last executing test programs:

3.3303413s ago: executing program 3 (id=920):
r0 = getpid()
setreuid(0xee00, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
unshare(0x20000)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4206, r2)
ptrace(0x4207, r2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000280)={'sit0\x00', &(0x7f0000000180)={'syztnl2\x00', <r7=>0x0, 0x80, 0x80, 0xfffffffe, 0x2c, {{0x7, 0x4, 0x0, 0x0, 0x1c, 0x66, 0x0, 0xc, 0x4, 0x0, @multicast2, @rand_addr=0x64010101, {[@generic={0x7, 0x8, "ed29b1ca589f"}]}}}}})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', r7, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
r9 = add_key(&(0x7f0000000080)='user\x00', &(0x7f0000000000)={'syz', 0x2}, &(0x7f0000000040)='9', 0x1, 0xfffffffffffffffc)
keyctl$chown(0x4, r9, 0xee00, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
syz_clone3(&(0x7f00000008c0)={0x15340180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[r0], 0x1}, 0x58)

2.418343526s ago: executing program 3 (id=932):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4808000010001fff3a4ee9bfd5c3a3696c40af0b", @ANYRES32=0x0], 0x3}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0)

2.329089636s ago: executing program 2 (id=938):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000380)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x33, 0x0, @private, @broadcast}, {0x0, 0x0, 0x8}}}}}, 0x0)

2.294085136s ago: executing program 2 (id=939):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
write$cgroup_subtree(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="8fedcb5d07081175f37538e486dd6372ce22fdb911"], 0xfdef)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
syz_io_uring_setup(0x10b, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x20, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
write(r5, &(0x7f0000000240)="2338dcfa67c78a50095e74401b6cc0914ab28f7554d2f66e4932ccbd9df4aa717439252e20a2196296f5328f0800000000d05807f47d5d5db836f81553dae5", 0xfffffd5f)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x18)
ioctl$TCSETA(r5, 0x5406, &(0x7f0000000440)={0xf048, 0x9, 0x2, 0x6, 0x14})

1.829632649s ago: executing program 0 (id=944):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_BEACON(r3, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="2b03000000649f131a250500ca5a9677bbebb26c765845e5eb98a2a90000080003004e53cff471332dafdb2c61d0962b26fabd8c5719b8224c87fc0dd8346e5f64cb532eb9ca905c2278048dc8125880895837636d15de08478b325b33d288342c9eebaec9dabd9399a65e67d71e56125fbfa12d34890f1aafa7469555d3622bad1e662da69d9f83bf848455bcf550cf8c949a840cb31d005153637c5636eb4c2e74f91bae5a32e94cabdca9beb8606e1348fb71fda7b182314a808ab31cf9432573b8e0bf43d2f61c37eea66c5a8c3db9a043ac9825a7ea284892607c679eeadb0a1aa2afc7c4776d1b073abcc142d8feafd457e1643a8320a3fd9e0a4d724df105c55a92d3aec6bc1e4d3a3b378daa1c7c2e0aa7326dbccb80eb0f757f185f0805076bddb10e662cecc96959bab8", @ANYRES8, @ANYBLOB="0c00990000000000ffffff"], 0x28}, 0x1, 0x0, 0x0, 0x24048014}, 0x0)

1.798342169s ago: executing program 4 (id=945):
r0 = getpid()
setreuid(0xee00, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
unshare(0x20000)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4206, r2)
ptrace(0x4207, r2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000280)={'sit0\x00', &(0x7f0000000180)={'syztnl2\x00', <r7=>0x0, 0x80, 0x80, 0xfffffffe, 0x2c, {{0x7, 0x4, 0x0, 0x0, 0x1c, 0x66, 0x0, 0xc, 0x4, 0x0, @multicast2, @rand_addr=0x64010101, {[@generic={0x7, 0x8, "ed29b1ca589f"}]}}}}})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', r7, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
r9 = add_key(&(0x7f0000000080)='user\x00', &(0x7f0000000000)={'syz', 0x2}, &(0x7f0000000040)='9', 0x1, 0xfffffffffffffffc)
keyctl$chown(0x4, r9, 0xee00, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
syz_clone3(&(0x7f00000008c0)={0x15340180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[r0], 0x1}, 0x58)

1.797371089s ago: executing program 0 (id=946):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x9, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = syz_open_procfs(0x0, &(0x7f00000009c0)='net/connector\x00')
move_mount(r0, &(0x7f0000000080)='./mnt\x00', r0, &(0x7f0000000100)='./mnt\x00', 0x65)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vxcan0\x00', <r2=>0x0})
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f0000000440)={0x1d, r2}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000f00)=@newtfilter={0x24, 0x11, 0x1, 0x70bd2c, 0x0, {0x0, 0x0, 0x74, r2, {0xfff1}, {}, {0xb}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8040}, 0x0)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000400), 0x4)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000940)={0x1b, 0x0, 0x0, 0xfffffff9, 0x0, r0, 0x7, '\x00', r2, r5, 0x3, 0x3, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
socket$inet6_udp(0xa, 0x2, 0x0)
r6 = syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1c, 0xc, &(0x7f00000000c0)=ANY=[@ANYRESHEX=0x0, @ANYRES32, @ANYRESHEX=r6], 0x0, 0x5, 0x0, 0x0, 0x0, 0x4b, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000140)='kfree\x00'}, 0x18)
r7 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r7, &(0x7f0000004cc0)={0x2, 0x0, @private=0xa010102}, 0x10)
listen(r7, 0x8)
r8 = accept4(r7, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x5a1c}, 0x1, 0x0, 0x0, 0x20000411}, 0x4)
write$binfmt_elf64(r8, &(0x7f0000000240)=ANY=[], 0x78)
sendmsg$nl_route(r0, &(0x7f00000008c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000880)={&(0x7f0000000b40)=@bridge_getlink={0x13c, 0x12, 0x44c, 0x70bd29, 0x25dfdbfb, {0x7, 0x0, 0x0, 0x0, 0x24004, 0x20008}, [@IFLA_GSO_MAX_SEGS={0x8, 0x28, 0xfe3}, @IFLA_CARRIER={0x5, 0x21, 0x9}, @IFLA_LINK_NETNSID={0x8, 0x25, 0x2}, @IFLA_EVENT={0x8, 0x2c, 0x9}, @IFLA_AF_SPEC={0xec, 0x1a, 0x0, 0x1, [@AF_MPLS={0x4}, @AF_INET={0x10, 0x2, 0x0, 0x1, {0xc, 0x1, 0x0, 0x1, [{0x8, 0x20, 0x0, 0x0, 0xb}]}}, @AF_INET6={0x3c, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5, 0x8, 0x2}, @IFLA_INET6_ADDR_GEN_MODE={0x5, 0x8, 0x6}, @IFLA_INET6_TOKEN={0x14, 0x7, @loopback}, @IFLA_INET6_TOKEN={0x14, 0x7, @private1={0xfc, 0x1, '\x00', 0x1}}]}, @AF_INET={0x18, 0x2, 0x0, 0x1, {0x14, 0x1, 0x0, 0x1, [{0x8, 0x6, 0x0, 0x0, 0x101}, {0x8, 0x4, 0x0, 0x0, 0x6}]}}, @AF_INET={0x38, 0x2, 0x0, 0x1, {0x34, 0x1, 0x0, 0x1, [{0x8, 0x1e, 0x0, 0x0, 0x1}, {0x8, 0x11, 0x0, 0x0, 0x5}, {0x8, 0x1d, 0x0, 0x0, 0x2}, {0x8, 0x11, 0x0, 0x0, 0x2}, {0x8, 0x12, 0x0, 0x0, 0x8}, {0x8, 0x14, 0x0, 0x0, 0x8001}]}}, @AF_BRIDGE={0x4}, @AF_MPLS={0x4}, @AF_MPLS={0x4}, @AF_BRIDGE={0x4}, @AF_INET={0x38, 0x2, 0x0, 0x1, {0x34, 0x1, 0x0, 0x1, [{0x8, 0x6, 0x0, 0x0, 0x1ff}, {0x8, 0x18, 0x0, 0x0, 0x80}, {0x8, 0x10, 0x0, 0x0, 0x80}, {0x8, 0x1b, 0x0, 0x0, 0x2}, {0x8, 0x8, 0x0, 0x0, 0x6}, {0x8, 0x1d, 0x0, 0x0, 0x4}]}}]}, @IFLA_WEIGHT={0x8, 0xf, 0x100}, @IFLA_CARRIER_CHANGES={0x8, 0x23, 0x6}]}, 0x13c}, 0x1, 0x0, 0x0, 0x40}, 0x20000810)
sendto$inet(r8, &(0x7f0000000280)="e3b6e715", 0x4, 0x40040c0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r8, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x2}, 0x8)
openat$dir(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x0, 0x0)
pidfd_getfd(0xffffffffffffffff, r6, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000a40)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x9}}, {@nodioread_nolock}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
chown(&(0x7f0000000340)='./file0\x00', 0xee01, 0x0)
listxattr(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)

1.386153012s ago: executing program 3 (id=947):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000300)=0x6)
ioctl$int_in(0xffffffffffffffff, 0x5421, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
rt_sigtimedwait(&(0x7f0000000040), 0x0, &(0x7f0000000080)={0x77359400}, 0x8)
ioctl$TIOCSETD(r2, 0x5423, 0x0)
r3 = open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0)
sendfile(r3, r3, &(0x7f0000000240), 0x7f06)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mq_notify(r3, &(0x7f00000000c0)={0x0, 0x3e, 0x4, @tid=r4})
ioctl$TIOCPKT(r2, 0x5420, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x6)
r6 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000600)={'team0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x90, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4]}}}}, @TCA_RATE={0x6, 0x5, {0xfe}}]}, 0x90}}, 0x0)

1.287454563s ago: executing program 0 (id=949):
r0 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100002001800000000000000000008500"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000200), &(0x7f0000000280)={'L-', 0x2}, 0x16, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x38, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xc, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}]}]}], {0x14}}, 0x60}, 0x1, 0x0, 0x0, 0x200000d0}, 0x0)
gettid()
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r3}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = socket(0x10, 0x3, 0x0)
write(r5, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000003c0000000000000008000f0001000000", 0x24)

1.202301173s ago: executing program 0 (id=951):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x1a)
r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40047211, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x2, 0x2401})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x1b, 0x0, '.\x00'}})
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$kcm(0x1e, 0x5, 0x0)
sendmsg$kcm(r4, &(0x7f00000014c0)={&(0x7f0000001540)=@tipc=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x80, 0x0}, 0x20000004)
recvmsg$kcm(r4, 0x0, 0x0)
sendmsg$kcm(r4, 0x0, 0x20044085)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r5 = io_uring_setup(0xad5, &(0x7f0000000100))
close(r5)
clock_nanosleep(0x2, 0x0, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)
creat(&(0x7f00000008c0)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000d40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x200, 0x1)
rename(&(0x7f0000000a00)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000001040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000080)={0x0, <r7=>0x0}, &(0x7f00000000c0)=0xc)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="050000000000000000000000fcffffff021400b99c23db4a7bebb2578f9b857dc99d44f4dc9a49069f15d1d7390e8cafa4f59296900b5355ccaac500"/72, @ANYRES32=r7, @ANYRES32=r7, @ANYBLOB], 0x28}}, 0x0)

1.092252003s ago: executing program 2 (id=954):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000030000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0xfffffffffffffffb, 0xfffffffffffffffe, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210090, &(0x7f0000000340)={[{@jqfmt_vfsv1}, {}, {@barrier_val}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@stripe={'stripe', 0x3d, 0x5}}, {@dioread_lock}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x441, 0x108)
fallocate(r2, 0x20, 0x0, 0x8000)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@can_newroute={0x1c, 0x18, 0x1, 0x80, 0x25dfdbfe, {}, [@CGW_LIM_HOPS={0x5, 0xd, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c00000a010400000000000000000100000008000a40001000000000000000797a32000000000900010073797a300000000008000540000000104c0000000e0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000200003801c00008018000180140001008c7457ff8f99b8233ba7d81496e1da69140000001000010000000000000000000000000a0000"], 0xd0}}, 0x0)

855.986395ms ago: executing program 4 (id=955):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x6, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000002c0), 0xffffffffffffffff)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r4, &(0x7f0000001400)={@val={0x0, 0x86dd}, @val={0x0, 0x4, 0x11, 0x4}, @mpls={[], @ipv6=@gre_packet={0xe, 0x6, "ec00be", 0x44, 0x2f, 0x1, @ipv4={'\x00', '\xff\xff', @loopback}, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x3}, {0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x1}, {0x8, 0x88be, 0x2, {{0x6, 0x1, 0x9, 0x2, 0x1, 0x0, 0x0, 0x5}, 0x1, {0x10}}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x4, 0x0, 0x0, 0x2, 0x7, 0x8}, 0x2, {0x2, 0x4, 0x0, 0x5, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x2}}}}}}, 0x7a)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000100)={'batadv0\x00', <r6=>0x0})
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000ec0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000e80)={<r9=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r7, &(0x7f00000000c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e23, 0xfff, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3b}}, 0x9}, r9}}, 0x30)
sendmsg$BATADV_CMD_TP_METER(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000200000008000b00000000000a000900aaaaaaaaaaaa000008000300", @ANYRES32=r6], 0x30}}, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000000, &(0x7f0000000a00)={[{@journal_dev={'journal_dev', 0x3d, 0x3bd}}, {@sysvgroups}, {@max_batch_time={'max_batch_time', 0x3d, 0x3ff}}, {@nojournal_checksum}, {@usrquota}, {@dioread_nolock}, {@nodiscard}], [{@fowner_lt={'fowner<', 0xee00}}]}, 0x21, 0x4be, &(0x7f0000000ac0)="$eJzs3cFvVFsZAPDv3ra0lEKLslCjgoiiIcy0AzSEFW40hpAYiSsXUNuhaTrTaTpTpJVF+R9MJHGlf4ILExcmrNy7050bXJigEg19yVvMy70zLaV02vIoMy+d3y+5uefcQ/udM5N7zsxHZ04AfetCRGxExImIeBAR4+3rSfuI260j+3evXz2Z3Xz1ZDaJZvPef5K8PbsWO34mc6r9O0ci4qc/ivhF8m7c+tr64kylUl5p14uN6nKxvrZ+daE6M1+eLy+VStNT05M3r90oHdlYz1f/8PKHC3d+9uc/fePFXze+/6usW2Pttp3jOEqtoQ9tx8kMRsSdjxGsBwba4znR647wuaQR8aWIuJjf/+MxkD+bAMBx1myOR3N8Z/2NwV11AOB4SPMcWJIW2rmAsUjTQqGVwzsXo2mlVm9ceVhbXZpr5comYih9uFApT7ZzhRMxlGT1qbz8pl7aVb8WEWcj4tfDJ/N6YbZWmevlCx8A6GOndq3//x9urf8AwDE30usOAABdZ/0HgP6z7/o/0L1+AADd4/0/APQf6z8A9B/rPwD0H+s/APSVn9y9mx3Nzfb3X889WltdrD26OleuLxaqq7OF2drKcmG+VpvPv7OnetDvq9Rqy1PXY/VxsVGuN4r1tfX71drqUuN+/r3e98tDXRkVALCfs+ef/z2JiI1bJ/MjduzlYK2G4y3tdQeAnvHpPuhfdvuC/uU9PrDHFr1v6fgnQs+Ovi9Ad1z+qvw/9Cv5f+hf8v/Qv7bz/wclAIBjp9lM7PEPAH1Gjh/w//8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw/sbyI0kL7b3AxyJNC4WI0xExEUPJw4VKeTIizkTE34aHhrP6VK87DQB8oPRfSXv/r8vjl8Z2t55IPhnOzxHxy9/e+83jmUZjZSq7/t/t641n7eulXvQfADjI1jq9tY5vef3qyezW0c3+vPxBa3PRLO5m+2i1DMZgfh6JoYgY/V/Srrdkr1cGjiD+xtOI+Mpe40/y3MhEe+fT3fGz2Ke7Gj99K36at7XO2WPx5SPoC/Sb59n8c3uv+y+NC/l57/t/JJ+hPtzW/Lf5zvyXbs9/Ax3mvwuHjXH9Lz/u2PY04muDe8VPtuMnHeJfOmT8f3z9mxc7tTV/F3E59o6/M1axUV0u1tfWry5UZ+bL8+WlUml6anry5rUbpWKeoy5uZarf9e9bV87sN/7RDvFHDhj/dw45/t9/+uDn39on/ve+vffzf26f+Nma+N1Dxp8Z/WPH7buz+HMdxn/Q83/lkPFf/HN9Li8MH/IHAICPqr62vjhTqZRXFI6sMPFej+rAF6LPCgpvF3o9MwEf25ubvtc9AQAAAAAAAAAAAAAAOunGx4l6PUYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOr88CAAD//5XT1B4=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000640)='memory.events\x00', 0x275a, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mknod$loop(&(0x7f0000000080)='./file0/bus\x00', 0x6210, 0x0)

852.881635ms ago: executing program 0 (id=965):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0xf, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})

785.723985ms ago: executing program 0 (id=958):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4808000010001fff3a4ee9bfd5c3a3696c40af0b", @ANYRES32=0x0], 0x3}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0)

679.733516ms ago: executing program 2 (id=961):
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x29c500a, 0x0, 0x4, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000480)=ANY=[@ANYBLOB='S\x00\x00\x00\a'], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cachetag={'cachetag', 0x3d, '@,)/'}}, {@cache_readahead}, {@dfltuid}, {@nodevmap}], [], 0x6b}})

666.520796ms ago: executing program 2 (id=962):
r0 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100002001800000000000000000008500"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000200), &(0x7f0000000280)={'L-', 0x2}, 0x16, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x38, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xc, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}]}]}], {0x14}}, 0x60}, 0x1, 0x0, 0x0, 0x200000d0}, 0x0)
gettid()
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r3}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = socket(0x10, 0x3, 0x0)
write(r5, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000003c0000000000000008000f0001000000", 0x24)

649.480636ms ago: executing program 4 (id=963):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000380)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x33, 0x0, @private, @broadcast}, {0x0, 0x0, 0x8}}}}}, 0x0)

632.814366ms ago: executing program 4 (id=964):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
timer_getoverrun(0x0)

631.959496ms ago: executing program 1 (id=966):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a500000008000000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r2, &(0x7f0000001500)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f00000002c0)="89", 0x1}], 0x1, &(0x7f0000000e40)=ANY=[], 0xd0}}], 0x1, 0x4008094)
close(r2)
r3 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r3, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001)
sendmsg(r3, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000780)="a9", 0xfffffdef}], 0x1}, 0x0)

