last executing test programs:

31.261031164s ago: executing program 1 (id=419):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f00000002c0)={0x0, 0x5, 0x0, [0xffffffffffffff68, 0x9, 0x1, 0x2, 0x1], [0x7, 0x2, 0x80000001, 0x5, 0x2, 0x7fffffff, 0x7, 0x1000, 0x7, 0x1, 0x1, 0xa1, 0x3, 0x1, 0x6, 0x9, 0x0, 0x3, 0x7fffffff, 0x3, 0x74e, 0x1, 0x7fffffffffffffff, 0x401, 0x5, 0x1, 0x100000001, 0x2, 0xec23, 0x3, 0x2, 0x6, 0x4389, 0x80, 0x100000001, 0x8, 0x3, 0x45d, 0xce000, 0x0, 0x7, 0x6, 0x2, 0xa26, 0x8000000000000001, 0xfe8d, 0x1800000000000, 0x9, 0x5, 0x2, 0xfffffffffffffffa, 0x5, 0x4, 0x9, 0x6, 0x7, 0x9, 0x9, 0x6, 0x7, 0x1, 0x7, 0x100000000, 0x6, 0x7fffffffffffffff, 0x3, 0x0, 0x100, 0x401, 0x8, 0x45, 0x5, 0x4, 0x2b, 0x7f, 0x6, 0x6, 0x7, 0x5, 0x6, 0xffffffffffffff0d, 0x30c5e0f5, 0x8, 0x6, 0x7f, 0x9, 0x3, 0x8, 0x11f, 0x147f, 0x5, 0x39, 0x1, 0x7, 0x7, 0xcd, 0x1, 0xffffffffffff6eee, 0x6, 0x6, 0xfffffffffffffff9, 0x1, 0x0, 0x1, 0x2a, 0x716, 0xffffffffffffffff, 0x8f, 0x539e, 0x8, 0x80000001, 0x4, 0x3, 0x3, 0xfffffffffffffffd, 0x0, 0x3, 0x4, 0x10000, 0x2, 0x9]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x2}, 0x18)
r3 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
write$selinux_attr(r3, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="84010000100013070000000000000000ac1e0101000000000000000000000000fe8000000000000000000000000000bb00000000000000000000000000060000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb000004d332000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000000000004800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004c001400636d6163286165732900"/316], 0x184}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x66960000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x7, [@struct={0x5, 0x2, 0x0, 0xf, 0x0, 0x10, [{0xb, 0x3, 0x9}, {0x1, 0x2, 0x8}]}]}, {0x0, [0x0, 0x0, 0x2e, 0x0, 0x61]}}, &(0x7f0000005bc0)=""/255, 0x43, 0xff, 0x9, 0x1000}, 0x28)
sendmsg$nl_route(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000780)=@newlink={0x4c, 0x10, 0x401, 0x2, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2000, 0x41042}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @vti={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VTI_REMOTE={0x8, 0x5, @multicast1}]}}}, @IFLA_IFNAME={0x14, 0x3, 'ip_vti0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8c5}, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={0x0}}, 0x0)
recvmmsg(r5, &(0x7f0000001d40)=[{{&(0x7f0000000080)=@pptp={0x18, 0x2, {0x0, @multicast1}}, 0x80, &(0x7f00000018c0)=[{&(0x7f00000008c0)=""/4096, 0x1000}, {&(0x7f0000000700)=""/65, 0x41}, {&(0x7f0000000200)=""/15, 0xf}], 0x3, &(0x7f0000001900)=""/92, 0x5c}, 0xffffffff}, {{&(0x7f0000001980)=@pppoe, 0x80, &(0x7f0000001bc0)=[{&(0x7f0000001a00)=""/75, 0x4b}, {&(0x7f0000001a80)=""/15, 0xf}, {&(0x7f0000001ac0)=""/50, 0x32}, {&(0x7f0000001b00)=""/8, 0x8}, {&(0x7f0000001b40)=""/26, 0x1a}, {&(0x7f0000001b80)=""/5, 0x5}], 0x6, &(0x7f0000001c40)=""/222, 0xde}, 0xffff}], 0x2, 0x1, &(0x7f0000001dc0)={0x77359400})
r6 = io_uring_setup(0x2c93, &(0x7f0000000140)={0x0, 0x37cb, 0x10000, 0x4000000, 0x9fa})
socket$inet6_sctp(0xa, 0x5, 0x84)
io_uring_enter(r6, 0x0, 0xcb, 0xf, &(0x7f0000000000), 0x18)

31.160075527s ago: executing program 1 (id=420):
lsm_get_self_attr(0x64, 0xffffffffffffffff, &(0x7f0000000380), 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000"], 0x48)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x2)
r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x0, 0x1}}, {{0x3, 0x1}, {0x2}}, {{0x4, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x0, 0x1}}, {{0x2}, {0x1, 0x1, 0x0, 0x1}}, {{0x4, 0x0, 0x1, 0x1}}], 0x28)
r2 = syz_io_uring_setup(0x10b, &(0x7f0000000140)={0x0, 0x8b7c, 0x800, 0x200007, 0x22}, &(0x7f0000000940)=<r3=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000440)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r2, 0x47f9, 0x4db, 0x0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000007c0)={<r4=>0xffffffffffffffff})
recvmsg(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xf8}], 0x1}, 0x1f00)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r0, 0xc08c5334, &(0x7f0000000140)={0x4, 0x7fffffff, 0x0, 'queue1\x00', 0x10})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
iopl(0x47)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x2, &(0x7f0000000340)=[{0x81, 0x0, 0x0, 0x10000}, {0x16, 0x0, 0xff}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
unlinkat(0xffffffffffffffff, 0x0, 0x200)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_SEC_LEVEL(r5, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r5)
keyctl$KEYCTL_CAPABILITIES(0x1f, 0x0, 0x0)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r7 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
fcntl$setlease(r7, 0x400, 0x1)
mq_open(&(0x7f0000000b40)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000000)='./file7\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='\x00'], 0x0, 0x23d, &(0x7f0000000700)="$eJzs27FqW1cYB/C/ZNdV60GmdGo73NKlk7H9BFaLW0oFBRcN7VRR2xCsYJDBkEDibNnyBnmBLHmUgF8gr+EhoBDd69iWNcQ48o2j3w/EPdLRX/quLtJ3hqP/fri/v3Nw+LyZpNUosphs5jRZSTMLKTWqYzN5/WOSJzl3cQwA3A3b2/1O3TUwW8Nhp/9NkuUrM70XtRQEAAAAAAAAAADAjVX7//dePTr5kP3/aWTpUt7+fwC4e6r9/81rRBozLIcZGA47/e+nXmT7/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID6nI5G7dG7WzvJ2Xg0an+ZpJXkqyRfj6fKx+uuFwC4udMLPX+k/wPAXND/AWD+6P8AMH/+/uffPzvd7tZ2UbSSwdOj3lGvPJbznb3cyyC7WUs7b8brgEo5/u2P7tZaMbaSZ4PjKn981Fs4y//eSnaznnZWpufXy3xxOf/FeN3x/v030s630/MbU/NL+fmnC/nVtHPyfw4yyM54PXOef7xeFL/+1Z3IL4+fBwCfo9VisxpN9O9GNb9anJno7+X8NdYHE/11Md8t1nbaADDXDh883O8PBrvDGge/VLXUXMYdH7ysPsWP8YLNWdfcdLk/9UGNP0rArTj/0pf3W3UXBAAAAAAAAAAAAAAAXHEbfyeq+xwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmD9vAwAA///O8+Rp")

30.193225026s ago: executing program 1 (id=442):
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x0)

30.155590606s ago: executing program 1 (id=444):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r3}, 0x10)
syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000440)={@fallback=<r4=>r0, 0xd, 0x1, 0xffffffff, &(0x7f0000000200), 0x0, 0x0, &(0x7f00000002c0)=[0x0], &(0x7f0000000340)=[0x0], &(0x7f0000000380)=[0x0, 0x0], <r5=>0x0}, 0x40)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)={'batadv_slave_0\x00', <r6=>0x0})
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000480)={@ifindex=r6, r1, 0x1a, 0x20, 0x0, @void, @void, @void, @value, r5}, 0x20)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f00000005c0)={{{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in6=@initdev}, 0x0, @in=@broadcast}}, &(0x7f00000006c0)=0xe8)
mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000580), 0x90801, &(0x7f0000000d00)={[{@huge_advise}, {@usrquota_inode_hardlimit={'usrquota_inode_hardlimit', 0x3d, [0x32, 0x31, 0x78]}}, {@uid={'uid', 0x3d, r7}}], [{@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@smackfsdef={'smackfsdef', 0x3d, 'cgroup2\x00'}}, {@smackfshat={'smackfshat', 0x3d, 'syzkaller\x00'}}, {@appraise}, {@pcr={'pcr', 0x3d, 0x11}}]})
lsetxattr$security_selinux(&(0x7f0000000400)='./file0\x00', &(0x7f00000003c0), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000940), 0x81000, 0x0)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000100140001"], 0x114}, {&(0x7f00000009c0)=ANY=[@ANYBLOB="cc0200003100000425bd7000fddbdf25d2004b8090e985c10e41bc16c3afdfa48f5504b1be674defb8e523ca931fc47fca0761f089f12dee7390f97c1afc9919b1fe48e849ff8dfba904c78d93262ae3d33f0064ebf13671c70daa79cc0fe13e298fd364e11960d535c26097d135265e7942c4c5db720b1846c07b77ed5d954b166fd8b48c9e0f6ca471ddfcbb5f163f777786f7a3fbfa7733802ee8c4a951358fe78e1ef7f4dbe179e9502c3354b1cebef86cef6a5c32967a223845ba9396fced3f604240981e8f247067e1349e286bc6c8269ebede928867184559936b04001380000072f367e932248bbb5f84927c213d001b02bcf2d2bd5b90abb49e35b671d5cc9e8646e4ecaf6db0c14b26d2c061e2895d84e85ee2272e330857cf5816d5761dcdb9cbd0815823a9e2e08d59f3a8cac38f824e82d6a380359c14f0b327fd5004cfcb9ba79164d762baff997f2fd16507defa04591b820f92c60d5c85e8eab1cc5c87f6a6027e19ea6adec8a708b47f58365690e1f34b33cc001933f43099cbdb9dc2e741283e1400b300fc0000000000000000000000000000008b004180040037800c001496532832", @ANYRES32, @ANYBLOB="040094807a026c57d2654d115e528c1459241cdf02597f14d35c3655073c5f407b4160b64e80e167c709d80d9da587820eeb0f3c363a773f519c2717597d2217f73d756a1e5262327a0d6705cffb6119d2df818584899aaf8d7b874dbb99330a6d2593829a3125c105c65840af5555000d003f0026e4b56b1866ada1d6000000ae69a5084963450371edc84dc99933e5f3798214db2bbd9046f0ccf707e29850c523bbf617b1d7ef1a551fb4d16bc02c3b80b31afd787c9d7b26e5ddbb196f76b5ae845fa547821e75e7ce9e57909e40c4879551d2f2238d4b261e66380a5ae73b551539b77a6588ca710abc8bcf5659e97a7c436980198477bba636c008a123467d4ebde947f09e3e1847"], 0x2cc}], 0x2, 0x0, 0x0, 0x20000001}, 0x0)
quotactl_fd$Q_GETNEXTQUOTA(0xffffffffffffffff, 0xffffffff80000900, 0x0, &(0x7f0000000100))
lchown(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
mount$bpf(0x0, &(0x7f0000000700)='./bus\x00', &(0x7f0000000740), 0x208000, &(0x7f0000000dc0)={[{@gid}], [{@hash}, {@smackfsdef={'smackfsdef', 0x3d, '^,'}}, {@dont_hash}, {@fsmagic={'fsmagic', 0x3d, 0x10}}, {@obj_type={'obj_type', 0x3d, 'huge=advise'}}, {@fowner_eq={'fowner', 0x3d, r7}}, {@flag='posixacl'}]})
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000240)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000500)={0xfff, 0x6, 0x5, 0x10, 0x9, 0x1, 0x65800000000, 0x7, 0xffff})
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80040, 0x0)

29.563215907s ago: executing program 1 (id=451):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = open(0x0, 0x145142, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x18)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r0, &(0x7f0000000380)=0x1, 0x12)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = inotify_init()
inotify_add_watch(r3, &(0x7f0000000000)='.\x00', 0x400017e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000400)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
splice(r4, 0x0, r6, 0x0, 0x88000cc, 0x0)
write$eventfd(r5, &(0x7f0000000240)=0x4, 0x8)
ftruncate(r0, 0x2007ffc)
r7 = openat$selinux_policy(0xffffff9c, &(0x7f0000001400), 0x0, 0x0)
ioctl$SIOCX25SCALLUSERDATA(r0, 0x89e5, &(0x7f00000000c0)={0x59, "40e7376ce5105e714de86d810356cf4f08d0763b755f106159ac1b97312b76e11bcc2a71470a30112869324c00f1b0a3d536a561d2b5dc03aba9cf98f6732e8e05270b35064f07013f1cd01c5d823ab3ac434cda237e0f5f411efb48400a0357633d2cceb9ab4563ce4f9c12f86b245833bcce5bdf61fbc5616102055e554564"})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000b, 0x12, r7, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1f, 0x0, &(0x7f0000000080))
sendfile(r0, r0, 0x0, 0x800000009)

29.44557926s ago: executing program 1 (id=454):
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x0)

29.41784189s ago: executing program 32 (id=454):
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x0)

3.515682872s ago: executing program 5 (id=780):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
timer_create(0x2, 0x0, &(0x7f0000000480))
r0 = socket(0x840000000002, 0x3, 0xff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r0, &(0x7f0000000a40)=[{{&(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a9050004000074640000000000000000e1000064c6", 0x15}, {&(0x7f00000002c0)}], 0x2}}], 0x1, 0x4004040)
timer_delete(0x0)

2.775898416s ago: executing program 2 (id=785):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x142000)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000004c0)={0x53, 0xfffffffffffffffe, 0x6, 0x2, @scatter={0x1, 0xdd, &(0x7f0000000040)=[{&(0x7f0000000580)=""/226, 0xe2}]}, &(0x7f00000000c0)="ff33501ef663", 0x0, 0x840804, 0x10036, 0x1000, 0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000c40)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000002300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x6f)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[], 0x68}, 0x1, 0x0, 0x0, 0x810}, 0x140)
sendto$packet(r2, &(0x7f0000000180)="a6bea8a120e5f8320c30ce5086dda5e986f34c10d8c39c3002de8ec445ae083a4b7fc08a086fc691", 0x28, 0x0, &(0x7f0000000140)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @random="ad446050e878"}, 0x14)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f00000007c0)={0xa0000000, 0x0, &(0x7f0000000740)=[{&(0x7f0000000680)=""/185, 0xb9}], &(0x7f0000000780)=[0xfffffffffffffff9, 0xf47, 0x2, 0x764, 0x4, 0x1], 0x1}, 0x20)
bind$bt_hci(r6, &(0x7f0000000040)={0x1f, 0xffff, 0x4}, 0x6)
write$binfmt_misc(r6, &(0x7f0000000000), 0xd)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000100)={'ip6_vti0\x00', &(0x7f0000000080)={'ip6tnl0\x00', 0x0, 0x4, 0x1, 0xe8, 0xbb, 0x0, @private1, @dev={0xfe, 0x80, '\x00', 0x23}, 0x20, 0x700, 0xf3c0, 0x3ec75030}})
r7 = perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x4f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x98142, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0x6, 0x3, 0x2, 0xffffffff, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r8 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r8, 0xc0502100, &(0x7f0000000000)={0x0, <r9=>0x0})
fcntl$lock(r7, 0x24, &(0x7f00000000c0)={0x2, 0x3, 0x8, 0xfffffffffffffff7, r9})
syz_pidfd_open(r9, 0x0)
ptrace$getregset(0x4204, r9, 0x202, &(0x7f0000000240)={&(0x7f0000000440)=""/65, 0x41})
gettid()
r10 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/mdstat\x00', 0x0, 0x0)
io_setup(0x5, &(0x7f0000002340)=<r11=>0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x37, 0x7fffffff}]})
io_submit(r11, 0x1, &(0x7f00000014c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x5, 0x0, r10, 0x0}])

2.691891238s ago: executing program 2 (id=788):
r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0xf1311, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0xc, 0x4, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xa, 0x4000011, r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000040)={0x18, 0x0, {0x1, @local, 'ip6_vti0\x00'}}, 0x1e)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @empty, 'wg1\x00'}}, 0x1e)
r4 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x6)
r6 = socket(0x10, 0x3, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47, 0x8, 0x0, 0x0}}, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r7, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r7, <r8=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000006500000008000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r7, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
connect$netlink(r6, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r6, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x68, 0x30, 0x829, 0x0, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_PRIORITY={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r5, &(0x7f0000000080)='./file0\x00')
readlinkat(r5, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000780)=""/198, 0xc6)
ioctl$GIO_UNISCRNMAP(r5, 0x4b69, &(0x7f00000002c0)=""/169)
close(r2)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x2501, 0x0)

2.58085439s ago: executing program 3 (id=791):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000280)={[{@noload}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x44d, &(0x7f0000000900)="$eJzs3MtvG8UfAPDvrp30/Ut+UB4tLQQKouKRNOnzwKUIJA4gIcGhiFNI0qrUbaAJEq0qKBzKEVXijjgi8RdwggsCTkhc4Y4qVaiXFiQko13vpsa107hx6rb+fKRNZrzjzHx3d+zZGTsBDKyx7EcSsTkifouIkUb2vwXGGr+uXTk389eVczNJ1Otv/Jnk5a5eOTdTFi2ft6mRqdeL/Lo29V54O2K6Vps7XeQnFk++N7Fw5uzzx09OH5s7Nndq6tChfXt3Dh+Y2t+TOLO4rm7/aH7HtlfeuvjazJGL7/z0TdbezcX+5jh6ZaxxdNt6qteV9dmWpnRS7WND6EolIrLTNZT3/5GoxIalfSPx8qd9bRywpur1er3d+3PhfB24hyXR7xYA/VG+0Wf3v+V2m4Yed4TLhyPeP9iI/1qxNfZUIy3KDLXc3/bSWEQcOf/3l9kWazQPAQDQ7LvDEfFcu/FfGg82lftfsYYyGhH/j4j7IuL+iNgaEQ9E5GUfioiHu6y/dYXkxvFPeumWAluhbPz3QrG2tTT++6eex18YrRS5LXn8Q8nR47W5PcUx2R1D67L85DJ1fP/Sr5932tc8/su2rP5yLNiQXqq2TNDNTi9OrzLsJZc/idhebYk/l0S5jJNExLaI2N7VX75+h3H8ma93dCp18/iX0YN1pvpXEU83zv/5aIm/lHRcn5w8eGBq/8T6qM3tmSivihv9/MuF1zvVv6r4eyA7/xtbr//cUvyjyfqIhTNnT+TrtQvd13Hh98863tPc6vU/nLyZp4eLxz6cXlw8PRkxnLx64+NT159b5svyWfy7d7WLP81f48oj8UhEZBfxzoh4NCIeK9r+eEQ8ERG7lon/xxeffLf7+JeZle+hLP7Zm53/aD7/3ScqJ374tvv4S9n535endhePrOT1b6UNXM2xAwAAgLtFmn8GPknHl9JpOj7e+Az/1tiY1uYXFp89Ov/BqdnGZ+VHYygtZ7pGmuZDJ4u54TI/1ZLfW8wbf1HZkOfHZ+Zrs/0OHgbcpg79P/NHpd+tA9ac72vB4NL/YXDp/zC49H8YXPo/DK52/f/jPrQDuP28/8Pg0v9hcOn/MLj0fxhIHb8bn67qK/8S93wi0u6fVY07pPF3U6K64n9mcYuJdW139fuVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDf+DQAA//9X4u4v")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x10)
ioctl$EXT4_IOC_GROUP_ADD(r2, 0x40286608, &(0x7f0000000040)={0x40000003, 0xdd, 0x8001, 0x1, 0x400, 0x809})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r5, 0x0, 0x1034}, 0x18)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0xfdfe, 0x7, @remote, 0x4}, 0x1c)
connect$pppl2tp(r6, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r7, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
writev(r6, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'lo\x00', <r8=>0x0})
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r10 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r10, &(0x7f00000063c0)=""/1024, 0x400)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000000)=<r11=>0x0)
r12 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
bind$nfc_llcp(r12, &(0x7f00000000c0)={0x27, r11, 0x1, 0x3, 0x2, 0xff, "bac5115c7dad488702b535116fad55baf63cdd52fc30106310abb622a1c3c01c13c04df6b906288e64e96754059e65c39c5759b069d6e6d9589e5f2348878c", 0x32}, 0x60)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000003c0)=<r13=>0x0)
sendmsg$NFC_CMD_FW_DOWNLOAD(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000400)={0x34, 0x0, 0x800, 0x70bd2d, 0x25dfdbfb, {}, [@NFC_ATTR_FIRMWARE_NAME={0x7, 0x14, '-\'.'}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r11}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r13}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
sendmsg$NFQNL_MSG_CONFIG(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x24, 0x2, 0x3, 0x101, 0x0, 0x0, {0xa, 0x0, 0xffff}, [@NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x2e}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x7}]}, 0x24}}, 0x814)
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x9c, 0x24, 0x4ee4e6a52ff56541, 0x2000000, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x6c, 0x2, {{}, [@TCA_NETEM_LOSS={0x30, 0x2, 0x0, 0x1, [@NETEM_LOSS_GE={0x18}, @NETEM_LOSS_GI={0x18}]}, @TCA_NETEM_RATE={0x4, 0xd}, @TCA_NETEM_CORRUPT={0xc, 0x2}]}}}]}, 0x9c}}, 0x0)

