last executing test programs:

2m5.152235933s ago: executing program 2 (id=3416):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0xea, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000006c0)='kmem_cache_free\x00', r1, 0x0, 0x2000}, 0x18)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x28, 0x1410, 0x1, 0x70bd2c, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x24044836}, 0xc094)

2m5.125690535s ago: executing program 2 (id=3418):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="1c0000005e007f089e", 0x9}, {&(0x7f0000000140)="373e17aefc020107020010010000000a000000", 0x13}], 0x2}, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pselect6(0x40, &(0x7f0000000240)={0x3, 0x6, 0x4, 0x1, 0x3, 0x2, 0x4be, 0x9}, 0x0, 0x0, 0x0, 0x0)
r3 = semget$private(0x0, 0x6, 0x0)
semtimedop(r3, &(0x7f00000003c0)=[{0x2, 0x4, 0x1800}], 0x1, 0x0)
semop(r3, &(0x7f0000000180)=[{0x4, 0x0, 0x800}, {0x2}], 0x2)
semctl$SETALL(r3, 0x0, 0x11, &(0x7f0000000240))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x2, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x40000000, 0x1000, 0x2, 0x0, 0x0, 0x8000002, 0x0, 0x7e150a0b, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x100000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0xfffffffd, 0x0, 0x10000, 0x5d2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x1007, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x3, 0x0, 0x1, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x2, 0x9, 0x0, 0x0, 0x7, 0xfbfffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x4fd, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x7e98263b, 0x9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2d1, 0x0, 0x0, 0xb2e, 0x0, 0xfffffffe, 0xfffffffe, 0x0, 0x0, 0xff, 0x1000, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, 0xc3f3, 0x1, 0x0, 0x800, 0x9, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0xfffffffe, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xfffffffd, 0x0, 0x0, 0xd819ac9, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffff, 0x0, 0x0, 0x80000001, 0x0, 0x10, 0x20, 0x4, 0x400000b2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1000, 0x100, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x1, 0x4, 0xfffffffe, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x0, 0x0, 0x20000040, 0xffffffff, 0x400, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0xaaf0]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x3, 0x0, 0x0, 0x0, 0xc0000001}, {0x3, 0x0, 0xb, 0x0, 0x0, 0xffffffff}, 0x7, 0x10, 0x2000000}}]}}]}, 0x45c}}, 0x0)

2m4.21176077s ago: executing program 2 (id=3436):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000380), 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r1, r2, 0x5, 0x0, @void}, 0x10)
readv(r0, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000a80)=[{{&(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}}], 0x1, 0x24040800)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r7=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r5, 0x84, 0x19, &(0x7f0000000000)={r7, 0x9}, 0x8)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r8, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r10, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TCSETSW2(r10, 0x5408, 0x0)
r11 = socket(0x1, 0x803, 0x0)
getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r12}, @IFLA_MASTER={0x8, 0xa, r12}]}, 0x4c}}, 0x0)
sendmsg$can_bcm(r0, 0x0, 0x800)

2m3.793917713s ago: executing program 2 (id=3441):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000900)=ANY=[@ANYBLOB="dbaa00fe4171101a0000000000950000000000000008f54e58ca9515ffadd3932ce05fcfce8ceb60e6a5115796dfc8cb83df1fbe8addeeb8fc9efe7fb927566101ee56ed3ba0c36676b28b3660ecbcb1fe7d1386c863b309e196d95450188836f7371ee95228f6002e0be17459df4aa08d6141e1462a331adb87463443ac7bfc67f3829c0c94d2bea3f1be8c4d5f0c3cc0b79d6e23dcc89abf92e8ac3cc6bcaa0a207dfc3c04a45314ad153a5f7372642d5b1cb6b57a6dbd54d8b42a5ac90daa90f98069b119fc8fe1582f5246e80a48f2af40f3f86b1266391750ed4031e3ac118868681641d13daa7d1f905128981b16fd5823def38c0da4f28c3393d687f586b55a0017f020de23d886cc01573797ce5dc4cf5894ecece199cfdaa3815f0cfc16eb6cfb5a3a7d4072c2d623497cddcbc2033b02effc13c1853cf22c1a146c55f92ce834b6"], &(0x7f0000000480)='syzkaller\x00', 0x5}, 0x90)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x10000, 0x1, 0x1, 0xa, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0xfd, 0x7ffc0001}]})
futex_waitv(0x0, 0x0, 0x0, 0x0, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$tipc(0x1e, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x8, 0x6}, {0xffff, 0x3}, {0x1, 0xf}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000540)=@newtfilter={0x64, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0x10, 0xffe0}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_flower={{0xb}, {0x34, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x18, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0xfffffffffffffebe, 0x4, 0xae}]}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x18, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x100c}]}]}]}}]}, 0x64}}, 0x40040)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r4=>0x0})
connect$can_j1939(0xffffffffffffffff, &(0x7f00000002c0)={0x1d, r4, 0x2, {0x0, 0xff, 0x1}, 0xfe}, 0x18)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r6, 0x8923, &(0x7f0000000040)={'vlan0\x00', 0x40})
lseek(0xffffffffffffffff, 0x8, 0x2)
prctl$PR_SET_NAME(0xf, &(0x7f0000000240)='!(*\'\x00')
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x8000, 0x0, 0xffffffffffffffff, 0x2)
msgsnd(0x0, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0)
msgctl$IPC_RMID(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0100000000000000a5f99713a4c53f19756ae0ec627411c64cfa05cae8fe6283b39947e1d330eeb094d3fb9435c1c07e7e8bcc8c513e6225aacf176932a7103aa91125b4273bc126dbc07a432f09a1ec79fff869c4c8324431ca670d4809388fddbfbbff4838c22b76fc2fc300004d06bfcf303e1260f256b5a69526d57c980619cc64b8b3b7db5a9d7570a5e3522abcfc6980c3855d700284af72abca60c07b63a18ddfee5300ee3a"], 0xaa, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='sys_enter\x00'}, 0x10)
membarrier(0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x0, 0x1}, 0x10)
sendmsg$tipc(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x80)

2m3.262743437s ago: executing program 2 (id=3446):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
shmdt(0x0)

2m3.2307373s ago: executing program 2 (id=3448):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
execveat$binfmt(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
unshare(0x2040400)
r2 = mq_open(&(0x7f0000000080)='!selin\xdb\xa1\x02\xbf\xd9l\xd7\xcd\xc0uxse\xee\x0e\xcd\xce6\xbf\xfa;\xb9-a\xb8\xef\x8de\x14\xbc\x9ej\xa1q\xa2\xa5\t\x98\x8a\x8f>\xba', 0x6e93ebbbcc088cf2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0xec})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x800}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYRESDEC=r2, @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffe6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r4}, 0x18)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0a00080002000000fc7f1000cc00000007000000b75ace957f8e708dc63ef0e5a9d7d0f48ffbde75656248aa7a566ba6d8f614c35e9c346a6fbf504c352d38872c36a1c861377234c686d03c48abecd724d77ba0ef9352261722aff7480e8d768303f04789432c1a386d38114191f116bb310b7753006c9f9bec2fe9a6e6a604b5ebe4b4260f8a129e7d", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000008000"/28], 0x50)
mq_timedsend(r2, 0x0, 0xec, 0x9, 0x0)
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r8=>0x0})
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0200000004000000060000000500000000100000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000061bd00000000000000000000000000000000000000000cae4e0e6d7948e359360e8e98002ce9595f53958aa7046e2ca37f1a70481d406621aaf4d1b96eb4fda1a7ee2e9e08b1a3a9c64490efbd57a44345586ca3878d60c81dc489b7bf0da60264"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x5, 0x28, &(0x7f0000000ec0)=ANY=[@ANYBLOB="1800000073457bad000000000700000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018100000", @ANYRES32=r3, @ANYBLOB="000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200000000000085000000860000001842000002000000000000000000000018000000eb9100000000000003000000183a00000200000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200868ac95d06208bf0ec2a60404c256c006e359f9bb98238442908000000b70300000800000085000000060000007254f4ff00000000bf91000000000000b7020000020000208500000084000000b7000000000000009500000000000000f823da1ca89a3f8eaaefe4a0e91fb7505d6a4147c476f489c55c2ece74625ab6d18ed58b94652d156659ba3e2d2939ab3d1675329fac19da4c181bff5f5f255b223ebf9d3fb4bbe080012a849db1a721c9b7f9b51352e3b0d0bee5d976d5753c7c87"], &(0x7f0000000500)='syzkaller\x00', 0x1ff, 0x8d, &(0x7f0000000640)=""/141, 0x40f00, 0x2a, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x8, &(0x7f0000000900)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000940)={0x4, 0x9, 0xfffffffc, 0xfffffffc}, 0x10, 0x0, r5, 0x8, &(0x7f0000000d40)=[r6, 0xffffffffffffffff, r6, r9, r6], &(0x7f0000000d80)=[{0x3, 0x4, 0x0, 0x3}, {0x0, 0x1, 0x10, 0x7}, {0x2, 0x5, 0xe, 0x6}, {0x1, 0x2, 0xffffffff, 0x3}, {0x4, 0x3, 0x8, 0x6}, {0x2, 0x3, 0x6, 0x7}, {0xf0db73c, 0x4, 0xd}, {0x0, 0x4, 0xf, 0x9}], 0x10, 0xfffffff8}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x14, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x6e, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r10}, 0x10)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r11, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a3000000000e4000000160a01000000000000000000010000010900010073797a30000000000900020073797a3000000000b80003800800014000000000a400038014000100776c616e3000000000000000000000001400010076657468305f746f5f62617461647600120001006d6163766c616e3100000000000000001400010067656e657665310000000000000000000a0001006772653000000000000000000000000014000100776c616e3100000000000000000000001400010076657468315f766972745f77696669001400010076657468305f746f5f626f6e64000000080002400000000604020000180a0101000b000000000000010000000900010073797a3000000000e800038008000140000000000800014000000000cc0003801400010069703665727370616e3000000000000014000100776732000000000000000000000000001400010076657468305f6d61637674617000000014000100626f6e645f736c6176655f310000000014000100626f6e645f736c6176655f300000000014000100636169663000000000000000000000001400010070696d726567300000000000000000001400010070696d726567310000000000000000001400010076657468315f746f5f7465616d0000001400010070696d3672656731000000000000000008000140000000200900020073797a3000000000d80003"], 0x330}}, 0x0)
bind$can_j1939(r7, &(0x7f0000000340)={0x1d, r8, 0x0, {0x2, 0x0, 0x6}}, 0x18)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x7d, 0x0, &(0x7f0000000080))
setsockopt$sock_int(r7, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f00000001c0)={{0x1, 0x1, 0x18}, './file0\x00'})
sendmsg$inet(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004780)=@newtfilter={0x34, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r8, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x3}}, @TCA_CHAIN={0x8, 0xb, 0x6}]}, 0x34}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)

1m48.097386825s ago: executing program 32 (id=3448):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
execveat$binfmt(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
unshare(0x2040400)
r2 = mq_open(&(0x7f0000000080)='!selin\xdb\xa1\x02\xbf\xd9l\xd7\xcd\xc0uxse\xee\x0e\xcd\xce6\xbf\xfa;\xb9-a\xb8\xef\x8de\x14\xbc\x9ej\xa1q\xa2\xa5\t\x98\x8a\x8f>\xba', 0x6e93ebbbcc088cf2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0xec})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x800}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYRESDEC=r2, @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffe6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r4}, 0x18)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0a00080002000000fc7f1000cc00000007000000b75ace957f8e708dc63ef0e5a9d7d0f48ffbde75656248aa7a566ba6d8f614c35e9c346a6fbf504c352d38872c36a1c861377234c686d03c48abecd724d77ba0ef9352261722aff7480e8d768303f04789432c1a386d38114191f116bb310b7753006c9f9bec2fe9a6e6a604b5ebe4b4260f8a129e7d", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000008000"/28], 0x50)
mq_timedsend(r2, 0x0, 0xec, 0x9, 0x0)
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r8=>0x0})
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0200000004000000060000000500000000100000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000061bd00000000000000000000000000000000000000000cae4e0e6d7948e359360e8e98002ce9595f53958aa7046e2ca37f1a70481d406621aaf4d1b96eb4fda1a7ee2e9e08b1a3a9c64490efbd57a44345586ca3878d60c81dc489b7bf0da60264"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x5, 0x28, &(0x7f0000000ec0)=ANY=[@ANYBLOB="1800000073457bad000000000700000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018100000", @ANYRES32=r3, @ANYBLOB="000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200000000000085000000860000001842000002000000000000000000000018000000eb9100000000000003000000183a00000200000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200868ac95d06208bf0ec2a60404c256c006e359f9bb98238442908000000b70300000800000085000000060000007254f4ff00000000bf91000000000000b7020000020000208500000084000000b7000000000000009500000000000000f823da1ca89a3f8eaaefe4a0e91fb7505d6a4147c476f489c55c2ece74625ab6d18ed58b94652d156659ba3e2d2939ab3d1675329fac19da4c181bff5f5f255b223ebf9d3fb4bbe080012a849db1a721c9b7f9b51352e3b0d0bee5d976d5753c7c87"], &(0x7f0000000500)='syzkaller\x00', 0x1ff, 0x8d, &(0x7f0000000640)=""/141, 0x40f00, 0x2a, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x8, &(0x7f0000000900)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000940)={0x4, 0x9, 0xfffffffc, 0xfffffffc}, 0x10, 0x0, r5, 0x8, &(0x7f0000000d40)=[r6, 0xffffffffffffffff, r6, r9, r6], &(0x7f0000000d80)=[{0x3, 0x4, 0x0, 0x3}, {0x0, 0x1, 0x10, 0x7}, {0x2, 0x5, 0xe, 0x6}, {0x1, 0x2, 0xffffffff, 0x3}, {0x4, 0x3, 0x8, 0x6}, {0x2, 0x3, 0x6, 0x7}, {0xf0db73c, 0x4, 0xd}, {0x0, 0x4, 0xf, 0x9}], 0x10, 0xfffffff8}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x14, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x6e, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r10}, 0x10)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r11, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a3000000000e4000000160a01000000000000000000010000010900010073797a30000000000900020073797a3000000000b80003800800014000000000a400038014000100776c616e3000000000000000000000001400010076657468305f746f5f62617461647600120001006d6163766c616e3100000000000000001400010067656e657665310000000000000000000a0001006772653000000000000000000000000014000100776c616e3100000000000000000000001400010076657468315f766972745f77696669001400010076657468305f746f5f626f6e64000000080002400000000604020000180a0101000b000000000000010000000900010073797a3000000000e800038008000140000000000800014000000000cc0003801400010069703665727370616e3000000000000014000100776732000000000000000000000000001400010076657468305f6d61637674617000000014000100626f6e645f736c6176655f310000000014000100626f6e645f736c6176655f300000000014000100636169663000000000000000000000001400010070696d726567300000000000000000001400010070696d726567310000000000000000001400010076657468315f746f5f7465616d0000001400010070696d3672656731000000000000000008000140000000200900020073797a3000000000d80003"], 0x330}}, 0x0)
bind$can_j1939(r7, &(0x7f0000000340)={0x1d, r8, 0x0, {0x2, 0x0, 0x6}}, 0x18)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x7d, 0x0, &(0x7f0000000080))
setsockopt$sock_int(r7, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f00000001c0)={{0x1, 0x1, 0x18}, './file0\x00'})
sendmsg$inet(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004780)=@newtfilter={0x34, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r8, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x3}}, @TCA_CHAIN={0x8, 0xb, 0x6}]}, 0x34}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)

1.441265462s ago: executing program 5 (id=6225):
unshare(0x400)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="05000000050000000100000004"], 0x48)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
recvmsg(r1, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x40000120)
r2 = openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/kernel/notes', 0x0, 0x10)
finit_module(r2, 0x0, 0x7)
sendmsg$IPSET_CMD_RENAME(r2, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000480)={&(0x7f0000000380)={0x14, 0x5, 0x6, 0x801, 0x0, 0x0, {0x7, 0x0, 0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x801)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102"], 0x50)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$inet_sctp(r4, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f00000000c0)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x0)
shutdown(r4, 0x1)
setsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000040)=@int=0x3, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r7 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r7, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xe, 0x0, &(0x7f0000000000)="259a53f271a76d2608064c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x300}, 0x50)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file1\x00', 0x1000080, &(0x7f0000000200)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@usrjquota}, {@errors_remount}, {@inlinecrypt}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@mblk_io_submit}, {@minixdf}, {@barrier_val}, {@nombcache}, {}]}, 0x45, 0x7b6, &(0x7f0000001140)="$eJzs3c9rG1ceAPDvyPLPZNdeWNjNngwLu4EQeZ31JruwsF72sBQaCLSnHpoYWTGpZStYcoiNaRNKoZdCW3prLzn356X02h+HXtr/oySkrROa0kNxGf2wZVtyrMSWkubzgYne07zRe995ozcvmrEUwBNrPP0nE3EsIl5PIkbrzycR0V9NZSOma+Xura/l0yWJjY1nvkuqZe6ur+WjaZvUkXrmjxHx+SsRJzK76y2vrM7PFIuFpXp+orJweaK8snry0sLMXGGusHh6cmrq1Jl/nDn9UOENN2d++Hr16K03/v/XD6Z/evkPH772RRLTcbS+rjmOgzIe4/V90p/uwm3+d9CV9czHL+6jUNMRkD3MxtChtGP66r1yLEajb6/+Ge5mywCAw/JSRGy009d2DQDwWEtq5///9LodAEC3ND4HuLu+lm8svf1Eortu/zcihobqudr1zVo6W79mN1S9DjpyN9l2ZSSJiLEDqH88It755Pn30iUO6TokQCvXrkfEhbHx3eN/suuehU79rfXTc82Z8R0rjX/QPZ+m859/tpr/ZTbnP9Fi/jPY4r37IO7//s/cPIBq2krnf/9uurftXlP8dWN99dxvqnO+/uTipWIhHdt+GxHHo38wzU/uUcfxOz/fabeuef73/ZsvvJvWnz5ulcjczA5u32Z2pjLzMDE3u3094k/ZVvGn4/9gtf+TNvPfc/X0wH3qeOpfr77dbl0afxpvY9kd/+HauBHxl5b9n2yWSfa8P3GiejhMNA6KFj6ajpF29Y9nt/o/XdL6G/8X6Ia0/0f2jn8sab5fs7zvl968W+yrG6OftSvUfPy3jr/18T+QPFtNN469qzOVytJkxEDy9O7nT21t28g3yqfxH/9z6/d/Y/xrcfw/l77+hX3uiOytb99/8PgPVxr/bEf933Eihu7N97Wrf3/9P7Vtm/2Mf/tt4IPuNwAAAAAAAAAAAAAAAAAAAAAAAADoRCYijkaSyW2mM5lcrvYb3r+PkUyxVK6cuFhaXpyN6m9lj0V/pvFVl6NN34c6Wf8+/Eb+1I783yPidxHx1uBwNZ/Ll4qzvQ4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqOtPn9/9Q3gzsK9/WihQDAoRhyYgeAJ02Szfa6CQBAtw11VHr40NoBAHRPZ+d/AODXwPkfAJ489zn/7/wzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjUubNn02Xjx/W1fJqfvbKyPF+6cnK2UJ7PLSznc/nS0uXcXKk0Vyzk8qWFti90rfZQLJUuT8Xi8tWJSqFcmSivrJ5fKC0vVs5fWpiZK5wv9HctMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYv/LK6vxMsVhYkuhJYv7LWj88Ku2R6CwR12r996i05+ASMbA1Sgz3ZnACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeAz8EgAA//99gB7t")
mkdir(&(0x7f0000000040)='./bus\x00', 0x10b)
rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./bus\x00')
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb0100180000000000000040000000400000000200000000000000000000090400000000000000000000010500000008000000000000000000000300000000020000000200000012000000000000000000000b"], 0x0, 0x5a}, 0x20)
unshare(0x24040000)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(r4, 0x84, 0x79, &(0x7f0000000440)={0x0, 0x1, 0x6d}, 0x8)
semtimedop(0x0, &(0x7f0000000040)=[{0x4, 0xbd2a, 0x1000}], 0x1, &(0x7f0000000080)={0x0, 0x3938700})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0xe, &(0x7f0000000000)=ANY=[@ANYBLOB="0082010105000000852000000400000000000000000300000000000000000000184100000004000000000000000000009500000000000000950000000000000014583000ffffffff18160000", @ANYRES32=r0, @ANYBLOB="000000000000000045abffff00000000183800000400"/32], &(0x7f0000000580)='syzkaller\x00', 0xa, 0x5, &(0x7f0000000140)=""/5, 0x40f00, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x7, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[r0, r0, r0, r0, 0xffffffffffffffff, r0], 0x0, 0x10, 0xfffffffe}, 0xc3)

