798af8ff00000021bfa200000000bd2ea1068982b4e2ffffb71c000008000000b704000000000000000001000300000095901f4bc7450a59c7690504895e5dd4686a04602523e11929f7f16a1fd6a7253a80b54fd8a30e2e3fbed070fd45b7fc72361e99fd7be4330f7d209d93f5e74ff1934c162e81357c8facb2767fd16dbaafbedcbdd61a2adb52729c6a7b91809e7b57d4da043b0d035eee9c06248cea16a42c794857e23c83a9565e1f60735f44686a7397eeaa1bf04d9c779a8f7938fe8a1f8c2fca9a2f3cf049d5b63da7496ba8e1fec5d7806a007f6cbc2296df106167eb473ea1fa98ef879d41000000"], &(0x7f0000000800)='syzkaller\x00', 0x10, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000580)={r2}, 0xc)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5}, 0x50)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r5 = fcntl$dupfd(r4, 0x0, r4)
read$usbfs(r5, 0x0, 0x0)
write$tun(r5, &(0x7f0000000400)=ANY=[], 0xa2)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000200000000000004f00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
r7 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC_PROXY(r7, 0x29, 0xd2, &(0x7f00000002c0)={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}, 0xfffffffc}, {0xa, 0x4e24, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}}, 0x0, {[0x0, 0xfffffffc, 0x79, 0x0, 0xfffffffc, 0x8, 0x0, 0xfbfffffe]}}, 0x5c)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r8, 0x0, 0xfffffffffffffffd}, 0x18)
socket$netlink(0x10, 0x3, 0x0)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x94)
r12 = socket(0x840000000002, 0x3, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000280)='kmem_cache_free\x00', r11, 0x0, 0x1008}, 0x18)
setsockopt$SO_BINDTODEVICE(r12, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r12, &(0x7f0000000240)=[{{&(0x7f00000001c0)={0x2, 0x4e20, @multicast1}, 0x10, 0x0}}], 0x1, 0x4004040)
recvmmsg(r12, &(0x7f0000005f80)=[{{&(0x7f00000002c0)=@can, 0x80, 0x0}, 0x81}], 0x1, 0x10000, 0x0)
setsockopt$inet_mreqn(r9, 0x0, 0x27, &(0x7f0000000180)={@multicast2, @broadcast}, 0xc)
socket$inet_tcp(0x2, 0x1, 0x0)

3m34.015251696s ago: executing program 32 (id=507):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x1, 0x8, 0xf79, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x200000000000006e, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800000000000000000000000000fe38e5b7fa5f818907eabfa10000180100002020641c000000000077db9149349f74e4000000bfa100000000000007010000f8ffffffb7020000080000009003000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007bd9f52775b724b45e6f798af8ff00000021bfa200000000bd2ea1068982b4e2ffffb71c000008000000b704000000000000000001000300000095901f4bc7450a59c7690504895e5dd4686a04602523e11929f7f16a1fd6a7253a80b54fd8a30e2e3fbed070fd45b7fc72361e99fd7be4330f7d209d93f5e74ff1934c162e81357c8facb2767fd16dbaafbedcbdd61a2adb52729c6a7b91809e7b57d4da043b0d035eee9c06248cea16a42c794857e23c83a9565e1f60735f44686a7397eeaa1bf04d9c779a8f7938fe8a1f8c2fca9a2f3cf049d5b63da7496ba8e1fec5d7806a007f6cbc2296df106167eb473ea1fa98ef879d41000000"], &(0x7f0000000800)='syzkaller\x00', 0x10, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000580)={r2}, 0xc)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5}, 0x50)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r5 = fcntl$dupfd(r4, 0x0, r4)
read$usbfs(r5, 0x0, 0x0)
write$tun(r5, &(0x7f0000000400)=ANY=[], 0xa2)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000200000000000004f00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
r7 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC_PROXY(r7, 0x29, 0xd2, &(0x7f00000002c0)={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}, 0xfffffffc}, {0xa, 0x4e24, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}}, 0x0, {[0x0, 0xfffffffc, 0x79, 0x0, 0xfffffffc, 0x8, 0x0, 0xfbfffffe]}}, 0x5c)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r8, 0x0, 0xfffffffffffffffd}, 0x18)
socket$netlink(0x10, 0x3, 0x0)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x94)
r12 = socket(0x840000000002, 0x3, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000280)='kmem_cache_free\x00', r11, 0x0, 0x1008}, 0x18)
setsockopt$SO_BINDTODEVICE(r12, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r12, &(0x7f0000000240)=[{{&(0x7f00000001c0)={0x2, 0x4e20, @multicast1}, 0x10, 0x0}}], 0x1, 0x4004040)
recvmmsg(r12, &(0x7f0000005f80)=[{{&(0x7f00000002c0)=@can, 0x80, 0x0}, 0x81}], 0x1, 0x10000, 0x0)
setsockopt$inet_mreqn(r9, 0x0, 0x27, &(0x7f0000000180)={@multicast2, @broadcast}, 0xc)
socket$inet_tcp(0x2, 0x1, 0x0)

2.548636295s ago: executing program 1 (id=4214):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x4}, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r1, 0x545c, 0x200000000000000)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x300)
syz_open_pts(r1, 0x800)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xe)
ioctl$TIOCGPGRP(r4, 0x5437, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$tipc(r5, 0x0, 0x0)
r7 = dup2(r6, r5)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r8, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r8, 0x40047451, &(0x7f0000000200)=0x2)
setsockopt$CAIFSO_LINK_SELECT(r0, 0x116, 0x7f, &(0x7f0000000040)=0x8, 0x4)
ioctl$PPPIOCSFLAGS1(r8, 0x40047459, &(0x7f0000000100)=0x2000004)
pwritev(r8, &(0x7f0000000240)=[{&(0x7f0000000080)='\x00!', 0x2}, {&(0x7f00000007c0)="61d5421f387fd6f4b6f8b48ea00cceaac90290e664b57f4be79cda6bbaaea42c21ad32de4b5bd3dea845a56d8bd6c2c2f94b1d735f06401749b21d09e44268294852eaeb", 0x44}], 0x2, 0x7, 0xb)
socket(0x200000000000011, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000700)=[{{&(0x7f0000000340), 0x80, &(0x7f0000000080)=[{&(0x7f00000003c0)=""/204, 0xcc}, {&(0x7f00000004c0)=""/154, 0x9a}, {&(0x7f0000000580)=""/156, 0x9c}], 0x3, &(0x7f0000000640)=""/187, 0xbb}, 0x7f}], 0x1, 0x41, &(0x7f0000000740))
ioctl$sock_SIOCSPGRP(r7, 0x8902, &(0x7f00000002c0))
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)

1.913880296s ago: executing program 5 (id=4225):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = epoll_create1(0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4, @perf_config_ext={0xfffffffffffffff4, 0x4}, 0x112026, 0x0, 0x5aa, 0x0, 0x8, 0x6, 0x0, 0x0, 0x0, 0x0, 0x60}, 0x0, 0x5, 0xffffffffffffffff, 0x1)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x48084)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$binfmt_misc(r2, &(0x7f0000000240), 0xfffffecc)
ioctl$TIOCL_PASTESEL(r2, 0x541c, &(0x7f0000000000))
r3 = socket$unix(0x1, 0x1, 0x0)
close(r3)
socket$xdp(0x2c, 0x3, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000080)={0x3000000c})
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x3008842, &(0x7f0000000000), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
mkdir(&(0x7f0000000080)='./bus\x00', 0x3)
creat(&(0x7f0000000100)='./bus\x00', 0x0)
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x1001, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x4)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r0, 0x8983, &(0x7f0000000080)={0x1, 'geneve1\x00', {}, 0x10})
ioctl$int_out(r4, 0x2a30, &(0x7f00000000c0))
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r5 = socket$unix(0x1, 0x5, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x18)
umount2(&(0x7f00000001c0)='./file2\x00', 0x1)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})

1.797359706s ago: executing program 2 (id=4226):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
shutdown(0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000001, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$sock_buf(r0, 0x1, 0x19, 0x0, &(0x7f0000003080)=0x29)

1.652505867s ago: executing program 1 (id=4227):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xa, 0xb, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x3}, [@printk={@lu, {}, {}, {0x7, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffdff}, {}, {}, {0x85, 0x0, 0x0, 0xc7}}]}, &(0x7f0000000000)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00'})
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xc97c, 0x0, @perf_config_ext={0x2, 0x7}, 0x4100, 0xa88, 0x8406, 0x0, 0x0, 0x3c, 0xfffe, 0x0, 0x0, 0x0, 0x80000000000}, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0x1)
acct(0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
socket$inet_mptcp(0x2, 0x1, 0x106)
pipe(&(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x1d64, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.606524801s ago: executing program 1 (id=4229):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="fc00000019000100"/31, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/43], 0xfc}, 0x1, 0x0, 0x0, 0x24008040}, 0x20040000)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x20, &(0x7f0000000080)={&(0x7f0000000280)=""/141, 0x8d, <r0=>0x0, &(0x7f0000000380)=""/167, 0xa7}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1b, 0xc, &(0x7f0000000180)=ANY=[@ANYRES16], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x70, '\x00', 0x0, @fallback=0x8, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x18)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRES8=r2, @ANYRES16], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
r3 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r4 = open(&(0x7f0000000580)='./bus\x00', 0x145e7e, 0x189)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xe, &(0x7f0000000680)=@framed={{}, [@ringbuf_output={{0x18, 0x2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}, @exit, @ldst={0x1, 0x1, 0x3, 0x2, 0x5, 0xfffffffffffffffe, 0x1}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2808017, &(0x7f00000005c0)={[{@minixdf}, {@mb_optimize_scan}, {@noacl}, {@data_writeback}]}, 0x1, 0x593, &(0x7f0000001bc0)="$eJzs3c9vHFcdAPDvjH/mV+1AD1ABCVAIKMo63rRR1UvLBYSqSoiKA+KQGntjmayzIbZLbSLV/RtAAokT/AkckDgg9cSBG0cQB0CUA1KhEShB4jBoZmftjb3rrO3NbuP9fKTpvJk3M9/3dj3z3r5t9gUwsi5GxHZETEbEmxExU+5PyiVebS75cQ/u31t8eP/eYhJZ9sa/kiI/3xdt5+TOlNecjohvfi3iu8n+uGubW7cW6vXa3XJ7bn31ztza5taVldWF5dpy7Xa1en3++tWXrr1Y7aUaU/v2zO4/6MLqLz/46spr3/rNrz/9/u+3v/zDvFhny7z2ehzOqQNzm1Wf2ImTG4+I144W7CNnrFxPDrkcHE0aER+LiM8V9/9MjBV/nQDASZZlM5HNtG8DACddWoyBJWklItK07ARUmmN4z8bptN5YW798s7Fxe6k5VjYbE+nNlXrt6vmpP32/OHgiybfnyyG32XK7umf7WkScj4gfT50qtiuLjfrScLo8ADDyzrS3/xHxn6k0rVT2H/fHc/t2dfhWDwB4akwPuwAAwMBp/wFg9Gj/AWD09ND+l1/2bz/xsgAAg+HzPwCMHu0/AIwe7T8AjJRvvP56vmQPy9+/Xnprc+NW460rS7W1W5XVjcXKYuPuncpyo7Fc/GbP6uOuV2807sy/EBtvz63X1tbn1ja3bqw2Nm6v3yh+1/tGbWIgtQIADnL+wnt/SCJi++VTxRJtczloq+FkS/t4FPB0GTvOyToI8FQz2xeMrp6a8KKT8LsnXhZgODr+mPd0x+SjfnqIIP4/I/hIufTJXsb/kw+bswUNqZDAE9Ec2TeQB6PoaOP/r/S9HMDgHXn8/y/9LQcweFmW7J3zf3InCwA4kY4x8pe9069OCDBUj5vMuy/f/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAJczYivhdJWinmAk/z/6aVSsS5iJiNieTmSr12NSKeiQsRMTGVb88Pu9AAwDGl/0jK+b8uzTx/dm/uZPLfqWIdET/42Rs/eXthff3ufL7/w539U63pw6q75x1jXkEAoHd/ayW6ztUZEUX7XS3XbR/kH9y/t9hannA5H/HBV3YmH118eP9esTRzxiPLsiyvTd6XOP3vJMbLc/L6PRcRY32Iv/1uRHyiU/2TYmxktnw12+NHGfvcQOOnj8RPi7zmOn/5Pt6HssCoeS9//ry69/4bK+6si8URne//6eIJdXzF8286ovXs233+te736aI0e+Pn9/zFXmO88Nuv79uZzTTz3o14brxT/GQnftIl/vM9xv/zpz7zo1e65GU/j7gUneO3x5pbX70zt7a5dWVldWG5tly7Xa1en79+9aVrL1bnijHqudZI9X7/fPnyM93Kltf/dJf4zXf+zJ76T+6c+4Ue6/+L/735nc/ubk7tjf+lz3d+/58t1p1f/7xN/GKP8RdO/6prlyCPv9Sl/o97/y/3GP/9v28t9XgoADAAa5tbtxbq9drdnhPTHc7KP4Ue9jr1epZl7+RlOOCYPLu3C7a6i4cvRnvir1EkdiuYRBLHuWCnRP4K9nLwxKGrEwdduTVc0u/qdEiM7/QV+3vlbx/819ItMXmcoGnfa3GURMyWiQeDCjqMpxEwSLs3/bBLAgAAAAAAAAAAAAAAdDOIf8M07DoCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwcv0/AAD//9h9wts=")
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r5)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01400000000200000000067400062c00070073797352656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a733000080002000000e6ff07000700263a3a0914000600626f6e643000000000"], 0x78}, 0x1, 0xffffffff00000003}, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000500)={{r4, <r7=>0xffffffffffffffff}, &(0x7f0000000440), &(0x7f0000000480)='%ps    \x00'}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="1b00000002000000000000000000002010010000", @ANYRES32=r7, @ANYBLOB="0000000000000000000000baf4dd05e66444d0f8f8a1575db59ab48830623f5eaeb51453ad6e1c3c8bb4cad29673cd3ac441c19fd0bd2c94e71c5043c9d966c1e7d587b237542be7b7b42811adcbd97034e8710237a7a423ec604ed712cf375479445568e03fdd3631d57c1b9cce5cca3404d496220882433bae68a08f724ee648eb6061f328948ecd2704d26601ae879e122b72ede842b4fb", @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="03000000030000000300"/28], 0x50)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x10, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xbf21, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffff5}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000200)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41000, 0xd}, 0x94)
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0xfffffffffffffed5, 0x2)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00'}, 0x10)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001400000000000000003"], 0x118}, 0x1, 0x0, 0x0, 0x40000}, 0x84)
fallocate(r3, 0x0, 0x0, 0x1000f4)
r10 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r10, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x1}, 0x8)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0xb, 0x1f, 0x8e, 0xbf22, 0x1, 0xffffffffffffffff, 0xffff}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000100)="38c97a31c964d9f22e6e1b1249d9f78d50422451605b2465a33a3e6f383738430f39207d5c434e094fab4224ae521022f4c4f61448ee96fbf72a9fef13505f428cc0d29057a230dd967c49e17d4a", 0x401, r11, 0x0, 0xa002a0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000001540), 0xfffffffe, r11, 0x0, 0x1500}, 0x38)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

1.535963117s ago: executing program 1 (id=4230):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r0 = socket$caif_seqpacket(0x25, 0x5, 0x4)
recvmsg(r0, &(0x7f00000029c0)={0x0, 0x0, 0x0}, 0x60)
r1 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000040), 0x4)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000080)=r1, 0x4)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r2, 0x0, 0xffffffffffffffff}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r4, 0x0, 0x4}, 0x18)
syncfs(0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
prlimit64(0x0, 0x6, &(0x7f0000000040), 0x0)
r5 = syz_io_uring_setup(0x2705, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0x1fc}, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000001440)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000001400)=@IORING_OP_ACCEPT={0xd, 0x4, 0x0, 0xffffffffffffffff, 0x0})
io_uring_enter(r5, 0xa3b, 0x400, 0x0, 0x0, 0x0)
r8 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0)
write$cgroup_int(r8, &(0x7f0000000000)=0xfffffffffffffffc, 0x12)
r9 = getpid()
process_vm_readv(r9, &(0x7f0000008400)=[{&(0x7f0000000300)=""/53, 0x35}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r10}, 0x10)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r11, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="070002000000fddbdf2505000000180001801400020073797a5f74756e00000000000000007d0800038004000380080005"], 0x3c}}, 0x0)

1.4924321s ago: executing program 2 (id=4231):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0xfffffffffffffffe}, 0x18)
r3 = socket(0x200000000000011, 0x2, 0xe6)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000006c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x1)
stat(&(0x7f0000000140)='./file0\x00', 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r6=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r6}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x48}}, 0x0)

1.213055602s ago: executing program 2 (id=4234):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[], 0x15)
r3 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB, @ANYRESHEX=r3])

1.146304458s ago: executing program 2 (id=4237):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x86)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
write$binfmt_format(r0, &(0x7f0000000100)='0\x00', 0x2)
write$binfmt_script(r0, &(0x7f0000000340)={'#! ', './file0'}, 0xb)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', 0x0}}, 0x40)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
syz_emit_ethernet(0x4e, &(0x7f00000003c0)={@local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "081200", 0x18, 0x2b, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, @local, {[@srh={0x3a, 0x0, 0x2}], {0x0, 0x0, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x0, 0x100, @val=0x80}}}}}}}}, 0x0)
close(r5)
r6 = socket$key(0xf, 0x3, 0x2)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r7}, 0x4)
sendmsg$key(r6, &(0x7f0000000040)={0x3, 0x500, &(0x7f0000000340)={&(0x7f0000000080)={0x2, 0x3, 0x0, 0x3, 0x11, 0x0, 0x70bd2c, 0x25dfdbfc, [@sadb_key={0x3, 0x9, 0x80, 0x0, "1cdc0dca1d9f68846960e56de42944af"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xc}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x7}}]}, 0x88}, 0x1, 0x7}, 0x0)

1.100942642s ago: executing program 3 (id=4238):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x4}, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r1, 0x545c, 0x200000000000000)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x300)
syz_open_pts(r1, 0x800)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xe)
ioctl$TIOCGPGRP(r4, 0x5437, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$tipc(r5, 0x0, 0x0)
r7 = dup2(r6, r5)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r8, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r8, 0x40047451, &(0x7f0000000200)=0x2)
setsockopt$CAIFSO_LINK_SELECT(r0, 0x116, 0x7f, &(0x7f0000000040)=0x8, 0x4)
ioctl$PPPIOCSFLAGS1(r8, 0x40047459, &(0x7f0000000100)=0x2000004)
pwritev(r8, &(0x7f0000000240)=[{&(0x7f0000000080)='\x00!', 0x2}, {&(0x7f00000007c0)="61d5421f387fd6f4b6f8b48ea00cceaac90290e664b57f4be79cda6bbaaea42c21ad32de4b5bd3dea845a56d8bd6c2c2f94b1d735f06401749b21d09e44268294852eaeb", 0x44}], 0x2, 0x7, 0xb)
socket(0x200000000000011, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000700)=[{{&(0x7f0000000340), 0x80, &(0x7f0000000080)=[{&(0x7f00000003c0)=""/204, 0xcc}, {&(0x7f00000004c0)=""/154, 0x9a}, {&(0x7f0000000580)=""/156, 0x9c}], 0x3, &(0x7f0000000640)=""/187, 0xbb}, 0x7f}], 0x1, 0x41, &(0x7f0000000740))
ioctl$sock_SIOCSPGRP(r7, 0x8902, &(0x7f00000002c0))
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)

