last executing test programs:

6.971288575s ago: executing program 3 (id=1966):
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={0x0, 0xc0}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
ioctl$MON_IOCX_GET(r0, 0x40189206, &(0x7f0000000100)={0x0, 0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}, 0x1, 0x0, 0x0, 0x2005c013}, 0x0)
r1 = socket(0x10, 0x3, 0x22)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x8203, 0x108)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), r1)
sendmsg$TIPC_CMD_SET_LINK_TOL(r2, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x68, r3, 0x200, 0x70bd29, 0x25dfdbfb, {{}, {}, {0x4c, 0x18, {0x8, @media='eth\x00'}}}, ["", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmmsg(r1, &(0x7f0000000000), 0x4000000000001f2, 0x0)

6.718789067s ago: executing program 3 (id=1967):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x1a)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r3 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
readv(r3, 0x0, 0x0)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f00000000c0)={0x3, 0x2006}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r2, 0x0, 0xfffffffffffffffc}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r4 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x40, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080)}, 0x10010, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r4)
syz_read_part_table(0x60d, &(0x7f0000002240)="$eJzs3D9olHcYB/DvJbmcUTAdnFxqHDoJRXE0Q5XkqlgIp1IIDvYfIs0UIXDSw5Q4tBkUM0jHLlK4DhonYwYnRaFzEQeLkMGlYBepHXLl7l6SOyjF0oRS/HyGe353PDzf94F3/V34XxtIuTi1Kp3y/qd/298a3TzP50xzYvJ4q9VqnU5KOZtyxsq7l5MMpX9q9icZ7plz8/udq9/+9mG5+fTUq/fOPVgc2JhZyTtJdvU2Z+SvHqXyzzZlO9wafzi6cGW2erX9pdpYW/84uf1yorZycnFp+UT52Oft3y8nj4r+7osxkoup51K+zCdDbxz19eax1Jc/386vj194Um2sfdd8fnB9b3Xw7vkjr/etXrt/KJlrR0yl87JvGv6Xi/fkL/Tkz41dn15qHD1wZ8+Nw/V7j2svBn9vdRWR5a3JBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABge9xqf1yZrV6tj194Um2sffPzTx/dfjlRWzm5uLR8YvjYs6LvUVGHinox9VxKOclMZvJFZt88crrUmz/+cHRhI/+Pncnzg+t7q82754+8nly9dv9Qp6uUqXYZ2IqN+/XnN9bmxq5PLzWOHriz58bh+r3HtReD3b6ZSj7rrJuksvWPAQAAAAAAAAAAAAAAAAAAwFtuYvL4vqkPaqeTUs7uSPLrV51b9q3KyI/p3Lzv2l/UZ5Vkd5KbO7r/BdB8eurV8LkHi78Ul+LnU8l8kl0/rJxJ3t3IudwfW96czH/pzwAAAP//gTiR5w==")

6.421107059s ago: executing program 3 (id=1973):
r0 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e60, @broadcast}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000f40)=[{{&(0x7f0000000280)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}}], 0x1, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[], 0x4, 0x127b, &(0x7f00000011c0)="$eJzs3c1rI2UcB/Bf2vR17Yu6ru6C+KAXRYjbHjx5KbILYkGpdkEFYdamGpompQmFiNh68iT4Z4h69CaI/0AvXjwLgkgvHvcgjqTJrk2Tdt3tm8jnc5mHZ57v88x0mIEp8yN7r3y5vrbaKK1mzRgqFKK4MRLFOylSDMVwdOzEC7d+/uXpt9559/WFxcUbSyndXHh77uWU0vQzP7z3ybfP/ti8dOu76e/HYnf2/b0/5n/dvbJ7de+vb6LSSJVGqtWbKUu36/VmdrtaTiuVxloppTer5axRTpVao7zZs3+1Wt/YaKWstjI1ubFZbjRSVmultXIrNQupudlK2YdZpZZKpVKamgxOYvnrO3meR+T5SIxGnuf5REzGpXgkpmI6ZmI2Ho3H4vG4HE/ElXgyhiL2R130cQMAAAAAAAAAAAAAAAAAAMD/y33q/wu99f9PxVX1/wAAAAAAAAAAAAAAAAAAAHDqDtf/FyPu1f8XihHq/wEAAAAAAAAAAAAAAAAAAODs3ef3/w/V/7+o/h8AAAAAAAAAAAAAAAAAAADOwnhns5TSeMT651vLW8udbad/YTUqUY1yXI+Z+DP2q/87Ou2bry3euJ72zcZL69vd/PbW8nBvfm5kJmYLA/NznXzqzY/F5MH8fMzE5cHrzw/Mj8fzz7Xzn3XypZiJnz6IelRjJaLQPfv9/KdzKb36xuJEb/5ae9yRhs/4sgAAAMBpKqV7+t/fd7qDBu7v7Oq+n6fuyMIx/x849H5ejGvFizpr7mq0Pl7LqtXy5kM2Ro+eZ/RkM/c1ChGRxcGe6cnfltqLn9oSD9sYPtdFR44fc4JrGsX/wB9zYGPogVK/f3WgZzzO+VC7t0RWbT8//10qdvL8pKsPHbfWwJtx7LgJj35mtG/E7XN4NnH2/rnoF30kAAAAAAAAAAAAPIiBX/9NRETf94Af9fXc/Ty8N94/89Grf3EOZwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzNDhwLAAAAAAjzt06jYwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+CgAA////TtAs")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x4000, 0x1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r4=>0x0})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="010000000b0000000500100002000000088e0400", @ANYRES32=0x0, @ANYBLOB="49cd0000000000000018003d0000000000000000", @ANYRES32=r4, @ANYRES32=r2, @ANYBLOB="000000000200"/20, @ANYRES32=r2, @ANYBLOB="6c5e0e2b70c0c9fbcaa79ae100000000"], 0x50)
open_by_handle_at(r2, &(0x7f00000001c0)=ANY=[@ANYBLOB="08000000020000000c"], 0x80c4)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000600), r1)
socket$inet(0x2, 0x5, 0x0)
pipe(&(0x7f00000006c0))
r5 = socket$kcm(0xa, 0x6, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='devices.list\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r5, 0x10d, 0xb, &(0x7f0000000000)=r6, 0x4)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r8 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r8, &(0x7f0000000000)={0x18, 0x0, {0xfffe, @local, 'veth0\x00'}}, 0x1e)
r9 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r9, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'veth1_to_batadv\x00'}}, 0x1e)

6.052880711s ago: executing program 3 (id=1980):
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x4, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x800, 0x0, 0x3, 0x0, 0xffffffff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fffffff7850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000000)='kfree\x00', r0}, 0x30)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f00000002c0)="1ae96d0103010000", 0x8)
close_range(r1, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000040)={[{@barrier}, {@data_err_ignore}, {@nodelalloc}]}, 0x1, 0x4a3, &(0x7f0000000580)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9IE3XjSl0UxIIbhRqTaayZZEJmUpvQRaq7LlyIoiAu3PsXuLEriyCudS8upKI1ggrCyDkzk+Zr4qBpBnJ+Pzid95z3dJ73zfC8nHnPOXMCyKyzyT+5iMGI+DwijjZWN+9wtvGydv/mVLLkol6//F0u3S9Zb+3a+n9HImI1Ivoi4tknI17KbY9bXV6ZnSyXS4vN9WJtbqFYXV65cG1ucqY0U5ofGb84MTE+PDY6sWd9vf3GK7cvffR074c/vX7v7puffJw0a7BZt7Efe6nR9Z44vmHboYh4/GEE64JCsz/93W4If0jy+f0tIs6l+X80CumnCWRBvV6v/1o/3K56tQ4cWPn0GDiXH4qIRjmfHxpqHMP/PQby5Uq19v+rlaX56cax8rHoyV+9Vi4NN78rHIueXLI+kpYfrI9uWR+LSI+B3yr0p+tDU5Xy9P4OdcAWR7bk/4+FRv4DGeErP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJz1y6lCz11v3v09eXl2Yr1y9Ml6qzQ3NLU0NTlcWFoZlKZSa9Z2fu996vXKksjDwSSzeKtVK1Vqwur1yZqyzN166k9/VfKfXsS6+AThw/c+fLXESsPtqfLoneZp1chYOtXs9Ft+9BBrqj0O0BCOgaU3+QXb7jAzv8RO8mfe0qFva+LcD+yHe7AUDXnD/l/B9klfl/yC7z/5BdjvEB8/+QPeb/IbsG2zz/6y8bnt01HBF/jYgvCj2HW8/6Ag6C/De55vH/+aP/Htxa25v7OT1F0BsRr753+Z0bk7Xa4kiy/fv17bV3m9tHu9F+oFOtPG3lMQCQXWv3b061lv2M++0TjYsQtsc/1Jyb7EvPUQ6s5TZdq5Dbo2sXVm9FxMmd4ueazztvnPkYWCtsi3+i+ZprvEXa3kPpc9P3J/6pDfH/tSH+6T/9V4FsuJOMP8M75V8+zelYz7/N48/gHl070X78y6+Pf4U249+ZDmO8/P5rX7eNfyvi9I7xW/H60lhb4ydtO99h/HsvPPePdnX1Dxrvs1P8lqRUrM0tFKvLKxfS35GbKc2PjF+cmBgfHhudKKZz1MXWTPV2j5387O5u/R9oE3+3/ifb/tth/3/556fPn90l/n/O7fz5n9glfn9E/K/D+D+MfvViu7ok/nSb/ud3iZ9sG+swfvXtpw53uCsAsA+qyyuzk+VyaVFBQUFhvdDtkQl42B4kfbdbAgAAAAAAAAAAAHRqPy4n7nYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgt8CAAD//1kn1ls=")
creat(&(0x7f0000000000)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x10, "ef359f413bb90900f7d6a4ae6dddfbd11000000000000000000ff8ee09e737ff0edf110ff4117639c2eb8f18d2b8f6277dd41905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61ffcf33524bbd9bffbcc2542ded71038232d71e14efbac003000000852f2036dc783800000000e9b49600", "f28359738e229a4c6681000000000000000100"})
creat(&(0x7f0000000200)='./file0\x00', 0x0)

5.814781182s ago: executing program 3 (id=1981):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYRESHEX=r0], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x88281, 0x0)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x101002, 0x0)
ioctl$RFKILL_IOCTL_NOINPUT(r3, 0x5201)
ioctl$RFKILL_IOCTL_NOINPUT(r2, 0x5201)
close_range(r1, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
r5 = socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000003"], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\n'], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000180)='kfree\x00', r7}, 0x18)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000240)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x6c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x7, 0x2, 0x7f, 0x7fff, 0x39, 0x4}, {0x7, 0x0, 0x244, 0x1, 0x8d, 0x645e}, 0x0, 0x5, 0x1108}}, @TCA_TBF_BURST={0x8, 0x6, 0x3}, @TCA_TBF_PRATE64={0xc, 0x5, 0xa31737546006fd3f}]}}]}, 0x6c}}, 0x0)
getsockopt$CAN_RAW_JOIN_FILTERS(r4, 0x65, 0x6, 0x0, &(0x7f0000000040))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000377edb4fa184220700"/28], 0x48)
mq_unlink(0x0)
r10 = socket$key(0xf, 0x3, 0x2)
recvmmsg(r10, &(0x7f0000000440), 0x6f5, 0x2000000022, &(0x7f0000000480)={0x77359400})
setsockopt$SO_TIMESTAMPING(r10, 0x1, 0x25, &(0x7f0000000000)=0x285c, 0x4)
sendmsg$key(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="0208000002"], 0x10}}, 0x0)

5.469087645s ago: executing program 1 (id=1985):
prlimit64(0x0, 0xe, 0x0, 0x0)
pipe(&(0x7f0000000d00))
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket(0x1e, 0x2, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, 0x0, 0x0)
sendmsg$tipc(r1, &(0x7f00000002c0)={&(0x7f0000000000)=@id={0x1e, 0x3, 0x3, {0x4e24}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2004880}, 0x404c001)
close(r0)
socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000980)='./file1\x00', 0x0, &(0x7f0000000f40)=ANY=[], 0x5, 0x2b2, &(0x7f00000006c0)="$eJzs3U9rY1UUAPDz0jR9OosUcaMIPtCFqzJ166ZRRhC7UiKoCw3ODEgSBqYQmArGruYTuPR7+BHcuPEbDLgV3E0XlSfvX/7ga402VXR+v9Xh3nfuPXm3TbLJeZ+/Mh3ffZDE2dMnkaZJdI7iKM6T2I9ONL6JbgAA/x/neR6/5mWY5JUNM7udGy0MALgx1ef/X/rgBwD+4z78+JP3B8fHdz7IsjRe6j+eDZOImD6eDav5wf34MiZxL25HPy4i8oUqfve94zvRzQr78fp0PhsWmdPPfqzXH/wSUeYfRj/22/MPs8pK/nw23I3nI4vB/d2m1H682J7/Zkt+DHvxxmsr9R9EP376Ih7EJO5GkbvM//owy97Jv3361afFNkV+0onhXnldKfcFCQAAAAAAAAAAAAAAAAAAAACA7TrIsqRq31P27ymG6v47Oxfl/EHW2F/vz1PlJ81CVX+gvOmWM8/ju6a/zu0sy/L6wmV+N17uerAAAAAAAAAAAAAAAAAAAAAAFE4ePbk1mkzuPTx5dDq+dtB0A2h+1v931zlaGXk1TsejncsX3Nt8r9VuA0WtV14c3W5s6ba0B2eLkeeKera+xV4sRj6KKmgOZqt7vfB2tejpeJTVU81NHo+SP9srbQ7u+9WpXly3sLz8k7jI1880XZS6ntXb0t3o3Wqd+i3P883Weevn6ozqkaRssbHZ7rt10PoCiyAtziJd/OMXUz9cvuClbxk7137TAQAAAAAAAAAAAAAAAAAAWi1/9NsyeXZlaufGigIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf9jy+f9NkEbE+sgfgnmdfNU1ddCLhyf/8ksEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgGfB7AAAA//8rlFqg")
r4 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x130)
r5 = open$dir(&(0x7f0000000100)='./file0\x00', 0x4200, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
linkat(r3, &(0x7f0000000000)='./file1\x00', r5, &(0x7f0000000040)='./file1\x00', 0x1400)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r7=>r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000500)=ANY=[@ANYRESOCT=r7, @ANYBLOB="78b93dbd15302670ce21bb6938b38e06a28078c12159971fd22566166fed44eb369dfbbfde09dc411abd731bda224677a723f77db9", @ANYRESHEX=r7, @ANYBLOB="b829da1c9c206cc3f9246dea3ab86ce458f4ee6d1dc47f61903f74a6217765ffad8520055598fbb13327fe276a2cfe4ba68b1982709dc299d617e8e714b76e03eeaca0c2a81683d0a0d7acbaceede68a93be555fc1abd7d1ddfc5df7f26a5e8f0c0cd5d1ee5b025e366943985926040473cfc515b75c7343faad42d6caee4afeb4b241dc5389acaa7ed6c2a1f8ea534406e2d062b7caf10236adf87c67b79f9a4a8bfea59eede4ffea165abb28735f5f26a99476ef19c14a1b7a401a24ea89389487d4539b78ba38b4"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
unshare(0x20040400)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
socket$xdp(0x2c, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfffffffffffffe4b)
write$9p(r4, &(0x7f0000001400)="3b27a4b403e92b", 0x4944)
syz_genetlink_get_family_id$fou(&(0x7f00000001c0), r4)