1.046351634s ago: executing program 0 (id=6235):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1f00000000000000000000000010", @ANYRES8=r0], 0x48)
syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0x707b, 0x0, 0xc, 0x288}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f687372000000001400010076657468315f766c616e"], 0xfc}}, 0x20000004)

982.38498ms ago: executing program 0 (id=6237):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r2}, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)

928.613674ms ago: executing program 0 (id=6241):
r0 = socket(0x40000000015, 0x4, 0x9)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e27, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1803000000000000000000ddffffffff17110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000005c0)={@dev={0xfe, 0x80, '\x00', 0x40}, @remote, @remote, 0x3, 0x2, 0x5, 0x400, 0xb7, 0xc20022, r2})
syz_emit_ethernet(0x82, &(0x7f0000000040)=ANY=[], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
gettid()
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000200)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000001600)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU")
open(0x0, 0x20042, 0x45)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', 0xffffffffffffffff, 0x0, 0x447}, 0x18)
kexec_load(0x4, 0xa, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x5e, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd603000bb00282b00fc020000000000000000000000000000fe8000000000000000000000000000aa"], 0x0)

847.928891ms ago: executing program 1 (id=6245):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000380)='kmem_cache_free\x00', r2}, 0x18)
fchdir(0xffffffffffffffff)
r3 = epoll_create(0x8)
close(r3)

776.216456ms ago: executing program 1 (id=6247):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1f00000000000000000000000010", @ANYRES8=r0], 0x48)
syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0x707b, 0x0, 0xc, 0x288}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f687372000000001400010076657468315f766c616e"], 0xfc}}, 0x20000004)

760.475698ms ago: executing program 0 (id=6250):
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e27, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1803000000000000000000ddffffffff1711", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f00000005c0)={@dev={0xfe, 0x80, '\x00', 0x40}, @remote, @remote, 0x3, 0x2, 0x5, 0x400, 0xb7, 0xc20022, r2})
syz_emit_ethernet(0x82, &(0x7f0000000040)=ANY=[], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000200)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000001600)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU")
ioprio_set$uid(0x3, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r4, 0x0, 0x447}, 0x18)
kexec_load(0x4, 0xa, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x5e, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd603000bb00282b00fc020000000000000000000000000000fe8000000000000000000000000000aa"], 0x0)

710.575942ms ago: executing program 1 (id=6253):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021d080006007c09e8fe55a10a0015800a00142603600e1208000f0000000406a80016c0080003400400027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277c0700bace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x4000)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r1, @ANYRES8=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001b00)=ANY=[], 0x120}}, 0x0)
r4 = socket(0x2, 0x80805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f00000003c0)={<r6=>0x0, 0x1c, &(0x7f00000002c0)=[@in6={0xa, 0x4e21, 0x4, @ipv4={'\x00', '\xff\xff', @local}, 0x8001}]}, &(0x7f0000000140)=0x10)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f0000000100)={0x3, 0xb71e, 0x4, 0x0, 0x8, 0x38, 0x7f, 0xfec6, r6}, 0x20)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000380)={'bond0\x00', <r7=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYRES32=r2, @ANYRES32=r7, @ANYBLOB="14000200fe8000000000000000000000000000aa080009003f0c0000140001"], 0x48}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x6, 0x7})
setrlimit(0x40000000000008, &(0x7f0000000080)={0x0, 0x6})
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r8, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmmsg$inet(r8, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4008804)

658.942006ms ago: executing program 3 (id=6256):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x34, r1, 0x201, 0x70bd2d, 0x25dfdbff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0201}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

658.322706ms ago: executing program 1 (id=6257):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
recvmsg(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000002640)=""/4096, 0x1000}, {&(0x7f0000000540)=""/167, 0xa7}], 0x2}, 0x22)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, &(0x7f0000000180)=0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x800}, 0x18)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x85, &(0x7f00000000c0)={r2, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x833, 0x0, 0x4}, &(0x7f00000001c0)=0x9c)

604.755581ms ago: executing program 1 (id=6258):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r3, 0x5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)

587.595542ms ago: executing program 0 (id=6260):
r0 = socket(0x40000000015, 0x4, 0x9)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e27, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1803000000000000000000ddffffffff17110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000005c0)={@dev={0xfe, 0x80, '\x00', 0x40}, @remote, @remote, 0x3, 0x2, 0x5, 0x400, 0xb7, 0xc20022, r2})
syz_emit_ethernet(0x82, &(0x7f0000000040)=ANY=[], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
gettid()
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000200)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000001600)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU")
open(0x0, 0x20042, 0x45)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', 0xffffffffffffffff, 0x0, 0x447}, 0x18)
kexec_load(0x4, 0xa, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x5e, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd603000bb00282b00fc020000000000000000000000000000fe8000000000000000000000000000aa"], 0x0)

538.013556ms ago: executing program 5 (id=6261):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000340)='leases_conflict\x00', r3}, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)

533.986707ms ago: executing program 3 (id=6262):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1f00000000000000000000000010", @ANYRES8=r0], 0x48)
syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0x707b, 0x0, 0xc, 0x288}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f687372000000001400010076657468315f766c616e"], 0xfc}}, 0x20000004)

527.851857ms ago: executing program 5 (id=6264):
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e27, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1803000000000000000000ddffffffff1711", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f00000005c0)={@dev={0xfe, 0x80, '\x00', 0x40}, @remote, @remote, 0x3, 0x2, 0x5, 0x400, 0xb7, 0xc20022, r2})
syz_emit_ethernet(0x82, &(0x7f0000000040)=ANY=[], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000200)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000001600)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU")
ioprio_set$uid(0x3, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r4, 0x0, 0x447}, 0x18)
kexec_load(0x4, 0xa, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x5e, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd603000bb00282b00fc020000000000000000000000000000fe8000000000000000000000000000aa"], 0x0)

507.029289ms ago: executing program 3 (id=6265):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r2}, 0x10)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)

453.477083ms ago: executing program 5 (id=6267):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
openat(r0, &(0x7f00000000c0)='./file0\x00', 0x6a1c2, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x8, 0xd9}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb77, &(0x7f0000000c40)="$eJzs3c9vFFUcAPDvzG5LKWgX40GMCTUeIDFsW0BB4gE8Gg8mkqAnXPuDNCxgaE0sIbHcTLyowZMnT2qiR6+GGPXkweiJ/8CQEFP4A2pmdnZZ6W5LYcuQ8vkks/vePJb3nSbffW86bzoBPLHGs5c0Ym9EfJ5EjBX704gYzksjEcutf3dn5cp0tiWxuvrOv0kkEXF75cp0+/9Kivdd2Us1/2T89UvEM5W1/S4sXT7XaDZnLxX1icXzH04sLF0+OH++cXb27OyFQ69OHp567cixV44M7FiXjqaf/fnmG99dO/P1Hz8ee+HTJE7E7qKt+zgGZTzGOz+TbtWIeG/QnZWkUhxPr+MEAODxk3bN4fbGWFTyUstY1OdLDQ4AAAAYiE8iYhUAAADY5hLn/wAAALDNtdcB3F65Mt3eyl2RADwqt05GRK2V/+37+1st1VjO30diKCJG7yRddwa17veuDaD/8Yj44auj+7Ittug+fKC35asR8Vyv8T/J87+W/xWPtfmfRsTkAPofv6cu/+HReZj8PzGA/uU/AAAAAAAADM71k60L+Wuv/6Wd9T/R4/pfpce1uwex8fW/9OYAugF6uHUy4vWuZ/vc6cr/Qq1S1J7K1wMMJXPzzdnJiHg6Ig7E0I6sPrVOH9/+dPzvfm3d6/+yLeu/vRawiONmdcf/PzPTWGw8zDEDLbeuRjxf7ZX/SWf8T/qs/337Pvv47fTPc/3aNs5/YKusfhOxv+f4f/eJbsn6z+ebyOcDE+1ZwVqnX/z1+379y38oTzb+j66f/7Wk+3mdC5vvY3L04Nl+bQ86/x9OTuVPFR0u9n3cWFy8NBUxnLy1dv+hzccM21E7H9r5kuX/gZd6n/+vN//Pkuz94lsijYhG8Z7VP7inzx1nfv+iXzzGfyhPlv8zmxr/N1/48t2VU/36v7/x/0g+ph8o9vj9H6zvfhO07DgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgcZJGxO5I0nqnnKb1esSuiHg2RtPmxYXFl+cufnRhJmuLqMVQOjffnJ2MiLFWPcnqU3n5bv3QPfXDEbEnIq6N7czr9emLzZmyDx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICOXRGxO5K0HhFpXk7Ter3V9s9Y2dEBAAAAA1MrOwAAAABgyzn/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAh7dl3/UYSEcvHd+ZbZrhoGyo1MmCrpWUHAJSmUnYAQGmqZQcAlMY5PpBs0D7St8UMAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBJsn/v9RtJRCwf35lvmeGibajUyICtlpYdAFCaStkBAKWplh0AUBrn+ECyQftI3xYzCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAnycLS5XONZnP2koKCgkKnUPY3EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANvZfwEAAP//vlL7zw==")
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@journal_dev={'journal_dev', 0x3d, 0x2d353}}, {@nobh}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tcuTEXE1f9tURHztyxHfTA7Gbe7sri/WatWtvFxp1TcrzZ3d62v1xdXqanVjfn7ujYU3F15fmM1yT9TOUi/zky99/vanv/W7G3++9u12tT73kShEXztOUrfphc626Glvo63TCDYCE3l7CqOuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymsxKP7lU45f6myawfHTiLh6AvFhnN1p9z9vDfr+pfFS53Xw928yT09qeP+X5pGf7/Rzg/qfZw+srT4wxgv3flYZGv9WxAuTg/ufXv+bDIn/8oG1/SvLsoMxvvH13d1h8bMfR8wM/P1JHotVadU3K82d3etr9cXV6mp1Y35+7o2FNxdeX5itrKzVqvnfgTG+97GfPzys/VcGxP/tb7r972Htf2XYSvv8597N+x/qZguD4l97eeDv71QMiZ/mv32fzPPt+TO9/F43v9+LP7374mHtXx6y/Y/6/K8ds/2vfvW7vz/mogDAGWju7K4v1mrVrUMyU8dY5mnM/GLqXFTj/8xk3+l+cuelPu83095bfTSl16pzULF9mezMYk3EOWny/zIj7ZYAAIBT8Ginf9Q1AQAAAAAAAAAAAAAAAAAAgPF1FrcT64+5N5qmAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAc6r8BAAD//0wa4Aw=") (fail_nth: 2)

445.997904ms ago: executing program 0 (id=6268):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021d080006007c09e8fe55a10a0015800a00142603600e1208000f0000000406a80016c0080003400400027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277c0700bace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x4000)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r1, @ANYRES8=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001b00)=ANY=[], 0x120}}, 0x0)
r4 = socket(0x2, 0x80805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f00000003c0)={<r6=>0x0, 0x1c, &(0x7f00000002c0)=[@in6={0xa, 0x4e21, 0x4, @ipv4={'\x00', '\xff\xff', @local}, 0x8001}]}, &(0x7f0000000140)=0x10)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f0000000100)={0x3, 0xb71e, 0x4, 0x0, 0x8, 0x38, 0x7f, 0xfec6, r6}, 0x20)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000380)={'bond0\x00', <r7=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYRES32=r2, @ANYRES32=r7, @ANYBLOB="14000200fe8000000000000000000000000000aa080009003f0c0000140001"], 0x48}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x6, 0x7})
setrlimit(0x40000000000008, &(0x7f0000000080)={0x0, 0x6})
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r8, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmmsg$inet(r8, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4008804)

421.899896ms ago: executing program 1 (id=6269):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000002640)=""/4096, 0x1000}, {&(0x7f0000000540)=""/167, 0xa7}], 0x2}, 0x22)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, &(0x7f0000000180)=0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x800}, 0x18)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x85, &(0x7f00000000c0)={r3, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x833, 0x0, 0x4}, &(0x7f00000001c0)=0x9c)

390.193658ms ago: executing program 4 (id=6270):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfe, 0x0, 0x7ffc0002}]})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r2}, 0x18)
r3 = memfd_create(&(0x7f0000000a80)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xd9\x19\x17\xb0\xed|\xb3\xc2\x017h\xe9kL\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f2\xf7]#\xed,\xc7\x03\x00\x00\x00\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4R$\xaa\x00U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96', 0x5)
fsetxattr$security_selinux(r3, &(0x7f0000000480), &(0x7f00000004c0)='system_u:object_r:hwdata_t:s0\x00', 0x1a, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r5, 0x8983, &(0x7f00000002c0)={0x2, 'veth1_to_bond\x00', {0xb5b}, 0x2})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r6=>0x0})
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000001700000095"], &(0x7f00000005c0)='GPL\x00'}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r7, r6, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000a40)=ANY=[], 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009518000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x18)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x304}, "d524c18c21e24872", "c6a71e72e7ff122a782a7f00", "e471e97b", "6168e4a7e349a0d4"}, 0x28)
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r10=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r9, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @mcast2}, {0xa, 0x0, 0x0, @loopback}, r10, 0x4}}, 0x48)
close(r0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0)

354.570751ms ago: executing program 3 (id=6271):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000a40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x4)
r4 = openat$cgroup_ro(r3, &(0x7f00000011c0)='cgroup.stat\x00', 0x5000000, 0x0)
readv(r4, &(0x7f00000012c0)=[{&(0x7f0000000100)=""/4096, 0x1000}], 0x1)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
mmap$IORING_OFF_SQES(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000008, 0x10, r3, 0x10000000)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6, 0x0, 0x2}, 0x18)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="54000000000801010000ffffe00000000a000000050003002f0000000600024000000000240004800800024000000000080001400000fcff07000140800000010800014080000001090001"], 0x54}, 0x1, 0x0, 0x0, 0x4004}, 0x2800c804)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x34, r7, 0x201, 0x70bd2d, 0x25dfdbff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0201}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

353.965501ms ago: executing program 4 (id=6272):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000380)='kmem_cache_free\x00', r3}, 0x18)
fchdir(0xffffffffffffffff)
r4 = epoll_create(0x8)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f0000000040)={0xf6c447fe659261fa})
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={0xffffffffffffffff, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
close(r4)

313.864434ms ago: executing program 4 (id=6273):
r0 = socket(0x848000000015, 0x805, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c)
close(0x3)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0xc00)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000100)=0xffffffffffffffff, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b705000008000000850000006900000095", @ANYRES32=r3], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000001c0)={'veth0_to_bond\x00', 0x2})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], 0x0}, 0x94)
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd6018232500082c"], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0xffc7, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x80}, 0x48)

127.28558ms ago: executing program 5 (id=6274):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000340)='leases_conflict\x00', r3}, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)

126.773719ms ago: executing program 4 (id=6275):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1f00000000000000000000000010", @ANYRES8=r0], 0x48)
syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0x707b, 0x0, 0xc, 0x288}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f687372000000001400010076657468315f766c616e"], 0xfc}}, 0x20000004)

116.52676ms ago: executing program 3 (id=6276):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000380)='kfree\x00', r0}, 0x18)
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='cgroup\x00')
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x20280, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x18)
preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000000380)=""/131, 0x83}], 0x1, 0x12e, 0x0)