1.062465265s ago: executing program 2 (id=4239):
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0xa4}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r2}, 0x10)
socket$rds(0x15, 0x5, 0x0)
socket$inet6(0xa, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffe, 0x0, 0x0, 0x3, 0x2000000000000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd27, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8, 0x5, 0x0, 0xfffffffc, 0x5}, {}, {0x0, 0x0, 0x800000, 0x0, 0x6}, {0x0, 0xc3}, {0x0, 0x5, 0x0, 0x0, 0xf4}, {0x5}, {}, {0x0, 0x10}, {0x0, 0x4, 0x0, 0x8000000}, {0x0, 0x0, 0x0, 0x0, 0x7ff}, {0x2, 0x0, 0x0, 0x0, 0x6}, {0x0, 0x43683bb}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, {0x0, 0x0, 0x0, 0x8000000, 0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x20}, {}, {0x0, 0x0, 0x0, 0x0, 0x10}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {0x0, 0x80}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x5}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff, 0x9}, {0x0, 0x0, 0x0, 0x0, 0xfffff800}, {}, {}, {0xffffffff}, {}, {}, {0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, {}, {0x80}, {0x80}, {0x0, 0x0, 0x0, 0x5, 0x5}, {}, {0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x0, 0x8510, 0xfffffffc}, {0xffff}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0xfffefffd}, {0x0, 0x0, 0x0, 0x1}, {}, {0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, {0x0, 0xfffffffc, 0x200, 0x9}, {}, {}, {0x7}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x9}, {}, {0x0, 0x0, 0x0, 0x0, 0x1, 0x7}, {0x1, 0x2}, {}, {}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x56}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffe}, {0x0, 0x0, 0x0, 0x8000000}, {}, {0x0, 0xfffffffd}, {0x6}, {0x7f}, {0x0, 0x0, 0x8}, {0x0, 0x0, 0x20, 0x0, 0xfffffffe}, {0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {0x2, 0x9, 0x20000000, 0x0, 0x0, 0x8}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x8}, {0x0, 0x0, 0xe600, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x7, 0x1, 0x8}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x4}, {0x0, 0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {0xfffffffb, 0x0, 0x0, 0x0, 0x8000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {0x2d}, {}, {0x0, 0x8000}, {0x0, 0xffffffff, 0x1010000}, {0x0, 0x80000000, 0x0, 0x7fff800}, {}, {0x0, 0x0, 0x0, 0x0, 0xd}], [{}, {}, {}, {0x1}, {}, {0x3}, {}, {0x0, 0x1}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x4}, {0x3}, {}, {}, {}, {0x5, 0x1}, {}, {}, {}, {0x5}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x4}, {}, {0x0, 0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {}, {0x3, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x2}, {}, {}, {0x4}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef00", 0x9, 0x0, 0x0, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002abd7000fccbdf250900000005000700020000000800010001000000050008"], 0x2c}, 0x1, 0x0, 0x0, 0x24084001}, 0x0)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x41000}, 0x94)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r3, &(0x7f0000003d00)=[{{0x0, 0x0, &(0x7f0000001940)=[{&(0x7f0000000300)=""/148, 0x94}, {0x0}], 0x2}, 0x4}], 0x1, 0x10000, 0x0)

821.369364ms ago: executing program 1 (id=4240):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0xfffffffffffffffe}, 0x18)
r3 = socket(0x200000000000011, 0x2, 0xe6)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r4}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x48}}, 0x0)

692.894834ms ago: executing program 1 (id=4242):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000440)='kfree\x00', r2, 0x0, 0x100000007}, 0x18)
pause()
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000a00)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x114, 0x114, 0x3, [@int={0xd, 0x0, 0x0, 0x1, 0x0, 0x3b, 0x0, 0x1e, 0x6}, @struct={0x1, 0x0, 0x0, 0x4, 0x1, 0x1}, @struct={0xb, 0x5, 0x0, 0x4, 0x1, 0x6, [{0xb, 0x5, 0x10}, {0x9, 0x1, 0xfffff51c}, {0xd, 0x5, 0x7}, {0x10, 0xe, 0xd}, {0x3, 0x2, 0x1a22}]}, @type_tag={0x3, 0x0, 0x0, 0x12, 0x5}, @enum64={0xf, 0x7, 0x0, 0x13, 0x1, 0x1, [{0xf, 0x4, 0xa}, {0x7, 0x7, 0x1}, {0xf, 0x6, 0x755}, {0xa, 0x8, 0x8}, {0x9, 0x9, 0xff}, {0x5, 0x10001, 0x5}, {0xd, 0x2, 0x1bf9}]}, @const={0x4}, @enum={0x10, 0x1, 0x0, 0x6, 0x4, [{0x1, 0x1}]}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x3, 0x2}}, @type_tag={0x7, 0x0, 0x0, 0x12, 0x5}]}, {0x0, [0x30]}}, &(0x7f0000000580)=""/188, 0x12f, 0xbc, 0x0, 0x5}, 0x28)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file2\x00', 0x80, &(0x7f0000000200)=ANY=[], 0x1, 0x25e, &(0x7f0000002a80)="$eJzs2sFrHFUcB/DfxKZNU9JdsSotiA89qJehydlDg7QoBhRNhCpIp3ZSl4zZkFkCEbE56dU/waOIR2+C9OglF/8CEW+55NhDcSTdTZusRdSS7tJ8PofdH7z3nXlvZ3j8Drvz+jefrSzX+XLRi4ksi4lLsXXyThbtmIh9W/HaK1d/eeH9qx++Pb+wcPm9lK7ML87OpZTOvvjzR1/88NLt3pkPfjz706nYbn+8szv3x/Zz2+d3/lz8tFOnTp1Wu71UpOvd7uTgevVKntK7VVnUZeqs1uX6YLxXXK/KtFx119Y2U7F6Y2Z6bb2s61TcbdJKuZl63dRb30zFzaKzmvI8TzPTwaNY+v5O08RuM3ktmqY5/W2cuR0zv0UrsqdT9syl7Nlr2fNb2fndpmmNeqkcCc//eDtwqE9FVF9vLG0s9b/74/PL0YkqyrgYrbgbe69JM7X30fTrK28tXL6Y7mnHV9WtQf7WxtJTh/Oz0Yp2P9MM5Wf7+XQ4fyqmD+bnohXnHp6fu5+PA/mpePXliPmpwUbzaMWvn0Q3qrgRe9kH+S9nU3rjnYWh+1+4Nw8A4EmTp/se2r/l+dD4fj/1D/3hcH826A8nD1//RFw4Mbp901dvfr5SVFW5flyK/Y0/tpu+efNfTf793Hj8PkdanBx+6ybGZGFHUpyOsVjG/yxGdybx+Dx46KNeCQAAAAAAAAAAAP/Fo/xDcPG7iOGhaP998qj3CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjLe/AgAA//9UQ8S5")
bind$unix(r0, &(0x7f00000002c0)=@file={0x1, './file2\x00'}, 0x6e)

674.544906ms ago: executing program 5 (id=4243):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r3}, 0x10)
r4 = socket(0x1e, 0x80004, 0x0)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x7, 0x0, 0x1000004}, 0x10)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r4, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r6 = dup3(r5, r4, 0x0)
recvmmsg(r6, &(0x7f0000004580)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000600)=""/179, 0x3514}], 0x1}, 0xffffffff}], 0x1, 0x40000001, 0x0)
write$binfmt_aout(r2, &(0x7f00000000c0)=ANY=[], 0x20)
r7 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r7, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x7, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r8 = open$dir(&(0x7f0000000080)='./file0\x00', 0x804000, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3, 0x12, r8, 0x200000000000000)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r4, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x40, 0x1411, 0x400, 0x70bd26, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x2}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x3}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x40}, 0x1, 0x0, 0x0, 0x30}, 0x80)
bpf$PROG_LOAD(0x5, 0x0, 0xffffffffffffffaf)
r9 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01)
mount$cgroup(0x0, &(0x7f0000000600)='.\x00', &(0x7f0000000640), 0x2208000, &(0x7f0000000100)={[{@cpuset_v2_mode}]})
ioctl$SCSI_IOCTL_SEND_COMMAND(r9, 0x1, &(0x7f00000000c0)=ANY=[])
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="1400"/20], 0x14}}, 0x0)
name_to_handle_at(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="280000004e000000faffffffffffffff0800000000000000040000002403000000000000750b0000b641000000000000d4d8b4d832d2a2ee381177019e6bf8a82e12fac6c3f4fe07386a165ece945d824f7484e3635f17226ef4f4c6f026d211d4fd09000000000000"], &(0x7f0000000180), 0x1200)

342.000923ms ago: executing program 0 (id=4246):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff5300000"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

326.031784ms ago: executing program 0 (id=4247):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[], 0x15)
r3 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfd', @ANYRESHEX=r3])

302.068766ms ago: executing program 0 (id=4248):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xdf, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff60fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb", 0x0, 0x8, 0x60000000}, 0x50)

238.996931ms ago: executing program 5 (id=4249):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/power/pm_wakeup_irq', 0x40, 0x101)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
io_setup(0x8, &(0x7f00000001c0)=<r1=>0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/disk', 0x1, 0x20)
io_submit(r1, 0x1, &(0x7f0000000400)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000140)="2a22cab1fd28", 0x6}])
syz_emit_ethernet(0x2a, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x6, 0xffffffff, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40900, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xc, 0xffffffff, &(0x7f0000000280))
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, &(0x7f0000000200), 0x10)
fallocate(r0, 0x21, 0x1, 0x5)
syz_open_dev$tty1(0xc, 0x4, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x79ab, 0x8, 0x8000, 0x400250}, &(0x7f00000003c0)=<r5=>0x0, &(0x7f0000000400)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000140)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x2007, @fd=r3, 0x6, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r4, 0x74d1, 0x4c3, 0x43, 0x0, 0xfffffffffffffd1d)

238.68381ms ago: executing program 0 (id=4250):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000188500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000004c0)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x64fa}, 0x18)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x381, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
io_setup(0x11, &(0x7f0000000180)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f00000006c0)=[&(0x7f00000000c0)={0x20000000, 0x0, 0x7, 0x8, 0x0, r2, &(0x7f0000000080)='\x00', 0x1}])
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
openat(0xffffffffffffffff, 0x0, 0x40042, 0x84)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6, 0x0, 0x3}, 0x18)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)
preadv(r7, &(0x7f00000015c0)=[{&(0x7f0000000140)=""/4078, 0xfee}], 0x1, 0xf2, 0x207fff)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r8}, 0x18)
r9 = socket$pppl2tp(0x18, 0x1, 0x1)
r10 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240))
connect$inet6(r10, &(0x7f0000000b00)={0xa, 0xfdfe, 0x100007, @remote, 0xa}, 0x1c)
connect$pppl2tp(r9, &(0x7f0000000300)=@pppol2tpin6={0x18, 0x1, {0x0, r10, 0x8, 0x0, 0x2, 0x0, {0xa, 0x0, 0xf9d, @private2={0xfc, 0x2, '\x00', 0x1}}}}, 0x32)
writev(r9, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
r11 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="20010000120013070000000000000000e0000001000000000000000000000000fc00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000072c42572f64a264410b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbc18c8582fc7800000000000000000000000050019000000000028001a"], 0x120}}, 0x0)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f00000001c0)={<r12=>0x0, @in6={{0xa, 0x4e22, 0x0, @mcast1, 0x7}}}, &(0x7f0000000100)=0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f0000000280)={0xc, 0x0, 0x4, 0x1, 0x7, 0x4e, 0x8, 0x6, r12}, 0x20)
quotactl$Q_GETFMT(0xffffffff80000401, &(0x7f0000000000)=@sr0, 0x0, 0x0)

203.855854ms ago: executing program 2 (id=4251):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="80420000000000001400030076657468305f746f5f626f6e6400000008003a007a8677"], 0x3c}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x2c6e02a6a3a98c83, 0x9, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x18)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x2, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r5}, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)={0x34, r6, 0x1, 0x70bd2a, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x8000)

179.252146ms ago: executing program 3 (id=4252):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000780)='sys_enter\x00', r1}, 0x18)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240), 0xc0802, 0x0)
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x95, 0x3}, 0x100002, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3f, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
pwritev(r2, 0x0, 0x0, 0x8, 0x49d)

165.807507ms ago: executing program 3 (id=4253):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000780)='sys_enter\x00', r1}, 0x18)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240), 0xc0802, 0x0)
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x95, 0x3}, 0x100002, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3f, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
pwritev(r2, 0x0, 0x0, 0x8, 0x49d)

138.653619ms ago: executing program 3 (id=4254):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x15, 0x10, &(0x7f0000000200)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffff", @ANYRES32=r0, @ANYBLOB, @ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000580)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
readv(r1, &(0x7f0000000280)=[{&(0x7f0000000100)=""/125, 0x7d}, {&(0x7f0000000040)=""/46, 0x2e}, {&(0x7f0000000200)=""/112, 0x70}, {&(0x7f0000000a00)=""/4096, 0x1000}], 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x5, 0xb, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_dev$tty1(0xc, 0x4, 0x4)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newsa={0x13c, 0x10, 0x713, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3a}, {@in6=@remote, 0x4d3, 0x2b}, @in=@broadcast, {0x0, 0x0, 0x0, 0x0, 0x2, 0x5}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x13c}}, 0x0)
openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r4 = perf_event_open(&(0x7f0000000040)={0x5, 0x6c, 0x2, 0x2, 0x8, 0x9, 0x0, 0x6, 0x0, 0xc, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x8}, 0x2000, 0xff, 0x9, 0x0, 0x4, 0x145d, 0x1, 0x0, 0x3f8, 0x0, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x2400, 0xfffffffffffffffc)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYRES64=r3], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYBLOB="0000000000000000b704000008"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r5}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
syz_io_uring_setup(0x3c0c, &(0x7f0000000400)={0x0, 0xa26e, 0x4002, 0x4}, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x5, 0x80, 0x2, 0x2, 0x8, 0x9, 0x0, 0x6, 0x0, 0xc, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x4, @perf_bp={0x0, 0x8}, 0x2000, 0xff, 0x9, 0x3, 0x4, 0x145f, 0x1, 0x0, 0x3f8, 0x0, 0xccc}, 0x0, 0x0, r4, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bf"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d90000000000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6, 0x0, 0x2}, 0x18)
r7 = socket$netlink(0x10, 0x3, 0x14)
utimensat(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', &(0x7f00000002c0)={{0x0, 0x3fffffff}}, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001a00)={&(0x7f0000001080)={0x10, 0x1403, 0x1}, 0x10}, 0x1, 0x0, 0x0, 0x4040000}, 0x100)
bpf$PROG_LOAD(0x5, &(0x7f0000001a40)={0x7, 0x10, &(0x7f0000000480)=ANY=[@ANYRES64], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x94)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
socket$key(0xf, 0x3, 0x2)

138.251769ms ago: executing program 5 (id=4255):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000001, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$sock_buf(r0, 0x1, 0x19, 0x0, &(0x7f0000003080)=0x29)

118.03757ms ago: executing program 3 (id=4256):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67b}]}, 0x10)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e00000000000000040000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000020000000000000000"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095", @ANYRESOCT], 0x0}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r4 = syz_open_procfs(0x0, &(0x7f0000000440)='ns\x00')
getdents(r4, &(0x7f0000001f80)=""/4096, 0x1000)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xe)
ioctl$TIOCSSOFTCAR(r1, 0x541a, 0x0)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300)
setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000180)=0x1f5, 0x4)
r5 = socket(0x2, 0x80805, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mprotect(&(0x7f0000005000/0x2000)=nil, 0x2000, 0x1)
clock_adjtime(0x0, &(0x7f0000000480)={0xd54, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000008000002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffffffffffff})
sendmmsg$inet(r5, &(0x7f00000009c0)=[{{&(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x4, 0x0}}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000200)="9a", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000280)="90", 0x1}], 0x1}}, {{&(0x7f0000000240)={0x2, 0x4e22, @rand_addr=0x64010102}, 0x10, &(0x7f0000000840)=[{&(0x7f0000002280)='O', 0x1}], 0x1}}], 0x3, 0x4000000)

70.002744ms ago: executing program 5 (id=4257):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xa, 0x10, 0x0, &(0x7f0000000080)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r0, &(0x7f0000001d80)='.\x00', 0x0, &(0x7f0000001dc0)={0x0, 0x0, 0x80000}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
lsm_set_self_attr(0x67, &(0x7f0000000740)={0x65, 0xa, 0x22, 0x2, "7aa9"}, 0x22, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffc78}, 0x41)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r3, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000940)=""/3, 0x3, 0x3, 0x4, 0x0, 0x0, 0xc08}}, 0x120)
write$UHID_DESTROY(r3, &(0x7f0000000200), 0x4)

66.257795ms ago: executing program 0 (id=4258):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000040)='.\x02\x00', 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="636865636b3d7374726963742c756e686964652c63727566742c696f636861727365743d63a08033322c636865636b3d72656c617865642c6e6f6a6f6c6965742c636865636b3d72656c617865642c6e6f6a6f6c6965742c00"], 0x1, 0x55d, &(0x7f0000000b00)="$eJzs3VFv01YbwPHHpYWSV0LoZUKoKnAom1SkEhwXgiKuPOckPeDYke2g9gpVNEUVKUyUSWtvNm7YJm0fgtt9iH0jtI/AZDspzdo0HaUJ6v6/Co5jH/s8x4n86LTxsQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALG8qm2XLPFN0FpWg3nVKGx8fNnde98KudVXHNKuiJX+k+lpuZKvuvLVx82X0//mZDZ/NSvTaTEtO/+7fPHBpcmJ3v6HBDwSW9s7z1c7nfarcQdygq6eG7ytrgMTh6bh1rUycagq5bJ9Z6kWq5rxdbwSJ7qhvEi7SRipee+WKlUqi0oXV8JWUK+6vu6tvH/bse2yelhsajeKw+DOw2LsLRnfN0E9q5NuTuvcTz+Ij0yiEu02lFrf6LQXh3UgrVQ6SiVnWCXHdpxSyXFK5XuVe/dte3LfCvsfZF+N8X9oMV6f8eoNHM9EN/+LL0YCacmyqAN/PKlKJKE0Bmzv6uX/b+7oQ9vdm/97Wf7Kx80zkuX/a/mra4Py/4BYRvezJduyI89lVTrSkba8GntEo/2pi5ZAjMQSipGGuNka1V2jpCJlKYstT2RJahKLkpoY8UVLLCsSSyI6+0R5EokWVxIJJRIl8+LJLVFSkopUZFGUaCnKioTSkkDqUhU3O8q6bGTnfVGUNSjG3Uqlgd0o9D53bXEO6S35H8f3Wa/fwHF86OV/AAAAAABwalnZb9/T8f+UXM2WasbX9rjDAgAAAAAAn1H2l//ZtJhKl66KxfgfAAAAAIDTxsrusbNEpCDX86V1sbLbpfglAAAAAAAAp0T29/9raZHNgXJdrN3pUhj/AwAAAABwSvwydI79uHnO+vMviaIp601z+Wtr003ruZtn8v3O9I400S2T2ox1oXuQrCjnxeSkp2et6bzS7iSY77vF+rA4rIMC+GlvADIkgEuT8pvcyOvcWMvLtd6WvJVCzfi66IX+g5K47oWJRC8n37/Y+EGy7v8aNC5Ysr7RaRefvuysZbG8SY/yZrM7geK+eRQPieV1Nt9Cds/FgT2eym7E6LZbyNu19/Z/ov+8H6XNtzKX15nrznhb6O//dNpmqdjX+3TbbhTTstFpl47Z87dyM69zc/5mXhwQhVMc9B50z4WzN4pPOhf7o7D6ojgvIsOiWBwUhXW0KABgXNaHZCFrf+L/hGvtp2V3+ZfZ/a3M53XmZ7IL6+TMAXnFHnZFt4+Z3f7Y9wykQTk2bff33XbzrPou3eHdwHZj37HSU3jm9eZ3cnlre+f2xubqs/az9gvHWSzbd237niNTWTe6xZ5IP5wj9wAAcsOfsTO0hnU3H1VfFDl4VP3/3a8UFOWpvJSOrMlCdrdB9o2DA49a2PM1hIUho9ZClibzJ7wsHDK2PJvd5dA7rnNo3f4YFkfxVgAAMDJzQ/LwUfL/wpBxd38u7x8dn5VBdUsjPxcAAPxX6Oi9VUh+tqLINJ+UKpWSmyxpFYXeIxWZal0rEyQ68pbcoK5VMwqT0Av9dOGxqepYxa1mM4wSVQsj1Qxjs5w9+V11H/0e64YbJMaLm752Y628MEhcL1FVE59Xzda3vomXdJTtHDe1Z2rGcxMTBioOW5Gni0rFWu+paKo6SEzNpIuBakam4UYr6nHotxpaWWJJZJpJmB+w15YJamHUyA5bHPfJBgDgC7G1vfN8tdNpvzrBhXH3EQAA9CNLAwAAAAAAAAAAAAAAAAAAAADw5RvF/X8sjGPhbPcdHkFbvamgx93lE16wRtrBSREZZ5eHXjp+PNELE4AT93cAAAD//+IERnQ=")