5.250777646s ago: executing program 3 (id=1987):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000005c0)={@dev={0xfe, 0x80, '\x00', 0x40}, @remote, @remote, 0x3, 0x2, 0x5, 0x400, 0xb7, 0xc20022, r3})
syz_extract_tcp_res(&(0x7f00000000c0)={0x41424344, <r4=>0x41424344}, 0x7, 0x3)
syz_extract_tcp_res(&(0x7f0000000140)={<r5=>0x41424344}, 0x0, 0x7)
syz_emit_ethernet(0x14b, &(0x7f0000000700)={@link_local, @dev, @val={@void}, {@mpls_mc={0x8848, {[{0x10, 0x0, 0x1}, {0x0, 0x0, 0x1}, {0x1043, 0x0, 0x1}, {0x8, 0x0, 0x1}, {0x3, 0x0, 0x1}, {0xef2f}, {0x2, 0x0, 0x1}], @ipv4=@tcp={{0x11, 0x4, 0x0, 0x0, 0x11d, 0x66, 0x0, 0xe, 0x6, 0x0, @dev={0xac, 0x14, 0x14, 0x26}, @broadcast, {[@timestamp_addr={0x44, 0x4, 0x88, 0x1, 0xf}, @rr={0x7, 0x3, 0xba}, @cipso={0x86, 0x29, 0x2, [{0x1, 0x8, "0ad7df90ce3e"}, {0x0, 0x9, "2da00784a5832b"}, {0x1, 0x12, "000000000000000000eb9c96455a0600"}]}]}}, {{0x4e22, 0x4e21, r4, r5, 0x0, 0x0, 0x8, 0x2, 0x5, 0x0, 0x8, {[@timestamp={0x8, 0xa, 0x8, 0xffff}]}}, {"b2c50dd1c5c861fdf31c813a9cd061d4e5656076d3edca5d7223d3df05bccf817941d215d51b559e09c9ab32821741aa4b82a88c634e3ec55fbc87c84f0a6c06aaea05857b4f196de5a2960967bfb26dacb99ffee6173ad6bae93c5bbd94603cc38767cf8c0c14ae62a73d6f6a09c71fe9a275bff8de22627c3b62239f40c0d5f87b6bb80558fa721c1e3cfc1d13a9f5cc13ecfbae97cf29df3e8567b9c4494715e2a435f34adc7741047e3cc56b8515a623f077c0f94f13f9"}}}}}}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000400000008000000010000008054647174adfb419786390a46ffa81cda1456c5a3a9ab715839fa968227e492da541824abe9dab1b755a821a5c248fd3a6e39aa10244b6ef79305af200f964f1ae9a979037795d1d509b2d7a13555"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6}, 0x10)
getdents64(0xffffffffffffffff, 0x0, 0x43)
msync(&(0x7f0000d5c000/0x2000)=nil, 0xfffffffffffffef1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r7, 0x29, 0xc8, &(0x7f0000000340), 0x4)
setsockopt$MRT6_ADD_MIF(r7, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1}, 0xc)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000ff8000/0x2000)=nil, 0x2000, 0x0)
r8 = syz_open_procfs$pagemap(0x0, &(0x7f0000000940))
ioctl$PAGEMAP_SCAN(r8, 0xc0606610, &(0x7f0000000240)={0x60, 0x2, &(0x7f00008b0000/0x3000)=nil, &(0x7f00008e9000/0x4000)=nil, 0x670, 0x0, 0x0, 0x3, 0x40, 0x1, 0x0, 0xb})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = socket(0x10, 0x3, 0x0)
sendto$inet6(r9, &(0x7f0000000180)="9000000018001f2fb9409b52ffff65580200be04020c060560020b0243000f00ffffff9e00c8388827a685a168d0bf47d32345653602648dcaaf6c26c291214549935ade4a460c20b6ec0cff3959547f500f58ba86c902000f1d012e02000280160012000a000000000000000000000000080000000eceb6b362bb944cf2e70100aba4183b003e5fa424ac4d31c4f7a1", 0x90, 0x0, 0x0, 0xf)

5.248041236s ago: executing program 1 (id=1988):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000005c0)={@dev={0xfe, 0x80, '\x00', 0x40}, @remote, @remote, 0x3, 0x2, 0x5, 0x400, 0xb7, 0xc20022, r3})
syz_extract_tcp_res(&(0x7f0000000140)={<r4=>0x41424344}, 0x0, 0x7)
syz_emit_ethernet(0x15f, &(0x7f0000000700)={@link_local, @dev, @val={@void}, {@mpls_mc={0x8848, {[{0x0, 0x0, 0x1}, {0x1043, 0x0, 0x1}, {0x8, 0x0, 0x1}, {0x3, 0x0, 0x1}, {0xef2f}, {0x2, 0x0, 0x1}], @ipv4=@tcp={{0x17, 0x4, 0x0, 0x0, 0x135, 0x66, 0x0, 0xe, 0x6, 0x0, @dev={0xac, 0x14, 0x14, 0x26}, @broadcast, {[@timestamp_addr={0x44, 0x1c, 0x88, 0x1, 0xf, [{@loopback, 0x4}, {@remote, 0xc}, {@rand_addr=0x64010100, 0x2}]}, @rr={0x7, 0x3, 0xba}, @cipso={0x86, 0x29, 0x2, [{0x1, 0x8, "0ad7df90ce3e"}, {0x0, 0x9, "2da00784a5832b"}, {0x1, 0x12, "000000000000000000eb9c96455a0600"}]}]}}, {{0x4e22, 0x4e21, 0x41424344, r4, 0x0, 0x0, 0x8, 0x2, 0x5, 0x0, 0x8, {[@eol, @timestamp={0x8, 0xa, 0x8, 0xffff}]}}, {"b2c50dd1c5c861fdf31c813a9cd061d4e5656076d3edca5d7223d3df05bccf817941d215d51b559e09c9ab32821741aa4b82a88c634e3ec55fbc87c84f0a6c06aaea05857b4f196de5a2960967bfb26dacb99ffee6173ad6bae93c5bbd94603cc38767cf8c0c14ae62a73d6f6a09c71fe9a275bff8de22627c3b62239f40c0d5f87b6bb80558fa721c1e3cfc1d13a9f5cc13ecfbae97cf29df3e8567b9c4494715e2a435f34adc7741047e3cc56b8515a623f077c0f94f13f9"}}}}}}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000400000008000000010000008054647174adfb419786390a46ffa81cda1456c5a3a9ab715839fa968227e492da541824abe9dab1b755a821a5c248fd3a6e39aa10244b6ef79305af200f964f1ae9a979037795d1d509b2d7a13555"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
getdents64(0xffffffffffffffff, 0x0, 0x43)
msync(&(0x7f0000d5c000/0x2000)=nil, 0xfffffffffffffef1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r6, 0x29, 0xc8, &(0x7f0000000340), 0x4)
setsockopt$MRT6_ADD_MIF(r6, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1}, 0xc)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000ff8000/0x2000)=nil, 0x2000, 0x0)
r7 = syz_open_procfs$pagemap(0x0, &(0x7f0000000940))
ioctl$PAGEMAP_SCAN(r7, 0xc0606610, &(0x7f0000000240)={0x60, 0x2, &(0x7f00008b0000/0x3000)=nil, &(0x7f00008e9000/0x4000)=nil, 0x670, 0x0, 0x0, 0x3, 0x40, 0x1, 0x0, 0xb})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = socket(0x10, 0x3, 0x0)
sendto$inet6(r8, &(0x7f0000000180)="9000000018001f2fb9409b52ffff65580200be04020c060560020b0243000f00ffffff9e00c8388827a685a168d0bf47d32345653602648dcaaf6c26c291214549935ade4a460c20b6ec0cff3959547f500f58ba86c902000f1d012e02000280160012000a000000000000000000000000080000000eceb6b362bb944cf2e70100aba4183b003e5fa424ac4d31c4f7a1", 0x90, 0x0, 0x0, 0xf)

5.247848406s ago: executing program 32 (id=1987):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000005c0)={@dev={0xfe, 0x80, '\x00', 0x40}, @remote, @remote, 0x3, 0x2, 0x5, 0x400, 0xb7, 0xc20022, r3})
syz_extract_tcp_res(&(0x7f00000000c0)={0x41424344, <r4=>0x41424344}, 0x7, 0x3)
syz_extract_tcp_res(&(0x7f0000000140)={<r5=>0x41424344}, 0x0, 0x7)
syz_emit_ethernet(0x14b, &(0x7f0000000700)={@link_local, @dev, @val={@void}, {@mpls_mc={0x8848, {[{0x10, 0x0, 0x1}, {0x0, 0x0, 0x1}, {0x1043, 0x0, 0x1}, {0x8, 0x0, 0x1}, {0x3, 0x0, 0x1}, {0xef2f}, {0x2, 0x0, 0x1}], @ipv4=@tcp={{0x11, 0x4, 0x0, 0x0, 0x11d, 0x66, 0x0, 0xe, 0x6, 0x0, @dev={0xac, 0x14, 0x14, 0x26}, @broadcast, {[@timestamp_addr={0x44, 0x4, 0x88, 0x1, 0xf}, @rr={0x7, 0x3, 0xba}, @cipso={0x86, 0x29, 0x2, [{0x1, 0x8, "0ad7df90ce3e"}, {0x0, 0x9, "2da00784a5832b"}, {0x1, 0x12, "000000000000000000eb9c96455a0600"}]}]}}, {{0x4e22, 0x4e21, r4, r5, 0x0, 0x0, 0x8, 0x2, 0x5, 0x0, 0x8, {[@timestamp={0x8, 0xa, 0x8, 0xffff}]}}, {"b2c50dd1c5c861fdf31c813a9cd061d4e5656076d3edca5d7223d3df05bccf817941d215d51b559e09c9ab32821741aa4b82a88c634e3ec55fbc87c84f0a6c06aaea05857b4f196de5a2960967bfb26dacb99ffee6173ad6bae93c5bbd94603cc38767cf8c0c14ae62a73d6f6a09c71fe9a275bff8de22627c3b62239f40c0d5f87b6bb80558fa721c1e3cfc1d13a9f5cc13ecfbae97cf29df3e8567b9c4494715e2a435f34adc7741047e3cc56b8515a623f077c0f94f13f9"}}}}}}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000400000008000000010000008054647174adfb419786390a46ffa81cda1456c5a3a9ab715839fa968227e492da541824abe9dab1b755a821a5c248fd3a6e39aa10244b6ef79305af200f964f1ae9a979037795d1d509b2d7a13555"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6}, 0x10)
getdents64(0xffffffffffffffff, 0x0, 0x43)
msync(&(0x7f0000d5c000/0x2000)=nil, 0xfffffffffffffef1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r7, 0x29, 0xc8, &(0x7f0000000340), 0x4)
setsockopt$MRT6_ADD_MIF(r7, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1}, 0xc)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000ff8000/0x2000)=nil, 0x2000, 0x0)
r8 = syz_open_procfs$pagemap(0x0, &(0x7f0000000940))
ioctl$PAGEMAP_SCAN(r8, 0xc0606610, &(0x7f0000000240)={0x60, 0x2, &(0x7f00008b0000/0x3000)=nil, &(0x7f00008e9000/0x4000)=nil, 0x670, 0x0, 0x0, 0x3, 0x40, 0x1, 0x0, 0xb})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = socket(0x10, 0x3, 0x0)
sendto$inet6(r9, &(0x7f0000000180)="9000000018001f2fb9409b52ffff65580200be04020c060560020b0243000f00ffffff9e00c8388827a685a168d0bf47d32345653602648dcaaf6c26c291214549935ade4a460c20b6ec0cff3959547f500f58ba86c902000f1d012e02000280160012000a000000000000000000000000080000000eceb6b362bb944cf2e70100aba4183b003e5fa424ac4d31c4f7a1", 0x90, 0x0, 0x0, 0xf)

4.232214693s ago: executing program 1 (id=1997):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r1, 0x0, r2, 0x0, 0xf3a, 0x0)
write$RDMA_USER_CM_CMD_LISTEN(r2, &(0x7f0000000240)={0x7, 0x8, 0xfa00, {0xffffffffffffffff, 0x7fff}}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000240), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f00000000c0)={{0x1}})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0b00000007000000080000000900000805"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x80402, 0x0)
write$cgroup_int(r6, 0x0, 0x2)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r3, 0x40505412, &(0x7f0000000040)={0x0, 0x3, 0x80})
mlock2(&(0x7f0000338000/0x3000)=nil, 0x3000, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='afs_dir_check_failed\x00', r0, 0x0, 0x5}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0)

2.008929137s ago: executing program 5 (id=2010):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000f6ff850000002d00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0}, 0x18)
r1 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r2 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r3 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r3, r2, 0x0, 0x0)
keyctl$KEYCTL_MOVE(0x4, r1, r3, r1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='host1x_syncpt_wait_check\x00', r5, 0x0, 0x4}, 0x18)
ioctl$KDDISABIO(0xffffffffffffffff, 0x4b37)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000600)='./file1/file0\x00', 0x109042, 0x100)
fcntl$setlease(r6, 0x400, 0x1)
fcntl$getflags(r6, 0x401)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
r7 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
ppoll(0x0, 0x0, 0x0, &(0x7f00000000c0)={[0x2]}, 0x8)
ioctl$int_in(r8, 0x5452, &(0x7f0000000180)=0xffffffffffffffff)
fcntl$setsig(r8, 0xa, 0x12)
ppoll(&(0x7f0000000100)=[{r9}], 0x1, 0x0, 0x0, 0x0)
dup2(r8, r9)
fcntl$setown(r9, 0x8, r7)
tkill(r7, 0x13)
fsetxattr$security_selinux(r6, &(0x7f0000000400), &(0x7f0000000440)='system_u:object_r:semanage_exec_t:s0\x00', 0x25, 0x1)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x4b, 0x1, 0x0, 0x0, 0x0)
sync()
syz_mount_image$ext4(&(0x7f0000000140)='ext2\x00', &(0x7f0000000640)='./file1\x00', 0x200003, &(0x7f0000000b80)={[{@data_err_ignore}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@min_batch_time={'min_batch_time', 0x3d, 0xffffffff}}, {@mblk_io_submit}, {@dioread_lock}]}, 0x3, 0x4c1, &(0x7f0000000680)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX9AofQX7VOf+lLocymU/AmlEGjfSyktoU3Shz60VZF81SSubMvEshLr84Hje8+9V/5+j4SOdO656AbQsU5FxFhEdEXE2YjoT7dn0hJr66V63IP7tyarJYlK5dqXSSTptvr/StLlkfRhvRHxr39E/Df5adzSyurcRKGQX0rrufL8Yq60snpudn5iJj+TXxgbGb44emn0wujQrrX18t8+e+WFt/5++f0/3vhk/Isz/6um1Zfue7wdzVhr8rj1pvfUnou67ohY2kmwZ1hX2p6edicCAEBTqt/xfx4Rv42Ih6+3OxsAAACgFSp/6Ytvk4gKAAAAsG9latfAJplsei1AX2Qy2ez6Nby/jMOZQrFU/sN0cXlhav1a2YHoyUzPFvJD6bXCA9GTVOvDtfVH9fMb6iMRcSwiXuo/VKtnJ4uFqXaf/AAAAIAOcWTD+P/r/vXxPwAAALDPDLQ7AQAAAKDljP8BAABg/9t0/J90720iAAAAQCv888qVaqnU7389dX1lea54/dxUvjSXnV+ezE4WlxazM8XiTO03++a3+3+FYnHxT7GwfDNXzpfKudLK6vh8cXmhPF67r/d43n2iAQAAYO8d+82dj5OIWPvzoVqpOpDua2KsPtba7IBWyuzs8KRVeQB7r6vdCQBt4wJf6Fzm44FtBvYvb6jv8LQBAADwLBj81VPN/5sPhOeYgTx0LvP/0LnM/0PnMv8PHe7g9of0brbjg13OBQAAaJm+Wkky2XQusC8ymWw24mjttgA9yfRsIT8UET+LiI/6ew5W68PtThoAAAAAAAAAAAAAAAAAAAAAAAAAnjOVShIVAAAAYF+LyHyepDfyH+w/3bfx/MCB5Jv+2jIibrxx7dWbE+Xy0nB1+1c/bi+/lm4/344zGAAAAMBG9XF6fRwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALvpwf1bk/Wyl3Hv/TUiBhrF747e2rL33f6IOPwwie7HHpdERNcuxF+7HRHHG8VPqmnFQJrFxviZiDjU5vhHdiE+dLI71f5nrNH7LxOnasvG77/utDyte6c26/8y9f6v1s816v+ONhnjxN13cpvGvx1xortx/1OPnzxl//uff6+ubrav8mbEYMPPn+SJWLny/GKutLJ6bnZ+YiY/k18YGRm+OHpp9MLoUG56tpBP/zaM8eKv3/t+q/Yf3iT+wDbtP91k+7+7e/P+L7aIf+Z3jV//41vErz73v08/B6r7B+vra+vrjzv59ocnt2r/1Cbt3+71P9Nk+89e/f+nTR4KAOyB0srq3EShkF+yYsXK/lu5mr7Rd/zwNndMAADArnv0pb/dmQAAAAAAAAAAAAAAAAAAAEDnavmPkB188pcFetvXVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALf0QAAD//9sy0wA=")