102.408751ms ago: executing program 5 (id=6277):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r2 = memfd_create(&(0x7f0000000180)='\x00\xac=W[[\x87\x12\x04\xd5\xbc\x80K\x06\xcd]4(\xa2\xee2>\xa1\x9c\x86x\x1c\x9f\x97\x87\xd9c\xecR\xd6\xe8\xf3Y\x121p^\xc1\x0f\x00\x00\x00\x00\x00\x00\x00t\x00\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\x00M\xc2N%\x93t[\xf3\xee\xa4\xb4\xfbf\x8dz7\\\x8e\xac\x18\x00\xfd\x89\xe1d\xfa\xcfb\xf3\xdc\xd4CY\x9a\xef\xa3\\\xa7\xa9^\xafL:[\x8e\x83U\xff\xfd\xb0\xfa\xdaL\xa99\x9b\xcfA\xe4n\xa0^\n\x1c\x84\x04\xc5a\xdf\xe5\xd4Hyn\xba:/\xa5\xf4\xaa\xfa\xcd\xc7T\x83\xf5N^\xf2n\xd0=\xb9\t\xdd-F\xacb\xac \xd3\xccj\x13\xa2\x9fLu\'\xed\x91\x867\xaa\xf5\xa0]\xb6\xaa\xea\xfd\xde\xa6\xec\b\x16\x86l:;\xf9\xdb\xcf\x88\"\xca\xe0E\xdb\xec\xf9\xb3\xed\a\x00\x00\x00\x00\x00\x00\x00\xd6.\xf7\x92\xc42\xdf\xefE\xce}\x1b\xda\xdd?\n6\xe1\xb1\xd8Y\x960\xd1\x00\x00\x00\x00\x00\x00MW\x8f\xc6\x82\xe4\x15\xf7\xe9\xd8\xc5b\x0e\x91\xc5\xc76$\x18\xa4\xbe\xe8V\x8d-\xe3\x8fC\xd5\xf5\xd6L\xe3\xce\xa1\x8dz\xce\xa7\xa5\xc8\xcbhM\x1b\xf8\x98\xc4\xfbD6\x88\xfd\xe5i\x8a\xd8\xcfm\x81Z\x19\xf0\xef\xc15\xe8\xcb\xf5\t\t\x00\x17\xfa\x1fqb\xe7\"\xcb4\xb8\xe5/\xd52\x17\x12\x1d\xd8\x87\xb9|\x8d\x83\xea\xcc\x94\xebZ\xae\xaf\x19\xa4\xb2\xc6\xe1\x926B\xb6\x89Z\xa9\xb5/\xbb\x9d&\xeeO\xb3\xb3\xd4\b`\xa9f\x84\xad\t\x1a\xc2\xd5\x88\xbfo\x80V\x93\x9fX\xd7\xff\x03\xb7J\xed\x183\xe3\x7f\xfaq,\xca\x06\xb0\xc9\x92\x93\xa5I\x89\xb7\x85\x90\xb7\x1b0\xce\xd7!\x8fD\x96\xe1 ^>\x9f\x04\x89<\xb7S\x7f\x1a\x88\xab$\xd3y\xc2\xe1\x99\xbch\xd3\x83\xcd\x7f\xc5n\xb1\xc1X \xe2\xbb\x1f\x01\x90\xb1O\x8d\x7f\xa8\xd4\xdbO\xef\x99\xf3\xd3M\x0f\t\x7f\n,\x84\x1f\xfa\xe2\xc8\x99\x97Oq\xae\x9b\x86h\xfa3\xb9\xfd\xbb\xd4^\xc0t\xa7]Y\xe9\x7f[\x11\xb1\xf3m\x17F\x9d\x18\xe2\xe1\x01\xb6f=-?\xbcI\xf2\xd9\xc4>-\xc0E\x9a\x82\xcc7S\xd4\xb6\'\xd2DY\xa5\x83,\xd1\xbc\xc7\xf6\xe0\x1f o\x06\xc2t\x14\xc2\xe0\x92\xc1\x8a\x85>@\xc9\xb0% \xc7\x13l\x8bJ\xe5\xec\x1dE\xf5\xc5\xe2\xe3\x10G7r#\xbc\x95&\x14\x1e\x97\xce\x83>Q@\xfb\xeb=\x1e\xb3\xd5H\x02\x86\xc6\xf3\xe1i\\\x1d\xf4\xc1\xacJC+\xc8}\x1b{\x86\x17\x00\n\"\xec\xa5x\xe6\xb1i\xeb\xb3\xb7I\x90\x9eai\xde\x01\xdc\xfeA\x05Sn\xe6\xe8^\xdf\x8c`\x17\xca\xbd\\QG\xb15\x82*=\xbd\xe9\xaf\x12<\xd7\xe1$\xa4\xdaU\xfb^\xd8!\xacxy\xd5X\xef\x03\xa7\x10\xa1C#S~\x0f\x17\t>X\\mv0\x9eZ\x89\xf4\xae\a\xc8\x16\xd2t\x16\xf3X%Q\xbd\xe9\x86V\xf2\x99^0\xe8xI(\xde-\x04s\x15\x06#2\xef\xef@\xa3t0d^^\xad\xf6\xad\xe0\x16\xf6\xa8\x99!\x0e\x9d+;D&\xebN\x94\x12\x04\x95o\xd6\x9fl\xcb\x16gc\xf5(\xaa_\xec\x9aiE\f\xd4\xc6\xf2\xae\x85n\x995\xcd\xa7\xbb\xf0pz\xaf\tC\x1cq\xaa\x92,Li\r\x95Z\x89\"\xaf]\x95\xb9b_\xe4\xba\xd4\x93\xab\xe1\xb9\xd8E[\xbb\xc9.M+\xbe\x81<z\xf2\xe8\xf4\x93\xe6h\x97\x7f\xaf\xc5\x06g\fI\xa58\xf5\x18x\xc9\xb9\x03\t\x06\x96gf5\xb0\xc8\x86\x14\xe2\x01\x1f\x80\xe7Ol\xba\x93\xaa\x15\x87I7W\x87\xc4;p\xc5\x1e\"K5r\xec6\xac\xf0;\xf8 \xad\xc9\xf0\x16\xce\x17\xa1%f\x12\x80\x03N[qz\xf0q\xbd\xb8s\xe5>N\xd2\xae\xf4\x18\xd0\xe7\x98\x90,\xce\ft\xc4\xc7\x02\xaa\xc7\xeb1;\x86b\x8f\x12{k#c\x1d@\xc31\x00\xd2}f\x8cX\xce\xed\xa4\xe4\xca`<_}\'\xce\x81\xb3O\xae\xa1\xbfwcN,\xf2#\x16\xc4\xad\a&\xb1U\x83w\xd0K\xaa\xdf\x84\xe5\xe4\xdb\xa3G(\x7fv\x93\xb8m\x96\xd89Kb\xa9\x852\xb9\xcaG\x8b\x11\x16\x16\xeeI\x14\xcb\xe4\x9a\x1e\xb6^\xa3\xaa^\xdc\xcfo\xfb\xd6<\xa2\xc6\xbdj\xc4\xb1B\xf3S}\xfeI\xe2e\xec}o\xcfB\xa6\x877\'\x80\x82\t\xec\xc1&\xb8\xa9\x82&\xb8XQ8M@\xaa\x1f\vj\x9aW\xec\x92\x19\xdb^\x9d\x94\x87-&\x00/z\xa2\xd7\x01\\\t\xae~\xed\no\x1a\x9cKG^+\xc9\xe0v\xc0\x96\xc4\xcc\xb7\xdd\xdf\xf9\x01\x91\xe5\to[\x97\xbe\x110\x93\x14\xf8\x8a\x8d\xeb\t\xe7?/C\xaa\xd9\xc4\xc9\xbe\x12\xed\xb3*f\xd1J\x14\x80Iy4\xa9\xf88C\xe3', 0x2)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x26, &(0x7f0000000380)={0x1})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x7, &(0x7f0000000640)={0x0, 0x0, 0x6})
close_range(r2, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000010000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x40000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000c40)='./file0\x00', 0x808080, &(0x7f0000000c80)={[{@discard}, {@bh}, {@noblock_validity}]}, 0x2c, 0x52c, &(0x7f0000000640)="$eJzs3d9rY1kdAPBvMv2Rdjrbru7DKuqO6+oowyRtZrcs+6DriyDLssK6TyKzpc2U0qQpTbpua8EO+Oar4IBP+if4IPggzJPvvumbLyMojDo4TAWRyE1uOm2adMq0aWaazwcuOefc2/s9J3DP6T1J7glgaF2NiN2IGIuIjyNiOi3PpFu829qS4x4/3Fnce7izmIlG48N/jqRH7iy2j2+7nJ4zF/FBkh/vEre2tb26UC6XNtJ8oV5ZL9S2tm+sVBaWS8ultWJxfm5+9u2bbxXPrK2vVX7z4Dsr7330+9998f4fd7/x46TO32rtGkvadmaBDmi9L6MxdaAseefe60ewAbiUtmds0BXhmWQj4jMR8Xqa3pcbXJ0AgP5qNKajMX0w31vmBMcAAM+/5J5/KjLZfHr/PxXZbD7fnMPLvRKT2XK1Vr9+u7q5thTNOayZGM3eXimXZtO5wpkYzST5uWb6Sb7Ykb8ZES9HxM/HJ5r5/GK1vDSof3oAYMhd7hj/H423xv8T8AkBALzIjOQAMHyOjv+jA6kHAHB+3P8DwPA5MP53+60uAHAB5Tp++w8AXHwH7v9Huh7wavzkh+dXHQDgHPj8HwCGyvfefz/ZGnvp86+XPtnaXK1+cmOpVFvNVzYX84vVjfX8crW63HxmT+Vp5ytXq+tzb8bmp4V6qVYv1La2b1Wqm2v1W83net8q+WEBAAzey6/d+3MmInbfmWhu0V7LwRcC4MJzmcPwujToCgAD0/37PsAwMB8PZJ6yv+dXhO72/puJU9QH6L9rn+sx/9/tf4M7+6n/Nc6vikCfmP+H4XW6+X+zB/AiM/8Pw6vRyFjPHwCGzAnu4H1FEC64Z/78HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbYVHPLZPPpWuBTkc3m8xFXImJmYjRze6Vcmo2IlyLiT+Oj40l+btCVBgBOKfv3TLr+17XpN6Y6945l/jPefI2IH/3yw198ulCvb8wl5f/aL6/fTcuLXQOM978NAMABI50F7XG6PY631/d9/HBnsb2dZwUffLu1uGgSdy/d2lVvVT4XoxEx+e/MocZkzmhh4t07EfFqZ/uz+/tn0pVPO+Mnsa/0LX40Wzh1KH72UPxsc1/rNXkvPnsGdYFhcy/pf97tdv1l42rzNb3+Moc701z87Gjn+gza/d9eo7P/a13vH1zJNfuabv3f1ZPGePMP3+25786lxudHIvaO9L/tFaFzzdSR+CMRb3Q74U+/+Wizo+gvX/jS673iN34VcS2Oi99KFeqV9UJta/vGSmVhubRcWisW5+fmZ9+++Vax0JyjLrRnqo/6xzvXX+rd/ojJHvFzx7U/Ir7a66Qdfv3fj3/w5WPif/0r3eJn45Vj4idj4tdOGH9h8rc9l+9O4i/1aP/Iofhjh/4uKbt+wvj3/7q9dMJDAYBzUNvaXl0ol0sbEqdN5Pp15svPSQMleiT+9tGha2rg9TmTxMC6JOCcPLnoB10TAAAAAAAAAAAAAACgl9r300f+9fHHcINuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfX/wMAAP//OkHLZw==")
pipe2$9p(&(0x7f0000000100), 0x6880)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a3200000000140000001100"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002680)=ANY=[], 0x88}, 0x1, 0x0, 0x0, 0x10}, 0x0)
ioctl$BTRFS_IOC_QGROUP_ASSIGN(r7, 0x40189429, &(0x7f0000000140)={0x0, 0x6, 0xc6})
r8 = socket$unix(0x1, 0x1, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000380)={'bond0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000240)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mq={0x7}, @TCA_RATE={0x6, 0x5, {0x0, 0x7}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x6, 0x9, 0xffc0, 0x0, 0x2, 0x8, 0x80000001}}, {0x4}}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x4850)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000011c0)={r4, 0x20, &(0x7f0000001180)={&(0x7f0000001080)=""/87, 0x57, 0x0, &(0x7f0000001100)=""/113, 0x71}}, 0x10)
vmsplice(r6, &(0x7f0000000ec0)=[{&(0x7f00000003c0)="89e4f4d5cd25625e4cc5edf016f78fa729d2c99a6d637dde43c97b5136ad78e31f052e9d8873f8db6e1b9c1a7f7beec2a11ce44c080449c59d892fa6aa7a50fe2c94c4fe0a8c5bd9468a909fe0e96cab4b99b918d82ccfeb81cf16f01d8e0278d5158cb10cc398af5c151d48227a71445217595f6a2e5bc51a1c408485c6e3cd5f68f1", 0x83}, {&(0x7f0000000280)="b10dbeb603989aadf4e6e437c9b231a46760761c06141f281c786ce79abb6fe56ccd1c18a8dfd51f", 0x28}, {&(0x7f0000000480)}, {&(0x7f00000004c0)="5f60dfb36b82271664cebc92ccff7d683527458798e98154537668e49ab069860c93f50846a48794ccb16619af69a47833253db63da68577f68e03b570f6ce68860b89cac63a4a4099ae9d828bdb4d7339ec5f272fc51484a0b6333bc3aa91c17f3c39d1471fdc8ff11cbd6b28fece09a8fc72aa23fb3e6040fc81a290ea4bd54456de9af481215dab9ba15498bb2192b4174593f5ff934eb29f7826ed43b7dc48bc4fe40282c7e9c1b47719c69985690fbd9a6ad18c760459d328100c7c59edc3c32e02a2c56a7e5ace2879b4977c0ee00e372608d07919bed4da1ae7509ed4c213e075c178e2c1bef836a867fed69d861e87f6e2e47dff5adc9e1174ce", 0xfe}, {&(0x7f00000005c0)="29b03bca70f4b758b35c04fcff1ca18020b6404eeb57bfcdd736a6e5d6e94160d6d349e9e5f186f13708baf96efbca768cd7a183b12fbaa7b66fccb1a2", 0x3d}, {&(0x7f0000000b80)="e6dc3ceb339a0e092ffd1be706e23d231d995f4841ddd85a715cac186f469661649295c5701ce301791133ef8519a204e6cc6171e5d4de017c845d7c9e0acd7d629bee698b76086b7b46aacd02bfca741209c47a9666eb757b82a8e16ad30374536bd1bdf1b1ab77d422010ae1198501ab1b9ba9ef72dde1505ba1eb", 0x7c}, {&(0x7f0000000cc0)="cd8d9bdd334dddadb2d1b648163b1ae261bb9f9c1e3fdfe9fa4990c99598e4841229d3d4af377623930fd307aeac4fa8601ded27ff5218c2aa2ba482412016aeca550909c5f8d59a8e5d557426008000a6d5d90d51e8b91732c9f8af1c565f86d0dce6d15d8e6fdd86b0a4950ed674cf6911e39200ed7d8b33e51eedf2c3212d6eddec4dbe8ac64fe2c42fdcb34c5d8a70e8b4f85594136f2da173cf3c4e04419e02d005e2705742a6170428ab95d87cbda6eb2a7f47c46f5a6a5eace3580c2635f9ee1306f979a090689534c720163df2bb18d994ef036c976e31b6a19c6b45d5fdddd0fec5d6ff9a13fe0d832ede0df0d37b", 0xf3}, {&(0x7f0000000dc0)="755261ab0fe6ab9ca398c23a7c62bb867f63fa9ebc83a0b999dbf03f38bfd971ad1eaa3374463261105e383f55931d3f9c8a859b9d2985b72b989c58bdc8d3438628c30c35c14a66899864b002efa9c73cd97622446a1bc78a266c64c0db953cfd2e6db76d61f080ee43c4d4d87cd2bb6613e55a43ad4699643f940702eea1d6a72eb261ca8ce6adab37e34986a50be3ae3b84698d85ebc861a74bf6d3ce323b8a202c81d5a3aba82e9bb321247e694a4b6b238aa56fce59f0856254431ef03a2f2519ddbee9fe94d7385391f0d40f70ceb6", 0xd2}], 0x8, 0xa)

89.641673ms ago: executing program 3 (id=6278):
r0 = socket(0x40000000015, 0x4, 0x9)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e27, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1803000000000000000000ddffffffff17110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000005c0)={@dev={0xfe, 0x80, '\x00', 0x40}, @remote, @remote, 0x3, 0x2, 0x5, 0x400, 0xb7, 0xc20022, r2})
syz_emit_ethernet(0x82, &(0x7f0000000040)=ANY=[], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
gettid()
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000200)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000001600)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU")
open(&(0x7f00000001c0)='./file1\x00', 0x20042, 0x45)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
kexec_load(0x4, 0xa, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x5e, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd603000bb00282b00fc020000000000000000000000000000fe8000000000000000000000000000aa"], 0x0)

88.990653ms ago: executing program 4 (id=6279):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x2008002, &(0x7f00000001c0)={[{@usrquota}], [{@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@appraise_type}, {@subj_user}, {@defcontext={'defcontext', 0x3d, 'root'}}, {@fscontext={'fscontext', 0x3d, 'root'}}]}, 0x1, 0x55f, &(0x7f0000000d00)="$eJzs3c9vHFcdAPDvjH9t0zROoAeogAQoBBRlN960UdVLwwWEqkqIigPikBp7Y5nsZkN2XWoTCfdvAAkkTvAncEDigNQTB24cEELigBDlgFTAAsVIHBbN7Njd2rvNNl7v1t7PR5rMj/dmvu+ts/PevrXnBTC1LkXEdkTMR8RrEbFYHE+KJW52lyzfw50HK7s7D1aS6HRe/WeSp2fHoueczJPFNUsR8fWvRHw7ORy3tbl1Z7ler90v9ivtxr1Ka3Pr6npjea22Vrtbrd5YunHthevPVw+c+Ydzj1vXi41fvPPl9Ze/8etfffLt321/8ftZsc4Wab31GKVu1ef242RmI+Ll4wg2ATPFen7C5eDxpBHxkYj4TP7+X4yZ/H8nAHCadTqL0Vns3R+gNDAFADhh0nwMLEnLEZGmRSeg3B3DezrOpPVmq33ldnPj7mp3rOx8zKW31+u1axcW/vTdPPNcku0v5Wl5er5fPbB/PSIuRMSPFp7I98srzfrqZLo8ADD1nuxt/yPiPwtpWi4PdWqfb/UAgBOjNOkCAABjp/0HgOmj/QeA6TNE+1982b997GUBAMbD538AmD7afwCYPtp/AJgqX3vllWzp7BbPv159fXPjTvP1q6u11p1yY2OlvNK8f6+81myu5c/saTzqevVm897Sc7HxRqVda7Urrc2tW43mxt32rfy53rdqc2OpFQDwfi5cfOuPSURsv/hEvkTPXA7aajjd0hHmAk6WmaOcrIMAJ5rZvmB6DdWE552E3x57WYDJ6Psw71Lfzff6yQcI4veM4EPl8seHH/83xzOcLh9wZP/3xzJJPjARjzf+/9LIywGMn/F/mF6dTnJwzv/5/SQA4FQ6wq/wdX4wqk4IMFGPmsx7JN//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwClzNiK+E0lazucCT7N/03I54qmIOB9zye31eu1aRJyLixExt5DtL0260ADAEaV/T4r5vy4vPnv2YOp88t+FfB0R3/vpqz9+Y7ndvr+UHf/X/vGFvenDqu+ed4R5BQGA4f11mEx5+10t1j0f5B/uPFjZW46xjIe886X9yUdXdnce5Es3ZTY6nU4nopT3Jc78O4nZ4pxSRDwTETMjiL/9ZkR8rF/9k3xs5Hwx82lv/ChiPzXW+Ol74qd5WnedvXwfHUFZYNq8ld1/bvZ7/6VxKV/3f/+X8jvU0eX3v1LE3r1vtyf+bBFppk/87D1/adgYz/3mq4cOdha7aW9GPDPbL36yHz8ZEP/ZIeP/+ROf+uFLA9I6P4u4HP3j98aqtBv3Kq3NravrjeW12lrtbrV6Y+nGtReuP1+t5GPUlb2R6sP+8eKVc4PKltX/zID4pb71n98/93ND1v/n/3vtW59+d3fhYPwvfLb/z//pvvG7sjbx80PGXz7zy4HTd2fxVwfU/1E//ytDxn/7b1urQ2YFAMagtbl1Z7ler90/0kb2KXQU1zm0kRVxuMx73cXBeYoMN9/vOn+JfGNEL8uAjawzNkzmueN6VY99Y3a/rzjaK38zu+KYq5OOvBZH2ng4rliTuR8B43OoeQQAAAAAAAAAAAAAAD50xvGnS5OuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKfX/wMAAP//8RXBxA==")
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000007c0), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1804000000020000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'}) (fail_nth: 5)

0s ago: executing program 4 (id=6280):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00'}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r4, r5, 0x5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r4}, &(0x7f00000006c0), &(0x7f0000000700)=r3}, 0x20)
sendmsg$inet(r2, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r6 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r7}, &(0x7f0000000180), &(0x7f00000001c0)=r6}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r8}, 0x10)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r9}, 0x18)
r10 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_aout(r10, 0x0, 0x20)
open$dir(0x0, 0x0, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