530.535867ms ago: executing program 2 (id=967):
r0 = getpid()
setreuid(0xee00, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
unshare(0x20000)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4206, r2)
ptrace(0x4207, r2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000280)={'sit0\x00', &(0x7f0000000180)={'syztnl2\x00', <r7=>0x0, 0x80, 0x80, 0xfffffffe, 0x2c, {{0x7, 0x4, 0x0, 0x0, 0x1c, 0x66, 0x0, 0xc, 0x4, 0x0, @multicast2, @rand_addr=0x64010101, {[@generic={0x7, 0x8, "ed29b1ca589f"}]}}}}})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', r7, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
r9 = add_key(&(0x7f0000000080)='user\x00', &(0x7f0000000000)={'syz', 0x2}, &(0x7f0000000040)='9', 0x1, 0xfffffffffffffffc)
keyctl$chown(0x4, r9, 0xee00, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
syz_clone3(&(0x7f00000008c0)={0x15340180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[r0], 0x1}, 0x58)

530.127907ms ago: executing program 4 (id=968):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_BEACON(r3, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="2b03000000649f131a250500ca5a9677bbebb26c765845e5eb98a2a90000080003004e53cff471332dafdb2c61d0962b26fabd8c5719b8224c87fc0dd8346e5f64cb532eb9ca905c2278048dc8125880895837636d15de08478b325b33d288342c9eebaec9dabd9399a65e67d71e56125fbfa12d34890f1aafa7469555d3622bad1e662da69d9f83bf848455bcf550cf8c949a840cb31d005153637c5636eb4c2e74f91bae5a32e94cabdca9beb8606e1348fb71fda7b182314a808ab31cf9432573b8e0bf43d2f61c37eea66c5a8c3db9a043ac9825a7ea284892607c679eeadb0a1aa2afc7c4776d1b073abcc142d8feafd457e1643a8320a3fd9e0a4d724df105c55a92d3aec6bc1e4d3a3b378daa1c7c2e0aa7326dbccb80eb0f757f185f0805076bddb10e662cecc96959bab8", @ANYBLOB="0c00990000000000ffffffff"], 0x28}, 0x1, 0x0, 0x0, 0x24048014}, 0x0)

505.700277ms ago: executing program 1 (id=969):
openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x17, 0x8, &(0x7f00000031c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070015006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa80b0b8ed8fb1ec577c377f627daaf787a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bdeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aab926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb155481ef836eb0f8c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaed2b25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe514283707c70600000000000000b7561301bb997316db01ee601f2c9659db9bc04f7089a660d8dcc3ae83169cf331efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61ee2010000294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bfe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b2b458c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff00004043060000005dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df40600000000000000e9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c742eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd946ffffffffffffffff1389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f700400fa0c61d5fe6d8ff353f631080405547d65375ae04f44f0c2543c772c5ccb137be7dc87746e1785a8214454d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b036e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e010000005a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb3985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1428c0805b4031a667e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a9cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab9100781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c1227c8bed10591958c906321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b863af34bac64c247672a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f27080ece2a94c360b002c77f82662675a7713c7067081cac1599a998c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e90000000000000000008faf2cddffbfa66bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942ce18e57bb7f337df5435bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de286553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c03f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c872a4882d21db2046a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265441d513a1294b8439276394945d94a589708e32a1cb30a8b07b391201385e0b92ecbb7b13d7a87284164018ace6ce58a82c5de321452461089cdd69259f5390f5f508646a524490583c30630bedb47e158ad41c0a653e86a4f4f255cd2a6e95f33b586823aef5564d9de1f5bdd8c80e193f0597b8003860302cd243c00bc5a82c52afb115d16258d507937966bb89409d6d47b8b652d0761d7c72875ae1efb9bc7c6807c2d783e31fd9cd7e84d3d50d8fc44ab8ac9ccd2c0d42e3bd4c029241320446bbf47e23d1320de30fbdf7ed13f80c28fb5c13fccc2e3f73509bdcddad8a2fe48cdd61f2f43611704af64eed8b0cbbd08754f93b8f3d6347aad5cde1ccc5cbd5eaa87e52cea257c856a4af5243eeb5e89f0000000000000000f420df5e4c6d856b3d55e455c08110b2ef4255a38f81555e8e1f22d59c0bc3c9013e66a1f5bda1b695e1602c0afb5c35b2f68f3b151b1e869f40ff4d1bef5e926e1ff95f6321131e4cb797f53455a093a95e67605222d6acc29c46e5db1ef3b8b07e2169fb24ced4b3ae87ebeca06df93212e465bbd1a7e41df2e1a0d508f86cfc7a469ac682685c44692877d03c34c23a65d2677acc73b5d276fdebd685c9b7a079eae228d8426188cb19b083548f5f29e493ab079f33d1965dcbb165015c46998ad410d60cc65fcfa73bd65a43fc024455c4bf530d663976cf71490577251780ab6b1cf8d397444b5be575229f687a3d95ea6b2aa62fce8acb3d4a6a130b4fefa55d0c1d6f3fa448ee24e588e2965c9a442f0baf90923dda91a6850fb7b9c7f432b63001423fedcf053fa28024cc9a178a07042dabc07176fc524032c2edb340c9c18a83565c431aeb0c869683507255254430f90f61e4eca9c8fa98c000b35fec357ee1ebd08439bd95c1ab0753dfd2603d1608bd8c589a1e160000a6ee0ad13346e08738c2d7b00b5d121d918f1dc8bceded939fa8605b54b37cdfcea0bf2bc63e655dc04a2e50212ff89d6587d49896ce18916cf3adc12839c345ca91bb232b891fae2fdd68aaa38281c0feb2c107af3e080d6cdd1c6646ec6804d7e9960c02aa0db9eda24bbcb287fd2a890fa7f9d6ae0c0b1f8dd1603c9ea2f66b572276f96a28b5b6dd9f9bf6ad4bdaa2139b90faf1f40b0f141258578bd825daaaf718d21b7ac05fe5d1b699e5422ca341fe1c944f68fe3a6d783dcf30b0e09d7688f696883b61cb64464b04d351a0a69b0733c348049b0430ed40e200f4ff0000000000000000000000996bcc1b721b152c892fab887e7d20466d90c049c0fdf51dcc16d226a2619c6f47bc25b7f5df5c09fed638922ed127ab36aa7b0c58a2ce5894b1b0f5375d340d96b69b966b05daaf585121a9c7605ed8e9964eef1f14b74cbb2ccdadc6d0b77cf0492b75e1cd11bfdcfddde91b20366715ba0cbe1041be2a65c25d7ca15ef8b71bd2ab9a4294899a1964b0152518fc2ac15a728bcb9e2bc4b551dfdf9011a2a607bc39ad2c4d7c64dcf967724e9b63c397d5265ad3f1da4395a5a800d8845257dcbf210d4f00fe0bd3deed05e506736e6bb6d40ee6cb960bcdb33633ee87f82beb665a9a4c2d4d2b06479ade3a4cd6bba765c9f52b52a0bdd0849ab92baae3775570accb5a57ee9f0035fc6d3df4eebec2e7eb4ff863d3979a20f4428ddca471037b49d4fd130743a97faa02c293b721e52bf53d64c6585e138162331ef98792e1e9b21a6a084fb7b42c64062ef1323a8a65a8ed6038f274f28ff4f78136a1ef108efbe8c4f4e347d50dcdbc33bf3ade4c3a39d316061930d7dd39b8acdecc3f27830e3eda40e648328d95a9aee65a9dd09fd4e96d5b852025dc53ec3f30cc753e6a796084b4e34f521dbb230ae0f3b79142073d437e1fd22d3b7503ffa95b1d5c7740b0ecbfd35dc0f8af895583dfcc2689f6e02c2dd4b57f3dcac54f40da013eb221fa3d65de760576031052c25a96ed4b20230b36d46d3d3fd6bb1d77cc8a48a6b10fa0149e55ccde4a2b26cca2d1ca9191c74ab006a602543fc24d1283e353cfb917620000000024bf3eed258c02a591ec4cd295212d9a98d38745f6f6c4530900000000000000f184f239098bf32551c7cf454e2865974f6520112743f73c619c3cab5609e00178f7393e53462f31559220c026bbde09837bf1b3ffe748a3247c9569f0c5e99f4494f93e0fa1badca90c888616eca97bddabd8003fc12a084d4b11d841979e161b998ddda92f194c4ec7947b7b303be11e0962d429a2c542a28c4932e14c123dfe2b8ec47a11cce134fd6e42a9f4e00ab6de6b45"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='ib_mad_send_done_handler\x00', r0}, 0x18)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f0000000080)=0x2, 0x4)
sendto$inet6(r1, 0x0, 0x0, 0x200c8004, &(0x7f0000000280)={0xa, 0x4e22, 0x0, @mcast2}, 0x4d)
sendto$inet6(r1, &(0x7f00000009c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d824082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c398be3bbddb23a1e", 0xffd6, 0xc001, 0x0, 0xffffffffffffff0c)
socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002a00)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sysvipc/msg\x00', 0x0, 0x0)
preadv(r3, &(0x7f0000001540)=[{&(0x7f0000000100)=""/154, 0x9a}], 0x1, 0x3, 0x6)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='signal_generate\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x8000000000000000}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffffb6, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
recvmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)=[{0x0}, {&(0x7f0000000340)=""/87, 0x57}], 0x2}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89f1, &(0x7f0000000080))
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x89f2, &(0x7f0000000080))
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r8}, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x40)
r9 = gettid()
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc))

505.015917ms ago: executing program 4 (id=970):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x679fd000)
r2 = syz_clone(0x8900000, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r2, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0) (fail_nth: 4)
dup(0xffffffffffffffff)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, 0xffffffffffffffff, 0x0)

374.879057ms ago: executing program 3 (id=971):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0xf, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})

374.503518ms ago: executing program 1 (id=972):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x29c500a, 0x0, 0x4, 0x0, &(0x7f0000000000))
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000"], 0x15)
r0 = dup(0xffffffffffffffff)
write$P9_RLERRORu(r0, &(0x7f0000000480)=ANY=[@ANYBLOB='S\x00\x00\x00\a'], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@cachetag={'cachetag', 0x3d, '@,)/'}}, {@cache_readahead}, {@dfltuid}, {@nodevmap}], [], 0x6b}})

374.153167ms ago: executing program 3 (id=973):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0xf, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})

355.600978ms ago: executing program 1 (id=974):
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x29c500a, 0x0, 0x4, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000480)=ANY=[@ANYBLOB='S\x00\x00\x00\a'], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cachetag={'cachetag', 0x3d, '@,)/'}}, {@cache_readahead}, {@dfltuid}, {@nodevmap}], [], 0x6b}})

338.071748ms ago: executing program 3 (id=975):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="1801000000001f00000000000000ea1f850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x800000000000002, 0x0)
close(r2)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x1e, &(0x7f0000000080)=0x400000001, 0x4)
setsockopt$inet6_tcp_int(r3, 0x6, 0x22, &(0x7f0000356000)=0x1, 0x4)
connect$inet6(r3, &(0x7f0000000340)={0xa, 0x4e23, 0x0, @loopback, 0x4}, 0x1c)
sendto$inet6(r2, 0x0, 0x241, 0x4040880, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r4 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
fcntl$notify(r4, 0x402, 0x29)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8914, &(0x7f0000000080))
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000000100000024000180060005004e230000060001000200000008000300ac1414aa0800060001"], 0x38}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000580)={0x14, r7, 0x1, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x890)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r5, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)={0x34, r7, 0x2, 0x70bd26, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x6}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x8}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x80)
r8 = syz_open_procfs(0x0, &(0x7f0000000400)='stack\x00')
pread64(r8, &(0x7f000001a240)=""/102386, 0x18ff2, 0x0)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a30000000006800038064000080080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001"], 0x118}}, 0x0)
rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00')

29.48955ms ago: executing program 1 (id=976):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000380)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x33, 0x0, @private, @broadcast}, {0x0, 0x0, 0x8}}}}}, 0x0)

0s ago: executing program 1 (id=977):
syz_io_uring_setup(0x907, &(0x7f00000000c0)={0x0, 0x4e04, 0x10100, 0x1, 0xfffffffb}, &(0x7f0000000180)=<r0=>0x0, &(0x7f0000000140)=<r1=>0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0xffffffffffffffff}, 0x13)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f0000000380)={[{@orlov}, {@noblock_validity}, {@stripe={'stripe', 0x3d, 0x9}}, {@errors_remount}, {@nomblk_io_submit}, {@nogrpid, 0x2e}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x4c2, &(0x7f0000000980)="$eJzs3M1vG0UbAPBnN02afibtW73QD6ihICIKSZMW6IEDIJB6ASHBoRxDGqrStEVNkGhV0YBQOSL+AuCIhMSJCyeQEAIugLjCHSFVqJcWDsho7d3EbmzHTpqY1r+ftPbM7uzOPrM79nrHdgA9q5Q9JBFbI+LXiBiqZusLlKpPN65dmvrr2qWpJMrll/5MKuWuX7s0VRQt1tuSZ0bSiPS9JPY2qHf2wsXTkzMz0+fz/NjcmTfGZi9cfPTUmcmT0yenz04cPXrk8PgTj0881lYcl5dZnsV1fc/b5/btPvbKh89PlePV7z/L9ndrvrw2jqrhtuptpRSlKOcW5w5UHh9c9db/W7bVpJMNXdwROtIXEdnh6q/0/6Hoi8WDNxTPvbuQ+aZLOwismey9aceSuX35c7rw/gXciRJ9HHpU8Y6fff4tpvW8/ui2q09nj9OV+G/k048vVNsmzT7LDlc/sfc1Wf//DeYNLibLQ8vUvzUijs///VE2RcP7EC0kbZcEAFjwVXb980ij67+07tpmez6GMhwRByNiZ0T8LyJ2RbpQ5q6IuLvD+ks35Zde//y8qcNNdiS7/nsyH9sqpuqSIq5kIbetEn9/8tqpmelDeZuMRP/GLD/eoo6vn/3lg2bLSjXXf9mU1V9cC+b78ceGjfXrnJicm1xFyHWuvhOxZ0Oj+JOFkYCsBXZHxJ4VbD9rs1MPf7ovS2/fsnT58vG3cAvGmcqfRDxUPf7zcVP8haRaU7PxybHBmJk+NFacFUv98NOVF2vz/TXpuvgH24tpcKXBNpAd/80Nz/88/qIbFOO1s53XceW395t+pll6/JM4Pl9bIj//Ny02W3b+DyQvV9ID+by3Jufmzo9HDOQz6uZPLG6tyBfls/hHDjTu/zsj/vk4X29vRGQn8T0RcW9E7M/3/b6IuD8iDrSI/7tnHni9dQut8Py/BbL4T7Q6/hHDSe14/QoSfae//bJZ/e29/h2ppEbyOe28/rW7g6tpOwAAALhdpJUx6CQdLdI1N6d2xeZ05tzs3MFSvHn2RHWsejj60+JO11DN/dDx/N5wkZ+4KX84InZUvmm0qZIfnTo3s62bgQOV3+rU9f9I09HR6rLfm33pBbhzdDSOVvuls8+/uPU7A6wrv9eE3qX/Q+/S/6F36f/Quxr1/8sRN7qwK8A68/4PvUv/h96l/0Pv0v+hJy39SXzxdysr+aX/YmLnsVWtvuaJ8tCabHm+87X61ijSqP3TjqaJJCJWVkWkrcsMtFF71xLpsmWeWq5Z+lf1nxhZYn+e2BgR7a51ed1atXiFSPzLJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFv7NwAA//8Aq+SG")
r3 = syz_io_uring_complete(0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000340)={{0x1, 0x1, 0x18, r3}, './file0\x00'})
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='qdisc_create\x00', r6}, 0x18)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})
dup2(r4, 0xffffffffffffffff)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x100000e, 0x12, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000000)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x39)
r7 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r7, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xbe00}], 0x2, 0x1200, 0x41001, 0x3)

kernel console output (not intermixed with test programs):