1.950006058s ago: executing program 0 (id=2012):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001780)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa1", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_create(r2, &(0x7f0000000040)=@access={'system_u:object_r:gpg_helper_exec_t:s0', 0x20, '/usr/sbin/cupsd', 0x20, 0x0, 0x2b}, 0x4c)

1.901714628s ago: executing program 0 (id=2013):
r0 = socket(0x2a, 0x2, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000240)={<r2=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000400))
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f00000002c0))
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f00000003c0)={r2})
connect$vsock_stream(r0, &(0x7f00000000c0)={0x28, 0x0, 0x2711, @host}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
stat(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
lchown(&(0x7f00000004c0)='./file0\x00', 0xffffffffffffffff, r5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010f000000000000000003000000080004"], 0x1c}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r3}, &(0x7f0000000000), &(0x7f00000005c0)=r4}, 0x20)
set_robust_list(&(0x7f0000000340)={0x0, 0x7, &(0x7f0000000280)={&(0x7f0000000180)}}, 0x18)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200)={<r9=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r8, &(0x7f0000000000)={0x15, 0x110, 0xfa08, {r9, 0x0, 0x10, 0x10, 0x0, @in={0x2, 0x4, @empty}, @in={0x2, 0x4f24, @remote={0xac, 0xc}}}}, 0x118)

1.53290295s ago: executing program 2 (id=2017):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = add_key$keyring(&(0x7f0000000300), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
ioctl$TUNSETFILTEREBPF(0xffffffffffffffff, 0xb702, 0x0)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000740))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x42)
ioctl$TCSBRKP(r3, 0x5425, 0x8b)
ioctl$SIOCSIFHWADDR(r2, 0x89a1, &(0x7f0000000900)={'bridge0\x00', @broadcast})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = socket(0x10, 0x2, 0x0)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000b40), 0xffffffffffffffff)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x8)
ioctl$TIOCEXCL(r8, 0x540c)
sendmsg$NL802154_CMD_SET_CHANNEL(r7, &(0x7f0000000fc0)={0x0, 0x0, &(0x7f0000000f80)={&(0x7f0000000f00)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010026bde9a4fbdbdf25090000000807010000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x20040000}, 0x4804)
write(r5, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r5, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
recvmmsg$unix(r5, &(0x7f00000004c0)=[{{&(0x7f0000000200)=@abs, 0x6e, &(0x7f0000000640)=[{&(0x7f0000000840)=""/220, 0xdc}, {&(0x7f0000000000)=""/17, 0x11}, {&(0x7f0000000080)=""/18, 0x12}, {&(0x7f0000000280)=""/82, 0x52}], 0x4, &(0x7f00000006c0)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x110}}], 0x1, 0x2122, &(0x7f0000000800)={0x77359400})
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000380)='asymmetric\x00', &(0x7f0000000500)=@keyring)

1.448152511s ago: executing program 2 (id=2018):
unshare(0x6a040000)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
socket$inet6(0xa, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x8000, 0x0)
ioctl$TCSBRKP(r0, 0x5425, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TIOCGPGRP(r0, 0x5437, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
syz_open_dev$sg(0x0, 0x0, 0x401)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200010, &(0x7f0000000040)={[{@jqfmt_vfsold}]}, 0xfe, 0x55d, &(0x7f0000000980)="$eJzs3d9rW1UcAPDvTX/sp66DMdQHKezByVy6tv6Y4MN8FB0O9H2G9q6Mpsto0rHWgduDe9mLDEHEgfgH+O7j8B/wrxjoYMgo+uBL5aY3XbYmbZZlSzSfD9ztnPuj55yce07OyUm4AQytyeyfQsSrEfFNEnGo6dho5AcnN89bf3htLtuS2Nj47M8kknxf4/wk//9AHnklIn79OuJEYXu61dW1xVK5nC7n8ana0uWp6urayYtLpYV0Ib00Mzt7+p3Zmfffe7dnZX3z3N/ff3r3o9O3jq1/9/P9w7eTOBMH82PN5XgG15sjkzGZvyZjceaJE6d7kNggSfqdAboykrfzscj6gEMxkrd64P/vq4jYAIZUov3DkGqMAxpz+x7Ng/8zHny4OQHaXv7Rzc9GYm99brR/PXlsZpTNdyd6kH6Wxi9/3LmdbdG7zyEAdnX9RkScGh3d3v8lef/XvVMdnPNkGvo/eHHuZuOft1qNfwpb459oMf450KLtdmP39l+43+KypFefUmfjvw9ajn+3Fq0mRvLYS/Ux31hy4WI5zfq2lyPieIztyeI7reecXr+30e5Y8/gv27L0G2PBPB/3R/c8fs18qVZ6ljI3e3Aj4rWW499kq/6TFvWfvR7nOkzjaHrn9XbHdi//87XxU8QbLev/0YpWsvP65FT9fphq3BXb/XXz6G/t0u93+bP6379z+SeS5vXa6tOn8ePef9J2x7q9/8eTz+vh8Xzf1VKttjwdMZ58sn3/zKNrG/HG+Vn5jx/buf9rdf/vi4gvOiz/zSM32546CPU//1T1//SBex9/+UO79Dur/7froeP5nk76v04z+CyvHQAAAAAAAAyaQkQcjKRQ3AoXCsXi5vc7jsT+QrlSrZ24UFm5NB/138pOxFihsdJ9qOn7ENP592Eb8Zkn4rMRcTgivh3ZV48X5yrl+X4XHgAAAAAAAAAAAAAAAAAAAAbEgTa//8/8PtLykvEXm0PgufLIbxheu7b/XjzpCRhI3v9heHXV/vf1Ph/Ai+f9H4bUWL8zAPST938YXto/DC/tH4aX9g8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9de7s2WzbWH94bS6Lz19ZXVmsXDk5n1YXi0src8W5yvLl4kKlslBOi3OVpd3+XrlSuTw9EytXp2pptTZVXV07v1RZuVQ7f3GptJCeTz1tCAAAAAAAAAAAAAAAAAAAALarrq4tlsrldFlAoKvA6GBkQ6ApcKsHrbvPHRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANPk3AAD//0unNek=")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x17)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)

1.270812752s ago: executing program 4 (id=2021):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffa)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
bpf$MAP_CREATE(0x700000000000000, &(0x7f0000000440)=@base={0x1d, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, r0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_int(r4, 0x0, 0x7, &(0x7f0000000000), 0x4)
keyctl$describe(0x1d, r3, &(0x7f0000000300)=""/182, 0xb6)

1.254540072s ago: executing program 4 (id=2022):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0xff80, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x17c, 0x19, 0x1, 0x0, 0x0, {{@in=@private, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x180, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x3}}, [@tmpl={0xc4, 0x5, [{{@in=@multicast2, 0x0, 0x3c}, 0x0, @in=@broadcast}, {{@in6=@remote, 0x0, 0x3c}, 0x0, @in6=@dev}, {{@in=@loopback, 0x0, 0x6c}, 0x0, @in=@local}]}]}, 0x17c}}, 0x0)

1.199023032s ago: executing program 4 (id=2023):
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x4508, &(0x7f0000000080)={[{@noinit_itable}, {@block_validity}, {@quota}, {@nombcache}]}, 0x1, 0x4e1, &(0x7f0000001400)="$eJzs3c9vG1kdAPDvTOKStClJgUOpRFvRorSCOklD24hDKRKCUyWg3EtInCiKE0ex0zZRBan4A5AQAiROPXHpXwAS6oE/ACEhwR2xv7TabXcPe9hdr2yP0zS142jXiavk85Gm897zON/vm8rjmXlPngCOrPMRcSsi+iLickQMZ+1ptsRmY6lt9/zZw5nakkS1eue9JJKsbeffPJG9bSAifvbjiF8mr8Ytr28sTheLhdWsPlZZWhkrr29cWViani/MF5YnJyeuT92YujY13pV+1vp184dv/uG3f/nRzb9/5/7/7r5z6Ve1tIay11v1oxsaXc/V90VTf0Ss7kewHujL1rmOW/5j33MBAKCz2jn+VyLim/Xz/+Hoq5+dAgAAAIdJ9ftD8XESUQUAAAAOrbQ+BzZJ89lcgKFI03y+MYf3a3E8LZbKlW/PldaWZxtzZUcil84tFAvj2ZzakcgltfpEvfyifnVHfTIiTkXE74cH6/X8TKk42+ubHwAAAHBEnNhx/f/hcOP6HwAAADhkRnqdAAAAALDvXrr+f9y7PAAAAID9Y/wfAAAADrWf3L5dW6rN51/P3ltfWyzduzJbKC/ml9Zm8jOl1ZX8fKk0X//NvqVOf69YKq18N5bXHoxVCuXKWHl94+5SaW25Mrjw0iOwAQAAgAN06tzT/yYRsfm9wfpSc6zXSQEHIum0wfa7dm/sby7AwerL1k/+2uNEgAPX3+sEgJ7J9ToBoOc63QdoO3nnn93PBQAA2B+jX98a/x9stjXH/zvfG+g4egi8xtJeJwAAHDjj/3B05bZmAAJH1Zd3NiQRm9uqX3z8v1r9PHkBAADdM1RfkjSfjQUORZrm8xEn648FyCVzC8XCeHZ98J/h3Jdq9Yn6OxOj/wAAAAAAAAAAAAAAAAAAAAAAAACwR9VqElUAAADgUItI306yJ/mPDl8c2nl/4Fjy0XB9HRH3/3znjw+mK5XViVr7+1vtlT9l7Vc9TxwAAABeB83r9OZ1PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB00/NnD2eayysvHtu/uO/+ICJGWsXvj4H6eiByEXH8gyT6t70viYi+LsTffBQRp1vFT2ppxUiWRav4gz2Mn0bEiS7Eh6Psae34c6vV5y+N8/V1689frfxWF+K3P/6lW8e/vjbHn5N7jHFmc5f4jyLO9Lc+/jTjJ23iX9hj/F/8fGOj3WvVxxGjLb9/kpdijVWWVsbK6xtXFpam5wvzheXJyYnrUzemrk2Nj80tFAvZvy1j/O4bf/t0t/4fbxN/pNH/c+36f3GP/f/k3w+efbVRzLWKf+lC6+/f0434r+z/NPvu+1ZWfl6t/no0Kyebjf253dkn/zq7W/9n2/S/0///pT32//JPf/P/PW4KAByA8vrG4nSxWFhVaF2oVu0ohUNZiIHdtun1kQkAAOi2Fyf9vc4EAAAAAAAAAAAAAAAAAAAAjq6D+KWxnTF3+TlqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICe+SwAAP//C2TYfA==")
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x6, 0xfd, 0x0, 0x7ffc0002}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xbe69ae51be7b2c52, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r3, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0}, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

1.198473022s ago: executing program 1 (id=2024):
r0 = syz_clone(0x442bb600, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES64, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x47ba, 0x0, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
ioctl$PERF_EVENT_IOC_REFRESH(0xffffffffffffffff, 0x2402, 0x5)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000d80)=ANY=[@ANYBLOB="180000000300"/16], &(0x7f0000000000)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63, 0x0, &(0x7f00000000c0)='\x00', 0x0, 0x2}, 0x48)

1.147500693s ago: executing program 5 (id=2025):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYRES32, @ANYBLOB="3e78aafb1cda0a37976f1ff56b3f0aed002b63eb2eb8a96b0900417ae7550e4216ff3e9d42b9091e8364e22c2e97d4dc6951ce4fc97ba9dbc7f5a99c35ee58227da92b7496828068ec412b5eb088e2d4370443ff5fe64628efd6c1888530ae1720510c094a75e9d56caed809943ebe"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000082c339f09500fffb00000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058e58a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="b40500000000000061109900000000001f010000000000009500000000ce76006823d1167c4242ae441008794dcab916af089662585b3fd1e0dba414391f00c65c901a6543de3e93c18592b57200bc27471220b7a6cacf71848ed29d4e7116dd8a29a5f19b2b44fb16aaa936c63c5fecdfcb536a43fd9f01ffb400a5b92a428a1551e9cda6f5b03b380ffac52b942bb5979d263fe5bd33844e73d849fd8859875adfdb05e51a4cbd157280de16db1e94ce16d158fcb142704a0730782360aa687e013aeeffdff7ff39894ba1ed80bd61cbd151ae0af983aa5e82bda98b4e260a123e4633b0ad4bce7a05d59a8a46220d0e6e3836ec8f21c716dc57efd4596f6e69b8d405ea927a73cf109540d264a3"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r3 = socket$kcm(0x10, 0x2, 0x10)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=@v3={0x3000000, [{0x2, 0x4}, {0xfffffffe, 0x7}]}, 0x18, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020032000b35d25a806f8c6394f90424fc602f0009000a740200053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000000c0)={0x2, <r4=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x14, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r5, <r6=>0xffffffffffffffff}, 0x0, &(0x7f00000002c0)}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000001140)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000800)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f00000001c0)='tlb_flush\x00', r7, 0x0, 0x8}, 0x18)
syz_clone(0xc4000000, 0x0, 0x0, 0x0, 0x0, 0x0)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, @perf_config_ext={0x2, 0x800800000003}, 0x1100, 0x5dd8, 0x3, 0x5, 0x0, 0x8, 0xff7b, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRES32=r6, @ANYRESDEC=r6], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f0000000080), &(0x7f0000000240), 0x1800, r8}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000000640)={r2, &(0x7f0000000340), &(0x7f0000000540)=""/237}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0202000311000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000bb000000000000000002000100000007000000000b000000000200090000000000000000000000000005000600000000000a00000000000000fe8800000000000000000000000000010000000000000000010018"], 0x88}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mknod(&(0x7f0000000280)='./file0\x00', 0x1ffa, 0xfffffffc)