22.172838ms ago: executing program 5 (id=4259):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[], 0x15)
r3 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfd', @ANYRESHEX=r3])

11.020029ms ago: executing program 3 (id=4260):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xdf, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff60fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb", 0x0, 0x8, 0x60000000}, 0x50)

0s ago: executing program 0 (id=4261):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) (async, rerun: 32)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (rerun: 32)
r2 = openat$cgroup_procs(r1, &(0x7f00000002c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000140), 0x12) (async)
sendmsg$inet(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x30004084)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x18) (async)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.840709][T13722] RSP: 002b:00007fd36fc77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000109
[  239.840730][T13722] RAX: ffffffffffffffda RBX: 00007fd371435fa0 RCX: 00007fd37120ebe9
[  239.840746][T13722] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: ffffffffffffffff
[  239.840764][T13722] RBP: 00007fd36fc77090 R08: 0000000000001000 R09: 0000000000000000
[  239.840776][T13722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.840787][T13722] R13: 00007fd371436038 R14: 00007fd371435fa0 R15: 00007ffc643d73d8
[  239.840805][T13722]  </TASK>
[  239.908450][   T29] kauditd_printk_skb: 525 callbacks suppressed
[  239.908464][   T29] audit: type=1326 audit(1755487128.379:14530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13721 comm="syz.1.3632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd37120ebe9 code=0x7ffc0000
[  239.911321][T13722] audit: audit_lost=9 audit_rate_limit=0 audit_backlog_limit=64
[  239.916349][   T29] audit: type=1326 audit(1755487128.379:14531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13721 comm="syz.1.3632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=267 compat=0 ip=0x7fd37120ebe9 code=0x7ffc0000
[  239.921383][T13722] audit: out of memory in audit_log_start
[  239.926931][   T29] audit: type=1326 audit(1755487128.379:14532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13721 comm="syz.1.3632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd37120ebe9 code=0x7ffc0000
[  239.926956][   T29] audit: type=1326 audit(1755487128.379:14533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13721 comm="syz.1.3632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd37120ebe9 code=0x7ffc0000
[  240.162059][   T29] audit: type=1326 audit(1755487128.379:14534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13721 comm="syz.1.3632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd37120ebe9 code=0x7ffc0000
[  240.185591][   T29] audit: type=1326 audit(1755487128.379:14535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13721 comm="syz.1.3632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd37120ebe9 code=0x7ffc0000
[  240.209201][   T29] audit: type=1326 audit(1755487128.379:14536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13721 comm="syz.1.3632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd37120ebe9 code=0x7ffc0000
[  240.232848][   T29] audit: type=1326 audit(1755487128.379:14537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13721 comm="syz.1.3632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd37120ebe9 code=0x7ffc0000
[  240.356531][T13737] loop5: detected capacity change from 0 to 512
[  240.373526][T13737] EXT4-fs: Ignoring removed nobh option
[  240.401700][T13737] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.3639: corrupted inode contents
[  240.417876][T13737] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #3: comm syz.5.3639: mark_inode_dirty error
[  240.451408][T13737] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.3639: corrupted inode contents
[  240.463797][T13737] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #3: comm syz.5.3639: mark_inode_dirty error
[  240.475557][T13737] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.3639: Failed to acquire dquot type 0
[  240.488204][T13737] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.3639: corrupted inode contents
[  240.500463][T13737] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #16: comm syz.5.3639: mark_inode_dirty error
[  240.513102][T13737] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.3639: corrupted inode contents
[  240.570119][T13756] netlink: 'syz.2.3645': attribute type 1 has an invalid length.
[  240.596477][T13737] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.3639: mark_inode_dirty error
[  240.612216][T13737] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.3639: corrupted inode contents
[  240.625239][T13759] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3645'.
[  240.636954][T13737] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  240.655824][T13756] 8021q: adding VLAN 0 to HW filter on device bond1
[  240.673609][T13737] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.3639: corrupted inode contents
[  240.697823][T13759] bond1 (unregistering): Released all slaves
[  240.705664][T13737] EXT4-fs error (device loop5): ext4_truncate:4666: inode #16: comm syz.5.3639: mark_inode_dirty error
[  240.733002][T13737] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  240.751273][T13737] EXT4-fs (loop5): 1 truncate cleaned up
[  240.764894][T13737] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  240.800140][T13737] ext4 filesystem being mounted at /595/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.857711][T13737] netlink: 200 bytes leftover after parsing attributes in process `syz.5.3639'.
[  240.877205][T13735] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.264954][T13783] FAULT_INJECTION: forcing a failure.
[  241.264954][T13783] name failslab, interval 1, probability 0, space 0, times 0
[  241.277625][T13783] CPU: 0 UID: 0 PID: 13783 Comm: syz.1.3653 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  241.277653][T13783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  241.277666][T13783] Call Trace:
[  241.277673][T13783]  <TASK>
[  241.277680][T13783]  __dump_stack+0x1d/0x30
[  241.277698][T13783]  dump_stack_lvl+0xe8/0x140
[  241.277714][T13783]  dump_stack+0x15/0x1b
[  241.277730][T13783]  should_fail_ex+0x265/0x280
[  241.277750][T13783]  should_failslab+0x8c/0xb0
[  241.277773][T13783]  kmem_cache_alloc_noprof+0x50/0x310
[  241.277799][T13783]  ? vm_area_alloc+0x2c/0xb0
[  241.277828][T13783]  vm_area_alloc+0x2c/0xb0
[  241.277854][T13783]  mmap_region+0xaa2/0x1630
[  241.277894][T13783]  do_mmap+0x9b3/0xbe0
[  241.277925][T13783]  vm_mmap_pgoff+0x17a/0x2e0
[  241.277954][T13783]  ksys_mmap_pgoff+0xc2/0x310
[  241.277983][T13783]  ? __x64_sys_mmap+0x49/0x70
[  241.278004][T13783]  x64_sys_call+0x14a3/0x2ff0
[  241.278022][T13783]  do_syscall_64+0xd2/0x200
[  241.278047][T13783]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  241.278069][T13783]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  241.278093][T13783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.278112][T13783] RIP: 0033:0x7fd37120ec23
[  241.278124][T13783] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  241.278138][T13783] RSP: 002b:00007fd36fc76e18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  241.278153][T13783] RAX: ffffffffffffffda RBX: 0000000000000516 RCX: 00007fd37120ec23
[  241.278163][T13783] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  241.278174][T13783] RBP: 0000200000001602 R08: 00000000ffffffff R09: 0000000000000000
[  241.278184][T13783] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000004
[  241.278194][T13783] R13: 00007fd36fc76ef0 R14: 00007fd36fc76eb0 R15: 0000200000000d40
[  241.278212][T13783]  </TASK>
[  241.494710][T13785] FAULT_INJECTION: forcing a failure.
[  241.494710][T13785] name failslab, interval 1, probability 0, space 0, times 0
[  241.507361][T13785] CPU: 1 UID: 0 PID: 13785 Comm: syz.1.3654 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  241.507429][T13785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  241.507478][T13785] Call Trace:
[  241.507485][T13785]  <TASK>
[  241.507491][T13785]  __dump_stack+0x1d/0x30
[  241.507512][T13785]  dump_stack_lvl+0xe8/0x140
[  241.507529][T13785]  dump_stack+0x15/0x1b
[  241.507551][T13785]  should_fail_ex+0x265/0x280
[  241.507574][T13785]  should_failslab+0x8c/0xb0
[  241.507629][T13785]  kmem_cache_alloc_node_noprof+0x57/0x320
[  241.507660][T13785]  ? __alloc_skb+0x101/0x320
[  241.507737][T13785]  ? __rtnl_unlock+0x95/0xb0
[  241.507839][T13785]  __alloc_skb+0x101/0x320
[  241.507866][T13785]  netlink_ack+0xfd/0x500
[  241.507960][T13785]  netlink_rcv_skb+0x192/0x220
[  241.507979][T13785]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  241.508012][T13785]  rtnetlink_rcv+0x1c/0x30
[  241.508058][T13785]  netlink_unicast+0x5bd/0x690
[  241.508112][T13785]  netlink_sendmsg+0x58b/0x6b0
[  241.508132][T13785]  ? __pfx_netlink_sendmsg+0x10/0x10
[  241.508186][T13785]  __sock_sendmsg+0x142/0x180
[  241.508210][T13785]  ____sys_sendmsg+0x31e/0x4e0
[  241.508264][T13785]  ___sys_sendmsg+0x17b/0x1d0
[  241.508299][T13785]  __x64_sys_sendmsg+0xd4/0x160
[  241.508339][T13785]  x64_sys_call+0x191e/0x2ff0
[  241.508361][T13785]  do_syscall_64+0xd2/0x200
[  241.508448][T13785]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  241.508473][T13785]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  241.508499][T13785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.508531][T13785] RIP: 0033:0x7fd37120ebe9
[  241.508551][T13785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.508567][T13785] RSP: 002b:00007fd36fc77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  241.508611][T13785] RAX: ffffffffffffffda RBX: 00007fd371435fa0 RCX: 00007fd37120ebe9
[  241.508624][T13785] RDX: 0000000000000000 RSI: 00002000000018c0 RDI: 000000000000000a
[  241.508636][T13785] RBP: 00007fd36fc77090 R08: 0000000000000000 R09: 0000000000000000
[  241.508649][T13785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  241.508662][T13785] R13: 00007fd371436038 R14: 00007fd371435fa0 R15: 00007ffc643d73d8
[  241.508681][T13785]  </TASK>
[  241.750244][T13787] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3655'.
[  241.894945][T13794] netlink: 'syz.5.3658': attribute type 1 has an invalid length.
[  241.914995][T13809] loop3: detected capacity change from 0 to 1024
[  241.943206][T13809] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  241.953012][T13809] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  241.975443][T13809] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  241.986187][T13809] EXT4-fs error (device loop3): ext4_get_journal_inode:5796: inode #5: comm syz.3.3665: unexpected bad inode w/o EXT4_IGET_BAD
[  242.000216][T13809] EXT4-fs (loop3): no journal found
[  242.005544][T13809] EXT4-fs (loop3): can't get journal size
[  242.012752][T13809] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  242.054447][T13817] bridge: RTM_NEWNEIGH with invalid ether address
[  242.141853][T11550] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.312954][T13840] rdma_rxe: rxe_newlink: failed to add bond0
[  242.348095][   T10] hid-generic 0003:0004:0000.000D: unknown main item tag 0x0
[  242.355662][   T10] hid-generic 0003:0004:0000.000D: unknown main item tag 0x0
[  242.363260][   T10] hid-generic 0003:0004:0000.000D: unknown main item tag 0x0
[  242.371799][   T10] hid-generic 0003:0004:0000.000D: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  242.374526][   T36] hid-generic 0003:0004:0000.000E: unknown main item tag 0x0
[  242.388348][   T36] hid-generic 0003:0004:0000.000E: unknown main item tag 0x0
[  242.395796][   T36] hid-generic 0003:0004:0000.000E: unknown main item tag 0x0
[  242.408762][   T36] hid-generic 0003:0004:0000.000E: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  242.686719][T13857] __nla_validate_parse: 1 callbacks suppressed
[  242.686733][T13857] netlink: 244 bytes leftover after parsing attributes in process `syz.2.3681'.
[  243.018830][T13873] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3686'.
[  243.105014][   T31] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.164180][   T31] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.228220][   T31] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.248799][T13871] chnl_net:caif_netlink_parms(): no params data found
[  243.280661][   T31] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.434389][T13871] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.441913][T13871] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.457580][T13871] bridge_slave_0: entered allmulticast mode
[  243.464003][T13871] bridge_slave_0: entered promiscuous mode
[  243.470638][T13871] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.477735][T13871] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.485161][T13871] bridge_slave_1: entered allmulticast mode
[  243.491783][T13871] bridge_slave_1: entered promiscuous mode
[  243.514515][   T31] bridge_slave_1: left allmulticast mode
[  243.520232][   T31] bridge_slave_1: left promiscuous mode
[  243.525973][   T31] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.534240][   T31] bridge_slave_0: left allmulticast mode
[  243.539911][   T31] bridge_slave_0: left promiscuous mode
[  243.545825][   T31] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.567616][T13911] loop3: detected capacity change from 0 to 512
[  243.574703][T13911] EXT4-fs: Ignoring removed nobh option
[  243.602210][T13911] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.3696: corrupted inode contents
[  243.614207][T13911] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #3: comm syz.3.3696: mark_inode_dirty error
[  243.625781][T13911] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.3696: corrupted inode contents
[  243.638228][T13911] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.3696: mark_inode_dirty error
[  243.650025][T13911] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.3696: Failed to acquire dquot type 0
[  243.661707][T13911] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.3696: corrupted inode contents
[  243.673852][T13911] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.3696: mark_inode_dirty error
[  243.685411][T13911] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.3696: corrupted inode contents
[  243.697521][T13911] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.3696: mark_inode_dirty error
[  243.709020][T13911] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.3696: corrupted inode contents
[  243.722360][   T41] smc: removing ib device syz2
[  243.722712][T13911] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  243.735784][T13911] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.3696: corrupted inode contents
[  243.735898][   T31] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  243.749405][T13911] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.3696: mark_inode_dirty error
[  243.767450][T13911] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  243.776623][   T31] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  243.776929][T13911] EXT4-fs (loop3): 1 truncate cleaned up
[  243.791514][T13911] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  243.791843][   T31] bond0 (unregistering): Released all slaves
[  243.804208][T13911] ext4 filesystem being mounted at /149/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  243.813568][   T31] bond1 (unregistering): Released all slaves
[  243.829287][   T31] bond2 (unregistering): Released all slaves
[  243.837852][T13871] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  243.848075][T13911] netlink: 200 bytes leftover after parsing attributes in process `syz.3.3696'.
[  243.858344][T13871] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  243.885210][T13910] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.904700][T13871] team0: Port device team_slave_0 added
[  243.912631][T13871] team0: Port device team_slave_1 added
[  243.983647][T13871] batman_adv: batadv0: Adding interface: batadv_slave_0
[  243.990596][T13871] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  244.016634][T13871] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  244.063657][T13871] batman_adv: batadv0: Adding interface: batadv_slave_1
[  244.070631][T13871] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  244.095606][T13925] netlink: 'syz.2.3700': attribute type 1 has an invalid length.
[  244.096660][T13871] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  244.120315][T13925] 8021q: adding VLAN 0 to HW filter on device bond1
[  244.132936][   T31] hsr_slave_0: left promiscuous mode
[  244.134906][T13925] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3700'.
[  244.147242][   T31] hsr_slave_1: left promiscuous mode
[  244.156635][   T31] veth1_macvtap: left promiscuous mode
[  244.162282][   T31] veth0_macvtap: left promiscuous mode
[  244.167894][   T31] veth1_vlan: left promiscuous mode
[  244.173711][   T31] veth0_vlan: left promiscuous mode
[  244.194318][T13928] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3701'.
[  244.268523][   T31] team0 (unregistering): Port device team_slave_1 removed
[  244.279989][   T31] team0 (unregistering): Port device team_slave_0 removed
[  244.332531][T13925] bond1 (unregistering): Released all slaves
[  244.379260][T13871] hsr_slave_0: entered promiscuous mode
[  244.391218][T13871] hsr_slave_1: entered promiscuous mode
[  244.401104][T13871] debugfs: 'hsr0' already exists in 'hsr'
[  244.406928][T13871] Cannot create hsr debugfs directory
[  244.424073][T13938] program syz.0.3705 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  244.539138][T13946] FAULT_INJECTION: forcing a failure.
[  244.539138][T13946] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  244.552257][T13946] CPU: 1 UID: 0 PID: 13946 Comm: syz.2.3707 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  244.552358][T13946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  244.552372][T13946] Call Trace:
[  244.552379][T13946]  <TASK>
[  244.552386][T13946]  __dump_stack+0x1d/0x30
[  244.552468][T13946]  dump_stack_lvl+0xe8/0x140
[  244.552480][T13946]  dump_stack+0x15/0x1b
[  244.552542][T13946]  should_fail_ex+0x265/0x280
[  244.552554][T13946]  should_fail+0xb/0x20
[  244.552607][T13946]  should_fail_usercopy+0x1a/0x20
[  244.552684][T13946]  _copy_from_iter+0xcf/0xe40
[  244.552699][T13946]  ? __build_skb_around+0x1a0/0x200
[  244.552718][T13946]  skb_copy_datagram_from_iter+0xb1/0x490
[  244.552733][T13946]  tun_get_user+0xafa/0x2680
[  244.552792][T13946]  ? ref_tracker_alloc+0x1f2/0x2f0
[  244.552805][T13946]  ? selinux_file_permission+0x1e4/0x320
[  244.552817][T13946]  tun_chr_write_iter+0x15e/0x210
[  244.552846][T13946]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  244.552930][T13946]  vfs_write+0x52a/0x960
[  244.552945][T13946]  ksys_write+0xda/0x1a0
[  244.553015][T13946]  __x64_sys_write+0x40/0x50
[  244.553107][T13946]  x64_sys_call+0x27fe/0x2ff0
[  244.553118][T13946]  do_syscall_64+0xd2/0x200
[  244.553133][T13946]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  244.553146][T13946]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  244.553290][T13946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.553320][T13946] RIP: 0033:0x7f0ea23debe9
[  244.553329][T13946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.553339][T13946] RSP: 002b:00007f0ea0e47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  244.553350][T13946] RAX: ffffffffffffffda RBX: 00007f0ea2605fa0 RCX: 00007f0ea23debe9
[  244.553357][T13946] RDX: 000000000000004b RSI: 0000200000000200 RDI: 0000000000000003
[  244.553365][T13946] RBP: 00007f0ea0e47090 R08: 0000000000000000 R09: 0000000000000000