1][ T3972] Call Trace:
[   36.018055][ T3972]  <TASK>
[   36.020987][ T3972]  dump_stack_lvl+0xf2/0x150
[   36.025674][ T3972]  dump_stack+0x15/0x1a
[   36.029921][ T3972]  should_fail_ex+0x223/0x230
[   36.034693][ T3972]  should_failslab+0x8f/0xb0
[   36.039303][ T3972]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[   36.045632][ T3972]  ? sidtab_sid2str_get+0xb8/0x140
[   36.050753][ T3972]  kmemdup_noprof+0x2a/0x60
[   36.055268][ T3972]  sidtab_sid2str_get+0xb8/0x140
[   36.060214][ T3972]  security_sid_to_context_core+0x1eb/0x2f0
[   36.066148][ T3972]  security_sid_to_context+0x27/0x30
[   36.071486][ T3972]  selinux_lsmprop_to_secctx+0x2c/0x40
[   36.077020][ T3972]  security_lsmprop_to_secctx+0x4a/0x90
[   36.082934][ T3972]  audit_log_task_context+0x93/0x1c0
[   36.088307][ T3972]  audit_log_task+0xf9/0x1c0
[   36.092931][ T3972]  audit_seccomp+0x68/0x130
[   36.098029][ T3972]  __seccomp_filter+0x6fa/0x1180
[   36.102986][ T3972]  __secure_computing+0x9f/0x1c0
[   36.108024][ T3972]  syscall_trace_enter+0xd1/0x1f0
[   36.113134][ T3972]  do_syscall_64+0xaa/0x1c0
[   36.117652][ T3972]  ? clear_bhb_loop+0x55/0xb0
[   36.122431][ T3972]  ? clear_bhb_loop+0x55/0xb0
[   36.127161][ T3972]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   36.133139][ T3972] RIP: 0033:0x7fc6cc34e92c
[   36.137547][ T3972] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   36.157237][ T3972] RSP: 002b:00007fc6ca9c7050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   36.165753][ T3972] RAX: ffffffffffffffda RBX: 00007fc6cc515fa0 RCX: 00007fc6cc34e92c
[   36.173858][ T3972] RDX: 000000000000000f RSI: 00007fc6ca9c70b0 RDI: 0000000000000005
[   36.178734][ T3961] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   36.181861][ T3972] RBP: 00007fc6ca9c70a0 R08: 0000000000000000 R09: 0000000000000000
[   36.192093][ T3961] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   36.198135][ T3972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   36.213876][ T3972] R13: 0000000000000000 R14: 00007fc6cc515fa0 R15: 00007fff1de42d98
[   36.222341][ T3972]  </TASK>
[   36.246734][ T3975] netlink: 'syz.1.162': attribute type 21 has an invalid length.
[   36.254612][ T3975] netlink: 12 bytes leftover after parsing attributes in process `syz.1.162'.
[   36.323170][ T3983] netlink: 4 bytes leftover after parsing attributes in process `syz.1.166'.
[   36.625813][ T3996] FAULT_INJECTION: forcing a failure.
[   36.625813][ T3996] name failslab, interval 1, probability 0, space 0, times 0
[   36.638546][ T3996] CPU: 1 UID: 0 PID: 3996 Comm: syz.0.173 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   36.649149][ T3996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   36.659207][ T3996] Call Trace:
[   36.662569][ T3996]  <TASK>
[   36.665493][ T3996]  dump_stack_lvl+0xf2/0x150
[   36.670111][ T3996]  dump_stack+0x15/0x1a
[   36.674264][ T3996]  should_fail_ex+0x223/0x230
[   36.679052][ T3996]  should_failslab+0x8f/0xb0
[   36.683678][ T3996]  kmem_cache_alloc_noprof+0x52/0x320
[   36.689043][ T3996]  ? skb_clone+0x154/0x1f0
[   36.693455][ T3996]  skb_clone+0x154/0x1f0
[   36.697745][ T3996]  __netlink_deliver_tap+0x2bd/0x4f0
[   36.703035][ T3996]  netlink_sendskb+0x126/0x150
[   36.707872][ T3996]  netlink_unicast+0x291/0x670
[   36.712628][ T3996]  nlmsg_notify+0x10f/0x170
[   36.717155][ T3996]  rtnl_notify+0x76/0x90
[   36.721398][ T3996]  rtmsg_ifa+0xf6/0x170
[   36.725552][ T3996]  __inet_insert_ifa+0x4fd/0x630
[   36.730492][ T3996]  inet_rtm_newaddr+0x95c/0xcb0
[   36.735413][ T3996]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[   36.740822][ T3996]  rtnetlink_rcv_msg+0x651/0x710
[   36.745754][ T3996]  ? ref_tracker_free+0x3a5/0x410
[   36.750791][ T3996]  ? __dev_queue_xmit+0x186/0x2090
[   36.755894][ T3996]  netlink_rcv_skb+0x12c/0x230
[   36.760681][ T3996]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   36.766138][ T3996]  rtnetlink_rcv+0x1c/0x30
[   36.770545][ T3996]  netlink_unicast+0x599/0x670
[   36.775339][ T3996]  netlink_sendmsg+0x5cc/0x6e0
[   36.780100][ T3996]  ? __pfx_netlink_sendmsg+0x10/0x10
[   36.785481][ T3996]  __sock_sendmsg+0x140/0x180
[   36.790175][ T3996]  ____sys_sendmsg+0x312/0x410
[   36.795011][ T3996]  __sys_sendmsg+0x19d/0x230
[   36.799603][ T3996]  __x64_sys_sendmsg+0x46/0x50
[   36.804446][ T3996]  x64_sys_call+0x2734/0x2dc0
[   36.809115][ T3996]  do_syscall_64+0xc9/0x1c0
[   36.813609][ T3996]  ? clear_bhb_loop+0x55/0xb0
[   36.818278][ T3996]  ? clear_bhb_loop+0x55/0xb0
[   36.822947][ T3996]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   36.828916][ T3996] RIP: 0033:0x7f2d3ca6ff19
[   36.833396][ T3996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   36.853000][ T3996] RSP: 002b:00007f2d3b0e7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   36.861408][ T3996] RAX: ffffffffffffffda RBX: 00007f2d3cc35fa0 RCX: 00007f2d3ca6ff19
[   36.869371][ T3996] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003
[   36.877337][ T3996] RBP: 00007f2d3b0e70a0 R08: 0000000000000000 R09: 0000000000000000
[   36.885315][ T3996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   36.893277][ T3996] R13: 0000000000000000 R14: 00007f2d3cc35fa0 R15: 00007ffdc62ef1a8
[   36.901304][ T3996]  </TASK>
[   36.913726][ T4000] loop4: detected capacity change from 0 to 512
[   36.928724][ T4000] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.174: corrupted in-inode xattr: invalid ea_ino
[   36.945665][ T4000] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.174: couldn't read orphan inode 15 (err -117)
[   36.962359][ T3998] netlink: 36 bytes leftover after parsing attributes in process `syz.2.171'.
[   36.971346][ T3998] netlink: 36 bytes leftover after parsing attributes in process `syz.2.171'.
[   36.980796][ T3998] netlink: 36 bytes leftover after parsing attributes in process `syz.2.171'.
[   36.990290][ T4000] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.998384][ T3998] netlink: 36 bytes leftover after parsing attributes in process `syz.2.171'.
[   37.006168][ T4007] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65049 sclass=netlink_route_socket pid=4007 comm=syz.0.176
[   37.011634][ T3998] netlink: 36 bytes leftover after parsing attributes in process `syz.2.171'.
[   37.033460][ T3998] netlink: 36 bytes leftover after parsing attributes in process `syz.2.171'.
[   37.044071][ T4000] netlink: 'syz.4.174': attribute type 2 has an invalid length.
[   37.051750][ T4000] netlink: 'syz.4.174': attribute type 1 has an invalid length.
[   37.069993][ T4013] netlink: 4 bytes leftover after parsing attributes in process `syz.3.178'.
[   37.093684][ T4014] loop0: detected capacity change from 0 to 1764
[   37.114208][ T4014] iso9660: Corrupted directory entry in block 2 of inode 1920
[   37.128850][ T4014] capability: warning: `syz.0.177' uses deprecated v2 capabilities in a way that may be insecure
[   37.193966][ T4029] FAULT_INJECTION: forcing a failure.
[   37.193966][ T4029] name failslab, interval 1, probability 0, space 0, times 0
[   37.206624][ T4029] CPU: 1 UID: 0 PID: 4029 Comm: syz.2.185 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   37.217225][ T4029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   37.227290][ T4029] Call Trace:
[   37.230646][ T4029]  <TASK>
[   37.233580][ T4029]  dump_stack_lvl+0xf2/0x150
[   37.238302][ T4029]  dump_stack+0x15/0x1a
[   37.242478][ T4029]  should_fail_ex+0x223/0x230
[   37.247229][ T4029]  should_failslab+0x8f/0xb0
[   37.251895][ T4029]  __kmalloc_noprof+0xab/0x3f0
[   37.256702][ T4029]  ? nla_strdup+0x7a/0xc0
[   37.261075][ T4029]  nla_strdup+0x7a/0xc0
[   37.265301][ T4029]  nf_tables_newtable+0x3e9/0xf20
[   37.270350][ T4029]  nfnetlink_rcv+0xb3e/0x15d0
[   37.275096][ T4029]  ? kmem_cache_free+0xdc/0x2d0
[   37.280053][ T4029]  netlink_unicast+0x599/0x670
[   37.284857][ T4029]  netlink_sendmsg+0x5cc/0x6e0
[   37.289669][ T4029]  ? __pfx_netlink_sendmsg+0x10/0x10
[   37.294964][ T4029]  __sock_sendmsg+0x140/0x180
[   37.299668][ T4029]  ____sys_sendmsg+0x312/0x410
[   37.304523][ T4029]  __sys_sendmsg+0x19d/0x230
[   37.309154][ T4029]  __x64_sys_sendmsg+0x46/0x50
[   37.313983][ T4029]  x64_sys_call+0x2734/0x2dc0
[   37.318671][ T4029]  do_syscall_64+0xc9/0x1c0
[   37.323191][ T4029]  ? clear_bhb_loop+0x55/0xb0
[   37.327935][ T4029]  ? clear_bhb_loop+0x55/0xb0
[   37.332628][ T4029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.338608][ T4029] RIP: 0033:0x7f108832ff19
[   37.343032][ T4029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   37.362668][ T4029] RSP: 002b:00007f10869a7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   37.371094][ T4029] RAX: ffffffffffffffda RBX: 00007f10884f5fa0 RCX: 00007f108832ff19
[   37.379142][ T4029] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[   37.387166][ T4029] RBP: 00007f10869a70a0 R08: 0000000000000000 R09: 0000000000000000
[   37.395167][ T4029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   37.403272][ T4029] R13: 0000000000000000 R14: 00007f10884f5fa0 R15: 00007ffd57c0e7e8
[   37.411287][ T4029]  </TASK>
[   37.602462][ T4037] FAULT_INJECTION: forcing a failure.
[   37.602462][ T4037] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   37.615575][ T4037] CPU: 1 UID: 0 PID: 4037 Comm: +}[@ Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   37.625881][ T4037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   37.636113][ T4037] Call Trace:
[   37.639381][ T4037]  <TASK>
[   37.642307][ T4037]  dump_stack_lvl+0xf2/0x150
[   37.646955][ T4037]  dump_stack+0x15/0x1a
[   37.651147][ T4037]  should_fail_ex+0x223/0x230
[   37.655818][ T4037]  should_fail+0xb/0x10
[   37.660052][ T4037]  should_fail_usercopy+0x1a/0x20
[   37.665077][ T4037]  _copy_to_user+0x20/0xa0
[   37.669535][ T4037]  bpf_test_finish+0x339/0x4f0
[   37.674304][ T4037]  bpf_prog_test_run_skb+0xad5/0xc00
[   37.679591][ T4037]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[   37.685405][ T4037]  bpf_prog_test_run+0x20f/0x3a0
[   37.690408][ T4037]  __sys_bpf+0x400/0x7a0
[   37.694648][ T4037]  __x64_sys_bpf+0x43/0x50
[   37.699149][ T4037]  x64_sys_call+0x2914/0x2dc0
[   37.703817][ T4037]  do_syscall_64+0xc9/0x1c0
[   37.708315][ T4037]  ? clear_bhb_loop+0x55/0xb0
[   37.713201][ T4037]  ? clear_bhb_loop+0x55/0xb0
[   37.717965][ T4037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.723863][ T4037] RIP: 0033:0x7fc6cc34ff19
[   37.728277][ T4037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   37.747879][ T4037] RSP: 002b:00007fc6ca9c7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   37.756360][ T4037] RAX: ffffffffffffffda RBX: 00007fc6cc515fa0 RCX: 00007fc6cc34ff19
[   37.764374][ T4037] RDX: 0000000000000050 RSI: 0000000020000400 RDI: 000000000000000a
[   37.772339][ T4037] RBP: 00007fc6ca9c70a0 R08: 0000000000000000 R09: 0000000000000000
[   37.780351][ T4037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   37.788339][ T4037] R13: 0000000000000000 R14: 00007fc6cc515fa0 R15: 00007fff1de42d98
[   37.796378][ T4037]  </TASK>
[   38.011329][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.260633][   T29] kauditd_printk_skb: 25 callbacks suppressed
[   38.260648][   T29] audit: type=1400 audit(1733224309.014:500): avc:  denied  { create } for  pid=4068 comm="syz.1.199" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   38.286252][   T29] audit: type=1400 audit(1733224309.014:501): avc:  denied  { setopt } for  pid=4068 comm="syz.1.199" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   38.360732][ T4078] syz.2.203[4078] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   38.360832][ T4078] syz.2.203[4078] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   38.373406][ T4078] syz.2.203[4078] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   38.387539][ T4074] loop0: detected capacity change from 0 to 512
[   38.406203][ T4074] ext4: Unknown parameter 'hash'
[   38.412534][ T4074] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   38.421145][ T4074] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   38.552307][   T29] audit: type=1400 audit(1733224309.324:502): avc:  denied  { associate } for  pid=4097 comm="syz.1.211" name="rdma.current" dev="tmpfs" ino=283 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="@"
[   38.613871][   T29] audit: type=1400 audit(1733224309.384:503): avc:  denied  { write } for  pid=4102 comm="syz.2.213" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   38.711496][ T4120] syz.2.221 uses obsolete (PF_INET,SOCK_PACKET)
[   38.798699][ T4129] 9pnet_fd: Insufficient options for proto=fd
[   38.836316][ T4133] FAULT_INJECTION: forcing a failure.
[   38.836316][ T4133] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   38.849533][ T4133] CPU: 0 UID: 0 PID: 4133 Comm: syz.2.226 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   38.860141][ T4133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   38.870205][ T4133] Call Trace:
[   38.873596][ T4133]  <TASK>
[   38.876527][ T4133]  dump_stack_lvl+0xf2/0x150
[   38.881210][ T4133]  dump_stack+0x15/0x1a
[   38.885416][ T4133]  should_fail_ex+0x223/0x230
[   38.890093][ T4133]  should_fail+0xb/0x10
[   38.894320][ T4133]  should_fail_usercopy+0x1a/0x20
[   38.899380][ T4133]  _copy_from_user+0x1e/0xb0
[   38.903981][ T4133]  btf_new_fd+0x1fc/0x790
[   38.908389][ T4133]  bpf_btf_load+0x115/0x130
[   38.912893][ T4133]  __sys_bpf+0x686/0x7a0
[   38.917169][ T4133]  __x64_sys_bpf+0x43/0x50
[   38.921651][ T4133]  x64_sys_call+0x2914/0x2dc0
[   38.926328][ T4133]  do_syscall_64+0xc9/0x1c0
[   38.930889][ T4133]  ? clear_bhb_loop+0x55/0xb0
[   38.935653][ T4133]  ? clear_bhb_loop+0x55/0xb0
[   38.940331][ T4133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.946362][ T4133] RIP: 0033:0x7f108832ff19
[   38.950781][ T4133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   38.970471][ T4133] RSP: 002b:00007f10869a7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   38.978893][ T4133] RAX: ffffffffffffffda RBX: 00007f10884f5fa0 RCX: 00007f108832ff19
[   38.986865][ T4133] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 0000000000000012
[   38.994836][ T4133] RBP: 00007f10869a70a0 R08: 0000000000000000 R09: 0000000000000000
[   39.002792][ T4133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   39.010794][ T4133] R13: 0000000000000000 R14: 00007f10884f5fa0 R15: 00007ffd57c0e7e8
[   39.018772][ T4133]  </TASK>
[   39.066740][ T4138] dvmrp1: entered allmulticast mode
[   39.068909][   T29] audit: type=1400 audit(1733224309.834:504): avc:  denied  { ioctl } for  pid=4139 comm="syz.0.229" path="socket:[5681]" dev="sockfs" ino=5681 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   39.099524][ T4141] FAULT_INJECTION: forcing a failure.
[   39.099524][ T4141] name failslab, interval 1, probability 0, space 0, times 0
[   39.109045][ T4140] loop3: detected capacity change from 0 to 512
[   39.112200][ T4141] CPU: 0 UID: 0 PID: 4141 Comm: syz.0.229 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   39.127631][ T4140] EXT4-fs: Ignoring removed orlov option
[   39.128909][ T4141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   39.139088][ T4140] EXT4-fs: Ignoring removed nomblk_io_submit option
[   39.144579][ T4141] Call Trace:
[   39.144588][ T4141]  <TASK>
[   39.144596][ T4141]  dump_stack_lvl+0xf2/0x150
[   39.151208][ T4140] ext4: Unknown parameter 'nogrpid.nouid32'
[   39.154428][ T4141]  dump_stack+0x15/0x1a
[   39.157466][   T29] audit: type=1326 audit(1733224309.844:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4139 comm="syz.0.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3ca6ff19 code=0x7ffc0000
[   39.161905][ T4141]  should_fail_ex+0x223/0x230
[   39.167872][   T29] audit: type=1326 audit(1733224309.844:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4139 comm="syz.0.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3ca6ff19 code=0x7ffc0000
[   39.171919][ T4141]  should_failslab+0x8f/0xb0
[   39.195209][   T29] audit: type=1326 audit(1733224309.844:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4136 comm="syz.4.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c8640ff19 code=0x7ffc0000
[   39.199701][ T4141]  kmem_cache_alloc_noprof+0x52/0x320
[   39.199771][ T4141]  ? audit_log_start+0x34c/0x6b0
[   39.223017][   T29] audit: type=1326 audit(1733224309.844:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4136 comm="syz.4.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c8640ff19 code=0x7ffc0000
[   39.227563][ T4141]  audit_log_start+0x34c/0x6b0
[   39.250760][   T29] audit: type=1326 audit(1733224309.844:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4139 comm="syz.0.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2d3ca6ff19 code=0x7ffc0000
[   39.256076][ T4141]  ? __rcu_read_unlock+0x4e/0x70
[   39.256112][ T4141]  audit_seccomp+0x4b/0x130
[   39.291979][ T4140] loop3: detected capacity change from 0 to 128
[   39.312280][ T4141]  __seccomp_filter+0x6fa/0x1180
[   39.312323][ T4141]  __secure_computing+0x9f/0x1c0
[   39.338307][ T4141]  syscall_trace_enter+0xd1/0x1f0
[   39.343420][ T4141]  ? fpregs_assert_state_consistent+0x83/0xa0
[   39.345666][ T4140] syz.3.228: attempt to access beyond end of device
[   39.345666][ T4140] loop3: rw=34817, sector=106, nr_sectors = 95 limit=128
[   39.349557][ T4141]  do_syscall_64+0xaa/0x1c0
[   39.349582][ T4141]  ? clear_bhb_loop+0x55/0xb0
[   39.372174][ T4141]  ? clear_bhb_loop+0x55/0xb0
[   39.376857][ T4141]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   39.382773][ T4141] RIP: 0033:0x7f2d3ca6e92c
[   39.387201][ T4141] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   39.406836][ T4141] RSP: 002b:00007f2d3b0e7050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   39.415303][ T4141] RAX: ffffffffffffffda RBX: 00007f2d3cc35fa0 RCX: 00007f2d3ca6e92c
[   39.423274][ T4141] RDX: 000000000000000f RSI: 00007f2d3b0e70b0 RDI: 0000000000000008
[   39.431239][ T4141] RBP: 00007f2d3b0e70a0 R08: 0000000000000000 R09: 0000000000000000
[   39.439211][ T4141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   39.447178][ T4141] R13: 0000000000000000 R14: 00007f2d3cc35fa0 R15: 00007ffdc62ef1a8
[   39.455149][ T4141]  </TASK>
[   39.511987][ T4151] FAULT_INJECTION: forcing a failure.
[   39.511987][ T4151] name failslab, interval 1, probability 0, space 0, times 0
[   39.524666][ T4151] CPU: 0 UID: 0 PID: 4151 Comm: syz.2.232 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   39.535420][ T4151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   39.545480][ T4151] Call Trace:
[   39.548817][ T4151]  <TASK>
[   39.551748][ T4151]  dump_stack_lvl+0xf2/0x150
[   39.556351][ T4151]  dump_stack+0x15/0x1a
[   39.560555][ T4151]  should_fail_ex+0x223/0x230
[   39.565235][ T4151]  ? audit_log_d_path+0x96/0x250
[   39.570176][ T4151]  should_failslab+0x8f/0xb0
[   39.574792][ T4151]  __kmalloc_cache_noprof+0x4e/0x320
[   39.580101][ T4151]  audit_log_d_path+0x96/0x250
[   39.584889][ T4151]  ? __rcu_read_unlock+0x4e/0x70
[   39.589928][ T4151]  audit_log_d_path_exe+0x42/0x70
[   39.594975][ T4151]  audit_log_task+0x192/0x1c0