000000000000246 R12: 0000000000000001
[  292.906449][T18719] R13: 0000000000000000 R14: 00007f42b50c5fa0 R15: 00007ffe3b0b0258
[  292.906475][T18719]  </TASK>
[  293.137218][T18721] loop4: detected capacity change from 0 to 512
[  293.155770][T18726] random: crng reseeded on system resumption
[  293.187278][T18732] netlink: 'syz.5.5542': attribute type 21 has an invalid length.
[  293.202020][T18721] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.5539: bg 0: block 16: invalid block bitmap
[  293.216141][T18730] loop1: detected capacity change from 0 to 8192
[  293.225235][T18721] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  293.245009][T18720] lo speed is unknown, defaulting to 1000
[  293.278760][T18734] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5537'.
[  293.297020][T18721] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.5539: invalid indirect mapped block 5 (level 0)
[  293.315366][T18721] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.5539: invalid indirect mapped block 4294967295 (level 1)
[  293.330051][T18721] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.5539: invalid indirect mapped block 4294967295 (level 2)
[  293.340735][T18739] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  293.346848][T18721] EXT4-fs (loop4): 1 truncate cleaned up
[  293.359999][T18721] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  293.382170][T18741] @: renamed from vlan0 (while UP)
[  293.388709][T18721] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.402409][T18724] lo speed is unknown, defaulting to 1000
[  293.458431][T18743] FAULT_INJECTION: forcing a failure.
[  293.458431][T18743] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  293.471605][T18743] CPU: 1 UID: 0 PID: 18743 Comm: syz.0.5546 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  293.471720][T18743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  293.471734][T18743] Call Trace:
[  293.471741][T18743]  <TASK>
[  293.471750][T18743]  __dump_stack+0x1d/0x30
[  293.471819][T18743]  dump_stack_lvl+0xe8/0x140
[  293.471842][T18743]  dump_stack+0x15/0x1b
[  293.471859][T18743]  should_fail_ex+0x265/0x280
[  293.471914][T18743]  should_fail+0xb/0x20
[  293.471950][T18743]  should_fail_usercopy+0x1a/0x20
[  293.471969][T18743]  _copy_to_user+0x20/0xa0
[  293.471996][T18743]  simple_read_from_buffer+0xb5/0x130
[  293.472029][T18743]  proc_fail_nth_read+0x10e/0x150
[  293.472068][T18743]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  293.472099][T18743]  vfs_read+0x1a0/0x6f0
[  293.472119][T18743]  ? __rcu_read_unlock+0x4f/0x70
[  293.472145][T18743]  ? __rcu_read_unlock+0x4f/0x70
[  293.472218][T18743]  ? __fget_files+0x184/0x1c0
[  293.472255][T18743]  ksys_read+0xda/0x1a0
[  293.472290][T18743]  __x64_sys_read+0x40/0x50
[  293.472316][T18743]  x64_sys_call+0x27bc/0x2ff0
[  293.472447][T18743]  do_syscall_64+0xd2/0x200
[  293.472471][T18743]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  293.472496][T18743]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  293.472631][T18743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.472757][T18743] RIP: 0033:0x7fbf3e1cd57c
[  293.472776][T18743] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  293.472799][T18743] RSP: 002b:00007fbf3c837030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  293.472822][T18743] RAX: ffffffffffffffda RBX: 00007fbf3e3f5fa0 RCX: 00007fbf3e1cd57c
[  293.472878][T18743] RDX: 000000000000000f RSI: 00007fbf3c8370a0 RDI: 0000000000000005
[  293.472895][T18743] RBP: 00007fbf3c837090 R08: 0000000000000000 R09: 0000000000000000
[  293.472975][T18743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  293.472991][T18743] R13: 0000000000000000 R14: 00007fbf3e3f5fa0 R15: 00007ffc02324de8
[  293.473074][T18743]  </TASK>
[  293.706175][T18720] lo speed is unknown, defaulting to 1000
[  293.756985][T18724] lo speed is unknown, defaulting to 1000
[  293.818051][T18759] loop0: detected capacity change from 0 to 512
[  293.853595][T18759] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.915968][T18766] hub 6-0:1.0: USB hub found
[  293.922970][T18766] hub 6-0:1.0: 8 ports detected
[  293.929065][T18771] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5553'.
[  294.009902][T18274] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.059072][T18782] hub 6-0:1.0: USB hub found
[  294.073098][T18782] hub 6-0:1.0: 8 ports detected
[  294.120468][T18794] loop1: detected capacity change from 0 to 128
[  294.153768][T18794] FAT-fs (loop1): Directory bread(block 32) failed
[  294.160354][T18794] FAT-fs (loop1): Directory bread(block 33) failed
[  294.197800][T18794] FAT-fs (loop1): Directory bread(block 34) failed
[  294.204942][T18794] FAT-fs (loop1): Directory bread(block 35) failed
[  294.228574][T18794] FAT-fs (loop1): Directory bread(block 36) failed
[  294.237061][T18794] FAT-fs (loop1): Directory bread(block 37) failed
[  294.237242][T18804] loop3: detected capacity change from 0 to 512
[  294.243997][T18794] FAT-fs (loop1): Directory bread(block 38) failed
[  294.300951][T18794] FAT-fs (loop1): Directory bread(block 39) failed
[  294.303794][T18811] loop4: detected capacity change from 0 to 164
[  294.307863][T18794] FAT-fs (loop1): Directory bread(block 40) failed
[  294.321298][T18804] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.324904][T18794] FAT-fs (loop1): Directory bread(block 41) failed
[  294.341519][T18811] iso9660: Unknown parameter 'ÿ18446744073709551615ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ'
[  294.392760][T18825] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=18825 comm=syz.5.5572
[  294.409723][T18809] loop0: detected capacity change from 0 to 512
[  294.417140][T11056] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.471324][T18809] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.5567: bg 0: block 5: invalid block bitmap
[  294.497075][T18809] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  294.517985][T18809] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.5567: invalid indirect mapped block 3 (level 2)
[  294.536638][T18809] EXT4-fs (loop0): 1 orphan inode deleted
[  294.542633][T18809] EXT4-fs (loop0): 1 truncate cleaned up
[  294.549620][T18809] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.612353][T18834] FAULT_INJECTION: forcing a failure.
[  294.612353][T18834] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  294.619215][T18785] syz.1.5558: attempt to access beyond end of device
[  294.619215][T18785] loop1: rw=0, sector=4108, nr_sectors = 4 limit=128
[  294.625516][T18834] CPU: 1 UID: 0 PID: 18834 Comm: syz.3.5576 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  294.625616][T18834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  294.625635][T18834] Call Trace:
[  294.625646][T18834]  <TASK>
[  294.625666][T18834]  __dump_stack+0x1d/0x30
[  294.625736][T18834]  dump_stack_lvl+0xe8/0x140
[  294.625767][T18834]  dump_stack+0x15/0x1b
[  294.625791][T18834]  should_fail_ex+0x265/0x280
[  294.625893][T18834]  should_fail+0xb/0x20
[  294.625936][T18834]  should_fail_usercopy+0x1a/0x20
[  294.625964][T18834]  _copy_from_iter+0xcf/0xe40
[  294.625996][T18834]  ? __build_skb_around+0x1a0/0x200
[  294.626044][T18834]  ? __alloc_skb+0x223/0x320
[  294.626093][T18834]  netlink_sendmsg+0x471/0x6b0
[  294.626180][T18834]  ? __pfx_netlink_sendmsg+0x10/0x10
[  294.626229][T18834]  __sock_sendmsg+0x142/0x180
[  294.626314][T18834]  ____sys_sendmsg+0x31e/0x4e0
[  294.626370][T18834]  ___sys_sendmsg+0x17b/0x1d0
[  294.626567][T18834]  __x64_sys_sendmsg+0xd4/0x160
[  294.626626][T18834]  x64_sys_call+0x191e/0x2ff0
[  294.626792][T18834]  do_syscall_64+0xd2/0x200
[  294.626893][T18834]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  294.626929][T18834]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  294.626961][T18834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.626995][T18834] RIP: 0033:0x7fac3d99eb69
[  294.627020][T18834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  294.627115][T18834] RSP: 002b:00007fac3c007038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  294.627143][T18834] RAX: ffffffffffffffda RBX: 00007fac3dbc5fa0 RCX: 00007fac3d99eb69
[  294.627162][T18834] RDX: 0000000000000000 RSI: 0000200000006280 RDI: 0000000000000003
[  294.627180][T18834] RBP: 00007fac3c007090 R08: 0000000000000000 R09: 0000000000000000
[  294.627198][T18834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  294.627216][T18834] R13: 0000000000000000 R14: 00007fac3dbc5fa0 R15: 00007ffdc69d22f8
[  294.627248][T18834]  </TASK>
[  294.843683][T18838] FAULT_INJECTION: forcing a failure.
[  294.843683][T18838] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  294.857034][T18838] CPU: 0 UID: 0 PID: 18838 Comm: syz.3.5578 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  294.857159][T18838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  294.857176][T18838] Call Trace:
[  294.857178][T18785] FAT-fs (loop1): Filesystem has been set read-only
[  294.857185][T18838]  <TASK>
[  294.857196][T18838]  __dump_stack+0x1d/0x30
[  294.857223][T18838]  dump_stack_lvl+0xe8/0x140
[  294.857251][T18838]  dump_stack+0x15/0x1b
[  294.857274][T18838]  should_fail_ex+0x265/0x280
[  294.857390][T18838]  should_fail_alloc_page+0xf2/0x100
[  294.857468][T18838]  __alloc_frozen_pages_noprof+0xff/0x360
[  294.857552][T18838]  alloc_pages_mpol+0xb3/0x250
[  294.857604][T18838]  alloc_pages_noprof+0x90/0x130
[  294.857713][T18838]  pte_alloc_one+0x2d/0x120
[  294.857760][T18838]  __pte_alloc+0x32/0x2b0
[  294.857810][T18838]  handle_mm_fault+0x1c55/0x2c20
[  294.857919][T18838]  ? __rcu_read_unlock+0x4f/0x70
[  294.857969][T18838]  do_user_addr_fault+0x3fe/0x1090
[  294.858026][T18838]  exc_page_fault+0x62/0xa0
[  294.858125][T18838]  asm_exc_page_fault+0x26/0x30
[  294.858154][T18838] RIP: 0010:rep_movs_alternative+0x33/0x90
[  294.858225][T18838] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 3d f6 01 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb
[  294.858252][T18838] RSP: 0018:ffffc90003c97de0 EFLAGS: 00050216
[  294.858275][T18838] RAX: 0000000000000000 RBX: 0000000000000020 RCX: 0000000000000020
[  294.858293][T18838] RDX: 0000000000000000 RSI: ffffc90003c97e18 RDI: 0000200000000000
[  294.858312][T18838] RBP: 0000000000000000 R08: 00000000000003ed R09: 0000000000000000
[  294.858398][T18838] R10: 0001c90003c97e18 R11: 0001c90003c97e37 R12: 0000200000000020
[  294.858483][T18838] R13: 00007ffffffff000 R14: 0000200000000000 R15: ffffc90003c97e18
[  294.858525][T18838]  _copy_to_user+0x7c/0xa0
[  294.858564][T18838]  __se_sys_msgctl+0x1e7/0x290
[  294.858658][T18838]  __x64_sys_msgctl+0x43/0x50
[  294.858703][T18838]  x64_sys_call+0xbe3/0x2ff0
[  294.858736][T18838]  do_syscall_64+0xd2/0x200
[  294.858861][T18838]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  294.858907][T18838]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  294.858948][T18838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.858978][T18838] RIP: 0033:0x7fac3d99eb69
[  294.859002][T18838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  294.859027][T18838] RSP: 002b:00007fac3c007038 EFLAGS: 00000246 ORIG_RAX: 0000000000000047
[  294.859059][T18838] RAX: ffffffffffffffda RBX: 00007fac3dbc5fa0 RCX: 00007fac3d99eb69
[  294.859078][T18838] RDX: 0000200000000000 RSI: 000000000000000c RDI: 0000000000000000
[  294.859096][T18838] RBP: 00007fac3c007090 R08: 0000000000000000 R09: 0000000000000000
[  294.859182][T18838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  294.859236][T18838] R13: 0000000000000001 R14: 00007fac3dbc5fa0 R15: 00007ffdc69d22f8
[  294.859264][T18838]  </TASK>
[  294.997081][T18837] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  295.011571][T18785] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF
[  295.081996][T18274] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.207560][T18846] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5577'.
[  295.370361][T18854] loop5: detected capacity change from 0 to 512
[  295.397373][T18858] vhci_hcd: invalid port number 255
[  295.426682][T18854] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  295.476077][T18870] tipc: MTU too low for tipc bearer
[  295.489341][T18870] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5581'.
[  295.499709][T13770] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.556531][T18880] loop0: detected capacity change from 0 to 512
[  295.563411][T18880] EXT4-fs: Ignoring removed bh option
[  295.569325][T18880] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  295.578556][T18880] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  295.590244][T18880] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  295.600004][T18880] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  295.610224][T18880] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  295.646946][T18274] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.659350][T18884] loop4: detected capacity change from 0 to 128
[  295.675422][T18884] netlink: 68 bytes leftover after parsing attributes in process `syz.4.5594'.
[  295.687671][T18884] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5594'.
[  295.819771][T18897] vhci_hcd: invalid port number 255
[  295.864015][T18901] loop4: detected capacity change from 0 to 512
[  295.884018][T18901] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  295.986337][T11918] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.039231][T18921] loop0: detected capacity change from 0 to 1024
[  296.046162][T18921] EXT4-fs: inline encryption not supported
[  296.053882][T18921] EXT4-fs: Ignoring removed bh option
[  296.062683][T18921] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  296.091757][T18925] loop4: detected capacity change from 0 to 512
[  296.102360][T18922] lo speed is unknown, defaulting to 1000
[  296.112942][T18274] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.123794][T18925] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.5607: bg 0: block 16: invalid block bitmap
[  296.137505][T18925] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  296.153287][T18925] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.5607: invalid indirect mapped block 5 (level 0)
[  296.166950][T18925] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.5607: invalid indirect mapped block 4294967295 (level 1)
[  296.191055][T18925] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.5607: invalid indirect mapped block 4294967295 (level 2)
[  296.211501][T18922] lo speed is unknown, defaulting to 1000
[  296.228671][T18925] EXT4-fs (loop4): 1 truncate cleaned up
[  296.247336][T18925] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.260610][T18925] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.308882][T18934] loop0: detected capacity change from 0 to 512
[  296.333016][T18934] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.5609: bg 0: block 16: invalid block bitmap
[  296.359614][T18930] lo speed is unknown, defaulting to 1000
[  296.368014][T18934] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  296.395517][T18934] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.5609: invalid indirect mapped block 5 (level 0)
[  296.414715][T18934] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.5609: invalid indirect mapped block 4294967295 (level 1)
[  296.456095][T18948] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  296.476447][T18934] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.5609: invalid indirect mapped block 4294967295 (level 2)
[  296.523841][T18934] EXT4-fs (loop0): 1 truncate cleaned up
[  296.547119][T18934] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.583797][T18934] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.624179][T18964] loop4: detected capacity change from 0 to 128
[  296.638416][T18966] loop3: detected capacity change from 0 to 512
[  296.638583][T18930] lo speed is unknown, defaulting to 1000
[  296.662198][T18964] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  296.686982][T18966] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  296.724950][T11056] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.767134][T18973] loop3: detected capacity change from 0 to 1024
[  296.792265][T18973] EXT4-fs: inline encryption not supported
[  296.805097][T18973] EXT4-fs: Ignoring removed bh option
[  296.825158][T18973] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  296.865863][T11918] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  296.937684][T11056] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.993931][T18994] loop0: detected capacity change from 0 to 512
[  297.021821][T18994] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  297.060311][T19006] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  297.165686][T18274] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.340175][T19009] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  297.347588][T19009] vhci_hcd: invalid port number 253
[  297.352906][T19009] vhci_hcd: invalid port number 253
[  297.382659][T19036] FAULT_INJECTION: forcing a failure.
[  297.382659][T19036] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  297.395970][T19036] CPU: 0 UID: 0 PID: 19036 Comm: syz.0.5648 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  297.396010][T19036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  297.396026][T19036] Call Trace:
[  297.396035][T19036]  <TASK>
[  297.396046][T19036]  __dump_stack+0x1d/0x30
[  297.396073][T19036]  dump_stack_lvl+0xe8/0x140
[  297.396208][T19036]  dump_stack+0x15/0x1b
[  297.396231][T19036]  should_fail_ex+0x265/0x280
[  297.396275][T19036]  should_fail+0xb/0x20
[  297.396312][T19036]  should_fail_usercopy+0x1a/0x20
[  297.396344][T19036]  strncpy_from_user+0x25/0x230
[  297.396377][T19036]  ? kmem_cache_alloc_noprof+0x186/0x310
[  297.396413][T19036]  ? getname_flags+0x80/0x3b0
[  297.396481][T19036]  getname_flags+0xae/0x3b0
[  297.396517][T19036]  __x64_sys_mknodat+0x4f/0x70
[  297.396543][T19036]  x64_sys_call+0x2ec8/0x2ff0
[  297.396571][T19036]  do_syscall_64+0xd2/0x200
[  297.396601][T19036]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  297.396742][T19036]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  297.396774][T19036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.396804][T19036] RIP: 0033:0x7fbf3e1ceb69
[  297.396854][T19036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.396873][T19036] RSP: 002b:00007fbf3c837038 EFLAGS: 00000246 ORIG_RAX: 0000000000000103
[  297.396893][T19036] RAX: ffffffffffffffda RBX: 00007fbf3e3f5fa0 RCX: 00007fbf3e1ceb69
[  297.396911][T19036] RDX: 000000000000c000 RSI: 0000200000000080 RDI: 0000000000000006
[  297.396928][T19036] RBP: 00007fbf3c837090 R08: 0000000000000000 R09: 0000000000000000
[  297.396945][T19036] R10: 0000000000000701 R11: 0000000000000246 R12: 0000000000000001
[  297.396967][T19036] R13: 0000000000000000 R14: 00007fbf3e3f5fa0 R15: 00007ffc02324de8
[  297.396993][T19036]  </TASK>
[  297.585956][T19034] loop5: detected capacity change from 0 to 8192
[  297.612436][   T29] kauditd_printk_skb: 414 callbacks suppressed
[  297.612456][   T29] audit: type=1326 audit(297.569:30687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19035 comm="syz.0.5648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fbf3e1cd57c code=0x7ffc0000
[  297.646283][   T29] audit: type=1326 audit(297.569:30688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19035 comm="syz.0.5648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fbf3e1cd61f code=0x7ffc0000
[  297.669470][   T29] audit: type=1326 audit(297.569:30689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19035 comm="syz.0.5648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fbf3e1cd7ca code=0x7ffc0000
[  297.692335][   T29] audit: type=1326 audit(297.569:30690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19035 comm="syz.0.5648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf3e1ceb69 code=0x7ffc0000
[  297.715976][   T29] audit: type=1326 audit(297.569:30691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19035 comm="syz.0.5648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf3e1ceb69 code=0x7ffc0000
[  297.751297][   T29] audit: type=1326 audit(297.709:30692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19039 comm="syz.4.5650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f67feb69 code=0x7ffc0000
[  297.774351][   T29] audit: type=1326 audit(297.709:30693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19039 comm="syz.4.5650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa2f67feb69 code=0x7ffc0000
[  297.800037][   T29] audit: type=1326 audit(297.709:30694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19039 comm="syz.4.5650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2f67feb69 code=0x7ffc0000
[  297.823243][   T29] audit: type=1326 audit(297.709:30695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19039 comm="syz.4.5650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa2f67fd4d0 code=0x7ffc0000
[  297.835938][T19043] loop0: detected capacity change from 0 to 512
[  297.846574][   T29] audit: type=1326 audit(297.709:30696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19039 comm="syz.4.5650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa2f67fd4d0 code=0x7ffc0000
[  297.909797][T19043] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  298.172784][T18274] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.276779][T19099] vhci_hcd: invalid port number 96
[  298.282051][T19099] vhci_hcd: default hub control req: 0300 vfffc i0060 l0
[  298.302667][T19107] loop4: detected capacity change from 0 to 1024
[  298.326865][T19109] loop3: detected capacity change from 0 to 512
[  298.334315][T19107] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.5676: Failed to acquire dquot type 0
[  298.347281][T19107] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  298.362170][T19107] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #13: comm syz.4.5676: corrupted inode contents
[  298.374526][T19107] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #13: comm syz.4.5676: mark_inode_dirty error
[  298.386284][T19107] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #13: comm syz.4.5676: corrupted inode contents
[  298.400138][T19107] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #13: comm syz.4.5676: mark_inode_dirty error
[  298.414420][T19107] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #13: comm syz.4.5676: corrupted inode contents
[  298.431759][T19107] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  298.440641][T19107] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #13: comm syz.4.5676: corrupted inode contents
[  298.454235][T19107] EXT4-fs error (device loop4): ext4_truncate:4666: inode #13: comm syz.4.5676: mark_inode_dirty error
[  298.470270][T19118] loop3: detected capacity change from 0 to 1024
[  298.478943][T19118] EXT4-fs: inline encryption not supported
[  298.481689][T19107] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  298.485430][T19118] EXT4-fs: Ignoring removed bh option
[  298.501756][T19107] EXT4-fs (loop4): 1 truncate cleaned up
[  298.514476][T19107] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  298.567104][T19107] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  298.588675][T19107] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  298.615542][T19126] loop3: detected capacity change from 0 to 1024