[  244.553377][T13946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.553460][T13946] R13: 00007f0ea2606038 R14: 00007f0ea2605fa0 R15: 00007ffcf3286078
[  244.553470][T13946]  </TASK>
[  244.853877][T13948] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.873405][T13950] infiniband syz2: set down
[  244.878055][T13950] infiniband syz2: added bond0
[  244.900082][T13950] RDS/IB: syz2: added
[  244.915060][T13950] smc: adding ib device syz2 with port count 1
[  244.923781][T13948] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.935521][T13950] smc:    ib device syz2 port 1 has pnetid 
[  245.013059][   T29] kauditd_printk_skb: 387 callbacks suppressed
[  245.013071][   T29] audit: type=1326 audit(1755487133.559:14921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13952 comm="syz.0.3710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb13bc0ebe9 code=0x7ffc0000
[  245.042895][   T29] audit: type=1326 audit(1755487133.559:14922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13952 comm="syz.0.3710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb13bc0ebe9 code=0x7ffc0000
[  245.066576][   T29] audit: type=1326 audit(1755487133.569:14923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13952 comm="syz.0.3710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7fb13bc0ebe9 code=0x7ffc0000
[  245.090231][   T29] audit: type=1326 audit(1755487133.569:14924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13952 comm="syz.0.3710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb13bc0ebe9 code=0x7ffc0000
[  245.113914][   T29] audit: type=1326 audit(1755487133.569:14925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13952 comm="syz.0.3710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb13bc0ebe9 code=0x7ffc0000
[  245.152734][T13948] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.171590][T13961] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3712'.
[  245.234782][T13948] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.251838][T13871] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  245.291215][   T29] audit: type=1326 audit(1755487133.849:14926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13967 comm="syz.0.3715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb13bc0ebe9 code=0x7ffc0000
[  245.315030][   T29] audit: type=1326 audit(1755487133.849:14927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13967 comm="syz.0.3715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb13bc0ebe9 code=0x7ffc0000
[  245.356010][T13871] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  245.363146][   T29] audit: type=1326 audit(1755487133.909:14928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13967 comm="syz.0.3715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fb13bc0ebe9 code=0x7ffc0000
[  245.386749][   T29] audit: type=1326 audit(1755487133.909:14929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13967 comm="syz.0.3715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb13bc0ebe9 code=0x7ffc0000
[  245.410433][   T29] audit: type=1326 audit(1755487133.909:14930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13967 comm="syz.0.3715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb13bc0ebe9 code=0x7ffc0000
[  245.438721][T13871] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  245.459711][T13871] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  245.487268][ T1948] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  245.504411][ T1948] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  245.513235][T13977] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3719'.
[  245.526534][ T1948] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  245.566817][ T1948] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  245.585415][T13871] 8021q: adding VLAN 0 to HW filter on device bond0
[  245.595307][T13989] netlink: 'syz.3.3722': attribute type 1 has an invalid length.
[  245.610975][T13991] syz2: rxe_newlink: already configured on bond0
[  245.615573][T13989] 8021q: adding VLAN 0 to HW filter on device bond1
[  245.630322][T13871] 8021q: adding VLAN 0 to HW filter on device team0
[  245.639626][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.646810][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[  245.655843][T13989] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3722'.
[  245.672057][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.679114][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[  245.693662][T13998] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3726'.
[  245.720696][T13989] bond1 (unregistering): Released all slaves
[  245.741227][T13998] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3726'.
[  245.822040][T13871] 8021q: adding VLAN 0 to HW filter on device batadv0
[  245.841524][T14001] loop3: detected capacity change from 0 to 8192
[  245.959293][T13871] veth0_vlan: entered promiscuous mode
[  245.973898][T13871] veth1_vlan: entered promiscuous mode
[  246.009841][T13871] veth0_macvtap: entered promiscuous mode
[  246.027137][T13871] veth1_macvtap: entered promiscuous mode
[  246.038176][T13871] batman_adv: batadv0: Interface activated: batadv_slave_0
[  246.052727][T13871] batman_adv: batadv0: Interface activated: batadv_slave_1
[  246.063651][T14038] rdma_rxe: rxe_newlink: failed to add bond0
[  246.075181][ T1948] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  246.102986][ T1948] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  246.126924][ T1948] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  246.137530][ T1948] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  246.242174][T14069] loop3: detected capacity change from 0 to 128
[  246.515557][T14077] rdma_rxe: rxe_newlink: failed to add bond0
[  246.754515][T14102] block device autoloading is deprecated and will be removed.
[  246.809403][T14106] rdma_rxe: rxe_newlink: failed to add bond0
[  246.846684][T14108] rdma_rxe: rxe_newlink: failed to add bond0
[  247.070386][T14135] syz2: rxe_newlink: already configured on bond0
[  247.080831][T14137] rdma_rxe: rxe_newlink: failed to add bond0
[  247.544521][T14170] rdma_rxe: rxe_newlink: failed to add bond0
[  247.583239][T14143] Set syz1 is full, maxelem 65536 reached
[  247.651980][ T3409] hid-generic 0003:0004:0000.000F: unknown main item tag 0x0
[  247.659452][ T3409] hid-generic 0003:0004:0000.000F: unknown main item tag 0x0
[  247.667006][ T3409] hid-generic 0003:0004:0000.000F: unknown main item tag 0x0
[  247.681850][ T3409] hid-generic 0003:0004:0000.000F: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  247.709728][T14186] blktrace: Concurrent blktraces are not allowed on loop6
[  247.928095][T14199] rdma_rxe: rxe_newlink: failed to add bond0
[  248.044505][T14207] __nla_validate_parse: 5 callbacks suppressed
[  248.044521][T14207] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3803'.
[  248.159862][T14189] Set syz1 is full, maxelem 65536 reached
[  248.227947][   T36] hid-generic 0003:0004:0000.0010: unknown main item tag 0x0
[  248.235398][   T36] hid-generic 0003:0004:0000.0010: unknown main item tag 0x0
[  248.242860][   T36] hid-generic 0003:0004:0000.0010: unknown main item tag 0x0
[  248.263313][   T36] hid-generic 0003:0004:0000.0010: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  248.330899][T14232] FAULT_INJECTION: forcing a failure.
[  248.330899][T14232] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  248.344314][T14232] CPU: 0 UID: 0 PID: 14232 Comm: syz.3.3814 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  248.344343][T14232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  248.344413][T14232] Call Trace:
[  248.344418][T14232]  <TASK>
[  248.344425][T14232]  __dump_stack+0x1d/0x30
[  248.344445][T14232]  dump_stack_lvl+0xe8/0x140
[  248.344464][T14232]  dump_stack+0x15/0x1b
[  248.344480][T14232]  should_fail_ex+0x265/0x280
[  248.344503][T14232]  should_fail+0xb/0x20
[  248.344605][T14232]  should_fail_usercopy+0x1a/0x20
[  248.344629][T14232]  strncpy_from_user+0x25/0x230
[  248.344659][T14232]  ? __kmalloc_cache_noprof+0x189/0x320
[  248.344768][T14232]  __se_sys_memfd_create+0x1ff/0x590
[  248.344809][T14232]  __x64_sys_memfd_create+0x31/0x40
[  248.344831][T14232]  x64_sys_call+0x2abe/0x2ff0
[  248.344852][T14232]  do_syscall_64+0xd2/0x200
[  248.345012][T14232]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  248.345037][T14232]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  248.345131][T14232]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.345153][T14232] RIP: 0033:0x7f8a383bebe9
[  248.345169][T14232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.345185][T14232] RSP: 002b:00007f8a36e1ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  248.345276][T14232] RAX: ffffffffffffffda RBX: 000000000000051f RCX: 00007f8a383bebe9
[  248.345321][T14232] RDX: 00007f8a36e1eef0 RSI: 0000000000000000 RDI: 00007f8a384427e8
[  248.345334][T14232] RBP: 00002000000007c0 R08: 00007f8a36e1ebb7 R09: 00007f8a36e1ee40
[  248.345347][T14232] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0
[  248.345360][T14232] R13: 00007f8a36e1eef0 R14: 00007f8a36e1eeb0 R15: 0000200000000300
[  248.345381][T14232]  </TASK>
[  248.551213][T14234] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3815'.
[  248.580267][T14236] rdma_rxe: rxe_newlink: failed to add bond0
[  248.644820][T14248] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.705306][ T3381] hid-generic 0003:0004:0000.0011: unknown main item tag 0x0
[  248.712874][ T3381] hid-generic 0003:0004:0000.0011: unknown main item tag 0x0
[  248.720317][ T3381] hid-generic 0003:0004:0000.0011: unknown main item tag 0x0
[  248.729208][T14248] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.757187][ T3381] hid-generic 0003:0004:0000.0011: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  248.785536][T14248] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.840109][T14258] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3826'.
[  248.852432][T14248] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.951803][T14273] netlink: 'syz.0.3833': attribute type 1 has an invalid length.
[  248.983483][T14273] 8021q: adding VLAN 0 to HW filter on device bond4
[  249.002147][T14278] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3833'.
[  249.033900][T14278] bond4 (unregistering): Released all slaves
[  249.087113][T14285] FAULT_INJECTION: forcing a failure.
[  249.087113][T14285] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  249.100302][T14285] CPU: 0 UID: 0 PID: 14285 Comm: syz.2.3836 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  249.100332][T14285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  249.100413][T14285] Call Trace:
[  249.100419][T14285]  <TASK>
[  249.100426][T14285]  __dump_stack+0x1d/0x30
[  249.100447][T14285]  dump_stack_lvl+0xe8/0x140
[  249.100464][T14285]  dump_stack+0x15/0x1b
[  249.100479][T14285]  should_fail_ex+0x265/0x280
[  249.100534][T14285]  should_fail+0xb/0x20
[  249.100583][T14285]  should_fail_usercopy+0x1a/0x20
[  249.100603][T14285]  _copy_from_user+0x1c/0xb0
[  249.100630][T14285]  bpf_test_init+0xdf/0x160
[  249.100661][T14285]  bpf_prog_test_run_xdp+0x274/0x910
[  249.100694][T14285]  ? kstrtouint+0x76/0xc0
[  249.100711][T14285]  ? __rcu_read_unlock+0x4f/0x70
[  249.100734][T14285]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  249.100757][T14285]  bpf_prog_test_run+0x22a/0x390
[  249.100786][T14285]  __sys_bpf+0x4b9/0x7b0
[  249.100869][T14285]  __x64_sys_bpf+0x41/0x50
[  249.100889][T14285]  x64_sys_call+0x2aea/0x2ff0
[  249.100936][T14285]  do_syscall_64+0xd2/0x200
[  249.100959][T14285]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  249.100982][T14285]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  249.101003][T14285]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.101053][T14285] RIP: 0033:0x7f0ea23debe9
[  249.101140][T14285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.101159][T14285] RSP: 002b:00007f0ea0e47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  249.101177][T14285] RAX: ffffffffffffffda RBX: 00007f0ea2605fa0 RCX: 00007f0ea23debe9
[  249.101188][T14285] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  249.101269][T14285] RBP: 00007f0ea0e47090 R08: 0000000000000000 R09: 0000000000000000
[  249.101279][T14285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  249.101289][T14285] R13: 00007f0ea2606038 R14: 00007f0ea2605fa0 R15: 00007ffcf3286078
[  249.101305][T14285]  </TASK>
[  249.333628][T14273] loop0: detected capacity change from 0 to 8192
[  249.501493][T14308] loop5: detected capacity change from 0 to 1024
[  249.518279][T14308] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  249.552692][T14308] ext4 filesystem being mounted at /24/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  249.790171][T13871] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.016166][   T41] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  250.039048][   T29] kauditd_printk_skb: 802 callbacks suppressed
[  250.039124][   T29] audit: type=1326 audit(1755487138.589:15733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14347 comm="syz.2.3862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ea23debe9 code=0x7ffc0000
[  250.044494][   T41] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  250.045358][   T29] audit: type=1326 audit(1755487138.589:15734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14347 comm="syz.2.3862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ea23debe9 code=0x7ffc0000
[  250.135169][   T41] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  250.173303][   T41] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  250.176209][   T29] audit: type=1326 audit(1755487138.699:15735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14351 comm="syz.3.3863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a383bebe9 code=0x7ffc0000
[  250.198063][T14358] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3866'.
[  250.205153][   T29] audit: type=1326 audit(1755487138.709:15736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14351 comm="syz.3.3863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a383bebe9 code=0x7ffc0000
[  250.205183][   T29] audit: type=1326 audit(1755487138.709:15737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14351 comm="syz.3.3863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a383bebe9 code=0x7ffc0000
[  250.205206][   T29] audit: type=1326 audit(1755487138.709:15738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14351 comm="syz.3.3863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a383bebe9 code=0x7ffc0000
[  250.205229][   T29] audit: type=1326 audit(1755487138.709:15739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14351 comm="syz.3.3863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a383bebe9 code=0x7ffc0000
[  250.309042][   T29] audit: type=1326 audit(1755487138.709:15740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14351 comm="syz.3.3863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a383bebe9 code=0x7ffc0000
[  250.332656][   T29] audit: type=1326 audit(1755487138.709:15741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14351 comm="syz.3.3863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a383bebe9 code=0x7ffc0000
[  250.356247][   T29] audit: type=1326 audit(1755487138.709:15742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14351 comm="syz.3.3863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a383bebe9 code=0x7ffc0000
[  250.388104][T14363] sctp: [Deprecated]: syz.5.3868 (pid 14363) Use of int in max_burst socket option.
[  250.388104][T14363] Use struct sctp_assoc_value instead
[  250.411771][ T3366] hid-generic 0003:0004:0000.0012: unknown main item tag 0x0
[  250.441379][ T3366] hid-generic 0003:0004:0000.0012: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  250.521919][T14381] netlink: 'syz.1.3876': attribute type 1 has an invalid length.
[  250.545369][T14381] bond1: entered promiscuous mode
[  250.561222][T14370] loop5: detected capacity change from 0 to 512
[  250.567694][T14381] 8021q: adding VLAN 0 to HW filter on device bond1
[  250.575235][T14370] ext4: Unknown parameter 'smackfsfloor'
[  250.617209][T14384] 8021q: adding VLAN 0 to HW filter on device bond1
[  250.624389][T14384] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address
[  250.634986][T14384] bond1: (slave wireguard0): Setting fail_over_mac to active for active-backup mode
[  250.663644][T14384] bond1: (slave wireguard0): making interface the new active one
[  250.671500][T14384] wireguard0: entered promiscuous mode
[  250.681304][T14384] bond1: (slave wireguard0): Enslaving as an active interface with an up link
[  250.779152][ T1035] hid-generic 0003:0004:0000.0013: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  250.970725][ T3366] hid-generic 0003:0004:0000.0014: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  252.167243][T14477] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.234164][T14477] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.284382][T14477] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.297020][T14484] netlink: 'syz.2.3916': attribute type 1 has an invalid length.
[  252.310076][T14484] 8021q: adding VLAN 0 to HW filter on device bond1
[  252.318442][T14484] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3916'.
[  252.328575][T14484] bond1 (unregistering): Released all slaves
[  252.344418][T14477] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.418461][ T8113] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  252.433797][ T8113] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  252.453425][ T8113] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  252.470513][ T8113] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  252.475061][T14488] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3917'.
[  252.525821][T14496] rdma_rxe: rxe_newlink: failed to add bond0
[  252.668437][T14507] blktrace: Concurrent blktraces are not allowed on loop0
[  252.787537][T14515] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.815798][T14521] rdma_rxe: rxe_newlink: failed to add bond0
[  252.832717][T14515] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.882904][T14515] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.932505][T14515] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.002771][T14531] blktrace: Concurrent blktraces are not allowed on loop0
[  253.027841][ T1035] hid_parser_main: 8 callbacks suppressed
[  253.027857][ T1035] hid-generic 0003:0004:0000.0015: unknown main item tag 0x0
[  253.041118][ T1035] hid-generic 0003:0004:0000.0015: unknown main item tag 0x0
[  253.048486][ T1035] hid-generic 0003:0004:0000.0015: unknown main item tag 0x0
[  253.056400][ T1035] hid-generic 0003:0004:0000.0015: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  253.184807][ T1035] hid-generic 0003:0004:0000.0016: unknown main item tag 0x0
[  253.192245][ T1035] hid-generic 0003:0004:0000.0016: unknown main item tag 0x0
[  253.199624][ T1035] hid-generic 0003:0004:0000.0016: unknown main item tag 0x0
[  253.207420][ T1035] hid-generic 0003:0004:0000.0016: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  253.337496][ T3366] hid-generic 0003:0004:0000.0017: unknown main item tag 0x0
[  253.344977][ T3366] hid-generic 0003:0004:0000.0017: unknown main item tag 0x0
[  253.352381][ T3366] hid-generic 0003:0004:0000.0017: unknown main item tag 0x0
[  253.361081][ T3366] hid-generic 0003:0004:0000.0017: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  253.480222][T14574] FAULT_INJECTION: forcing a failure.
[  253.480222][T14574] name failslab, interval 1, probability 0, space 0, times 0
[  253.492952][T14574] CPU: 0 UID: 0 PID: 14574 Comm: syz.1.3956 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  253.493049][T14574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  253.493062][T14574] Call Trace:
[  253.493069][T14574]  <TASK>
[  253.493077][T14574]  __dump_stack+0x1d/0x30
[  253.493099][T14574]  dump_stack_lvl+0xe8/0x140
[  253.493141][T14574]  dump_stack+0x15/0x1b
[  253.493159][T14574]  should_fail_ex+0x265/0x280
[  253.493180][T14574]  should_failslab+0x8c/0xb0
[  253.493201][T14574]  kmem_cache_alloc_noprof+0x50/0x310
[  253.493292][T14574]  ? security_inode_alloc+0x37/0x100
[  253.493321][T14574]  security_inode_alloc+0x37/0x100
[  253.493398][T14574]  inode_init_always_gfp+0x4b7/0x500
[  253.493430][T14574]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  253.493453][T14574]  alloc_inode+0x58/0x170
[  253.493497][T14574]  new_inode+0x1d/0xe0
[  253.493510][T14574]  shmem_get_inode+0x244/0x750
[  253.493522][T14574]  __shmem_file_setup+0x113/0x210
[  253.493562][T14574]  shmem_file_setup+0x3b/0x50
[  253.493640][T14574]  __se_sys_memfd_create+0x2c3/0x590
[  253.493662][T14574]  __x64_sys_memfd_create+0x31/0x40
[  253.493680][T14574]  x64_sys_call+0x2abe/0x2ff0
[  253.493701][T14574]  do_syscall_64+0xd2/0x200
[  253.493737][T14574]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  253.493750][T14574]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  253.493764][T14574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.493776][T14574] RIP: 0033:0x7fd37120ebe9
[  253.493785][T14574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.493802][T14574] RSP: 002b:00007fd36fc76e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  253.493814][T14574] RAX: ffffffffffffffda RBX: 0000000000000291 RCX: 00007fd37120ebe9
[  253.493820][T14574] RDX: 00007fd36fc76ef0 RSI: 0000000000000000 RDI: 00007fd3712927e8
[  253.493827][T14574] RBP: 0000200000000280 R08: 00007fd36fc76bb7 R09: 00007fd36fc76e40
[  253.493834][T14574] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000240
[  253.493870][T14574] R13: 00007fd36fc76ef0 R14: 00007fd36fc76eb0 R15: 0000200000000540
[  253.493881][T14574]  </TASK>
[  253.770187][T14584] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3961'.
[  253.883626][T14594] rdma_rxe: rxe_newlink: failed to add bond0
[  253.963194][T14586] program syz.0.3962 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  253.966374][T14598] rdma_rxe: rxe_newlink: failed to add bond0
[  254.156959][   T31] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  254.170888][   T31] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  254.224600][   T31] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  254.232840][   T31] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  254.252661][T14611] SELinux:  Context system_u:object_r:systemd_logger_exec_t:s0 is not valid (left unmapped).
[  254.332725][T14617] rdma_rxe: rxe_newlink: failed to add bond0
[  254.473969][T14626] blktrace: Concurrent blktraces are not allowed on loop6
[  254.932949][T14635] FAULT_INJECTION: forcing a failure.
[  254.932949][T14635] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  254.946087][T14635] CPU: 1 UID: 0 PID: 14635 Comm: syz.5.3981 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  254.946116][T14635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  254.946129][T14635] Call Trace:
[  254.946137][T14635]  <TASK>
[  254.946145][T14635]  __dump_stack+0x1d/0x30
[  254.946227][T14635]  dump_stack_lvl+0xe8/0x140
[  254.946245][T14635]  dump_stack+0x15/0x1b
[  254.946261][T14635]  should_fail_ex+0x265/0x280
[  254.946278][T14635]  should_fail+0xb/0x20
[  254.946293][T14635]  should_fail_usercopy+0x1a/0x20
[  254.946437][T14635]  _copy_to_iter+0xcf/0xe30
[  254.946541][T14635]  ? __local_bh_enable_ip+0x70/0x80
[  254.946560][T14635]  ? __dev_queue_xmit+0x1200/0x2000
[  254.946579][T14635]  ? __dev_queue_xmit+0x182/0x2000
[  254.946605][T14635]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  254.946624][T14635]  __skb_datagram_iter+0x2f4/0x690
[  254.946704][T14635]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  254.946729][T14635]  skb_copy_datagram_iter+0x3d/0x110
[  254.946749][T14635]  tcp_recvmsg_locked+0xa68/0x1fd0
[  254.946826][T14635]  ? ip6_finish_output2+0xa70/0xd30
[  254.946852][T14635]  ? security_inode_alloc+0x37/0x100
[  254.946876][T14635]  ? ___slab_alloc+0xdb/0x900
[  254.946947][T14635]  ? obj_cgroup_charge_account+0x122/0x1a0
[  254.947007][T14635]  ? try_charge_memcg+0x200/0x9e0
[  254.947056][T14635]  ? __rcu_read_unlock+0x4f/0x70
[  254.947101][T14635]  ? css_rstat_updated+0xb7/0x240
[  254.947158][T14635]  ? __account_obj_stock+0x211/0x350
[  254.947182][T14635]  tcp_zerocopy_receive+0x460/0x1310
[  254.947204][T14635]  ? __rcu_read_unlock+0x4f/0x70
[  254.947247][T14635]  ? __perf_event_task_sched_in+0xa5b/0xac0
[  254.947266][T14635]  ? plist_check_list+0x1e4/0x210
[  254.947376][T14635]  do_tcp_getsockopt+0x1841/0x1af0
[  254.947403][T14635]  ? avc_has_perm_noaudit+0x1b1/0x200
[  254.947431][T14635]  ? avc_has_perm+0xf7/0x180
[  254.947454][T14635]  tcp_getsockopt+0x6e/0xe0
[  254.947473][T14635]  sock_common_getsockopt+0x60/0x70
[  254.947509][T14635]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  254.947599][T14635]  do_sock_getsockopt+0x200/0x240
[  254.947618][T14635]  __x64_sys_getsockopt+0x11e/0x1a0
[  254.947644][T14635]  x64_sys_call+0x2bc6/0x2ff0
[  254.947662][T14635]  do_syscall_64+0xd2/0x200
[  254.947753][T14635]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  254.947776][T14635]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  254.947797][T14635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.947953][T14635] RIP: 0033:0x7f305983ebe9
[  254.947965][T14635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.948034][T14635] RSP: 002b:00007f30582a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  254.948051][T14635] RAX: ffffffffffffffda RBX: 00007f3059a65fa0 RCX: 00007f305983ebe9
[  254.948062][T14635] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000003
[  254.948134][T14635] RBP: 00007f30582a7090 R08: 0000200000000100 R09: 0000000000000000
[  254.948165][T14635] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  254.948178][T14635] R13: 00007f3059a66038 R14: 00007f3059a65fa0 R15: 00007ffea2b71688
[  254.948194][T14635]  </TASK>
[  255.410395][T14645] syz_tun: entered promiscuous mode
[  255.430483][T14645] syz_tun: left promiscuous mode
[  255.472205][T14620] Set syz1 is full, maxelem 65536 reached
[  255.497666][T14651] FAULT_INJECTION: forcing a failure.
[  255.497666][T14651] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  255.510786][   T29] kauditd_printk_skb: 784 callbacks suppressed
[  255.510799][   T29] audit: type=1326 audit(1755487144.039:16527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14646 comm="syz.5.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f305983ebe9 code=0x7ffc0000
[  255.516977][T14651] CPU: 1 UID: 0 PID: 14651 Comm: syz.0.3988 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  255.517005][T14651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  255.517018][T14651] Call Trace:
[  255.517075][T14651]  <TASK>
[  255.517089][T14651]  __dump_stack+0x1d/0x30
[  255.517110][T14651]  dump_stack_lvl+0xe8/0x140
[  255.517145][T14651]  dump_stack+0x15/0x1b
[  255.517161][T14651]  should_fail_ex+0x265/0x280
[  255.517336][T14651]  should_fail+0xb/0x20
[  255.517350][T14651]  should_fail_usercopy+0x1a/0x20
[  255.517370][T14651]  _copy_to_user+0x20/0xa0
[  255.517397][T14651]  simple_read_from_buffer+0xb5/0x130
[  255.517419][T14651]  proc_fail_nth_read+0x10e/0x150
[  255.517504][T14651]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  255.517528][T14651]  vfs_read+0x1a8/0x770
[  255.517548][T14651]  ? __rcu_read_unlock+0x4f/0x70
[  255.517593][T14651]  ? __fget_files+0x184/0x1c0
[  255.517618][T14651]  ksys_read+0xda/0x1a0
[  255.517640][T14651]  __x64_sys_read+0x40/0x50
[  255.517660][T14651]  x64_sys_call+0x27bc/0x2ff0
[  255.517735][T14651]  do_syscall_64+0xd2/0x200
[  255.517760][T14651]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  255.517783][T14651]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  255.517843][T14651]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.517883][T14651] RIP: 0033:0x7fb13bc0d5fc
[  255.517898][T14651] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  255.517948][T14651] RSP: 002b:00007fb13a677030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  255.517966][T14651] RAX: ffffffffffffffda RBX: 00007fb13be35fa0 RCX: 00007fb13bc0d5fc
[  255.517978][T14651] RDX: 000000000000000f RSI: 00007fb13a6770a0 RDI: 0000000000000005
[  255.517990][T14651] RBP: 00007fb13a677090 R08: 0000000000000000 R09: 0000000000000000
[  255.518016][T14651] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  255.518026][T14651] R13: 00007fb13be36038 R14: 00007fb13be35fa0 R15: 00007ffc87481ee8
[  255.518073][T14651]  </TASK>
[  255.741451][   T29] audit: type=1326 audit(1755487144.039:16528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14646 comm="syz.5.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f305983ebe9 code=0x7ffc0000
[  255.765007][   T29] audit: type=1326 audit(1755487144.039:16529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14646 comm="syz.5.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f305983ebe9 code=0x7ffc0000
[  255.788559][   T29] audit: type=1326 audit(1755487144.039:16530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14646 comm="syz.5.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f305983ebe9 code=0x7ffc0000
[  255.812169][   T29] audit: type=1326 audit(1755487144.039:16531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14646 comm="syz.5.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f305983ebe9 code=0x7ffc0000
[  255.835834][   T29] audit: type=1326 audit(1755487144.039:16532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14646 comm="syz.5.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f305983ebe9 code=0x7ffc0000
[  255.859420][   T29] audit: type=1326 audit(1755487144.039:16533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14646 comm="syz.5.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f305983ebe9 code=0x7ffc0000
[  255.883005][   T29] audit: type=1326 audit(1755487144.039:16534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14646 comm="syz.5.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3059840b07 code=0x7ffc0000
[  255.906651][   T29] audit: type=1326 audit(1755487144.039:16535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14646 comm="syz.5.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f3059840a7c code=0x7ffc0000
[  255.930281][   T29] audit: type=1326 audit(1755487144.039:16536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14646 comm="syz.5.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f30598409b4 code=0x7ffc0000
[  256.037637][T14648] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.105864][T14648] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.185103][T14648] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.266895][T14648] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.346481][   T41] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  256.365450][   T41] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  256.387177][   T41] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  256.415779][   T41] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  256.742975][T14670] loop5: detected capacity change from 0 to 1756
[  256.776378][T14670] iso9660: Unknown parameter '1844674407370955161500000000000000000000000'
[  256.798593][T14673] loop3: detected capacity change from 0 to 512
[  256.828170][T14673] EXT4-fs error (device loop3): ext4_quota_enable:7124: inode #3: comm syz.3.3997: unexpected EA_INODE flag
[  256.860073][T14673] EXT4-fs (loop3): Remounting filesystem read-only
[  256.866722][T14673] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  256.883853][T14673] EXT4-fs (loop3): mount failed
[  256.891472][T14681] FAULT_INJECTION: forcing a failure.
[  256.891472][T14681] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  256.904658][T14681] CPU: 0 UID: 0 PID: 14681 Comm: syz.0.3999 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  256.904691][T14681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  256.904704][T14681] Call Trace:
[  256.904711][T14681]  <TASK>
[  256.904719][T14681]  __dump_stack+0x1d/0x30
[  256.904801][T14681]  dump_stack_lvl+0xe8/0x140
[  256.904822][T14681]  dump_stack+0x15/0x1b
[  256.904838][T14681]  should_fail_ex+0x265/0x280
[  256.904869][T14681]  should_fail+0xb/0x20
[  256.904926][T14681]  should_fail_usercopy+0x1a/0x20
[  256.904950][T14681]  _copy_from_user+0x1c/0xb0
[  256.904983][T14681]  vmemdup_user+0x59/0xd0
[  256.905009][T14681]  con_set_unimap+0x3f/0x6f0
[  256.905085][T14681]  ? selinux_capable+0x31/0x40
[  256.905206][T14681]  ? should_fail_ex+0xdb/0x280
[  256.905228][T14681]  vt_ioctl+0xfbb/0x1880
[  256.905257][T14681]  ? tty_jobctrl_ioctl+0x29e/0x810
[  256.905291][T14681]  tty_ioctl+0x7de/0xb80
[  256.905316][T14681]  ? __pfx_tty_ioctl+0x10/0x10
[  256.905344][T14681]  __se_sys_ioctl+0xcb/0x140
[  256.905436][T14681]  __x64_sys_ioctl+0x43/0x50
[  256.905468][T14681]  x64_sys_call+0x1816/0x2ff0
[  256.905563][T14681]  do_syscall_64+0xd2/0x200
[  256.905617][T14681]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  256.905644][T14681]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  256.905670][T14681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.905740][T14681] RIP: 0033:0x7fb13bc0ebe9
[  256.905755][T14681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.905774][T14681] RSP: 002b:00007fb13a677038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  256.905794][T14681] RAX: ffffffffffffffda RBX: 00007fb13be35fa0 RCX: 00007fb13bc0ebe9
[  256.905808][T14681] RDX: 0000200000000040 RSI: 0000000000004b67 RDI: 0000000000000005
[  256.905882][T14681] RBP: 00007fb13a677090 R08: 0000000000000000 R09: 0000000000000000
[  256.905893][T14681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  256.905905][T14681] R13: 00007fb13be36038 R14: 00007fb13be35fa0 R15: 00007ffc87481ee8
[  256.905921][T14681]  </TASK>
[  257.152558][T14673] loop3: detected capacity change from 0 to 128
[  257.154509][T14683] netlink: 'syz.0.4001': attribute type 1 has an invalid length.
[  257.184240][T14683] 8021q: adding VLAN 0 to HW filter on device bond4
[  257.195978][T14673] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  257.208693][T14673] ext4 filesystem being mounted at /193/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  257.218478][T14691] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4001'.
[  257.254817][T14689] netlink: 256 bytes leftover after parsing attributes in process `syz.1.4002'.
[  257.269727][T11550] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  257.286586][T14691] bond4 (unregistering): Released all slaves
[  257.293318][   T10] hid-generic 0003:0004:0000.0018: unknown main item tag 0x0
[  257.301252][   T10] hid-generic 0003:0004:0000.0018: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  257.321766][T14699] loop3: detected capacity change from 0 to 128
[  257.331578][T14699] FAULT_INJECTION: forcing a failure.
[  257.331578][T14699] name failslab, interval 1, probability 0, space 0, times 0
[  257.344265][T14699] CPU: 1 UID: 0 PID: 14699 Comm: syz.3.4004 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  257.344293][T14699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  257.344358][T14699] Call Trace:
[  257.344365][T14699]  <TASK>
[  257.344372][T14699]  __dump_stack+0x1d/0x30
[  257.344392][T14699]  dump_stack_lvl+0xe8/0x140
[  257.344410][T14699]  dump_stack+0x15/0x1b
[  257.344478][T14699]  should_fail_ex+0x265/0x280
[  257.344497][T14699]  should_failslab+0x8c/0xb0
[  257.344522][T14699]  __kmalloc_noprof+0xa5/0x3e0
[  257.344616][T14699]  ? iter_file_splice_write+0xfe/0x9e0
[  257.344640][T14699]  iter_file_splice_write+0xfe/0x9e0
[  257.344669][T14699]  ? __pfx_iter_file_splice_write+0x10/0x10
[  257.344689][T14699]  direct_splice_actor+0x153/0x2a0
[  257.344707][T14699]  ? splice_folio_into_pipe+0x341/0x3a0
[  257.344888][T14699]  splice_direct_to_actor+0x30f/0x680
[  257.344970][T14699]  ? __pfx_direct_splice_actor+0x10/0x10
[  257.344995][T14699]  do_splice_direct+0xda/0x150
[  257.345056][T14699]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  257.345082][T14699]  do_sendfile+0x380/0x650
[  257.345155][T14699]  __x64_sys_sendfile64+0x105/0x150
[  257.345243][T14699]  x64_sys_call+0x2bb0/0x2ff0
[  257.345265][T14699]  do_syscall_64+0xd2/0x200
[  257.345292][T14699]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  257.345366][T14699]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  257.345392][T14699]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.345463][T14699] RIP: 0033:0x7f8a383bebe9
[  257.345478][T14699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.345526][T14699] RSP: 002b:00007f8a36e1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  257.345545][T14699] RAX: ffffffffffffffda RBX: 00007f8a385e5fa0 RCX: 00007f8a383bebe9
[  257.345559][T14699] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005
[  257.345572][T14699] RBP: 00007f8a36e1f090 R08: 0000000000000000 R09: 0000000000000000
[  257.345584][T14699] R10: 000000000003ffff R11: 0000000000000246 R12: 0000000000000001
[  257.345597][T14699] R13: 00007f8a385e6038 R14: 00007f8a385e5fa0 R15: 00007ffcbfa3d0a8
[  257.345616][T14699]  </TASK>
[  257.611498][T14683] loop0: detected capacity change from 0 to 8192
[  257.688014][T14714] rdma_rxe: rxe_newlink: failed to add bond0
[  257.726912][T14717] FAULT_INJECTION: forcing a failure.
[  257.726912][T14717] name failslab, interval 1, probability 0, space 0, times 0
[  257.739594][T14717] CPU: 0 UID: 0 PID: 14717 Comm: syz.1.4009 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  257.739657][T14717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  257.739671][T14717] Call Trace:
[  257.739678][T14717]  <TASK>
[  257.739699][T14717]  __dump_stack+0x1d/0x30
[  257.739718][T14717]  dump_stack_lvl+0xe8/0x140
[  257.739763][T14717]  dump_stack+0x15/0x1b
[  257.739777][T14717]  should_fail_ex+0x265/0x280
[  257.739796][T14717]  ? audit_log_d_path+0x8d/0x150
[  257.739821][T14717]  should_failslab+0x8c/0xb0
[  257.739853][T14717]  __kmalloc_cache_noprof+0x4c/0x320
[  257.739885][T14717]  audit_log_d_path+0x8d/0x150
[  257.739953][T14717]  audit_log_d_path_exe+0x42/0x70
[  257.739979][T14717]  audit_log_task+0x1e9/0x250
[  257.740045][T14717]  audit_seccomp+0x61/0x100
[  257.740153][T14717]  ? __seccomp_filter+0x68c/0x10d0
[  257.740177][T14717]  __seccomp_filter+0x69d/0x10d0
[  257.740198][T14717]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  257.740308][T14717]  ? vfs_write+0x7e8/0x960
[  257.740326][T14717]  ? __rcu_read_unlock+0x4f/0x70
[  257.740348][T14717]  ? __fget_files+0x184/0x1c0
[  257.740377][T14717]  __secure_computing+0x82/0x150
[  257.740476][T14717]  syscall_trace_enter+0xcf/0x1e0
[  257.740499][T14717]  do_syscall_64+0xac/0x200
[  257.740524][T14717]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  257.740546][T14717]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  257.740584][T14717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.740663][T14717] RIP: 0033:0x7fd37120ebe9
[  257.740681][T14717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.740773][T14717] RSP: 002b:00007fd36fc56038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  257.740791][T14717] RAX: ffffffffffffffda RBX: 00007fd371436090 RCX: 00007fd37120ebe9
[  257.740805][T14717] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 00007fd36fc12000
[  257.740819][T14717] RBP: 00007fd36fc56090 R08: 0000000000000000 R09: 0000000000000000
[  257.740888][T14717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  257.740899][T14717] R13: 00007fd371436128 R14: 00007fd371436090 R15: 00007ffc643d73d8