[   39.599680][ T4151]  audit_seccomp+0x68/0x130
[   39.604187][ T4151]  __seccomp_filter+0x6fa/0x1180
[   39.609209][ T4151]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   39.614846][ T4151]  ? vfs_write+0x596/0x920
[   39.619333][ T4151]  ? __schedule+0x6fa/0x930
[   39.623919][ T4151]  __secure_computing+0x9f/0x1c0
[   39.628867][ T4151]  syscall_trace_enter+0xd1/0x1f0
[   39.633920][ T4151]  do_syscall_64+0xaa/0x1c0
[   39.638432][ T4151]  ? clear_bhb_loop+0x55/0xb0
[   39.643126][ T4151]  ? clear_bhb_loop+0x55/0xb0
[   39.647793][ T4151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   39.653710][ T4151] RIP: 0033:0x7f108832ff19
[   39.658116][ T4151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   39.677767][ T4151] RSP: 002b:00007f10869a7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000111
[   39.686173][ T4151] RAX: ffffffffffffffda RBX: 00007f10884f5fa0 RCX: 00007f108832ff19
[   39.694205][ T4151] RDX: 0000000000000000 RSI: 0000000000000018 RDI: 0000000020000280
[   39.702173][ T4151] RBP: 00007f10869a70a0 R08: 0000000000000000 R09: 0000000000000000
[   39.710178][ T4151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   39.718187][ T4151] R13: 0000000000000000 R14: 00007f10884f5fa0 R15: 00007ffd57c0e7e8
[   39.726276][ T4151]  </TASK>
[   39.732808][ T4153] loop1: detected capacity change from 0 to 512
[   39.751733][ T4153] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   39.753466][ T4153] EXT4-fs (loop1): invalid journal inode
[   39.753555][ T4153] EXT4-fs (loop1): can't get journal size
[   39.776272][ T4153] EXT4-fs (loop1): 1 truncate cleaned up
[   39.789352][ T4153] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.848393][ T4164] loop2: detected capacity change from 0 to 512
[   39.858396][ T4164] ext4: Unknown parameter 'hash'
[   39.868542][ T4164] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   39.882332][ T4164] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   39.971683][ T4186] loop0: detected capacity change from 0 to 512
[   39.978530][ T4186] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   39.989774][ T4186] EXT4-fs (loop0): 1 truncate cleaned up
[   39.995796][ T4186] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.102255][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.356839][ T4222] __nla_validate_parse: 29 callbacks suppressed
[   40.356856][ T4222] netlink: 20 bytes leftover after parsing attributes in process `syz.0.260'.
[   40.374906][ T4153] syz.1.235 (4153) used greatest stack depth: 10368 bytes left
[   40.390927][ T4224] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[   40.397481][ T4224] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   40.400094][ T4220] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=62237 sclass=netlink_route_socket pid=4220 comm=syz.3.259
[   40.405195][ T4224] vhci_hcd vhci_hcd.0: Device attached
[   40.425321][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.437968][ T4220] netlink: 4 bytes leftover after parsing attributes in process `syz.3.259'.
[   40.447051][ T4225] vhci_hcd: connection closed
[   40.447242][   T50] vhci_hcd: stop threads
[   40.456302][   T50] vhci_hcd: release socket
[   40.460751][   T50] vhci_hcd: disconnect device
[   40.523398][ T4236] loop4: detected capacity change from 0 to 2048
[   40.531944][ T4231] netlink: 36 bytes leftover after parsing attributes in process `syz.1.262'.
[   40.540890][ T4231] netlink: 36 bytes leftover after parsing attributes in process `syz.1.262'.
[   40.549923][ T4231] netlink: 36 bytes leftover after parsing attributes in process `syz.1.262'.
[   40.560226][ T4236]  loop4: p1 < > p4
[   40.565243][ T4236] loop4: p4 size 8388608 extends beyond EOD, truncated
[   40.575823][ T4231] netlink: 36 bytes leftover after parsing attributes in process `syz.1.262'.
[   40.584816][ T4231] netlink: 36 bytes leftover after parsing attributes in process `syz.1.262'.
[   40.595210][ T4231] netlink: 36 bytes leftover after parsing attributes in process `syz.1.262'.
[   40.610840][ T4236] netlink: 4 bytes leftover after parsing attributes in process `syz.4.265'.
[   40.622793][ T4236] bridge_slave_1: left allmulticast mode
[   40.628572][ T4236] bridge_slave_1: left promiscuous mode
[   40.634471][ T4236] bridge0: port 2(bridge_slave_1) entered disabled state
[   40.642785][ T4236] bridge_slave_0: left allmulticast mode
[   40.648610][ T4236] bridge_slave_0: left promiscuous mode
[   40.654388][ T4236] bridge0: port 1(bridge_slave_0) entered disabled state
[   40.670146][ T4231] netlink: 36 bytes leftover after parsing attributes in process `syz.1.262'.
[   40.758931][ T4261] loop3: detected capacity change from 0 to 1024
[   40.766635][ T4261] EXT4-fs (loop3): unsupported inode size: 143
[   40.772885][ T4261] EXT4-fs (loop3): blocksize: 1024
[   40.799033][ T4264] FAULT_INJECTION: forcing a failure.
[   40.799033][ T4264] name failslab, interval 1, probability 0, space 0, times 0
[   40.811717][ T4264] CPU: 0 UID: 0 PID: 4264 Comm: syz.3.276 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   40.818926][ T4266] loop1: detected capacity change from 0 to 512
[   40.822311][ T4264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   40.822325][ T4264] Call Trace:
[   40.822333][ T4264]  <TASK>
[   40.822341][ T4264]  dump_stack_lvl+0xf2/0x150
[   40.829891][ T4266] ext4: Unknown parameter 'hash'
[   40.838597][ T4264]  dump_stack+0x15/0x1a
[   40.838653][ T4264]  should_fail_ex+0x223/0x230
[   40.838676][ T4264]  should_failslab+0x8f/0xb0
[   40.838707][ T4264]  kmem_cache_alloc_noprof+0x52/0x320
[   40.873094][ T4264]  ? getname_flags+0x81/0x3b0
[   40.877768][ T4264]  getname_flags+0x81/0x3b0
[   40.882262][ T4264]  getname+0x17/0x20
[   40.886217][ T4264]  do_mq_open+0xd4/0x4b0
[   40.890481][ T4264]  __x64_sys_mq_open+0xcc/0x100
[   40.895329][ T4264]  x64_sys_call+0x1d6f/0x2dc0
[   40.899999][ T4264]  do_syscall_64+0xc9/0x1c0
[   40.904523][ T4264]  ? clear_bhb_loop+0x55/0xb0
[   40.909296][ T4264]  ? clear_bhb_loop+0x55/0xb0
[   40.913962][ T4264]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.919925][ T4264] RIP: 0033:0x7f9449adff19
[   40.924331][ T4264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   40.943932][ T4264] RSP: 002b:00007f9448157058 EFLAGS: 00000246 ORIG_RAX: 00000000000000f0
[   40.952336][ T4264] RAX: ffffffffffffffda RBX: 00007f9449ca5fa0 RCX: 00007f9449adff19
[   40.960364][ T4264] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000
[   40.968325][ T4264] RBP: 00007f94481570a0 R08: 0000000000000000 R09: 0000000000000000
[   40.976371][ T4264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   40.984332][ T4264] R13: 0000000000000001 R14: 00007f9449ca5fa0 R15: 00007ffced9b39d8
[   40.992299][ T4264]  </TASK>
[   41.003464][ T4258] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   41.021851][ T4258] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   41.185173][ T4287] loop3: detected capacity change from 0 to 128
[   41.192100][ T4287] =======================================================
[   41.192100][ T4287] WARNING: The mand mount option has been deprecated and
[   41.192100][ T4287]          and is ignored by this kernel. Remove the mand
[   41.192100][ T4287]          option from the mount to silence this warning.
[   41.192100][ T4287] =======================================================
[   41.248510][ T4287] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   41.251345][ T4296] IPv6: NLM_F_CREATE should be specified when creating new route
[   41.269552][ T4287] ext4 filesystem being mounted at /47/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.299993][ T4298] FAULT_INJECTION: forcing a failure.
[   41.299993][ T4298] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   41.313199][ T4298] CPU: 1 UID: 0 PID: 4298 Comm: syz.0.287 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   41.323896][ T4298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   41.333982][ T4298] Call Trace:
[   41.337245][ T4298]  <TASK>
[   41.340161][ T4298]  dump_stack_lvl+0xf2/0x150
[   41.344804][ T4298]  dump_stack+0x15/0x1a
[   41.349034][ T4298]  should_fail_ex+0x223/0x230
[   41.353725][ T4298]  should_fail+0xb/0x10
[   41.357874][ T4298]  should_fail_usercopy+0x1a/0x20
[   41.362919][ T4298]  _copy_to_user+0x20/0xa0
[   41.367413][ T4298]  simple_read_from_buffer+0xa0/0x110
[   41.372793][ T4298]  proc_fail_nth_read+0xf9/0x140
[   41.377746][ T4298]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   41.383342][ T4298]  vfs_read+0x1a2/0x700
[   41.387481][ T4298]  ? __rcu_read_unlock+0x4e/0x70
[   41.392428][ T4298]  ? __fget_files+0x17c/0x1c0
[   41.397098][ T4298]  ksys_read+0xe8/0x1b0
[   41.401343][ T4298]  __x64_sys_read+0x42/0x50
[   41.405853][ T4298]  x64_sys_call+0x2874/0x2dc0
[   41.410541][ T4298]  do_syscall_64+0xc9/0x1c0
[   41.415059][ T4298]  ? clear_bhb_loop+0x55/0xb0
[   41.419746][ T4298]  ? clear_bhb_loop+0x55/0xb0
[   41.424410][ T4298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.430363][ T4298] RIP: 0033:0x7f2d3ca6e92c
[   41.434764][ T4298] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   41.454442][ T4298] RSP: 002b:00007f2d3b0e7050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   41.462969][ T4298] RAX: ffffffffffffffda RBX: 00007f2d3cc35fa0 RCX: 00007f2d3ca6e92c
[   41.470940][ T4298] RDX: 000000000000000f RSI: 00007f2d3b0e70b0 RDI: 0000000000000005
[   41.478932][ T4298] RBP: 00007f2d3b0e70a0 R08: 0000000000000000 R09: 0000000000000000
[   41.486937][ T4298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   41.494894][ T4298] R13: 0000000000000000 R14: 00007f2d3cc35fa0 R15: 00007ffdc62ef1a8
[   41.502849][ T4298]  </TASK>
[   41.538736][ T4302] FAULT_INJECTION: forcing a failure.
[   41.538736][ T4302] name failslab, interval 1, probability 0, space 0, times 0
[   41.551823][ T4302] CPU: 1 UID: 0 PID: 4302 Comm: syz.0.288 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   41.562456][ T4302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   41.572637][ T4302] Call Trace:
[   41.576423][ T4302]  <TASK>
[   41.579338][ T4302]  dump_stack_lvl+0xf2/0x150
[   41.583956][ T4302]  dump_stack+0x15/0x1a
[   41.588099][ T4302]  should_fail_ex+0x223/0x230
[   41.592837][ T4302]  should_failslab+0x8f/0xb0
[   41.597493][ T4302]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[   41.603842][ T4302]  ? key_alloc+0x2dd/0xa40
[   41.608299][ T4302]  kmemdup_noprof+0x2a/0x60
[   41.612855][ T4302]  key_alloc+0x2dd/0xa40
[   41.617178][ T4302]  __key_create_or_update+0x65b/0x750
[   41.622612][ T4302]  key_create_or_update+0x42/0x60
[   41.627656][ T4302]  __se_sys_add_key+0x280/0x320
[   41.632531][ T4302]  ? fput+0x1c4/0x200
[   41.636525][ T4302]  __x64_sys_add_key+0x67/0x80
[   41.641339][ T4302]  x64_sys_call+0x2964/0x2dc0
[   41.646104][ T4302]  do_syscall_64+0xc9/0x1c0
[   41.650703][ T4302]  ? clear_bhb_loop+0x55/0xb0
[   41.655439][ T4302]  ? clear_bhb_loop+0x55/0xb0
[   41.660116][ T4302]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.666016][ T4302] RIP: 0033:0x7f2d3ca6ff19
[   41.670423][ T4302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.690401][ T4302] RSP: 002b:00007f2d3b0e7058 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[   41.698810][ T4302] RAX: ffffffffffffffda RBX: 00007f2d3cc35fa0 RCX: 00007f2d3ca6ff19
[   41.706770][ T4302] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 00000000200000c0
[   41.714730][ T4302] RBP: 00007f2d3b0e70a0 R08: ffffffffffffffff R09: 0000000000000000
[   41.722691][ T4302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   41.730750][ T4302] R13: 0000000000000000 R14: 00007f2d3cc35fa0 R15: 00007ffdc62ef1a8
[   41.738722][ T4302]  </TASK>
[   41.769819][ T3308] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   41.836230][ T4317] loop0: detected capacity change from 0 to 256
[   41.882338][ T4317] FAULT_INJECTION: forcing a failure.
[   41.882338][ T4317] name failslab, interval 1, probability 0, space 0, times 0
[   41.882362][ T4317] CPU: 1 UID: 0 PID: 4317 Comm: syz.0.294 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   41.882384][ T4317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   41.882394][ T4317] Call Trace:
[   41.882430][ T4317]  <TASK>
[   41.882437][ T4317]  dump_stack_lvl+0xf2/0x150
[   41.882471][ T4317]  dump_stack+0x15/0x1a
[   41.882500][ T4317]  should_fail_ex+0x223/0x230
[   41.882586][ T4317]  ? vfat_add_entry+0xd5/0x1b40
[   41.882612][ T4317]  should_failslab+0x8f/0xb0
[   41.882640][ T4317]  __kmalloc_cache_noprof+0x4e/0x320
[   41.882673][ T4317]  ? __brelse+0x30/0x60
[   41.882695][ T4317]  vfat_add_entry+0xd5/0x1b40
[   41.882740][ T4317]  ? fat_alloc_new_dir+0x505/0x540
[   41.882826][ T4317]  vfat_mkdir+0xcd/0x1e0
[   41.882848][ T4317]  vfs_mkdir+0x1f4/0x320
[   41.882873][ T4317]  do_mkdirat+0x12f/0x2b0
[   41.882897][ T4317]  __x64_sys_mkdirat+0x4e/0x60
[   41.882921][ T4317]  x64_sys_call+0x1b6f/0x2dc0
[   41.882960][ T4317]  do_syscall_64+0xc9/0x1c0
[   41.882983][ T4317]  ? clear_bhb_loop+0x55/0xb0
[   41.883004][ T4317]  ? clear_bhb_loop+0x55/0xb0
[   41.883019][ T4317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.883048][ T4317] RIP: 0033:0x7f2d3ca6ff19
[   41.883062][ T4317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.883078][ T4317] RSP: 002b:00007f2d3b0e7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   41.883178][ T4317] RAX: ffffffffffffffda RBX: 00007f2d3cc35fa0 RCX: 00007f2d3ca6ff19
[   41.883189][ T4317] RDX: 0000000000000000 RSI: 0000000020000080 RDI: ffffffffffffff9c
[   41.883205][ T4317] RBP: 00007f2d3b0e70a0 R08: 0000000000000000 R09: 0000000000000000
[   41.883216][ T4317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   41.883227][ T4317] R13: 0000000000000000 R14: 00007f2d3cc35fa0 R15: 00007ffdc62ef1a8
[   41.883242][ T4317]  </TASK>
[   42.070516][ T4338] FAULT_INJECTION: forcing a failure.
[   42.070516][ T4338] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   42.165174][ T4338] CPU: 1 UID: 0 PID: 4338 Comm: syz.2.303 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   42.165204][ T4338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   42.165215][ T4338] Call Trace:
[   42.165222][ T4338]  <TASK>
[   42.165293][ T4338]  dump_stack_lvl+0xf2/0x150
[   42.165336][ T4338]  dump_stack+0x15/0x1a
[   42.165361][ T4338]  should_fail_ex+0x223/0x230
[   42.165465][ T4338]  should_fail+0xb/0x10
[   42.165484][ T4338]  should_fail_usercopy+0x1a/0x20
[   42.165559][ T4338]  strncpy_from_user+0x25/0x210
[   42.165588][ T4338]  ? arch_stack_walk+0xfd/0x150
[   42.165610][ T4338]  strncpy_from_user_nofault+0x66/0xe0
[   42.165637][ T4338]  bpf_probe_read_compat_str+0xb3/0x130
[   42.165764][ T4338]  bpf_prog_597e1462992804d8+0x46/0x48
[   42.165779][ T4338]  bpf_trace_run2+0x104/0x1d0
[   42.165803][ T4338]  ? ethnl_default_doit+0x6d9/0x7d0
[   42.165827][ T4338]  ? genl_rcv+0x28/0x40
[   42.165854][ T4338]  ? netlink_unicast+0x599/0x670
[   42.165895][ T4338]  ? ethnl_default_doit+0x6d9/0x7d0
[   42.165916][ T4338]  __traceiter_kfree+0x2b/0x50
[   42.165942][ T4338]  ? ethnl_default_doit+0x6d9/0x7d0
[   42.165965][ T4338]  kfree+0x247/0x2f0
[   42.165998][ T4338]  ethnl_default_doit+0x6d9/0x7d0
[   42.166027][ T4338]  genl_rcv_msg+0x61b/0x6c0
[   42.166058][ T4338]  ? __pfx_ethnl_default_doit+0x10/0x10
[   42.166114][ T4338]  ? __dev_queue_xmit+0xb6e/0x2090
[   42.166207][ T4338]  netlink_rcv_skb+0x12c/0x230
[   42.166231][ T4338]  ? __pfx_genl_rcv_msg+0x10/0x10
[   42.166269][ T4338]  genl_rcv+0x28/0x40
[   42.166291][ T4338]  netlink_unicast+0x599/0x670
[   42.166316][ T4338]  netlink_sendmsg+0x5cc/0x6e0
[   42.166445][ T4338]  ? __pfx_netlink_sendmsg+0x10/0x10
[   42.166470][ T4338]  __sock_sendmsg+0x140/0x180
[   42.166500][ T4338]  ____sys_sendmsg+0x312/0x410
[   42.166527][ T4338]  __sys_sendmsg+0x19d/0x230
[   42.166609][ T4338]  __x64_sys_sendmsg+0x46/0x50
[   42.166628][ T4338]  x64_sys_call+0x2734/0x2dc0
[   42.166647][ T4338]  do_syscall_64+0xc9/0x1c0
[   42.166691][ T4338]  ? clear_bhb_loop+0x55/0xb0
[   42.166711][ T4338]  ? clear_bhb_loop+0x55/0xb0
[   42.166730][ T4338]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.166870][ T4338] RIP: 0033:0x7f108832ff19
[   42.166885][ T4338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   42.166904][ T4338] RSP: 002b:00007f10869a7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   42.166925][ T4338] RAX: ffffffffffffffda RBX: 00007f10884f5fa0 RCX: 00007f108832ff19
[   42.166939][ T4338] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000003
[   42.166952][ T4338] RBP: 00007f10869a70a0 R08: 0000000000000000 R09: 0000000000000000
[   42.166965][ T4338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   42.167004][ T4338] R13: 0000000000000000 R14: 00007f10884f5fa0 R15: 00007ffd57c0e7e8
[   42.167023][ T4338]  </TASK>
[   42.168410][ T4336] process 'syz.1.302' launched '/dev/fd/41' with NULL argv: empty string added
[   42.338040][ T4328] loop3: detected capacity change from 0 to 4096
[   42.419494][ T4351] syz.1.307[4351] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   42.427625][ T4351] syz.1.307[4351] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   42.430369][ T4351] syz.1.307[4351] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   42.446624][ T4351] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   42.446777][ T4351] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   42.448338][ T4328] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.523097][ T4351] loop1: detected capacity change from 0 to 2048
[   42.546373][ T4351] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.960043][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.154896][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.181699][ T4378] IPv6: NLM_F_CREATE should be specified when creating new route
[   43.300752][ T4387] loop3: detected capacity change from 0 to 512
[   43.300960][ T4387] ext4: Unknown parameter 'hash'
[   43.302379][ T4387] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   43.302496][ T4387] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   43.338739][ T4396] loop0: detected capacity change from 0 to 1024
[   43.338997][ T4396] journal_path: Non-blockdev passed as './file0'
[   43.339014][ T4396] EXT4-fs: error: could not find journal device path
[   43.343332][   T29] kauditd_printk_skb: 182 callbacks suppressed
[   43.343345][   T29] audit: type=1400 audit(1733224314.114:690): avc:  denied  { connect } for  pid=4398 comm="syz.4.327" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   43.403020][   T29] audit: type=1400 audit(1733224314.134:691): avc:  denied  { write } for  pid=4398 comm="syz.4.327" path="socket:[6092]" dev="sockfs" ino=6092 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   43.403046][   T29] audit: type=1326 audit(1733224314.174:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.0.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3ca6ff19 code=0x7ffc0000
[   43.403094][   T29] audit: type=1326 audit(1733224314.174:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.0.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f2d3ca6ff19 code=0x7ffc0000