2.550253981s ago: executing program 2 (id=792):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x10000, 0x0)
syz_mount_image$ext4(&(0x7f0000000a00)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x2925c00, &(0x7f0000000a40), 0x0, 0x5c5, &(0x7f0000001140)="$eJzs3c9vVNUeAPDvnZmWlr732kdenuLCNBoCidLSAgZ/LOieEPyxc2OlhSDDj9AaLZpYEtyYGDcuSFy5EP8LJbp1ZeLChRtXhgSNYaMxOubO3BnGdqadlg639H4+yXTOuedOz7nQb8+Ze87pBFBY4+mXUsTeiLicRIy2lVUiKxxvnHf313dPp48karWXf0kiyY41z0+y55HsxX+ORnz7VRJ7yqvrXVi6en62Wp2/kuUnFy9cnlxYunrw3IXZs/Nn5y9OPzN97OiRo8emDt3X9ZXa0ieuv/HW6AcnX/3skz+Sqc9/OJnE8fj5TKOs/Tq2yniMx2+12nsrj6f/rse2urKclFs/J/ckKw+wbVWyGBmMiEdiNMpt/5uj8f6LuTYO6KtaElFb31D0dBrwcEkENhRUcxzQfG/f2/vgUp9HJcCDcGcm/TrQIf4rjXuDMRYDEbFvxes63NLblLSOb74+eT19xMbvw81sVTugiJav7cpSK+M/qcfmWAzVc7vvllr39yMbAZzKnisR8dIm6x9fke/HfXigs+VrEfFop/H/6vhvn9ZJ4/61tvh/fZP1i38AAAAAAADYOrdmIuLpTvN/pWxubiieqM//JY35v+/u7RA8vgX1rz//V7q9BdUAHdyZiXih4/rf1hrfsXKW+3djNWBy5lx1/lBE/CciDsTArjQ/tUYdBz/cc6NbWfv6v/SR1t9cC5i143Zl1z9fMze7OHs/1ww03LkW8Vil+/qftP9P2vv/TPr74HKPdezZd/NUt7L14x/ol9qnEfs79v/3Vvsma/99jsn6eGCyOSpY7fF3PvqiW/3iH/KT9v+7147/saT97/UsbOz7D0bE4aVKrVv5Zsf/g8kr5eb3T709u7h4ZSpiMDmx+vj0xtoMO1UzHprxksb/gSfXvv/XGv+3xeFwRCz3WOf//xr5sVuZ/h/yk8b/3Ib6/40npm+Ofdmt/t76/yP1Pv1AdsT9P1hbrwGadzsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GFUioh/RVKaaKVLpYmJiJGI+F/sLlUvLSw+debSmxfn0rL65/+Xmp/0O9rIJ83P/x9ry0+vyB+OiP9GxMfl4Xp+4vSl6lzeFw8AAAAAAAAAAAAAAAAAAADbxEiX/f+pn8p5tw7ou0r2LN6heCp5NwDITYf4L+XRDuDB0/9DcYl/KC7xD8W1yfg3XQA7gP4fimqgt9OG+t0OIA/6fwAAAAAA2FFuPf/sjSQilp8brj9Sg1lZa2JwOK/WAf1knx8UlzW8UFyW/kBx9bj4F9jBklbq91qn8u6r/5P+NAgAAAAAAAAAAAAAWGX/3lvfr7v/H9iR7P+H4rL/H4rL/n8oLu/xgfV28dv/DwAAAAAAAAAAAAD5W1i6en62Wp2/IiGx3RIDEbENmpFDYjD/8Mz5FxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANDydwAAAP//TAghTA==")
add_key(0x0, 0x0, &(0x7f0000000600), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'vxcan0\x00'})
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r2, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r1, 0x0, 0x0)

2.422952673s ago: executing program 5 (id=793):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x1d64, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x7fff}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000380), r1)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000001000000280001801400040000000000000000000000ffffac1414aa060001000a00"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)

2.369741414s ago: executing program 5 (id=794):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_BIND_MAP(0x23, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000002b40), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x54, r1, 0x11, 0x4, 0x0, {0x6}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0x91}, {0x6, 0x16, 0x2}, {0x5}}]}, 0x54}}, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000200))
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7400}, 0x8008000)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000840), 0x81, r4}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000580)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

2.299368205s ago: executing program 2 (id=795):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e0000000000000005000000"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r0}, 0x18)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
fcntl$dupfd(r2, 0x406, r1)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r3, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000040)={0x0}}, 0x4000)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x109a88, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioperm(0x3c, 0x1, 0x8)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
socket$unix(0x1, 0x1, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x6}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, 0x0, 0x800)
ftruncate(r4, 0x2000009)
pwritev2(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000400)="ba", 0xfdef}], 0x1, 0xe7b, 0x0, 0x1)

2.215520017s ago: executing program 4 (id=796):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x101}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
connect$netlink(r2, &(0x7f0000000280)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x4010}, 0x0)

2.0851277s ago: executing program 5 (id=798):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e0000000000000005000000"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r0}, 0x18)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
fcntl$dupfd(r2, 0x406, r1)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r3, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000040)={0x0}}, 0x4000)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x109a88, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioperm(0x3c, 0x1, 0x8)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
socket$unix(0x1, 0x1, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x6}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)
ftruncate(r4, 0x2000009)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r7, &(0x7f00000001c0)=[{&(0x7f0000000400)="ba", 0xfdef}], 0x1, 0xe7b, 0x0, 0x1)

2.04169718s ago: executing program 3 (id=799):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r0}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000400)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
splice(r1, 0x0, r3, 0x0, 0x88000cc, 0x0)
write$eventfd(r2, &(0x7f0000000240)=0x4, 0x8)

1.887689624s ago: executing program 4 (id=800):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000100)='kfree\x00', r0}, 0x18)
r1 = shmget(0x0, 0x1000, 0xa04, &(0x7f0000ffd000/0x1000)=nil)
shmctl$IPC_RMID(r1, 0x0)

1.865032934s ago: executing program 4 (id=802):
r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0xf1311, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0xc, 0x4, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xa, 0x4000011, r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000040)={0x18, 0x0, {0x1, @local, 'ip6_vti0\x00'}}, 0x1e)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @empty, 'wg1\x00'}}, 0x1e)
r4 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x6)
r6 = socket(0x10, 0x3, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47, 0x8, 0x0, 0x0}}, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r7, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r7, <r8=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000006500000008000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r7, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
connect$netlink(r6, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r6, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x68, 0x30, 0x829, 0x0, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_PRIORITY={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r5, &(0x7f0000000080)='./file0\x00')
readlinkat(r5, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000780)=""/198, 0xc6)
ioctl$GIO_UNISCRNMAP(r5, 0x4b69, &(0x7f00000002c0)=""/169)
close(r2)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x2501, 0x0)

1.807923345s ago: executing program 0 (id=803):
lsm_get_self_attr(0x64, 0xffffffffffffffff, &(0x7f0000000380), 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x2)
r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f00000002c0)=[{{0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x0, 0x1}}, {{0x3, 0x1}, {0x2}}, {{0x4, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x0, 0x1}}, {{0x2}, {0x1, 0x1, 0x0, 0x1}}, {{0x4, 0x0, 0x1, 0x1}}], 0x28)
r2 = syz_io_uring_setup(0x10b, &(0x7f0000000140)={0x0, 0x8b7c, 0x800, 0x200007, 0x22}, &(0x7f0000000940)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000440)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r2, 0x47f9, 0x4db, 0x0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000007c0)={<r5=>0xffffffffffffffff})
recvmsg(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xf8}], 0x1}, 0x1f00)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r0, 0xc08c5334, &(0x7f0000000140)={0x4, 0x7fffffff, 0x0, 'queue1\x00', 0x10})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
iopl(0x47)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x2, &(0x7f0000000340)=[{0x81, 0x0, 0x0, 0x10000}, {0x16, 0x0, 0xff}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
unlinkat(0xffffffffffffffff, 0x0, 0x200)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_SEC_LEVEL(r6, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r6)
keyctl$KEYCTL_CAPABILITIES(0x1f, 0x0, 0x0)
r7 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r8 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
fcntl$setlease(r8, 0x400, 0x1)
mq_open(&(0x7f0000000b40)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000000)='./file7\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='\x00'], 0x0, 0x23d, &(0x7f0000000700)="$eJzs27FqW1cYB/C/ZNdV60GmdGo73NKlk7H9BFaLW0oFBRcN7VRR2xCsYJDBkEDibNnyBnmBLHmUgF8gr+EhoBDd69iWNcQ48o2j3w/EPdLRX/quLtJ3hqP/fri/v3Nw+LyZpNUosphs5jRZSTMLKTWqYzN5/WOSJzl3cQwA3A3b2/1O3TUwW8Nhp/9NkuUrM70XtRQEAAAAAAAAAADAjVX7//dePTr5kP3/aWTpUt7+fwC4e6r9/81rRBozLIcZGA47/e+nXmT7/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID6nI5G7dG7WzvJ2Xg0an+ZpJXkqyRfj6fKx+uuFwC4udMLPX+k/wPAXND/AWD+6P8AMH/+/uffPzvd7tZ2UbSSwdOj3lGvPJbznb3cyyC7WUs7b8brgEo5/u2P7tZaMbaSZ4PjKn981Fs4y//eSnaznnZWpufXy3xxOf/FeN3x/v030s630/MbU/NL+fmnC/nVtHPyfw4yyM54PXOef7xeFL/+1Z3IL4+fBwCfo9VisxpN9O9GNb9anJno7+X8NdYHE/11Md8t1nbaADDXDh883O8PBrvDGge/VLXUXMYdH7ysPsWP8YLNWdfcdLk/9UGNP0rArTj/0pf3W3UXBAAAAAAAAAAAAAAAXHEbfyeq+xwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmD9vAwAA///O8+Rp")

1.768141566s ago: executing program 4 (id=804):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
timer_create(0x2, 0x0, &(0x7f0000000480))
r0 = socket(0x840000000002, 0x3, 0xff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r0, &(0x7f0000000a40)=[{{&(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a9050004000074640000000000000000e1000064c6", 0x15}, {&(0x7f00000002c0)="174640b6d80fb2ee", 0x8}], 0x2}}], 0x1, 0x4004040)
timer_delete(0x0)

1.743105396s ago: executing program 3 (id=805):
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="a18300000000000000000500000008000300", @ANYRES32=0x0], 0x64}}, 0x0)

1.667886218s ago: executing program 4 (id=806):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1818e58, &(0x7f00000003c0), 0x22, 0x63f, &(0x7f0000000d80)="$eJzs3c9rXFsdAPDvvZPkJWl86RMRX1AMuHgP5KVJfVh1Y1sXdlGwYBciLhqapIZOf5CkYGvBBFwoKIi4LdKN/4B76d6dCOrOtVBFKha0dB73zp1mMplfaTIzSe7nA5M599wzOeebOyf33HvnzA2gtOazH2nE+xGvbyQRs03rZqK+cr4o9+Lfj29mjyRqte/+K4mkyGuUT4rnM8XCZET86XLEpyv76918+Oj2crVW95OIc1t37p/bfPjoo/U7y7dWb63eXTr/tY8vLH596eOlpoa+vTPF85Wr3/n8L3/6w6+u/bn6URIX4/r4j1eiJY6jMh/z8boIsTl/LCIuZIk2f5eT5hSEUGqV4v04HhGfjdmo5Et1s7H+i5E2DhioWiWi1l3SqwBwUuneUFaNcUDj2L6/4+DrAx6VDM/zS/UDoP3xjxWnHCbzY6PpF0nTkVH93MbZI6g/q+PV48knrx7PPYk95yFevtk6Y0dQTyfbOxHxuXbxJ3nbzuaRZvGne47104hYjIiJon3fOkQbkqb0IM7DdHOQ+Ju3Qxb/xeI5y7/8lvW3ntYadvwAlNOzS8WOfDtb2t3/ZWOPxvgn2ox/Zg5/SSY36v1f5/FfY38/mY970pZxWDZmudb+V463Zvz951d+3an++vhv7knjkdXfGAsOw/OdiLmW+H+WBVuMf7L4kzbbPyty42J/dXz7L/+80mndqOOvPY34oO3xz+6oNEt1uT55bm29urpY/9m2jj/88Qe/61R/+/jfGUCk7WXbf7pD/E3bP219XfY3ud/+V+60Zvz+2tM7neqf6bn9039MJPXjzYki50c7W1sbSxETydWiSJG/vLW1cb57vPUyL2v581I9/g+/1L7/73n/t0Q11fiX2Yf737v9otO6t3n/N11Mfl3rsw2dZPGv9N7++/p/lverPuv47/cffKHTum7xTx0mMAAAAAAAACihNL8Gm6QLb9JpurBQny/7mZhOq/c2t768du/B3ZWID/PPQ46nkSb5R0Zm68vJ2np1dan4PGxj+XzL8lci4r2I+E1lKl9euHmvujLq4AEAAAAAAAAAAAAAAAAAAOCYOFPM/2/cp/o/lfr8f6Aket9gbt/9H4BTYpA3mASOt7z/d9vFvzu8tgDDZf8P5aX/Q3np/1Be+j+Ul/4P5aX/Q3np/1Be+j8AAAAAnErvffHZ35KI2P7GVP7ITBTrTPqF0238QKUrA2sHMHx6NJTXm0v/BvtQOn2N//9XfDng4JsDjEDSLjMfHNS6d/5nbV+5a+fwbQMAAAAAAAAAAAAA6j54v/P8/4PNDQZOGtP+oLwOMf/fVwfACeer/6G8HOMDPWbxx2SnFb3m/wMAAAAAAAAAAAAAR2YmfyTpQjEXeCbSdGEh4lMRcTbGk7X16upiRLwbEX+tjL+TLS+NutEAAAAAAAAAAAAAAAAAAABwymw+fHR7uVpd3WhO/H9fzulONO6C2rtwrY8yXRPfjAO+KpLh/1mmImLkG2VgibGmnCRiO9vyx6JhG5txPJqRJ0b8jwkAAAAAAAAAAAAAAAAAAEqoae5xe3O/HXKLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGD4du//3yOxMl1/QV+F9yZGHSMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcDJ9EgAA//+YYDw3")
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3800000003a516d127893a1f450000000900020073caf9797a32000000000800416c959ae5186aa31c4a044620a351007278650014003300626f6e6430000000000000000000"], 0x38}, 0x1, 0x0, 0x0, 0x4040000}, 0x100)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
renameat(r1, &(0x7f0000000080)='./mnt\x00', r2, &(0x7f0000000100)='./mnt\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x50)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000000)={0x18, 0x0, {0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, 'veth1_to_bond\x00'}}, 0x1e)
close(r3)

1.667544528s ago: executing program 3 (id=807):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0xb, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000006c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000040085"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
epoll_create1(0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/wakeup_count', 0x141000, 0x20)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1ae98752ffffff00", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000000)=ANY=[], 0xffc9)
socket$igmp6(0xa, 0x3, 0x2)

1.278918495s ago: executing program 4 (id=808):
syz_emit_ethernet(0x5e, &(0x7f0000000080)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x26}, @void, {@ipv6={0x86dd, @generic={0xc, 0x6, "370c89", 0x28, 0x2b, 0x1, @dev={0xfe, 0x80, '\x00', 0x25}, @local, {[@hopopts={0x3c}, @dstopts={0x3b, 0x3, '\x00', [@hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @empty}}, @enc_lim, @pad1]}]}}}}}, 0x0)
r0 = socket$caif_stream(0x25, 0x1, 0x0)
writev(r0, &(0x7f00000000c0)=[{&(0x7f00000002c0)}], 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
sendto$inet(r1, &(0x7f0000000040)="1e6550e967136106814e8160517c7ed978b5ce3ea82f707e5b583e113055f89fa0e3fb8c3d54cef9c033b1a511fbaba5f63bbc62f3a052ba822f8e96bba4722eb93b4622245be492173d5f09aa9db4d38592b2c0bdbcf99551dcfc53da5957f2a136ac09ca581e1a1791d410f9565c35b8bb0880b7cb5e1895a5f2a3", 0x7c, 0x48000, &(0x7f0000000180)={0x2, 0x4e24, @local}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
accept$inet(r3, &(0x7f0000000200)={0x2, 0x0, @initdev}, &(0x7f0000000280)=0x10)
sendmsg$nl_xfrm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYRESDEC=r0, @ANYRESHEX=r2, @ANYBLOB="a1931255904e30f713109793778ec1ceb45e390f34e5f3f612b806e98cedd8dcdb25f3f85d0c0bb6ee29d4252c239737eef547bf157a04f54d9697b6a518dad2464e823967271c03296f0cdcf91376d42bfe1f9777baf9cf1f5acd0c18e5d334a65d14d2ff83126d2452f467d70862d141a030b7353ad63ef3ae06a41a635ada3a03458c28104a90a247cd65d4e82f5b5fdfe35fa092", @ANYBLOB="a7acab4332b966f2b6e5564c1976612cc1c8a58dbf2b20e9edf177af2d837f3b92e8878daf8b00d7439ccaff905828a9d0da5da48b27a51111ca1a699a6cbf84a864cb55105734", @ANYRES32=r1, @ANYRES16=r0], 0x68}, 0x1, 0x0, 0x0, 0x40811}, 0x40004)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
eventfd(0x3)
unshare(0x24010400)
mq_timedsend(r1, &(0x7f0000000580)="2096db5b255ce62e06f759d9f3dab52fcdec073d622da85273424564c91551b40da113ac9a76953db36c5b842db7ffa45293068468ea1ac261b7fd56f5b892255980b38b14fa38c35485c7fd40b5bc82d88a699da54805665f1a2f50e2f515fa949ccdd4663486aedd04c0474ffe327bbaf44bc944f52471769ff0fb1f84950aee148e4165ed368328bfeff159ddce2e92dce17ebbbf9263fdc6bb3623a1060efdf34ea4e38ec9ad3277460d56876419592a662898c8acc1e84f96b2803fb0d15b9d35463b9d4a56015115d6ca0195bb5d468a389557aa4765ffce7f7f4f77275f7db3055d", 0xe5, 0x1, &(0x7f0000000480))
epoll_create(0x6389)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0xd, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000d50000002a00c50095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
setsockopt$MRT_DEL_MFC_PROXY(r4, 0x0, 0xd3, &(0x7f00000001c0)={@multicast1, @empty, 0x1, "a7d5e5ceedadbf9b6e731b5220552fc66755575fbb00ccf608bb12b50774bd8a", 0x8, 0x7, 0x1, 0x5}, 0x3c)

1.155896558s ago: executing program 5 (id=809):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r0, &(0x7f0000000380)=0x1, 0x12)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r2 = inotify_init()
inotify_add_watch(r2, &(0x7f0000000000)='.\x00', 0x400017e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000400)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
splice(r3, 0x0, r5, 0x0, 0x88000cc, 0x0)
write$eventfd(r4, &(0x7f0000000240)=0x4, 0x8)
ftruncate(r0, 0x2007ffc)
r6 = openat$selinux_policy(0xffffff9c, &(0x7f0000001400), 0x0, 0x0)
ioctl$SIOCX25SCALLUSERDATA(r0, 0x89e5, &(0x7f00000000c0)={0x59, "40e7376ce5105e714de86d810356cf4f08d0763b755f106159ac1b97312b76e11bcc2a71470a30112869324c00f1b0a3d536a561d2b5dc03aba9cf98f6732e8e05270b35064f07013f1cd01c5d823ab3ac434cda237e0f5f411efb48400a0357633d2cceb9ab4563ce4f9c12f86b245833bcce5bdf61fbc5616102055e554564"})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000b, 0x12, r6, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1f, 0x0, &(0x7f0000000080))
sendfile(r0, r0, 0x0, 0x800000009)

903.632762ms ago: executing program 2 (id=810):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f00000002c0)={0x0, 0x5, 0x0, [0xffffffffffffff68, 0x9, 0x1, 0x2, 0x1], [0x7, 0x2, 0x80000001, 0x5, 0x2, 0x7fffffff, 0x7, 0x1000, 0x7, 0x1, 0x1, 0xa1, 0x3, 0x1, 0x6, 0x9, 0x0, 0x3, 0x7fffffff, 0x3, 0x74e, 0x1, 0x7fffffffffffffff, 0x401, 0x5, 0x1, 0x100000001, 0x2, 0xec23, 0x3, 0x2, 0x6, 0x4389, 0x80, 0x100000001, 0x8, 0x3, 0x45d, 0xce000, 0x0, 0x7, 0x6, 0x2, 0xa26, 0x8000000000000001, 0xfe8d, 0x1800000000000, 0x9, 0x5, 0x2, 0xfffffffffffffffa, 0x5, 0x4, 0x9, 0x6, 0x7, 0x9, 0x9, 0x6, 0x7, 0x1, 0x7, 0x100000000, 0x6, 0x7fffffffffffffff, 0x3, 0x0, 0x100, 0x401, 0x8, 0x45, 0x5, 0x4, 0x2b, 0x7f, 0x6, 0x6, 0x7, 0x5, 0x6, 0xffffffffffffff0d, 0x30c5e0f5, 0x8, 0x6, 0x7f, 0x9, 0x3, 0x8, 0x11f, 0x147f, 0x5, 0x39, 0x1, 0x7, 0x7, 0xcd, 0x1, 0xffffffffffff6eee, 0x6, 0x6, 0xfffffffffffffff9, 0x1, 0x0, 0x1, 0x2a, 0x716, 0xffffffffffffffff, 0x8f, 0x539e, 0x8, 0x80000001, 0x4, 0x3, 0x3, 0xfffffffffffffffd, 0x0, 0x3, 0x4, 0x10000, 0x2, 0x9]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={0x0}}, 0x0)
r2 = io_uring_setup(0x2c93, &(0x7f0000000140)={0x0, 0x37cb, 0x10000, 0x4000000, 0x9fa})
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x4e20, 0x99, @local, 0x4}, 0x1c)
io_uring_enter(r2, 0x0, 0xcb, 0xf, &(0x7f0000000000), 0x18)

659.662677ms ago: executing program 0 (id=811):
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x20000840)
openat$selinux_access(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f0000000240))
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909"], &(0x7f0000000100)='GPL\x00'}, 0x94)
clock_adjtime(0x6, &(0x7f0000000300)={0x2, 0x9, 0x3, 0x7, 0x100000000, 0x75, 0x6b41, 0x8, 0x1, 0xffffffffffffffff, 0x4, 0x0, 0x8, 0x80, 0x6, 0xff, 0x2, 0x3, 0x4, 0x0, 0x5, 0x1, 0x3, 0xfffffffffffffff0, 0x2, 0x6})
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xc3, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xa19a, 0x1000}, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000023372ca4a403b1c12770e6d8ca5ac94e071c715ce88562446e969fdcb8390fef5b4ee2336627efbbc9a023d0920859ecbd26782d4ed7123d0e5e9afc6244a78df309a7de4de"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000340)='cpu\t&0&&\t')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='xen_mmu_pte_clear\x00', r1, 0x0, 0x2}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) (fail_nth: 4)