1.118071933s ago: executing program 4 (id=2026):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000180)=[{&(0x7f0000000300)=""/101, 0x65}], 0x1, &(0x7f00000007c0)=[{&(0x7f0000000380)=""/62, 0x3e}], 0x1, 0x0) (async, rerun: 32)
bpf$ENABLE_STATS(0x20, 0x0, 0x0) (rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000140)=ANY=[@ANYRESOCT=r0], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000480)='signal_generate\x00', r0, 0x0, 0x1}, 0xffffffffffffff1a)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000340)={0x5, &(0x7f00000003c0)=[{0x3, 0x8, 0xff, 0xa}, {0x1, 0x4, 0x8, 0x8001}, {0xf5d, 0xe7, 0x7f, 0x1}, {0x1, 0x17, 0x9c, 0x1}, {0x6, 0x4, 0x2, 0x8}]}) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYRES64=r1, @ANYRES32=r1, @ANYRESOCT=r2, @ANYRES8=r1, @ANYRESDEC=r0, @ANYRES8=r2], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000400)='mm_lru_insertion\x00', r4}, 0x18) (async)
getitimer(0x2, &(0x7f0000000080)) (async, rerun: 64)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async, rerun: 64)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r6}, 0x10) (async, rerun: 32)
cachestat(0xffffffffffffffff, 0x0, 0x0, 0x0) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) (async)
r7 = socket(0x11, 0x3, 0x0) (async)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r9=>0x0}) (async)
r10 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
ioctl$IMCTRLREQ(r7, 0x80044945, &(0x7f0000000300)={0x1, 0x0, 0x1, 0xfff}) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18) (async)
sendmsg$nl_route_sched(r10, 0x0, 0x0) (async)
bind$packet(r7, &(0x7f0000000180)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @dev}, 0x14) (async)
setsockopt$packet_int(r7, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4) (async, rerun: 32)
sendmsg$netlink(r7, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="02011400012918000e3580009f0001140000002f0600ac141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0aba61f6304a80500ffffca88faca"], 0xdd12}], 0x1, 0x0, 0x0, 0x24000801}, 0x0) (async, rerun: 32)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x50) (async, rerun: 32)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

1.109808773s ago: executing program 2 (id=2027):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@setlink={0x20, 0x13, 0xbaa23f3d13f2d1f5, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1, 0x1100}}, 0x20}}, 0x0) (fail_nth: 10)

987.980504ms ago: executing program 4 (id=2028):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = add_key$keyring(&(0x7f0000000300), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
ioctl$TUNSETFILTEREBPF(0xffffffffffffffff, 0xb702, 0x0)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000740))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x42)
ioctl$TCSBRKP(r3, 0x5425, 0x8b)
ioctl$SIOCSIFHWADDR(r2, 0x89a1, &(0x7f0000000900)={'bridge0\x00', @broadcast})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = socket(0x10, 0x2, 0x0)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000b40), 0xffffffffffffffff)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x8)
ioctl$TIOCEXCL(r8, 0x540c)
sendmsg$NL802154_CMD_SET_CHANNEL(r7, &(0x7f0000000fc0)={0x0, 0x0, &(0x7f0000000f80)={&(0x7f0000000f00)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010026bde9a4fbdbdf25090000000807010000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x20040000}, 0x4804)
write(r5, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r5, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
recvmmsg$unix(r5, &(0x7f00000004c0)=[{{&(0x7f0000000200)=@abs, 0x6e, &(0x7f0000000640)=[{&(0x7f0000000840)=""/220, 0xdc}, {&(0x7f0000000000)=""/17, 0x11}, {&(0x7f0000000080)=""/18, 0x12}, {&(0x7f0000000280)=""/82, 0x52}], 0x4, &(0x7f00000006c0)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x110}}], 0x1, 0x2122, &(0x7f0000000800)={0x77359400})
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000380)='asymmetric\x00', &(0x7f0000000500)=@keyring)

802.200615ms ago: executing program 0 (id=2029):
creat(0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000000000070200e2f7ffffffb703000000000000b704000000000000850000"], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x15, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6b04, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r3, 0x0, 0x1}, 0x18)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000100)={@dev={0xfe, 0x80, '\x00', 0x4}})
socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000004c0)={'batadv0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c00000013000100000000000000000000000002", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=r5, @ANYBLOB="1400350064756d6d7930"], 0x3c}}, 0x0)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r7, 0x8922, &(0x7f0000000080)={'dummy0\x00'})

778.517985ms ago: executing program 2 (id=2030):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000680)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x4c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)={0x28, 0x3, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x4008000)
r3 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @private}}, &(0x7f0000000080)=0x1c, 0x80800)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r4}, 0x10)
name_to_handle_at(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x1600)

778.183145ms ago: executing program 0 (id=2031):
r0 = memfd_create(&(0x7f0000000180)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaaSc\xf3]WhI\xf4\x89\x85!mPl\x90\xa5\x93\x19\f\x9a\xae\xd5a\x9bU5\x1a\x86\x9d)5y\xef\x90\xea5\x81\xfeO;\xd4zh?\xbdW\xe0\x84\xe6\x9d\xcb\xcd\xb6\xad3\x7fWY\x02\xa2\x8baG\x00\x0e\x8e/\xc1\xaf\xd0\xbcH9\x04\x00\x00\x00z\x16\xdf\xf3hLpLaA\x89n]>,^M\x82\x8e\xe40\x97_\x809y)Z\xeb\x9d\xbawv\xe9\xc0\x16\xdc\xf5\xcb\xdb\x96\xd6\xba@\xa7\x1bl\xca\xe0\x1e3\x81\xc6S\x86\xf7\xf0\xba\x1b\x14N\xa2\x04\xdb\xb5X\xe4y\xef\xe8\xdb\xd5r\x11\xfb\xe4v\xef\x06\xbb\x00\x96CR\xe0~5\x16=:A2\x9c\b\xd9\xa0CB\r\xe9\xb8$\xfe\x8d\xb1Gg\xa9\xac<\xbf\x10]\b9\xd9\x89\xaf\xa6\xd1\x10\x1fq\xba\x06_NW\xdb67Xv(\xa8\xce\x1b\xe6\xbd\x947\x8f)8\xe5\xb3\xac;\x7f+\xf67\xea\x1ei\x92w-)\xa1B/M\x0e7:9\xdb~V\xb7\xd5\x13^v\x14\xe6O\xea\x00\x87\x8dkG\xdf%\xebe\x83\xb97\x01| \xb3\xd8W\xe8o\x17\x97\xd9\x14o\x92\xb9\x9a\x8c\xd7\xcf\xa2\x11\xc3\xa5\xb3\xd2\xdeQ\xa7\x05\x7f\x99Lq(\xcd\\\xa2y\x14or\x1efn\xf2\x97\x96c\xda7\t,', 0x4)
r1 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r1, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
recvmmsg(r1, &(0x7f0000000f80)=[{{0x0, 0x0, 0x0}, 0x7ff}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)}, 0x1}], 0x2, 0x60010020, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000002, 0x11, r0, 0x0)
ftruncate(r0, 0x200000)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x8200, &(0x7f0000000080)={[{@max_dir_size_kb}, {@stripe={'stripe', 0x3d, 0x8}}, {@grpid}, {@errors_remount}, {@discard}, {@block_validity}, {@minixdf}, {@errors_continue}]}, 0x83, 0x5fe, &(0x7f0000001040)="$eJzs3c9rHNcdAPDvzEqqZKuVXYqpTUsFPdhQrB+uqduebF/qg6GG+lBCDhaW5AivbGHJEDuGyJBDAgmEkGsIvuQfyD2YXHMLgSS3nANOCA45JMEbZnbHXla78kbWaiTP5wO7eu/NaN/76ulp3uzo7QRQWZPZUxpxOCIuJRETbdvGo7lxsrXfw+/uXM4eSTQa//s2iaRVVuz/qPV1f/aURIxGxKdnI35f21jv6q3bV+fqjaZXI6bXllemV2/dPr60PHdl4crCtdkT/zx5auZfsydntyXOIq5z5//7p7dee+kfi5/VjydxOi4OvzIfHXFsl8mYjEetENvLhyLiVJbo8nPZa4oQkpLbwdbUWr+PwxFxKCailueaJmLpzVIbBwxUoxbRACoqMf6hoop5QHFuP4jz4N3swZnmCdDG+Iea743EaH5utO9h0nZm1DzfPbAN9Wd1/HznyHvZI3q8DzG0DfX0sn43Iv7YLf4kb9uB/F2cLP400rbvy9IzETHS+lmkW6x/siO/079/vyb+9n7I4j3d+pqVn91i/WXHD0A13T/TOpCvZ7knx79sZljMf6LL/Ge8y7FrK8o+/vWe/xXH+9H8PfK0Yx6WzXkudH/J4c6Cr944906v+tvnf9kjq7+YC+6EB3cjjnTE/3o+mUse93/Spf+zXS71Wcd/Pv/mXK9tZcffuBdxtOv5z5MrWllqem15pSjruD45vbhUX5hpPnet46NPXvygV/1lx5/1f/SIf7P+z8pW+qzjwwv3lnttG39q/OnXI8nFPDXSKnl5bm3txmzESHK+tUtb+YnN21LsU7xGFv+xv3Yf/5vEn3f0ep/xr/z/6sNe2/ru/w1/VXKPGn22oZcs/vkt9v/bfdbxwws3/9xRNFYkNot/7BljAwAAAAAAgKpJ82uwSTr1OJ2mU1PNNbx/iH1p/frq2t8Wr9+8Nh9xLP9/yOG0uNI90cwnWX629f+wRf5ER/7vEXEwIt6tjeX5qcvX6/NlBw8AAAAAAAAAAAAAAAAAAAC7xP7W+v/iPtXf15rr//uydmjArQMGbpA3mAN2N+Mfqisf/1u9gyuwpzn+Q3UZ/1Bdxj9Ul/EP1WX8Q3UZ/1Bdxj9Ul/EPAAAAAM+lg3+5/2USEev/HssfmZHWtuFSWwYMmjEO1VUruwFAaR5f+rf8Hyqnr/n/j60PBxx8c4ASJN0K88lBY/PBf7/rdwIAAAAAAAAAAAAAA3D0sPX/UFVpfFx2E4CSPMP6fx8dAHucj/6H6nKODzxtFf9orw3W/wMAAAAAAAAAAADAjhnPH0k61boF6Hik6dRUxG8j4kAMJ4tL9YWZiPhdRHxRG/5Nlp8tu9EAAAAAAAAAAAAAAAAAAADwnFm9dfvqXL2+cKM98dOGkuc7UdwFdbe0pz0Ryc5XOhYRuyH2wSSG2kqSiPWs53dFw26sxq5oRpo3o+Q/TAAAAAAAAAAAAAAAAAAAUEFta4+7O/L+DrcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbek/v/bz2RPOV1yo4RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANibfgkAAP//4DE4gw==")

703.894736ms ago: executing program 2 (id=2032):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
keyctl$restrict_keyring(0xa, 0xfffffffffffffffc, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='id:cb2e')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r5, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) (fail_nth: 4)

644.942986ms ago: executing program 0 (id=2033):
syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f00000004c0)=ANY=[], 0x6, 0x2da, &(0x7f0000000a40)="$eJzs3T9rZFUUAPDzkpk3syrMFFYi+EALq3Wzrc0E2YCYyiWFWmhwd0EyQdiFgH9wditbGwsLP4Eg+EFs/AaCrWDnKgtX3j/mzWZmdicwEd3fr8nh3nPePe/NJXkpcvPRy6cnt4q48+DLX2M4zGJnEpN4mMU4dqJ1PxZMvgkA4L/sYUrxR6qtTHrh/FAWEcPttgYAbMnqn/9FJ+7Nw58urTUAYEtuvvf+O/uHhzfeLYphHJx+fXZU/mZffq3n9+/EJzGN23EtRvEoonpR6Ef1tlCGBymlWa8ojeO109nZUVl5+uHPzfX3f4+o6vdiFONqKKXUa4N08Pbhjb2i1qmflX0816w/KeuvxyhebNZv3lba+utL6uMoj9df7fR/NUbxy8fxaUzjVrX2vP6rvaJ4K3375xcflF2V9dns7GhQ5c2l3Uv9YAAAAAAAAAAAAAAAAAAAAAAA+F+72pydM4hi/Hd9BmBz/s7uo3K+H0VrvHg+T12ftRfqng+UUpql+L49X+daURSpSZzX9+KlXvdgQQAAAAAAAAAAAAAAAAAAAHh23fvs85Pj6fT23QsHV2I+0p4G0IuIv25GXPTKk87IK1EFvVWtDpo1j6fTnSZczOl1R2K3zcki1rZR3sTFH8vJJslXzvXcBD/8uNnqeXNza5P7y9d6QjB8UtWgM9LurpPjbPkzHEQ7Mmw2yXd5dDZSHk/ZWL5qKsUm2y9fOjXa+EHlz1fBbE1OZOsae/O3hU8we/wu8uqp1iNv9OvcZqrf5KzcAMOn2s8xrMvPf6/InNYBAAAAAAAAAAAAAAAAAABbNf/r3yWTD9aW7qTB1toCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEs1////GwSzpvjxqbhfj3eS87h779+8PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4N/wQAAP//ltlQHw==")
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
io_uring_setup(0x6b8e, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x300, 0xed}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @tracing, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x92f5e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x6d)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000400396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000100)='kfree\x00', r4, 0x0, 0x8000000000}, 0x18)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r7)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r8], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001240)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@newtfilter={0x3c, 0x28, 0xd27, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, r8}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4}}, @TCA_RATE={0x6, 0x5, {0xb8, 0x1}}]}, 0x3c}}, 0x0)
mkdir(&(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xff8b)

455.843467ms ago: executing program 2 (id=2034):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000000)={[{@minixdf}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
socket$kcm(0x2, 0x2, 0x84)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r0, 0x10d, 0xbf, &(0x7f0000000000), &(0x7f0000000080)=0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000004700)={'team0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x1f00, {0x0, 0x0, 0x74, r4, {0xb, 0xfff2}, {}, {0xe, 0xc}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, 0x0, &(0x7f00000002c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r7, &(0x7f0000004200)='t', 0x1)
sendfile(r7, r6, 0x0, 0x3ffff)
sendfile(r7, r6, 0x0, 0x8000000)