[   43.403117][   T29] audit: type=1326 audit(1733224314.174:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.0.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3ca6ff19 code=0x7ffc0000
[   43.496186][   T29] audit: type=1326 audit(1733224314.174:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.0.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d3ca6ff19 code=0x7ffc0000
[   43.519438][   T29] audit: type=1326 audit(1733224314.174:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.0.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3ca6ff19 code=0x7ffc0000
[   43.519477][   T29] audit: type=1326 audit(1733224314.174:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.0.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d3ca6ff19 code=0x7ffc0000
[   43.574981][   T29] audit: type=1326 audit(1733224314.344:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.0.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3ca6ff19 code=0x7ffc0000
[   43.575016][   T29] audit: type=1326 audit(1733224314.344:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.0.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2d3ca6ff19 code=0x7ffc0000
[   43.596163][ T4403] syz.2.328[4403] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.628178][ T4403] syz.2.328[4403] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.628779][ T4403] syz.2.328[4403] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.663428][ T4403] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   43.663498][ T4403] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   43.671947][ T4403] bridge0: entered promiscuous mode
[   43.696930][ T4403] macsec0: entered promiscuous mode
[   43.697080][ T4403] macsec0: entered allmulticast mode
[   43.697094][ T4403] bridge0: entered allmulticast mode
[   43.698691][ T4403] bridge0: port 3(macsec0) entered blocking state
[   43.720758][ T4403] bridge0: port 3(macsec0) entered disabled state
[   43.728368][ T4403] bridge0: left allmulticast mode
[   43.728529][ T4403] bridge0: left promiscuous mode
[   44.110606][ T4437] netlink: 'syz.4.339': attribute type 10 has an invalid length.
[   44.118773][ T4437] geneve1: entered promiscuous mode
[   44.122573][ T4437] bond0: (slave geneve1): Enslaving as an active interface with an up link
[   44.230702][ T4444] loop1: detected capacity change from 0 to 512
[   44.243968][ T4444] ext4: Unknown parameter 'hash'
[   44.254047][ T4444] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   44.275373][ T4444] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   44.337597][ T4467] loop2: detected capacity change from 0 to 1024
[   44.354299][ T4471] loop0: detected capacity change from 0 to 512
[   44.365368][ T4471] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   44.368564][ T4467] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.376506][ T4471] EXT4-fs (loop0): 1 truncate cleaned up
[   44.388609][ T4467] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   44.393795][ T4471] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.421276][ T4471] FAULT_INJECTION: forcing a failure.
[   44.421276][ T4471] name failslab, interval 1, probability 0, space 0, times 0
[   44.434012][ T4471] CPU: 0 UID: 0 PID: 4471 Comm: syz.0.353 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   44.444634][ T4471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   44.454682][ T4471] Call Trace:
[   44.457959][ T4471]  <TASK>
[   44.460960][ T4471]  dump_stack_lvl+0xf2/0x150
[   44.465599][ T4471]  dump_stack+0x15/0x1a
[   44.469753][ T4471]  should_fail_ex+0x223/0x230
[   44.474457][ T4471]  should_failslab+0x8f/0xb0
[   44.479068][ T4471]  __kmalloc_noprof+0xab/0x3f0
[   44.483832][ T4471]  ? ext4_expand_extra_isize_ea+0x7c9/0xf70
[   44.489729][ T4471]  ext4_expand_extra_isize_ea+0x7c9/0xf70
[   44.495496][ T4471]  __ext4_expand_extra_isize+0x243/0x280
[   44.501154][ T4471]  __ext4_mark_inode_dirty+0x2c5/0x440
[   44.506626][ T4471]  __ext4_unlink+0x482/0x660
[   44.511222][ T4471]  ext4_unlink+0xd6/0x2a0
[   44.515613][ T4471]  vfs_unlink+0x275/0x430
[   44.519942][ T4471]  do_unlinkat+0x237/0x4d0
[   44.524470][ T4471]  __x64_sys_unlink+0x2e/0x40
[   44.529144][ T4471]  x64_sys_call+0x2329/0x2dc0
[   44.533842][ T4471]  do_syscall_64+0xc9/0x1c0
[   44.538342][ T4471]  ? clear_bhb_loop+0x55/0xb0
[   44.543098][ T4471]  ? clear_bhb_loop+0x55/0xb0
[   44.547834][ T4471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.553756][ T4471] RIP: 0033:0x7f2d3ca6ff19
[   44.558161][ T4471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.577778][ T4471] RSP: 002b:00007f2d3b0e7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[   44.586184][ T4471] RAX: ffffffffffffffda RBX: 00007f2d3cc35fa0 RCX: 00007f2d3ca6ff19
[   44.594349][ T4471] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000180
[   44.602421][ T4471] RBP: 00007f2d3b0e70a0 R08: 0000000000000000 R09: 0000000000000000
[   44.610384][ T4471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   44.618415][ T4471] R13: 0000000000000000 R14: 00007f2d3cc35fa0 R15: 00007ffdc62ef1a8
[   44.626390][ T4471]  </TASK>
[   44.642705][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.690890][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.700559][ T4479] FAULT_INJECTION: forcing a failure.
[   44.700559][ T4479] name failslab, interval 1, probability 0, space 0, times 0
[   44.713266][ T4479] CPU: 0 UID: 0 PID: 4479 Comm: syz.0.355 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   44.723946][ T4479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   44.733988][ T4479] Call Trace:
[   44.737303][ T4479]  <TASK>
[   44.740220][ T4479]  dump_stack_lvl+0xf2/0x150
[   44.744815][ T4479]  dump_stack+0x15/0x1a
[   44.748958][ T4479]  should_fail_ex+0x223/0x230
[   44.753683][ T4479]  should_failslab+0x8f/0xb0
[   44.758263][ T4479]  kmem_cache_alloc_noprof+0x52/0x320
[   44.763685][ T4479]  ? audit_log_start+0x34c/0x6b0
[   44.768657][ T4479]  audit_log_start+0x34c/0x6b0
[   44.773461][ T4479]  audit_seccomp+0x4b/0x130
[   44.777951][ T4479]  __seccomp_filter+0x6fa/0x1180
[   44.782885][ T4479]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   44.788565][ T4479]  ? vfs_write+0x596/0x920
[   44.793042][ T4479]  ? putname+0xcf/0xf0
[   44.797093][ T4479]  __secure_computing+0x9f/0x1c0
[   44.802015][ T4479]  syscall_trace_enter+0xd1/0x1f0
[   44.807044][ T4479]  ? fpregs_assert_state_consistent+0x83/0xa0
[   44.813270][ T4479]  do_syscall_64+0xaa/0x1c0
[   44.817813][ T4479]  ? clear_bhb_loop+0x55/0xb0
[   44.822471][ T4479]  ? clear_bhb_loop+0x55/0xb0
[   44.827127][ T4479]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.833030][ T4479] RIP: 0033:0x7f2d3ca6ff19
[   44.837864][ T4479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.857624][ T4479] RSP: 002b:00007f2d3b0e7058 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[   44.866110][ T4479] RAX: ffffffffffffffda RBX: 00007f2d3cc35fa0 RCX: 00007f2d3ca6ff19
[   44.874076][ T4479] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   44.882029][ T4479] RBP: 00007f2d3b0e70a0 R08: 0000000000000000 R09: 0000000000000000
[   44.889993][ T4479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   44.897990][ T4479] R13: 0000000000000000 R14: 00007f2d3cc35fa0 R15: 00007ffdc62ef1a8
[   44.906050][ T4479]  </TASK>
[   44.931776][ T4485] IPv4: Oversized IP packet from 127.202.26.0
[   44.982115][ T4497] gtp0: entered allmulticast mode
[   45.092621][ T4518] loop2: detected capacity change from 0 to 512
[   45.100960][ T4518] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   45.131885][ T4518] EXT4-fs (loop2): 1 truncate cleaned up
[   45.141700][ T4518] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.177547][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.536657][ T4565] FAULT_INJECTION: forcing a failure.
[   45.536657][ T4565] name failslab, interval 1, probability 0, space 0, times 0
[   45.549347][ T4565] CPU: 1 UID: 0 PID: 4565 Comm: syz.4.385 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   45.559995][ T4565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   45.570107][ T4565] Call Trace:
[   45.573383][ T4565]  <TASK>
[   45.576312][ T4565]  dump_stack_lvl+0xf2/0x150
[   45.580992][ T4565]  dump_stack+0x15/0x1a
[   45.585270][ T4565]  should_fail_ex+0x223/0x230
[   45.589961][ T4565]  should_failslab+0x8f/0xb0
[   45.594659][ T4565]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[   45.600994][ T4565]  ? sidtab_sid2str_get+0xb8/0x140
[   45.606268][ T4565]  kmemdup_noprof+0x2a/0x60
[   45.610791][ T4565]  sidtab_sid2str_get+0xb8/0x140
[   45.615740][ T4565]  security_sid_to_context_core+0x1eb/0x2f0
[   45.621652][ T4565]  security_sid_to_context+0x27/0x30
[   45.626946][ T4565]  selinux_lsmprop_to_secctx+0x2c/0x40
[   45.632486][ T4565]  security_lsmprop_to_secctx+0x4a/0x90
[   45.638067][ T4565]  audit_log_task_context+0x93/0x1c0
[   45.643428][ T4565]  audit_log_task+0xf9/0x1c0
[   45.648018][ T4565]  audit_seccomp+0x68/0x130
[   45.652522][ T4565]  __seccomp_filter+0x6fa/0x1180
[   45.657632][ T4565]  ? __kmalloc_noprof+0x284/0x3f0
[   45.662656][ T4565]  ? security_prepare_creds+0x53/0x120
[   45.668185][ T4565]  ? selinux_cred_prepare+0x60/0x70
[   45.673508][ T4565]  ? commit_creds+0x73b/0x7b0
[   45.678284][ T4565]  __secure_computing+0x9f/0x1c0
[   45.683223][ T4565]  syscall_trace_enter+0xd1/0x1f0
[   45.688330][ T4565]  do_syscall_64+0xaa/0x1c0
[   45.692904][ T4565]  ? clear_bhb_loop+0x55/0xb0
[   45.697585][ T4565]  ? clear_bhb_loop+0x55/0xb0
[   45.702263][ T4565]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.708327][ T4565] RIP: 0033:0x7f8c8640e92c
[   45.712738][ T4565] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   45.732351][ T4565] RSP: 002b:00007f8c84a87050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   45.740838][ T4565] RAX: ffffffffffffffda RBX: 00007f8c865d5fa0 RCX: 00007f8c8640e92c
[   45.748815][ T4565] RDX: 000000000000000f RSI: 00007f8c84a870b0 RDI: 0000000000000004
[   45.756791][ T4565] RBP: 00007f8c84a870a0 R08: 0000000000000000 R09: 0000000000000000
[   45.764766][ T4565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   45.772744][ T4565] R13: 0000000000000000 R14: 00007f8c865d5fa0 R15: 00007ffd04fc3b98
[   45.780752][ T4565]  </TASK>
[   45.916164][ T4566] loop1: detected capacity change from 0 to 512
[   45.928127][ T4556] loop3: detected capacity change from 0 to 512
[   45.934838][ T4566] ext4: Unknown parameter 'hash'
[   45.940494][ T4556] EXT4-fs: Ignoring removed nomblk_io_submit option
[   45.950430][ T4566] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   45.970104][ T4556] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   45.980026][ T4556] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[   45.990505][ T4566] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   46.233160][ T4579] __nla_validate_parse: 36 callbacks suppressed
[   46.233172][ T4579] netlink: 20 bytes leftover after parsing attributes in process `syz.2.389'.
[   46.299247][ T4582] loop3: detected capacity change from 0 to 512
[   46.306770][ T4588] netlink: 4 bytes leftover after parsing attributes in process `syz.2.393'.
[   46.318268][ T4582] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   46.336467][ T4582] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.351610][ T4582] ext4 filesystem being mounted at /70/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.509863][ T4604] netlink: 'syz.2.399': attribute type 21 has an invalid length.
[   46.517804][ T4604] FAULT_INJECTION: forcing a failure.
[   46.517804][ T4604] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   46.530935][ T4604] CPU: 1 UID: 0 PID: 4604 Comm: syz.2.399 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   46.541532][ T4604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   46.551590][ T4604] Call Trace:
[   46.554884][ T4604]  <TASK>
[   46.557811][ T4604]  dump_stack_lvl+0xf2/0x150
[   46.562401][ T4604]  dump_stack+0x15/0x1a
[   46.566721][ T4604]  should_fail_ex+0x223/0x230
[   46.571477][ T4604]  should_fail+0xb/0x10
[   46.575631][ T4604]  should_fail_usercopy+0x1a/0x20
[   46.580639][ T4604]  _copy_to_user+0x20/0xa0
[   46.585048][ T4604]  simple_read_from_buffer+0xa0/0x110
[   46.590426][ T4604]  proc_fail_nth_read+0xf9/0x140
[   46.595351][ T4604]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   46.600947][ T4604]  vfs_read+0x1a2/0x700
[   46.605091][ T4604]  ? __rcu_read_unlock+0x4e/0x70
[   46.610045][ T4604]  ? __fget_files+0x17c/0x1c0
[   46.614723][ T4604]  ksys_read+0xe8/0x1b0
[   46.618931][ T4604]  __x64_sys_read+0x42/0x50
[   46.623515][ T4604]  x64_sys_call+0x2874/0x2dc0
[   46.628218][ T4604]  do_syscall_64+0xc9/0x1c0
[   46.632787][ T4604]  ? clear_bhb_loop+0x55/0xb0
[   46.637472][ T4604]  ? clear_bhb_loop+0x55/0xb0
[   46.642366][ T4604]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.648262][ T4604] RIP: 0033:0x7f108832e92c
[   46.652686][ T4604] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   46.672460][ T4604] RSP: 002b:00007f10869a7050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   46.680873][ T4604] RAX: ffffffffffffffda RBX: 00007f10884f5fa0 RCX: 00007f108832e92c
[   46.688889][ T4604] RDX: 000000000000000f RSI: 00007f10869a70b0 RDI: 0000000000000007
[   46.696848][ T4604] RBP: 00007f10869a70a0 R08: 0000000000000000 R09: 0000000000000000
[   46.705053][ T4604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   46.713089][ T4604] R13: 0000000000000000 R14: 00007f10884f5fa0 R15: 00007ffd57c0e7e8
[   46.721056][ T4604]  </TASK>
[   46.808696][ T4609] netlink: 20 bytes leftover after parsing attributes in process `syz.2.401'.
[   46.882611][ T4617] netlink: 4 bytes leftover after parsing attributes in process `syz.2.405'.
[   46.923881][ T4619] netlink: 36 bytes leftover after parsing attributes in process `syz.2.406'.
[   46.933000][ T4619] netlink: 36 bytes leftover after parsing attributes in process `syz.2.406'.
[   46.941929][ T4619] netlink: 36 bytes leftover after parsing attributes in process `syz.2.406'.
[   46.958219][ T4619] netlink: 36 bytes leftover after parsing attributes in process `syz.2.406'.
[   46.967185][ T4619] netlink: 36 bytes leftover after parsing attributes in process `syz.2.406'.
[   46.976395][ T4619] netlink: 36 bytes leftover after parsing attributes in process `syz.2.406'.
[   47.017864][ T4627] FAULT_INJECTION: forcing a failure.
[   47.017864][ T4627] name failslab, interval 1, probability 0, space 0, times 0
[   47.030649][ T4627] CPU: 0 UID: 0 PID: 4627 Comm: syz.4.407 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   47.041326][ T4627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   47.051392][ T4627] Call Trace:
[   47.054670][ T4627]  <TASK>
[   47.057605][ T4627]  dump_stack_lvl+0xf2/0x150
[   47.062218][ T4627]  dump_stack+0x15/0x1a
[   47.066430][ T4627]  should_fail_ex+0x223/0x230
[   47.071227][ T4627]  should_failslab+0x8f/0xb0
[   47.075837][ T4627]  kmem_cache_alloc_node_noprof+0x59/0x320
[   47.081690][ T4627]  ? __alloc_skb+0x10b/0x310
[   47.086304][ T4627]  __alloc_skb+0x10b/0x310
[   47.090759][ T4627]  ? audit_log_start+0x34c/0x6b0
[   47.095714][ T4627]  audit_log_start+0x368/0x6b0
[   47.098522][ T4633] loop2: detected capacity change from 0 to 512
[   47.100476][ T4627]  ? kmem_cache_free+0xdc/0x2d0
[   47.111572][ T4627]  audit_seccomp+0x4b/0x130
[   47.116082][ T4627]  __seccomp_filter+0x6fa/0x1180
[   47.121060][ T4627]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   47.126748][ T4627]  ? vfs_write+0x596/0x920
[   47.131248][ T4627]  ? putname+0xcf/0xf0
[   47.135310][ T4627]  __secure_computing+0x9f/0x1c0
[   47.140271][ T4627]  syscall_trace_enter+0xd1/0x1f0
[   47.145364][ T4627]  ? fpregs_assert_state_consistent+0x83/0xa0
[   47.151468][ T4627]  do_syscall_64+0xaa/0x1c0
[   47.155963][ T4627]  ? clear_bhb_loop+0x55/0xb0
[   47.160666][ T4627]  ? clear_bhb_loop+0x55/0xb0
[   47.165331][ T4627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.171225][ T4627] RIP: 0033:0x7f8c8640e92c
[   47.175637][ T4627] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   47.195357][ T4627] RSP: 002b:00007f8c84a87050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   47.203759][ T4627] RAX: ffffffffffffffda RBX: 00007f8c865d5fa0 RCX: 00007f8c8640e92c
[   47.211723][ T4627] RDX: 000000000000000f RSI: 00007f8c84a870b0 RDI: 0000000000000005
[   47.219737][ T4627] RBP: 00007f8c84a870a0 R08: 0000000000000000 R09: 0000000000000000
[   47.227705][ T4627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   47.235666][ T4627] R13: 0000000000000000 R14: 00007f8c865d5fa0 R15: 00007ffd04fc3b98
[   47.243633][ T4627]  </TASK>
[   47.254136][ T4633] EXT4-fs (loop2): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   47.277597][ T4636] loop4: detected capacity change from 0 to 512
[   47.295103][ T4633] EXT4-fs warning (device loop2): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   47.310815][ T4636] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.411: bg 0: block 248: padding at end of block bitmap is not set
[   47.325860][ T4640] EXT4-fs error (device loop2): ext4_ext_check_inode:524: inode #15: comm syz.2.410: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   47.325907][ T4636] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.411: Failed to acquire dquot type 1
[   47.326347][ T4636] EXT4-fs (loop4): 1 truncate cleaned up
[   47.360901][ T4636] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.373556][ T4636] ext4 filesystem being mounted at /82/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   47.384154][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.384634][ T4636] FAULT_INJECTION: forcing a failure.
[   47.384634][ T4636] name failslab, interval 1, probability 0, space 0, times 0
[   47.405783][ T4636] CPU: 0 UID: 0 PID: 4636 Comm: syz.4.411 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   47.416350][ T4636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   47.426391][ T4636] Call Trace:
[   47.429688][ T4636]  <TASK>
[   47.432683][ T4636]  dump_stack_lvl+0xf2/0x150
[   47.437321][ T4636]  dump_stack+0x15/0x1a
[   47.441532][ T4636]  should_fail_ex+0x223/0x230
[   47.446191][ T4636]  ? audit_log_d_path+0x96/0x250
[   47.451148][ T4636]  should_failslab+0x8f/0xb0
[   47.455739][ T4636]  __kmalloc_cache_noprof+0x4e/0x320
[   47.461008][ T4636]  audit_log_d_path+0x96/0x250
[   47.465759][ T4636]  ? __rcu_read_unlock+0x4e/0x70
[   47.470697][ T4636]  audit_log_d_path_exe+0x42/0x70
[   47.475817][ T4636]  audit_log_task+0x192/0x1c0
[   47.480477][ T4636]  audit_seccomp+0x68/0x130
[   47.484975][ T4636]  __seccomp_filter+0x6fa/0x1180
[   47.489979][ T4636]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   47.495594][ T4636]  ? vfs_write+0x596/0x920
[   47.500045][ T4636]  ? putname+0xcf/0xf0
[   47.504175][ T4636]  __secure_computing+0x9f/0x1c0
[   47.509112][ T4636]  syscall_trace_enter+0xd1/0x1f0
[   47.514153][ T4636]  ? fpregs_assert_state_consistent+0x83/0xa0
[   47.520259][ T4636]  do_syscall_64+0xaa/0x1c0