264.251175ms ago: executing program 0 (id=812):
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1e000000000000000aa60000030000000e050000", @ANYRES32, @ANYBLOB="0000000000001300000000060000000000000000c9cd3e9466ae55f7579a78c570177cc1d56ad612a6f3c822e9706eca99caab7742361b526297d2951c129c68ca59187e97da96f03b3c1a0cdc0b8bb1dfa9f3a2b09b43b6eac48cad49a6458dd18e9ff707ddd411cc95c8a59bf5d4d5086858b317a4079f927a2938f80422bb6e31468478ab795f4b7998a0c3b4d6d14cb17b904796a2de13ff77266967bfa75d5061689e5149", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
pipe(&(0x7f0000000440)={<r0=>0xffffffffffffffff})
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000400)=ANY=[@ANYRES32=r1, @ANYRES64=r1], 0xec}, 0x1, 0x0, 0x0, 0x4084}, 0x20000010)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="400000000906010200000000000000000200ffff180007c3519836869d9122ee800c00018008000140e000020008000a40000000020900020073797a31000000"], 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x40c4081)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x100, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x3c, 0xa, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xfdfffffffffffffc, 0xffffffffffffffff, 0x2)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x1, &(0x7f0000000480)=[{&(0x7f0000000200)="d80000001800eb054e81f783db4cb9040a1d080006007c09e8fc55a10a0015000600142603600e1208000f00060004010c00080008000c4004000300035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb71b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad9e3bb9ad809d5e1cace81ed0bffece8b42a9ecbee5de6ccd4e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d9300"/216, 0xd8}, {&(0x7f0000000840)="356715729ac9b9cccd0c1c0b57345dcb27d8454aaad9cc23e4181894d139c98b07a1f9a44ac82caddf22ee32f925836ee9404ae9eb3359eae61db0fd666235f93ab9aa1b4610f3e89a02bbc8ea0d94565a2d3ab79d17579a379c4df8a007c9cdabf6d51452f0870577eeb7ad32c4226668189468d68837cb8ae68f6c02559efcd6b90bb4068c5facddc77b65a3bcdd439f0d3f8f2ddbb7525b646163d362be", 0x9f}, {&(0x7f0000000b00)="2711641f4e3119526031416d264f00f997012af36abc1aa74f41f0922229e4b3a8448bf4e124fdb54edfb7224caa144e8f5b0964e5187860b60681cfe8a5b83f018289055552315f675a2a90a50f1d909c28e5549b7cce692c810142ab8ce5c5d8b79f7888b1195b7914eb3295a57b7ab5fa31d2e8887619eee7adb4bfdad30e827a51e1e47f8c2d19390000009dc20c2ccf4b82433e543d4af682731f91bf6bb0ea1495b1d2a3087bba51aa27e162c935065e030d367a5400bc62c15b926cbff5c867815612122ba2d4797fc8781dbf82b1519ffa2298d4855e679acc824499d45350ef8e80a1360b2862dc2b4de9935b89db475ae4394e375565e5c1daa07d0b09f986c60b33fac45d6bc66fe3257196937c8f0e23b670aadefdd86feb81f262765a54cef38f93185bb5630340e80a4b7ba146b81cb8c3f4a0ebeb6f46c973b3eaccecc6daf0a49cd7975504c09f92f5ac796d84eaccfc59ebaabd60182153", 0xca}, {&(0x7f0000000300)}, {&(0x7f0000000380)="87dbdbcdda2ebbf4e83c45c787", 0xd}, {&(0x7f0000000a00)="1fa9cb62d262d5e5b833d5eb02980e8ba83437d7421bf339635ff232d0b53ec82b61c6244b1503a6591bcf06da6892857a92bd935c6498415cbc7fd0a30fce7454c4b2c8d0a34cdb578f9b52619c5a30ba4e40d02e417e21224e56b624502b3642086e1f3a2e1a2b3bc0f8266114d5c70bcc32c04923fa238d866844f3621d62d84d7e28277eecf8d9649577498b9c5b143d648e9a726b36bf5821bcf71e585481379a3da37a1a062abf3c574acd1a213732cdb771d5699e1ca60ab3db6d4efb2a2b8271a0ee4508358433cb6c2f2ac6c354de251a39", 0x33}], 0x6}, 0x4000054)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x81, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000300), &(0x7f0000000080)='./file1\x00', 0x1808004, &(0x7f0000000180)=ANY=[@ANYRES16=0x0, @ANYRES32=r1], 0x7, 0x7e2, &(0x7f0000001740)="$eJzs3U1sHOXdAPD/ODEJRsqLeF/lfRWFMAm8UpDArNdg6nKAZT22B9a71u66SlRVNAIHWXGAQlFLLhBVgrZqVfXUI+XKrTeqSq3UQ9tTpXLopTckThWV+iWqCsnVzK4Tf+zaSXDM1+9n2c/szH/meZ7Z8fxn1t5nAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIpD5TqUwk0ci/sXQmHa4+024t7LB8fXu/2lRs8timeiOS4jsOH44P/96b9z9XFx8tfpyK471Hx+NwURyOS7cdvf2R/z44sr7+Dg26USevMS6JeK1o1IVzq6vLL96Ehuyj7//iulf511rxcy5r5p1WvlCby9K800qnp6YqD8zPdtLZvJF1zna62UJab2e1bqudnq7fm05MT0+m2fjZ1lJzbqbWyNZnPnx/tVKZSp8YX8xq7U6r+cAT0anP541G3pwrY6qVb0UR83BxID6Zd9NuVltI0/Mrq8uTG1qVDGpqETQxaMGB3vFz/J7b33/5vb+tLBcH5LD+Jv0DszoxUa1OTD00/dDDlcrBaqW6eUZli7gSESMRRcRNOWj5DNnbEzh8DCP9/B+NyKMZS3Em0i1foxExGvWYiXa0YqGY98fRbVF96/n//x/4y+93qndj/u9n+cMbFh+LMv+f6D06MSz/b2vFjl+j1xV9TV8vxStxKS7EuViN1ViOF/d2+4f2vMUjH3cLyaZHc5FFM/LoRCvyWIhaOSftz0ljOqZiKirxVMzHbHQijdnIIyKLTpyNTnQjK4+oerQji1p0oxXtSON01OPeSGMipmM6JiONLMbjbLRiKZoxF/dHLRqRxflYKff75JZWHr01fv7sH95/s5i+EjSxU7eKi7ki6K87BG1L9zvm/7W14npha4T8/0W39ydxuEFr6/kfAAAA+NxKylffk/Il/jvLqdm8kX31GtbsHtyH5gEAAAB7oPzL//GiGC2m7oykuP+vDIh8d9/bBgAAAOyNpHyPXRIRY3FXb+p8rMRrsRyDXgQAAAAAPoPKv/+fKIqxiFfLGevDpbj/BwAAgM+J7w4bY/+99TF2O4uHkl+WYwAnlxfP3JNcrBVxtYsHeuv1i69c2WJ39lhypL+Rspg6eOm2JCIO1rPjyfrolx8d6pUflD+PXR1LYNhY/0m7vWMDYucGlI/iB3GyF3PymV75TH9J0qtlbDZvZOP1VuORckjE4rv78nMr344oav9ec+FIEudXVpfHn35+9ZmyLZeLrVy+2B9AcdM4imv/tWNb1vp7IO4c3OPR8o0Y/XrHevVWNvZ/pFz732vlOLND+59srPP1ONWLOTXWK8fWl/TqPFzUOTH+yETUakdGutmZ7strG3rfb8XEbj3f5Vl4Pe7uxdx9+u5eMaAV1U2teG57K6obW9HbFzEScWQvWvHmyVfP/PM3rSSb3K0Vk4NbMXBfrB2I2NoKgE/K+XLUn6tZ6NYyCxVJpVDk/y1599b1NYed5Taca/9xtZbeVcZH/c1GxIZcdzC2Zver27627L4WvTP66V7M6d71xMFjA/JKZcAZ/YWVF37bP6M/+PZPfvq1E7/7WVnvDWW3t+PeXky/iDt+PSTHFn3+4Zas+laxxlsD6y2uwTqNahKXIw588+ILcfSlVy7dv3Lx3LPLzy4/V61OTlUerFQeqsZoeanQL3ZoKQBfXLt/xs7QiFv6m0geHHZX3c94d1z5l4LxeDqej9UorgDu6sXetb3ed4o78Q3/hnDfLnetYxs+4eW+Xe4tr8ZWt8cmMSR2csMe+98fl8WHN+XpAIB9cWqHPLxL/r/yyvx9u9x3b87lW+6OY3guH+RLN3VvAMAXQ9b+IBnrvpG02/niUxPT0xO17nyWtlv1J9N2PjOXpXmzm7Xr87XmXJYutlvdVn39heOZrJN2lhYXW+1uOttqpzHSyc+Un/ye9j/6vZMt1JrdvN5ZbGS1TpbWW81urd5NZ/JOPV1ceryRd+azdrlyZzGr57N5vdbNW82001pq17PxNO1k2YbAfCZrdvPZvJhspovtfKHWvhwRjaWFLJ3JOvV2vtht9Ta4XlfenG21F8rNjm/v/p/3e38DwKfBS69cunBudXX5xRub+NO1BH/SfQQANpOlAQAAAAAAAAAAAADg02/72/WKuR/jHYHXN3EobnoVn82J4lm47rW+3B+SsTenmPq0dGf/J0Z7ff/6o49eGBbz+Kv/N39tGxz8mzLora5vHIm45Z0f9eY8Njz4O/3fv73p8rs3crRcurCW7BCz6TRxy/6elQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgsP8EAAD//2ruZ0o=")
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000800)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r4, 0x0, 0x400000000000000}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0xc, 0x0, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r6 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r6, &(0x7f00000003c0)={'#! ', './file0'}, 0xb)
execveat(r6, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000001500000000000000"], &(0x7f0000000600)='GPL\x00', 0xb, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r7}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00'}, 0x18)
r8 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSKBENT(r8, 0x4b47, &(0x7f0000000280)={0x5, 0x2, 0x6})
socket$nl_netfilter(0x10, 0x3, 0xc)

178.017927ms ago: executing program 0 (id=813):
openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000000)='./file0\x00')

129.421948ms ago: executing program 0 (id=814):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1, 0x0, 0x7}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
ustat(0x3, &(0x7f0000000000)) (fail_nth: 6)

76.412069ms ago: executing program 0 (id=815):
r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0xf1311, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0xc, 0x4, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xa, 0x4000011, r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000040)={0x18, 0x0, {0x1, @local, 'ip6_vti0\x00'}}, 0x1e)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @empty, 'wg1\x00'}}, 0x1e)
r4 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x6)
r6 = socket(0x10, 0x3, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47, 0x8, 0x0, 0x0}}, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r7, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r7, <r8=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000006500000008000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x2a, &(0x7f0000000880)={@multicast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x2e, 0x1c, 0x66, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, @address_reply={0x12, 0x0, 0x0, 0x2}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r7, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
connect$netlink(r6, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r6, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x68, 0x30, 0x829, 0x0, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_PRIORITY={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r5, &(0x7f0000000080)='./file0\x00')
readlinkat(r5, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000780)=""/198, 0xc6)
ioctl$GIO_UNISCRNMAP(r5, 0x4b69, &(0x7f00000002c0)=""/169)
close(r2)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x2501, 0x0)

75.965188ms ago: executing program 3 (id=816):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x142000)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000004c0)={0x53, 0xfffffffffffffffe, 0x6, 0x2, @scatter={0x1, 0xdd, &(0x7f0000000040)=[{&(0x7f0000000580)=""/226, 0xe2}]}, &(0x7f00000000c0)="ff33501ef663", 0x0, 0x840804, 0x10036, 0x1000, 0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000c40)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000002300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x6f)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="6800000010000100"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000480012800e0001006970366772657461700000003400028008000100", @ANYRES32, @ANYBLOB], 0x68}, 0x1, 0x0, 0x0, 0x810}, 0x140)
sendto$packet(r2, &(0x7f0000000180)="a6bea8a120e5f8320c30ce5086dda5e986f34c10d8c39c3002de8ec445ae083a4b7fc08a086fc691", 0x28, 0x0, &(0x7f0000000140)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @random="ad446050e878"}, 0x14)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f00000007c0)={0xa0000000, 0x0, &(0x7f0000000740)=[{&(0x7f0000000680)=""/185, 0xb9}], &(0x7f0000000780)=[0xfffffffffffffff9, 0xf47, 0x2, 0x764, 0x4, 0x1], 0x1}, 0x20)
bind$bt_hci(r6, &(0x7f0000000040)={0x1f, 0xffff, 0x4}, 0x6)
write$binfmt_misc(r6, &(0x7f0000000000), 0xd)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000100)={'ip6_vti0\x00', &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0, 0x4, 0x1, 0xe8, 0xbb, 0x0, @private1, @dev={0xfe, 0x80, '\x00', 0x23}, 0x20, 0x700, 0xf3c0, 0x3ec75030}})
r8 = perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x4f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x98142, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0x6, 0x3, 0x2, 0xffffffff, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r9 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r9, 0xc0502100, &(0x7f0000000000)={0x0, <r10=>0x0})
fcntl$lock(r8, 0x24, &(0x7f00000000c0)={0x2, 0x3, 0x8, 0xfffffffffffffff7, r10})
syz_pidfd_open(r10, 0x0)
ptrace$getregset(0x4204, r10, 0x202, &(0x7f0000000240)={&(0x7f0000000440)=""/65, 0x41})
r11 = gettid()
r12 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/mdstat\x00', 0x0, 0x0)
io_setup(0x5, &(0x7f0000002340)=<r13=>0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x37, 0x7fffffff}]})
io_submit(r13, 0x1, &(0x7f00000014c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x5, 0x0, r12, 0x0}])
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="500000001100000226bd7000fddbdf2500000000", @ANYRES32=r7, @ANYBLOB="000001000000000008001300", @ANYRES32=r11, @ANYBLOB="050027000500000008001c0060aa1493c355e26d2d52c0cc874533cce653", @ANYRES32=r12, @ANYBLOB="080020000002000008001e000800000008002300bb060000"], 0x50}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000080)

46.710709ms ago: executing program 5 (id=817):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x10000, 0x0)
syz_mount_image$ext4(&(0x7f0000000a00)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x2925c00, &(0x7f0000000a40), 0x0, 0x5c5, &(0x7f0000001140)="$eJzs3c9vVNUeAPDvnZmWlr732kdenuLCNBoCidLSAgZ/LOieEPyxc2OlhSDDj9AaLZpYEtyYGDcuSFy5EP8LJbp1ZeLChRtXhgSNYaMxOubO3BnGdqadlg639H4+yXTOuedOz7nQb8+Ze87pBFBY4+mXUsTeiLicRIy2lVUiKxxvnHf313dPp48karWXf0kiyY41z0+y55HsxX+ORnz7VRJ7yqvrXVi6en62Wp2/kuUnFy9cnlxYunrw3IXZs/Nn5y9OPzN97OiRo8emDt3X9ZXa0ieuv/HW6AcnX/3skz+Sqc9/OJnE8fj5TKOs/Tq2yniMx2+12nsrj6f/rse2urKclFs/J/ckKw+wbVWyGBmMiEdiNMpt/5uj8f6LuTYO6KtaElFb31D0dBrwcEkENhRUcxzQfG/f2/vgUp9HJcCDcGcm/TrQIf4rjXuDMRYDEbFvxes63NLblLSOb74+eT19xMbvw81sVTugiJav7cpSK+M/qcfmWAzVc7vvllr39yMbAZzKnisR8dIm6x9fke/HfXigs+VrEfFop/H/6vhvn9ZJ4/61tvh/fZP1i38AAAAAAADYOrdmIuLpTvN/pWxubiieqM//JY35v+/u7RA8vgX1rz//V7q9BdUAHdyZiXih4/rf1hrfsXKW+3djNWBy5lx1/lBE/CciDsTArjQ/tUYdBz/cc6NbWfv6v/SR1t9cC5i143Zl1z9fMze7OHs/1ww03LkW8Vil+/qftP9P2vv/TPr74HKPdezZd/NUt7L14x/ol9qnEfs79v/3Vvsma/99jsn6eGCyOSpY7fF3PvqiW/3iH/KT9v+7147/saT97/UsbOz7D0bE4aVKrVv5Zsf/g8kr5eb3T709u7h4ZSpiMDmx+vj0xtoMO1UzHprxksb/gSfXvv/XGv+3xeFwRCz3WOf//xr5sVuZ/h/yk8b/3Ib6/40npm+Ofdmt/t76/yP1Pv1AdsT9P1hbrwGadzsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GFUioh/RVKaaKVLpYmJiJGI+F/sLlUvLSw+debSmxfn0rL65/+Xmp/0O9rIJ83P/x9ry0+vyB+OiP9GxMfl4Xp+4vSl6lzeFw8AAAAAAAAAAAAAAAAAAADbxEiX/f+pn8p5tw7ou0r2LN6heCp5NwDITYf4L+XRDuDB0/9DcYl/KC7xD8W1yfg3XQA7gP4fimqgt9OG+t0OIA/6fwAAAAAA2FFuPf/sjSQilp8brj9Sg1lZa2JwOK/WAf1knx8UlzW8UFyW/kBx9bj4F9jBklbq91qn8u6r/5P+NAgAAAAAAAAAAAAAWGX/3lvfr7v/H9iR7P+H4rL/H4rL/n8oLu/xgfV28dv/DwAAAAAAAAAAAAD5W1i6en62Wp2/IiGx3RIDEbENmpFDYjD/8Mz5FxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANDydwAAAP//TAghTA==")
add_key(0x0, 0x0, &(0x7f0000000600), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'vxcan0\x00'})
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r2, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r1, 0x0, 0x0)

448.89µs ago: executing program 2 (id=818):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1818e58, &(0x7f00000003c0), 0x22, 0x63f, &(0x7f0000000d80)="$eJzs3c9rXFsdAPDvvZPkJWl86RMRX1AMuHgP5KVJfVh1Y1sXdlGwYBciLhqapIZOf5CkYGvBBFwoKIi4LdKN/4B76d6dCOrOtVBFKha0dB73zp1mMplfaTIzSe7nA5M599wzOeebOyf33HvnzA2gtOazH2nE+xGvbyQRs03rZqK+cr4o9+Lfj29mjyRqte/+K4mkyGuUT4rnM8XCZET86XLEpyv76918+Oj2crVW95OIc1t37p/bfPjoo/U7y7dWb63eXTr/tY8vLH596eOlpoa+vTPF85Wr3/n8L3/6w6+u/bn6URIX4/r4j1eiJY6jMh/z8boIsTl/LCIuZIk2f5eT5hSEUGqV4v04HhGfjdmo5Et1s7H+i5E2DhioWiWi1l3SqwBwUuneUFaNcUDj2L6/4+DrAx6VDM/zS/UDoP3xjxWnHCbzY6PpF0nTkVH93MbZI6g/q+PV48knrx7PPYk95yFevtk6Y0dQTyfbOxHxuXbxJ3nbzuaRZvGne47104hYjIiJon3fOkQbkqb0IM7DdHOQ+Ju3Qxb/xeI5y7/8lvW3ntYadvwAlNOzS8WOfDtb2t3/ZWOPxvgn2ox/Zg5/SSY36v1f5/FfY38/mY970pZxWDZmudb+V463Zvz951d+3an++vhv7knjkdXfGAsOw/OdiLmW+H+WBVuMf7L4kzbbPyty42J/dXz7L/+80mndqOOvPY34oO3xz+6oNEt1uT55bm29urpY/9m2jj/88Qe/61R/+/jfGUCk7WXbf7pD/E3bP219XfY3ud/+V+60Zvz+2tM7neqf6bn9039MJPXjzYki50c7W1sbSxETydWiSJG/vLW1cb57vPUyL2v581I9/g+/1L7/73n/t0Q11fiX2Yf737v9otO6t3n/N11Mfl3rsw2dZPGv9N7++/p/lverPuv47/cffKHTum7xTx0mMAAAAAAAACihNL8Gm6QLb9JpurBQny/7mZhOq/c2t768du/B3ZWID/PPQ46nkSb5R0Zm68vJ2np1dan4PGxj+XzL8lci4r2I+E1lKl9euHmvujLq4AEAAAAAAAAAAAAAAAAAAOCYOFPM/2/cp/o/lfr8f6Aket9gbt/9H4BTYpA3mASOt7z/d9vFvzu8tgDDZf8P5aX/Q3np/1Be+j+Ul/4P5aX/Q3np/1Be+j8AAAAAnErvffHZ35KI2P7GVP7ITBTrTPqF0238QKUrA2sHMHx6NJTXm0v/BvtQOn2N//9XfDng4JsDjEDSLjMfHNS6d/5nbV+5a+fwbQMAAAAAAAAAAAAA6j54v/P8/4PNDQZOGtP+oLwOMf/fVwfACeer/6G8HOMDPWbxx2SnFb3m/wMAAAAAAAAAAAAAR2YmfyTpQjEXeCbSdGEh4lMRcTbGk7X16upiRLwbEX+tjL+TLS+NutEAAAAAAAAAAAAAAAAAAABwymw+fHR7uVpd3WhO/H9fzulONO6C2rtwrY8yXRPfjAO+KpLh/1mmImLkG2VgibGmnCRiO9vyx6JhG5txPJqRJ0b8jwkAAAAAAAAAAAAAAAAAAEqoae5xe3O/HXKLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGD4du//3yOxMl1/QV+F9yZGHSMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcDJ9EgAA//+YYDw3")
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3800000003a516d127893a1f450000000900020073caf9797a32000000000800416c959ae5186aa31c4a044620a351007278650014003300626f6e6430000000000000000000"], 0x38}, 0x1, 0x0, 0x0, 0x4040000}, 0x100)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
renameat(r1, &(0x7f0000000080)='./mnt\x00', r2, &(0x7f0000000100)='./mnt\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x50)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000000)={0x18, 0x0, {0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, 'veth1_to_bond\x00'}}, 0x1e)
close(r3)

0s ago: executing program 3 (id=819):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0x2, 0x4)
socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
connect$inet(0xffffffffffffffff, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(0xffffffffffffffff, 0x8)
r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
write(r1, &(0x7f0000000000)="ea", 0x1)
write(r1, &(0x7f00000002c0)="04b3", 0x2)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000100)={0x3, 0x0, 0x2}, 0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x2}, 0x8)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000080)={'erspan0\x00', &(0x7f0000000340)={'gretap0\x00', <r2=>0x0, 0x1, 0x1, 0x1, 0x9, {{0x13, 0x4, 0x2, 0x1c, 0x4c, 0x64, 0x0, 0x0, 0x2f, 0x0, @multicast1, @empty, {[@timestamp_prespec={0x44, 0x14, 0xa0, 0x3, 0x0, [{@rand_addr=0x64010100, 0x3}, {@private=0xa010101, 0x81}]}, @lsrr={0x83, 0x1b, 0xda, [@initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, @private=0xa010102, @empty]}, @generic={0x86, 0x9, "b3c5558a8cd75c"}]}}}}})
bind$packet(r1, &(0x7f00000003c0)={0x11, 0x16, r2, 0x1, 0x6, 0x6, @remote}, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00'}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r4, &(0x7f0000001640)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000004c0)=""/4096, 0x1e67}, {&(0x7f00000000c0)=""/250, 0x4}], 0x2, 0x0, 0xd64}}], 0x300, 0x34000, 0x0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[@ANYBLOB="18000000", @ANYRES16=r3, @ANYBLOB="a787000000ff000000000b00000404000180"], 0x18}}, 0x0)

kernel console output (not intermixed with test programs):