437.843767ms ago: executing program 0 (id=2035):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000f6ff850000002d00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0}, 0x18)
r1 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r2 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r3 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r3, r2, 0x0, 0x0)
keyctl$KEYCTL_MOVE(0x4, r1, r3, r1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='host1x_syncpt_wait_check\x00', r5, 0x0, 0x4}, 0x18)
ioctl$KDDISABIO(0xffffffffffffffff, 0x4b37)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000600)='./file1/file0\x00', 0x109042, 0x100)
fcntl$setlease(r6, 0x400, 0x1)
fcntl$getflags(r6, 0x401)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
r7 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
ppoll(0x0, 0x0, 0x0, &(0x7f00000000c0)={[0x2]}, 0x8)
ioctl$int_in(r8, 0x5452, &(0x7f0000000180)=0xffffffffffffffff)
fcntl$setsig(r8, 0xa, 0x12)
ppoll(&(0x7f0000000100)=[{r9}], 0x1, 0x0, 0x0, 0x0)
dup2(r8, r9)
fcntl$setown(r9, 0x8, r7)
tkill(r7, 0x13)
fsetxattr$security_selinux(r6, &(0x7f0000000400), &(0x7f0000000440)='system_u:object_r:semanage_exec_t:s0\x00', 0x25, 0x1)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x4b, 0x1, 0x0, 0x0, 0x0)
sync()
syz_mount_image$ext4(&(0x7f0000000140)='ext2\x00', &(0x7f0000000640)='./file1\x00', 0x200003, &(0x7f0000000b80)={[{@data_err_ignore}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@min_batch_time={'min_batch_time', 0x3d, 0xffffffff}}, {@mblk_io_submit}, {@dioread_lock}]}, 0x3, 0x4c1, &(0x7f0000000680)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX9AofQX7VOf+lLocymU/AmlEGjfSyktoU3Shz60VZF81SSubMvEshLr84Hje8+9V/5+j4SOdO656AbQsU5FxFhEdEXE2YjoT7dn0hJr66V63IP7tyarJYlK5dqXSSTptvr/StLlkfRhvRHxr39E/Df5adzSyurcRKGQX0rrufL8Yq60snpudn5iJj+TXxgbGb44emn0wujQrrX18t8+e+WFt/5++f0/3vhk/Isz/6um1Zfue7wdzVhr8rj1pvfUnou67ohY2kmwZ1hX2p6edicCAEBTqt/xfx4Rv42Ih6+3OxsAAACgFSp/6Ytvk4gKAAAAsG9latfAJplsei1AX2Qy2ez6Nby/jMOZQrFU/sN0cXlhav1a2YHoyUzPFvJD6bXCA9GTVOvDtfVH9fMb6iMRcSwiXuo/VKtnJ4uFqXaf/AAAAIAOcWTD+P/r/vXxPwAAALDPDLQ7AQAAAKDljP8BAABg/9t0/J90720iAAAAQCv888qVaqnU7389dX1lea54/dxUvjSXnV+ezE4WlxazM8XiTO03++a3+3+FYnHxT7GwfDNXzpfKudLK6vh8cXmhPF67r/d43n2iAQAAYO8d+82dj5OIWPvzoVqpOpDua2KsPtba7IBWyuzs8KRVeQB7r6vdCQBt4wJf6Fzm44FtBvYvb6jv8LQBAADwLBj81VPN/5sPhOeYgTx0LvP/0LnM/0PnMv8PHe7g9of0brbjg13OBQAAaJm+Wkky2XQusC8ymWw24mjttgA9yfRsIT8UET+LiI/6ew5W68PtThoAAAAAAAAAAAAAAAAAAAAAAAAAnjOVShIVAAAAYF+LyHyepDfyH+w/3bfx/MCB5Jv+2jIibrxx7dWbE+Xy0nB1+1c/bi+/lm4/344zGAAAAMBG9XF6fRwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALvpwf1bk/Wyl3Hv/TUiBhrF747e2rL33f6IOPwwie7HHpdERNcuxF+7HRHHG8VPqmnFQJrFxviZiDjU5vhHdiE+dLI71f5nrNH7LxOnasvG77/utDyte6c26/8y9f6v1s816v+ONhnjxN13cpvGvx1xortx/1OPnzxl//uff6+ubrav8mbEYMPPn+SJWLny/GKutLJ6bnZ+YiY/k18YGRm+OHpp9MLoUG56tpBP/zaM8eKv3/t+q/Yf3iT+wDbtP91k+7+7e/P+L7aIf+Z3jV//41vErz73v08/B6r7B+vra+vrjzv59ocnt2r/1Cbt3+71P9Nk+89e/f+nTR4KAOyB0srq3EShkF+yYsXK/lu5mr7Rd/zwNndMAADArnv0pb/dmQAAAAAAAAAAAAAAAAAAAEDnavmPkB188pcFetvXVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALf0QAAD//9sy0wA=")

392.800398ms ago: executing program 5 (id=2036):
r0 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x2, 0x0, 0x0, 0x0, &(0x7f0000001400)={0x0, 0x3938700}, 0x1, 0x40})
io_uring_enter(r0, 0x6b4d, 0x0, 0x0, 0x0, 0x0)
r3 = eventfd2(0x1, 0x80000)
io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f0000000180)=r3, 0x1)
io_uring_enter(r0, 0x1000000, 0x3, 0x7, 0x0, 0x0)

335.963228ms ago: executing program 4 (id=2037):
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x4508, &(0x7f0000000080)={[{@noinit_itable}, {@block_validity}, {@quota}, {@nombcache}]}, 0x1, 0x4e1, &(0x7f0000001400)="$eJzs3c9vG1kdAPDvTOKStClJgUOpRFvRorSCOklD24hDKRKCUyWg3EtInCiKE0ex0zZRBan4A5AQAiROPXHpXwAS6oE/ACEhwR2xv7TabXcPe9hdr2yP0zS142jXiavk85Gm897zON/vm8rjmXlPngCOrPMRcSsi+iLickQMZ+1ptsRmY6lt9/zZw5nakkS1eue9JJKsbeffPJG9bSAifvbjiF8mr8Ytr28sTheLhdWsPlZZWhkrr29cWViani/MF5YnJyeuT92YujY13pV+1vp184dv/uG3f/nRzb9/5/7/7r5z6Ve1tIay11v1oxsaXc/V90VTf0Ss7kewHujL1rmOW/5j33MBAKCz2jn+VyLim/Xz/+Hoq5+dAgAAAIdJ9ftD8XESUQUAAAAOrbQ+BzZJ89lcgKFI03y+MYf3a3E8LZbKlW/PldaWZxtzZUcil84tFAvj2ZzakcgltfpEvfyifnVHfTIiTkXE74cH6/X8TKk42+ubHwAAAHBEnNhx/f/hcOP6HwAAADhkRnqdAAAAALDvXrr+f9y7PAAAAID9Y/wfAAAADrWf3L5dW6rN51/P3ltfWyzduzJbKC/ml9Zm8jOl1ZX8fKk0X//NvqVOf69YKq18N5bXHoxVCuXKWHl94+5SaW25Mrjw0iOwAQAAgAN06tzT/yYRsfm9wfpSc6zXSQEHIum0wfa7dm/sby7AwerL1k/+2uNEgAPX3+sEgJ7J9ToBoOc63QdoO3nnn93PBQAA2B+jX98a/x9stjXH/zvfG+g4egi8xtJeJwAAHDjj/3B05bZmAAJH1Zd3NiQRm9uqX3z8v1r9PHkBAADdM1RfkjSfjQUORZrm8xEn648FyCVzC8XCeHZ98J/h3Jdq9Yn6OxOj/wAAAAAAAAAAAAAAAAAAAAAAAACwR9VqElUAAADgUItI306yJ/mPDl8c2nl/4Fjy0XB9HRH3/3znjw+mK5XViVr7+1vtlT9l7Vc9TxwAAABeB83r9OZ1PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB00/NnD2eayysvHtu/uO/+ICJGWsXvj4H6eiByEXH8gyT6t70viYi+LsTffBQRp1vFT2ppxUiWRav4gz2Mn0bEiS7Eh6Psae34c6vV5y+N8/V1689frfxWF+K3P/6lW8e/vjbHn5N7jHFmc5f4jyLO9Lc+/jTjJ23iX9hj/F/8fGOj3WvVxxGjLb9/kpdijVWWVsbK6xtXFpam5wvzheXJyYnrUzemrk2Nj80tFAvZvy1j/O4bf/t0t/4fbxN/pNH/c+36f3GP/f/k3w+efbVRzLWKf+lC6+/f0434r+z/NPvu+1ZWfl6t/no0Kyebjf253dkn/zq7W/9n2/S/0///pT32//JPf/P/PW4KAByA8vrG4nSxWFhVaF2oVu0ohUNZiIHdtun1kQkAAOi2Fyf9vc4EAAAAAAAAAAAAAAAAAAAAjq6D+KWxnTF3+TlqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICe+SwAAP//C2TYfA==")
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x6, 0xfd, 0x0, 0x7ffc0002}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xbe69ae51be7b2c52, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r3, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0}, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

335.609408ms ago: executing program 5 (id=2038):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000001ff0), 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB='\x00\x00\x00\x00\a'], 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x0) (fail_nth: 2)

335.302008ms ago: executing program 1 (id=2039):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000600)={0x0, 0xd}, &(0x7f0000000640)=0x8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYRES32=r0], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
sendmsg(r3, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000050000000600000008"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
mount$cgroup(0x0, 0x0, 0x0, 0x8800, &(0x7f0000000280)={[{@name={'name', 0x3d, '\xd0.\n-\xa6\xe8\xba0\x9d\r+\xda\xcf\xf7m \xdcu\x86\x04$\xa9\x17\x90\x91\xfe'}}]})
r6 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0xffffffff, 0x0, 0x0, 0x4, 0x2, 0x1}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x7, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
truncate(&(0x7f0000000140)='./file2\x00', 0x5c00)
socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x1f0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x6, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(r7)
syz_genetlink_get_family_id$devlink(&(0x7f0000001840), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}})
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, &(0x7f0000000040)={'veth0_to_team\x00', 0x800})

96.61353ms ago: executing program 5 (id=2040):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000002c0)=0x1)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
open(0x0, 0x14957e, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r1, 0xffffffffffffffff, 0x100000000000000)

66.26349ms ago: executing program 1 (id=2041):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
open(0x0, 0x408140, 0x80)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0xf)
r3 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000001340)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r4}, 0x38)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5, 0x0, 0x2}, 0x18)
getrusage(0x0, &(0x7f00000003c0))
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffea4, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r7, 0x0, 0x20000000}, 0x18)
syz_open_procfs(0x0, 0x0)
getresgid(&(0x7f0000000140), &(0x7f0000000080), &(0x7f0000000000))
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1400000001080101520000000000000000000005"], 0x14}}, 0x0)
r8 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCSIFDSTADDR(r8, 0x8918, 0x0)

0s ago: executing program 5 (id=2042):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBMODE(r3, 0x4bfa, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x0, &(0x7f00000002c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x8}}, {@barrier}, {@minixdf}, {@resuid}, {@abort}, {@noblock_validity}, {@data_err_abort}, {@journal_dev={'journal_dev', 0x3d, 0xf35}}, {@auto_da_alloc}]}, 0x1, 0x618, &(0x7f0000000640)="$eJzs3c9rHG0dAPDvzCYxed9oWpFii2LAQwvS/KjFqqe2F3soWLAHEQ8NTVJDN21oUrC1YAoeFBREvIr04j/gXYpXbyKoN89CFYl4UOnKzM60a3Y32ebN7mwznw/M9plnZvd5vjv7dJ5nNs9OALU1nz2kEWcj4k4SMdexbTbaG+eL/fb+8exutiTRan3j70kkRV65/+vi3w+zhyRiOiJ+fz3ik43ucrefPL2/0my1fT9icWdza3H7ydOLG5sr99burT1YvvTly1eWvrJ8eflY4izjunHz65/5yQ++86X1PzQvJnE1bk9+bzX2xXFc5mM+XhchduZPRMSVLNHjfXnflCEkFdeDo2kUn8fJiDgTc9HI19rmYuPHlVYOGKpWI6IF1FSi/UNNlf2Acmw/jHHwOHt1rT0A6o5/on1tJKbzsdEHe0nHyKg93j11DOVnZfz32blfZEv0uQ4xcQzl9LP7PCI+3Sv+JK/bqfwqThZ/GmnH87L0UkRMFe/FYOP/ya6c+X3ro/78vUv8ncchi/9q8W+Wf/2I5VcdPwD19PJacSLfzdbenv+ynmHZ/4ke/Z/ZHueuo6j6/Ne//1ee76fza+Tpvn5Y1t+51fsluzo5f/nRjZ/1K7+z/5ctWfllX3AUXj2POLcv/h/mHb3kzfFPehz/bJc7A5bxtT/+7Ua/bVXH33oRcb7n+OdtjzZLLe5sbpV5+76fXFzfaK4ttR97lvGb3337V/3Krzr+7PhHn/HfQcc/y9sasIxf33qx2W/b7KHxp3+dSm7nqaki57srOzuPliOmkpvFLh35lw6uS7lP+RpZ/Bc+37v994q/KCo/0Lv/9270t/XN+3v99hv4+HcPnTKvWweHe6gs/tU+n//Djv9PByzjX996/Nl9WTNl4qD4Z7pfKtl95wgBAAAAAACgPtL8O9gkXXiTTtOFhfYc3k/FB2nz4fbOF9YfPn6wGnEh/3vIybT8pnuuvZ5k68vF38OW65f2rX8xIk5HxM8bM/n6wt2HzdWqgwcAAAAAAAAAAAAAAAAAAIAx8WEx/7+8T/U/G+35/wPZOTPk2gFDN8wbzAHjTfuH+srbf1p1LYAqOP9DfWn/UF/aP9SX9g/1pf1DfWn/UF/aP9SX9g8AAAAAJ9Lpz738cxIRu1+dyZfMVLFtstKaAcP27m18fij1AEavMdKnAePkzVf/pv9D7QzU//938eOAw68OUIGkV2beOWgd3Phf9nwmAAAAAAAAAAAAADAE58+a/w91lcZvq64CUJHuifxn9wac6Oc3AOA956f/ob4+0hjfBQI4EQ6bxT/db4P5/wAAAAAAAAAAAAAwMrP5kqQLxS1AZyNNFxYiPh4Rp2IyWd9ori1FxCci4k+NyY9l68tVVxoAAAAAAAAAAAAAAAAAAABOmO0nT++vNJtrjzoT/+nKOdmJ8i6o41KfzkQkoy90JiLGIfbhJCY6cpKI3ezIj0XFHm3HWFQjzatR8X9MAAAAAAAAAAAAAAAAAABQQx1zj3s798sR1wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAARu/t/f+PnkgOeZ2qYwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k//CwAA//9vNjw9")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='ext4_allocate_blocks\x00', r2, 0x0, 0xce2b}, 0x18)

kernel console output (not intermixed with test programs):