[  298.631384][T19126] EXT4-fs: inline encryption not supported
[  298.638329][T19126] EXT4-fs: Ignoring removed bh option
[  298.713122][T19136] vhci_hcd: invalid port number 96
[  298.718344][T19136] vhci_hcd: default hub control req: 0300 vfffc i0060 l0
[  298.719878][T19142] loop3: detected capacity change from 0 to 512
[  298.763935][T19148] netlink: 'syz.0.5692': attribute type 21 has an invalid length.
[  298.797452][T19152] netlink: 52 bytes leftover after parsing attributes in process `syz.4.5694'.
[  298.830686][T19156] loop3: detected capacity change from 0 to 1024
[  299.040522][T19174] vhci_hcd: invalid port number 96
[  299.045823][T19174] vhci_hcd: default hub control req: 0300 vfffc i0060 l0
[  299.064203][T19178] netlink: 'syz.5.5705': attribute type 21 has an invalid length.
[  299.084224][T19180] loop1: detected capacity change from 0 to 512
[  299.157116][T19192] FAULT_INJECTION: forcing a failure.
[  299.157116][T19192] name failslab, interval 1, probability 0, space 0, times 0
[  299.169823][T19192] CPU: 0 UID: 0 PID: 19192 Comm: syz.0.5712 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  299.169939][T19192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  299.169956][T19192] Call Trace:
[  299.169964][T19192]  <TASK>
[  299.169975][T19192]  __dump_stack+0x1d/0x30
[  299.170010][T19192]  dump_stack_lvl+0xe8/0x140
[  299.170037][T19192]  dump_stack+0x15/0x1b
[  299.170058][T19192]  should_fail_ex+0x265/0x280
[  299.170156][T19192]  should_failslab+0x8c/0xb0
[  299.170191][T19192]  kmem_cache_alloc_node_noprof+0x57/0x320
[  299.170252][T19192]  ? __alloc_skb+0x101/0x320
[  299.170292][T19192]  __alloc_skb+0x101/0x320
[  299.170394][T19192]  netlink_alloc_large_skb+0xba/0xf0
[  299.170425][T19192]  netlink_sendmsg+0x3cf/0x6b0
[  299.170469][T19192]  ? __pfx_netlink_sendmsg+0x10/0x10
[  299.170571][T19192]  __sock_sendmsg+0x142/0x180
[  299.170597][T19192]  ____sys_sendmsg+0x31e/0x4e0
[  299.170687][T19192]  ___sys_sendmsg+0x17b/0x1d0
[  299.170752][T19192]  __x64_sys_sendmsg+0xd4/0x160
[  299.170806][T19192]  x64_sys_call+0x191e/0x2ff0
[  299.170840][T19192]  do_syscall_64+0xd2/0x200
[  299.170929][T19192]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  299.170961][T19192]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  299.171000][T19192]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.171053][T19192] RIP: 0033:0x7fbf3e1ceb69
[  299.171075][T19192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.171155][T19192] RSP: 002b:00007fbf3c837038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  299.171232][T19192] RAX: ffffffffffffffda RBX: 00007fbf3e3f5fa0 RCX: 00007fbf3e1ceb69
[  299.171247][T19192] RDX: 0000000004006800 RSI: 0000200000000740 RDI: 0000000000000003
[  299.171261][T19192] RBP: 00007fbf3c837090 R08: 0000000000000000 R09: 0000000000000000
[  299.171277][T19192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  299.171292][T19192] R13: 0000000000000000 R14: 00007fbf3e3f5fa0 R15: 00007ffc02324de8
[  299.171315][T19192]  </TASK>
[  299.389685][T19198] loop4: detected capacity change from 0 to 512
[  299.416897][T19198] EXT4-fs: Ignoring removed bh option
[  299.432402][T19198] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  299.441542][T19198] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  299.451021][T19198] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  299.464229][T19198] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  299.471747][T19216] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  299.484226][T19216] netlink: 52 bytes leftover after parsing attributes in process `syz.3.5717'.
[  299.572850][T19220] vhci_hcd: invalid port number 96
[  299.578064][T19220] vhci_hcd: default hub control req: 0300 vfffc i0060 l0
[  299.674145][T19238] net_ratelimit: 41 callbacks suppressed
[  299.674162][T19238] openvswitch: netlink: Message has 6 unknown bytes.
[  299.789894][T19244] loop3: detected capacity change from 0 to 512
[  299.797155][T19244] EXT4-fs: Ignoring removed bh option
[  299.828631][T19244] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  299.837798][T19244] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  299.876519][T19244] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  299.886201][T19244] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  299.916871][T19268] FAULT_INJECTION: forcing a failure.
[  299.916871][T19268] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  299.930046][T19268] CPU: 0 UID: 0 PID: 19268 Comm: syz.0.5739 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  299.930126][T19268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  299.930143][T19268] Call Trace:
[  299.930150][T19268]  <TASK>
[  299.930160][T19268]  __dump_stack+0x1d/0x30
[  299.930187][T19268]  dump_stack_lvl+0xe8/0x140
[  299.930219][T19268]  dump_stack+0x15/0x1b
[  299.930277][T19268]  should_fail_ex+0x265/0x280
[  299.930322][T19268]  should_fail+0xb/0x20
[  299.930354][T19268]  should_fail_usercopy+0x1a/0x20
[  299.930375][T19268]  _copy_to_user+0x20/0xa0
[  299.930458][T19268]  simple_read_from_buffer+0xb5/0x130
[  299.930487][T19268]  proc_fail_nth_read+0x10e/0x150
[  299.930519][T19268]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  299.930597][T19268]  vfs_read+0x1a0/0x6f0
[  299.930620][T19268]  ? __rcu_read_unlock+0x4f/0x70
[  299.930644][T19268]  ? __fget_files+0x184/0x1c0
[  299.930676][T19268]  ksys_read+0xda/0x1a0
[  299.930734][T19268]  __x64_sys_read+0x40/0x50
[  299.930757][T19268]  x64_sys_call+0x27bc/0x2ff0
[  299.930786][T19268]  do_syscall_64+0xd2/0x200
[  299.930852][T19268]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  299.930885][T19268]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  299.930914][T19268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.931018][T19268] RIP: 0033:0x7fbf3e1cd57c
[  299.931036][T19268] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  299.931056][T19268] RSP: 002b:00007fbf3c837030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  299.931077][T19268] RAX: ffffffffffffffda RBX: 00007fbf3e3f5fa0 RCX: 00007fbf3e1cd57c
[  299.931133][T19268] RDX: 000000000000000f RSI: 00007fbf3c8370a0 RDI: 0000000000000007
[  299.931147][T19268] RBP: 00007fbf3c837090 R08: 0000000000000000 R09: 0000000000000000
[  299.931160][T19268] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  299.931173][T19268] R13: 0000000000000000 R14: 00007fbf3e3f5fa0 R15: 00007ffc02324de8
[  299.931200][T19268]  </TASK>
[  300.318556][T19277] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5743'.
[  300.327602][T19277] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5743'.
[  300.399521][T19295] netlink: 'syz.5.5751': attribute type 21 has an invalid length.
[  300.439196][T19298] 9pnet_fd: Insufficient options for proto=fd
[  300.449598][T19298] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5752'.
[  300.486226][T19305] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5756'.
[  300.784217][T19317] tipc: New replicast peer: 255.255.255.83
[  300.790136][T19317] tipc: Enabled bearer <udp:£>, priority 10
[  301.265674][T19319] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5759'.
[  301.307655][T19322] loop1: detected capacity change from 0 to 2048
[  301.361503][T19322]  loop1: p1 < > p4
[  301.373002][T19322] loop1: p4 size 8388608 extends beyond EOD, truncated
[  301.647044][T19347] loop0: detected capacity change from 0 to 8192
[  301.703247][T19368] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5780'.
[  301.730365][T19368] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5780'.
[  301.781489][T19376] netlink: 'syz.0.5782': attribute type 13 has an invalid length.
[  301.790848][ T3367] tipc: Node number set to 2739649324
[  301.802622][T19368] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5780'.
[  301.907356][T19376] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.914643][T19376] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.975729][T19376] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  301.987375][T19376] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  302.061544][T19385] FAULT_INJECTION: forcing a failure.
[  302.061544][T19385] name failslab, interval 1, probability 0, space 0, times 0
[  302.074469][T19385] CPU: 1 UID: 0 PID: 19385 Comm: syz.5.5784 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  302.074582][T19385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  302.074596][T19385] Call Trace:
[  302.074601][T19385]  <TASK>
[  302.074609][T19385]  __dump_stack+0x1d/0x30
[  302.074652][T19385]  dump_stack_lvl+0xe8/0x140
[  302.074679][T19385]  dump_stack+0x15/0x1b
[  302.074701][T19385]  should_fail_ex+0x265/0x280
[  302.074754][T19385]  should_failslab+0x8c/0xb0
[  302.074780][T19385]  kmem_cache_alloc_noprof+0x50/0x310
[  302.074846][T19385]  ? getname_kernel+0x3c/0x1f0
[  302.074893][T19385]  getname_kernel+0x3c/0x1f0
[  302.074936][T19385]  kern_path+0x23/0x130
[  302.074974][T19385]  create_local_trace_uprobe+0x53/0x2c0
[  302.075002][T19385]  perf_uprobe_init+0xc0/0x150
[  302.075104][T19385]  perf_uprobe_event_init+0xc4/0x140
[  302.075138][T19385]  perf_try_init_event+0xd6/0x540
[  302.075166][T19385]  ? perf_event_alloc+0xb1c/0x1690
[  302.075205][T19385]  perf_event_alloc+0xb27/0x1690
[  302.075267][T19385]  __se_sys_perf_event_open+0x4a5/0x11c0
[  302.075301][T19385]  ? __rcu_read_unlock+0x4f/0x70
[  302.075339][T19385]  __x64_sys_perf_event_open+0x67/0x80
[  302.075492][T19385]  x64_sys_call+0x7bd/0x2ff0
[  302.075514][T19385]  do_syscall_64+0xd2/0x200
[  302.075580][T19385]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  302.075613][T19385]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  302.075637][T19385]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.075737][T19385] RIP: 0033:0x7f42b4e9eb69
[  302.075754][T19385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  302.075792][T19385] RSP: 002b:00007f42b34de038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  302.075812][T19385] RAX: ffffffffffffffda RBX: 00007f42b50c6080 RCX: 00007f42b4e9eb69
[  302.075867][T19385] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000000240
[  302.075885][T19385] RBP: 00007f42b34de090 R08: 0000000000000000 R09: 0000000000000000
[  302.075903][T19385] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  302.075926][T19385] R13: 0000000000000001 R14: 00007f42b50c6080 R15: 00007ffe3b0b0258
[  302.075956][T19385]  </TASK>
[  302.317449][ T5032] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  302.330177][ T5032] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  302.340038][ T5032] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  302.349575][ T5032] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  302.395769][T19393] FAULT_INJECTION: forcing a failure.
[  302.395769][T19393] name failslab, interval 1, probability 0, space 0, times 0
[  302.407535][T19384] lo speed is unknown, defaulting to 1000
[  302.408834][T19393] CPU: 1 UID: 0 PID: 19393 Comm: syz.0.5788 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  302.408885][T19393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  302.408906][T19393] Call Trace:
[  302.408915][T19393]  <TASK>
[  302.408926][T19393]  __dump_stack+0x1d/0x30
[  302.408959][T19393]  dump_stack_lvl+0xe8/0x140
[  302.408989][T19393]  dump_stack+0x15/0x1b
[  302.409013][T19393]  should_fail_ex+0x265/0x280
[  302.409096][T19393]  ? audit_log_d_path+0x8d/0x150
[  302.409141][T19393]  should_failslab+0x8c/0xb0
[  302.409177][T19393]  __kmalloc_cache_noprof+0x4c/0x320
[  302.409240][T19393]  audit_log_d_path+0x8d/0x150
[  302.409297][T19393]  audit_log_d_path_exe+0x42/0x70
[  302.409345][T19393]  audit_log_task+0x1e9/0x250
[  302.409390][T19393]  audit_seccomp+0x61/0x100
[  302.409427][T19393]  ? __seccomp_filter+0x68c/0x10d0
[  302.409519][T19393]  __seccomp_filter+0x69d/0x10d0
[  302.409554][T19393]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  302.409614][T19393]  ? vfs_write+0x75e/0x8e0
[  302.409638][T19393]  ? __rcu_read_unlock+0x4f/0x70
[  302.409670][T19393]  ? __fget_files+0x184/0x1c0
[  302.409766][T19393]  __secure_computing+0x82/0x150
[  302.409800][T19393]  syscall_trace_enter+0xcf/0x1e0
[  302.409858][T19393]  do_syscall_64+0xac/0x200
[  302.409967][T19393]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  302.410005][T19393]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  302.410087][T19393]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.410118][T19393] RIP: 0033:0x7fbf3e1ceb69
[  302.410142][T19393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  302.410200][T19393] RSP: 002b:00007fbf3c837038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d2
[  302.410228][T19393] RAX: ffffffffffffffda RBX: 00007fbf3e3f5fa0 RCX: 00007fbf3e1ceb69
[  302.410247][T19393] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000000
[  302.410309][T19393] RBP: 00007fbf3c837090 R08: 0000000000000000 R09: 0000000000000000
[  302.410327][T19393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  302.410346][T19393] R13: 0000000000000000 R14: 00007fbf3e3f5fa0 R15: 00007ffc02324de8
[  302.410379][T19393]  </TASK>
[  302.643263][T19405] FAULT_INJECTION: forcing a failure.
[  302.643263][T19405] name failslab, interval 1, probability 0, space 0, times 0
[  302.655945][T19405] CPU: 0 UID: 0 PID: 19405 Comm: syz.4.5790 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  302.655978][T19405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  302.655996][T19405] Call Trace:
[  302.656003][T19405]  <TASK>
[  302.656013][T19405]  __dump_stack+0x1d/0x30
[  302.656041][T19405]  dump_stack_lvl+0xe8/0x140
[  302.656143][T19405]  dump_stack+0x15/0x1b
[  302.656161][T19405]  should_fail_ex+0x265/0x280
[  302.656196][T19405]  should_failslab+0x8c/0xb0
[  302.656250][T19405]  kmem_cache_alloc_noprof+0x50/0x310
[  302.656309][T19405]  ? security_inode_alloc+0x37/0x100
[  302.656345][T19405]  security_inode_alloc+0x37/0x100
[  302.656378][T19405]  inode_init_always_gfp+0x4b7/0x500
[  302.656412][T19405]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  302.656495][T19405]  alloc_inode+0x58/0x170
[  302.656523][T19405]  new_inode+0x1d/0xe0
[  302.656608][T19405]  shmem_get_inode+0x244/0x750
[  302.656643][T19405]  __shmem_file_setup+0x113/0x210
[  302.656750][T19405]  shmem_file_setup+0x3b/0x50
[  302.656797][T19405]  __se_sys_memfd_create+0x2c3/0x590
[  302.656830][T19405]  __x64_sys_memfd_create+0x31/0x40
[  302.656859][T19405]  x64_sys_call+0x2abe/0x2ff0
[  302.656885][T19405]  do_syscall_64+0xd2/0x200
[  302.656999][T19405]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  302.657034][T19405]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  302.657066][T19405]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.657120][T19405] RIP: 0033:0x7fa2f67feb69
[  302.657143][T19405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  302.657171][T19405] RSP: 002b:00007fa2f4e5ed68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  302.657197][T19405] RAX: ffffffffffffffda RBX: 000000000000061c RCX: 00007fa2f67feb69
[  302.657221][T19405] RDX: 00007fa2f4e5edec RSI: 0000000000000000 RDI: 00007fa2f6882784
[  302.657311][T19405] RBP: 0000200000000a40 R08: 00007fa2f4e5eb07 R09: 0000000000000000
[  302.657328][T19405] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[  302.657345][T19405] R13: 00007fa2f4e5edec R14: 00007fa2f4e5edf0 R15: 00007ffd99046258
[  302.657374][T19405]  </TASK>
[  302.936682][T14165] syz_tun (unregistering): left allmulticast mode
[  303.069591][T19384] lo speed is unknown, defaulting to 1000
[  303.084592][T19416] loop4: detected capacity change from 0 to 8192
[  303.098065][T19396] lo speed is unknown, defaulting to 1000
[  303.220262][T19396] lo speed is unknown, defaulting to 1000
[  303.248143][T19419] serio: Serial port ptm1
[  303.251578][T19423] netlink: 'syz.4.5796': attribute type 21 has an invalid length.
[  303.341994][T19396] chnl_net:caif_netlink_parms(): no params data found
[  303.428750][T19396] bridge0: port 1(bridge_slave_0) entered blocking state
[  303.436156][T19396] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.444144][T19396] bridge_slave_0: entered allmulticast mode
[  303.451115][T19396] bridge_slave_0: entered promiscuous mode
[  303.460380][T19396] bridge0: port 2(bridge_slave_1) entered blocking state
[  303.467764][T19396] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.474238][   T29] kauditd_printk_skb: 955 callbacks suppressed
[  303.474259][   T29] audit: type=1400 audit(303.419:31650): avc:  denied  { append } for  pid=19443 comm="syz.0.5803" name="sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  303.475347][T19396] bridge_slave_1: entered allmulticast mode
[  303.484114][   T29] audit: type=1400 audit(303.439:31651): avc:  denied  { map } for  pid=19443 comm="syz.0.5803" path="/dev/sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  303.505284][T19396] bridge_slave_1: entered promiscuous mode
[  303.510468][   T29] audit: type=1400 audit(303.439:31652): avc:  denied  { write execute } for  pid=19443 comm="syz.0.5803" path="/dev/sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  303.590571][T19444] netem: change failed
[  303.597415][T19396] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  303.615927][T19396] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  303.647691][   T29] audit: type=1326 audit(303.599:31653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19450 comm="syz.5.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b4e9eb69 code=0x7ffc0000
[  303.670785][   T29] audit: type=1326 audit(303.599:31654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19450 comm="syz.5.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b4e9eb69 code=0x7ffc0000
[  303.695499][   T29] audit: type=1326 audit(303.649:31655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19450 comm="syz.5.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f42b4e9eb69 code=0x7ffc0000
[  303.718623][   T29] audit: type=1326 audit(303.649:31656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19450 comm="syz.5.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b4e9eb69 code=0x7ffc0000
[  303.741847][   T29] audit: type=1326 audit(303.649:31657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19450 comm="syz.5.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f42b4e9eb69 code=0x7ffc0000
[  303.764913][   T29] audit: type=1326 audit(303.649:31658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19450 comm="syz.5.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b4e9eb69 code=0x7ffc0000
[  303.788029][   T29] audit: type=1326 audit(303.649:31659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19450 comm="syz.5.5807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f42b4e9eb69 code=0x7ffc0000
[  303.788298][T19452] loop5: detected capacity change from 0 to 512
[  303.817974][T19452] EXT4-fs: Ignoring removed bh option
[  303.821643][T19396] team0: Port device team_slave_0 added
[  303.831181][T19396] team0: Port device team_slave_1 added
[  303.850202][T19452] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  303.859433][T19452] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  303.870159][T19452] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  303.880503][T19396] batman_adv: batadv0: Adding interface: batadv_slave_0
[  303.887536][T19396] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  303.902540][T19452] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  303.913493][T19396] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  303.914657][T19396] batman_adv: batadv0: Adding interface: batadv_slave_1
[  303.939163][T19396] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  303.953836][T19455] netlink: 'syz.4.5808': attribute type 21 has an invalid length.
[  303.965105][T19396] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  303.995129][T19451] __nla_validate_parse: 2 callbacks suppressed
[  303.995148][T19451] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5807'.
[  304.045463][T19460] FAULT_INJECTION: forcing a failure.
[  304.045463][T19460] name failslab, interval 1, probability 0, space 0, times 0
[  304.058239][T19460] CPU: 1 UID: 0 PID: 19460 Comm: syz.0.5810 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  304.058279][T19460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  304.058296][T19460] Call Trace:
[  304.058305][T19460]  <TASK>
[  304.058315][T19460]  __dump_stack+0x1d/0x30
[  304.058342][T19460]  dump_stack_lvl+0xe8/0x140
[  304.058415][T19460]  dump_stack+0x15/0x1b
[  304.058438][T19460]  should_fail_ex+0x265/0x280
[  304.058511][T19460]  should_failslab+0x8c/0xb0
[  304.058547][T19460]  kmem_cache_alloc_noprof+0x50/0x310
[  304.058578][T19460]  ? getname_flags+0x80/0x3b0
[  304.058622][T19460]  getname_flags+0x80/0x3b0
[  304.058656][T19460]  __se_sys_newstat+0x4b/0x280
[  304.058751][T19460]  ? fput+0x8f/0xc0
[  304.058786][T19460]  ? ksys_write+0x192/0x1a0
[  304.058819][T19460]  __x64_sys_newstat+0x31/0x40
[  304.058906][T19460]  x64_sys_call+0x73e/0x2ff0
[  304.058983][T19460]  do_syscall_64+0xd2/0x200
[  304.059014][T19460]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  304.059046][T19460]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  304.059204][T19460]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.059244][T19460] RIP: 0033:0x7fbf3e1ceb69
[  304.059260][T19460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  304.059279][T19460] RSP: 002b:00007fbf3c837038 EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  304.059298][T19460] RAX: ffffffffffffffda RBX: 00007fbf3e3f5fa0 RCX: 00007fbf3e1ceb69
[  304.059311][T19460] RDX: 0000000000000000 RSI: 0000200000001c80 RDI: 0000200000000cc0
[  304.059385][T19460] RBP: 00007fbf3c837090 R08: 0000000000000000 R09: 0000000000000000
[  304.059401][T19460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  304.059417][T19460] R13: 0000000000000000 R14: 00007fbf3e3f5fa0 R15: 00007ffc02324de8
[  304.059446][T19460]  </TASK>
[  304.250648][T19396] hsr_slave_0: entered promiscuous mode
[  304.257014][T19396] hsr_slave_1: entered promiscuous mode
[  304.280944][T19396] debugfs: 'hsr0' already exists in 'hsr'
[  304.286732][T19396] Cannot create hsr debugfs directory
[  304.313415][T19466] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5814'.
[  304.328507][T19464] loop3: detected capacity change from 0 to 8192
[  304.354018][T19472] netlink: 'syz.5.5815': attribute type 21 has an invalid length.
[  304.410339][T19477] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  304.463201][T19482] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5818'.
[  304.497109][T19485] loop4: detected capacity change from 0 to 512
[  304.541020][T19489] netlink: 'syz.3.5821': attribute type 21 has an invalid length.
[  304.659739][T19498] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  304.668217][T19494] loop4: detected capacity change from 0 to 8192
[  304.676101][T19396] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  304.697925][T19396] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  304.717622][T19396] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  304.732838][T19396] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  304.795005][T19396] 8021q: adding VLAN 0 to HW filter on device bond0