[   47.524814][ T4636]  ? clear_bhb_loop+0x55/0xb0
[   47.529471][ T4636]  ? clear_bhb_loop+0x55/0xb0
[   47.534139][ T4636]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.540047][ T4636] RIP: 0033:0x7f8c8640ff19
[   47.544463][ T4636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.564089][ T4636] RSP: 002b:00007f8c84a87058 EFLAGS: 00000246 ORIG_RAX: 00000000000000c3
[   47.572485][ T4636] RAX: ffffffffffffffda RBX: 00007f8c865d5fa0 RCX: 00007f8c8640ff19
[   47.580448][ T4636] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000140
[   47.588510][ T4636] RBP: 00007f8c84a870a0 R08: 0000000000000000 R09: 0000000000000000
[   47.596529][ T4636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   47.604504][ T4636] R13: 0000000000000000 R14: 00007f8c865d5fa0 R15: 00007ffd04fc3b98
[   47.612461][ T4636]  </TASK>
[   47.623898][ T4636] syz.4.411 (4636) used greatest stack depth: 9296 bytes left
[   47.634812][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.789683][ T4664] loop4: detected capacity change from 0 to 1024
[   47.796526][ T4664] journal_path: Non-blockdev passed as './file0'
[   47.802871][ T4664] EXT4-fs: error: could not find journal device path
[   47.918760][ T3305] EXT4-fs (loop2): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[   47.946319][ T4672] netlink: 'syz.2.423': attribute type 10 has an invalid length.
[   47.956097][ T4672] batman_adv: batadv0: Adding interface: team0
[   47.962307][ T4672] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.987606][ T4672] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[   47.998425][ T4675] netlink: 'syz.2.423': attribute type 10 has an invalid length.
[   48.006912][ T4675] team0: entered promiscuous mode
[   48.011963][ T4675] team_slave_0: entered promiscuous mode
[   48.017812][ T4675] team_slave_1: entered promiscuous mode
[   48.025335][ T4675] 8021q: adding VLAN 0 to HW filter on device team0
[   48.032309][ T4675] batman_adv: batadv0: Interface activated: team0
[   48.038931][ T4675] batman_adv: batadv0: Interface deactivated: team0
[   48.045628][ T4675] batman_adv: batadv0: Removing interface: team0
[   48.055132][ T4675] bridge0: port 3(team0) entered blocking state
[   48.061426][ T4675] bridge0: port 3(team0) entered disabled state
[   48.069832][ T4675] team0: entered allmulticast mode
[   48.075009][ T4675] team_slave_0: entered allmulticast mode
[   48.080730][ T4675] team_slave_1: entered allmulticast mode
[   48.088547][ T4675] bridge0: port 3(team0) entered blocking state
[   48.094897][ T4675] bridge0: port 3(team0) entered forwarding state
[   48.723935][   T29] kauditd_printk_skb: 336 callbacks suppressed
[   48.723950][   T29] audit: type=1326 audit(1733224319.494:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4706 comm="syz.1.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   48.755486][   T29] audit: type=1326 audit(1733224319.534:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4706 comm="syz.1.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   48.778979][   T29] audit: type=1326 audit(1733224319.534:1028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4706 comm="syz.1.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   48.802373][   T29] audit: type=1326 audit(1733224319.534:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4706 comm="syz.1.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   48.825794][   T29] audit: type=1326 audit(1733224319.534:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4706 comm="syz.1.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   48.849197][   T29] audit: type=1326 audit(1733224319.534:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4706 comm="syz.1.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   48.873583][   T29] audit: type=1326 audit(1733224319.644:1032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4706 comm="syz.1.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   48.897021][   T29] audit: type=1326 audit(1733224319.644:1033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4706 comm="syz.1.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   48.922414][   T29] audit: type=1326 audit(1733224319.644:1034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4706 comm="syz.1.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   48.927512][ T4712] loop2: detected capacity change from 0 to 512
[   48.945860][   T29] audit: type=1326 audit(1733224319.644:1035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4706 comm="syz.1.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc6cc34ff53 code=0x7ffc0000
[   48.952472][ T4712] ext4: Unknown parameter 'hash'
[   48.978449][ T4707] loop1: detected capacity change from 0 to 512
[   49.010392][ T4709] netlink: 'syz.4.438': attribute type 10 has an invalid length.
[   49.034147][ T4709] batman_adv: batadv0: Adding interface: team0
[   49.035346][ T4712] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   49.040421][ T4709] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   49.040446][ T4709] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[   49.049342][ T4712] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   49.087944][ T4714] netlink: 'syz.4.438': attribute type 10 has an invalid length.
[   49.100029][ T4714] team0: entered promiscuous mode
[   49.105135][ T4714] team_slave_0: entered promiscuous mode
[   49.110982][ T4714] team_slave_1: entered promiscuous mode
[   49.123099][ T4714] 8021q: adding VLAN 0 to HW filter on device team0
[   49.130783][ T4714] batman_adv: batadv0: Interface activated: team0
[   49.136194][ T4707] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.439: Failed to acquire dquot type 1
[   49.137278][ T4714] batman_adv: batadv0: Interface deactivated: team0
[   49.155145][ T4714] batman_adv: batadv0: Removing interface: team0
[   49.163849][ T4707] EXT4-fs (loop1): 1 truncate cleaned up
[   49.169859][ T4707] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.184321][ T4707] ext4 filesystem being mounted at /77/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.211022][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.297744][ T4736] loop1: detected capacity change from 0 to 512
[   49.311494][ T4736] EXT4-fs error (device loop1): ext4_orphan_get:1389: inode #15: comm syz.1.448: casefold flag without casefold feature
[   49.331936][ T4736] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.448: couldn't read orphan inode 15 (err -117)
[   49.345670][ T4736] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.360401][ T4738] loop4: detected capacity change from 0 to 8192
[   49.386963][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.478353][ T4748] loop1: detected capacity change from 0 to 1024
[   49.505955][ T4748] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.530597][ T4748] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.556370][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.766717][ T4765] xt_hashlimit: max too large, truncated to 1048576
[   49.802976][ T4764] netlink: 'syz.3.458': attribute type 10 has an invalid length.
[   49.820402][ T4764] batman_adv: batadv0: Adding interface: team0
[   49.826651][ T4764] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   49.851870][ T4764] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[   49.868255][ T4764] netlink: 'syz.3.458': attribute type 10 has an invalid length.
[   49.876237][ T4764] team0: entered promiscuous mode
[   49.881276][ T4764] team_slave_0: entered promiscuous mode
[   49.887131][ T4764] team_slave_1: entered promiscuous mode
[   49.972164][ T4764] 8021q: adding VLAN 0 to HW filter on device team0
[   49.993207][ T4764] batman_adv: batadv0: Interface activated: team0
[   49.999830][ T4764] batman_adv: batadv0: Interface deactivated: team0
[   50.006532][ T4764] batman_adv: batadv0: Removing interface: team0
[   50.128430][ T4764] bridge0: port 3(team0) entered blocking state
[   50.134762][ T4764] bridge0: port 3(team0) entered disabled state
[   50.239309][ T4764] team0: entered allmulticast mode
[   50.244579][ T4764] team_slave_0: entered allmulticast mode
[   50.250325][ T4764] team_slave_1: entered allmulticast mode
[   50.265145][ T4764] bridge0: port 3(team0) entered blocking state
[   50.271487][ T4764] bridge0: port 3(team0) entered forwarding state
[   50.376210][ T4797] loop4: detected capacity change from 0 to 512
[   50.393467][ T4797] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #15: comm syz.4.473: casefold flag without casefold feature
[   50.410362][ T4790] loop2: detected capacity change from 0 to 512
[   50.417146][ T4797] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.473: couldn't read orphan inode 15 (err -117)
[   50.429782][ T4790] ext4: Unknown parameter 'hash'
[   50.436636][ T4797] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.498720][ T4790] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   50.507715][ T4790] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   50.537847][ T4811] IPv6: NLM_F_CREATE should be specified when creating new route
[   50.572549][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.613018][ T4819] netlink: 'syz.1.482': attribute type 10 has an invalid length.
[   50.636421][ T4819] batman_adv: batadv0: Adding interface: team0
[   50.642686][ T4819] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   50.650718][ T4825] loop0: detected capacity change from 0 to 512
[   50.667824][ T4819] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[   50.681290][ T4826] netlink: 'syz.1.482': attribute type 10 has an invalid length.
[   50.697127][ T4826] team0: entered promiscuous mode
[   50.702219][ T4826] team_slave_0: entered promiscuous mode
[   50.706411][ T4825] EXT4-fs: Ignoring removed oldalloc option
[   50.708223][ T4826] team_slave_1: entered promiscuous mode
[   50.714204][ T4825] journal_path: Non-blockdev passed as './bus'
[   50.725586][ T4825] EXT4-fs: error: could not find journal device path
[   50.728556][ T4826] 8021q: adding VLAN 0 to HW filter on device team0
[   50.741890][ T4826] batman_adv: batadv0: Interface activated: team0
[   50.747594][ T4828] loop4: detected capacity change from 0 to 2048
[   50.748400][ T4826] batman_adv: batadv0: Interface deactivated: team0
[   50.761340][ T4826] batman_adv: batadv0: Removing interface: team0
[   50.770047][ T4826] bridge0: port 3(team0) entered blocking state
[   50.770085][ T4826] bridge0: port 3(team0) entered disabled state
[   50.770158][ T4826] team0: entered allmulticast mode
[   50.770172][ T4826] team_slave_0: entered allmulticast mode
[   50.770185][ T4826] team_slave_1: entered allmulticast mode
[   50.775221][ T4826] bridge0: port 3(team0) entered blocking state
[   50.775271][ T4826] bridge0: port 3(team0) entered forwarding state
[   50.775402][ T4823] macvlan0: entered allmulticast mode
[   50.775419][ T4823] veth1_vlan: entered allmulticast mode
[   50.776095][ T4829] veth1_vlan: left allmulticast mode
[   50.783179][ T4829] macvlan0 (unregistering): left allmulticast mode
[   50.910305][ T4839] ip6t_rpfilter: unknown options
[   51.092690][ T4864] loop2: detected capacity change from 0 to 1024
[   51.128764][ T4856] macvlan0: entered promiscuous mode
[   51.132286][ T4870] loop4: detected capacity change from 0 to 164
[   51.138989][ T4864] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.154414][ T4864] ext4 filesystem being mounted at /112/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.157806][ T4856] ipvlan0: entered promiscuous mode
[   51.176917][ T4870] Unable to read rock-ridge attributes
[   51.180127][ T4856] ipvlan0: left promiscuous mode
[   51.188204][ T4856] macvlan0: left promiscuous mode
[   51.195208][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.196916][ T4875] loop3: detected capacity change from 0 to 512
[   51.210724][ T4875] ext4: Unknown parameter 'hash'
[   51.223245][ T4871] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   51.232428][ T4871] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   51.305686][ T4883] __nla_validate_parse: 34 callbacks suppressed
[   51.305776][ T4883] netlink: 20 bytes leftover after parsing attributes in process `syz.2.508'.
[   51.352948][ T4887] loop4: detected capacity change from 0 to 512
[   51.359690][ T4887] ext4: Unknown parameter 'hash'
[   51.365840][ T4895] netlink: 24 bytes leftover after parsing attributes in process `syz.1.515'.
[   51.376646][ T4887] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   51.386432][ T4887] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   51.389378][ T4895] FAULT_INJECTION: forcing a failure.
[   51.389378][ T4895] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   51.407642][ T4895] CPU: 1 UID: 0 PID: 4895 Comm: syz.1.515 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   51.418325][ T4895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   51.428401][ T4895] Call Trace:
[   51.431686][ T4895]  <TASK>
[   51.434688][ T4895]  dump_stack_lvl+0xf2/0x150
[   51.439305][ T4895]  dump_stack+0x15/0x1a
[   51.443491][ T4895]  should_fail_ex+0x223/0x230
[   51.446992][ T4897] netlink: 4 bytes leftover after parsing attributes in process `syz.2.516'.
[   51.448167][ T4895]  should_fail+0xb/0x10
[   51.448193][ T4895]  should_fail_usercopy+0x1a/0x20
[   51.448215][ T4895]  _copy_to_user+0x20/0xa0
[   51.448239][ T4895]  simple_read_from_buffer+0xa0/0x110
[   51.448264][ T4895]  proc_fail_nth_read+0xf9/0x140
[   51.481158][ T4895]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   51.486767][ T4895]  vfs_read+0x1a2/0x700
[   51.491034][ T4895]  ? __rcu_read_unlock+0x4e/0x70
[   51.496143][ T4895]  ? __fget_files+0x17c/0x1c0
[   51.500828][ T4895]  ksys_read+0xe8/0x1b0
[   51.505016][ T4895]  __x64_sys_read+0x42/0x50
[   51.509544][ T4895]  x64_sys_call+0x2874/0x2dc0
[   51.514283][ T4895]  do_syscall_64+0xc9/0x1c0
[   51.518864][ T4895]  ? clear_bhb_loop+0x55/0xb0
[   51.523534][ T4895]  ? clear_bhb_loop+0x55/0xb0
[   51.528219][ T4895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.534211][ T4895] RIP: 0033:0x7fc6cc34e92c
[   51.538651][ T4895] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   51.558253][ T4895] RSP: 002b:00007fc6ca9c7050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   51.566662][ T4895] RAX: ffffffffffffffda RBX: 00007fc6cc515fa0 RCX: 00007fc6cc34e92c
[   51.574826][ T4895] RDX: 000000000000000f RSI: 00007fc6ca9c70b0 RDI: 0000000000000006
[   51.582788][ T4895] RBP: 00007fc6ca9c70a0 R08: 0000000000000000 R09: 0000000000000000
[   51.590858][ T4895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   51.598876][ T4895] R13: 0000000000000000 R14: 00007fc6cc515fa0 R15: 00007fff1de42d98
[   51.606893][ T4895]  </TASK>
[   51.638960][ T4904] netlink: 4 bytes leftover after parsing attributes in process `syz.0.519'.
[   51.679704][ T4911] loop0: detected capacity change from 0 to 128
[   51.688929][ T4911] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   51.701926][ T4911] ext4 filesystem being mounted at /109/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   51.702573][ T4914] netlink: 'syz.2.523': attribute type 6 has an invalid length.
[   51.756425][ T4914] loop2: detected capacity change from 0 to 2048
[   51.780795][ T3313] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   51.799411][ T4918] netlink: 20 bytes leftover after parsing attributes in process `syz.1.526'.
[   51.821229][ T4914] Alternate GPT is invalid, using primary GPT.
[   51.827721][ T4914]  loop2: p2 p3 p7
[   51.901685][ T4926] netlink: 36 bytes leftover after parsing attributes in process `syz.0.529'.
[   51.910656][ T4926] netlink: 36 bytes leftover after parsing attributes in process `syz.0.529'.
[   51.920032][ T4926] netlink: 36 bytes leftover after parsing attributes in process `syz.0.529'.
[   51.948693][ T4926] netlink: 36 bytes leftover after parsing attributes in process `syz.0.529'.
[   51.957637][ T4926] netlink: 36 bytes leftover after parsing attributes in process `syz.0.529'.
[   52.059149][ T4948] raw_sendmsg: syz.3.536 forgot to set AF_INET. Fix it!
[   52.070575][ T4949] netlink: 'syz.1.535': attribute type 12 has an invalid length.
[   52.223789][ T4943] loop0: detected capacity change from 0 to 512
[   52.262130][ T4943] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.567314][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.238283][ T5048] loop0: detected capacity change from 0 to 512
[   53.299983][ T5048] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.541: bg 0: block 248: padding at end of block bitmap is not set
[   53.380366][ T5048] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.541: Failed to acquire dquot type 1
[   53.449777][ T5048] EXT4-fs (loop0): 1 truncate cleaned up
[   53.489493][ T5048] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.524281][ T5048] ext4 filesystem being mounted at /114/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   53.812751][   T29] kauditd_printk_skb: 313 callbacks suppressed
[   53.812766][   T29] audit: type=1326 audit(1733224324.584:1345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5115 comm="syz.1.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   53.842668][   T29] audit: type=1326 audit(1733224324.594:1346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5115 comm="syz.1.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   53.866132][   T29] audit: type=1326 audit(1733224324.594:1347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5115 comm="syz.1.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   53.889627][   T29] audit: type=1326 audit(1733224324.594:1348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5115 comm="syz.1.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   53.913077][   T29] audit: type=1326 audit(1733224324.594:1349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5115 comm="syz.1.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   53.936510][   T29] audit: type=1326 audit(1733224324.594:1350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5115 comm="syz.1.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   53.959949][   T29] audit: type=1326 audit(1733224324.594:1351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5115 comm="syz.1.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   53.983332][   T29] audit: type=1326 audit(1733224324.594:1352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5115 comm="syz.1.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   54.006607][   T29] audit: type=1326 audit(1733224324.594:1353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5115 comm="syz.1.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   54.030028][   T29] audit: type=1326 audit(1733224324.594:1354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5115 comm="syz.1.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   54.086434][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.609423][ T5157] loop0: detected capacity change from 0 to 512
[   54.620035][ T5157] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   54.629529][ T5157] EXT4-fs (loop0): 1 truncate cleaned up