tory bread(block 36) failed
[  128.662427][ T8246] FAT-fs (loop4): Directory bread(block 37) failed
[  128.670189][ T8246] FAT-fs (loop4): Directory bread(block 38) failed
[  128.676937][ T8246] FAT-fs (loop4): Directory bread(block 39) failed
[  128.684640][ T8246] FAT-fs (loop4): Directory bread(block 40) failed
[  128.691479][ T8246] FAT-fs (loop4): Directory bread(block 41) failed
[  128.896697][ T8261] netlink: 'syz.0.1552': attribute type 15 has an invalid length.
[  128.904624][ T8261] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1552'.
[  129.100924][ T8247] pim6reg: left allmulticast mode
[  129.496122][ T8279] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  129.504718][ T8279] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  129.661235][ T8286] FAULT_INJECTION: forcing a failure.
[  129.661235][ T8286] name failslab, interval 1, probability 0, space 0, times 0
[  129.674024][ T8286] CPU: 0 UID: 0 PID: 8286 Comm: syz.2.1565 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  129.674136][ T8286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  129.674148][ T8286] Call Trace:
[  129.674155][ T8286]  <TASK>
[  129.674162][ T8286]  dump_stack_lvl+0xf2/0x150
[  129.674190][ T8286]  dump_stack+0x15/0x1a
[  129.674279][ T8286]  should_fail_ex+0x24a/0x260
[  129.674315][ T8286]  should_failslab+0x8f/0xb0
[  129.674351][ T8286]  kmem_cache_alloc_noprof+0x52/0x320
[  129.674377][ T8286]  ? skb_clone+0x154/0x1f0
[  129.674481][ T8286]  skb_clone+0x154/0x1f0
[  129.674507][ T8286]  __netlink_deliver_tap+0x2bd/0x4f0
[  129.674697][ T8286]  netlink_sendskb+0x126/0x150
[  129.674733][ T8286]  netlink_unicast+0x291/0x670
[  129.674785][ T8286]  netlink_ack+0x4b7/0x4f0
[  129.674868][ T8286]  netlink_rcv_skb+0x19c/0x230
[  129.674975][ T8286]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  129.675004][ T8286]  rtnetlink_rcv+0x1c/0x30
[  129.675025][ T8286]  netlink_unicast+0x599/0x670
[  129.675130][ T8286]  netlink_sendmsg+0x5cc/0x6e0
[  129.675162][ T8286]  ? __pfx_netlink_sendmsg+0x10/0x10
[  129.675191][ T8286]  __sock_sendmsg+0x140/0x180
[  129.675230][ T8286]  ____sys_sendmsg+0x326/0x4b0
[  129.675255][ T8286]  __sys_sendmmsg+0x227/0x4b0
[  129.675294][ T8286]  __x64_sys_sendmmsg+0x57/0x70
[  129.675317][ T8286]  x64_sys_call+0x29aa/0x2dc0
[  129.675414][ T8286]  do_syscall_64+0xc9/0x1c0
[  129.675442][ T8286]  ? clear_bhb_loop+0x55/0xb0
[  129.675465][ T8286]  ? clear_bhb_loop+0x55/0xb0
[  129.675489][ T8286]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.675585][ T8286] RIP: 0033:0x7fd01a75d169
[  129.675605][ T8286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.675643][ T8286] RSP: 002b:00007fd018dc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  129.675659][ T8286] RAX: ffffffffffffffda RBX: 00007fd01a975fa0 RCX: 00007fd01a75d169
[  129.675669][ T8286] RDX: 040000000000009f RSI: 00004000000002c0 RDI: 0000000000000004
[  129.675732][ T8286] RBP: 00007fd018dc1090 R08: 0000000000000000 R09: 0000000000000000
[  129.675742][ T8286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  129.675752][ T8286] R13: 0000000000000000 R14: 00007fd01a975fa0 R15: 00007ffc5df447a8
[  129.675767][ T8286]  </TASK>
[  129.934878][ T8290] loop2: detected capacity change from 0 to 128
[  129.946085][ T8290] FAT-fs (loop2): Directory bread(block 32) failed
[  129.952621][ T8290] FAT-fs (loop2): Directory bread(block 33) failed
[  129.959289][ T8290] FAT-fs (loop2): Directory bread(block 34) failed
[  129.965865][ T8290] FAT-fs (loop2): Directory bread(block 35) failed
[  129.972438][ T8290] FAT-fs (loop2): Directory bread(block 36) failed
[  129.979113][ T8290] FAT-fs (loop2): Directory bread(block 37) failed
[  129.985647][ T8290] FAT-fs (loop2): Directory bread(block 38) failed
[  129.992249][ T8290] FAT-fs (loop2): Directory bread(block 39) failed
[  129.998776][ T8290] FAT-fs (loop2): Directory bread(block 40) failed
[  130.005355][ T8290] FAT-fs (loop2): Directory bread(block 41) failed
[  130.058882][ T8294] loop2: detected capacity change from 0 to 512
[  130.066149][ T8294] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  130.084454][ T8294] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.1569: Failed to acquire dquot type 0
[  130.096758][ T8294] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  130.111955][ T8294] EXT4-fs (loop2): 1 truncate cleaned up
[  130.118038][ T8294] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.136746][ T8294] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  130.158869][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.201696][ T8298] loop4: detected capacity change from 0 to 512
[  130.215190][ T8298] EXT4-fs: Ignoring removed mblk_io_submit option
[  130.222953][ T8298] EXT4-fs: Mount option(s) incompatible with ext2
[  130.242791][ T8304] loop2: detected capacity change from 0 to 512
[  130.250720][ T8304] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  130.252601][ T8306] pim6reg: entered allmulticast mode
[  130.259813][ T8304] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  130.262029][ T8304] EXT4-fs (loop2): orphan cleanup on readonly fs
[  130.279899][ T8304] EXT4-fs error (device loop2): ext4_orphan_get:1415: comm syz.2.1570: bad orphan inode 15
[  130.290094][ T8304] ext4_test_bit(bit=14, block=18) = 1
[  130.295667][ T8304] is_bad_inode(inode)=0
[  130.299826][ T8304] NEXT_ORPHAN(inode)=1023
[  130.304693][ T8304] max_ino=32
[  130.307900][ T8304] i_nlink=0
[  130.311316][ T8304] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2977: inode #15: comm syz.2.1570: corrupted xattr block 19: e_value size too large
[  130.325768][ T8304] EXT4-fs warning (device loop2): ext4_evict_inode:276: xattr delete (err -117)
[  130.335324][ T8304] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  130.348911][ T8304] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  130.366429][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.402716][ T8311] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1574'.
[  130.485480][ T8309] netlink: 'syz.0.1573': attribute type 15 has an invalid length.
[  130.493453][ T8309] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1573'.
[  130.615977][ T8305] pim6reg: left allmulticast mode
[  130.912231][ T8321] netlink: 'syz.4.1577': attribute type 1 has an invalid length.
[  130.925797][ T8321] 8021q: adding VLAN 0 to HW filter on device bond1
[  130.940420][ T8321] 8021q: adding VLAN 0 to HW filter on device bond1
[  130.948966][ T8321] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address
[  130.961484][ T8321] bond1: (slave wireguard0): Error -95 calling set_mac_address
[  131.204286][   T29] kauditd_printk_skb: 89 callbacks suppressed
[  131.204303][   T29] audit: type=1326 audit(1741347080.824:26114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8338 comm="syz.4.1583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e8b43d169 code=0x7ffc0000
[  131.248575][   T29] audit: type=1326 audit(1741347080.824:26115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8338 comm="syz.4.1583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e8b43d169 code=0x7ffc0000
[  131.272245][   T29] audit: type=1326 audit(1741347080.824:26116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8338 comm="syz.4.1583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e8b43d169 code=0x7ffc0000
[  131.295865][   T29] audit: type=1326 audit(1741347080.824:26117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8338 comm="syz.4.1583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e8b43d169 code=0x7ffc0000
[  131.320147][   T29] audit: type=1326 audit(1741347080.854:26118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8338 comm="syz.4.1583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e8b43d169 code=0x7ffc0000
[  131.343721][   T29] audit: type=1326 audit(1741347080.854:26119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8338 comm="syz.4.1583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5e8b43bc1f code=0x7ffc0000
[  131.360140][ T8343] pim6reg: entered allmulticast mode
[  131.368048][   T29] audit: type=1326 audit(1741347080.854:26120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8338 comm="syz.4.1583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e8b43d169 code=0x7ffc0000
[  131.396598][   T29] audit: type=1326 audit(1741347080.854:26121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8338 comm="syz.4.1583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e8b43d169 code=0x7ffc0000
[  131.439631][ T8346] pim6reg: entered allmulticast mode
[  131.758034][ T8343] netlink: 'syz.4.1585': attribute type 15 has an invalid length.
[  131.766037][ T8343] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1585'.
[  131.784467][ T8342] pim6reg: left allmulticast mode
[  131.803031][   T29] audit: type=1326 audit(1741347081.414:26122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8355 comm="syz.0.1588" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb5bf35d169 code=0x0
[  131.849518][ T8359] loop1: detected capacity change from 0 to 1024
[  131.858056][ T8359] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  131.869238][ T8359] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  131.878049][ T8359] EXT4-fs (loop1): orphan cleanup on readonly fs
[  131.885061][ T8359] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  131.895669][ T8359] EXT4-fs (loop1): Remounting filesystem read-only
[  131.902277][ T8359] Quota error (device loop1): write_blk: dquota write failed
[  131.910031][ T8359] EXT4-fs (loop1): 1 orphan inode deleted
[  131.917502][ T8359] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  131.939519][ T8359] SELinux: (dev loop1, type ext4) getxattr errno 5
[  131.956722][ T8360] loop3: detected capacity change from 0 to 512
[  131.964390][ T8360] EXT4-fs: Ignoring removed mblk_io_submit option
[  131.971549][ T8360] EXT4-fs: Mount option(s) incompatible with ext2
[  131.979547][ T8359] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.097444][ T8368] loop1: detected capacity change from 0 to 512
[  132.105522][ T8368] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  132.114701][ T8368] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  132.122843][ T8346] netlink: 'syz.2.1586': attribute type 15 has an invalid length.
[  132.130978][ T8346] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1586'.
[  132.141161][ T8345] pim6reg: left allmulticast mode
[  132.147415][ T8368] EXT4-fs (loop1): orphan cleanup on readonly fs
[  132.154765][ T8368] EXT4-fs error (device loop1): ext4_orphan_get:1415: comm syz.1.1592: bad orphan inode 15
[  132.166038][ T8368] ext4_test_bit(bit=14, block=18) = 1
[  132.167507][ T8374] FAULT_INJECTION: forcing a failure.
[  132.167507][ T8374] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  132.172102][ T8368] is_bad_inode(inode)=0
[  132.185046][ T8374] CPU: 1 UID: 0 PID: 8374 Comm: syz.4.1595 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  132.185150][ T8374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  132.185168][ T8374] Call Trace:
[  132.185178][ T8374]  <TASK>
[  132.185188][ T8374]  dump_stack_lvl+0xf2/0x150
[  132.185229][ T8374]  dump_stack+0x15/0x1a
[  132.185257][ T8374]  should_fail_ex+0x24a/0x260
[  132.185343][ T8374]  should_fail+0xb/0x10
[  132.185375][ T8374]  should_fail_usercopy+0x1a/0x20
[  132.185446][ T8374]  _copy_to_user+0x20/0xa0
[  132.185470][ T8374]  __se_sys_newstat+0x229/0x280
[  132.185510][ T8374]  __x64_sys_newstat+0x31/0x40
[  132.185535][ T8374]  x64_sys_call+0x6eb/0x2dc0
[  132.185580][ T8374]  do_syscall_64+0xc9/0x1c0
[  132.185678][ T8374]  ? clear_bhb_loop+0x55/0xb0
[  132.185713][ T8374]  ? clear_bhb_loop+0x55/0xb0
[  132.185747][ T8374]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.185782][ T8374] RIP: 0033:0x7f5e8b43d169
[  132.185811][ T8374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.185835][ T8374] RSP: 002b:00007f5e89aa7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  132.185913][ T8374] RAX: ffffffffffffffda RBX: 00007f5e8b655fa0 RCX: 00007f5e8b43d169
[  132.185950][ T8374] RDX: 0000000000000000 RSI: 00004000000001c0 RDI: 0000400000000180
[  132.185966][ T8374] RBP: 00007f5e89aa7090 R08: 0000000000000000 R09: 0000000000000000
[  132.185982][ T8374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.185997][ T8374] R13: 0000000000000000 R14: 00007f5e8b655fa0 R15: 00007ffcfa0bf758
[  132.186086][ T8374]  </TASK>
[  132.355003][ T8368] NEXT_ORPHAN(inode)=1023
[  132.359516][ T8368] max_ino=32
[  132.364113][ T8368] i_nlink=0
[  132.368796][ T8368] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2977: inode #15: comm syz.1.1592: corrupted xattr block 19: e_value size too large
[  132.388118][ T8368] EXT4-fs warning (device loop1): ext4_evict_inode:276: xattr delete (err -117)
[  132.398156][ T8368] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  132.426537][ T8368] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  132.451659][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.505218][ T8379] loop4: detected capacity change from 0 to 8192
[  132.715542][ T8398] pim6reg: entered allmulticast mode
[  132.887114][ T8407] loop2: detected capacity change from 0 to 512
[  132.927277][ T8407] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  132.994615][ T8404] netlink: 'syz.0.1603': attribute type 15 has an invalid length.
[  133.002627][ T8404] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1603'.
[  133.025635][ T8407] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.1606: Failed to acquire dquot type 0
[  133.046408][ T8407] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  133.086288][ T8407] EXT4-fs (loop2): 1 truncate cleaned up
[  133.109271][ T8407] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.162397][ T8407] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  133.222321][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.339279][ T8418] loop3: detected capacity change from 0 to 1024
[  133.366934][ T8418] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.388272][ T8421] loop4: detected capacity change from 0 to 1024
[  133.406590][ T8421] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.439061][ T8418] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1609'.
[  133.457224][ T8397] pim6reg: left allmulticast mode
[  133.483795][ T8421] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1610'.
[  133.862303][ T8438] pim6reg: entered allmulticast mode
[  134.079845][ T8444] netlink: 'syz.0.1611': attribute type 15 has an invalid length.
[  134.087939][ T8444] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1611'.
[  134.236229][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.469149][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.538846][ T8458] netlink: 'syz.3.1619': attribute type 1 has an invalid length.
[  134.552766][ T8458] 8021q: adding VLAN 0 to HW filter on device bond1
[  134.563102][ T8458] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1619'.
[  134.572357][ T8458] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1619'.
[  134.600517][ T8458] vlan2: entered promiscuous mode
[  134.605632][ T8458] bond1: entered promiscuous mode
[  134.644752][ T8437] pim6reg: left allmulticast mode
[  134.712598][ T8478] loop2: detected capacity change from 0 to 1024
[  134.734616][ T8478] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.951017][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.996727][ T8491] loop2: detected capacity change from 0 to 512
[  135.006727][ T8491] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  135.042192][ T8497] netlink: 'syz.0.1632': attribute type 1 has an invalid length.
[  135.051942][ T8491] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.1630: Failed to acquire dquot type 0
[  135.070105][ T8491] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  135.087195][ T8497] 8021q: adding VLAN 0 to HW filter on device bond1