[  257.740951][T14717]  </TASK>
[  258.091898][   T10] hid_parser_main: 2 callbacks suppressed
[  258.091915][   T10] hid-generic 0003:0004:0000.0019: unknown main item tag 0x0
[  258.105164][   T10] hid-generic 0003:0004:0000.0019: unknown main item tag 0x0
[  258.112612][   T10] hid-generic 0003:0004:0000.0019: unknown main item tag 0x0
[  258.147337][   T10] hid-generic 0003:0004:0000.0019: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  258.165229][T14731] FAULT_INJECTION: forcing a failure.
[  258.165229][T14731] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  258.178389][T14731] CPU: 0 UID: 0 PID: 14731 Comm: syz.0.4014 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  258.178417][T14731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  258.178456][T14731] Call Trace:
[  258.178463][T14731]  <TASK>
[  258.178471][T14731]  __dump_stack+0x1d/0x30
[  258.178494][T14731]  dump_stack_lvl+0xe8/0x140
[  258.178553][T14731]  dump_stack+0x15/0x1b
[  258.178626][T14731]  should_fail_ex+0x265/0x280
[  258.178736][T14731]  should_fail+0xb/0x20
[  258.178815][T14731]  should_fail_usercopy+0x1a/0x20
[  258.179018][T14731]  _copy_from_user+0x1c/0xb0
[  258.179043][T14731]  autofs_dev_ioctl+0xdd/0x6a0
[  258.179068][T14731]  ? __pfx_autofs_dev_ioctl+0x10/0x10
[  258.179119][T14731]  __se_sys_ioctl+0xcb/0x140
[  258.179148][T14731]  __x64_sys_ioctl+0x43/0x50
[  258.179178][T14731]  x64_sys_call+0x1816/0x2ff0
[  258.179202][T14731]  do_syscall_64+0xd2/0x200
[  258.179247][T14731]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  258.179269][T14731]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  258.179297][T14731]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.179369][T14731] RIP: 0033:0x7fb13bc0ebe9
[  258.179401][T14731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.179420][T14731] RSP: 002b:00007fb13a677038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  258.179440][T14731] RAX: ffffffffffffffda RBX: 00007fb13be35fa0 RCX: 00007fb13bc0ebe9
[  258.179451][T14731] RDX: 0000200000000200 RSI: 00000000c018937e RDI: 0000000000000003
[  258.179462][T14731] RBP: 00007fb13a677090 R08: 0000000000000000 R09: 0000000000000000
[  258.179473][T14731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  258.179483][T14731] R13: 00007fb13be36038 R14: 00007fb13be35fa0 R15: 00007ffc87481ee8
[  258.179503][T14731]  </TASK>
[  258.405528][T14736] 9pnet: Could not find request transport: r
[  258.462862][T14742] syz2: rxe_newlink: already configured on bond0
[  258.513210][T14745] hub 6-0:1.0: USB hub found
[  258.517818][T14745] FAULT_INJECTION: forcing a failure.
[  258.517818][T14745] name failslab, interval 1, probability 0, space 0, times 0
[  258.530455][T14745] CPU: 0 UID: 0 PID: 14745 Comm: syz.3.4026 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  258.530502][T14745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  258.530580][T14745] Call Trace:
[  258.530588][T14745]  <TASK>
[  258.530596][T14745]  __dump_stack+0x1d/0x30
[  258.530633][T14745]  dump_stack_lvl+0xe8/0x140
[  258.530682][T14745]  dump_stack+0x15/0x1b
[  258.530696][T14745]  should_fail_ex+0x265/0x280
[  258.530725][T14745]  ? hub_probe+0x307/0x1700
[  258.530747][T14745]  should_failslab+0x8c/0xb0
[  258.530846][T14745]  __kmalloc_cache_noprof+0x4c/0x320
[  258.530900][T14745]  hub_probe+0x307/0x1700
[  258.530918][T14745]  ? pm_runtime_enable+0x192/0x1e0
[  258.530942][T14745]  ? read_tsc+0x9/0x20
[  258.530965][T14745]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  258.531023][T14745]  usb_probe_interface+0x479/0x700
[  258.531049][T14745]  ? __pfx_usb_probe_interface+0x10/0x10
[  258.531073][T14745]  really_probe+0x1bc/0x5c0
[  258.531100][T14745]  __driver_probe_device+0x121/0x190
[  258.531128][T14745]  driver_probe_device+0x37/0x2f0
[  258.531156][T14745]  __device_attach_driver+0x205/0x310
[  258.531214][T14745]  ? __pfx___device_attach_driver+0x10/0x10
[  258.531243][T14745]  bus_for_each_drv+0x1bd/0x230
[  258.531277][T14745]  __device_attach+0x1c7/0x290
[  258.531303][T14745]  device_attach+0x17/0x20
[  258.531383][T14745]  proc_ioctl+0x2f7/0x400
[  258.531413][T14745]  proc_ioctl_default+0x71/0xa0
[  258.531443][T14745]  usbdev_ioctl+0xe97/0x1710
[  258.531512][T14745]  ? __pfx_usbdev_ioctl+0x10/0x10
[  258.531544][T14745]  __se_sys_ioctl+0xcb/0x140
[  258.531579][T14745]  __x64_sys_ioctl+0x43/0x50
[  258.531647][T14745]  x64_sys_call+0x1816/0x2ff0
[  258.531723][T14745]  do_syscall_64+0xd2/0x200
[  258.531753][T14745]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  258.531779][T14745]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  258.531804][T14745]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.531895][T14745] RIP: 0033:0x7f8a383bebe9
[  258.531911][T14745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.531994][T14745] RSP: 002b:00007f8a36e1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  258.532012][T14745] RAX: ffffffffffffffda RBX: 00007f8a385e5fa0 RCX: 00007f8a383bebe9
[  258.532025][T14745] RDX: 0000200000000040 RSI: 00000000c0105512 RDI: 0000000000000006
[  258.532039][T14745] RBP: 00007f8a36e1f090 R08: 0000000000000000 R09: 0000000000000000
[  258.532051][T14745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  258.532064][T14745] R13: 00007f8a385e6038 R14: 00007f8a385e5fa0 R15: 00007ffcbfa3d0a8
[  258.532146][T14745]  </TASK>
[  258.792602][T14745] hub 6-0:1.0: probe with driver hub failed with error -12
[  258.822670][T14748] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4027'.
[  258.988431][ T3409] hid-generic 0003:0004:0000.001A: unknown main item tag 0x0
[  258.995962][ T3409] hid-generic 0003:0004:0000.001A: unknown main item tag 0x0
[  259.003433][ T3409] hid-generic 0003:0004:0000.001A: unknown main item tag 0x0
[  259.012168][ T3409] hid-generic 0003:0004:0000.001A: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  259.044361][T14755] FAULT_INJECTION: forcing a failure.
[  259.044361][T14755] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  259.057483][T14755] CPU: 0 UID: 0 PID: 14755 Comm: syz.3.4029 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  259.057511][T14755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  259.057522][T14755] Call Trace:
[  259.057530][T14755]  <TASK>
[  259.057597][T14755]  __dump_stack+0x1d/0x30
[  259.057611][T14755]  dump_stack_lvl+0xe8/0x140
[  259.057673][T14755]  dump_stack+0x15/0x1b
[  259.057690][T14755]  should_fail_ex+0x265/0x280
[  259.057712][T14755]  should_fail+0xb/0x20
[  259.057721][T14755]  should_fail_usercopy+0x1a/0x20
[  259.057734][T14755]  copy_fpstate_to_sigframe+0x628/0x7d0
[  259.057874][T14755]  ? copy_fpstate_to_sigframe+0xe6/0x7d0
[  259.057953][T14755]  ? x86_task_fpu+0x36/0x60
[  259.057968][T14755]  get_sigframe+0x34d/0x490
[  259.057978][T14755]  ? get_signal+0xdc8/0xf70
[  259.057997][T14755]  x64_setup_rt_frame+0xa8/0x580
[  259.058040][T14755]  arch_do_signal_or_restart+0x27c/0x480
[  259.058054][T14755]  exit_to_user_mode_loop+0x7a/0x100
[  259.058067][T14755]  do_syscall_64+0x1d6/0x200
[  259.058082][T14755]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  259.058148][T14755]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  259.058161][T14755]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.058174][T14755] RIP: 0033:0x7f8a383bebe9
[  259.058183][T14755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.058193][T14755] RSP: 002b:00007f8a36e1f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f7
[  259.058248][T14755] RAX: 0000000000000000 RBX: 00007f8a385e5fa0 RCX: 00007f8a383bebe9
[  259.058255][T14755] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  259.058262][T14755] RBP: 00007f8a36e1f090 R08: 0000000000000000 R09: 0000000000000000
[  259.058268][T14755] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  259.058275][T14755] R13: 00007f8a385e6038 R14: 00007f8a385e5fa0 R15: 00007ffcbfa3d0a8
[  259.058334][T14755]  </TASK>
[  259.304255][T14772] rdma_rxe: rxe_newlink: failed to add bond0
[  259.436995][T14779] loop5: detected capacity change from 0 to 512
[  259.443586][T14779] EXT4-fs: Ignoring removed nobh option
[  259.452664][T14779] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.4037: corrupted inode contents
[  259.464670][T14779] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #3: comm syz.5.4037: mark_inode_dirty error
[  259.477313][T14779] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.4037: corrupted inode contents
[  259.491035][T14779] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #3: comm syz.5.4037: mark_inode_dirty error
[  259.503776][T14779] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.4037: Failed to acquire dquot type 0
[  259.515886][T14779] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.4037: corrupted inode contents
[  259.528494][T14779] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #16: comm syz.5.4037: mark_inode_dirty error
[  259.530950][T14783] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4038'.
[  259.540365][T14779] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.4037: corrupted inode contents
[  259.562194][T14779] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.4037: mark_inode_dirty error
[  259.574047][T14779] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.4037: corrupted inode contents
[  259.587338][T14779] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  259.596143][T14779] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.4037: corrupted inode contents
[  259.608924][T14779] EXT4-fs error (device loop5): ext4_truncate:4666: inode #16: comm syz.5.4037: mark_inode_dirty error
[  259.620374][T14779] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  259.630598][T14779] EXT4-fs (loop5): 1 truncate cleaned up
[  259.636857][T14779] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  259.650465][T14779] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  259.667547][T14779] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4037'.
[  259.689497][T14779] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.713435][T14788] loop5: detected capacity change from 0 to 1024
[  259.720351][T14788] EXT4-fs: Ignoring removed bh option
[  259.727185][T14788] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  259.752185][T14788] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.777087][T14794] FAULT_INJECTION: forcing a failure.
[  259.777087][T14794] name failslab, interval 1, probability 0, space 0, times 0
[  259.789764][T14794] CPU: 1 UID: 0 PID: 14794 Comm: syz.2.4042 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  259.789792][T14794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  259.789804][T14794] Call Trace:
[  259.789882][T14794]  <TASK>
[  259.789891][T14794]  __dump_stack+0x1d/0x30
[  259.789914][T14794]  dump_stack_lvl+0xe8/0x140
[  259.789995][T14794]  dump_stack+0x15/0x1b
[  259.790012][T14794]  should_fail_ex+0x265/0x280
[  259.790035][T14794]  should_failslab+0x8c/0xb0
[  259.790060][T14794]  __kmalloc_noprof+0xa5/0x3e0
[  259.790141][T14794]  ? unregister_netdevice_many_notify+0x4c9/0x15d0
[  259.790168][T14794]  ? unlist_netdevice+0x2cc/0x320
[  259.790192][T14794]  unregister_netdevice_many_notify+0x4c9/0x15d0
[  259.790262][T14794]  ? __rcu_read_unlock+0x4f/0x70
[  259.790286][T14794]  unregister_netdevice_queue+0x1f5/0x220
[  259.790311][T14794]  unregister_netdev+0xb3/0xe0
[  259.790396][T14794]  slip_close+0xe4/0x100
[  259.790446][T14794]  ? __pfx_slip_close+0x10/0x10
[  259.790476][T14794]  tty_ldisc_close+0x74/0xa0
[  259.790563][T14794]  tty_set_ldisc+0x1b9/0x380
[  259.790627][T14794]  tiocsetd+0x51/0x60
[  259.790682][T14794]  tty_ioctl+0xa7f/0xb80
[  259.790712][T14794]  ? __pfx_tty_ioctl+0x10/0x10
[  259.790817][T14794]  __se_sys_ioctl+0xcb/0x140
[  259.790848][T14794]  __x64_sys_ioctl+0x43/0x50
[  259.790877][T14794]  x64_sys_call+0x1816/0x2ff0
[  259.790898][T14794]  do_syscall_64+0xd2/0x200
[  259.790942][T14794]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  259.791054][T14794]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  259.791080][T14794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.791101][T14794] RIP: 0033:0x7f0ea23debe9
[  259.791118][T14794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.791136][T14794] RSP: 002b:00007f0ea0e47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  259.791223][T14794] RAX: ffffffffffffffda RBX: 00007f0ea2605fa0 RCX: 00007f0ea23debe9
[  259.791234][T14794] RDX: 0000200000000100 RSI: 0000000000005423 RDI: 0000000000000005
[  259.791245][T14794] RBP: 00007f0ea0e47090 R08: 0000000000000000 R09: 0000000000000000
[  259.791300][T14794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.791313][T14794] R13: 00007f0ea2606038 R14: 00007f0ea2605fa0 R15: 00007ffcf3286078
[  259.791332][T14794]  </TASK>
[  260.048207][T14788] bond_slave_1: entered promiscuous mode
[  260.054733][T14788] bond_slave_1: left promiscuous mode
[  260.071130][T14794] Falling back ldisc for ttyS3.
[  260.138470][T14798] FAULT_INJECTION: forcing a failure.
[  260.138470][T14798] name failslab, interval 1, probability 0, space 0, times 0
[  260.150692][T13871] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.151195][T14798] CPU: 0 UID: 0 PID: 14798 Comm: syz.2.4044 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  260.151223][T14798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  260.151236][T14798] Call Trace:
[  260.151241][T14798]  <TASK>
[  260.151249][T14798]  __dump_stack+0x1d/0x30
[  260.151271][T14798]  dump_stack_lvl+0xe8/0x140
[  260.151290][T14798]  dump_stack+0x15/0x1b
[  260.151306][T14798]  should_fail_ex+0x265/0x280
[  260.151327][T14798]  should_failslab+0x8c/0xb0
[  260.151351][T14798]  __kmalloc_node_noprof+0xa9/0x410
[  260.151480][T14798]  ? qdisc_alloc+0x65/0x440
[  260.151516][T14798]  qdisc_alloc+0x65/0x440
[  260.151546][T14798]  ? nla_strcmp+0xc3/0xe0
[  260.151569][T14798]  qdisc_create+0xf5/0x9e0
[  260.151671][T14798]  tc_modify_qdisc+0xf2e/0x1420
[  260.151704][T14798]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  260.151777][T14798]  rtnetlink_rcv_msg+0x657/0x6d0
[  260.151803][T14798]  ? avc_has_perm_noaudit+0x1b1/0x200
[  260.151883][T14798]  netlink_rcv_skb+0x123/0x220
[  260.151902][T14798]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  260.151933][T14798]  rtnetlink_rcv+0x1c/0x30
[  260.151956][T14798]  netlink_unicast+0x5bd/0x690
[  260.152032][T14798]  netlink_sendmsg+0x58b/0x6b0
[  260.152055][T14798]  ? __pfx_netlink_sendmsg+0x10/0x10
[  260.152076][T14798]  __sock_sendmsg+0x142/0x180
[  260.152103][T14798]  ____sys_sendmsg+0x31e/0x4e0
[  260.152144][T14798]  ___sys_sendmsg+0x17b/0x1d0
[  260.152176][T14798]  __x64_sys_sendmsg+0xd4/0x160
[  260.152200][T14798]  x64_sys_call+0x191e/0x2ff0
[  260.152277][T14798]  do_syscall_64+0xd2/0x200
[  260.152303][T14798]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  260.152327][T14798]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  260.152428][T14798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.152450][T14798] RIP: 0033:0x7f0ea23debe9
[  260.152465][T14798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.152486][T14798] RSP: 002b:00007f0ea0e47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  260.152505][T14798] RAX: ffffffffffffffda RBX: 00007f0ea2605fa0 RCX: 00007f0ea23debe9
[  260.152559][T14798] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000003
[  260.152572][T14798] RBP: 00007f0ea0e47090 R08: 0000000000000000 R09: 0000000000000000
[  260.152584][T14798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  260.152644][T14798] R13: 00007f0ea2606038 R14: 00007f0ea2605fa0 R15: 00007ffcf3286078
[  260.152662][T14798]  </TASK>
[  260.210818][T14800] netlink: 'syz.1.4045': attribute type 3 has an invalid length.
[  260.581354][   T29] kauditd_printk_skb: 179 callbacks suppressed
[  260.581370][   T29] audit: type=1326 audit(1755487149.139:16714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14802 comm="syz.2.4047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ea23debe9 code=0x7ffc0000
[  260.612340][   T29] audit: type=1326 audit(1755487149.169:16715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14802 comm="syz.2.4047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ea23debe9 code=0x7ffc0000
[  260.661999][   T29] audit: type=1326 audit(1755487149.219:16716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.1.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd37120ebe9 code=0x7ffc0000
[  260.710789][   T29] audit: type=1326 audit(1755487149.219:16717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.1.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd37120ebe9 code=0x7ffc0000
[  260.734427][   T29] audit: type=1326 audit(1755487149.219:16718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.1.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd37120ebe9 code=0x7ffc0000
[  260.758419][   T29] audit: type=1326 audit(1755487149.219:16719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.1.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd37120ebe9 code=0x7ffc0000
[  260.782229][   T29] audit: type=1326 audit(1755487149.219:16720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.1.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd37120ebe9 code=0x7ffc0000
[  260.805845][   T29] audit: type=1326 audit(1755487149.219:16721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.1.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fd37120ebe9 code=0x7ffc0000
[  260.829354][   T29] audit: type=1326 audit(1755487149.219:16722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.1.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd37120ebe9 code=0x7ffc0000
[  260.853033][   T29] audit: type=1326 audit(1755487149.219:16723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.1.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd37120d550 code=0x7ffc0000
[  260.886154][T14818] program syz.3.4049 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  260.934800][T14827] FAULT_INJECTION: forcing a failure.
[  260.934800][T14827] name failslab, interval 1, probability 0, space 0, times 0
[  260.947540][T14827] CPU: 0 UID: 0 PID: 14827 Comm: syz.1.4054 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  260.947570][T14827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  260.947581][T14827] Call Trace:
[  260.947587][T14827]  <TASK>
[  260.947667][T14827]  __dump_stack+0x1d/0x30
[  260.947687][T14827]  dump_stack_lvl+0xe8/0x140
[  260.947704][T14827]  dump_stack+0x15/0x1b
[  260.947797][T14827]  should_fail_ex+0x265/0x280
[  260.947824][T14827]  should_failslab+0x8c/0xb0
[  260.947907][T14827]  kmem_cache_alloc_noprof+0x50/0x310
[  260.947932][T14827]  ? skb_clone+0x151/0x1f0
[  260.947954][T14827]  skb_clone+0x151/0x1f0
[  260.947974][T14827]  __netlink_deliver_tap+0x2c9/0x500
[  260.948002][T14827]  netlink_unicast+0x66b/0x690
[  260.948032][T14827]  netlink_sendmsg+0x58b/0x6b0
[  260.948052][T14827]  ? __pfx_netlink_sendmsg+0x10/0x10
[  260.948145][T14827]  __sock_sendmsg+0x142/0x180
[  260.948172][T14827]  ____sys_sendmsg+0x31e/0x4e0
[  260.948193][T14827]  ___sys_sendmsg+0x17b/0x1d0
[  260.948237][T14827]  __x64_sys_sendmsg+0xd4/0x160
[  260.948264][T14827]  x64_sys_call+0x191e/0x2ff0
[  260.948286][T14827]  do_syscall_64+0xd2/0x200
[  260.948364][T14827]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  260.948390][T14827]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  260.948415][T14827]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.948435][T14827] RIP: 0033:0x7fd37120ebe9
[  260.948452][T14827] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.948528][T14827] RSP: 002b:00007fd36fc77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  260.948549][T14827] RAX: ffffffffffffffda RBX: 00007fd371435fa0 RCX: 00007fd37120ebe9