[   54.653370][ T5157] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.713680][ T5157] sctp: [Deprecated]: syz.0.583 (pid 5157) Use of struct sctp_assoc_value in delayed_ack socket option.
[   54.713680][ T5157] Use struct sctp_sack_info instead
[   54.744147][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.865915][ T5180] loop0: detected capacity change from 0 to 1024
[   54.878542][ T5180] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.878611][ T5180] ext4 filesystem being mounted at /122/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.926277][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.000070][ T5190] syzkaller0: entered promiscuous mode
[   55.000091][ T5190] syzkaller0: entered allmulticast mode
[   55.373587][ T5202] loop3: detected capacity change from 0 to 512
[   55.399634][ T5202] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #15: comm syz.3.598: casefold flag without casefold feature
[   55.412531][ T5202] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.598: couldn't read orphan inode 15 (err -117)
[   55.427261][ T5202] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.443076][ T5204] loop1: detected capacity change from 0 to 512
[   55.449802][ T5204] ext4: Unknown parameter 'hash'
[   55.457186][ T5204] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   55.465780][ T5204] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   55.498486][ T5209] loop4: detected capacity change from 0 to 512
[   55.511640][ T5209] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   55.521356][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.533162][ T5209] EXT4-fs (loop4): 1 truncate cleaned up
[   55.539531][ T5209] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.604838][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.654759][ T5226] syzkaller0: entered promiscuous mode
[   55.660283][ T5226] syzkaller0: entered allmulticast mode
[   55.911515][ T5267] loop2: detected capacity change from 0 to 1024
[   55.940323][ T5267] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.952695][ T5267] ext4 filesystem being mounted at /128/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.979680][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.207176][ T5294] loop2: detected capacity change from 0 to 512
[   56.466300][ T5291] __nla_validate_parse: 76 callbacks suppressed
[   56.466318][ T5291] netlink: 4 bytes leftover after parsing attributes in process `syz.1.631'.
[   56.555941][ T5298] netlink: 8 bytes leftover after parsing attributes in process `syz.4.632'.
[   56.592532][ T5294] EXT4-fs error (device loop2): ext4_orphan_get:1389: inode #15: comm syz.2.633: casefold flag without casefold feature
[   56.654500][ T5294] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.633: couldn't read orphan inode 15 (err -117)
[   56.709357][ T5294] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.925843][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.998123][ T5313] loop3: detected capacity change from 0 to 1024
[   57.025574][ T5313] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.038032][ T5313] ext4 filesystem being mounted at /116/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.048860][ T5312] loop0: detected capacity change from 0 to 512
[   57.056972][ T5312] ext4: Unknown parameter 'hash'
[   57.086202][ T5312] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   57.095817][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.115607][ T5312] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   57.210397][ T5325] netlink: 36 bytes leftover after parsing attributes in process `syz.2.643'.
[   57.219359][ T5325] netlink: 36 bytes leftover after parsing attributes in process `syz.2.643'.
[   57.230420][ T5325] netlink: 36 bytes leftover after parsing attributes in process `syz.2.643'.
[   57.249568][ T5335] netlink: 4 bytes leftover after parsing attributes in process `syz.4.647'.
[   57.257097][ T5325] netlink: 36 bytes leftover after parsing attributes in process `syz.2.643'.
[   57.267365][ T5325] netlink: 36 bytes leftover after parsing attributes in process `syz.2.643'.
[   57.276645][ T5325] netlink: 36 bytes leftover after parsing attributes in process `syz.2.643'.
[   57.350733][ T5325] netlink: 36 bytes leftover after parsing attributes in process `syz.2.643'.
[   57.373235][ T5347] xt_hashlimit: size too large, truncated to 1048576
[   57.409225][ T5350] loop2: detected capacity change from 0 to 1024
[   57.486423][ T5350] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.498646][ T5350] ext4 filesystem being mounted at /134/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.515139][ T5357] netlink: 'syz.3.651': attribute type 21 has an invalid length.
[   57.537923][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.717673][ T5361] loop1: detected capacity change from 0 to 1024
[   57.746401][ T5361] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.758765][ T5361] ext4 filesystem being mounted at /128/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.773187][ T5370] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[   57.790168][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.878562][ T5376] loop3: detected capacity change from 0 to 512
[   57.889225][ T5376] ext4: Unknown parameter 'hash'
[   57.916962][ T5376] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   57.930464][ T5376] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   57.991990][ T5393] xt_hashlimit: size too large, truncated to 1048576
[   58.132132][ T5399] netlink: 'syz.0.665': attribute type 21 has an invalid length.
[   58.243851][ T5401] loop4: detected capacity change from 0 to 512
[   58.265617][ T5401] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #15: comm syz.4.667: casefold flag without casefold feature
[   58.265794][ T5401] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.667: couldn't read orphan inode 15 (err -117)
[   58.305313][ T5401] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.328487][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.512843][ T5406] loop4: detected capacity change from 0 to 512
[   58.513002][ T5406] ext4: Unknown parameter 'hash'
[   58.522769][ T5406] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   58.522845][ T5406] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   58.527633][ T5408] loop3: detected capacity change from 0 to 1024
[   58.575251][ T5408] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.575320][ T5408] ext4 filesystem being mounted at /124/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.623492][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.693817][ T5422] loop3: detected capacity change from 0 to 512
[   58.703931][ T5422] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   58.706123][ T5422] EXT4-fs (loop3): 1 truncate cleaned up
[   58.726131][ T5422] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.991615][ T5444] loop1: detected capacity change from 0 to 1024
[   59.016554][ T5444] ext4 filesystem being mounted at /132/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.029501][   T29] kauditd_printk_skb: 123 callbacks suppressed
[   59.029570][   T29] audit: type=1326 audit(1733224329.804:1478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5442 comm="syz.1.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   59.060803][   T29] audit: type=1326 audit(1733224329.804:1479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5442 comm="syz.1.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   59.066046][ T5453] loop2: detected capacity change from 0 to 512
[   59.084242][   T29] audit: type=1326 audit(1733224329.804:1480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5442 comm="syz.1.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   59.095372][ T5446] loop0: detected capacity change from 0 to 512
[   59.113978][   T29] audit: type=1326 audit(1733224329.804:1481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5442 comm="syz.1.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6cc34ff19 code=0x7ffc0000
[   59.120544][ T5446] ext4: Unknown parameter 'hash'
[   59.154463][ T5453] EXT4-fs error (device loop2): ext4_orphan_get:1389: inode #15: comm syz.2.686: casefold flag without casefold feature
[   59.168069][ T5453] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.686: couldn't read orphan inode 15 (err -117)
[   59.196702][ T5446] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   59.205934][ T5446] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   59.395482][ T5481] loop4: detected capacity change from 0 to 1024
[   59.417905][ T5481] ext4 filesystem being mounted at /138/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.421621][   T29] audit: type=1326 audit(1733224330.194:1482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5480 comm="syz.4.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c8640ff19 code=0x7ffc0000
[   59.421722][   T29] audit: type=1326 audit(1733224330.194:1483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5480 comm="syz.4.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c8640ff19 code=0x7ffc0000
[   59.421741][   T29] audit: type=1326 audit(1733224330.194:1484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5480 comm="syz.4.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7f8c8640ff19 code=0x7ffc0000
[   59.421760][   T29] audit: type=1326 audit(1733224330.194:1485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5480 comm="syz.4.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c8640ff19 code=0x7ffc0000
[   59.498654][ T5488] loop4: detected capacity change from 0 to 512
[   59.520660][ T5488] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #15: comm syz.4.699: casefold flag without casefold feature
[   59.564902][ T5488] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.699: couldn't read orphan inode 15 (err -117)
[   59.852668][ T5506] loop0: detected capacity change from 0 to 512
[   60.097096][ T5506] ext4 filesystem being mounted at /145/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.285399][ T5520] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[   60.298067][ T5520] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.705: corrupted inode contents
[   60.298205][ T5520] EXT4-fs (loop0): Remounting filesystem read-only
[   60.349056][ T5523] loop3: detected capacity change from 0 to 1024
[   60.360008][ T5523] ext4 filesystem being mounted at /131/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.383470][   T29] audit: type=1326 audit(1733224331.154:1486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5522 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9449adff19 code=0x7ffc0000
[   60.427715][ T5529] loop2: detected capacity change from 0 to 512
[   60.435190][  T293] Quota error (device loop0): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync!
[   60.449063][ T5529] EXT4-fs error (device loop2): ext4_orphan_get:1389: inode #15: comm syz.2.713: casefold flag without casefold feature
[   60.464621][ T5529] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.713: couldn't read orphan inode 15 (err -117)
[   60.618979][ T5543] loop4: detected capacity change from 0 to 512
[   60.631715][ T5543] ext4: Unknown parameter 'hash'
[   60.677231][ T5543] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   60.695118][ T5543] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   60.754292][ T5555] loop1: detected capacity change from 0 to 512
[   60.771697][ T5555] ext4: Unknown parameter 'hash'
[   60.779638][ T5555] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   60.789230][ T5555] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   60.956003][ T5563] loop3: detected capacity change from 0 to 512
[   60.986768][ T5563] ext4 filesystem being mounted at /136/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   61.091942][ T5563] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[   61.104410][ T5563] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.723: corrupted inode contents
[   61.116573][ T5563] EXT4-fs (loop3): Remounting filesystem read-only
[   61.408009][ T5574] loop3: detected capacity change from 0 to 1024
[   61.450143][ T5574] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   61.480255][ T5584] loop2: detected capacity change from 0 to 512
[   61.503682][ T5584] EXT4-fs error (device loop2): ext4_orphan_get:1389: inode #15: comm syz.2.731: casefold flag without casefold feature
[   61.521917][ T5584] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.731: couldn't read orphan inode 15 (err -117)
[   61.586669][ T5595] loop3: detected capacity change from 0 to 512
[   61.588649][ T5595] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   61.601864][ T5598] loop2: detected capacity change from 0 to 512
[   61.602438][ T5598] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   61.602488][ T5595] EXT4-fs (loop3): 1 truncate cleaned up
[   61.610382][ T5598] EXT4-fs (loop2): 1 truncate cleaned up
[   61.637317][ T5594] loop1: detected capacity change from 0 to 512
[   61.669991][ T5594] ext4: Unknown parameter 'hash'
[   61.671613][ T5594] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   61.671689][ T5594] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   61.736231][ T5611] loop2: detected capacity change from 0 to 512
[   61.766575][ T5612] __nla_validate_parse: 36 callbacks suppressed
[   61.766591][ T5612] netlink: 2088 bytes leftover after parsing attributes in process `syz.4.741'.
[   61.783969][ T5611] ext4 filesystem being mounted at /152/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   61.918162][ T5611] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[   61.920914][ T5611] EXT4-fs error (device loop2): ext4_do_update_inode:5153: inode #2: comm syz.2.738: corrupted inode contents
[   61.940045][ T5611] EXT4-fs (loop2): Remounting filesystem read-only
[   62.124371][ T5624] netlink: 4 bytes leftover after parsing attributes in process `syz.3.745'.
[   62.196906][ T5633] loop3: detected capacity change from 0 to 512
[   62.199111][ T5633] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   62.226760][ T5633] EXT4-fs (loop3): 1 truncate cleaned up
[   62.283540][ T5638] loop1: detected capacity change from 0 to 1024
[   62.296209][ T5638] ext4 filesystem being mounted at /148/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.339928][ T5642] loop3: detected capacity change from 0 to 512
[   62.340660][ T5642] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   62.349786][ T5642] EXT4-fs (loop3): 1 truncate cleaned up
[   62.361861][ T5644] loop1: detected capacity change from 0 to 512
[   62.396264][ T5644] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   62.412692][ T5644] EXT4-fs (loop1): 1 truncate cleaned up
[   62.454006][ T5649] netlink: 36 bytes leftover after parsing attributes in process `syz.3.755'.
[   62.454051][ T5649] netlink: 36 bytes leftover after parsing attributes in process `syz.3.755'.
[   62.454084][ T5649] netlink: 36 bytes leftover after parsing attributes in process `syz.3.755'.
[   62.478296][ T5649] netlink: 36 bytes leftover after parsing attributes in process `syz.3.755'.
[   62.478320][ T5649] netlink: 36 bytes leftover after parsing attributes in process `syz.3.755'.
[   62.478352][ T5649] netlink: 36 bytes leftover after parsing attributes in process `syz.3.755'.
[   62.610830][ T5649] netlink: 36 bytes leftover after parsing attributes in process `syz.3.755'.
[   62.610853][ T5649] netlink: 36 bytes leftover after parsing attributes in process `syz.3.755'.
[   62.621396][ T5661] loop1: detected capacity change from 0 to 4096
[   62.650170][ T5672] 9pnet_fd: Insufficient options for proto=fd
[   62.698915][ T5675] loop3: detected capacity change from 0 to 1024
[   62.717726][ T5669] loop0: detected capacity change from 0 to 512
[   62.718040][ T5669] ext4: Unknown parameter 'hash'
[   62.734705][ T5675] ext4 filesystem being mounted at /150/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.763082][ T5669] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   62.763195][ T5669] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   62.805386][ T5685] loop1: detected capacity change from 0 to 512
[   62.806366][ T5685] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   62.808497][ T5685] EXT4-fs (loop1): 1 truncate cleaned up
[   63.002617][ T5707] loop2: detected capacity change from 0 to 512
[   63.013846][ T5707] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   63.032156][ T5710] 9pnet_fd: Insufficient options for proto=fd
[   63.041876][ T5707] EXT4-fs (loop2): 1 truncate cleaned up
[   63.085275][ T5717] loop3: detected capacity change from 0 to 1024
[   63.108644][ T5717] ext4 filesystem being mounted at /156/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.121336][ T5723] netlink: 'syz.2.781': attribute type 3 has an invalid length.
[   63.168410][ T5727] loop2: detected capacity change from 0 to 1024
[   63.280192][ T5748] 9pnet_fd: Insufficient options for proto=fd
[   63.506178][ T5779] FAULT_INJECTION: forcing a failure.
[   63.506178][ T5779] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   63.516410][ T5781] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   63.519284][ T5779] CPU: 1 UID: 0 PID: 5779 Comm: syz.3.801 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   63.540120][ T5779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   63.550244][ T5779] Call Trace:
[   63.553526][ T5779]  <TASK>
[   63.556518][ T5779]  dump_stack_lvl+0xf2/0x150
[   63.561185][ T5779]  dump_stack+0x15/0x1a
[   63.565473][ T5779]  should_fail_ex+0x223/0x230
[   63.570216][ T5779]  should_fail+0xb/0x10
[   63.574425][ T5779]  should_fail_usercopy+0x1a/0x20
[   63.579506][ T5779]  _copy_to_user+0x20/0xa0
[   63.584008][ T5779]  simple_read_from_buffer+0xa0/0x110
[   63.589401][ T5779]  proc_fail_nth_read+0xf9/0x140
[   63.594339][ T5779]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   63.600025][ T5779]  vfs_read+0x1a2/0x700
[   63.604184][ T5779]  ? __rcu_read_unlock+0x4e/0x70
[   63.609128][ T5779]  ? __fget_files+0x17c/0x1c0
[   63.613869][ T5779]  ksys_read+0xe8/0x1b0
[   63.618023][ T5779]  __x64_sys_read+0x42/0x50
[   63.622547][ T5779]  x64_sys_call+0x2874/0x2dc0
[   63.627218][ T5779]  do_syscall_64+0xc9/0x1c0
[   63.631740][ T5779]  ? clear_bhb_loop+0x55/0xb0
[   63.636408][ T5779]  ? clear_bhb_loop+0x55/0xb0
[   63.641080][ T5779]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.647101][ T5779] RIP: 0033:0x7f9449ade92c
[   63.651515][ T5779] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   63.671140][ T5779] RSP: 002b:00007f9448157050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   63.679586][ T5779] RAX: ffffffffffffffda RBX: 00007f9449ca5fa0 RCX: 00007f9449ade92c
[   63.687553][ T5779] RDX: 000000000000000f RSI: 00007f94481570b0 RDI: 0000000000000004
[   63.695514][ T5779] RBP: 00007f94481570a0 R08: 0000000000000000 R09: 0000000000000000
[   63.703560][ T5779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.711579][ T5779] R13: 0000000000000000 R14: 00007f9449ca5fa0 R15: 00007ffced9b39d8
[   63.719610][ T5779]  </TASK>