[  135.094747][ T8491] EXT4-fs (loop2): 1 truncate cleaned up
[  135.101003][ T8491] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.131214][ T8497] vlan2: entered promiscuous mode
[  135.136368][ T8497] bond1: entered promiscuous mode
[  135.141875][ T8491] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  135.152705][ T8477] netlink: 'syz.3.1626': attribute type 15 has an invalid length.
[  135.178380][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.281000][ T8509] netlink: 'syz.0.1636': attribute type 1 has an invalid length.
[  135.330156][ T8509] 8021q: adding VLAN 0 to HW filter on device bond2
[  135.354803][ T8509] vlan3: entered promiscuous mode
[  135.359946][ T8509] bond2: entered promiscuous mode
[  135.476719][ T8522] __nla_validate_parse: 9 callbacks suppressed
[  135.476734][ T8522] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1641'.
[  135.521672][ T8526] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  135.545641][ T8528] blktrace: Concurrent blktraces are not allowed on loop9
[  135.579474][ T8522] FAULT_INJECTION: forcing a failure.
[  135.579474][ T8522] name failslab, interval 1, probability 0, space 0, times 0
[  135.592193][ T8522] CPU: 1 UID: 0 PID: 8522 Comm: syz.3.1641 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  135.592219][ T8522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  135.592233][ T8522] Call Trace:
[  135.592241][ T8522]  <TASK>
[  135.592250][ T8522]  dump_stack_lvl+0xf2/0x150
[  135.592304][ T8522]  dump_stack+0x15/0x1a
[  135.592329][ T8522]  should_fail_ex+0x24a/0x260
[  135.592396][ T8522]  should_failslab+0x8f/0xb0
[  135.592494][ T8522]  kmem_cache_alloc_node_noprof+0x59/0x320
[  135.592520][ T8522]  ? __alloc_skb+0x10b/0x310
[  135.592562][ T8522]  __alloc_skb+0x10b/0x310
[  135.592586][ T8522]  netlink_alloc_large_skb+0xad/0xe0
[  135.592616][ T8522]  netlink_sendmsg+0x3b4/0x6e0
[  135.592714][ T8522]  ? __pfx_netlink_sendmsg+0x10/0x10
[  135.592749][ T8522]  __sock_sendmsg+0x140/0x180
[  135.592781][ T8522]  ____sys_sendmsg+0x326/0x4b0
[  135.592890][ T8522]  __sys_sendmsg+0x19d/0x230
[  135.592935][ T8522]  __x64_sys_sendmsg+0x46/0x50
[  135.592962][ T8522]  x64_sys_call+0x2734/0x2dc0
[  135.593009][ T8522]  do_syscall_64+0xc9/0x1c0
[  135.593046][ T8522]  ? clear_bhb_loop+0x55/0xb0
[  135.593122][ T8522]  ? clear_bhb_loop+0x55/0xb0
[  135.593154][ T8522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.593185][ T8522] RIP: 0033:0x7f37530ed169
[  135.593224][ T8522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.593245][ T8522] RSP: 002b:00007f3751751038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  135.593267][ T8522] RAX: ffffffffffffffda RBX: 00007f3753305fa0 RCX: 00007f37530ed169
[  135.593280][ T8522] RDX: 0000000000004000 RSI: 0000400000000300 RDI: 0000000000000005
[  135.593295][ T8522] RBP: 00007f3751751090 R08: 0000000000000000 R09: 0000000000000000
[  135.593309][ T8522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  135.593323][ T8522] R13: 0000000000000000 R14: 00007f3753305fa0 R15: 00007ffd24630048
[  135.593375][ T8522]  </TASK>
[  135.829569][ T8534] loop2: detected capacity change from 0 to 1024
[  135.871130][ T8548] FAULT_INJECTION: forcing a failure.
[  135.871130][ T8548] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  135.884366][ T8548] CPU: 0 UID: 0 PID: 8548 Comm: syz.1.1650 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  135.884398][ T8548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  135.884413][ T8548] Call Trace:
[  135.884421][ T8548]  <TASK>
[  135.884430][ T8548]  dump_stack_lvl+0xf2/0x150
[  135.884481][ T8548]  dump_stack+0x15/0x1a
[  135.884502][ T8548]  should_fail_ex+0x24a/0x260
[  135.884539][ T8548]  should_fail+0xb/0x10
[  135.884568][ T8548]  should_fail_usercopy+0x1a/0x20
[  135.884618][ T8548]  _copy_to_user+0x20/0xa0
[  135.884643][ T8548]  simple_read_from_buffer+0xa0/0x110
[  135.884679][ T8548]  proc_fail_nth_read+0xf9/0x140
[  135.884719][ T8548]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  135.884747][ T8548]  vfs_read+0x19b/0x6f0
[  135.884771][ T8548]  ? __rcu_read_unlock+0x4e/0x70
[  135.884868][ T8548]  ? __fget_files+0x17c/0x1c0
[  135.884907][ T8548]  ksys_read+0xe8/0x1b0
[  135.884935][ T8548]  __x64_sys_read+0x42/0x50
[  135.885009][ T8548]  x64_sys_call+0x2874/0x2dc0
[  135.885039][ T8548]  do_syscall_64+0xc9/0x1c0
[  135.885202][ T8548]  ? clear_bhb_loop+0x55/0xb0
[  135.885232][ T8548]  ? clear_bhb_loop+0x55/0xb0
[  135.885266][ T8548]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.885297][ T8548] RIP: 0033:0x7fe446d2bb7c
[  135.885381][ T8548] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  135.885400][ T8548] RSP: 002b:00007fe445391030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  135.885419][ T8548] RAX: ffffffffffffffda RBX: 00007fe446f45fa0 RCX: 00007fe446d2bb7c
[  135.885470][ T8548] RDX: 000000000000000f RSI: 00007fe4453910a0 RDI: 0000000000000004
[  135.885544][ T8548] RBP: 00007fe445391090 R08: 0000000000000000 R09: 0000000000000000
[  135.885561][ T8548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  135.885575][ T8548] R13: 0000000000000000 R14: 00007fe446f45fa0 R15: 00007ffd5ceccbe8
[  135.885594][ T8548]  </TASK>
[  136.095373][ T8534] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.288258][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.297679][   T29] kauditd_printk_skb: 112 callbacks suppressed
[  136.297695][   T29] audit: type=1326 audit(1741347085.914:26228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8561 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5bf35d169 code=0x7ffc0000
[  136.327697][   T29] audit: type=1326 audit(1741347085.914:26229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8561 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5bf35d169 code=0x7ffc0000
[  136.351423][   T29] audit: type=1326 audit(1741347085.914:26230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8561 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7fb5bf35d169 code=0x7ffc0000
[  136.374861][   T29] audit: type=1326 audit(1741347085.914:26231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8561 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5bf35d169 code=0x7ffc0000
[  136.398460][   T29] audit: type=1326 audit(1741347085.914:26232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8561 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7fb5bf35d169 code=0x7ffc0000
[  136.421976][   T29] audit: type=1326 audit(1741347085.914:26233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8561 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5bf35d169 code=0x7ffc0000
[  136.445713][   T29] audit: type=1326 audit(1741347085.914:26234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8561 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb5bf35d169 code=0x7ffc0000
[  136.469426][   T29] audit: type=1326 audit(1741347085.914:26235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8561 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5bf35d169 code=0x7ffc0000
[  136.493029][   T29] audit: type=1326 audit(1741347085.914:26236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8561 comm="syz.0.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5bf35d169 code=0x7ffc0000
[  136.626350][   T29] audit: type=1400 audit(1741347086.204:26237): avc:  denied  { read } for  pid=8578 comm=9B985B7DA1C38C840EA4E0DAD67E40 name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  136.686875][ T8584] pim6reg: entered allmulticast mode
[  137.076610][ T8592] vlan3: entered allmulticast mode
[  137.081824][ T8592] bridge_slave_0: entered allmulticast mode
[  137.124464][ T8592] bridge_slave_0: left allmulticast mode
[  137.150400][ T8593] vlan3: entered allmulticast mode
[  137.155657][ T8593] bridge_slave_0: entered allmulticast mode
[  137.215045][ T8593] bridge_slave_0: left allmulticast mode
[  137.492446][ T8599] loop3: detected capacity change from 0 to 512
[  137.548834][ T8599] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  137.570063][ T8603] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=47 sclass=netlink_xfrm_socket pid=8603 comm=syz.4.1665
[  137.605466][ T8599] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  137.630673][ T8599] System zones: 1-12
[  137.642819][ T8603] netlink: 4984 bytes leftover after parsing attributes in process `syz.4.1665'.
[  137.661994][ T8599] EXT4-fs (loop3): 1 truncate cleaned up
[  137.687276][ T8599] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.765207][ T8599] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1663'.
[  137.803315][ T8584] netlink: 'syz.2.1660': attribute type 15 has an invalid length.
[  137.811227][ T8584] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1660'.
[  137.820680][ T8583] pim6reg: left allmulticast mode
[  137.831927][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.854947][ T8611] loop4: detected capacity change from 0 to 1024
[  137.865734][ T8611] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.079283][ T8620] loop3: detected capacity change from 0 to 256
[  138.092302][ T8620] msdos: Unknown parameter '��������y��/n'
[  138.094577][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.228697][ T8634] loop2: detected capacity change from 0 to 1024
[  138.248400][ T8634] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.289226][ T8634] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1676'.
[  138.290009][ T8624] netlink: 'syz.3.1673': attribute type 1 has an invalid length.
[  138.313611][ T8624] 8021q: adding VLAN 0 to HW filter on device bond2
[  138.324241][ T8624] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1673'.
[  138.338114][ T8624] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1673'.
[  138.350070][ T8624] vlan3: entered promiscuous mode
[  138.355301][ T8624] bond2: entered promiscuous mode
[  139.209683][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.561392][ T8671] netlink: 'syz.0.1687': attribute type 1 has an invalid length.
[  139.578755][ T8671] 8021q: adding VLAN 0 to HW filter on device bond3
[  139.589196][ T8671] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1687'.
[  139.589572][ T8677] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1686'.
[  139.603776][ T8671] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1687'.
[  139.619756][ T8671] vlan4: entered promiscuous mode
[  139.624902][ T8671] bond3: entered promiscuous mode
[  139.830822][ T8697] FAULT_INJECTION: forcing a failure.
[  139.830822][ T8697] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  139.844030][ T8697] CPU: 1 UID: 0 PID: 8697 Comm: syz.3.1695 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  139.844060][ T8697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  139.844127][ T8697] Call Trace:
[  139.844136][ T8697]  <TASK>
[  139.844145][ T8697]  dump_stack_lvl+0xf2/0x150
[  139.844211][ T8697]  dump_stack+0x15/0x1a
[  139.844233][ T8697]  should_fail_ex+0x24a/0x260
[  139.844269][ T8697]  should_fail+0xb/0x10
[  139.844302][ T8697]  should_fail_usercopy+0x1a/0x20
[  139.844374][ T8697]  strncpy_from_user+0x25/0x210
[  139.844448][ T8697]  ? __rcu_read_unlock+0x4e/0x70
[  139.844564][ T8697]  strncpy_from_user_nofault+0x66/0xe0
[  139.844597][ T8697]  bpf_probe_read_user_str+0x2a/0x70
[  139.844712][ T8697]  bpf_prog_1f2a558f99cc9b3e+0x3e/0x40
[  139.844733][ T8697]  bpf_trace_run2+0x104/0x1d0
[  139.844757][ T8697]  ? ref_tracker_free+0x2bc/0x410
[  139.844789][ T8697]  ? ref_tracker_free+0x2bc/0x410
[  139.844823][ T8697]  kfree+0x247/0x2f0
[  139.844914][ T8697]  ? stack_trace_save+0x61/0x90
[  139.844951][ T8697]  ref_tracker_free+0x2bc/0x410
[  139.844985][ T8697]  ? ppp_destroy_channel+0x37/0x120
[  139.845059][ T8697]  ? ppp_unregister_channel+0x1bb/0x200
[  139.845099][ T8697]  ? pppox_unbind_sock+0x42/0x60
[  139.845199][ T8697]  ? pppol2tp_release+0x63/0x1a0
[  139.845230][ T8697]  ? sock_close+0x68/0x150
[  139.845264][ T8697]  ? __fput+0x2ac/0x640
[  139.845288][ T8697]  ? ____fput+0x1c/0x30
[  139.845311][ T8697]  ? task_work_run+0x13a/0x1a0
[  139.845364][ T8697]  ? syscall_exit_to_user_mode+0xa8/0x120
[  139.845395][ T8697]  ? do_syscall_64+0xd6/0x1c0
[  139.845449][ T8697]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.845486][ T8697]  ppp_destroy_channel+0x37/0x120
[  139.845552][ T8697]  ppp_unregister_channel+0x1bb/0x200
[  139.845647][ T8697]  pppox_unbind_sock+0x42/0x60
[  139.845720][ T8697]  pppol2tp_release+0x63/0x1a0
[  139.845749][ T8697]  sock_close+0x68/0x150
[  139.845773][ T8697]  ? __pfx_sock_close+0x10/0x10
[  139.845799][ T8697]  __fput+0x2ac/0x640
[  139.845825][ T8697]  ____fput+0x1c/0x30
[  139.845842][ T8697]  task_work_run+0x13a/0x1a0
[  139.845870][ T8697]  syscall_exit_to_user_mode+0xa8/0x120
[  139.845895][ T8697]  do_syscall_64+0xd6/0x1c0
[  139.846040][ T8697]  ? clear_bhb_loop+0x55/0xb0
[  139.846064][ T8697]  ? clear_bhb_loop+0x55/0xb0
[  139.846087][ T8697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.846111][ T8697] RIP: 0033:0x7f37530ed169
[  139.846124][ T8697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.846140][ T8697] RSP: 002b:00007f3751751038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  139.846228][ T8697] RAX: 0000000000000000 RBX: 00007f3753305fa0 RCX: 00007f37530ed169
[  139.846243][ T8697] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000006
[  139.846257][ T8697] RBP: 00007f3751751090 R08: 0000000000000000 R09: 0000000000000000
[  139.846350][ T8697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.846361][ T8697] R13: 0000000000000000 R14: 00007f3753305fa0 R15: 00007ffd24630048
[  139.846377][ T8697]  </TASK>
[  140.385761][ T8719] FAULT_INJECTION: forcing a failure.
[  140.385761][ T8719] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  140.398972][ T8719] CPU: 1 UID: 0 PID: 8719 Comm: syz.3.1702 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  140.399034][ T8719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  140.399048][ T8719] Call Trace:
[  140.399055][ T8719]  <TASK>
[  140.399107][ T8719]  dump_stack_lvl+0xf2/0x150
[  140.399166][ T8719]  dump_stack+0x15/0x1a
[  140.399193][ T8719]  should_fail_ex+0x24a/0x260
[  140.399229][ T8719]  should_fail+0xb/0x10
[  140.399262][ T8719]  should_fail_usercopy+0x1a/0x20
[  140.399302][ T8719]  strncpy_from_user+0x25/0x210
[  140.399363][ T8719]  ? kmem_cache_alloc_noprof+0x18e/0x320
[  140.399391][ T8719]  ? getname_flags+0x81/0x3b0
[  140.399435][ T8719]  getname_flags+0xb0/0x3b0
[  140.399515][ T8719]  __x64_sys_unlinkat+0x75/0xb0
[  140.399570][ T8719]  x64_sys_call+0x28d8/0x2dc0
[  140.399604][ T8719]  do_syscall_64+0xc9/0x1c0
[  140.399693][ T8719]  ? clear_bhb_loop+0x55/0xb0
[  140.399806][ T8719]  ? clear_bhb_loop+0x55/0xb0
[  140.399919][ T8719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.399964][ T8719] RIP: 0033:0x7f37530ed169
[  140.399983][ T8719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.400006][ T8719] RSP: 002b:00007f3751751038 EFLAGS: 00000246 ORIG_RAX: 0000000000000107
[  140.400028][ T8719] RAX: ffffffffffffffda RBX: 00007f3753305fa0 RCX: 00007f37530ed169
[  140.400044][ T8719] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffff9c
[  140.400058][ T8719] RBP: 00007f3751751090 R08: 0000000000000000 R09: 0000000000000000
[  140.400073][ T8719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  140.400088][ T8719] R13: 0000000000000000 R14: 00007f3753305fa0 R15: 00007ffd24630048
[  140.400120][ T8719]  </TASK>
[  140.403106][ T8712] netlink: 'syz.4.1700': attribute type 1 has an invalid length.
[  140.524565][ T8715] __nla_validate_parse: 2 callbacks suppressed
[  140.524586][ T8715] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1700'.
[  140.529328][ T8724] netlink: 'syz.2.1704': attribute type 7 has an invalid length.
[  140.614698][ T8724] netlink: 'syz.2.1704': attribute type 8 has an invalid length.
[  140.638067][ T8712] 8021q: adding VLAN 0 to HW filter on device bond2