[  260.948563][T14827] RDX: 0000000020040054 RSI: 0000200000006040 RDI: 0000000000000004
[  260.948576][T14827] RBP: 00007fd36fc77090 R08: 0000000000000000 R09: 0000000000000000
[  260.948634][T14827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  260.948645][T14827] R13: 00007fd371436038 R14: 00007fd371435fa0 R15: 00007ffc643d73d8
[  260.948663][T14827]  </TASK>
[  261.164916][ T1035] hid-generic 0003:0004:0000.001B: unknown main item tag 0x0
[  261.167155][T14829] FAULT_INJECTION: forcing a failure.
[  261.167155][T14829] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  261.172384][ T1035] hid-generic 0003:0004:0000.001B: unknown main item tag 0x0
[  261.185400][T14829] CPU: 0 UID: 0 PID: 14829 Comm: syz.2.4055 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  261.185513][T14829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  261.185585][T14829] Call Trace:
[  261.185592][T14829]  <TASK>
[  261.185599][T14829]  __dump_stack+0x1d/0x30
[  261.185654][T14829]  dump_stack_lvl+0xe8/0x140
[  261.185673][T14829]  dump_stack+0x15/0x1b
[  261.185690][T14829]  should_fail_ex+0x265/0x280
[  261.185766][T14829]  should_fail+0xb/0x20
[  261.185828][T14829]  should_fail_usercopy+0x1a/0x20
[  261.185849][T14829]  _copy_from_iter+0xcf/0xe40
[  261.185909][T14829]  ? __build_skb_around+0x1a0/0x200
[  261.185940][T14829]  ? __alloc_skb+0x223/0x320
[  261.185972][T14829]  netlink_sendmsg+0x471/0x6b0
[  261.186137][T14829]  ? __pfx_netlink_sendmsg+0x10/0x10
[  261.186159][T14829]  __sock_sendmsg+0x142/0x180
[  261.186187][T14829]  ____sys_sendmsg+0x31e/0x4e0
[  261.186212][T14829]  ___sys_sendmsg+0x17b/0x1d0
[  261.186245][T14829]  __x64_sys_sendmsg+0xd4/0x160
[  261.186281][T14829]  x64_sys_call+0x191e/0x2ff0
[  261.186302][T14829]  do_syscall_64+0xd2/0x200
[  261.186335][T14829]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  261.186359][T14829]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  261.186417][T14829]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.186478][T14829] RIP: 0033:0x7f0ea23debe9
[  261.186570][T14829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.186605][T14829] RSP: 002b:00007f0ea0e47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  261.186623][T14829] RAX: ffffffffffffffda RBX: 00007f0ea2605fa0 RCX: 00007f0ea23debe9
[  261.186635][T14829] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000004
[  261.186648][T14829] RBP: 00007f0ea0e47090 R08: 0000000000000000 R09: 0000000000000000
[  261.186660][T14829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.186672][T14829] R13: 00007f0ea2606038 R14: 00007f0ea2605fa0 R15: 00007ffcf3286078
[  261.186691][T14829]  </TASK>
[  261.394622][ T1035] hid-generic 0003:0004:0000.001B: unknown main item tag 0x0
[  261.402726][ T1035] hid-generic 0003:0004:0000.001B: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  261.415129][T14854] netlink: 88 bytes leftover after parsing attributes in process `syz.2.4063'.
[  261.548650][T14869] loop0: detected capacity change from 0 to 128
[  261.596276][ T3409] hid-generic 0003:0004:0000.001C: unknown main item tag 0x0
[  261.605340][ T3409] hid-generic 0003:0004:0000.001C: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  261.617355][T14882] syz.0.4070: attempt to access beyond end of device
[  261.617355][T14882] loop0: rw=2049, sector=145, nr_sectors = 16 limit=128
[  261.656159][T14882] syz.0.4070: attempt to access beyond end of device
[  261.656159][T14882] loop0: rw=2049, sector=169, nr_sectors = 8 limit=128
[  261.688283][T14882] syz.0.4070: attempt to access beyond end of device
[  261.688283][T14882] loop0: rw=2049, sector=185, nr_sectors = 8 limit=128
[  261.728107][T14882] syz.0.4070: attempt to access beyond end of device
[  261.728107][T14882] loop0: rw=2049, sector=201, nr_sectors = 8 limit=128
[  261.744066][T14888] netlink: 48 bytes leftover after parsing attributes in process `syz.2.4078'.
[  261.753619][T14882] syz.0.4070: attempt to access beyond end of device
[  261.753619][T14882] loop0: rw=2049, sector=217, nr_sectors = 8 limit=128
[  261.767197][T14882] syz.0.4070: attempt to access beyond end of device
[  261.767197][T14882] loop0: rw=2049, sector=233, nr_sectors = 8 limit=128
[  261.780687][T14882] syz.0.4070: attempt to access beyond end of device
[  261.780687][T14882] loop0: rw=2049, sector=249, nr_sectors = 8 limit=128
[  261.794238][T14882] syz.0.4070: attempt to access beyond end of device
[  261.794238][T14882] loop0: rw=2049, sector=265, nr_sectors = 8 limit=128
[  261.807865][T14882] syz.0.4070: attempt to access beyond end of device
[  261.807865][T14882] loop0: rw=2049, sector=281, nr_sectors = 8 limit=128
[  261.827175][T14882] syz.0.4070: attempt to access beyond end of device
[  261.827175][T14882] loop0: rw=2049, sector=297, nr_sectors = 8 limit=128
[  261.866724][T14897] blktrace: Concurrent blktraces are not allowed on sg0
[  261.875590][T14897] netlink: 'syz.0.4082': attribute type 7 has an invalid length.
[  261.883387][T14897] netlink: 140 bytes leftover after parsing attributes in process `syz.0.4082'.
[  261.893836][T14897] FAULT_INJECTION: forcing a failure.
[  261.893836][T14897] name failslab, interval 1, probability 0, space 0, times 0
[  261.906546][T14897] CPU: 1 UID: 0 PID: 14897 Comm: syz.0.4082 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  261.906627][T14897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  261.906638][T14897] Call Trace:
[  261.906694][T14897]  <TASK>
[  261.906700][T14897]  __dump_stack+0x1d/0x30
[  261.906718][T14897]  dump_stack_lvl+0xe8/0x140
[  261.906735][T14897]  dump_stack+0x15/0x1b
[  261.906749][T14897]  should_fail_ex+0x265/0x280
[  261.906799][T14897]  ? serport_ldisc_read+0x8c/0x300
[  261.906820][T14897]  should_failslab+0x8c/0xb0
[  261.906841][T14897]  __kmalloc_cache_noprof+0x4c/0x320
[  261.906866][T14897]  ? putname+0xda/0x100
[  261.906924][T14897]  serport_ldisc_read+0x8c/0x300
[  261.906972][T14897]  ? get_perf_callchain+0x456/0x530
[  261.906994][T14897]  tty_read+0x151/0x4a0
[  261.907014][T14897]  ? __import_iovec+0x428/0x540
[  261.907066][T14897]  do_iter_readv_writev+0x49c/0x540
[  261.907099][T14897]  vfs_readv+0x1ea/0x690
[  261.907130][T14897]  do_readv+0xe7/0x210
[  261.907208][T14897]  __x64_sys_readv+0x45/0x50
[  261.907253][T14897]  x64_sys_call+0x29f8/0x2ff0
[  261.907272][T14897]  do_syscall_64+0xd2/0x200
[  261.907295][T14897]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  261.907315][T14897]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  261.907371][T14897]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.907389][T14897] RIP: 0033:0x7fb13bc0ebe9
[  261.907402][T14897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.907418][T14897] RSP: 002b:00007fb13a677038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  261.907451][T14897] RAX: ffffffffffffffda RBX: 00007fb13be35fa0 RCX: 00007fb13bc0ebe9
[  261.907461][T14897] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000006
[  261.907472][T14897] RBP: 00007fb13a677090 R08: 0000000000000000 R09: 0000000000000000
[  261.907483][T14897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.907523][T14897] R13: 00007fb13be36038 R14: 00007fb13be35fa0 R15: 00007ffc87481ee8
[  261.907539][T14897]  </TASK>
[  261.958598][T14899] blktrace: Concurrent blktraces are not allowed on sg0
[  261.962037][T14897] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4082'.
[  261.967180][T14899] netlink: 'syz.2.4083': attribute type 7 has an invalid length.
[  262.032931][T14900] serio: Serial port ptm2
[  262.033456][T14899] netlink: 140 bytes leftover after parsing attributes in process `syz.2.4083'.
[  262.092884][T14900] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4083'.
[  262.233772][T14908] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.261784][ T3409] hid-generic 0003:0004:0000.001D: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  262.282678][T14908] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.342344][T14908] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.380945][T14921] loop3: detected capacity change from 0 to 512
[  262.387615][T14921] EXT4-fs: Ignoring removed nobh option
[  262.394982][T14908] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.412351][T14921] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.4092: corrupted inode contents
[  262.424375][T14921] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #3: comm syz.3.4092: mark_inode_dirty error
[  262.436519][T14921] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.4092: corrupted inode contents
[  262.448619][T14921] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.4092: mark_inode_dirty error
[  262.462185][T14921] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.4092: Failed to acquire dquot type 0
[  262.474461][T14921] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.4092: corrupted inode contents
[  262.493316][ T8113] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  262.494760][T14921] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.4092: mark_inode_dirty error
[  262.517264][ T8113] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  262.521104][T14921] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.4092: corrupted inode contents
[  262.544545][ T8113] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  262.552252][T14928] hub 9-0:1.0: USB hub found
[  262.557553][T14928] hub 9-0:1.0: 8 ports detected
[  262.564795][T14921] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.4092: mark_inode_dirty error
[  262.584639][ T8113] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  262.594514][T14928] loop5: detected capacity change from 0 to 1764
[  262.601830][T14921] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.4092: corrupted inode contents
[  262.614213][T14921] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  262.616794][T14928] iso9660: Unknown parameter 'd0°0ŠÃ00000000b1'
[  262.625045][T14921] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.4092: corrupted inode contents
[  262.641944][T14921] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.4092: mark_inode_dirty error
[  262.685964][T14921] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  262.696978][T14921] EXT4-fs (loop3): 1 truncate cleaned up
[  262.703083][T14921] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.716555][T14921] ext4 filesystem being mounted at /207/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  262.730820][T14939] loop0: detected capacity change from 0 to 512
[  262.738326][T14921] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4092'.
[  262.765761][T14939] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.779930][T14939] ext4 filesystem being mounted at /267/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  262.792586][T14921] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.849912][T14946] FAULT_INJECTION: forcing a failure.
[  262.849912][T14946] name failslab, interval 1, probability 0, space 0, times 0
[  262.862622][T14946] CPU: 0 UID: 0 PID: 14946 Comm: syz.5.4101 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  262.862702][T14946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  262.862716][T14946] Call Trace:
[  262.862723][T14946]  <TASK>
[  262.862730][T14946]  __dump_stack+0x1d/0x30
[  262.862772][T14946]  dump_stack_lvl+0xe8/0x140
[  262.862793][T14946]  dump_stack+0x15/0x1b
[  262.862810][T14946]  should_fail_ex+0x265/0x280
[  262.862830][T14946]  should_failslab+0x8c/0xb0
[  262.862851][T14946]  kmem_cache_alloc_noprof+0x50/0x310
[  262.862943][T14946]  ? audit_log_start+0x365/0x6c0
[  262.863114][T14946]  ? audit_log_start+0x16d/0x6c0
[  262.863142][T14946]  audit_log_start+0x365/0x6c0
[  262.863170][T14946]  audit_seccomp+0x48/0x100
[  262.863252][T14946]  ? __seccomp_filter+0x68c/0x10d0
[  262.863271][T14946]  __seccomp_filter+0x69d/0x10d0
[  262.863290][T14946]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  262.863314][T14946]  ? vfs_write+0x7e8/0x960
[  262.863401][T14946]  __secure_computing+0x82/0x150
[  262.863419][T14946]  syscall_trace_enter+0xcf/0x1e0
[  262.863496][T14946]  do_syscall_64+0xac/0x200
[  262.863519][T14946]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  262.863539][T14946]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  262.863615][T14946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.863633][T14946] RIP: 0033:0x7f305983ebe9
[  262.863646][T14946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.863682][T14946] RSP: 002b:00007f30582a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  262.863699][T14946] RAX: ffffffffffffffda RBX: 00007f3059a65fa0 RCX: 00007f305983ebe9
[  262.863710][T14946] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  262.863720][T14946] RBP: 00007f30582a7090 R08: 0000000000000000 R09: 0000000000000000
[  262.863731][T14946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  262.863741][T14946] R13: 00007f3059a66038 R14: 00007f3059a65fa0 R15: 00007ffea2b71688
[  262.863824][T14946]  </TASK>
[  263.111383][T11718] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.131492][T14956] FAULT_INJECTION: forcing a failure.
[  263.131492][T14956] name failslab, interval 1, probability 0, space 0, times 0
[  263.144145][T14956] CPU: 1 UID: 0 PID: 14956 Comm: syz.5.4106 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  263.144182][T14956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  263.144193][T14956] Call Trace:
[  263.144200][T14956]  <TASK>
[  263.144208][T14956]  __dump_stack+0x1d/0x30
[  263.144303][T14956]  dump_stack_lvl+0xe8/0x140
[  263.144360][T14956]  dump_stack+0x15/0x1b
[  263.144378][T14956]  should_fail_ex+0x265/0x280
[  263.144396][T14956]  should_failslab+0x8c/0xb0
[  263.144417][T14956]  kmem_cache_alloc_noprof+0x50/0x310
[  263.144479][T14956]  ? audit_log_start+0x365/0x6c0
[  263.144588][T14956]  audit_log_start+0x365/0x6c0
[  263.144618][T14956]  audit_seccomp+0x48/0x100
[  263.144675][T14956]  ? __seccomp_filter+0x68c/0x10d0
[  263.144697][T14956]  __seccomp_filter+0x69d/0x10d0
[  263.144716][T14956]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  263.144805][T14956]  ? vfs_write+0x7e8/0x960
[  263.144824][T14956]  ? __rcu_read_unlock+0x4f/0x70
[  263.144842][T14956]  ? __fget_files+0x184/0x1c0
[  263.144871][T14956]  __secure_computing+0x82/0x150
[  263.144920][T14956]  syscall_trace_enter+0xcf/0x1e0
[  263.144986][T14956]  do_syscall_64+0xac/0x200
[  263.145009][T14956]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  263.145030][T14956]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  263.145056][T14956]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.145107][T14956] RIP: 0033:0x7f305983ebe9
[  263.145121][T14956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.145157][T14956] RSP: 002b:00007f30582a7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e2
[  263.145173][T14956] RAX: ffffffffffffffda RBX: 00007f3059a65fa0 RCX: 00007f305983ebe9
[  263.145187][T14956] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  263.145201][T14956] RBP: 00007f30582a7090 R08: 0000000000000000 R09: 0000000000000000
[  263.145214][T14956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  263.145227][T14956] R13: 00007f3059a66038 R14: 00007f3059a65fa0 R15: 00007ffea2b71688
[  263.145247][T14956]  </TASK>
[  263.603880][T14973] program syz.5.4111 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  263.705667][ T3381] hid_parser_main: 5 callbacks suppressed
[  263.705683][ T3381] hid-generic 0003:0004:0000.001E: unknown main item tag 0x0
[  263.714199][T14954] Set syz1 is full, maxelem 65536 reached
[  263.718907][ T3381] hid-generic 0003:0004:0000.001E: unknown main item tag 0x0
[  263.732091][ T3381] hid-generic 0003:0004:0000.001E: unknown main item tag 0x0
[  263.739957][ T3381] hid-generic 0003:0004:0000.001E: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  263.974075][T14998] program syz.1.4122 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  264.007015][T15004] FAULT_INJECTION: forcing a failure.
[  264.007015][T15004] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.020148][T15004] CPU: 0 UID: 0 PID: 15004 Comm: syz.3.4123 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  264.020222][T15004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  264.020233][T15004] Call Trace:
[  264.020239][T15004]  <TASK>
[  264.020246][T15004]  __dump_stack+0x1d/0x30
[  264.020266][T15004]  dump_stack_lvl+0xe8/0x140
[  264.020302][T15004]  dump_stack+0x15/0x1b
[  264.020357][T15004]  should_fail_ex+0x265/0x280
[  264.020379][T15004]  should_fail+0xb/0x20
[  264.020397][T15004]  should_fail_usercopy+0x1a/0x20
[  264.020424][T15004]  strncpy_from_user+0x25/0x230
[  264.020466][T15004]  ? __fget_files+0x184/0x1c0
[  264.020490][T15004]  __se_sys_request_key+0x57/0x290
[  264.020513][T15004]  ? fput+0x8f/0xc0
[  264.020543][T15004]  __x64_sys_request_key+0x55/0x70
[  264.020636][T15004]  x64_sys_call+0x1d98/0x2ff0
[  264.020658][T15004]  do_syscall_64+0xd2/0x200
[  264.020761][T15004]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  264.020786][T15004]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  264.020810][T15004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.020889][T15004] RIP: 0033:0x7f8a383bebe9
[  264.020903][T15004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.020989][T15004] RSP: 002b:00007f8a36e1f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[  264.021012][T15004] RAX: ffffffffffffffda RBX: 00007f8a385e5fa0 RCX: 00007f8a383bebe9
[  264.021024][T15004] RDX: 0000200000001fee RSI: 0000200000001ffb RDI: 0000200000000040
[  264.021037][T15004] RBP: 00007f8a36e1f090 R08: 0000000000000000 R09: 0000000000000000
[  264.021051][T15004] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  264.021070][T15004] R13: 00007f8a385e6038 R14: 00007f8a385e5fa0 R15: 00007ffcbfa3d0a8
[  264.021100][T15004]  </TASK>
[  264.346568][T15022] SELinux:  Context Ü is not valid (left unmapped).
[  264.586192][T15046] 9pnet_fd: Insufficient options for proto=fd
[  264.907712][T15075] 9pnet_fd: Insufficient options for proto=fd
[  265.071039][T15082] FAULT_INJECTION: forcing a failure.
[  265.071039][T15082] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  265.084235][T15082] CPU: 1 UID: 0 PID: 15082 Comm: syz.2.4158 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  265.084267][T15082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  265.084280][T15082] Call Trace:
[  265.084286][T15082]  <TASK>
[  265.084294][T15082]  __dump_stack+0x1d/0x30
[  265.084316][T15082]  dump_stack_lvl+0xe8/0x140
[  265.084336][T15082]  dump_stack+0x15/0x1b
[  265.084424][T15082]  should_fail_ex+0x265/0x280
[  265.084442][T15082]  should_fail+0xb/0x20
[  265.084458][T15082]  should_fail_usercopy+0x1a/0x20
[  265.084478][T15082]  _copy_to_user+0x20/0xa0
[  265.084580][T15082]  simple_read_from_buffer+0xb5/0x130
[  265.084639][T15082]  proc_fail_nth_read+0x10e/0x150
[  265.084662][T15082]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  265.084684][T15082]  vfs_read+0x1a8/0x770
[  265.084704][T15082]  ? __fput+0x555/0x650
[  265.084731][T15082]  ? __rcu_read_unlock+0x4f/0x70
[  265.084825][T15082]  ? __fget_files+0x184/0x1c0
[  265.084896][T15082]  ksys_read+0xda/0x1a0
[  265.084918][T15082]  __x64_sys_read+0x40/0x50
[  265.084940][T15082]  x64_sys_call+0x27bc/0x2ff0
[  265.084963][T15082]  do_syscall_64+0xd2/0x200
[  265.084989][T15082]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  265.085080][T15082]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  265.085235][T15082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.085258][T15082] RIP: 0033:0x7f0ea23dd5fc
[  265.085274][T15082] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  265.085293][T15082] RSP: 002b:00007f0ea0e47030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  265.085324][T15082] RAX: ffffffffffffffda RBX: 00007f0ea2605fa0 RCX: 00007f0ea23dd5fc