 Engine/Google Compute Engine, BIOS Google 07/12/2025
[   44.542359][ T4277] Call Trace:
[   44.542365][ T4277]  <TASK>
[   44.542372][ T4277]  __dump_stack+0x1d/0x30
[   44.542401][ T4277]  dump_stack_lvl+0xe8/0x140
[   44.542421][ T4277]  dump_stack+0x15/0x1b
[   44.542508][ T4277]  should_fail_ex+0x265/0x280
[   44.542533][ T4277]  should_failslab+0x8c/0xb0
[   44.542615][ T4277]  kmem_cache_alloc_noprof+0x50/0x310
[   44.542641][ T4277]  ? getname_flags+0x80/0x3b0
[   44.542669][ T4277]  getname_flags+0x80/0x3b0
[   44.542714][ T4277]  user_path_at+0x28/0x130
[   44.542814][ T4277]  __x64_sys_umount+0x85/0xe0
[   44.542835][ T4277]  x64_sys_call+0xdd2/0x2ff0
[   44.542857][ T4277]  do_syscall_64+0xd2/0x200
[   44.542917][ T4277]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   44.542940][ T4277]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   44.543021][ T4277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.543042][ T4277] RIP: 0033:0x7f7b6855eba9
[   44.543058][ T4277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.543075][ T4277] RSP: 002b:00007f7b66fbf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   44.543169][ T4277] RAX: ffffffffffffffda RBX: 00007f7b687a5fa0 RCX: 00007f7b6855eba9
[   44.543181][ T4277] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000280
[   44.543310][ T4277] RBP: 00007f7b66fbf090 R08: 0000000000000000 R09: 0000000000000000
[   44.543323][ T4277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   44.543335][ T4277] R13: 00007f7b687a6038 R14: 00007f7b687a5fa0 R15: 00007ffe8c6fbb98
[   44.543353][ T4277]  </TASK>
[   44.725230][ T4282] loop3: detected capacity change from 0 to 256
[   44.744930][ T4282] FAT-fs (loop3): Invalid FSINFO signature: 0x0ffffff8, 0x00000000 (sector = 33)
[   44.767052][ T4282] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 1, start df000002)
[   44.777061][ T4282] FAT-fs (loop3): Filesystem has been set read-only
[   44.829567][ T4286] netlink: 8 bytes leftover after parsing attributes in process `syz.2.234'.
[   44.846918][ T4286] netlink: 'syz.2.234': attribute type 21 has an invalid length.
[   44.858871][ T4288] loop1: detected capacity change from 0 to 1024
[   44.867700][ T4286] loop2: detected capacity change from 0 to 1024
[   44.895769][ T4286] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   44.905031][ T4288] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.942708][ T4293] netlink: 'syz.2.237': attribute type 10 has an invalid length.
[   44.955949][ T4293] team0: Port device dummy0 added
[   45.037837][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.076789][ T4300] netlink: 'syz.2.237': attribute type 10 has an invalid length.
[   45.087826][ T4300] team0: Port device dummy0 removed
[   45.114467][ T4300] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   45.144072][ T4300] loop2: detected capacity change from 0 to 2048
[   45.189080][ T4300]  loop2: p1 < > p4
[   45.199561][ T4300] loop2: p4 size 8388608 extends beyond EOD, truncated
[   45.635626][ T4326] loop3: detected capacity change from 0 to 256
[   45.645585][ T4326] FAT-fs (loop3): Invalid FSINFO signature: 0x0ffffff8, 0x00000000 (sector = 33)
[   45.655003][ T4326] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 1, start df000002)
[   45.665022][ T4326] FAT-fs (loop3): Filesystem has been set read-only
[   45.807177][ T4329] loop3: detected capacity change from 0 to 1024
[   45.826579][ T4329] EXT4-fs: Ignoring removed nobh option
[   45.832309][ T4329] EXT4-fs: Ignoring removed bh option
[   45.889283][ T4329] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.963741][ T4333] loop1: detected capacity change from 0 to 1024
[   46.005882][ T4333] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.147407][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.182208][ T4329] SELinux: failed to load policy
[   46.246057][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.282937][ T4322] loop0: detected capacity change from 0 to 8192
[   46.352178][ T4343] loop0: detected capacity change from 0 to 2048
[   46.411790][ T4350] netlink: 4 bytes leftover after parsing attributes in process `syz.3.254'.
[   46.421175][ T3582]  loop0: p4 < >
[   46.445968][ T4343]  loop0: p4 < >
[   46.518118][ T4361] loop2: detected capacity change from 0 to 1024
[   46.570979][ T4361] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.598130][ T3582] udevd[3582]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   46.623372][ T3582] udevd[3582]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   46.895404][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.388096][ T4385] netlink: 796 bytes leftover after parsing attributes in process `syz.3.267'.
[   47.884001][ T4396] netlink: 'syz.1.270': attribute type 27 has an invalid length.
[   47.915660][ T4396] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.922841][ T4396] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.954274][ T4399] netlink: 8 bytes leftover after parsing attributes in process `syz.1.270'.
[   47.966986][ T4396] $Hÿ: left promiscuous mode
[   47.971794][ T4396] bond_slave_0: left promiscuous mode
[   47.977350][ T4396] bond_slave_1: left promiscuous mode
[   48.016767][ T4396] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   48.027982][ T4396] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   48.079186][   T60] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   48.128245][   T29] kauditd_printk_skb: 101 callbacks suppressed
[   48.128257][   T29] audit: type=1400 audit(1757699666.141:598): avc:  denied  { setcurrent } for  pid=4403 comm="gtp" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   48.158356][   T29] audit: type=1401 audit(1757699666.171:599): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[   48.175165][   T29] audit: type=1400 audit(1757699666.171:600): avc:  denied  { write } for  pid=4403 comm="gtp" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   48.194543][   T29] audit: type=1400 audit(1757699666.171:601): avc:  denied  { nlmsg_write } for  pid=4403 comm="gtp" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   48.217461][   T60] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   48.273728][   T60] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   48.284143][   T31] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   48.297000][   T29] audit: type=1326 audit(1757699666.301:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4403 comm="syz.4.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f893c4beba9 code=0x7ffc0000
[   48.320266][   T29] audit: type=1326 audit(1757699666.301:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4403 comm="syz.4.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=166 compat=0 ip=0x7f893c4beba9 code=0x7ffc0000
[   48.343458][   T29] audit: type=1326 audit(1757699666.301:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4403 comm="syz.4.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f893c4beba9 code=0x7ffc0000
[   48.366655][   T29] audit: type=1326 audit(1757699666.301:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4403 comm="syz.4.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f893c4beba9 code=0x7ffc0000
[   48.693922][ T4444] loop1: detected capacity change from 0 to 1024
[   48.853131][ T4448] pimreg: tun_chr_ioctl cmd 1074812118
[   48.864656][ T4444] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.700153][ T4457] netlink: 14 bytes leftover after parsing attributes in process `syz.2.295'.
[   49.888828][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.897864][   T29] audit: type=1326 audit(1757699667.731:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4459 comm="syz.4.285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f893c4beba9 code=0x7ffc0000
[   49.921141][   T29] audit: type=1326 audit(1757699667.731:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4459 comm="syz.4.285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f893c4beba9 code=0x7ffc0000
[   49.949501][ T4457] hsr_slave_0: left promiscuous mode
[   49.955252][ T4457] hsr_slave_1: left promiscuous mode
[   50.167763][ T4465] geneve2: entered promiscuous mode
[   50.173036][ T4465] geneve2: entered allmulticast mode
[   50.260553][ T4469] netlink: 4 bytes leftover after parsing attributes in process `syz.3.288'.
[   50.312600][ T4472] loop0: detected capacity change from 0 to 256
[   50.607280][ T4481] FAULT_INJECTION: forcing a failure.
[   50.607280][ T4481] name failslab, interval 1, probability 0, space 0, times 0
[   50.619943][ T4481] CPU: 0 UID: 0 PID: 4481 Comm: syz.4.291 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   50.619998][ T4481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   50.620010][ T4481] Call Trace:
[   50.620017][ T4481]  <TASK>
[   50.620024][ T4481]  __dump_stack+0x1d/0x30
[   50.620079][ T4481]  dump_stack_lvl+0xe8/0x140
[   50.620098][ T4481]  dump_stack+0x15/0x1b
[   50.620115][ T4481]  should_fail_ex+0x265/0x280
[   50.620140][ T4481]  should_failslab+0x8c/0xb0
[   50.620163][ T4481]  kmem_cache_alloc_node_noprof+0x57/0x320
[   50.620259][ T4481]  ? __alloc_skb+0x101/0x320
[   50.620281][ T4481]  ? tcp_chrono_stop+0x19d/0x210
[   50.620304][ T4481]  __alloc_skb+0x101/0x320
[   50.620401][ T4481]  ? __rcu_read_unlock+0x34/0x70
[   50.620424][ T4481]  tcp_stream_alloc_skb+0x2d/0x1d0
[   50.620457][ T4481]  tcp_connect+0xce9/0x2290
[   50.620487][ T4481]  ? tcp_fastopen_defer_connect+0x69/0x1e0
[   50.620535][ T4481]  tcp_v4_connect+0xa0b/0xad0
[   50.620561][ T4481]  __inet_stream_connect+0x169/0x7e0
[   50.620625][ T4481]  ? _raw_spin_unlock_bh+0x36/0x40
[   50.620648][ T4481]  ? release_sock+0x116/0x150
[   50.620663][ T4481]  ? _raw_spin_unlock_bh+0x36/0x40
[   50.620712][ T4481]  ? lock_sock_nested+0x112/0x140
[   50.620737][ T4481]  ? selinux_netlbl_socket_connect+0x115/0x130
[   50.620771][ T4481]  inet_stream_connect+0x44/0x70
[   50.620817][ T4481]  ? __pfx_inet_stream_connect+0x10/0x10
[   50.620852][ T4481]  __sys_connect+0x1ef/0x2b0
[   50.620879][ T4481]  __x64_sys_connect+0x3f/0x50
[   50.620900][ T4481]  x64_sys_call+0x2c08/0x2ff0
[   50.620922][ T4481]  do_syscall_64+0xd2/0x200
[   50.620959][ T4481]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   50.621015][ T4481]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   50.621038][ T4481]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.621096][ T4481] RIP: 0033:0x7f893c4beba9
[   50.621111][ T4481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.621141][ T4481] RSP: 002b:00007f893af27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[   50.621228][ T4481] RAX: ffffffffffffffda RBX: 00007f893c705fa0 RCX: 00007f893c4beba9
[   50.621241][ T4481] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 0000000000000004
[   50.621254][ T4481] RBP: 00007f893af27090 R08: 0000000000000000 R09: 0000000000000000
[   50.621266][ T4481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   50.621279][ T4481] R13: 00007f893c706038 R14: 00007f893c705fa0 R15: 00007ffe2292ef88
[   50.621298][ T4481]  </TASK>
[   51.077666][ T4491] syz.1.297 (4491) used greatest stack depth: 10176 bytes left
[   51.196595][ T4495] loop3: detected capacity change from 0 to 512
[   51.208647][ T4495] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   51.232716][ T4495] EXT4-fs (loop3): 1 truncate cleaned up
[   51.238852][ T4495] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.450729][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.466734][ T4504] netlink: 'syz.3.301': attribute type 21 has an invalid length.
[   51.474646][ T4504] netlink: 156 bytes leftover after parsing attributes in process `syz.3.301'.
[   51.503504][ T4504] loop3: detected capacity change from 0 to 764
[   51.540427][ T4504] rock: directory entry would overflow storage
[   51.546593][ T4504] rock: sig=0x4f50, size=4, remaining=3
[   51.552184][ T4504] iso9660: Corrupted directory entry in block 6 of inode 1792
[   51.889242][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   51.913787][   T36] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   52.256483][ T4549] netlink: 'syz.4.315': attribute type 21 has an invalid length.
[   52.264254][ T4549] netlink: 156 bytes leftover after parsing attributes in process `syz.4.315'.
[   52.278961][ T4550] loop1: detected capacity change from 0 to 512
[   52.290203][ T4550] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[   52.298271][ T4550] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[   52.306884][ T4550] EXT4-fs (loop1): 1 truncate cleaned up
[   52.312311][ T4549] loop4: detected capacity change from 0 to 764
[   52.312891][ T4550] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.350777][ T4549] rock: directory entry would overflow storage
[   52.356959][ T4549] rock: sig=0x4f50, size=4, remaining=3
[   52.362591][ T4549] iso9660: Corrupted directory entry in block 6 of inode 1792
[   52.435901][ T4554] netlink: 8 bytes leftover after parsing attributes in process `syz.2.316'.
[   52.444745][ T4554] netlink: 8 bytes leftover after parsing attributes in process `syz.2.316'.
[   52.477938][ T4554] netlink: 8 bytes leftover after parsing attributes in process `syz.2.316'.
[   52.492364][ T4554] loop2: detected capacity change from 0 to 512
[   52.520381][ T4554] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.533823][ T4554] ext4 filesystem being mounted at /76/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   52.558786][ T4554] netlink: 8 bytes leftover after parsing attributes in process `syz.2.316'.
[   52.567596][ T4554] netlink: 8 bytes leftover after parsing attributes in process `syz.2.316'.
[   52.591030][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.773213][ T4576] loop2: detected capacity change from 0 to 1024
[   52.779756][ T4577] loop3: detected capacity change from 0 to 256
[   52.788790][ T4577] FAT-fs (loop3): Invalid FSINFO signature: 0x0ffffff8, 0x00000000 (sector = 33)
[   52.798989][ T4577] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 1, start df000002)
[   52.809013][ T4577] FAT-fs (loop3): Filesystem has been set read-only
[   52.817353][ T4576] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.917735][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.949790][ T4588] FAULT_INJECTION: forcing a failure.
[   52.949790][ T4588] name failslab, interval 1, probability 0, space 0, times 0
[   52.962470][ T4588] CPU: 0 UID: 0 PID: 4588 Comm: syz.2.324 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.962493][ T4588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   52.962504][ T4588] Call Trace:
[   52.962510][ T4588]  <TASK>
[   52.962516][ T4588]  __dump_stack+0x1d/0x30
[   52.962535][ T4588]  dump_stack_lvl+0xe8/0x140
[   52.962552][ T4588]  dump_stack+0x15/0x1b
[   52.962566][ T4588]  should_fail_ex+0x265/0x280
[   52.962584][ T4588]  should_failslab+0x8c/0xb0
[   52.962607][ T4588]  kmem_cache_alloc_noprof+0x50/0x310
[   52.962632][ T4588]  ? __anon_vma_prepare+0x70/0x2f0
[   52.962649][ T4588]  ? __rcu_read_lock+0x37/0x50
[   52.962668][ T4588]  __anon_vma_prepare+0x70/0x2f0
[   52.962686][ T4588]  handle_mm_fault+0x1e86/0x2c20
[   52.962707][ T4588]  ? __rcu_read_lock+0x37/0x50
[   52.962725][ T4588]  ? __pte_offset_map_lock+0x1d4/0x230
[   52.962780][ T4588]  __get_user_pages+0x102e/0x1fa0
[   52.962809][ T4588]  get_user_pages_remote+0x1d5/0x6d0
[   52.962830][ T4588]  ? __rcu_read_unlock+0x4f/0x70
[   52.962849][ T4588]  ? __memcg_slab_free_hook+0xbc/0x230
[   52.962879][ T4588]  __update_ref_ctr+0x8e/0x3a0
[   52.962908][ T4588]  uprobe_mmap+0x2de/0xc30
[   52.962934][ T4588]  mmap_region+0x13c2/0x1630
[   52.962975][ T4588]  do_mmap+0x9b3/0xbe0
[   52.963007][ T4588]  vm_mmap_pgoff+0x17a/0x2e0
[   52.963036][ T4588]  ksys_mmap_pgoff+0x268/0x310
[   52.963062][ T4588]  x64_sys_call+0x14a3/0x2ff0
[   52.963082][ T4588]  do_syscall_64+0xd2/0x200
[   52.963111][ T4588]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   52.963133][ T4588]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   52.963159][ T4588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.963178][ T4588] RIP: 0033:0x7f7b6855eba9
[   52.963192][ T4588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.963207][ T4588] RSP: 002b:00007f7b66fbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   52.963225][ T4588] RAX: ffffffffffffffda RBX: 00007f7b687a5fa0 RCX: 00007f7b6855eba9
[   52.963237][ T4588] RDX: 000000000000001e RSI: 0000000000003000 RDI: 0000200000002000
[   52.963248][ T4588] RBP: 00007f7b66fbf090 R08: 0000000000000009 R09: 0000000000000000
[   52.963260][ T4588] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000001
[   52.963271][ T4588] R13: 00007f7b687a6038 R14: 00007f7b687a5fa0 R15: 00007ffe8c6fbb98
[   52.963287][ T4588]  </TASK>
[   52.963295][ T4588] ref_ctr increment failed for inode: 0x1bc offset: 0xf ref_ctr_offset: 0x82 of mm: 0xffff88810b91f8c0
[   53.209302][ T4587] uprobe: syz.2.324:4587 failed to unregister, leaking uprobe
[   53.217574][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.287084][   T29] kauditd_printk_skb: 73 callbacks suppressed
[   53.287098][   T29] audit: type=1400 audit(1757699671.301:681): avc:  denied  { read write } for  pid=4596 comm="syz.1.327" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   53.320201][   T29] audit: type=1400 audit(1757699671.301:682): avc:  denied  { open } for  pid=4596 comm="syz.1.327" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   53.343307][   T29] audit: type=1400 audit(1757699671.301:683): avc:  denied  { ioctl } for  pid=4596 comm="syz.1.327" path="/dev/ppp" dev="devtmpfs" ino=140 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   53.368069][   T29] audit: type=1400 audit(1757699671.301:684): avc:  denied  { ioctl } for  pid=4596 comm="syz.1.327" path="socket:[8395]" dev="sockfs" ino=8395 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   53.393828][   T29] audit: type=1400 audit(1757699671.301:685): avc:  denied  { create } for  pid=4596 comm="syz.1.327" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   53.415844][ T4602] FAULT_INJECTION: forcing a failure.
[   53.415844][ T4602] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   53.429030][ T4602] CPU: 1 UID: 0 PID: 4602 Comm: syz.4.329 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   53.429055][ T4602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   53.429065][ T4602] Call Trace:
[   53.429071][ T4602]  <TASK>
[   53.429117][ T4602]  __dump_stack+0x1d/0x30
[   53.429167][ T4602]  dump_stack_lvl+0xe8/0x140
[   53.429185][ T4602]  dump_stack+0x15/0x1b
[   53.429199][ T4602]  should_fail_ex+0x265/0x280
[   53.429219][ T4602]  should_fail+0xb/0x20
[   53.429236][ T4602]  should_fail_usercopy+0x1a/0x20
[   53.429256][ T4602]  _copy_to_user+0x20/0xa0
[   53.429300][ T4602]  simple_read_from_buffer+0xb5/0x130
[   53.429319][ T4602]  proc_fail_nth_read+0x10e/0x150
[   53.429345][ T4602]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   53.429426][ T4602]  vfs_read+0x1a8/0x770
[   53.429447][ T4602]  ? __rcu_read_unlock+0x4f/0x70
[   53.429466][ T4602]  ? __fget_files+0x184/0x1c0
[   53.429539][ T4602]  ksys_read+0xda/0x1a0
[   53.429561][ T4602]  __x64_sys_read+0x40/0x50
[   53.429588][ T4602]  x64_sys_call+0x27bc/0x2ff0
[   53.429608][ T4602]  do_syscall_64+0xd2/0x200
[   53.429714][ T4602]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   53.429743][ T4602]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   53.429769][ T4602]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.429787][ T4602] RIP: 0033:0x7f893c4bd5bc
[   53.429801][ T4602] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   53.429889][ T4602] RSP: 002b:00007f893af27030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   53.429908][ T4602] RAX: ffffffffffffffda RBX: 00007f893c705fa0 RCX: 00007f893c4bd5bc
[   53.429921][ T4602] RDX: 000000000000000f RSI: 00007f893af270a0 RDI: 0000000000000006
[   53.429962][ T4602] RBP: 00007f893af27090 R08: 0000000000000000 R09: 0000000000000000
[   53.430026][ T4602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.430036][ T4602] R13: 00007f893c706038 R14: 00007f893c705fa0 R15: 00007ffe2292ef88
[   53.430096][ T4602]  </TASK>
[   53.447466][ T4601] loop2: detected capacity change from 0 to 512
[   53.485309][ T4604] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   53.496236][ T4601] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   53.611183][ T4608] loop3: detected capacity change from 0 to 512
[   53.672436][   T29] audit: type=1326 audit(1757699671.691:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4610 comm="syz.1.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5628e8eba9 code=0x7ffc0000
[   53.695732][   T29] audit: type=1326 audit(1757699671.691:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4610 comm="syz.1.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5628e8eba9 code=0x7ffc0000
[   53.719156][   T29] audit: type=1326 audit(1757699671.691:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4610 comm="syz.1.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5628e8eba9 code=0x7ffc0000
[   53.721356][ T4601] EXT4-fs (loop2): 1 truncate cleaned up
[   53.742320][   T29] audit: type=1326 audit(1757699671.691:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4610 comm="syz.1.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5628e8eba9 code=0x7ffc0000
[   53.742344][   T29] audit: type=1326 audit(1757699671.691:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4610 comm="syz.1.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f5628e8eba9 code=0x7ffc0000
[   53.748143][ T4614] loop1: detected capacity change from 0 to 1024
[   53.773563][ T4608] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.332: corrupted in-inode xattr: overlapping e_value 
[   53.824864][ T4608] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.332: couldn't read orphan inode 15 (err -117)
[   53.828407][ T4601] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.838908][ T4608] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.865267][ T4614] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.974934][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.012097][ T4624] netlink: 4 bytes leftover after parsing attributes in process `syz.1.336'.
[   54.035761][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.060283][ T4627] netlink: 4 bytes leftover after parsing attributes in process `syz.3.337'.
[   54.074355][ T4627] team1: entered promiscuous mode
[   54.079439][ T4627] team1: entered allmulticast mode
[   54.100478][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.127321][ T4630] netlink: 'syz.2.338': attribute type 21 has an invalid length.
[   54.139627][ T4630] loop2: detected capacity change from 0 to 764
[   54.159184][ T4630] rock: directory entry would overflow storage
[   54.165398][ T4630] rock: sig=0x4f50, size=4, remaining=3
[   54.170994][ T4630] iso9660: Corrupted directory entry in block 6 of inode 1792
[   54.209367][ T4636] FAULT_INJECTION: forcing a failure.
[   54.209367][ T4636] name failslab, interval 1, probability 0, space 0, times 0
[   54.222062][ T4636] CPU: 1 UID: 0 PID: 4636 Comm: syz.3.340 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   54.222088][ T4636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   54.222100][ T4636] Call Trace:
[   54.222183][ T4636]  <TASK>