[  304.813924][T19396] 8021q: adding VLAN 0 to HW filter on device team0
[  304.829401][ T5032] bridge0: port 1(bridge_slave_0) entered blocking state
[  304.836545][ T5032] bridge0: port 1(bridge_slave_0) entered forwarding state
[  304.868530][T15372] bridge0: port 2(bridge_slave_1) entered blocking state
[  304.875647][T15372] bridge0: port 2(bridge_slave_1) entered forwarding state
[  304.899135][T19508] loop4: detected capacity change from 0 to 8192
[  305.001937][T19396] 8021q: adding VLAN 0 to HW filter on device batadv0
[  305.017022][T19522] loop0: detected capacity change from 0 to 1024
[  305.025846][T19522] EXT4-fs: inline encryption not supported
[  305.032568][T19522] EXT4-fs: Ignoring removed bh option
[  305.108981][T19396] veth0_vlan: entered promiscuous mode
[  305.125282][T19396] veth1_vlan: entered promiscuous mode
[  305.157594][T19396] veth0_macvtap: entered promiscuous mode
[  305.168816][T19396] veth1_macvtap: entered promiscuous mode
[  305.191492][T19396] batman_adv: batadv0: Interface activated: batadv_slave_0
[  305.207806][T19396] batman_adv: batadv0: Interface activated: batadv_slave_1
[  305.227233][T15372] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  305.262140][T15372] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  305.282789][T15372] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  305.307756][T15372] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  305.440395][T19556] loop4: detected capacity change from 0 to 8192
[  305.609422][T19573] loop1: detected capacity change from 0 to 512
[  305.626801][T19573] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  305.641470][T19578] netlink: 256 bytes leftover after parsing attributes in process `syz.4.5852'.
[  305.678378][T19587] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  305.798675][T19564] lo speed is unknown, defaulting to 1000
[  305.919814][T19564] lo speed is unknown, defaulting to 1000
[  305.957665][T19598] loop1: detected capacity change from 0 to 512
[  305.966428][T19598] EXT4-fs: Ignoring removed bh option
[  305.973215][T19609] FAULT_INJECTION: forcing a failure.
[  305.973215][T19609] name failslab, interval 1, probability 0, space 0, times 0
[  305.985991][T19609] CPU: 0 UID: 0 PID: 19609 Comm: syz.4.5863 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  305.986029][T19609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  305.986046][T19609] Call Trace:
[  305.986053][T19609]  <TASK>
[  305.986062][T19609]  __dump_stack+0x1d/0x30
[  305.986089][T19609]  dump_stack_lvl+0xe8/0x140
[  305.986185][T19609]  dump_stack+0x15/0x1b
[  305.986208][T19609]  should_fail_ex+0x265/0x280
[  305.986248][T19609]  should_failslab+0x8c/0xb0
[  305.986277][T19609]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  305.986355][T19609]  ? sidtab_sid2str_get+0xa0/0x130
[  305.986472][T19609]  kmemdup_noprof+0x2b/0x70
[  305.986500][T19609]  sidtab_sid2str_get+0xa0/0x130
[  305.986547][T19609]  security_sid_to_context_core+0x1eb/0x2e0
[  305.986597][T19609]  security_sid_to_context+0x27/0x40
[  305.986702][T19609]  selinux_lsmprop_to_secctx+0x67/0xf0
[  305.986750][T19609]  security_lsmprop_to_secctx+0x43/0x80
[  305.986804][T19609]  audit_log_task_context+0x77/0x190
[  305.986898][T19609]  audit_log_task+0xf4/0x250
[  305.986984][T19609]  audit_seccomp+0x61/0x100
[  305.987019][T19609]  ? __seccomp_filter+0x68c/0x10d0
[  305.987048][T19609]  __seccomp_filter+0x69d/0x10d0
[  305.987073][T19609]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  305.987114][T19609]  ? vfs_write+0x75e/0x8e0
[  305.987140][T19609]  ? __rcu_read_unlock+0x4f/0x70
[  305.987163][T19609]  ? __fget_files+0x184/0x1c0
[  305.987204][T19609]  __secure_computing+0x82/0x150
[  305.987231][T19609]  syscall_trace_enter+0xcf/0x1e0
[  305.987261][T19609]  do_syscall_64+0xac/0x200
[  305.987285][T19609]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  305.987318][T19609]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  305.987344][T19609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.987370][T19609] RIP: 0033:0x7fa2f67feb69
[  305.987387][T19609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  305.987408][T19609] RSP: 002b:00007fa2f4e5f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ff
[  305.987427][T19609] RAX: ffffffffffffffda RBX: 00007fa2f6a25fa0 RCX: 00007fa2f67feb69
[  305.987464][T19609] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000005
[  305.987476][T19609] RBP: 00007fa2f4e5f090 R08: 0000000000000000 R09: 0000000000000000
[  305.987488][T19609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  305.987500][T19609] R13: 0000000000000000 R14: 00007fa2f6a25fa0 R15: 00007ffd99046258
[  305.987523][T19609]  </TASK>
[  306.248541][T19598] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  306.257734][T19598] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  306.289512][T19564] chnl_net:caif_netlink_parms(): no params data found
[  306.314420][T19598] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[  306.356999][T19598] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  306.380083][T19564] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.387273][T19564] bridge0: port 1(bridge_slave_0) entered disabled state
[  306.388573][T19627] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  306.397729][T19564] bridge_slave_0: entered allmulticast mode
[  306.408704][T19598] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5859'.
[  306.410728][T19564] bridge_slave_0: entered promiscuous mode
[  306.426081][T19564] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.433263][T19564] bridge0: port 2(bridge_slave_1) entered disabled state
[  306.440592][T19564] bridge_slave_1: entered allmulticast mode
[  306.447209][T19564] bridge_slave_1: entered promiscuous mode
[  306.496618][T19564] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  306.513633][T19564] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  306.546932][T19634] netlink: 'syz.1.5872': attribute type 21 has an invalid length.
[  306.565175][T19632] loop4: detected capacity change from 0 to 8192
[  306.584561][T19564] team0: Port device team_slave_0 added
[  306.594151][T19564] team0: Port device team_slave_1 added
[  306.653095][T19564] batman_adv: batadv0: Adding interface: batadv_slave_0
[  306.660078][T19564] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  306.686175][T19564] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  306.719373][T19564] batman_adv: batadv0: Adding interface: batadv_slave_1
[  306.726409][T19564] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  306.752451][T19564] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  306.799720][T19644] netlink: 1 bytes leftover after parsing attributes in process `syz.5.5877'.
[  306.821227][T19564] hsr_slave_0: entered promiscuous mode
[  306.828486][T19564] hsr_slave_1: entered promiscuous mode
[  306.836576][T19564] debugfs: 'hsr0' already exists in 'hsr'
[  306.842396][T19564] Cannot create hsr debugfs directory
[  306.901419][T19653] 9pnet_fd: Insufficient options for proto=fd
[  306.908735][T19653] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5880'.
[  307.167062][T19564] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  307.176418][T19564] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  307.185417][T19564] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  307.195084][T19564] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  307.238161][T19564] 8021q: adding VLAN 0 to HW filter on device bond0
[  307.241781][T19662] loop0: detected capacity change from 0 to 512
[  307.251231][T19564] 8021q: adding VLAN 0 to HW filter on device team0
[  307.268192][T15372] bridge0: port 1(bridge_slave_0) entered blocking state
[  307.275335][T15372] bridge0: port 1(bridge_slave_0) entered forwarding state
[  307.292821][ T5032] bridge0: port 2(bridge_slave_1) entered blocking state
[  307.300006][ T5032] bridge0: port 2(bridge_slave_1) entered forwarding state
[  307.308919][T19662] FAULT_INJECTION: forcing a failure.
[  307.308919][T19662] name failslab, interval 1, probability 0, space 0, times 0
[  307.321760][T19662] CPU: 0 UID: 0 PID: 19662 Comm: syz.0.5881 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  307.321794][T19662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  307.321812][T19662] Call Trace:
[  307.321820][T19662]  <TASK>
[  307.321829][T19662]  __dump_stack+0x1d/0x30
[  307.321868][T19662]  dump_stack_lvl+0xe8/0x140
[  307.321963][T19662]  dump_stack+0x15/0x1b
[  307.321982][T19662]  should_fail_ex+0x265/0x280
[  307.322026][T19662]  ? __se_sys_mount+0xef/0x2e0
[  307.322057][T19662]  should_failslab+0x8c/0xb0
[  307.322097][T19662]  __kmalloc_cache_noprof+0x4c/0x320
[  307.322185][T19662]  ? memdup_user+0x99/0xd0
[  307.322213][T19662]  __se_sys_mount+0xef/0x2e0
[  307.322242][T19662]  ? do_mkdirat+0x3ac/0x3f0
[  307.322326][T19662]  __x64_sys_mount+0x67/0x80
[  307.322371][T19662]  x64_sys_call+0x2b4d/0x2ff0
[  307.322399][T19662]  do_syscall_64+0xd2/0x200
[  307.322422][T19662]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  307.322485][T19662]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  307.322514][T19662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.322536][T19662] RIP: 0033:0x7fbf3e1d030a
[  307.322552][T19662] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.322619][T19662] RSP: 002b:00007fbf3c836e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  307.322641][T19662] RAX: ffffffffffffffda RBX: 00007fbf3c836ef0 RCX: 00007fbf3e1d030a
[  307.322667][T19662] RDX: 0000200000000f40 RSI: 0000200000000f00 RDI: 0000000000000000
[  307.322682][T19662] RBP: 0000200000000f40 R08: 00007fbf3c836ef0 R09: 0000000001a4a438
[  307.322700][T19662] R10: 0000000001a4a438 R11: 0000000000000246 R12: 0000200000000f00
[  307.322716][T19662] R13: 00007fbf3c836eb0 R14: 0000000000000000 R15: 00002000000008c0
[  307.322745][T19662]  </TASK>
[  307.429714][T19564] 8021q: adding VLAN 0 to HW filter on device batadv0
[  307.532728][T19670] netlink: 'syz.0.5882': attribute type 21 has an invalid length.
[  307.599720][T19564] veth0_vlan: entered promiscuous mode
[  307.608724][T19564] veth1_vlan: entered promiscuous mode
[  307.624982][T19564] veth0_macvtap: entered promiscuous mode
[  307.633038][T19564] veth1_macvtap: entered promiscuous mode
[  307.645835][T19564] batman_adv: batadv0: Interface activated: batadv_slave_0
[  307.655498][T19564] batman_adv: batadv0: Interface activated: batadv_slave_1
[  307.700515][T15413] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  307.709308][T15413] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  307.733755][T15413] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  307.749899][T15413] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  307.765312][T19686] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  307.797306][T19690] loop3: detected capacity change from 0 to 1024
[  307.806773][T19690] EXT4-fs: inline encryption not supported
[  307.813015][T19690] EXT4-fs: Ignoring removed bh option
[  307.972160][T19696] loop3: detected capacity change from 0 to 1024
[  308.024228][T13299] syz_tun (unregistering): left allmulticast mode
[  308.027932][T19696] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, 
[  308.030830][T13299] syz_tun (unregistering): left promiscuous mode
[  308.030875][T13299] bridge0: port 3(syz_tun) entered disabled state
[  308.039087][T19696] block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  308.100306][T19705] netlink: 'syz.5.5891': attribute type 21 has an invalid length.
[  308.117058][ T5032] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.135385][T19709] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.142786][T19709] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.153607][T19709] bridge0: entered allmulticast mode
[  308.161075][T19709] bridge_slave_1: left allmulticast mode
[  308.166773][T19709] bridge_slave_1: left promiscuous mode
[  308.172561][T19709] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.181123][T19709] bridge_slave_0: left allmulticast mode
[  308.186844][T19709] bridge_slave_0: left promiscuous mode
[  308.192569][T19709] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.269093][ T5032] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.312529][T19694] lo speed is unknown, defaulting to 1000
[  308.322612][ T5032] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.380313][T19694] lo speed is unknown, defaulting to 1000
[  308.387451][ T5032] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.455496][T19694] chnl_net:caif_netlink_parms(): no params data found
[  308.503434][T19694] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.510702][T19694] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.517965][T19694] bridge_slave_0: entered allmulticast mode
[  308.524837][T19694] bridge_slave_0: entered promiscuous mode
[  308.534926][T19694] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.542251][T19694] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.549469][T19694] bridge_slave_1: entered allmulticast mode
[  308.556115][T19694] bridge_slave_1: entered promiscuous mode
[  308.573163][ T5032] bridge_slave_1: left allmulticast mode
[  308.578887][ T5032] bridge_slave_1: left promiscuous mode
[  308.584727][ T5032] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.594729][ T5032] bridge_slave_0: left allmulticast mode
[  308.600525][ T5032] bridge_slave_0: left promiscuous mode
[  308.606189][ T5032] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.650611][T19727] 9pnet_fd: Insufficient options for proto=fd
[  308.657946][T19727] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5895'.
[  308.802709][ T5032] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  308.812621][ T5032] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  308.822221][ T5032] bond0 (unregistering): Released all slaves
[  308.834663][T19694] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  308.845789][T19694] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  308.864002][ T5032] tipc: Disabling bearer <udp:£>
[  308.869031][ T5032] tipc: Left network mode
[  308.876923][T19694] team0: Port device team_slave_0 added
[  308.884021][T19694] team0: Port device team_slave_1 added
[  308.916936][T19694] batman_adv: batadv0: Adding interface: batadv_slave_0
[  308.924044][T19694] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  308.950237][T19694] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  308.973901][T19694] batman_adv: batadv0: Adding interface: batadv_slave_1
[  308.980949][T19694] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  309.007090][T19694] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  309.020135][ T5032] hsr_slave_0: left promiscuous mode
[  309.027020][ T5032] hsr_slave_1: left promiscuous mode
[  309.035592][ T5032] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  309.043088][ T5032] batman_adv: batadv0: Removing interface: batadv_slave_0
[  309.051704][ T5032] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  309.059107][ T5032] batman_adv: batadv0: Removing interface: batadv_slave_1
[  309.070360][T19730] loop5: detected capacity change from 0 to 8192
[  309.076979][ T5032] veth1_macvtap: left promiscuous mode
[  309.077257][T19730] msdos: Unknown parameter ''
[  309.082549][   T29] kauditd_printk_skb: 307 callbacks suppressed
[  309.082566][   T29] audit: type=1400 audit(309.020:31966): avc:  denied  { mounton } for  pid=19729 comm="syz.5.5896" path="/362/file1" dev="tmpfs" ino=1975 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  309.116706][ T5032] veth0_macvtap: left promiscuous mode
[  309.122475][ T5032] veth1_vlan: left promiscuous mode
[  309.144359][T19732] audit: audit_lost=24 audit_rate_limit=0 audit_backlog_limit=64
[  309.152235][T19732] audit: out of memory in audit_log_start
[  309.158666][   T29] audit: type=1400 audit(309.110:31967): avc:  denied  { execute_no_trans } for  pid=19731 comm="syz.5.5897" path="/363/file0" dev="tmpfs" ino=1981 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  309.188764][T19734] loop5: detected capacity change from 0 to 1024
[  309.196251][T19734] EXT4-fs: inline encryption not supported
[  309.204764][T19734] EXT4-fs: Ignoring removed bh option
[  309.232750][ T5032] team0 (unregistering): Port device team_slave_1 removed
[  309.244355][ T5032] team0 (unregistering): Port device team_slave_0 removed
[  309.258104][T15372] smc: removing ib device syz!
[  309.314383][T19741] netlink: 'syz.0.5901': attribute type 21 has an invalid length.
[  309.330084][   T29] audit: type=1326 audit(309.280:31968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19740 comm="syz.5.5900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b4e9eb69 code=0x7ffc0000
[  309.369294][   T29] audit: type=1326 audit(309.280:31969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19740 comm="syz.5.5900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f42b4e9eb69 code=0x7ffc0000
[  309.392488][   T29] audit: type=1326 audit(309.280:31970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19740 comm="syz.5.5900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b4e9eb69 code=0x7ffc0000
[  309.415515][   T29] audit: type=1326 audit(309.280:31971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19740 comm="syz.5.5900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b4e9eb69 code=0x7ffc0000
[  309.438516][   T29] audit: type=1326 audit(309.280:31972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19740 comm="syz.5.5900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f42b4e9d4d0 code=0x7ffc0000
[  309.461634][   T29] audit: type=1326 audit(309.280:31973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19740 comm="syz.5.5900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f42b4e9d4d0 code=0x7ffc0000
[  309.499265][T19694] hsr_slave_0: entered promiscuous mode
[  309.535071][T19694] hsr_slave_1: entered promiscuous mode
[  309.629011][T19753] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5903'.
[  309.812044][T19756] netlink: 112 bytes leftover after parsing attributes in process `syz.5.5905'.
[  309.981602][T19694] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  309.993554][T19694] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  310.005371][T19694] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  310.015010][T19694] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  310.054697][T19694] 8021q: adding VLAN 0 to HW filter on device bond0
[  310.068434][T19694] 8021q: adding VLAN 0 to HW filter on device team0
[  310.078361][ T5032] bridge0: port 1(bridge_slave_0) entered blocking state
[  310.085506][ T5032] bridge0: port 1(bridge_slave_0) entered forwarding state
[  310.102083][ T5032] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.109288][ T5032] bridge0: port 2(bridge_slave_1) entered forwarding state
[  310.215552][T19774] loop3: detected capacity change from 0 to 1024
[  310.222841][T19774] EXT4-fs: inline encryption not supported
[  310.232710][T19774] EXT4-fs: Ignoring removed bh option
[  310.232873][T19694] 8021q: adding VLAN 0 to HW filter on device batadv0
[  310.326452][T19792] 9pnet_fd: Insufficient options for proto=fd
[  310.338222][T19792] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5914'.
[  310.365736][T19798] netlink: 'syz.3.5916': attribute type 21 has an invalid length.
[  310.464948][T19694] veth0_vlan: entered promiscuous mode
[  310.469398][T19813] loop1: detected capacity change from 0 to 1024
[  310.479711][T19694] veth1_vlan: entered promiscuous mode
[  310.496818][T19813] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  310.507365][T19815] loop3: detected capacity change from 0 to 1024
[  310.508610][T19694] veth0_macvtap: entered promiscuous mode
[  310.517431][T19815] EXT4-fs: inline encryption not supported
[  310.523508][T19813] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.5921: Invalid block bitmap block 0 in block_group 0
[  310.527789][T19694] veth1_macvtap: entered promiscuous mode
[  310.539156][T19815] EXT4-fs: Ignoring removed bh option
[  310.550237][T19813] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.5921: Failed to acquire dquot type 0
[  310.557641][T19694] batman_adv: batadv0: Interface activated: batadv_slave_0
[  310.569262][T19813] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.5921: Freeing blocks not in datazone - block = 0, count = 4096
[  310.576914][T19694] batman_adv: batadv0: Interface activated: batadv_slave_1
[  310.594158][T15372] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  310.596382][T19813] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.5921: Invalid inode bitmap blk 0 in block_group 0
[  310.605302][T15372] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  310.626926][T15412] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:61: Failed to release dquot type 0
[  310.627528][T19813] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  310.647301][T19813] EXT4-fs (loop1): 1 orphan inode deleted
[  310.664953][ T5032] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  310.677773][ T5032] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  310.747764][T19828] netlink: 'syz.4.5926': attribute type 21 has an invalid length.
[  310.827678][T19843] FAULT_INJECTION: forcing a failure.
[  310.827678][T19843] name failslab, interval 1, probability 0, space 0, times 0
[  310.840481][T19843] CPU: 1 UID: 0 PID: 19843 Comm: syz.4.5933 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  310.840577][T19843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  310.840590][T19843] Call Trace:
[  310.840596][T19843]  <TASK>
[  310.840604][T19843]  __dump_stack+0x1d/0x30
[  310.840629][T19843]  dump_stack_lvl+0xe8/0x140
[  310.840654][T19843]  dump_stack+0x15/0x1b
[  310.840750][T19843]  should_fail_ex+0x265/0x280
[  310.840793][T19843]  ? __se_sys_memfd_create+0x1cc/0x590
[  310.840822][T19843]  should_failslab+0x8c/0xb0
[  310.840849][T19843]  __kmalloc_cache_noprof+0x4c/0x320
[  310.840942][T19843]  ? fput+0x8f/0xc0
[  310.840973][T19843]  __se_sys_memfd_create+0x1cc/0x590
[  310.840996][T19843]  __x64_sys_memfd_create+0x31/0x40
[  310.841025][T19843]  x64_sys_call+0x2abe/0x2ff0
[  310.841060][T19843]  do_syscall_64+0xd2/0x200
[  310.841083][T19843]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  310.841149][T19843]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  310.841174][T19843]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.841196][T19843] RIP: 0033:0x7f3c46edeb69
[  310.841212][T19843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  310.841235][T19843] RSP: 002b:00007f3c4553ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  310.841259][T19843] RAX: ffffffffffffffda RBX: 000000000000063f RCX: 00007f3c46edeb69
[  310.841322][T19843] RDX: 00007f3c4553eef0 RSI: 0000000000000000 RDI: 00007f3c46f62784
[  310.841336][T19843] RBP: 0000200000000d80 R08: 00007f3c4553ebb7 R09: 00007f3c4553ee40
[  310.841397][T19843] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000005c0
[  310.841413][T19843] R13: 00007f3c4553eef0 R14: 00007f3c4553eeb0 R15: 00002000000003c0
[  310.841441][T19843]  </TASK>
[  311.030054][T19845] FAULT_INJECTION: forcing a failure.
[  311.030054][T19845] name failslab, interval 1, probability 0, space 0, times 0