[  265.085337][T15082] RDX: 000000000000000f RSI: 00007f0ea0e470a0 RDI: 0000000000000005
[  265.085350][T15082] RBP: 00007f0ea0e47090 R08: 0000000000000000 R09: 0000000000000000
[  265.085362][T15082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  265.085375][T15082] R13: 00007f0ea2606038 R14: 00007f0ea2605fa0 R15: 00007ffcf3286078
[  265.085391][T15082]  </TASK>
[  265.088070][ T3381] hid-generic 0003:0004:0000.001F: unknown main item tag 0x0
[  265.300849][ T3381] hid-generic 0003:0004:0000.001F: unknown main item tag 0x0
[  265.308296][ T3381] hid-generic 0003:0004:0000.001F: unknown main item tag 0x0
[  265.382711][ T3381] hid-generic 0003:0004:0000.001F: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  265.449130][T15068] Set syz1 is full, maxelem 65536 reached
[  265.669390][T15102] 9pnet_fd: Insufficient options for proto=fd
[  265.731331][   T29] kauditd_printk_skb: 846 callbacks suppressed
[  265.731345][   T29] audit: type=1326 audit(1755487154.279:17564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15087 comm="syz.5.4163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f305983ebe9 code=0x7ffc0000
[  265.813108][   T29] audit: type=1326 audit(1755487154.289:17565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15087 comm="syz.5.4163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f305983ebe9 code=0x7ffc0000
[  265.912096][T15114] loop0: detected capacity change from 0 to 512
[  265.952694][T15114] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.955243][ T3366] hid-generic 0003:0004:0000.0020: unknown main item tag 0x0
[  265.972667][ T3366] hid-generic 0003:0004:0000.0020: unknown main item tag 0x0
[  265.980053][ T3366] hid-generic 0003:0004:0000.0020: unknown main item tag 0x0
[  265.981702][T15114] ext4 filesystem being mounted at /273/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  266.063732][T15124] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  266.082957][   T29] audit: type=1400 audit(1755487154.619:17566): avc:  denied  { ioctl } for  pid=15113 comm="syz.0.4170" path="/dev/mISDNtimer" dev="devtmpfs" ino=248 ioctlcmd=0x4940 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  266.108207][   T29] audit: type=1400 audit(1755487154.619:17567): avc:  denied  { remount } for  pid=15113 comm="syz.0.4170" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  266.128993][T11718] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.162290][ T3366] hid-generic 0003:0004:0000.0020: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  266.229370][T15129] SELinux:  policydb magic number 0x65686373 does not match expected magic number 0xf97cff8c
[  266.287427][T15129] SELinux: failed to load policy
[  266.293064][T15134] ------------[ cut here ]------------
[  266.298618][T15134] verifier bug: REG INVARIANTS VIOLATION (true_reg1): range bounds violation u64=[0xffffdfcd, 0xffffffffffffdfcc] s64=[0x80000000ffffdfcd, 0x7fffffffffffdfcc] u32=[0xffffdfcd, 0xffffdfcc] s32=[0xffffdfcd, 0xffffdfcc] var_off=(0xffffdfcc, 0xffffffff00000000)(1)
[  266.323560][T15134] WARNING: CPU: 0 PID: 15134 at kernel/bpf/verifier.c:2728 reg_bounds_sanity_check+0x673/0x680
[  266.333984][T15134] Modules linked in:
[  266.337885][T15134] CPU: 0 UID: 0 PID: 15134 Comm: syz.0.4175 Not tainted 6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  266.350394][T15134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  266.360529][T15134] RIP: 0010:reg_bounds_sanity_check+0x673/0x680
[  266.366816][T15134] Code: 7c 24 18 41 ff 74 24 20 55 41 56 4d 89 ee 53 48 8b 5c 24 30 ff 74 24 40 ff 74 24 50 ff 74 24 30 e8 e2 80 ba ff 48 83 c4 38 90 <0f> 0b 90 90 e9 02 fb ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90
[  266.386630][T15134] RSP: 0018:ffffc9000224f440 EFLAGS: 00010292
[  266.392804][T15134] RAX: ecea55bdd52e1000 RBX: ffff88810cccfa98 RCX: 0000000000080000
[  266.400855][T15134] RDX: ffffc90004381000 RSI: 0000000000004e4f RDI: 0000000000004e50
[  266.408833][T15134] RBP: 00000000ffffdfcc R08: 0001c9000224f27f R09: 0000000000000000
[  266.416864][T15134] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff88810cccfa58
[  266.424922][T15134] R13: ffff888136ac8000 R14: ffff888136ac8000 R15: ffff88810cccfa90
[  266.433005][T15134] FS:  00007fb13a6566c0(0000) GS:ffff8882aee44000(0000) knlGS:0000000000000000
[  266.442000][T15134] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  266.448583][T15134] CR2: 00007fb13a655f98 CR3: 0000000129dc4000 CR4: 00000000003506f0
[  266.456577][T15134] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  266.464575][T15134] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  266.472563][T15134] Call Trace:
[  266.475845][T15134]  <TASK>
[  266.478780][T15134]  reg_set_min_max+0x1c1/0x260
[  266.483657][T15134]  check_cond_jmp_op+0x1080/0x16e0
[  266.488878][T15134]  do_check+0x332a/0x7a10
[  266.493305][T15134]  do_check_common+0xc3a/0x12a0
[  266.498174][T15134]  bpf_check+0x942b/0xd9e0
[  266.502615][T15134]  ? __rcu_read_unlock+0x4f/0x70
[  266.507558][T15134]  ? __alloc_frozen_pages_noprof+0x188/0x360
[  266.513666][T15134]  ? alloc_pages_bulk_noprof+0x4b8/0x540
[  266.519380][T15134]  ? __vmap_pages_range_noflush+0xbb3/0xbd0
[  266.525308][T15134]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[  266.531424][T15134]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[  266.537499][T15134]  ? common_interrupt+0x13/0x90
[  266.542387][T15134]  ? css_rstat_updated+0xb7/0x240
[  266.547511][T15134]  ? __rcu_read_unlock+0x4f/0x70
[  266.552467][T15134]  ? pcpu_memcg_post_alloc_hook+0xf1/0x150
[  266.558290][T15134]  ? should_fail_ex+0x30/0x280
[  266.563089][T15134]  ? selinux_bpf_prog_load+0x36/0xf0
[  266.568409][T15134]  ? should_failslab+0x8c/0xb0
[  266.573358][T15134]  ? __kmalloc_cache_noprof+0x189/0x320
[  266.579118][T15134]  ? selinux_bpf_prog_load+0xbf/0xf0
[  266.584450][T15134]  ? security_bpf_prog_load+0x2c/0xa0
[  266.589861][T15134]  bpf_prog_load+0xedd/0x1070
[  266.594643][T15134]  ? security_bpf+0x2b/0x90
[  266.599175][T15134]  __sys_bpf+0x462/0x7b0
[  266.603492][T15134]  __x64_sys_bpf+0x41/0x50
[  266.608003][T15134]  x64_sys_call+0x2aea/0x2ff0
[  266.612701][T15134]  do_syscall_64+0xd2/0x200
[  266.617338][T15134]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  266.623541][T15134]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  266.629273][T15134]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.635415][T15134] RIP: 0033:0x7fb13bc0ebe9
[  266.639990][T15134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.659671][T15134] RSP: 002b:00007fb13a656038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  266.668211][T15134] RAX: ffffffffffffffda RBX: 00007fb13be36090 RCX: 00007fb13bc0ebe9
[  266.676239][T15134] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[  266.684249][T15134] RBP: 00007fb13bc91e19 R08: 0000000000000000 R09: 0000000000000000
[  266.692250][T15134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  266.700227][T15134] R13: 00007fb13be36128 R14: 00007fb13be36090 R15: 00007ffc87481ee8
[  266.708251][T15134]  </TASK>
[  266.711288][T15134] ---[ end trace 0000000000000000 ]---
[  266.956076][T15146] FAULT_INJECTION: forcing a failure.
[  266.956076][T15146] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  266.969247][T15146] CPU: 0 UID: 0 PID: 15146 Comm: syz.0.4181 Tainted: G        W           6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  266.969305][T15146] Tainted: [W]=WARN
[  266.969313][T15146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  266.969326][T15146] Call Trace:
[  266.969333][T15146]  <TASK>
[  266.969341][T15146]  __dump_stack+0x1d/0x30
[  266.969363][T15146]  dump_stack_lvl+0xe8/0x140
[  266.969382][T15146]  dump_stack+0x15/0x1b
[  266.969420][T15146]  should_fail_ex+0x265/0x280
[  266.969494][T15146]  should_fail+0xb/0x20
[  266.969509][T15146]  should_fail_usercopy+0x1a/0x20
[  266.969528][T15146]  _copy_from_user+0x1c/0xb0
[  266.969573][T15146]  ___sys_sendmsg+0xc1/0x1d0
[  266.969608][T15146]  __x64_sys_sendmsg+0xd4/0x160
[  266.969635][T15146]  x64_sys_call+0x191e/0x2ff0
[  266.969658][T15146]  do_syscall_64+0xd2/0x200
[  266.969716][T15146]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  266.969755][T15146]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  266.969857][T15146]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.969906][T15146] RIP: 0033:0x7fb13bc0ebe9
[  266.969921][T15146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.970016][T15146] RSP: 002b:00007fb13a677038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  266.970069][T15146] RAX: ffffffffffffffda RBX: 00007fb13be35fa0 RCX: 00007fb13bc0ebe9
[  266.970083][T15146] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  266.970095][T15146] RBP: 00007fb13a677090 R08: 0000000000000000 R09: 0000000000000000
[  266.970105][T15146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  266.970116][T15146] R13: 00007fb13be36038 R14: 00007fb13be35fa0 R15: 00007ffc87481ee8
[  266.970200][T15146]  </TASK>
[  266.973384][T15123] Set syz1 is full, maxelem 65536 reached
[  267.082351][T15149] macvtap0: entered allmulticast mode
[  267.159299][T15149] bridge0: entered allmulticast mode
[  267.321393][T15149] bridge0: port 3(macvtap0) entered blocking state
[  267.328155][T15149] bridge0: port 3(macvtap0) entered disabled state
[  267.336987][T15149] bridge0: left allmulticast mode
[  267.400000][   T29] audit: type=1326 audit(1755487155.949:17568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15157 comm="syz.2.4185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ea23debe9 code=0x7ffc0000
[  267.423682][   T29] audit: type=1326 audit(1755487155.949:17569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15157 comm="syz.2.4185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ea23debe9 code=0x7ffc0000
[  267.447510][   T29] audit: type=1326 audit(1755487155.949:17570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15157 comm="syz.2.4185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ea23debe9 code=0x7ffc0000
[  267.471288][   T29] audit: type=1326 audit(1755487155.949:17571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15157 comm="syz.2.4185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ea23debe9 code=0x7ffc0000
[  267.494891][   T29] audit: type=1326 audit(1755487155.949:17572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15157 comm="syz.2.4185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ea23debe9 code=0x7ffc0000
[  267.518526][   T29] audit: type=1326 audit(1755487155.949:17573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15157 comm="syz.2.4185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ea23debe9 code=0x7ffc0000
[  267.670031][ T3408] hid-generic 0003:0004:0000.0021: unknown main item tag 0x0
[  267.683167][ T3408] hid-generic 0003:0004:0000.0021: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  267.829217][T15174] program syz.5.4190 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  268.347418][T15209] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15209 comm=syz.1.4205
[  268.380478][T15209] netlink: 'syz.1.4205': attribute type 2 has an invalid length.
[  268.388284][T15209] netlink: 'syz.1.4205': attribute type 8 has an invalid length.
[  268.396067][T15209] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4205'.
[  268.686369][T15209] netlink: 'syz.1.4205': attribute type 12 has an invalid length.
[  268.895685][T15207] Set syz1 is full, maxelem 65536 reached
[  269.018839][T15218] program syz.2.4208 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  269.205235][T15229] program syz.3.4213 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  269.369234][ T3409] hid_parser_main: 2 callbacks suppressed
[  269.369253][ T3409] hid-generic 0003:0004:0000.0022: unknown main item tag 0x0
[  269.382427][ T3409] hid-generic 0003:0004:0000.0022: unknown main item tag 0x0
[  269.389962][ T3409] hid-generic 0003:0004:0000.0022: unknown main item tag 0x0
[  269.410408][ T3409] hid-generic 0003:0004:0000.0022: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  270.030692][T15271] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4229'.
[  270.261456][   T10] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0
[  270.261486][   T10] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0
[  270.261577][   T10] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0
[  270.262049][   T10] hid-generic 0003:0004:0000.0023: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  270.330090][T15262] loop5: detected capacity change from 0 to 512
[  270.393282][T15287] 9pnet_fd: Insufficient options for proto=fd
[  270.424194][T15262] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  270.424252][T15262] ext4 filesystem being mounted at /115/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  270.454754][T15262] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #2: comm syz.5.4225: corrupted inode contents
[  270.470912][T15262] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #2: comm syz.5.4225: mark_inode_dirty error
[  270.595597][T15262] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #2: comm syz.5.4225: corrupted inode contents
[  270.595741][T15262] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.4225: mark_inode_dirty error
[  270.597289][T15303] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  270.597824][T15303] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #2: comm syz.5.4225: corrupted inode contents
[  270.597971][T15303] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #2: comm syz.5.4225: mark_inode_dirty error
[  270.598219][T15303] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #2: comm syz.5.4225: corrupted inode contents
[  270.601020][T15305] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #2: comm syz.5.4225: corrupted inode contents
[  270.601217][T15305] EXT4-fs error (device loop5): ext4_setent:3652: inode #2: comm syz.5.4225: mark_inode_dirty error
[  270.601387][T15305] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #2: comm syz.5.4225: corrupted inode contents
[  270.714368][T15288] io-wq is not configured for unbound workers
[  270.923327][T13871] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.960888][   T29] kauditd_printk_skb: 275 callbacks suppressed
[  270.960901][   T29] audit: type=1326 audit(1755487159.509:17849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15318 comm="syz.0.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb13bc0ebe9 code=0x7ffc0000
[  270.991564][   T29] audit: type=1326 audit(1755487159.519:17850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15318 comm="syz.0.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb13bc0ebe9 code=0x7ffc0000
[  271.015298][   T29] audit: type=1326 audit(1755487159.519:17851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15318 comm="syz.0.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb13bc0ebe9 code=0x7ffc0000
[  271.039005][   T29] audit: type=1326 audit(1755487159.519:17852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15318 comm="syz.0.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb13bc0ebe9 code=0x7ffc0000
[  271.046930][   T10] hid-generic 0003:0004:0000.0024: unknown main item tag 0x0
[  271.062629][   T29] audit: type=1326 audit(1755487159.519:17853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15318 comm="syz.0.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb13bc0ebe9 code=0x7ffc0000
[  271.062657][   T29] audit: type=1326 audit(1755487159.519:17854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15318 comm="syz.0.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb13bc0ebe9 code=0x7ffc0000
[  271.062691][   T29] audit: type=1326 audit(1755487159.519:17855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15318 comm="syz.0.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fb13bc0ebe9 code=0x7ffc0000
[  271.062714][   T29] audit: type=1326 audit(1755487159.519:17856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15318 comm="syz.0.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb13bc0ebe9 code=0x7ffc0000
[  271.062737][   T29] audit: type=1326 audit(1755487159.519:17857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15318 comm="syz.0.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb13bc0d550 code=0x7ffc0000
[  271.070103][   T10] hid-generic 0003:0004:0000.0024: unknown main item tag 0x0
[  271.093640][   T29] audit: type=1326 audit(1755487159.519:17858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15318 comm="syz.0.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb13bc0d550 code=0x7ffc0000
[  271.117165][   T10] hid-generic 0003:0004:0000.0024: unknown main item tag 0x0
[  271.203982][T15317] program syz.5.4243 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  271.219175][   T10] hid-generic 0003:0004:0000.0024: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  271.279647][T15328] 9pnet_fd: Insufficient options for proto=fd
[  271.331447][T15334] loop0: detected capacity change from 0 to 1024
[  271.338400][T15334] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  271.349342][T15334] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  271.360077][T15334] JBD2: no valid journal superblock found
[  271.365837][T15334] EXT4-fs (loop0): Could not load journal inode
[  271.376802][T15334] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4250'.
[  271.536356][ T3408] hid-generic 0003:0004:0000.0025: unknown main item tag 0x0
[  271.545568][ T3408] hid-generic 0003:0004:0000.0025: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  271.560563][T15350] loop0: detected capacity change from 0 to 164
[  271.586399][T15353] 9pnet_fd: Insufficient options for proto=fd
[  271.609809][T15357] ==================================================================
[  271.617909][T15357] BUG: KCSAN: data-race in set_nlink / set_nlink
[  271.624241][T15357] 
[  271.626551][T15357] write to 0xffff888106fd3d28 of 4 bytes by task 15358 on cpu 0:
[  271.634241][T15357]  set_nlink+0x99/0xb0
[  271.638303][T15357]  kernfs_iop_permission+0x1e2/0x220
[  271.643577][T15357]  inode_permission+0x1c7/0x310
[  271.648416][T15357]  link_path_walk+0x162/0x900
[  271.653091][T15357]  path_lookupat+0x63/0x2a0
[  271.657585][T15357]  do_o_path+0x45/0x130
[  271.661731][T15357]  path_openat+0x1df9/0x2170
[  271.666301][T15357]  do_filp_open+0x109/0x230
[  271.670800][T15357]  do_sys_openat2+0xa6/0x110
[  271.675382][T15357]  __x64_sys_openat+0xf2/0x120
[  271.680138][T15357]  x64_sys_call+0x2e9c/0x2ff0
[  271.684802][T15357]  do_syscall_64+0xd2/0x200
[  271.689295][T15357]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.695174][T15357] 
[  271.697479][T15357] read to 0xffff888106fd3d28 of 4 bytes by task 15357 on cpu 1:
[  271.705088][T15357]  set_nlink+0x29/0xb0
[  271.709143][T15357]  kernfs_iop_permission+0x1e2/0x220
[  271.714416][T15357]  inode_permission+0x1c7/0x310
[  271.719264][T15357]  link_path_walk+0x162/0x900
[  271.723928][T15357]  __filename_parentat+0x15c/0x3f0
[  271.729029][T15357]  filename_create+0x78/0x230
[  271.733689][T15357]  do_mkdirat+0x52/0x3f0
[  271.737912][T15357]  __x64_sys_mkdirat+0x4c/0x60
[  271.742658][T15357]  x64_sys_call+0x2b7/0x2ff0
[  271.747235][T15357]  do_syscall_64+0xd2/0x200
[  271.751727][T15357]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.757607][T15357] 
[  271.759912][T15357] value changed: 0x00000003 -> 0x00000004
[  271.765607][T15357] 
[  271.767911][T15357] Reported by Kernel Concurrency Sanitizer on:
[  271.774046][T15357] CPU: 1 UID: 0 PID: 15357 Comm: syz.0.4261 Tainted: G        W           6.17.0-rc1-syzkaller-00224-g8d561baae505 #0 PREEMPT(voluntary) 
[  271.788102][T15357] Tainted: [W]=WARN
[  271.791894][T15357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  271.801936][T15357] ==================================================================