[   63.980603][ T5828] loop2: detected capacity change from 0 to 512
[   64.039967][ T5828] EXT4-fs error (device loop2): ext4_orphan_get:1389: inode #15: comm syz.2.818: casefold flag without casefold feature
[   64.040061][ T5828] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.818: couldn't read orphan inode 15 (err -117)
[   64.187738][   T29] kauditd_printk_skb: 117 callbacks suppressed
[   64.187752][   T29] audit: type=1326 audit(1733224334.964:1602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5846 comm="syz.0.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3ca6ff19 code=0x7ffc0000
[   64.187917][   T29] audit: type=1326 audit(1733224334.964:1603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5846 comm="syz.0.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f2d3ca6ff19 code=0x7ffc0000
[   64.188037][   T29] audit: type=1326 audit(1733224334.964:1604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5846 comm="syz.0.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3ca6ff19 code=0x7ffc0000
[   64.188157][   T29] audit: type=1326 audit(1733224334.964:1605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5846 comm="syz.0.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f2d3ca6ff19 code=0x7ffc0000
[   64.188357][   T29] audit: type=1326 audit(1733224334.964:1606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5846 comm="syz.0.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3ca6ff19 code=0x7ffc0000
[   64.262833][   T29] audit: type=1326 audit(1733224335.034:1607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5852 comm="syz.4.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c8640ff19 code=0x7ffc0000
[   64.262909][   T29] audit: type=1326 audit(1733224335.034:1608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5852 comm="syz.4.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c8640ff19 code=0x7ffc0000
[   64.263071][   T29] audit: type=1326 audit(1733224335.034:1609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5852 comm="syz.4.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7f8c8640ff19 code=0x7ffc0000
[   64.263156][   T29] audit: type=1326 audit(1733224335.034:1610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5852 comm="syz.4.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c8640ff19 code=0x7ffc0000
[   64.585493][   T29] audit: type=1326 audit(1733224335.314:1611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5866 comm="syz.4.836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c8640ff19 code=0x7ffc0000
[   64.647588][ T5870] FAULT_INJECTION: forcing a failure.
[   64.647588][ T5870] name failslab, interval 1, probability 0, space 0, times 0
[   64.647610][ T5870] CPU: 1 UID: 0 PID: 5870 Comm: syz.0.837 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   64.647639][ T5870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   64.647651][ T5870] Call Trace:
[   64.647659][ T5870]  <TASK>
[   64.647666][ T5870]  dump_stack_lvl+0xf2/0x150
[   64.647763][ T5870]  dump_stack+0x15/0x1a
[   64.647789][ T5870]  should_fail_ex+0x223/0x230
[   64.647815][ T5870]  should_failslab+0x8f/0xb0
[   64.647869][ T5870]  kmem_cache_alloc_noprof+0x52/0x320
[   64.647893][ T5870]  ? audit_log_start+0x34c/0x6b0
[   64.647995][ T5870]  audit_log_start+0x34c/0x6b0
[   64.648088][ T5870]  audit_seccomp+0x4b/0x130
[   64.648110][ T5870]  __seccomp_filter+0x6fa/0x1180
[   64.648138][ T5870]  ? kmem_cache_free+0xdc/0x2d0
[   64.648227][ T5870]  __secure_computing+0x9f/0x1c0
[   64.648252][ T5870]  syscall_trace_enter+0xd1/0x1f0
[   64.648299][ T5870]  do_syscall_64+0xaa/0x1c0
[   64.648315][ T5870]  ? clear_bhb_loop+0x55/0xb0
[   64.648365][ T5870]  ? clear_bhb_loop+0x55/0xb0
[   64.648383][ T5870]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.648426][ T5870] RIP: 0033:0x7f2d3ca6e92c
[   64.648442][ T5870] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   64.648461][ T5870] RSP: 002b:00007f2d3b0e7050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   64.648481][ T5870] RAX: ffffffffffffffda RBX: 00007f2d3cc35fa0 RCX: 00007f2d3ca6e92c
[   64.648519][ T5870] RDX: 000000000000000f RSI: 00007f2d3b0e70b0 RDI: 0000000000000003
[   64.648530][ T5870] RBP: 00007f2d3b0e70a0 R08: 0000000000000000 R09: 0000000000000000
[   64.648543][ T5870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   64.648612][ T5870] R13: 0000000000000000 R14: 00007f2d3cc35fa0 R15: 00007ffdc62ef1a8
[   64.648641][ T5870]  </TASK>
[   64.807966][ T5874] loop0: detected capacity change from 0 to 2048
[   65.036637][ T5888] loop3: detected capacity change from 0 to 512
[   65.043218][ T5888] EXT4-fs: Ignoring removed orlov option
[   65.049283][ T5888] EXT4-fs: Ignoring removed nomblk_io_submit option
[   65.056043][ T5888] ext4: Unknown parameter 'nogrpid.nouid32'
[   65.072205][ T5888] loop3: detected capacity change from 0 to 128
[   65.145999][ T5888] syz.3.848: attempt to access beyond end of device
[   65.145999][ T5888] loop3: rw=34817, sector=106, nr_sectors = 95 limit=128
[   65.217014][ T5899] loop2: detected capacity change from 0 to 512
[   65.232850][ T5899] ext4: Unknown parameter 'hash'
[   65.273357][ T5899] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   65.294307][ T5899] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   65.326699][ T5924] loop0: detected capacity change from 0 to 512
[   65.376327][ T5924] EXT4-fs mount: 51 callbacks suppressed
[   65.376340][ T5924] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   65.376406][ T5924] ext4 filesystem being mounted at /169/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   65.416571][ T5924] @: renamed from bond0 (while UP)
[   65.442352][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.470908][ T5937] loop4: detected capacity change from 0 to 512
[   65.479988][ T5937] SELinux: security_context_str_to_sid () failed with errno=-22
[   65.697711][ T5962] 9pnet_fd: Insufficient options for proto=fd
[   65.700707][ T5959] loop3: detected capacity change from 0 to 512
[   65.722217][ T5959] ext4: Unknown parameter 'fowner<00000000000000060928'
[   65.832884][ T5966] loop0: detected capacity change from 0 to 512
[   65.841402][ T5966] ext4: Unknown parameter 'hash'
[   65.850662][ T5966] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   65.852477][ T5966] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   66.047600][ T5993] smc: net device bond0 applied user defined pnetid SYZ0
[   66.047793][ T5993] smc: net device bond0 erased user defined pnetid SYZ0
[   66.057781][ T5996] 9pnet_fd: Insufficient options for proto=fd
[   66.208718][ T6009] loop3: detected capacity change from 0 to 512
[   66.208940][ T6009] ext4: Unknown parameter 'hash'
[   66.217347][ T6009] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   66.217435][ T6009] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   66.441204][ T6046] loop4: detected capacity change from 0 to 512
[   66.470256][ T6046] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #15: comm syz.4.901: casefold flag without casefold feature
[   66.483311][ T6046] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.901: couldn't read orphan inode 15 (err -117)
[   66.496268][ T6046] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.529121][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.611282][ T6077] FAULT_INJECTION: forcing a failure.
[   66.611282][ T6077] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   66.624472][ T6077] CPU: 0 UID: 0 PID: 6077 Comm: syz.2.910 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   66.635070][ T6077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   66.645129][ T6077] Call Trace:
[   66.648406][ T6077]  <TASK>
[   66.651355][ T6077]  dump_stack_lvl+0xf2/0x150
[   66.656068][ T6077]  dump_stack+0x15/0x1a
[   66.660270][ T6077]  should_fail_ex+0x223/0x230
[   66.664973][ T6077]  should_fail+0xb/0x10
[   66.669181][ T6077]  should_fail_usercopy+0x1a/0x20
[   66.674277][ T6077]  _copy_to_user+0x20/0xa0
[   66.678712][ T6077]  simple_read_from_buffer+0xa0/0x110
[   66.684118][ T6077]  proc_fail_nth_read+0xf9/0x140
[   66.689066][ T6077]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   66.694618][ T6077]  vfs_read+0x1a2/0x700
[   66.698790][ T6077]  ? __rcu_read_unlock+0x4e/0x70
[   66.703763][ T6077]  ? __fget_files+0x17c/0x1c0
[   66.708520][ T6077]  ksys_read+0xe8/0x1b0
[   66.712830][ T6077]  __x64_sys_read+0x42/0x50
[   66.717469][ T6077]  x64_sys_call+0x2874/0x2dc0
[   66.722179][ T6077]  do_syscall_64+0xc9/0x1c0
[   66.726689][ T6077]  ? clear_bhb_loop+0x55/0xb0
[   66.731451][ T6077]  ? clear_bhb_loop+0x55/0xb0
[   66.736203][ T6077]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.742113][ T6077] RIP: 0033:0x7f108832e92c
[   66.746551][ T6077] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   66.766176][ T6077] RSP: 002b:00007f10869a7050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   66.774695][ T6077] RAX: ffffffffffffffda RBX: 00007f10884f5fa0 RCX: 00007f108832e92c
[   66.782683][ T6077] RDX: 000000000000000f RSI: 00007f10869a70b0 RDI: 0000000000000007
[   66.783106][ T6080] loop0: detected capacity change from 0 to 512
[   66.790675][ T6077] RBP: 00007f10869a70a0 R08: 0000000000000000 R09: 0000000000000000
[   66.790691][ T6077] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000002
[   66.790703][ T6077] R13: 0000000000000000 R14: 00007f10884f5fa0 R15: 00007ffd57c0e7e8
[   66.790731][ T6077]  </TASK>
[   66.827035][ T6080] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   66.877064][ T6094] loop2: detected capacity change from 0 to 512
[   66.935876][ T6101] __nla_validate_parse: 107 callbacks suppressed
[   66.935890][ T6101] netlink: 20 bytes leftover after parsing attributes in process `syz.3.919'.
[   66.953176][ T6094] EXT4-fs error (device loop2): ext4_orphan_get:1389: inode #15: comm syz.2.916: casefold flag without casefold feature
[   66.967039][ T6094] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.916: couldn't read orphan inode 15 (err -117)
[   66.980321][ T6094] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.005154][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.633329][ T6115] loop1: detected capacity change from 0 to 512
[   67.640515][ T6115] ext4: Unknown parameter 'fowner<00000000000000060928'
[   67.892545][ T6132] netlink: 20 bytes leftover after parsing attributes in process `syz.2.931'.
[   67.936895][ T6139] netlink: 4 bytes leftover after parsing attributes in process `syz.2.934'.
[   67.963588][ T6143] program syz.4.935 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   67.988976][ T6148] netlink: 2088 bytes leftover after parsing attributes in process `syz.3.932'.
[   68.099510][ T6161] loop0: detected capacity change from 0 to 512
[   68.100548][ T6161] ext4: Unknown parameter 'fowner<00000000000000060928'
[   68.485989][ T6172] netlink: 20 bytes leftover after parsing attributes in process `syz.0.944'.
[   68.524083][ T6176] netlink: 4 bytes leftover after parsing attributes in process `syz.0.946'.
[   68.647300][ T6179] loop0: detected capacity change from 0 to 512
[   68.657809][ T6179] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.946: corrupted in-inode xattr: invalid ea_ino
[   68.657957][ T6179] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.946: couldn't read orphan inode 15 (err -117)
[   68.658520][ T6179] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.009781][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.081170][ T6192] netlink: 4 bytes leftover after parsing attributes in process `syz.0.949'.
[   69.111512][ T6195] loop0: detected capacity change from 0 to 128
[   69.150013][ T6195] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   69.150269][ T6195] ext4 filesystem being mounted at /189/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   69.220698][   T29] kauditd_printk_skb: 337 callbacks suppressed
[   69.220713][   T29] audit: type=1400 audit(1733224339.994:1947): avc:  denied  { write } for  pid=6194 comm="syz.0.951" name="bus" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   69.248456][   T29] audit: type=1400 audit(1733224339.994:1948): avc:  denied  { add_name } for  pid=6194 comm="syz.0.951" name="file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   69.289742][   T29] audit: type=1400 audit(1733224339.994:1949): avc:  denied  { remove_name } for  pid=6194 comm="syz.0.951" name="file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop0" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   69.333125][   T29] audit: type=1400 audit(1733224339.994:1950): avc:  denied  { rename } for  pid=6194 comm="syz.0.951" name="file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop0" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   69.377135][ T6206] loop2: detected capacity change from 0 to 1024
[   69.384435][ T6206] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   69.400476][ T3313] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   69.438115][ T6206] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.464320][ T6212] netlink: 20 bytes leftover after parsing attributes in process `syz.1.956'.
[   69.474952][   T29] audit: type=1400 audit(1733224340.254:1951): avc:  denied  { append } for  pid=6204 comm="syz.2.954" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   69.487939][ T6218] 9pnet_fd: Insufficient options for proto=fd
[   69.522623][ T6216] loop4: detected capacity change from 0 to 512
[   69.534061][ T6206] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2793: inode #15: comm syz.2.954: corrupted in-inode xattr: bad magic number in in-inode xattr
[   69.537681][ T6216] ext4: Unknown parameter 'fowner<00000000000000060928'
[   69.578496][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.606007][ T6223] netlink: 36 bytes leftover after parsing attributes in process `syz.1.960'.
[   69.609591][ T6229] netlink: 2088 bytes leftover after parsing attributes in process `syz.0.958'.
[   69.678822][   T29] audit: type=1326 audit(1733224340.454:1952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6237 comm="syz.4.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c8640ff19 code=0x7ffc0000
[   69.705920][   T29] audit: type=1326 audit(1733224340.454:1953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6237 comm="syz.4.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7f8c8640ff19 code=0x7ffc0000
[   69.729308][   T29] audit: type=1326 audit(1733224340.454:1954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6237 comm="syz.4.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c8640ff19 code=0x7ffc0000
[   69.929248][ T6258] 9pnet_fd: Insufficient options for proto=fd
[   69.984765][ T6251] FAULT_INJECTION: forcing a failure.
[   69.984765][ T6251] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   69.998135][ T6251] CPU: 1 UID: 0 PID: 6251 Comm: syz.4.970 Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   70.008723][ T6251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   70.018855][ T6251] Call Trace:
[   70.022126][ T6251]  <TASK>
[   70.025055][ T6251]  dump_stack_lvl+0xf2/0x150
[   70.029697][ T6251]  dump_stack+0x15/0x1a
[   70.033862][ T6251]  should_fail_ex+0x223/0x230
[   70.038606][ T6251]  should_fail_alloc_page+0xfd/0x110
[   70.043923][ T6251]  __alloc_pages_noprof+0x109/0x340
[   70.049145][ T6251]  alloc_pages_mpol_noprof+0xb1/0x1e0
[   70.054537][ T6251]  alloc_pages_noprof+0xe1/0x100
[   70.059475][ T6251]  pte_alloc_one+0x31/0x110
[   70.063986][ T6251]  ? __count_memcg_events+0xd7/0x220
[   70.069410][ T6251]  __do_fault+0x79/0x200
[   70.073655][ T6251]  handle_mm_fault+0xc7d/0x2ac0
[   70.078514][ T6251]  ? mt_find+0x72a/0x890
[   70.082759][ T6251]  __get_user_pages+0xf2c/0x2670
[   70.087713][ T6251]  __gup_longterm_locked+0xca3/0xf90
[   70.093005][ T6251]  ? security_ptrace_access_check+0x67/0x80
[   70.098906][ T6251]  ? down_read+0x171/0x4b0
[   70.103326][ T6251]  ? __ptrace_may_access+0x2cb/0x350
[   70.108618][ T6251]  pin_user_pages_remote+0x7f/0xb0
[   70.113774][ T6251]  process_vm_rw+0x4bc/0x890
[   70.118374][ T6251]  ? ksys_write+0x176/0x1b0
[   70.122934][ T6251]  __x64_sys_process_vm_writev+0x7a/0x90
[   70.128572][ T6251]  x64_sys_call+0x2c48/0x2dc0
[   70.133372][ T6251]  do_syscall_64+0xc9/0x1c0
[   70.137877][ T6251]  ? clear_bhb_loop+0x55/0xb0
[   70.142673][ T6251]  ? clear_bhb_loop+0x55/0xb0
[   70.147347][ T6251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.153324][ T6251] RIP: 0033:0x7f8c8640ff19
[   70.157734][ T6251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.177420][ T6251] RSP: 002b:00007f8c84a87058 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[   70.185840][ T6251] RAX: ffffffffffffffda RBX: 00007f8c865d5fa0 RCX: 00007f8c8640ff19
[   70.193874][ T6251] RDX: 0000000000000001 RSI: 0000000020001c80 RDI: 00000000000001ce
[   70.201906][ T6251] RBP: 00007f8c84a870a0 R08: 0000000000000001 R09: 0000000000000000
[   70.209937][ T6251] R10: 0000000020001d80 R11: 0000000000000246 R12: 0000000000000001
[   70.217996][ T6251] R13: 0000000000000000 R14: 00007f8c865d5fa0 R15: 00007ffd04fc3b98
[   70.225982][ T6251]  </TASK>
[   70.326079][ T6275] loop1: detected capacity change from 0 to 512
[   70.332877][ T6275] EXT4-fs: Ignoring removed orlov option
[   70.338917][ T6275] EXT4-fs: Ignoring removed nomblk_io_submit option
[   70.345581][ T6275] ext4: Unknown parameter 'nogrpid.nouid32'
[   70.359987][ T6275] loop1: detected capacity change from 0 to 128
[   70.376996][ T2999] ==================================================================
[   70.385089][ T2999] BUG: KCSAN: data-race in __dentry_kill / step_into
[   70.391763][ T2999] 
[   70.394069][ T2999] read-write to 0xffff88810f66fc00 of 4 bytes by task 3290 on cpu 0:
[   70.402116][ T2999]  __dentry_kill+0x22e/0x4c0
[   70.406693][ T2999]  dput+0x5c/0xd0
[   70.410307][ T2999]  do_unlinkat+0x258/0x4d0
[   70.414710][ T2999]  __x64_sys_unlink+0x2e/0x40
[   70.419379][ T2999]  x64_sys_call+0x2329/0x2dc0
[   70.424044][ T2999]  do_syscall_64+0xc9/0x1c0
[   70.428532][ T2999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.434414][ T2999] 
[   70.436721][ T2999] read to 0xffff88810f66fc00 of 4 bytes by task 2999 on cpu 1:
[   70.444331][ T2999]  step_into+0xe7/0x840
[   70.448479][ T2999]  walk_component+0x169/0x230
[   70.453310][ T2999]  path_lookupat+0x10a/0x2b0
[   70.457878][ T2999]  filename_lookup+0x150/0x340
[   70.462621][ T2999]  do_readlinkat+0x89/0x210
[   70.467196][ T2999]  __x64_sys_readlink+0x47/0x60
[   70.472113][ T2999]  x64_sys_call+0x28ba/0x2dc0
[   70.476769][ T2999]  do_syscall_64+0xc9/0x1c0
[   70.481249][ T2999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.487128][ T2999] 
[   70.489431][ T2999] value changed: 0x00600008 -> 0x00008008
[   70.495126][ T2999] 
[   70.497430][ T2999] Reported by Kernel Concurrency Sanitizer on:
[   70.503556][ T2999] CPU: 1 UID: 0 PID: 2999 Comm: udevd Not tainted 6.13.0-rc1-syzkaller-00002-gcdd30ebb1b9f #0
[   70.513770][ T2999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   70.523891][ T2999] ==================================================================