[  311.042884][T19845] CPU: 1 UID: 0 PID: 19845 Comm: syz.3.5934 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  311.042917][T19845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  311.042930][T19845] Call Trace:
[  311.042935][T19845]  <TASK>
[  311.042944][T19845]  __dump_stack+0x1d/0x30
[  311.042975][T19845]  dump_stack_lvl+0xe8/0x140
[  311.043031][T19845]  dump_stack+0x15/0x1b
[  311.043049][T19845]  should_fail_ex+0x265/0x280
[  311.043142][T19845]  ? audit_log_d_path+0x8d/0x150
[  311.043206][T19845]  should_failslab+0x8c/0xb0
[  311.043254][T19845]  __kmalloc_cache_noprof+0x4c/0x320
[  311.043295][T19845]  audit_log_d_path+0x8d/0x150
[  311.043334][T19845]  audit_log_d_path_exe+0x42/0x70
[  311.043411][T19845]  audit_log_task+0x1e9/0x250
[  311.043450][T19845]  audit_seccomp+0x61/0x100
[  311.043540][T19845]  ? __seccomp_filter+0x68c/0x10d0
[  311.043569][T19845]  __seccomp_filter+0x69d/0x10d0
[  311.043599][T19845]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  311.043633][T19845]  ? vfs_write+0x75e/0x8e0
[  311.043660][T19845]  ? __rcu_read_unlock+0x4f/0x70
[  311.043689][T19845]  ? __fget_files+0x184/0x1c0
[  311.043732][T19845]  __secure_computing+0x82/0x150
[  311.043841][T19845]  syscall_trace_enter+0xcf/0x1e0
[  311.043873][T19845]  do_syscall_64+0xac/0x200
[  311.043903][T19845]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  311.043990][T19845]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  311.044041][T19845]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.044068][T19845] RIP: 0033:0x7faffb40eb69
[  311.044089][T19845] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.044113][T19845] RSP: 002b:00007faff9a6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000001e
[  311.044143][T19845] RAX: ffffffffffffffda RBX: 00007faffb635fa0 RCX: 00007faffb40eb69
[  311.044160][T19845] RDX: 0000000000004000 RSI: 0000200000ffd000 RDI: 0000000000000000
[  311.044176][T19845] RBP: 00007faff9a6f090 R08: 0000000000000000 R09: 0000000000000000
[  311.044192][T19845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  311.044283][T19845] R13: 0000000000000000 R14: 00007faffb635fa0 R15: 00007fff12a7ab08
[  311.044310][T19845]  </TASK>
[  311.317713][T19858] netlink: 'syz.4.5939': attribute type 21 has an invalid length.
[  311.364494][T19839] loop1: detected capacity change from 0 to 8192
[  311.433719][T19877] loop4: detected capacity change from 0 to 1024
[  311.440764][T19877] EXT4-fs: inline encryption not supported
[  311.446758][T19877] EXT4-fs: Ignoring removed bh option
[  311.458013][T19875] 9pnet_fd: Insufficient options for proto=fd
[  311.465450][T19875] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5948'.
[  311.549681][T19888] loop1: detected capacity change from 0 to 512
[  311.566884][T19892] netlink: 'syz.3.5954': attribute type 21 has an invalid length.
[  311.647465][T19903] loop3: detected capacity change from 0 to 512
[  311.657177][T19903] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  311.672600][T19910] netlink: 'syz.4.5959': attribute type 21 has an invalid length.
[  311.680783][T19910] netlink: 132 bytes leftover after parsing attributes in process `syz.4.5959'.
[  311.686021][T19903] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  311.698450][T19903] System zones: 0-2, 18-18, 34-34
[  311.752080][T19920] loop4: detected capacity change from 0 to 512
[  311.791360][T19918] loop1: detected capacity change from 0 to 8192
[  311.895773][T19930] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5965'.
[  311.928716][T19934] netlink: 'syz.3.5967': attribute type 21 has an invalid length.
[  312.034576][T19938] loop3: detected capacity change from 0 to 512
[  312.041624][T19938] EXT4-fs: Ignoring removed bh option
[  312.056062][T19938] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  312.065192][T19938] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  312.082850][T19938] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  312.097751][T19938] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  312.286958][T19948] loop0: detected capacity change from 0 to 512
[  312.293645][T19948] EXT4-fs: Ignoring removed nobh option
[  312.363602][T19958] netlink: 'syz.1.5976': attribute type 21 has an invalid length.
[  312.375217][T19950] loop5: detected capacity change from 0 to 8192
[  312.382022][T19958] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5976'.
[  312.407285][T19958] FAULT_INJECTION: forcing a failure.
[  312.407285][T19958] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  312.420797][T19958] CPU: 1 UID: 0 PID: 19958 Comm: syz.1.5976 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  312.420836][T19958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  312.420855][T19958] Call Trace:
[  312.420863][T19958]  <TASK>
[  312.420874][T19958]  __dump_stack+0x1d/0x30
[  312.420940][T19958]  dump_stack_lvl+0xe8/0x140
[  312.420968][T19958]  dump_stack+0x15/0x1b
[  312.420990][T19958]  should_fail_ex+0x265/0x280
[  312.421159][T19958]  should_fail+0xb/0x20
[  312.421190][T19958]  should_fail_usercopy+0x1a/0x20
[  312.421212][T19958]  _copy_from_user+0x1c/0xb0
[  312.421245][T19958]  snd_seq_write+0x1d3/0x530
[  312.421334][T19958]  ? __pfx_snd_seq_write+0x10/0x10
[  312.421402][T19958]  vfs_write+0x266/0x8e0
[  312.421431][T19958]  ? __rcu_read_unlock+0x4f/0x70
[  312.421464][T19958]  ? __fget_files+0x184/0x1c0
[  312.421558][T19958]  ksys_write+0xda/0x1a0
[  312.421583][T19958]  __x64_sys_write+0x40/0x50
[  312.421611][T19958]  x64_sys_call+0x27fe/0x2ff0
[  312.421683][T19958]  do_syscall_64+0xd2/0x200
[  312.421709][T19958]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  312.421742][T19958]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  312.421789][T19958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.421889][T19958] RIP: 0033:0x7f45cca3eb69
[  312.421911][T19958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.421938][T19958] RSP: 002b:00007f45cb0a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  312.422035][T19958] RAX: ffffffffffffffda RBX: 00007f45ccc65fa0 RCX: 00007f45cca3eb69
[  312.422048][T19958] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000006
[  312.422060][T19958] RBP: 00007f45cb0a7090 R08: 0000000000000000 R09: 0000000000000000
[  312.422096][T19958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  312.422108][T19958] R13: 0000000000000000 R14: 00007f45ccc65fa0 R15: 00007ffc3fe87ed8
[  312.422131][T19958]  </TASK>
[  312.645786][T19963] loop1: detected capacity change from 0 to 1024
[  312.653289][T19963] EXT4-fs: inline encryption not supported
[  312.659476][T19963] EXT4-fs: Ignoring removed bh option
[  312.720624][T19970] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  312.733491][T19966] loop0: detected capacity change from 0 to 4096
[  312.846697][T19981] loop0: detected capacity change from 0 to 512
[  313.041178][T20012] netlink: 'syz.3.5998': attribute type 21 has an invalid length.
[  313.091773][T20020] FAULT_INJECTION: forcing a failure.
[  313.091773][T20020] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  313.104940][T20020] CPU: 1 UID: 0 PID: 20020 Comm: syz.3.6002 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  313.105094][T20020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  313.105183][T20020] Call Trace:
[  313.105191][T20020]  <TASK>
[  313.105201][T20020]  __dump_stack+0x1d/0x30
[  313.105229][T20020]  dump_stack_lvl+0xe8/0x140
[  313.105256][T20020]  dump_stack+0x15/0x1b
[  313.105278][T20020]  should_fail_ex+0x265/0x280
[  313.105335][T20020]  should_fail+0xb/0x20
[  313.105374][T20020]  should_fail_usercopy+0x1a/0x20
[  313.105399][T20020]  _copy_from_iter+0xcf/0xe40
[  313.105426][T20020]  ? __build_skb_around+0x1a0/0x200
[  313.105533][T20020]  ? __alloc_skb+0x223/0x320
[  313.105570][T20020]  ? skb_set_owner_w+0x16a/0x1c0
[  313.105618][T20020]  pppol2tp_sendmsg+0x2f8/0x440
[  313.105739][T20020]  ? __pfx_pppol2tp_sendmsg+0x10/0x10
[  313.105800][T20020]  __sock_sendmsg+0x142/0x180
[  313.105835][T20020]  sock_write_iter+0x165/0x1b0
[  313.105871][T20020]  do_iter_readv_writev+0x421/0x4c0
[  313.105924][T20020]  vfs_writev+0x2df/0x8b0
[  313.105982][T20020]  do_writev+0xe7/0x210
[  313.106035][T20020]  __x64_sys_writev+0x45/0x50
[  313.106090][T20020]  x64_sys_call+0x1e9a/0x2ff0
[  313.106120][T20020]  do_syscall_64+0xd2/0x200
[  313.106150][T20020]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  313.106237][T20020]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  313.106267][T20020]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.106296][T20020] RIP: 0033:0x7faffb40eb69
[  313.106317][T20020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  313.106342][T20020] RSP: 002b:00007faff9a6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  313.106429][T20020] RAX: ffffffffffffffda RBX: 00007faffb635fa0 RCX: 00007faffb40eb69
[  313.106446][T20020] RDX: 0000000000000001 RSI: 0000200000000180 RDI: 0000000000000003
[  313.106462][T20020] RBP: 00007faff9a6f090 R08: 0000000000000000 R09: 0000000000000000
[  313.106478][T20020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  313.106493][T20020] R13: 0000000000000000 R14: 00007faffb635fa0 R15: 00007fff12a7ab08
[  313.106521][T20020]  </TASK>
[  313.376097][T20030] loop5: detected capacity change from 0 to 1024
[  313.435557][T20041] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6010'.
[  313.485486][T20041] lo speed is unknown, defaulting to 1000
[  313.504932][T20042] loop5: detected capacity change from 0 to 1024
[  313.525631][T20042] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.6010: bg 0: block 88: padding at end of block bitmap is not set
[  313.539560][T20041] lo speed is unknown, defaulting to 1000
[  313.638047][T20052] FAULT_INJECTION: forcing a failure.
[  313.638047][T20052] name failslab, interval 1, probability 0, space 0, times 0
[  313.650964][T20052] CPU: 0 UID: 0 PID: 20052 Comm: +}[@ Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  313.651073][T20052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  313.651091][T20052] Call Trace:
[  313.651100][T20052]  <TASK>
[  313.651111][T20052]  __dump_stack+0x1d/0x30
[  313.651139][T20052]  dump_stack_lvl+0xe8/0x140
[  313.651167][T20052]  dump_stack+0x15/0x1b
[  313.651218][T20052]  should_fail_ex+0x265/0x280
[  313.651277][T20052]  should_failslab+0x8c/0xb0
[  313.651312][T20052]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  313.651369][T20052]  ? hugetlbfs_alloc_inode+0xbc/0x100
[  313.651407][T20052]  hugetlbfs_alloc_inode+0xbc/0x100
[  313.651437][T20052]  ? __pfx_hugetlbfs_alloc_inode+0x10/0x10
[  313.651492][T20052]  alloc_inode+0x40/0x170
[  313.651556][T20052]  new_inode+0x1d/0xe0
[  313.651585][T20052]  hugetlbfs_get_inode+0x7b/0x370
[  313.651622][T20052]  hugetlb_file_setup+0x192/0x3d0
[  313.651651][T20052]  ksys_mmap_pgoff+0x157/0x310
[  313.651711][T20052]  x64_sys_call+0x14a3/0x2ff0
[  313.651816][T20052]  do_syscall_64+0xd2/0x200
[  313.651844][T20052]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  313.651877][T20052]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  313.651907][T20052]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.652015][T20052] RIP: 0033:0x7f42b4e9eb69
[  313.652043][T20052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  313.652069][T20052] RSP: 002b:00007f42b34ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  313.652152][T20052] RAX: ffffffffffffffda RBX: 00007f42b50c5fa0 RCX: 00007f42b4e9eb69
[  313.652166][T20052] RDX: 0000000000000002 RSI: 0000000000400000 RDI: 0000200000000000
[  313.652184][T20052] RBP: 00007f42b34ff090 R08: ffffffffffffffff R09: 0000000000200000
[  313.652227][T20052] R10: 00000000000c3072 R11: 0000000000000246 R12: 0000000000000001
[  313.652244][T20052] R13: 0000000000000000 R14: 00007f42b50c5fa0 R15: 00007ffe3b0b0258
[  313.652269][T20052]  </TASK>
[  313.917002][T20057] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  313.947171][T20062] netlink: 'syz.4.6019': attribute type 21 has an invalid length.
[  314.006782][T20068] loop0: detected capacity change from 0 to 2048
[  314.062126][T20068] netlink: 196 bytes leftover after parsing attributes in process `syz.0.6022'.
[  314.077810][T20084] FAULT_INJECTION: forcing a failure.
[  314.077810][T20084] name failslab, interval 1, probability 0, space 0, times 0
[  314.090706][T20084] CPU: 0 UID: 0 PID: 20084 Comm: syz.1.6028 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  314.090742][T20084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  314.090838][T20084] Call Trace:
[  314.090884][T20084]  <TASK>
[  314.090895][T20084]  __dump_stack+0x1d/0x30
[  314.090923][T20084]  dump_stack_lvl+0xe8/0x140
[  314.090945][T20084]  dump_stack+0x15/0x1b
[  314.090962][T20084]  should_fail_ex+0x265/0x280
[  314.091072][T20084]  should_failslab+0x8c/0xb0
[  314.091097][T20084]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  314.091136][T20084]  ? sidtab_sid2str_get+0xa0/0x130
[  314.091203][T20084]  kmemdup_noprof+0x2b/0x70
[  314.091231][T20084]  sidtab_sid2str_get+0xa0/0x130
[  314.091274][T20084]  security_sid_to_context_core+0x1eb/0x2e0
[  314.091322][T20084]  security_sid_to_context+0x27/0x40
[  314.091442][T20084]  selinux_lsmprop_to_secctx+0x67/0xf0
[  314.091489][T20084]  security_lsmprop_to_secctx+0x43/0x80
[  314.091522][T20084]  audit_log_task_context+0x77/0x190
[  314.091605][T20084]  audit_log_task+0xf4/0x250
[  314.091643][T20084]  audit_seccomp+0x61/0x100
[  314.091673][T20084]  ? __seccomp_filter+0x68c/0x10d0
[  314.091712][T20084]  __seccomp_filter+0x69d/0x10d0
[  314.091796][T20084]  ? should_failslab+0x8c/0xb0
[  314.091822][T20084]  ? kmem_cache_alloc_node_noprof+0x18c/0x320
[  314.091855][T20084]  ? set_task_ioprio+0x174/0x270
[  314.091890][T20084]  __secure_computing+0x82/0x150
[  314.091919][T20084]  syscall_trace_enter+0xcf/0x1e0
[  314.091985][T20084]  do_syscall_64+0xac/0x200
[  314.092013][T20084]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  314.092037][T20084]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  314.092060][T20084]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.092104][T20084] RIP: 0033:0x7f45cca3d57c
[  314.092124][T20084] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  314.092149][T20084] RSP: 002b:00007f45cb0a7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  314.092174][T20084] RAX: ffffffffffffffda RBX: 00007f45ccc65fa0 RCX: 00007f45cca3d57c
[  314.092190][T20084] RDX: 000000000000000f RSI: 00007f45cb0a70a0 RDI: 0000000000000003
[  314.092206][T20084] RBP: 00007f45cb0a7090 R08: 0000000000000000 R09: 0000000000000000
[  314.092281][T20084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  314.092311][T20084] R13: 0000000000000000 R14: 00007f45ccc65fa0 R15: 00007ffc3fe87ed8
[  314.092408][T20084]  </TASK>
[  314.092419][T20084] audit_panic: 569 callbacks suppressed
[  314.092432][T20084] audit: error in audit_log_task_context
[  314.130785][T20068] 8021q: adding VLAN 0 to HW filter on device bond0
[  314.182228][   T29] audit: type=1326 audit(314.020:32540): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=20083 comm="syz.1.6028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f45cca3d57c code=0x7ffc0000
[  314.182262][   T29] audit: type=1326 audit(314.120:32541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20083 comm="syz.1.6028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f45cca3d61f code=0x7ffc0000
[  314.182327][   T29] audit: type=1326 audit(314.120:32542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20083 comm="syz.1.6028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f45cca3d7ca code=0x7ffc0000
[  314.192995][T20068] 8021q: adding VLAN 0 to HW filter on device team0
[  314.193224][   T29] audit: type=1326 audit(314.120:32543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20083 comm="syz.1.6028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f45cca3eb69 code=0x7ffc0000
[  314.202340][   T29] audit: type=1326 audit(314.120:32544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20083 comm="syz.1.6028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f45cca3eb69 code=0x7ffc0000
[  314.473581][T20090] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6022'.
[  314.484507][T20068] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  314.526594][T20095] loop1: detected capacity change from 0 to 1024
[  314.536385][T20095] EXT4-fs: inline encryption not supported
[  314.568675][T20095] EXT4-fs: Ignoring removed bh option
[  314.586519][   T29] audit: type=1326 audit(314.530:32545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20104 comm="syz.3.6034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faffb40eb69 code=0x7ffc0000
[  314.625805][   T29] audit: type=1326 audit(314.530:32546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20104 comm="syz.3.6034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faffb40eb69 code=0x7ffc0000
[  314.648982][   T29] audit: type=1326 audit(314.530:32547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20104 comm="syz.3.6034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faffb40eb69 code=0x7ffc0000
[  314.672162][   T29] audit: type=1326 audit(314.530:32548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20104 comm="syz.3.6034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faffb40eb69 code=0x7ffc0000
[  314.717345][T20102] loop5: detected capacity change from 0 to 8192
[  314.906669][T20121] loop5: detected capacity change from 0 to 8192
[  315.108766][T20123] lo speed is unknown, defaulting to 1000
[  315.133167][T20137] FAULT_INJECTION: forcing a failure.
[  315.133167][T20137] name failslab, interval 1, probability 0, space 0, times 0
[  315.145955][T20137] CPU: 0 UID: 0 PID: 20137 Comm: syz.5.6046 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  315.145988][T20137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  315.146006][T20137] Call Trace:
[  315.146019][T20137]  <TASK>
[  315.146027][T20137]  __dump_stack+0x1d/0x30
[  315.146049][T20137]  dump_stack_lvl+0xe8/0x140
[  315.146075][T20137]  dump_stack+0x15/0x1b
[  315.146097][T20137]  should_fail_ex+0x265/0x280
[  315.146206][T20137]  ? call_usermodehelper_setup+0x72/0x190
[  315.146248][T20137]  should_failslab+0x8c/0xb0
[  315.146354][T20137]  ? __pfx_free_modprobe_argv+0x10/0x10
[  315.146378][T20137]  __kmalloc_cache_noprof+0x4c/0x320
[  315.146407][T20137]  ? __kmalloc_node_track_caller_noprof+0x1e5/0x410
[  315.146526][T20137]  ? __pfx_free_modprobe_argv+0x10/0x10
[  315.146558][T20137]  call_usermodehelper_setup+0x72/0x190
[  315.146596][T20137]  __request_module+0x264/0x3e0
[  315.146625][T20137]  ? capable+0x7c/0xb0
[  315.146690][T20137]  ? security_capable+0x83/0x90
[  315.146714][T20137]  dev_load+0x61/0xc0
[  315.146734][T20137]  dev_ioctl+0x777/0x960
[  315.146768][T20137]  sock_ioctl+0x593/0x610
[  315.146849][T20137]  ? __pfx_sock_ioctl+0x10/0x10
[  315.146872][T20137]  __se_sys_ioctl+0xce/0x140
[  315.146909][T20137]  __x64_sys_ioctl+0x43/0x50
[  315.146942][T20137]  x64_sys_call+0x1816/0x2ff0
[  315.146988][T20137]  do_syscall_64+0xd2/0x200
[  315.147048][T20137]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  315.147079][T20137]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  315.147104][T20137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.147127][T20137] RIP: 0033:0x7f42b4e9eb69
[  315.147157][T20137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.147206][T20137] RSP: 002b:00007f42b34ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  315.147230][T20137] RAX: ffffffffffffffda RBX: 00007f42b50c5fa0 RCX: 00007f42b4e9eb69
[  315.147246][T20137] RDX: 0000200000000000 RSI: 00000000000089f0 RDI: 0000000000000003
[  315.147285][T20137] RBP: 00007f42b34ff090 R08: 0000000000000000 R09: 0000000000000000
[  315.147297][T20137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  315.147309][T20137] R13: 0000000000000000 R14: 00007f42b50c5fa0 R15: 00007ffe3b0b0258
[  315.147337][T20137]  </TASK>
[  315.479312][T20147] openvswitch: netlink: Message has 6 unknown bytes.
[  315.574638][T20123] lo speed is unknown, defaulting to 1000
[  315.738217][T20165] loop3: detected capacity change from 0 to 8192
[  315.836390][T20183] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  315.852225][T20173] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(9)
[  315.858795][T20173] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  315.866619][T20173] vhci_hcd vhci_hcd.0: Device attached
[  315.882961][T20181] vhci_hcd: connection closed
[  315.883710][ T5032] vhci_hcd: stop threads
[  315.892936][ T5032] vhci_hcd: release socket
[  315.897448][ T5032] vhci_hcd: disconnect device
[  315.987698][T20203] 9pnet_fd: Insufficient options for proto=fd
[  315.995157][T20203] __nla_validate_parse: 8 callbacks suppressed
[  315.995177][T20203] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6075'.
[  316.098321][T20207] loop0: detected capacity change from 0 to 512
[  316.107667][T20207] EXT4-fs: Ignoring removed bh option
[  316.113651][T20207] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  316.122929][T20207] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  316.133045][T20207] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  316.142573][T20207] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  316.269040][T20229] loop1: detected capacity change from 0 to 8192
[  316.330696][T20237] loop0: detected capacity change from 0 to 128
[  316.548616][T20251] loop5: detected capacity change from 0 to 512
[  316.556451][T20251] EXT4-fs: Ignoring removed bh option
[  316.562693][T20251] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  316.571846][T20251] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  316.581204][T20251] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  316.592074][T20251] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  316.973048][T20270] lo speed is unknown, defaulting to 1000
[  317.007815][T20270] lo speed is unknown, defaulting to 1000
[  317.091768][T20269] loop4: detected capacity change from 0 to 512
[  317.113514][T20269] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #3: comm syz.4.6102: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  317.159070][T20269] EXT4-fs error (device loop4): ext4_quota_enable:7127: comm syz.4.6102: Bad quota inode: 3, type: 0
[  317.193762][T20269] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  317.220546][T20269] EXT4-fs (loop4): mount failed
[  317.238802][T20278] loop3: detected capacity change from 0 to 1024
[  317.245966][T20278] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  317.278240][T20278] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.6104: Invalid block bitmap block 0 in block_group 0
[  317.294188][T20278] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.6104: Failed to acquire dquot type 0
[  317.305916][T20278] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.6104: Freeing blocks not in datazone - block = 0, count = 4096
[  317.322063][T20278] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.6104: Invalid inode bitmap blk 0 in block_group 0
[  317.335240][T20278] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[  317.344357][T15372] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:31: Failed to release dquot type 0
[  317.356492][T20278] EXT4-fs (loop3): 1 orphan inode deleted
[  317.363532][T20287] sctp: [Deprecated]: syz.0.6107 (pid 20287) Use of int in max_burst socket option deprecated.