[   54.222190][ T4636]  __dump_stack+0x1d/0x30
[   54.222209][ T4636]  dump_stack_lvl+0xe8/0x140
[   54.222226][ T4636]  dump_stack+0x15/0x1b
[   54.222242][ T4636]  should_fail_ex+0x265/0x280
[   54.222266][ T4636]  should_failslab+0x8c/0xb0
[   54.222340][ T4636]  kmem_cache_alloc_noprof+0x50/0x310
[   54.222362][ T4636]  ? prepare_creds+0x37/0x4c0
[   54.222388][ T4636]  prepare_creds+0x37/0x4c0
[   54.222411][ T4636]  copy_creds+0x8f/0x3f0
[   54.222490][ T4636]  copy_process+0x658/0x2000
[   54.222511][ T4636]  ? kstrtouint+0x76/0xc0
[   54.222534][ T4636]  ? __rcu_read_unlock+0x4f/0x70
[   54.222557][ T4636]  kernel_clone+0x16c/0x5c0
[   54.222588][ T4636]  ? vfs_write+0x7e8/0x960
[   54.222669][ T4636]  __x64_sys_clone+0xe6/0x120
[   54.222703][ T4636]  x64_sys_call+0x119c/0x2ff0
[   54.222721][ T4636]  do_syscall_64+0xd2/0x200
[   54.222812][ T4636]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   54.222831][ T4636]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   54.222856][ T4636]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.222962][ T4636] RIP: 0033:0x7f918ef2eba9
[   54.222975][ T4636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.222988][ T4636] RSP: 002b:00007f918d996fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   54.223004][ T4636] RAX: ffffffffffffffda RBX: 00007f918f175fa0 RCX: 00007f918ef2eba9
[   54.223018][ T4636] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000
[   54.223030][ T4636] RBP: 00007f918d997090 R08: 0000000000000000 R09: 0000000000000000
[   54.223042][ T4636] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[   54.223052][ T4636] R13: 00007f918f176038 R14: 00007f918f175fa0 R15: 00007ffdca293098
[   54.223069][ T4636]  </TASK>
[   55.007486][ T4658] loop4: detected capacity change from 0 to 512
[   55.036177][ T4658] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   55.076482][ T4658] EXT4-fs (loop4): 1 truncate cleaned up
[   55.082934][ T4658] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.527633][ T4673] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   55.831485][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.994375][ T4642] loop2: detected capacity change from 0 to 8192
[   56.465846][ T4718] loop0: detected capacity change from 0 to 1024
[   56.515136][ T4718] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.549575][ T4724] loop3: detected capacity change from 0 to 1024
[   56.579944][ T4724] __nla_validate_parse: 2 callbacks suppressed
[   56.579959][ T4724] netlink: 28 bytes leftover after parsing attributes in process `syz.3.372'.
[   56.595603][ T4724] netem: change failed
[   56.662821][ T4731] 9pnet: p9_errstr2errno: server reported unknown error 
[   56.839118][ T4740] loop4: detected capacity change from 0 to 128
[   56.870067][ T4740] ext4 filesystem being mounted at /56/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   56.927355][ T4740] FAULT_INJECTION: forcing a failure.
[   56.927355][ T4740] name failslab, interval 1, probability 0, space 0, times 0
[   56.940343][ T4740] CPU: 0 UID: 0 PID: 4740 Comm: syz.4.378 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   56.940371][ T4740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   56.940383][ T4740] Call Trace:
[   56.940390][ T4740]  <TASK>
[   56.940397][ T4740]  __dump_stack+0x1d/0x30
[   56.940467][ T4740]  dump_stack_lvl+0xe8/0x140
[   56.940487][ T4740]  dump_stack+0x15/0x1b
[   56.940504][ T4740]  should_fail_ex+0x265/0x280
[   56.940526][ T4740]  should_failslab+0x8c/0xb0
[   56.940629][ T4740]  __kmalloc_noprof+0xa5/0x3e0
[   56.940728][ T4740]  ? ext4_htree_store_dirent+0x52/0x2e0
[   56.940751][ T4740]  ext4_htree_store_dirent+0x52/0x2e0
[   56.940796][ T4740]  htree_dirblock_to_tree+0x4a5/0x5b0
[   56.940825][ T4740]  ext4_htree_fill_tree+0x423/0x9c0
[   56.940846][ T4740]  ? terminate_walk+0x27f/0x2a0
[   56.940875][ T4740]  ? path_openat+0x1bf8/0x2170
[   56.940921][ T4740]  ? kstrtoull+0x111/0x140
[   56.940944][ T4740]  ext4_readdir+0x1729/0x1d40
[   56.940966][ T4740]  ? 0xffffffff81000000
[   56.940979][ T4740]  ? get_pid_task+0x96/0xd0
[   56.941000][ T4740]  ? proc_fail_nth_write+0x13b/0x160
[   56.941046][ T4740]  ? avc_policy_seqno+0x15/0x30
[   56.941135][ T4740]  ? selinux_file_permission+0x1e4/0x320
[   56.941161][ T4740]  iterate_dir+0x114/0x330
[   56.941179][ T4740]  ? mutex_lock+0xd/0x30
[   56.941217][ T4740]  __se_sys_getdents+0x88/0x1b0
[   56.941235][ T4740]  ? __pfx_filldir+0x10/0x10
[   56.941257][ T4740]  __x64_sys_getdents+0x43/0x50
[   56.941274][ T4740]  x64_sys_call+0xee7/0x2ff0
[   56.941322][ T4740]  do_syscall_64+0xd2/0x200
[   56.941352][ T4740]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   56.941372][ T4740]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   56.941401][ T4740]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.941434][ T4740] RIP: 0033:0x7f893c4beba9
[   56.941449][ T4740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.941466][ T4740] RSP: 002b:00007f893af27038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[   56.941486][ T4740] RAX: ffffffffffffffda RBX: 00007f893c705fa0 RCX: 00007f893c4beba9
[   56.941499][ T4740] RDX: 0000000000001009 RSI: 0000200000000900 RDI: 0000000000000006
[   56.941511][ T4740] RBP: 00007f893af27090 R08: 0000000000000000 R09: 0000000000000000
[   56.941523][ T4740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.941609][ T4740] R13: 00007f893c706038 R14: 00007f893c705fa0 R15: 00007ffe2292ef88
[   56.941628][ T4740]  </TASK>
[   57.191202][ T4715] loop1: detected capacity change from 0 to 8192
[   57.337716][ T4749] loop1: detected capacity change from 0 to 128
[   57.360576][ T4749] ext4 filesystem being mounted at /83/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   57.443251][ T4749] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   57.495326][ T4773] loop0: detected capacity change from 0 to 256
[   57.502422][ T4773] FAT-fs (loop0): Invalid FSINFO signature: 0x0ffffff8, 0x00000000 (sector = 33)
[   57.513395][ T4773] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 1, start df000002)
[   57.523348][ T4773] FAT-fs (loop0): Filesystem has been set read-only
[   57.543551][ T4777] ref_ctr increment failed for inode: 0x15a offset: 0xf ref_ctr_offset: 0x82 of mm: 0xffff88810b91d080
[   57.562219][ T4779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4779 comm=syz.3.390
[   57.653350][ T4787] netlink: 'syz.0.393': attribute type 4 has an invalid length.
[   57.690150][ T4787] loop0: detected capacity change from 0 to 2048
[   57.723734][ T4787] EXT4-fs error (device loop0): ext4_free_inode:354: comm syz.0.393: bit already cleared for inode 15
[   58.313509][ T4771] uprobe: syz.4.387:4771 failed to unregister, leaking uprobe
[   58.447839][ T4799] loop4: detected capacity change from 0 to 512
[   58.481857][ T4799] EXT4-fs: Ignoring removed nobh option
[   58.506094][ T4801] netlink: 'syz.1.397': attribute type 21 has an invalid length.
[   58.514159][ T4801] netlink: 156 bytes leftover after parsing attributes in process `syz.1.397'.
[   58.533888][ T4799] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[   58.543868][ T4799] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.396: attempt to clear invalid blocks 2 len 1
[   58.580535][ T4803] loop1: detected capacity change from 0 to 764
[   58.591607][ T4799] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[   58.621692][ T4801] rock: directory entry would overflow storage
[   58.627901][ T4801] rock: sig=0x4f50, size=4, remaining=3
[   58.633508][ T4801] iso9660: Corrupted directory entry in block 6 of inode 1792
[   58.669135][ T4799] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.396: invalid indirect mapped block 1819239214 (level 0)
[   58.728800][ T4799] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.396: invalid indirect mapped block 1819239214 (level 1)
[   58.747100][ T4807] ref_ctr increment failed for inode: 0x1ea offset: 0xf ref_ctr_offset: 0x82 of mm: 0xffff88810b955080
[   58.759006][ T4806] uprobe: syz.1.399:4806 failed to unregister, leaking uprobe
[   58.759929][ T4799] EXT4-fs (loop4): 1 truncate cleaned up
[   58.811004][ T4799] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.396: corrupted in-inode xattr: e_value out of bounds
[   58.831790][ T4818] loop0: detected capacity change from 0 to 1024
[   58.994057][   T29] kauditd_printk_skb: 122 callbacks suppressed
[   58.994071][   T29] audit: type=1401 audit(1757699677.011:813): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[   59.034459][ T4836] netlink: 'syz.0.409': attribute type 21 has an invalid length.
[   59.042302][ T4836] netlink: 156 bytes leftover after parsing attributes in process `syz.0.409'.
[   59.071705][ T4836] loop0: detected capacity change from 0 to 764
[   59.113533][ T4836] rock: directory entry would overflow storage
[   59.119759][ T4836] rock: sig=0x4f50, size=4, remaining=3
[   59.125457][ T4836] iso9660: Corrupted directory entry in block 6 of inode 1792
[   59.185182][ T4840] loop3: detected capacity change from 0 to 128
[   59.202036][ T4840] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   59.274603][ T4840] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   59.372079][ T4851] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4851 comm=syz.1.414
[   59.438061][   T29] audit: type=1326 audit(1757699677.451:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4857 comm="syz.4.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f893c4beba9 code=0x7ffc0000
[   59.461369][   T29] audit: type=1326 audit(1757699677.451:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4857 comm="syz.4.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f893c4beba9 code=0x7ffc0000
[   59.489051][ T4858] bridge0: entered allmulticast mode
[   59.495629][   T29] audit: type=1326 audit(1757699677.451:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4857 comm="syz.4.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f893c4beba9 code=0x7ffc0000
[   59.518969][   T29] audit: type=1326 audit(1757699677.501:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4857 comm="syz.4.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f893c4beba9 code=0x7ffc0000
[   59.542545][   T29] audit: type=1326 audit(1757699677.501:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4857 comm="syz.4.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f893c4beba9 code=0x7ffc0000
[   59.565791][   T29] audit: type=1326 audit(1757699677.501:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4857 comm="syz.4.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f893c4beba9 code=0x7ffc0000
[   59.589416][   T29] audit: type=1400 audit(1757699677.501:820): avc:  denied  { mount } for  pid=4857 comm="syz.4.417" name="/" dev="securityfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1
[   59.598836][ T4858] bridge_slave_1: left allmulticast mode
[   59.611883][   T29] audit: type=1326 audit(1757699677.501:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4857 comm="syz.4.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f893c4beba9 code=0x7ffc0000
[   59.617491][ T4858] bridge_slave_1: left promiscuous mode
[   59.640719][   T29] audit: type=1326 audit(1757699677.501:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4857 comm="syz.4.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f893c4beba9 code=0x7ffc0000
[   59.646361][ T4858] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.729349][ T4858] bridge_slave_0: left allmulticast mode
[   59.735104][ T4858] bridge_slave_0: left promiscuous mode
[   59.740823][ T4858] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.050343][   T41] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   60.103320][ T4883] dummy0: entered promiscuous mode
[   60.110819][ T4883] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4883 comm=syz.4.427
[   60.130077][ T4888] netlink: 4 bytes leftover after parsing attributes in process `syz.2.429'.
[   60.284417][ T4901] FAULT_INJECTION: forcing a failure.
[   60.284417][ T4901] name failslab, interval 1, probability 0, space 0, times 0
[   60.297101][ T4901] CPU: 0 UID: 0 PID: 4901 Comm: syz.0.433 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.297201][ T4901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   60.297212][ T4901] Call Trace:
[   60.297218][ T4901]  <TASK>
[   60.297224][ T4901]  __dump_stack+0x1d/0x30
[   60.297245][ T4901]  dump_stack_lvl+0xe8/0x140
[   60.297310][ T4901]  dump_stack+0x15/0x1b
[   60.297324][ T4901]  should_fail_ex+0x265/0x280
[   60.297344][ T4901]  should_failslab+0x8c/0xb0
[   60.297366][ T4901]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   60.297394][ T4901]  ? sidtab_sid2str_get+0xa0/0x130
[   60.297486][ T4901]  kmemdup_noprof+0x2b/0x70
[   60.297511][ T4901]  sidtab_sid2str_get+0xa0/0x130
[   60.297533][ T4901]  security_sid_to_context_core+0x1eb/0x2e0
[   60.297555][ T4901]  security_sid_to_context+0x27/0x40
[   60.297575][ T4901]  selinux_lsmprop_to_secctx+0x67/0xf0
[   60.297626][ T4901]  security_lsmprop_to_secctx+0x43/0x80
[   60.297646][ T4901]  audit_log_task_context+0x77/0x190
[   60.297664][ T4901]  audit_log_task+0xf4/0x250
[   60.297795][ T4901]  ? kmem_cache_free+0xdf/0x300
[   60.297810][ T4901]  audit_seccomp+0x61/0x100
[   60.297823][ T4901]  ? __seccomp_filter+0x68c/0x10d0
[   60.297835][ T4901]  __seccomp_filter+0x69d/0x10d0
[   60.297866][ T4901]  ? x86_task_fpu+0x36/0x60
[   60.297881][ T4901]  ? should_fail_ex+0xdb/0x280
[   60.297893][ T4901]  ? 0xffffffffff600000
[   60.297902][ T4901]  __secure_computing+0x82/0x150
[   60.297954][ T4901]  ? 0xffffffffff600000
[   60.297961][ T4901]  emulate_vsyscall+0x95b/0xa00
[   60.297975][ T4901]  ? 0xffffffffff600000
[   60.297982][ T4901]  ? 0xffffffffff600000
[   60.297988][ T4901]  do_user_addr_fault+0x1e0/0x1090
[   60.298070][ T4901]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   60.298083][ T4901]  ? 0xffffffffff600000
[   60.298090][ T4901]  exc_page_fault+0x62/0xa0
[   60.298142][ T4901]  asm_exc_page_fault+0x26/0x30
[   60.298153][ T4901] RIP: 0033:_end+0x765d8000/0x0
[   60.298169][ T4901] Code: Unable to access opcode bytes at 0xffffffffff5fffd6.
[   60.298174][ T4901] RSP: 002b:00007f4cbfc46a78 EFLAGS: 00010246 ORIG_RAX: 0000000000000060
[   60.298185][ T4901] RAX: ffffffffffffffda RBX: 00007f4cc1425fa0 RCX: 00007f4cc11deba9
[   60.298192][ T4901] RDX: 00007f4cbfc46a80 RSI: 00007f4cbfc46bb0 RDI: 0000000000000019
[   60.298201][ T4901] RBP: 00007f4cbfc47090 R08: 0000000000000000 R09: 0000000000000000
[   60.298251][ T4901] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002
[   60.298257][ T4901] R13: 00007f4cc1426038 R14: 00007f4cc1425fa0 R15: 00007ffdd4e0c2f8
[   60.298267][ T4901]  </TASK>
[   60.595262][ T4907] loop4: detected capacity change from 0 to 1024
[   60.606363][ T4908] loop1: detected capacity change from 0 to 256
[   60.618989][ T4908] FAT-fs (loop1): Invalid FSINFO signature: 0x0ffffff8, 0x00000000 (sector = 33)
[   60.632721][ T4908] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 1, start df000002)
[   60.642722][ T4908] FAT-fs (loop1): Filesystem has been set read-only
[   60.815527][ T4939] loop1: detected capacity change from 0 to 512
[   60.833934][ T4939] ext4 filesystem being mounted at /97/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   60.848299][ T4939] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #2: comm syz.1.444: corrupted inode contents
[   60.860572][ T4939] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #2: comm syz.1.444: mark_inode_dirty error
[   60.887427][ T4939] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #2: comm syz.1.444: corrupted inode contents
[   60.899653][ T4939] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.444: mark_inode_dirty error
[   60.958263][ T4946] netlink: 'syz.1.444': attribute type 1 has an invalid length.
[   60.961176][ T4947] loop3: detected capacity change from 0 to 1024
[   60.965992][ T4946] netlink: 224 bytes leftover after parsing attributes in process `syz.1.444'.
[   61.024333][ T4942] FAULT_INJECTION: forcing a failure.
[   61.024333][ T4942] name failslab, interval 1, probability 0, space 0, times 0
[   61.037026][ T4942] CPU: 0 UID: 0 PID: 4942 Comm: syz.4.443 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   61.037055][ T4942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   61.037065][ T4942] Call Trace:
[   61.037069][ T4942]  <TASK>
[   61.037075][ T4942]  __dump_stack+0x1d/0x30
[   61.037092][ T4942]  dump_stack_lvl+0xe8/0x140
[   61.037110][ T4942]  dump_stack+0x15/0x1b
[   61.037123][ T4942]  should_fail_ex+0x265/0x280
[   61.037142][ T4942]  should_failslab+0x8c/0xb0
[   61.037161][ T4942]  kmem_cache_alloc_noprof+0x50/0x310
[   61.037182][ T4942]  ? vm_area_dup+0x33/0x2c0
[   61.037214][ T4942]  vm_area_dup+0x33/0x2c0
[   61.037240][ T4942]  copy_vma+0x2e2/0x580
[   61.037271][ T4942]  move_vma+0x42e/0xcf0
[   61.037294][ T4942]  ? mm_get_unmapped_area+0x8f/0xb0
[   61.037313][ T4942]  ? shmem_get_unmapped_area+0xe5/0x100
[   61.037347][ T4942]  mremap_to+0x3eb/0x440
[   61.037368][ T4942]  ? check_prep_vma+0x5d6/0x660
[   61.037396][ T4942]  __se_sys_mremap+0x650/0xb40
[   61.037426][ T4942]  ? fput+0x8f/0xc0
[   61.037452][ T4942]  ? ksys_write+0x192/0x1a0
[   61.037472][ T4942]  __x64_sys_mremap+0x67/0x80
[   61.037497][ T4942]  x64_sys_call+0x2a24/0x2ff0
[   61.037514][ T4942]  do_syscall_64+0xd2/0x200
[   61.037540][ T4942]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   61.037562][ T4942]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   61.037584][ T4942]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.037601][ T4942] RIP: 0033:0x7f893c4beba9
[   61.037613][ T4942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.037627][ T4942] RSP: 002b:00007f893af06038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[   61.037644][ T4942] RAX: ffffffffffffffda RBX: 00007f893c706090 RCX: 00007f893c4beba9
[   61.037656][ T4942] RDX: 0000000000600000 RSI: 0000000000200003 RDI: 0000200000000000
[   61.037666][ T4942] RBP: 00007f893af06090 R08: 0000200000a00000 R09: 0000000000000000
[   61.037677][ T4942] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[   61.037689][ T4942] R13: 00007f893c706128 R14: 00007f893c706090 R15: 00007ffe2292ef88
[   61.037704][ T4942]  </TASK>
[   61.281820][ T4947] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.445: Allocating blocks 449-513 which overlap fs metadata
[   61.301993][ T4945] EXT4-fs (loop3): pa ffff88810724c230: logic 48, phys. 177, len 21
[   61.310121][ T4945] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[   61.326247][ T4956] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4956 comm=syz.4.448
[   61.397270][ T3302] EXT4-fs error (device loop1): ext4_lookup:1784: inode #18: comm syz-executor: 'bus' linked to parent dir
[   61.409023][ T3302] EXT4-fs error (device loop1): ext4_lookup:1784: inode #18: comm syz-executor: 'bus' linked to parent dir
[   61.444305][ T4966] netlink: 'syz.4.452': attribute type 3 has an invalid length.
[   61.484575][ T4968] SELinux:  policydb magic number 0x6c65732f does not match expected magic number 0xf97cff8c
[   61.494895][ T4968] SELinux: failed to load policy
[   61.695378][ T4974] chnl_net:caif_netlink_parms(): no params data found
[   61.726391][   T31] bridge_slave_1: left allmulticast mode
[   61.732177][   T31] bridge_slave_1: left promiscuous mode
[   61.737793][   T31] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.746234][   T31] bridge_slave_0: left allmulticast mode
[   61.751903][   T31] bridge_slave_0: left promiscuous mode
[   61.757552][   T31] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.849991][   T31] $Hÿ (unregistering): (slave bond_slave_0): Releasing backup interface
[   61.859495][   T31] $Hÿ (unregistering): (slave bond_slave_1): Releasing backup interface
[   61.868766][   T31] $Hÿ (unregistering): Released all slaves
[   61.890637][ T4974] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.897683][ T4974] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.905086][ T4974] bridge_slave_0: entered allmulticast mode
[   61.912057][ T4974] bridge_slave_0: entered promiscuous mode
[   61.920465][   T31] hsr_slave_0: left promiscuous mode
[   61.926013][   T31] hsr_slave_1: left promiscuous mode
[   61.931661][   T31] batman_adv: batadv0: Removing interface: batadv_slave_0
[   61.939089][   T31] batman_adv: batadv0: Removing interface: batadv_slave_1
[   61.965848][   T31] team0 (unregistering): Port device team_slave_1 removed
[   61.974988][   T31] team0 (unregistering): Port device team_slave_0 removed
[   62.002727][ T4974] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.009903][ T4974] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.017340][ T4974] bridge_slave_1: entered allmulticast mode
[   62.024521][ T4974] bridge_slave_1: entered promiscuous mode
[   62.030590][    C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[   62.054101][ T4974] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.064512][ T4974] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.082674][ T4974] team0: Port device team_slave_0 added
[   62.089609][ T4974] team0: Port device team_slave_1 added
[   62.105432][ T4974] batman_adv: batadv0: Adding interface: batadv_slave_0
[   62.112411][ T4974] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.138340][ T4974] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   62.140982][ T4974] batman_adv: batadv0: Adding interface: batadv_slave_1
[   62.155871][ T4974] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.181854][ T4974] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   62.224319][ T4974] hsr_slave_0: entered promiscuous mode
[   62.239174][ T4974] hsr_slave_1: entered promiscuous mode
[   62.245388][ T4974] debugfs: 'hsr0' already exists in 'hsr'
[   62.251154][ T4974] Cannot create hsr debugfs directory
[   62.379985][ T4974] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   62.414009][ T5048] loop4: detected capacity change from 0 to 1024
[   62.440083][ T4974] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   62.476358][ T4974] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   62.487372][ T5053] loop4: detected capacity change from 0 to 1024
[   62.496501][ T4974] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   62.574113][ T4974] 8021q: adding VLAN 0 to HW filter on device bond0
[   62.583860][ T5068] netlink: 12 bytes leftover after parsing attributes in process `syz.3.465'.
[   62.590226][ T4974] 8021q: adding VLAN 0 to HW filter on device team0
[   62.625985][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.633094][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.652820][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.659967][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.778151][ T4974] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.803331][ T5087] netlink: 'syz.0.468': attribute type 3 has an invalid length.
[   62.816067][ T5087] netlink: 'syz.0.468': attribute type 3 has an invalid length.
[   62.964653][ T4974] veth0_vlan: entered promiscuous mode
[   62.996577][ T4974] veth1_vlan: entered promiscuous mode
[   63.022474][ T4974] veth0_macvtap: entered promiscuous mode
[   63.031107][ T4974] veth1_macvtap: entered promiscuous mode
[   63.044050][ T4974] batman_adv: batadv0: Interface activated: batadv_slave_0
[   63.055169][ T4974] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.074711][   T51] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.093327][   T51] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.119321][   T51] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.158513][ T5119] loop2: detected capacity change from 0 to 512
[   63.161045][   T51] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.252792][ T5126] loop5: detected capacity change from 0 to 2048
[   63.408947][ T5136] syz.5.473 (5136) used greatest stack depth: 9936 bytes left
[   63.468106][ T5140] netlink: 16 bytes leftover after parsing attributes in process `syz.0.475'.
[   63.599652][ T5152] netlink: 'syz.4.480': attribute type 21 has an invalid length.
[   63.607402][ T5152] netlink: 156 bytes leftover after parsing attributes in process `syz.4.480'.
[   63.622394][ T5152] loop4: detected capacity change from 0 to 764
[   63.643319][ T5152] rock: directory entry would overflow storage
[   63.649512][ T5152] rock: sig=0x4f50, size=4, remaining=3
[   63.655096][ T5152] iso9660: Corrupted directory entry in block 6 of inode 1792
[   63.675905][ T5155] netlink: 5 bytes leftover after parsing attributes in process `syz.0.481'.
[   63.684967][ T5155] 0ªî{X¹¦: renamed from gretap0
[   63.694905][ T5155] 0ªî{X¹¦: entered allmulticast mode
[   63.701910][ T5155] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[   63.745555][ T5161] serio: Serial port ptm0
[   63.811515][ T5166] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   63.821165][ T5166] FAT-fs (loop9): unable to read boot sector
[   64.015938][ T5180] loop0: detected capacity change from 0 to 512
[   64.032880][ T5180] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   64.065555][ T5185] FAULT_INJECTION: forcing a failure.
[   64.065555][ T5185] name failslab, interval 1, probability 0, space 0, times 0
[   64.078185][ T5185] CPU: 1 UID: 0 PID: 5185 Comm: syz.4.494 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   64.078347][ T5185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   64.078357][ T5185] Call Trace:
[   64.078363][ T5185]  <TASK>
[   64.078369][ T5185]  __dump_stack+0x1d/0x30
[   64.078391][ T5185]  dump_stack_lvl+0xe8/0x140
[   64.078407][ T5185]  dump_stack+0x15/0x1b
[   64.078478][ T5185]  should_fail_ex+0x265/0x280
[   64.078503][ T5185]  should_failslab+0x8c/0xb0
[   64.078528][ T5185]  kmem_cache_alloc_noprof+0x50/0x310
[   64.078556][ T5185]  ? getname_flags+0x80/0x3b0
[   64.078644][ T5185]  getname_flags+0x80/0x3b0
[   64.078829][ T5185]  path_setxattrat+0x223/0x310
[   64.078870][ T5185]  __x64_sys_lsetxattr+0x71/0x90
[   64.078891][ T5185]  x64_sys_call+0x2877/0x2ff0
[   64.078983][ T5185]  do_syscall_64+0xd2/0x200
[   64.079109][ T5185]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   64.079134][ T5185]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   64.079234][ T5185]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.079256][ T5185] RIP: 0033:0x7f893c4beba9
[   64.079271][ T5185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.079352][ T5185] RSP: 002b:00007f893af27038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[   64.079369][ T5185] RAX: ffffffffffffffda RBX: 00007f893c705fa0 RCX: 00007f893c4beba9
[   64.079379][ T5185] RDX: 00002000000000c0 RSI: 0000200000000080 RDI: 0000200000000040
[   64.079390][ T5185] RBP: 00007f893af27090 R08: 0000000000000001 R09: 0000000000000000
[   64.079437][ T5185] R10: 0000000000000026 R11: 0000000000000246 R12: 0000000000000001
[   64.079450][ T5185] R13: 00007f893c706038 R14: 00007f893c705fa0 R15: 00007ffe2292ef88
[   64.079493][ T5185]  </TASK>
[   64.257101][ T5171] loop5: detected capacity change from 0 to 512
[   64.266693][ T5180] ext4 filesystem being mounted at /93/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.281689][ T5171] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[   64.333935][ T5171] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e02c, mo2=0002]
[   64.345282][ T5171] EXT4-fs (loop5): orphan cleanup on readonly fs
[   64.345805][ T5198] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5198 comm=syz.2.497
[   64.352303][ T5171] EXT4-fs error (device loop5): ext4_orphan_get:1418: comm wÞ£ÿ: bad orphan inode 267
[   64.376000][ T5171] EXT4-fs (loop5): Remounting filesystem read-only
[   64.453799][   T29] kauditd_printk_skb: 222 callbacks suppressed
[   64.453812][   T29] audit: type=1326 audit(1757699682.471:1044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5199 comm="syz.4.498" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f893c4beba9 code=0x0
[   64.786254][ T5205] loop5: detected capacity change from 0 to 8192
[   64.814205][ T5211] loop3: detected capacity change from 0 to 1024
[   64.822606][ T5211] EXT4-fs: Ignoring removed orlov option
[   64.828354][ T5211] EXT4-fs: Ignoring removed nobh option
[   64.834563][ T5211] EXT4-fs: Ignoring removed bh option
[   64.863956][ T5213] loop5: detected capacity change from 0 to 1024
[   64.920354][ T5211] SELinux: failed to load policy
[   64.971179][ T5224] loop0: detected capacity change from 0 to 128
[   65.020386][ T5224] FAULT_INJECTION: forcing a failure.
[   65.020386][ T5224] name failslab, interval 1, probability 0, space 0, times 0
[   65.033065][ T5224] CPU: 1 UID: 0 PID: 5224 Comm: syz.0.505 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   65.033092][ T5224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   65.033104][ T5224] Call Trace:
[   65.033110][ T5224]  <TASK>
[   65.033118][ T5224]  __dump_stack+0x1d/0x30
[   65.033139][ T5224]  dump_stack_lvl+0xe8/0x140
[   65.033157][ T5224]  dump_stack+0x15/0x1b
[   65.033249][ T5224]  should_fail_ex+0x265/0x280
[   65.033335][ T5224]  should_failslab+0x8c/0xb0
[   65.033363][ T5224]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   65.033386][ T5224]  ? fat_alloc_inode+0x38/0xc0
[   65.033406][ T5224]  ? __pfx_fat_alloc_inode+0x10/0x10
[   65.033487][ T5224]  fat_alloc_inode+0x38/0xc0
[   65.033542][ T5224]  ? __pfx_fat_alloc_inode+0x10/0x10
[   65.033560][ T5224]  alloc_inode+0x40/0x170
[   65.033578][ T5224]  new_inode+0x1d/0xe0
[   65.033670][ T5224]  fat_build_inode+0x169/0x290
[   65.033770][ T5224]  vfat_create+0xef/0x190
[   65.033814][ T5224]  ? __pfx_vfat_create+0x10/0x10
[   65.033845][ T5224]  path_openat+0x1105/0x2170
[   65.033868][ T5224]  do_filp_open+0x109/0x230
[   65.033890][ T5224]  do_sys_openat2+0xa6/0x110
[   65.033972][ T5224]  __x64_sys_open+0xe6/0x110
[   65.033997][ T5224]  x64_sys_call+0x1457/0x2ff0
[   65.034063][ T5224]  do_syscall_64+0xd2/0x200
[   65.034128][ T5224]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   65.034153][ T5224]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   65.034176][ T5224]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.034286][ T5224] RIP: 0033:0x7f4cc11deba9
[   65.034300][ T5224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.034314][ T5224] RSP: 002b:00007f4cbfc47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[   65.034331][ T5224] RAX: ffffffffffffffda RBX: 00007f4cc1425fa0 RCX: 00007f4cc11deba9
[   65.034344][ T5224] RDX: 0000000000000000 RSI: 0000000000000040 RDI: 0000200000000040
[   65.034426][ T5224] RBP: 00007f4cbfc47090 R08: 0000000000000000 R09: 0000000000000000
[   65.034438][ T5224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   65.034478][ T5224] R13: 00007f4cc1426038 R14: 00007f4cc1425fa0 R15: 00007ffdd4e0c2f8
[   65.034496][ T5224]  </TASK>
[   65.265806][ T5232] loop4: detected capacity change from 0 to 256
[   65.290272][ T5232] FAT-fs (loop4): Invalid FSINFO signature: 0x0ffffff8, 0x00000000 (sector = 33)
[   65.307577][ T5232] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 1, start df000002)
[   65.318169][ T5232] FAT-fs (loop4): Filesystem has been set read-only
[   65.333473][   T29] audit: type=1400 audit(1757699683.351:1045): avc:  denied  { getopt } for  pid=5240 comm="syz.2.511" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   65.357388][ T5241] 9pnet_fd: Insufficient options for proto=fd
[   65.364260][   T29] audit: type=1400 audit(1757699683.381:1046): avc:  denied  { read } for  pid=5240 comm="syz.2.511" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   65.387429][   T29] audit: type=1400 audit(1757699683.381:1047): avc:  denied  { open } for  pid=5240 comm="syz.2.511" path="/dev/input/event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   65.412043][   T29] audit: type=1326 audit(1757699683.381:1048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5242 comm="syz.0.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cc11deba9 code=0x7ffc0000
[   65.435431][   T29] audit: type=1326 audit(1757699683.381:1049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5242 comm="syz.0.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cc11deba9 code=0x7ffc0000
[   65.458730][   T29] audit: type=1326 audit(1757699683.381:1050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5242 comm="syz.0.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4cc11deba9 code=0x7ffc0000
[   65.482094][   T29] audit: type=1326 audit(1757699683.381:1051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5242 comm="syz.0.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cc11deba9 code=0x7ffc0000
[   65.505405][   T29] audit: type=1326 audit(1757699683.381:1052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5242 comm="syz.0.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4cc11deba9 code=0x7ffc0000
[   65.528859][   T29] audit: type=1326 audit(1757699683.381:1053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5242 comm="syz.0.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cc11deba9 code=0x7ffc0000
[   65.565772][ T5243] loop0: detected capacity change from 0 to 512
[   65.572250][ T5246] loop4: detected capacity change from 0 to 512
[   65.598803][ T5243] EXT4-fs warning (device loop0): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   65.599700][ T5246] EXT4-fs mount: 31 callbacks suppressed
[   65.599714][ T5246] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   65.631984][ T5246] ext4 filesystem being mounted at /95/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.632161][ T5243] EXT4-fs (loop0): mount failed
[   65.655341][ T5246] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.512: Failed to acquire dquot type 0
[   65.690008][ T5255] loop0: detected capacity change from 0 to 512
[   65.705867][ T5255] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   65.716642][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   65.717426][ T5255] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   65.832772][ T5263] loop4: detected capacity change from 0 to 8192
[   66.182027][ T5267] netlink: 'syz.2.517': attribute type 29 has an invalid length.
[   66.496824][ T5275] hub 9-0:1.0: USB hub found
[   66.497992][ T5275] hub 9-0:1.0: 8 ports detected
[   66.601432][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.651005][ T5283] loop2: detected capacity change from 0 to 1024
[   66.658086][ T5283] EXT4-fs: Ignoring removed orlov option
[   66.676937][ T5283] EXT4-fs (loop2): VFS: Can't find ext4 filesystem
[   66.899625][ T5297] loop5: detected capacity change from 0 to 1024
[   66.919686][ T5297] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.002055][ T4974] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.068518][    C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[   67.164181][ T5312] sd 0:0:1:0: device reset
[   67.242706][ T5316] loop0: detected capacity change from 0 to 1024
[   67.273137][ T5316] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   67.328950][ T5316] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.531: Invalid block bitmap block 0 in block_group 0
[   67.359251][ T5316] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.531: Failed to acquire dquot type 0
[   67.384107][ T5316] EXT4-fs error (device loop0): ext4_free_blocks:6696: comm syz.0.531: Freeing blocks not in datazone - block = 0, count = 4096
[   67.419003][ T5316] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.531: Invalid inode bitmap blk 0 in block_group 0
[   67.432656][ T5289] loop4: detected capacity change from 0 to 8192
[   67.447980][ T5316] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[   67.448606][   T41] EXT4-fs error (device loop0): ext4_release_dquot:6973: comm kworker/u8:2: Failed to release dquot type 0
[   67.468863][ T5316] EXT4-fs (loop0): 1 orphan inode deleted
[   67.480533][ T5316] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.574011][ T5316] syz.0.531 (5316) used greatest stack depth: 9312 bytes left
[   67.582299][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.028318][ T5305] loop3: detected capacity change from 0 to 8192
[   68.299574][ T5373] netlink: 'syz.3.549': attribute type 21 has an invalid length.
[   68.307353][ T5373] netlink: 156 bytes leftover after parsing attributes in process `syz.3.549'.
[   68.322753][ T5373] loop3: detected capacity change from 0 to 764
[   68.341934][ T5373] rock: directory entry would overflow storage
[   68.348110][ T5373] rock: sig=0x4f50, size=4, remaining=3
[   68.354425][ T5373] iso9660: Corrupted directory entry in block 6 of inode 1792
[   68.584104][ T5365] loop4: detected capacity change from 0 to 8192
[   68.649798][ T5392] loop5: detected capacity change from 0 to 256
[   68.665925][ T5392] FAT-fs (loop5): Invalid FSINFO signature: 0x0ffffff8, 0x00000000 (sector = 33)
[   68.685216][ T5392] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 1, start df000002)
[   68.695206][ T5392] FAT-fs (loop5): Filesystem has been set read-only
[   68.696752][ T5395] loop4: detected capacity change from 0 to 512
[   68.746396][ T5395] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.555: bad orphan inode 11
[   68.757135][ T5395] ext4_test_bit(bit=10, block=4) = 1
[   68.757149][ T5395] is_bad_inode(inode)=0
[   68.757156][ T5395] NEXT_ORPHAN(inode)=2080374784
[   68.772101][ T5395] max_ino=32
[   68.772130][ T5395] i_nlink=0
[   68.779303][ T5395] EXT4-fs (loop4): 1 truncate cleaned up
[   68.779693][ T5395] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.815661][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.960390][ T5413] netlink: 4 bytes leftover after parsing attributes in process `syz.5.560'.
[   68.980369][ T5413] FAULT_INJECTION: forcing a failure.
[   68.980369][ T5413] name failslab, interval 1, probability 0, space 0, times 0
[   68.993984][ T5413] CPU: 0 UID: 0 PID: 5413 Comm: syz.5.560 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   68.994067][ T5413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   68.994079][ T5413] Call Trace:
[   68.994086][ T5413]  <TASK>
[   68.994093][ T5413]  __dump_stack+0x1d/0x30
[   68.994114][ T5413]  dump_stack_lvl+0xe8/0x140
[   68.994194][ T5413]  dump_stack+0x15/0x1b
[   68.994211][ T5413]  should_fail_ex+0x265/0x280
[   68.994236][ T5413]  should_failslab+0x8c/0xb0
[   68.994261][ T5413]  kmem_cache_alloc_node_noprof+0x57/0x320
[   68.994316][ T5413]  ? __alloc_skb+0x101/0x320
[   68.994335][ T5413]  __alloc_skb+0x101/0x320
[   68.994356][ T5413]  rtmsg_ifinfo_build_skb+0x5f/0x1b0
[   68.994412][ T5413]  rtmsg_ifinfo+0x6d/0x110
[   68.994438][ T5413]  netif_close_many+0x14d/0x240
[   68.994470][ T5413]  ? finish_task_switch+0xad/0x2b0
[   68.994491][ T5413]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[   68.994570][ T5413]  unregister_netdevice_many_notify+0x437/0x15d0
[   68.994608][ T5413]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[   68.994629][ T5413]  rtnl_dellink+0x3cb/0x550
[   68.994656][ T5413]  ? mod_memcg_lruvec_state+0x1fc/0x2c0
[   68.994792][ T5413]  ? selinux_capable+0x31/0x40
[   68.994820][ T5413]  ? security_capable+0x83/0x90
[   68.994926][ T5413]  ? ns_capable+0x7d/0xb0
[   68.994947][ T5413]  ? __pfx_rtnl_dellink+0x10/0x10
[   68.995008][ T5413]  rtnetlink_rcv_msg+0x5fe/0x6d0
[   68.995113][ T5413]  netlink_rcv_skb+0x123/0x220
[   68.995136][ T5413]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   68.995184][ T5413]  rtnetlink_rcv+0x1c/0x30
[   68.995205][ T5413]  netlink_unicast+0x5bd/0x690
[   68.995245][ T5413]  netlink_sendmsg+0x58b/0x6b0
[   68.995271][ T5413]  ? __pfx_netlink_sendmsg+0x10/0x10
[   68.995297][ T5413]  __sock_sendmsg+0x145/0x180
[   68.995402][ T5413]  ____sys_sendmsg+0x31e/0x4e0
[   68.995424][ T5413]  ___sys_sendmsg+0x17b/0x1d0
[   68.995461][ T5413]  __x64_sys_sendmsg+0xd4/0x160
[   68.995535][ T5413]  x64_sys_call+0x191e/0x2ff0
[   68.995557][ T5413]  do_syscall_64+0xd2/0x200
[   68.995623][ T5413]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   68.995682][ T5413]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   68.995785][ T5413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.995806][ T5413] RIP: 0033:0x7fc47e9eeba9
[   68.995821][ T5413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.995838][ T5413] RSP: 002b:00007fc47d44f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   68.995857][ T5413] RAX: ffffffffffffffda RBX: 00007fc47ec35fa0 RCX: 00007fc47e9eeba9
[   68.995867][ T5413] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000006
[   68.995924][ T5413] RBP: 00007fc47d44f090 R08: 0000000000000000 R09: 0000000000000000
[   68.995937][ T5413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.995949][ T5413] R13: 00007fc47ec36038 R14: 00007fc47ec35fa0 R15: 00007ffda6371f28
[   68.995968][ T5413]  </TASK>
[   69.777273][ T5433] loop4: detected capacity change from 0 to 8192
[   70.448304][ T5447] loop5: detected capacity change from 0 to 1024
[   70.461156][ T5447] EXT4-fs: Ignoring removed orlov option
[   70.469684][ T5447] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[   70.596949][   T29] kauditd_printk_skb: 109 callbacks suppressed
[   70.596965][   T29] audit: type=1326 audit(1757699688.611:1157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5458 comm="syz.5.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc47e9eeba9 code=0x7ffc0000
[   70.675594][ T5462] random: crng reseeded on system resumption
[   70.678501][   T29] audit: type=1326 audit(1757699688.611:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5458 comm="syz.5.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc47e9eeba9 code=0x7ffc0000
[   70.705520][   T29] audit: type=1326 audit(1757699688.651:1159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5458 comm="syz.5.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc47e9eeba9 code=0x7ffc0000
[   70.729345][   T29] audit: type=1326 audit(1757699688.651:1160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5458 comm="syz.5.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc47e9eeba9 code=0x7ffc0000
[   70.752693][   T29] audit: type=1326 audit(1757699688.651:1161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5458 comm="syz.5.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fc47e9eeba9 code=0x7ffc0000
[   70.776551][   T29] audit: type=1326 audit(1757699688.651:1162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5458 comm="syz.5.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc47e9eeba9 code=0x7ffc0000
[   70.800532][   T29] audit: type=1326 audit(1757699688.651:1163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5458 comm="syz.5.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fc47e9eeba9 code=0x7ffc0000
[   70.823818][   T29] audit: type=1326 audit(1757699688.651:1164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5458 comm="syz.5.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc47e9eeba9 code=0x7ffc0000
[   70.847184][   T29] audit: type=1326 audit(1757699688.651:1165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5458 comm="syz.5.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fc47e9eeba9 code=0x7ffc0000
[   70.850044][ T5466] loop5: detected capacity change from 0 to 512
[   70.871062][   T29] audit: type=1326 audit(1757699688.651:1166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5458 comm="syz.5.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc47e9eeba9 code=0x7ffc0000
[   70.943576][ T5466] journal_path: Lookup failure for './bus'
[   70.949447][ T5466] EXT4-fs: error: could not find journal device path
[   71.018637][ T5468] hub 9-0:1.0: USB hub found
[   71.034121][ T5468] hub 9-0:1.0: 8 ports detected
[   71.317534][ T5495] random: crng reseeded on system resumption
[   71.359886][ T5497] loop0: detected capacity change from 0 to 512
[   71.389653][ T5497] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   71.405944][ T5497] ext4 filesystem being mounted at /115/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.433278][ T5500] loop3: detected capacity change from 0 to 1024
[   71.443140][ T5500] EXT4-fs: Ignoring removed orlov option
[   71.449331][ T5500] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[   71.458009][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   71.513020][ T5502] random: crng reseeded on system resumption
[   71.564592][ T5506] hub 9-0:1.0: USB hub found
[   71.571064][ T5506] hub 9-0:1.0: 8 ports detected
[   71.630737][ T5508] hub 9-0:1.0: USB hub found
[   71.636333][ T5512] loop5: detected capacity change from 0 to 1024
[   71.643325][ T5508] hub 9-0:1.0: 8 ports detected
[   71.674911][ T5512] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.766968][ T4974] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.042432][ T5551] loop5: detected capacity change from 0 to 256
[   72.060086][ T5551] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   72.098541][ T5551] netlink: 8 bytes leftover after parsing attributes in process `syz.5.602'.
[   72.108505][    C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[   72.145258][ T5555] loop3: detected capacity change from 0 to 1024
[   72.214038][ T5555] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   72.249470][ T5555] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.603: Invalid block bitmap block 0 in block_group 0
[   72.264718][ T5555] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.603: Failed to acquire dquot type 0
[   72.276130][ T5555] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.603: Freeing blocks not in datazone - block = 0, count = 4096
[   72.293351][ T5555] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.603: Invalid inode bitmap blk 0 in block_group 0
[   72.306572][ T5555] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[   72.315263][   T41] EXT4-fs error (device loop3): ext4_release_dquot:6973: comm kworker/u8:2: Failed to release dquot type 0
[   72.328289][ T5555] EXT4-fs (loop3): 1 orphan inode deleted
[   72.334842][ T5555] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.372815][ T5578] netlink: 8 bytes leftover after parsing attributes in process `syz.5.605'.
[   72.386167][ T5580] loop4: detected capacity change from 0 to 1024
[   72.412641][ T5532] loop2: detected capacity change from 0 to 1024
[   72.432706][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.438951][ T5532] EXT4-fs: Ignoring removed orlov option
[   72.452960][ T5580] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.470468][ T5532] EXT4-fs (loop2): VFS: Can't find ext4 filesystem
[   72.546231][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.625761][ T5592] loop3: detected capacity change from 0 to 8192
[   73.567762][ T5615] loop4: detected capacity change from 0 to 256