[  317.363532][T20287] Use struct sctp_assoc_value instead
[  317.383224][T20278] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  317.440838][T20289] loop1: detected capacity change from 0 to 512
[  317.448043][T20289] EXT4-fs: Ignoring removed bh option
[  317.456975][T20289] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  317.466158][T20289] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  317.478990][T20278] lo speed is unknown, defaulting to 1000
[  317.490595][T20292] loop0: detected capacity change from 0 to 2048
[  317.504744][T20292] EXT4-fs: inline encryption not supported
[  317.514312][T20292] EXT4-fs: Ignoring removed mblk_io_submit option
[  317.517155][T20278] lo speed is unknown, defaulting to 1000
[  317.529520][T20289] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[  317.539480][T20289] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  317.791052][T20309] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  317.801231][T20299] loop3: detected capacity change from 0 to 8192
[  317.973571][T20331] loop4: detected capacity change from 0 to 128
[  317.993159][T20321] loop1: detected capacity change from 0 to 512
[  318.004089][T20331] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6126'.
[  318.006667][T20321] EXT4-fs: Ignoring removed bh option
[  318.021597][T20321] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  318.030770][T20321] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  318.041904][T20321] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[  318.052009][T20321] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  318.062925][T20321] EXT4-fs mount: 69 callbacks suppressed
[  318.062946][T20321] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  318.126108][T19396] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.136914][T18274] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.174236][T20347] loop0: detected capacity change from 0 to 1024
[  318.204134][T20347] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  318.224271][T20345] loop1: detected capacity change from 0 to 8192
[  318.275529][T20347] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  318.316631][T18274] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.339730][T20361] 9pnet_fd: Insufficient options for proto=fd
[  318.346909][T20361] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6138'.
[  318.384036][T20359] loop4: detected capacity change from 0 to 8192
[  318.426238][T20365] loop5: detected capacity change from 0 to 512
[  318.440445][T20365] EXT4-fs: Ignoring removed bh option
[  318.446837][T20365] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  318.456158][T20365] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  318.467857][T20365] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  318.481330][T20378] loop0: detected capacity change from 0 to 128
[  318.495990][T20365] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  318.506921][T20378] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6145'.
[  318.535450][T20365] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  318.561247][T20383] loop4: detected capacity change from 0 to 8192
[  318.604062][T20385] loop0: detected capacity change from 0 to 1024
[  318.631460][T20385] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  318.648096][T20385] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  318.649042][T13770] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.682825][T18274] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.709829][T20394] loop0: detected capacity change from 0 to 512
[  318.723523][T20394] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.739336][T20394] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  318.754784][T20394] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 22 with error 28
[  318.767495][T20394] EXT4-fs (loop0): This should not happen!! Data will be lost
[  318.767495][T20394] 
[  318.777260][T20394] EXT4-fs (loop0): Total free blocks count 0
[  318.783284][T20394] EXT4-fs (loop0): Free/Dirty block details
[  318.789241][T20394] EXT4-fs (loop0): free_blocks=65280
[  318.794585][T20394] EXT4-fs (loop0): dirty_blocks=22
[  318.799723][T20394] EXT4-fs (loop0): Block reservation details
[  318.805772][T20394] EXT4-fs (loop0): i_reserved_data_blocks=22
[  318.825292][T18274] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.856029][T20404] netlink: 268 bytes leftover after parsing attributes in process `syz.0.6155'.
[  318.982642][T20412] loop5: detected capacity change from 0 to 8192
[  319.001867][T20416] loop0: detected capacity change from 0 to 512
[  319.024844][T20416] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.6161: corrupted inode contents
[  319.044680][T20418] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6162'.
[  319.055320][T20416] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.6161: mark_inode_dirty error
[  319.068274][T20416] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.6161: corrupted inode contents
[  319.068868][T20423] validate_nla: 1 callbacks suppressed
[  319.068886][T20423] netlink: 'syz.5.6163': attribute type 21 has an invalid length.
[  319.081755][T20416] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.6161: mark_inode_dirty error
[  319.105396][T20416] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.6161: corrupted inode contents
[  319.117662][T20416] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  319.128291][T20416] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.6161: corrupted inode contents
[  319.145363][T20416] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.6161: mark_inode_dirty error
[  319.158328][T20416] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  319.173320][T20416] EXT4-fs (loop0): 1 truncate cleaned up
[  319.180427][T20416] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  319.193362][ T5032] __quota_error: 1045 callbacks suppressed
[  319.193445][ T5032] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  319.209357][ T5032] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:22: Failed to release dquot type 1
[  319.230017][T20416] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.249701][T20416] netlink: 32 bytes leftover after parsing attributes in process `syz.0.6161'.
[  319.314820][T20441] loop0: detected capacity change from 0 to 1024
[  319.322978][T20441] EXT4-fs: inline encryption not supported
[  319.329041][T20441] EXT4-fs: Ignoring removed bh option
[  319.336806][   T29] audit: type=1326 audit(319.280:33591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20442 comm="syz.3.6172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faffb40eb69 code=0x7ffc0000
[  319.360281][   T29] audit: type=1326 audit(319.280:33592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20442 comm="syz.3.6172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faffb40eb69 code=0x7ffc0000
[  319.383495][   T29] audit: type=1326 audit(319.280:33593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20442 comm="syz.3.6172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faffb40eb69 code=0x7ffc0000
[  319.406853][   T29] audit: type=1326 audit(319.280:33594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20442 comm="syz.3.6172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faffb40eb69 code=0x7ffc0000
[  319.429908][   T29] audit: type=1326 audit(319.280:33595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20442 comm="syz.3.6172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faffb40eb69 code=0x7ffc0000
[  319.453576][   T29] audit: type=1326 audit(319.280:33596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20442 comm="syz.3.6172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faffb40eb69 code=0x7ffc0000
[  319.458979][T20441] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  319.476767][   T29] audit: type=1326 audit(319.280:33597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20442 comm="syz.3.6172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faffb40eb69 code=0x7ffc0000
[  319.476806][   T29] audit: type=1326 audit(319.280:33598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20442 comm="syz.3.6172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faffb40eb69 code=0x7ffc0000
[  319.535644][   T29] audit: type=1326 audit(319.280:33599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20442 comm="syz.3.6172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faffb40eb69 code=0x7ffc0000
[  319.607272][T20447] loop4: detected capacity change from 0 to 8192
[  319.618374][T18274] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.682739][T20457] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  319.791441][T20466] loop3: detected capacity change from 0 to 8192
[  319.904583][T20474] loop4: detected capacity change from 0 to 8192
[  320.056281][T20495] loop5: detected capacity change from 0 to 1024
[  320.063213][T20495] EXT4-fs: inline encryption not supported
[  320.069207][T20495] EXT4-fs: Ignoring removed bh option
[  320.082741][T20495] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  320.100012][T20502] sctp: [Deprecated]: syz.4.6195 (pid 20502) Use of int in max_burst socket option deprecated.
[  320.100012][T20502] Use struct sctp_assoc_value instead
[  320.119362][T20504] netlink: 'syz.3.6199': attribute type 21 has an invalid length.
[  320.258650][T20511] loop4: detected capacity change from 0 to 2048
[  320.260697][T13770] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.265754][T20511] EXT4-fs: inline encryption not supported
[  320.282884][T20511] EXT4-fs: Ignoring removed mblk_io_submit option
[  320.301762][T20506] loop1: detected capacity change from 0 to 8192
[  320.344925][T20519] loop3: detected capacity change from 0 to 1024
[  320.351998][T20511] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  320.374397][T20519] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  320.383012][T20527] loop1: detected capacity change from 0 to 512
[  320.395898][T20527] EXT4-fs: Ignoring removed i_version option
[  320.402873][T20519] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  320.403002][T20527] EXT4-fs (loop1): orphan cleanup on readonly fs
[  320.424672][T20527] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.6207: bg 0: block 131: padding at end of block bitmap is not set
[  320.441424][T20527] EXT4-fs (loop1): Remounting filesystem read-only
[  320.448296][T20527] EXT4-fs (loop1): 1 truncate cleaned up
[  320.455960][T20527] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  320.469817][T19564] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.491324][T19396] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.537252][T20533] loop1: detected capacity change from 0 to 4096
[  320.548004][T20533] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  320.564230][ T3367] IPVS: starting estimator thread 0...
[  320.565043][T20533] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.606203][T20538] netlink: 'syz.0.6211': attribute type 21 has an invalid length.
[  320.624016][T20533] loop1: detected capacity change from 0 to 512
[  320.630840][T20533] EXT4-fs: Ignoring removed nobh option
[  320.643425][T20533] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.6210: corrupted inode contents
[  320.655940][T20533] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #3: comm syz.1.6210: mark_inode_dirty error
[  320.672218][T20533] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.6210: corrupted inode contents
[  320.679833][T20536] IPVS: using max 1872 ests per chain, 93600 per kthread
[  320.685982][T20533] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.6210: mark_inode_dirty error
[  320.703053][T20533] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.6210: Failed to acquire dquot type 0
[  320.715044][T20533] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.6210: corrupted inode contents
[  320.727228][T20533] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.6210: mark_inode_dirty error
[  320.738925][T20533] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.6210: corrupted inode contents
[  320.750015][T20543] loop3: detected capacity change from 0 to 512
[  320.757446][T20533] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.6210: mark_inode_dirty error
[  320.766814][T20543] EXT4-fs: Ignoring removed bh option
[  320.771944][T20533] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.6210: corrupted inode contents
[  320.786501][T20543] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  320.786877][T20533] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  320.795595][T20543] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  320.807174][T20533] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.6210: corrupted inode contents
[  320.814460][T20543] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  320.827609][T20533] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.6210: mark_inode_dirty error
[  320.834454][T20543] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  320.845319][T20533] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  320.855770][T20543] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  320.862890][T20533] EXT4-fs (loop1): 1 truncate cleaned up
[  320.880446][T20533] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  320.896803][T20533] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.919390][T19564] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.929262][T19694] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.039526][T20555] loop3: detected capacity change from 0 to 8192
[  321.056726][T20554] loop4: detected capacity change from 0 to 512
[  321.065870][T20554] EXT4-fs: Ignoring removed bh option
[  321.072110][T20554] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  321.081327][T20554] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  321.102130][T20562] loop1: detected capacity change from 0 to 512
[  321.106434][T20554] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  321.121670][T20554] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  321.132453][T20554] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  321.148793][T20562] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.6220: corrupted inode contents
[  321.163751][T20562] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.6220: mark_inode_dirty error
[  321.175496][T20562] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.6220: corrupted inode contents
[  321.189457][T20562] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.6220: mark_inode_dirty error
[  321.201377][T20562] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.6220: corrupted inode contents
[  321.224087][T20562] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  321.233809][T19694] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.246796][T20562] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.6220: corrupted inode contents
[  321.259135][T20562] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.6220: mark_inode_dirty error
[  321.280137][T20562] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  321.291913][T20562] EXT4-fs (loop1): 1 truncate cleaned up
[  321.298171][T20562] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  321.311224][ T5032] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:22: Failed to release dquot type 1
[  321.325584][T20562] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.345977][T20562] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6220'.
[  321.357916][T20579] sctp: [Deprecated]: syz.5.6225 (pid 20579) Use of int in max_burst socket option deprecated.
[  321.357916][T20579] Use struct sctp_assoc_value instead
[  321.376435][T20576] loop4: detected capacity change from 0 to 512
[  321.385766][T20576] EXT4-fs: Ignoring removed bh option
[  321.394592][T20576] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  321.403727][T20576] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  321.421284][T20584] loop3: detected capacity change from 0 to 8192
[  321.468265][T20576] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  321.477679][T20585] loop5: detected capacity change from 0 to 2048
[  321.490373][T20585] EXT4-fs: inline encryption not supported
[  321.514494][T20585] EXT4-fs: Ignoring removed mblk_io_submit option
[  321.525811][T20576] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  321.544245][T20576] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  321.582201][T19694] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.598743][T20585] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  321.616650][T20592] loop3: detected capacity change from 0 to 8192
[  321.632030][T20598] loop1: detected capacity change from 0 to 1024
[  321.639195][T20598] EXT4-fs: inline encryption not supported
[  321.645457][T20598] EXT4-fs: Ignoring removed bh option
[  321.671882][T20598] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  321.733410][T20612] netlink: 'syz.4.6240': attribute type 21 has an invalid length.
[  321.834559][T19396] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.846037][T20616] loop0: detected capacity change from 0 to 8192
[  321.977757][T20644] netlink: 'syz.1.6253': attribute type 21 has an invalid length.
[  322.049202][T20639] loop0: detected capacity change from 0 to 8192
[  322.094561][T13770] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.197709][T20658] loop0: detected capacity change from 0 to 8192
[  322.251461][T20673] netlink: 'syz.0.6268': attribute type 21 has an invalid length.
[  322.277240][T20674] loop5: detected capacity change from 0 to 4096
[  322.292179][T20674] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  322.309474][T20674] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.332313][T20674] FAULT_INJECTION: forcing a failure.
[  322.332313][T20674] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  322.345998][T20674] CPU: 1 UID: 0 PID: 20674 Comm: syz.5.6267 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  322.346097][T20674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  322.346112][T20674] Call Trace:
[  322.346119][T20674]  <TASK>
[  322.346129][T20674]  __dump_stack+0x1d/0x30
[  322.346157][T20674]  dump_stack_lvl+0xe8/0x140
[  322.346182][T20674]  dump_stack+0x15/0x1b
[  322.346301][T20674]  should_fail_ex+0x265/0x280
[  322.346361][T20674]  should_fail+0xb/0x20
[  322.346399][T20674]  should_fail_usercopy+0x1a/0x20
[  322.346426][T20674]  strncpy_from_user+0x25/0x230
[  322.346470][T20674]  ? __kmalloc_cache_noprof+0x189/0x320
[  322.346512][T20674]  __se_sys_memfd_create+0x1ff/0x590
[  322.346606][T20674]  __x64_sys_memfd_create+0x31/0x40
[  322.346627][T20674]  x64_sys_call+0x2abe/0x2ff0
[  322.346649][T20674]  do_syscall_64+0xd2/0x200
[  322.346680][T20674]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  322.346717][T20674]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  322.346747][T20674]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.346802][T20674] RIP: 0033:0x7f42b4e9eb69
[  322.346822][T20674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.346844][T20674] RSP: 002b:00007f42b34fee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  322.346863][T20674] RAX: ffffffffffffffda RBX: 0000000000000512 RCX: 00007f42b4e9eb69
[  322.346876][T20674] RDX: 00007f42b34feef0 RSI: 0000000000000000 RDI: 00007f42b4f22784
[  322.346888][T20674] RBP: 0000200000000380 R08: 00007f42b34febb7 R09: 00007f42b34fee40
[  322.346905][T20674] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000980
[  322.346984][T20674] R13: 00007f42b34feef0 R14: 00007f42b34feeb0 R15: 0000200000000100
[  322.347008][T20674]  </TASK>
[  322.592541][T20698] loop4: detected capacity change from 0 to 512
[  322.599438][T20698] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  322.641461][T20695] loop5: detected capacity change from 0 to 512
[  322.643138][T20699] loop3: detected capacity change from 0 to 8192
[  322.648570][T20695] EXT4-fs: Ignoring removed bh option
[  322.661582][T20695] ==================================================================
[  322.669706][T20695] BUG: KCSAN: data-race in find_get_block_common / has_bh_in_lru
[  322.677466][T20695] 
[  322.679845][T20695] read-write to 0xffff888237c26f50 of 8 bytes by task 20699 on cpu 0:
[  322.688017][T20695]  find_get_block_common+0x4f0/0x960
[  322.693349][T20695]  bdev_getblk+0x83/0x3b0
[  322.697711][T20695]  __bread_gfp+0x51/0x250
[  322.702070][T20695]  fat_get_entry+0x46e/0x5d0
[  322.706701][T20695]  fat_subdirs+0xf6/0x190
[  322.711069][T20695]  fat_read_root+0x316/0x360
[  322.715687][T20695]  fat_fill_super+0x15bf/0x1ce0
[  322.720573][T20695]  vfat_fill_super+0x24/0x30
[  322.725202][T20695]  get_tree_bdev_flags+0x28e/0x300
[  322.730350][T20695]  get_tree_bdev+0x1f/0x30
[  322.734788][T20695]  vfat_get_tree+0x1c/0x30
[  322.739250][T20695]  vfs_get_tree+0x57/0x1d0
[  322.743700][T20695]  do_new_mount+0x207/0x5e0
[  322.748232][T20695]  path_mount+0x4a4/0xb20
[  322.752593][T20695]  __se_sys_mount+0x28f/0x2e0
[  322.757392][T20695]  __x64_sys_mount+0x67/0x80
[  322.762195][T20695]  x64_sys_call+0x2b4d/0x2ff0
[  322.766915][T20695]  do_syscall_64+0xd2/0x200
[  322.771454][T20695]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.777397][T20695] 
[  322.779770][T20695] read to 0xffff888237c26f50 of 8 bytes by task 20695 on cpu 1:
[  322.787947][T20695]  has_bh_in_lru+0x35/0x1f0
[  322.792569][T20695]  smp_call_function_many_cond+0x2a9/0xc60
[  322.798419][T20695]  on_each_cpu_cond_mask+0x3c/0x80
[  322.803561][T20695]  invalidate_bh_lrus+0x2a/0x30
[  322.808452][T20695]  set_blocksize+0x24f/0x310
[  322.813073][T20695]  sb_set_blocksize+0x7a/0x100
[  322.817962][T20695]  ext4_fill_super+0x12ab/0x34e0
[  322.822951][T20695]  get_tree_bdev_flags+0x28e/0x300
[  322.828100][T20695]  get_tree_bdev+0x1f/0x30
[  322.832544][T20695]  ext4_get_tree+0x1c/0x30
[  322.837005][T20695]  vfs_get_tree+0x57/0x1d0
[  322.841560][T20695]  do_new_mount+0x207/0x5e0
[  322.846079][T20695]  path_mount+0x4a4/0xb20
[  322.850424][T20695]  __se_sys_mount+0x28f/0x2e0
[  322.855139][T20695]  __x64_sys_mount+0x67/0x80
[  322.859741][T20695]  x64_sys_call+0x2b4d/0x2ff0
[  322.864431][T20695]  do_syscall_64+0xd2/0x200
[  322.868947][T20695]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.874875][T20695] 
[  322.877298][T20695] value changed: 0xffff888118d75478 -> 0xffff888118e5f750
[  322.884845][T20695] 
[  322.887176][T20695] Reported by Kernel Concurrency Sanitizer on:
[  322.893340][T20695] CPU: 1 UID: 0 PID: 20695 Comm: syz.5.6277 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) 
[  322.905504][T20695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  322.915569][T20695] ==================================================================
[  322.931468][T20695] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  322.940745][T20695] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  322.970232][T20695] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  322.991736][T20695] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  323.007718][T20695] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  323.025797][T20703] lo speed is unknown, defaulting to 1000
[  323.101151][T20703] lo speed is unknown, defaulting to 1000
[  323.137184][T13770] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.