[   73.645265][ T5615] FAT-fs (loop4): Invalid FSINFO signature: 0x0ffffff8, 0x00000000 (sector = 33)
[   73.731093][ T5615] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 1, start df000002)
[   73.741066][ T5615] FAT-fs (loop4): Filesystem has been set read-only
[   74.046929][ T5634] loop4: detected capacity change from 0 to 1024
[   74.079946][ T5634] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.298339][ T5640] loop3: detected capacity change from 0 to 1024
[   74.318671][ T5640] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   74.355247][ T5640] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.617: Invalid block bitmap block 0 in block_group 0
[   74.389587][ T5640] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.617: Failed to acquire dquot type 0
[   74.418613][ T5640] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.617: Freeing blocks not in datazone - block = 0, count = 4096
[   74.450810][ T5640] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.617: Invalid inode bitmap blk 0 in block_group 0
[   74.493613][ T5640] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[   74.524413][ T5640] EXT4-fs (loop3): 1 orphan inode deleted
[   74.540635][ T5640] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.731726][   T51] EXT4-fs error (device loop3): ext4_release_dquot:6973: comm kworker/u8:3: Failed to release dquot type 0
[   74.759627][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.768803][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.792186][ T5672] netlink: 'syz.4.622': attribute type 21 has an invalid length.
[   74.800056][ T5672] netlink: 156 bytes leftover after parsing attributes in process `syz.4.622'.
[   74.801899][ T5661] netlink: 8 bytes leftover after parsing attributes in process `syz.5.621'.
[   74.813453][ T5672] loop4: detected capacity change from 0 to 764
[   74.856990][ T5672] rock: directory entry would overflow storage
[   74.863885][ T5672] rock: sig=0x4f50, size=4, remaining=3
[   74.869541][ T5672] iso9660: Corrupted directory entry in block 6 of inode 1792
[   74.902119][ T5688] hub 9-0:1.0: USB hub found
[   74.907166][ T5688] hub 9-0:1.0: 8 ports detected
[   74.971509][ T5697] loop2: detected capacity change from 0 to 1024
[   74.989953][ T5697] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   75.003678][ T5697] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.626: Invalid block bitmap block 0 in block_group 0
[   75.040721][ T5706] random: crng reseeded on system resumption
[   75.049039][ T5697] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.626: Failed to acquire dquot type 0
[   75.092568][ T5697] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.626: Freeing blocks not in datazone - block = 0, count = 4096
[   75.107025][ T5697] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.626: Invalid inode bitmap blk 0 in block_group 0
[   75.121605][  T175] EXT4-fs error (device loop2): ext4_release_dquot:6973: comm kworker/u8:5: Failed to release dquot type 0
[   75.133778][ T5697] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[   75.149827][ T5713] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5713 comm=syz.4.632
[   75.167697][ T5697] EXT4-fs (loop2): 1 orphan inode deleted
[   75.186024][ T5697] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.226163][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.270799][ T5728] netlink: 8 bytes leftover after parsing attributes in process `syz.4.636'.
[   75.356461][ T5746] FAULT_INJECTION: forcing a failure.
[   75.356461][ T5746] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   75.370337][ T5746] CPU: 0 UID: 0 PID: 5746 Comm: syz.4.638 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   75.370360][ T5746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   75.370398][ T5746] Call Trace:
[   75.370404][ T5746]  <TASK>
[   75.370411][ T5746]  __dump_stack+0x1d/0x30
[   75.370495][ T5746]  dump_stack_lvl+0xe8/0x140
[   75.370570][ T5746]  dump_stack+0x15/0x1b
[   75.370648][ T5746]  should_fail_ex+0x265/0x280
[   75.370667][ T5746]  should_fail+0xb/0x20
[   75.370684][ T5746]  should_fail_usercopy+0x1a/0x20
[   75.370708][ T5746]  _copy_from_iter+0xd2/0xe80
[   75.370739][ T5746]  ? __build_skb_around+0x1a0/0x200
[   75.370832][ T5746]  ? __alloc_skb+0x223/0x320
[   75.370850][ T5746]  netlink_sendmsg+0x471/0x6b0
[   75.370877][ T5746]  ? __pfx_netlink_sendmsg+0x10/0x10
[   75.370897][ T5746]  __sock_sendmsg+0x145/0x180
[   75.370938][ T5746]  __sys_sendto+0x268/0x330
[   75.370968][ T5746]  __x64_sys_sendto+0x76/0x90
[   75.370991][ T5746]  x64_sys_call+0x2d05/0x2ff0
[   75.371012][ T5746]  do_syscall_64+0xd2/0x200
[   75.371266][ T5746]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   75.371294][ T5746]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   75.371323][ T5746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.371384][ T5746] RIP: 0033:0x7f893c4beba9
[   75.371400][ T5746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.371418][ T5746] RSP: 002b:00007f893af27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   75.371438][ T5746] RAX: ffffffffffffffda RBX: 00007f893c705fa0 RCX: 00007f893c4beba9
[   75.371451][ T5746] RDX: 0000000000000078 RSI: 0000200000000000 RDI: 0000000000000003
[   75.371462][ T5746] RBP: 00007f893af27090 R08: 0000000000000000 R09: 0000000000000000
[   75.371486][ T5746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.371496][ T5746] R13: 00007f893c706038 R14: 00007f893c705fa0 R15: 00007ffe2292ef88
[   75.371511][ T5746]  </TASK>
[   75.576345][ T5747] loop2: detected capacity change from 0 to 512
[   75.588904][ T5747] journal_path: Lookup failure for './bus'
[   75.594729][ T5747] EXT4-fs: error: could not find journal device path
[   75.677767][ T5751] FAULT_INJECTION: forcing a failure.
[   75.677767][ T5751] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   75.690916][ T5751] CPU: 0 UID: 0 PID: 5751 Comm: syz.4.639 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   75.690966][ T5751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   75.690978][ T5751] Call Trace:
[   75.690985][ T5751]  <TASK>
[   75.690993][ T5751]  __dump_stack+0x1d/0x30
[   75.691015][ T5751]  dump_stack_lvl+0xe8/0x140
[   75.691034][ T5751]  dump_stack+0x15/0x1b
[   75.691086][ T5751]  should_fail_ex+0x265/0x280
[   75.691110][ T5751]  should_fail+0xb/0x20
[   75.691165][ T5751]  should_fail_usercopy+0x1a/0x20
[   75.691190][ T5751]  _copy_to_user+0x20/0xa0
[   75.691282][ T5751]  simple_read_from_buffer+0xb5/0x130
[   75.691304][ T5751]  proc_fail_nth_read+0x10e/0x150
[   75.691331][ T5751]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   75.691370][ T5751]  vfs_read+0x1a8/0x770
[   75.691397][ T5751]  ? __rcu_read_unlock+0x4f/0x70
[   75.691419][ T5751]  ? __fget_files+0x184/0x1c0
[   75.691504][ T5751]  ksys_read+0xda/0x1a0
[   75.691526][ T5751]  __x64_sys_read+0x40/0x50
[   75.691548][ T5751]  x64_sys_call+0x27bc/0x2ff0
[   75.691569][ T5751]  do_syscall_64+0xd2/0x200
[   75.691608][ T5751]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   75.691654][ T5751]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   75.691702][ T5751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.691722][ T5751] RIP: 0033:0x7f893c4bd5bc
[   75.691738][ T5751] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   75.691805][ T5751] RSP: 002b:00007f893af27030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   75.691825][ T5751] RAX: ffffffffffffffda RBX: 00007f893c705fa0 RCX: 00007f893c4bd5bc
[   75.691838][ T5751] RDX: 000000000000000f RSI: 00007f893af270a0 RDI: 0000000000000004
[   75.691851][ T5751] RBP: 00007f893af27090 R08: 0000000000000000 R09: 000000000000001c
[   75.691928][ T5751] R10: 0000000020000845 R11: 0000000000000246 R12: 0000000000000001
[   75.691940][ T5751] R13: 00007f893c706038 R14: 00007f893c705fa0 R15: 00007ffe2292ef88
[   75.691958][ T5751]  </TASK>
[   75.933015][ T5756] bridge0: port 3(gretap0) entered blocking state
[   75.939579][ T5756] bridge0: port 3(gretap0) entered disabled state
[   75.948697][ T5756] gretap0: entered allmulticast mode
[   75.954554][ T5756] gretap0: entered promiscuous mode
[   75.970099][ T5758] loop2: detected capacity change from 0 to 1024
[   75.971852][ T5760] netlink: 4 bytes leftover after parsing attributes in process `syz.4.642'.
[   75.986912][ T5758] EXT4-fs: Ignoring removed orlov option
[   75.993638][ T5756] bridge0: port 3(gretap0) entered blocking state
[   76.000101][ T5756] bridge0: port 3(gretap0) entered forwarding state
[   76.003407][ T5758] EXT4-fs: Mount option(s) incompatible with ext2
[   76.054725][ T5762] IPv4: Oversized IP packet from 127.202.26.0
[   76.061704][ T5761] gretap0: left allmulticast mode
[   76.066735][ T5761] gretap0: left promiscuous mode
[   76.071926][ T5761] bridge0: port 3(gretap0) entered disabled state
[   76.090408][ T5764] netlink: 'syz.4.643': attribute type 21 has an invalid length.
[   76.098136][ T5764] netlink: 156 bytes leftover after parsing attributes in process `syz.4.643'.
[   76.107364][ T5758] loop2: detected capacity change from 0 to 512
[   76.114939][ T5758] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   76.125539][ T5764] loop4: detected capacity change from 0 to 764
[   76.184984][ T5758] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.219796][ T5764] rock: directory entry would overflow storage
[   76.225954][ T5764] rock: sig=0x4f50, size=4, remaining=3
[   76.231522][ T5764] iso9660: Corrupted directory entry in block 6 of inode 1792
[   76.273579][ T5758] ext4 filesystem being mounted at /121/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.359100][   T29] kauditd_printk_skb: 80 callbacks suppressed
[   76.359113][   T29] audit: type=1400 audit(1757699694.371:1238): avc:  denied  { write } for  pid=5752 comm="syz.2.640" name="file0" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   76.387674][   T29] audit: type=1400 audit(1757699694.371:1239): avc:  denied  { open } for  pid=5752 comm="syz.2.640" path="/121/file1/file0" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   76.420956][ T5775] loop4: detected capacity change from 0 to 1024
[   76.442362][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.454936][ T5775] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   76.480220][ T5775] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.646: Invalid block bitmap block 0 in block_group 0
[   76.583308][ T5775] Quota error (device loop4): write_blk: dquota write failed
[   76.588681][ T5793] loop5: detected capacity change from 0 to 1024
[   76.590752][ T5775] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[   76.615534][ T5797] netlink: 4 bytes leftover after parsing attributes in process `syz.3.653'.
[   76.631886][ T5793] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.681334][ T5803] loop3: detected capacity change from 0 to 1024
[   76.689813][ T5775] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.646: Failed to acquire dquot type 0
[   76.704262][ T5775] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.646: Freeing blocks not in datazone - block = 0, count = 4096
[   76.736202][ T5775] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.646: Invalid inode bitmap blk 0 in block_group 0
[   76.739390][   T29] audit: type=1326 audit(1757699694.751:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5794 comm="syz.2.651" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7b6855eba9 code=0x0
[   76.774302][   T60] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-7
[   76.783990][   T60] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:4: Failed to release dquot type 0
[   76.799342][ T5775] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[   76.808070][ T5803] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   76.818564][ T5775] EXT4-fs (loop4): 1 orphan inode deleted
[   76.819006][ T5775] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.846493][ T4974] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.858230][ T5803] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.654: Invalid block bitmap block 0 in block_group 0
[   76.876346][ T5803] Quota error (device loop3): write_blk: dquota write failed
[   76.884417][ T5803] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[   76.901751][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.908525][ T5803] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.654: Failed to acquire dquot type 0
[   76.923558][ T5803] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.654: Freeing blocks not in datazone - block = 0, count = 4096
[   76.942546][ T5803] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.654: Invalid inode bitmap blk 0 in block_group 0
[   76.956627][ T5803] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[   76.966275][   T60] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-7
[   76.975288][   T60] EXT4-fs error (device loop3): ext4_release_dquot:6973: comm kworker/u8:4: Failed to release dquot type 0
[   76.975341][ T5810] loop4: detected capacity change from 0 to 1024
[   77.018753][ T5810] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.031968][ T5803] EXT4-fs (loop3): 1 orphan inode deleted
[   77.044083][ T5803] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.080676][ T5818] loop0: detected capacity change from 0 to 512
[   77.087717][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.142609][ T5818] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   77.148511][    C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[   77.167930][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.207440][ T5818] ext4 filesystem being mounted at /122/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.261244][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   77.317681][ T5820] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[   77.325924][ T5820] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[   77.346902][ T5820] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   77.371885][ T5820] block device autoloading is deprecated and will be removed.
[   77.406589][ T5842] loop2: detected capacity change from 0 to 256
[   77.439503][ T5842] FAT-fs (loop2): Invalid FSINFO signature: 0x0ffffff8, 0x00000000 (sector = 33)
[   77.469096][ T5842] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 1, start df000002)
[   77.479152][ T5842] FAT-fs (loop2): Filesystem has been set read-only
[   77.541309][ T5845] loop4: detected capacity change from 0 to 512
[   77.558712][ T5845] journal_path: Lookup failure for './bus'
[   77.564572][ T5845] EXT4-fs: error: could not find journal device path
[   77.601234][ T5848] loop5: detected capacity change from 0 to 1024
[   77.616296][ T5848] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   77.637022][ T5848] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.666: Invalid block bitmap block 0 in block_group 0
[   77.702693][ T5848] Quota error (device loop5): write_blk: dquota write failed
[   77.716206][ T5853] random: crng reseeded on system resumption
[   77.736494][ T5848] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.666: Failed to acquire dquot type 0
[   77.764013][ T5848] EXT4-fs error (device loop5): ext4_free_blocks:6696: comm syz.5.666: Freeing blocks not in datazone - block = 0, count = 4096
[   77.811469][ T5848] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.666: Invalid inode bitmap blk 0 in block_group 0
[   77.834392][   T41] EXT4-fs error (device loop5): ext4_release_dquot:6973: comm kworker/u8:2: Failed to release dquot type 0
[   77.850616][ T5848] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[   77.869555][ T5866] netlink: 8 bytes leftover after parsing attributes in process `syz.3.673'.
[   77.871729][ T5868] loop2: detected capacity change from 0 to 512
[   77.878361][ T5866] netlink: 8 bytes leftover after parsing attributes in process `syz.3.673'.
[   77.889124][ T5848] EXT4-fs (loop5): 1 orphan inode deleted
[   77.899099][ T5866] netlink: 8 bytes leftover after parsing attributes in process `syz.3.673'.
[   77.923224][ T5848] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.947667][ T5868] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   77.975526][ T4974] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.985554][ T5868] ext4 filesystem being mounted at /125/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.012526][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   78.053452][ T5879] netlink: 'syz.2.677': attribute type 21 has an invalid length.
[   78.061301][ T5879] netlink: 156 bytes leftover after parsing attributes in process `syz.2.677'.
[   78.085098][ T5876] hub 9-0:1.0: USB hub found
[   78.092199][ T5876] hub 9-0:1.0: 8 ports detected
[   78.092573][ T5879] loop2: detected capacity change from 0 to 764
[   78.136497][ T5879] rock: directory entry would overflow storage
[   78.142712][ T5879] rock: sig=0x4f50, size=4, remaining=3
[   78.148260][ T5879] iso9660: Corrupted directory entry in block 6 of inode 1792
[   78.275589][ T5902] loop2: detected capacity change from 0 to 1024
[   78.282742][ T5902] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   78.316902][ T5902] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.686: Invalid block bitmap block 0 in block_group 0
[   78.387495][ T5902] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.686: Failed to acquire dquot type 0
[   78.437427][ T5902] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.686: Freeing blocks not in datazone - block = 0, count = 4096
[   78.459928][ T5902] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.686: Invalid inode bitmap blk 0 in block_group 0
[   78.478671][ T5624] EXT4-fs error (device loop2): ext4_release_dquot:6973: comm kworker/u8:8: Failed to release dquot type 0
[   78.491135][ T5902] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[   78.500070][ T5902] EXT4-fs (loop2): 1 orphan inode deleted
[   78.518057][ T5902] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.558852][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.599581][ T5917] FAULT_INJECTION: forcing a failure.
[   78.599581][ T5917] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   78.612858][ T5917] CPU: 1 UID: 0 PID: 5917 Comm: syz.2.690 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   78.612887][ T5917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   78.612900][ T5917] Call Trace:
[   78.612907][ T5917]  <TASK>
[   78.612916][ T5917]  __dump_stack+0x1d/0x30
[   78.612976][ T5917]  dump_stack_lvl+0xe8/0x140
[   78.612996][ T5917]  dump_stack+0x15/0x1b
[   78.613014][ T5917]  should_fail_ex+0x265/0x280
[   78.613075][ T5917]  should_fail_alloc_page+0xf2/0x100
[   78.613169][ T5917]  __alloc_frozen_pages_noprof+0xff/0x360
[   78.613253][ T5917]  alloc_pages_mpol+0xb3/0x250
[   78.613286][ T5917]  alloc_pages_noprof+0x90/0x130
[   78.613314][ T5917]  __pmd_alloc+0x47/0x470
[   78.613334][ T5917]  handle_mm_fault+0x19d4/0x2c20
[   78.613434][ T5917]  ? __rcu_read_unlock+0x4f/0x70
[   78.613463][ T5917]  do_user_addr_fault+0x3fe/0x1090
[   78.613555][ T5917]  ? path_openat+0x1bf8/0x2170
[   78.613576][ T5917]  exc_page_fault+0x62/0xa0
[   78.613603][ T5917]  asm_exc_page_fault+0x26/0x30
[   78.613624][ T5917] RIP: 0010:strncpy_from_user+0xa5/0x230
[   78.613731][ T5917] Code: 49 83 ff 07 0f 86 87 00 00 00 48 c7 04 24 00 00 00 00 4c 89 64 24 10 48 89 6c 24 08 49 89 ee 4c 89 7c 24 18 4d 89 fd 4c 89 e5 <4d> 8b 24 24 48 b8 ff fe fe fe fe fe fe fe 4d 8d 3c 04 4c 89 e3 48
[   78.613748][ T5917] RSP: 0018:ffffc90001967d20 EFLAGS: 00050216
[   78.613765][ T5917] RAX: ffffffff81f9486b RBX: 00000000ffffffff RCX: ffff88810183d280
[   78.613778][ T5917] RDX: 0000000000000000 RSI: 0000000000000100 RDI: 0000000000000007
[   78.613790][ T5917] RBP: 0000200000000000 R08: ffff88810183dd20 R09: 0000000000000000
[   78.613800][ T5917] R10: ffffc90001967da0 R11: 0001c90001967da0 R12: 0000200000000000
[   78.613883][ T5917] R13: 0000000000000100 R14: ffffc90001967da0 R15: 0000000000000100
[   78.613899][ T5917]  ? strncpy_from_user+0x7b/0x230
[   78.613933][ T5917]  path_getxattrat+0xab/0x2a0
[   78.614037][ T5917]  __x64_sys_fgetxattr+0x59/0x70
[   78.614063][ T5917]  x64_sys_call+0x1ab3/0x2ff0
[   78.614084][ T5917]  do_syscall_64+0xd2/0x200
[   78.614193][ T5917]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   78.614218][ T5917]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   78.614381][ T5917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.614458][ T5917] RIP: 0033:0x7f7b6855eba9
[   78.614470][ T5917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.614485][ T5917] RSP: 002b:00007f7b66fbf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c1
[   78.614500][ T5917] RAX: ffffffffffffffda RBX: 00007f7b687a5fa0 RCX: 00007f7b6855eba9
[   78.614513][ T5917] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffffff
[   78.614526][ T5917] RBP: 00007f7b66fbf090 R08: 0000000000000000 R09: 0000000000000000
[   78.614539][ T5917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   78.614557][ T5917] R13: 00007f7b687a6038 R14: 00007f7b687a5fa0 R15: 00007ffe8c6fbb98
[   78.614576][ T5917]  </TASK>
[   78.983475][ T5925] loop2: detected capacity change from 0 to 1024
[   79.069938][ T5925] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.284262][ T5939] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   79.475732][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.713792][ T5942] loop2: detected capacity change from 0 to 512
[   79.776233][ T5942] journal_path: Non-blockdev passed as './file1'
[   79.782674][ T5942] EXT4-fs: error: could not find journal device path
[   80.106440][ T5945] loop5: detected capacity change from 0 to 8192
[   80.159855][ T5951] __nla_validate_parse: 2 callbacks suppressed
[   80.159903][ T5951] netlink: 4 bytes leftover after parsing attributes in process `syz.3.703'.
[   80.246702][ T5953] netlink: 8 bytes leftover after parsing attributes in process `syz.2.702'.
[   80.328152][ T5951] hub 9-0:1.0: USB hub found
[   80.415862][ T5951] hub 9-0:1.0: 8 ports detected
[   80.577056][ T5915] loop4: detected capacity change from 0 to 8192
[   81.007987][ T5971] netlink: 'syz.5.707': attribute type 21 has an invalid length.
[   81.015826][ T5971] netlink: 156 bytes leftover after parsing attributes in process `syz.5.707'.
[   81.129945][ T5973] loop5: detected capacity change from 0 to 764
[   81.216081][ T5971] rock: directory entry would overflow storage
[   81.222299][ T5971] rock: sig=0x4f50, size=4, remaining=3
[   81.227830][ T5971] iso9660: Corrupted directory entry in block 6 of inode 1792
[   81.866962][ T5977] loop4: detected capacity change from 0 to 1024
[   82.062417][ T5981] loop3: detected capacity change from 0 to 512
[   82.080942][ T5981] journal_path: Lookup failure for './bus'
[   82.086772][ T5981] EXT4-fs: error: could not find journal device path
[   82.188633][    C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[   82.251099][   T29] kauditd_printk_skb: 9 callbacks suppressed
[   82.251141][   T29] audit: type=1400 audit(1757699700.271:1245): avc:  denied  { create } for  pid=5983 comm="syz.0.714" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   82.365777][   T29] audit: type=1400 audit(1757699700.301:1246): avc:  denied  { write } for  pid=5983 comm="syz.0.714" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   82.673967][ T6002] loop2: detected capacity change from 0 to 164
[   82.705683][ T6002] Unable to read rock-ridge attributes
[   82.728040][ T6002] random: crng reseeded on system resumption
[   82.738508][   T29] audit: type=1400 audit(1757699700.741:1247): avc:  denied  { read } for  pid=6001 comm="syz.2.720" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   82.762189][   T29] audit: type=1400 audit(1757699700.741:1248): avc:  denied  { ioctl } for  pid=6001 comm="syz.2.720" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   82.842662][ T6001] delete_channel: no stack
[   82.904826][ T6007] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=784 sclass=netlink_route_socket pid=6007 comm=syz.3.724
[   83.130624][ T6029] netlink: 8 bytes leftover after parsing attributes in process `syz.5.729'.
[   83.139758][ T6029] netlink: 8 bytes leftover after parsing attributes in process `syz.5.729'.
[   83.148565][ T6029] netlink: 8 bytes leftover after parsing attributes in process `syz.5.729'.
[   83.162803][ T6031] loop2: detected capacity change from 0 to 512
[   83.381799][ T6031] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   83.460116][ T6031] ext4 filesystem being mounted at /141/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.574428][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   83.705877][ T6053] netlink: 'syz.5.739': attribute type 21 has an invalid length.
[   83.713797][ T6053] netlink: 156 bytes leftover after parsing attributes in process `syz.5.739'.
[   83.731904][ T6053] loop5: detected capacity change from 0 to 764
[   83.755984][ T6053] rock: directory entry would overflow storage
[   83.762213][ T6053] rock: sig=0x4f50, size=4, remaining=3
[   83.767742][ T6053] iso9660: Corrupted directory entry in block 6 of inode 1792
[   83.854145][ T6057] netlink: 'syz.5.741': attribute type 21 has an invalid length.
[   83.864295][ T6057] netlink: 156 bytes leftover after parsing attributes in process `syz.5.741'.
[   83.873273][ T6057] netlink: 4 bytes leftover after parsing attributes in process `syz.5.741'.
[   83.958669][   T29] audit: type=1326 audit(1757699701.951:1249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6058 comm="syz.5.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc47e9eeba9 code=0x7ffc0000
[   83.982367][   T29] audit: type=1326 audit(1757699701.951:1250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6058 comm="syz.5.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc47e9eeba9 code=0x7ffc0000
[   84.005867][   T29] audit: type=1326 audit(1757699701.951:1251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6058 comm="syz.5.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc47e9eeba9 code=0x7ffc0000
[   84.029236][   T29] audit: type=1326 audit(1757699701.951:1252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6058 comm="syz.5.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc47e9eeba9 code=0x7ffc0000
[   84.052795][   T29] audit: type=1326 audit(1757699701.951:1253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6058 comm="syz.5.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc47e9eeba9 code=0x7ffc0000
[   84.076136][   T29] audit: type=1326 audit(1757699701.951:1254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6058 comm="syz.5.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc47e9eeba9 code=0x7ffc0000
[   84.103047][ T6059] pim6reg1: entered promiscuous mode
[   84.151734][ T6062] lo speed is unknown, defaulting to 1000
[   84.182476][ T6062] lo speed is unknown, defaulting to 1000
[   84.190026][ T6062] lo speed is unknown, defaulting to 1000
[   84.205099][ T6062] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   84.235863][ T6063] netlink: 'syz.2.738': attribute type 21 has an invalid length.
[   84.330576][ T6068] lo speed is unknown, defaulting to 1000
[   84.339602][ T6062] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   84.379594][ T6071] loop5: detected capacity change from 0 to 1024
[   84.397960][ T6063] netlink: 156 bytes leftover after parsing attributes in process `syz.2.738'.
[   84.518062][ T6062] lo speed is unknown, defaulting to 1000
[   84.537239][ T6062] lo speed is unknown, defaulting to 1000
[   84.547901][ T6062] lo speed is unknown, defaulting to 1000
[   84.564274][ T6062] lo speed is unknown, defaulting to 1000
[   84.597094][ T6071] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.639751][ T6078] loop4: detected capacity change from 0 to 1024
[   84.650908][ T6062] lo speed is unknown, defaulting to 1000
[   84.719276][ T4974] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.784710][ T6086] netlink: 'syz.4.751': attribute type 21 has an invalid length.
[   84.802663][ T6084] loop5: detected capacity change from 0 to 1024
[   84.805881][ T6086] loop4: detected capacity change from 0 to 764
[   84.839105][ T6084] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.863705][ T6086] rock: directory entry would overflow storage
[   84.869935][ T6086] rock: sig=0x4f50, size=4, remaining=3
[   84.875481][ T6086] iso9660: Corrupted directory entry in block 6 of inode 1792
[   84.899055][ T6088] loop0: detected capacity change from 0 to 128
[   84.909777][ T6088] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[   84.932172][ T6091] hub 9-0:1.0: USB hub found
[   84.948537][ T6091] hub 9-0:1.0: 8 ports detected
[   85.029239][ T4974] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.041193][ T6098] random: crng reseeded on system resumption
[   85.122124][ T6094] loop0: detected capacity change from 0 to 8192
[   85.458592][ T6112] loop4: detected capacity change from 0 to 1024
[   85.546545][ T6112] EXT4-fs: inline encryption not supported
[   85.661686][ T6112] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.747887][ T6065] loop3: detected capacity change from 0 to 8192
[   85.850568][ T6117] FAULT_INJECTION: forcing a failure.
[   85.850568][ T6117] name failslab, interval 1, probability 0, space 0, times 0
[   85.863223][ T6117] CPU: 0 UID: 0 PID: 6117 Comm: syz.4.759 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   85.863277][ T6117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   85.863290][ T6117] Call Trace:
[   85.863296][ T6117]  <TASK>
[   85.863304][ T6117]  __dump_stack+0x1d/0x30
[   85.863331][ T6117]  dump_stack_lvl+0xe8/0x140
[   85.863351][ T6117]  dump_stack+0x15/0x1b
[   85.863390][ T6117]  should_fail_ex+0x265/0x280
[   85.863450][ T6117]  should_failslab+0x8c/0xb0
[   85.863473][ T6117]  kmem_cache_alloc_noprof+0x50/0x310
[   85.863495][ T6117]  ? alloc_empty_file+0x76/0x200
[   85.863524][ T6117]  ? mntput+0x4b/0x80
[   85.863606][ T6117]  alloc_empty_file+0x76/0x200
[   85.863629][ T6117]  path_openat+0x68/0x2170
[   85.863647][ T6117]  ? _parse_integer_limit+0x170/0x190
[   85.863674][ T6117]  ? kstrtoull+0x111/0x140
[   85.863775][ T6117]  ? kstrtouint+0x76/0xc0
[   85.863824][ T6117]  do_filp_open+0x109/0x230
[   85.863847][ T6117]  do_sys_openat2+0xa6/0x110
[   85.863907][ T6117]  __x64_sys_openat+0xf2/0x120
[   85.863934][ T6117]  x64_sys_call+0x2e9c/0x2ff0
[   85.863957][ T6117]  do_syscall_64+0xd2/0x200
[   85.864047][ T6117]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   85.864108][ T6117]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   85.864130][ T6117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.864203][ T6117] RIP: 0033:0x7f893c4beba9
[   85.864216][ T6117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.864268][ T6117] RSP: 002b:00007f893af06038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   85.864285][ T6117] RAX: ffffffffffffffda RBX: 00007f893c706090 RCX: 00007f893c4beba9
[   85.864295][ T6117] RDX: 0000000000200002 RSI: 0000200000000000 RDI: ffffffffffffff9c
[   85.864309][ T6117] RBP: 00007f893af06090 R08: 0000000000000000 R09: 0000000000000000
[   85.864327][ T6117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   85.864386][ T6117] R13: 00007f893c706128 R14: 00007f893c706090 R15: 00007ffe2292ef88
[   85.864401][ T6117]  </TASK>
[   86.385355][ T6119] random: crng reseeded on system resumption
[   86.396347][ T6121] loop3: detected capacity change from 0 to 1024
[   86.405729][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.500903][ T6128] __nla_validate_parse: 3 callbacks suppressed
[   86.500966][ T6128] netlink: 8 bytes leftover after parsing attributes in process `syz.3.765'.
[   86.516541][ T6128] netlink: 8 bytes leftover after parsing attributes in process `syz.3.765'.
[   86.551957][ T6128] netlink: 8 bytes leftover after parsing attributes in process `syz.3.765'.
[   86.581262][ T6136] netlink: 72 bytes leftover after parsing attributes in process `+}[@'.
[   86.621033][ T6140] netlink: 16 bytes leftover after parsing attributes in process `syz.2.772'.
[   86.668826][    C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[   86.703656][ T6149] netlink: 'syz.2.773': attribute type 21 has an invalid length.
[   86.711510][ T6149] netlink: 156 bytes leftover after parsing attributes in process `syz.2.773'.
[   86.737342][ T6149] loop2: detected capacity change from 0 to 764
[   86.754858][ T6149] rock: directory entry would overflow storage
[   86.761080][ T6149] rock: sig=0x4f50, size=4, remaining=3
[   86.766715][ T6149] iso9660: Corrupted directory entry in block 6 of inode 1792
[   86.978665][ T6154] loop0: detected capacity change from 0 to 1024
[   86.987001][ T6154] EXT4-fs: Ignoring removed orlov option
[   87.009264][ T6154] EXT4-fs (loop0): VFS: Can't find ext4 filesystem
[   87.133232][ T6157] loop0: detected capacity change from 0 to 1024
[   87.186521][ T6159] random: crng reseeded on system resumption
[   87.229632][    C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[   87.375286][ T6163] loop4: detected capacity change from 0 to 8192
[   87.587315][ T6168] netlink: 8 bytes leftover after parsing attributes in process `syz.3.781'.
[   87.596145][ T6168] netlink: 8 bytes leftover after parsing attributes in process `syz.3.781'.
[   87.661536][ T6153] loop2: detected capacity change from 0 to 8192
[   87.686912][ T6168] netlink: 8 bytes leftover after parsing attributes in process `syz.3.781'.
[   87.882233][ T6173] FAULT_INJECTION: forcing a failure.
[   87.882233][ T6173] name failslab, interval 1, probability 0, space 0, times 0
[   87.894910][ T6173] CPU: 1 UID: 0 PID: 6173 Comm: syz.3.783 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   87.894956][ T6173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   87.894968][ T6173] Call Trace:
[   87.894975][ T6173]  <TASK>
[   87.894983][ T6173]  __dump_stack+0x1d/0x30
[   87.895005][ T6173]  dump_stack_lvl+0xe8/0x140
[   87.895025][ T6173]  dump_stack+0x15/0x1b
[   87.895041][ T6173]  should_fail_ex+0x265/0x280
[   87.895102][ T6173]  should_failslab+0x8c/0xb0
[   87.895146][ T6173]  kmem_cache_alloc_noprof+0x50/0x310
[   87.895174][ T6173]  ? skb_clone+0x151/0x1f0
[   87.895195][ T6173]  skb_clone+0x151/0x1f0
[   87.895215][ T6173]  __netlink_deliver_tap+0x2c9/0x500
[   87.895302][ T6173]  netlink_unicast+0x66b/0x690
[   87.895339][ T6173]  netlink_sendmsg+0x58b/0x6b0
[   87.895366][ T6173]  ? __pfx_netlink_sendmsg+0x10/0x10
[   87.895389][ T6173]  __sock_sendmsg+0x145/0x180
[   87.895449][ T6173]  ____sys_sendmsg+0x31e/0x4e0
[   87.895475][ T6173]  ___sys_sendmsg+0x17b/0x1d0
[   87.895511][ T6173]  __x64_sys_sendmsg+0xd4/0x160
[   87.895613][ T6173]  x64_sys_call+0x191e/0x2ff0
[   87.895632][ T6173]  do_syscall_64+0xd2/0x200
[   87.895657][ T6173]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   87.895707][ T6173]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   87.895773][ T6173]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.895790][ T6173] RIP: 0033:0x7f918ef2eba9
[   87.895805][ T6173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.895843][ T6173] RSP: 002b:00007f918d997038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   87.895929][ T6173] RAX: ffffffffffffffda RBX: 00007f918f175fa0 RCX: 00007f918ef2eba9
[   87.895942][ T6173] RDX: 00000000000400c0 RSI: 0000200000000140 RDI: 0000000000000004
[   87.895955][ T6173] RBP: 00007f918d997090 R08: 0000000000000000 R09: 0000000000000000
[   87.896049][ T6173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   87.896140][ T6173] R13: 00007f918f176038 R14: 00007f918f175fa0 R15: 00007ffdca293098
[   87.896176][ T6173]  </TASK>
[   87.896189][ T6173] netlink: 'syz.3.783': attribute type 21 has an invalid length.
[   88.205155][ T6179] siw: device registration error -23
[   88.213153][ T6173] netlink: 156 bytes leftover after parsing attributes in process `syz.3.783'.
[   88.250170][ T6181] loop4: detected capacity change from 0 to 1024
[   88.279492][ T6183] random: crng reseeded on system resumption
[   88.289685][ T6181] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   88.354162][ T6181] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.787: Invalid block bitmap block 0 in block_group 0
[   88.374205][ T6181] __quota_error: 59 callbacks suppressed
[   88.374219][ T6181] Quota error (device loop4): write_blk: dquota write failed
[   88.387259][ T6181] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[   88.413393][ T6181] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.787: Failed to acquire dquot type 0
[   88.461460][ T6181] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.787: Freeing blocks not in datazone - block = 0, count = 4096
[   88.485065][ T6181] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.787: Invalid inode bitmap blk 0 in block_group 0
[   88.500339][ T6193] loop3: detected capacity change from 0 to 512
[   88.516297][ T6193] EXT4-fs: Ignoring removed bh option
[   88.545210][ T6195] loop2: detected capacity change from 0 to 1024
[   88.557656][ T6181] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[   88.566954][ T6193] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   88.609685][ T6181] EXT4-fs (loop4): 1 orphan inode deleted
[   88.615853][ T6181] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.710699][ T6193] EXT4-fs (loop3): 1 truncate cleaned up
[   88.716690][ T6193] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.744735][ T6199] hub 9-0:1.0: USB hub found
[   88.755435][ T6199] hub 9-0:1.0: 8 ports detected
[   88.761287][ T6193] EXT4-fs warning (device loop3): verify_group_input:137: Cannot add at group 1073741827 (only 1 groups)
[   88.817408][  T188] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-7
[   88.819921][ T6205] netlink: 'syz.0.797': attribute type 21 has an invalid length.
[   88.826402][  T188] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:6: Failed to release dquot type 0
[   88.851808][   T29] audit: type=1400 audit(1757699706.871:1314): avc:  denied  { create } for  pid=6190 comm="syz.3.791" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   88.875056][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.894549][   T29] audit: type=1400 audit(1757699706.871:1315): avc:  denied  { bind } for  pid=6190 comm="syz.3.791" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   88.916673][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.927152][ T6201] loop2: detected capacity change from 0 to 8192
[   88.938611][ T6205] loop0: detected capacity change from 0 to 764
[   89.002408][ T6207] loop5: detected capacity change from 0 to 8192
[   89.005860][ T6212] loop3: detected capacity change from 0 to 1024
[   89.016987][ T6205] rock: directory entry would overflow storage
[   89.023314][ T6205] rock: sig=0x4f50, size=4, remaining=3
[   89.028953][ T6205] iso9660: Corrupted directory entry in block 6 of inode 1792
[   89.073940][ T6212] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.114470][ T6221] random: crng reseeded on system resumption
[   89.216266][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.239417][   T29] audit: type=1326 audit(1757699707.251:1316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6223 comm="syz.0.803" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4cc11deba9 code=0x0
[   89.301921][ T6234] loop4: detected capacity change from 0 to 1024
[   89.334729][ T6234] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   89.392609][ T6234] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.806: Invalid block bitmap block 0 in block_group 0
[   89.406639][ T6234] Quota error (device loop4): write_blk: dquota write failed
[   89.414081][ T6234] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[   89.424065][ T6234] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.806: Failed to acquire dquot type 0
[   89.435466][ T6234] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.806: Freeing blocks not in datazone - block = 0, count = 4096
[   89.450702][ T6234] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.806: Invalid inode bitmap blk 0 in block_group 0
[   89.463849][ T6234] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[   89.473718][ T6234] EXT4-fs (loop4): 1 orphan inode deleted
[   89.481517][ T6234] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.857467][ T6243] loop0: detected capacity change from 0 to 256
[   89.902072][ T6242] loop5: detected capacity change from 0 to 1024
[   89.914276][ T6243] FAT-fs (loop0): Invalid FSINFO signature: 0x0ffffff8, 0x00000000 (sector = 33)
[   89.982167][ T6242] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   90.010862][ T6243] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 1, start df000002)
[   90.020921][ T6243] FAT-fs (loop0): Filesystem has been set read-only
[   90.391095][ T6251] FAULT_INJECTION: forcing a failure.
[   90.391095][ T6251] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   90.404304][ T6251] CPU: 1 UID: 0 PID: 6251 Comm: +}[@ Not tainted syzkaller #0 PREEMPT(voluntary) 
[   90.404333][ T6251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   90.404345][ T6251] Call Trace:
[   90.404352][ T6251]  <TASK>
[   90.404360][ T6251]  __dump_stack+0x1d/0x30
[   90.404380][ T6251]  dump_stack_lvl+0xe8/0x140
[   90.404422][ T6251]  dump_stack+0x15/0x1b
[   90.404437][ T6251]  should_fail_ex+0x265/0x280
[   90.404481][ T6251]  should_fail+0xb/0x20
[   90.404497][ T6251]  should_fail_usercopy+0x1a/0x20
[   90.404521][ T6251]  _copy_from_iter+0xd2/0xe80
[   90.404545][ T6251]  ? __build_skb_around+0x1a0/0x200
[   90.404623][ T6251]  ? __alloc_skb+0x223/0x320
[   90.404647][ T6251]  netlink_sendmsg+0x471/0x6b0
[   90.404678][ T6251]  ? __pfx_netlink_sendmsg+0x10/0x10
[   90.404698][ T6251]  __sock_sendmsg+0x145/0x180
[   90.404725][ T6251]  ____sys_sendmsg+0x31e/0x4e0
[   90.404820][ T6251]  ___sys_sendmsg+0x17b/0x1d0
[   90.404854][ T6251]  __x64_sys_sendmsg+0xd4/0x160
[   90.404880][ T6251]  x64_sys_call+0x191e/0x2ff0
[   90.404902][ T6251]  do_syscall_64+0xd2/0x200
[   90.404980][ T6251]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   90.405003][ T6251]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   90.405075][ T6251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.405095][ T6251] RIP: 0033:0x7f4cc11deba9
[   90.405121][ T6251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.405138][ T6251] RSP: 002b:00007f4cbfc47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   90.405155][ T6251] RAX: ffffffffffffffda RBX: 00007f4cc1425fa0 RCX: 00007f4cc11deba9
[   90.405169][ T6251] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000008
[   90.405196][ T6251] RBP: 00007f4cbfc47090 R08: 0000000000000000 R09: 0000000000000000
[   90.405209][ T6251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.405220][ T6251] R13: 00007f4cc1426038 R14: 00007f4cc1425fa0 R15: 00007ffdd4e0c2f8
[   90.405235][ T6251]  </TASK>
[   90.405496][   T41] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-7
[   90.612866][   T41] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:2: Failed to release dquot type 0
[   90.628806][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.705856][ T6254] netlink: 'syz.0.812': attribute type 21 has an invalid length.
[   90.717485][ T6254] loop0: detected capacity change from 0 to 764
[   90.749685][ T6254] rock: directory entry would overflow storage
[   90.755918][ T6254] rock: sig=0x4f50, size=4, remaining=3
[   90.761516][ T6254] iso9660: Corrupted directory entry in block 6 of inode 1792
[   90.843267][   T29] audit: type=1326 audit(1757699708.861:1317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6257 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cc11deba9 code=0x7ffc0000
[   90.911664][ T4974] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.957693][ T6264] random: crng reseeded on system resumption
[   90.960259][ T6266] loop5: detected capacity change from 0 to 1024
[   90.987824][ T3582] ==================================================================
[   90.995925][ T3582] BUG: KCSAN: data-race in __dentry_kill / fast_dput
[   91.002604][ T3582] 
[   91.004922][ T3582] write to 0xffff888107118490 of 8 bytes by task 2994 on cpu 1:
[   91.012532][ T3582]  __dentry_kill+0x142/0x4b0
[   91.017112][ T3582]  dput+0x5e/0xd0
[   91.020735][ T3582]  step_into+0x5b2/0x820
[   91.024983][ T3582]  walk_component+0x162/0x220
[   91.029655][ T3582]  path_lookupat+0xfe/0x2a0
[   91.034160][ T3582]  filename_lookup+0x2d7/0x340
[   91.038918][ T3582]  do_readlinkat+0x7d/0x320
[   91.043405][ T3582]  __x64_sys_readlink+0x47/0x60
[   91.048257][ T3582]  x64_sys_call+0x28da/0x2ff0
[   91.052926][ T3582]  do_syscall_64+0xd2/0x200
[   91.057434][ T3582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.063321][ T3582] 
[   91.065633][ T3582] read to 0xffff888107118490 of 8 bytes by task 3582 on cpu 0:
[   91.073156][ T3582]  fast_dput+0x5f/0x2c0
[   91.077305][ T3582]  dput+0x24/0xd0
[   91.080923][ T3582]  do_unlinkat+0x259/0x480
[   91.085324][ T3582]  __x64_sys_unlink+0x2e/0x40
[   91.089984][ T3582]  x64_sys_call+0x2dc0/0x2ff0
[   91.094649][ T3582]  do_syscall_64+0xd2/0x200
[   91.099142][ T3582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.105025][ T3582] 
[   91.107328][ T3582] value changed: 0xffff888237700fb8 -> 0x0000000000000000
[   91.114412][ T3582] 
[   91.116713][ T3582] Reported by Kernel Concurrency Sanitizer on:
[   91.122842][ T3582] CPU: 0 UID: 0 PID: 3582 Comm: udevd Not tainted syzkaller #0 PREEMPT(voluntary) 
[   91.132279][ T3582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   91.142315][ T3582] ==================================================================
[   91.157413][ T6271] loop2: detected capacity change from 0 to 1024
[   91.177631][ T6271] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   91.194617][ T6271] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.818: Invalid block bitmap block 0 in block_group 0
[   91.208466][ T6271] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.818: Failed to acquire dquot type 0
[   91.248705][ T6271] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.818: Freeing blocks not in datazone - block = 0, count = 4096
[   91.278582][ T6271] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.818: Invalid inode bitmap blk 0 in block_group 0
[   91.292494][ T6271] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[   91.301274][   T31] EXT4-fs error (device loop2): ext4_release_dquot:6973: comm kworker/u8:1: Failed to release dquot type 0
[   91.313484][ T6271] EXT4-fs (loop2): 1 orphan inode deleted
[   91.320259][ T6271] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.344639][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.