[  140.651468][ T8715] vlan2: entered promiscuous mode
[  140.656689][ T8715] bond2: entered promiscuous mode
[  140.705890][ T8736] pim6reg: entered allmulticast mode
[  140.718912][ T8740] pim6reg: entered allmulticast mode
[  140.732359][ T8742] loop3: detected capacity change from 0 to 128
[  140.746821][ T8742] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8742 comm=syz.3.1710
[  140.763583][ T8742] FAULT_INJECTION: forcing a failure.
[  140.763583][ T8742] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  140.778058][ T8742] CPU: 1 UID: 0 PID: 8742 Comm: syz.3.1710 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  140.778092][ T8742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  140.778103][ T8742] Call Trace:
[  140.778109][ T8742]  <TASK>
[  140.778116][ T8742]  dump_stack_lvl+0xf2/0x150
[  140.778141][ T8742]  dump_stack+0x15/0x1a
[  140.778160][ T8742]  should_fail_ex+0x24a/0x260
[  140.778244][ T8742]  should_fail+0xb/0x10
[  140.778268][ T8742]  should_fail_usercopy+0x1a/0x20
[  140.778297][ T8742]  _copy_from_user+0x1c/0xa0
[  140.778320][ T8742]  copy_msghdr_from_user+0x54/0x2a0
[  140.778399][ T8742]  ? __fget_files+0x17c/0x1c0
[  140.778442][ T8742]  __sys_sendmsg+0x13e/0x230
[  140.778543][ T8742]  __x64_sys_sendmsg+0x46/0x50
[  140.778567][ T8742]  x64_sys_call+0x2734/0x2dc0
[  140.778590][ T8742]  do_syscall_64+0xc9/0x1c0
[  140.778628][ T8742]  ? clear_bhb_loop+0x55/0xb0
[  140.778651][ T8742]  ? clear_bhb_loop+0x55/0xb0
[  140.778674][ T8742]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.778697][ T8742] RIP: 0033:0x7f37530ed169
[  140.778711][ T8742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.778773][ T8742] RSP: 002b:00007f3751751038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  140.778788][ T8742] RAX: ffffffffffffffda RBX: 00007f3753305fa0 RCX: 00007f37530ed169
[  140.778799][ T8742] RDX: 0000000000004010 RSI: 0000400000000280 RDI: 000000000000000c
[  140.778809][ T8742] RBP: 00007f3751751090 R08: 0000000000000000 R09: 0000000000000000
[  140.778819][ T8742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  140.778829][ T8742] R13: 0000000000000000 R14: 00007f3753305fa0 R15: 00007ffd24630048
[  140.778898][ T8742]  </TASK>
[  141.090793][ T8746] netlink: 'syz.4.1709': attribute type 15 has an invalid length.
[  141.098896][ T8746] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1709'.
[  141.265328][ T8736] netlink: 'syz.1.1707': attribute type 15 has an invalid length.
[  141.273537][ T8736] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1707'.
[  141.292361][ T8735] pim6reg: left allmulticast mode
[  141.324109][ T8754] loop2: detected capacity change from 0 to 128
[  141.352863][ T8754] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8754 comm=syz.2.1712
[  141.364063][ T8739] pim6reg: left allmulticast mode
[  141.685479][ T8777] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1721'.
[  141.696574][ T8782] FAULT_INJECTION: forcing a failure.
[  141.696574][ T8782] name failslab, interval 1, probability 0, space 0, times 0
[  141.709476][ T8782] CPU: 1 UID: 0 PID: 8782 Comm: syz.1.1722 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  141.709508][ T8782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  141.709523][ T8782] Call Trace:
[  141.709530][ T8782]  <TASK>
[  141.709538][ T8782]  dump_stack_lvl+0xf2/0x150
[  141.709588][ T8782]  dump_stack+0x15/0x1a
[  141.709609][ T8782]  should_fail_ex+0x24a/0x260
[  141.709644][ T8782]  ? dev_ethtool+0x96/0x14c0
[  141.709667][ T8782]  should_failslab+0x8f/0xb0
[  141.709703][ T8782]  __kmalloc_cache_noprof+0x4e/0x320
[  141.709810][ T8782]  dev_ethtool+0x96/0x14c0
[  141.709833][ T8782]  ? strcmp+0x21/0x50
[  141.709894][ T8782]  ? __rcu_read_unlock+0x4e/0x70
[  141.709928][ T8782]  dev_ioctl+0x854/0xab0
[  141.709956][ T8782]  sock_do_ioctl+0x11c/0x260
[  141.709996][ T8782]  sock_ioctl+0x40f/0x600
[  141.710029][ T8782]  ? __pfx_sock_ioctl+0x10/0x10
[  141.710063][ T8782]  __se_sys_ioctl+0xc9/0x140
[  141.710148][ T8782]  __x64_sys_ioctl+0x43/0x50
[  141.710175][ T8782]  x64_sys_call+0x1690/0x2dc0
[  141.710211][ T8782]  do_syscall_64+0xc9/0x1c0
[  141.710315][ T8782]  ? clear_bhb_loop+0x55/0xb0
[  141.710345][ T8782]  ? clear_bhb_loop+0x55/0xb0
[  141.710375][ T8782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.710441][ T8782] RIP: 0033:0x7fe446d2d169
[  141.710460][ T8782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.710558][ T8782] RSP: 002b:00007fe445391038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  141.710581][ T8782] RAX: ffffffffffffffda RBX: 00007fe446f45fa0 RCX: 00007fe446d2d169
[  141.710596][ T8782] RDX: 0000400000000180 RSI: 0000000000008946 RDI: 0000000000000004
[  141.710611][ T8782] RBP: 00007fe445391090 R08: 0000000000000000 R09: 0000000000000000
[  141.710626][ T8782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.710639][ T8782] R13: 0000000000000000 R14: 00007fe446f45fa0 R15: 00007ffd5ceccbe8
[  141.710671][ T8782]  </TASK>
[  141.857863][ T8773] netlink: 'syz.2.1719': attribute type 1 has an invalid length.
[  141.921921][ T8781] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1719'.
[  142.016003][   T29] kauditd_printk_skb: 90 callbacks suppressed
[  142.016058][   T29] audit: type=1400 audit(1741347320.637:26328): avc:  denied  { map } for  pid=8799 comm="syz.1.1727" path="socket:[20915]" dev="sockfs" ino=20915 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  142.058440][ T8802] pim6reg: entered allmulticast mode
[  142.289958][ T8818] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1733'.
[  142.315165][   T29] audit: type=1400 audit(1741347320.937:26329): avc:  denied  { create } for  pid=8821 comm="syz.1.1734" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[  142.502488][ T8802] netlink: 'syz.2.1728': attribute type 15 has an invalid length.
[  142.510410][ T8802] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1728'.
[  142.519867][ T8801] pim6reg: left allmulticast mode
[  142.522167][ T8824] netlink: 'syz.3.1735': attribute type 1 has an invalid length.
[  142.546414][   T29] audit: type=1326 audit(1741347321.167:26330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8833 comm="syz.1.1737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe446d2d169 code=0x7ffc0000
[  142.551643][ T8824] 8021q: adding VLAN 0 to HW filter on device bond3
[  142.577483][ T8834] audit: audit_lost=3 audit_rate_limit=0 audit_backlog_limit=64
[  142.578438][   T29] audit: type=1326 audit(1741347321.197:26331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8833 comm="syz.1.1737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe446d2d169 code=0x7ffc0000
[  142.585259][ T8834] audit: out of memory in audit_log_start
[  142.608866][   T29] audit: type=1326 audit(1741347321.197:26332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8833 comm="syz.1.1737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe446d2d169 code=0x7ffc0000
[  142.626949][ T8824] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1735'.
[  142.638210][   T29] audit: type=1326 audit(1741347321.197:26333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8833 comm="syz.1.1737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe446d2d169 code=0x7ffc0000
[  142.670908][   T29] audit: type=1326 audit(1741347321.197:26334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8833 comm="syz.1.1737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe446d2d169 code=0x7ffc0000
[  142.676233][ T8824] vlan4: entered promiscuous mode
[  142.694911][   T29] audit: type=1326 audit(1741347321.197:26335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8833 comm="syz.1.1737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe446d2d169 code=0x7ffc0000
[  142.699914][ T8824] bond3: entered promiscuous mode
[  142.816603][ T8838] loop1: detected capacity change from 0 to 2048
[  142.863074][ T8838] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.901400][ T8851] loop3: detected capacity change from 0 to 512
[  142.919830][ T8851] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  142.956390][ T8858] loop4: detected capacity change from 0 to 512
[  143.013670][ T8851] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.1744: Failed to acquire dquot type 0
[  143.038705][ T8851] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  143.063332][ T8851] EXT4-fs (loop3): 1 truncate cleaned up
[  143.069475][ T8851] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.088241][ T8851] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  143.199599][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.216987][ T8880] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  143.225531][ T8880] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  143.253538][ T8880] capability: warning: `syz.2.1753' uses deprecated v2 capabilities in a way that may be insecure
[  143.310618][ T8890] pim6reg: entered allmulticast mode
[  143.356708][ T8878] netlink: 'syz.4.1752': attribute type 1 has an invalid length.
[  143.361705][ T8892] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1758'.
[  143.371196][ T8878] 8021q: adding VLAN 0 to HW filter on device bond3
[  143.387408][ T8878] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1752'.
[  143.399687][ T8878] vlan3: entered promiscuous mode
[  143.404801][ T8878] bond3: entered promiscuous mode
[  143.562801][ T8910] loop3: detected capacity change from 0 to 512
[  143.590578][ T8910] EXT4-fs: dax option not supported
[  143.634518][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.899258][ T8918] loop2: detected capacity change from 0 to 512
[  143.923712][ T8918] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  143.937787][ T8913] loop3: detected capacity change from 0 to 1024
[  143.958610][ T8889] pim6reg: left allmulticast mode
[  143.965926][ T8918] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.1767: Failed to acquire dquot type 0
[  143.978143][ T8913] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.994336][ T8918] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  144.029584][ T8918] EXT4-fs (loop2): 1 truncate cleaned up
[  144.044835][ T8918] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.105544][ T8918] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  144.171992][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.173468][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.227055][ T8931] bridge0: entered allmulticast mode
[  144.378010][ T8929] 8021q: adding VLAN 0 to HW filter on device bond2
[  144.394022][ T8929] vlan3: entered promiscuous mode
[  144.399134][ T8929] bond2: entered promiscuous mode
[  144.500891][ T8958] loop2: detected capacity change from 0 to 512
[  144.531542][ T8958] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  144.576974][ T8958] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.1780: Failed to acquire dquot type 0
[  144.602551][ T8966] loop3: detected capacity change from 0 to 1024
[  144.621631][ T8966] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.634002][ T8958] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  144.653505][ T8958] EXT4-fs (loop2): 1 truncate cleaned up
[  144.659614][ T8958] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.709084][ T8958] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  144.759624][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.840025][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.921248][ T8983] pim6reg: entered allmulticast mode
[  145.077633][ T8981] validate_nla: 3 callbacks suppressed
[  145.077649][ T8981] netlink: 'syz.3.1785': attribute type 1 has an invalid length.
[  145.119260][ T8981] 8021q: adding VLAN 0 to HW filter on device bond4
[  145.137075][ T8981] vlan5: entered promiscuous mode
[  145.142282][ T8981] bond4: entered promiscuous mode
[  145.364824][ T9003] loop3: detected capacity change from 0 to 8192
[  145.391758][ T8983] netlink: 'syz.4.1786': attribute type 15 has an invalid length.
[  145.401542][ T8982] pim6reg: left allmulticast mode
[  145.420359][ T9015] loop1: detected capacity change from 0 to 1024
[  145.447295][ T9015] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.662208][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.782209][ T9025] __nla_validate_parse: 12 callbacks suppressed
[  145.782245][ T9025] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1797'.
[  146.003790][ T9042] pim6reg: entered allmulticast mode
[  146.147890][ T9039] netlink: 'syz.4.1801': attribute type 1 has an invalid length.
[  146.172132][ T9039] 8021q: adding VLAN 0 to HW filter on device bond4
[  146.194312][ T9039] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1801'.
[  146.207019][ T9039] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1801'.
[  146.219788][ T9039] vlan4: entered promiscuous mode
[  146.224902][ T9039] bond4: entered promiscuous mode
[  146.233505][ T9055] netlink: 'syz.0.1802': attribute type 15 has an invalid length.
[  146.241364][ T9055] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1802'.
[  146.281838][ T9064] pim6reg: entered allmulticast mode
[  146.286012][ T9049] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  146.295719][ T9049] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  146.428756][ T9040] pim6reg: left allmulticast mode
[  146.748187][ T9064] netlink: 'syz.4.1809': attribute type 15 has an invalid length.
[  146.756179][ T9064] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1809'.
[  146.775401][ T9063] pim6reg: left allmulticast mode
[  146.788742][ T9061] netlink: 'syz.3.1808': attribute type 15 has an invalid length.
[  146.796858][ T9061] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1808'.
[  146.800432][ T9071] 9pnet_fd: Insufficient options for proto=fd
[  147.018386][ T9089] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1813'.
[  147.027590][ T9089] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1813'.
[  147.139469][ T9095] netlink: 'syz.0.1819': attribute type 1 has an invalid length.
[  147.163813][ T9095] 8021q: adding VLAN 0 to HW filter on device bond4
[  147.203121][ T9095] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1819'.
[  147.212651][ T9095] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1819'.
[  147.234573][ T9098] pim6reg: entered allmulticast mode
[  147.246084][ T9095] vlan5: entered promiscuous mode
[  147.251769][ T9095] bond4: entered promiscuous mode
[  147.306509][   T29] kauditd_printk_skb: 298 callbacks suppressed
[  147.306527][   T29] audit: type=1326 audit(1741347325.927:26626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9101 comm="syz.2.1822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd01a75d169 code=0x7ffc0000
[  147.336906][   T29] audit: type=1326 audit(1741347325.957:26627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9101 comm="syz.2.1822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7fd01a75d169 code=0x7ffc0000
[  147.360882][   T29] audit: type=1326 audit(1741347325.957:26628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9101 comm="syz.2.1822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd01a75d169 code=0x7ffc0000
[  147.360913][   T29] audit: type=1326 audit(1741347325.957:26629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9101 comm="syz.2.1822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7fd01a75d169 code=0x7ffc0000
[  147.360980][   T29] audit: type=1326 audit(1741347325.957:26630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9101 comm="syz.2.1822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd01a75d169 code=0x7ffc0000
[  147.367516][   T29] audit: type=1326 audit(1741347325.957:26631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9101 comm="syz.2.1822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7fd01a75d169 code=0x7ffc0000
[  147.367558][   T29] audit: type=1326 audit(1741347325.957:26632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9101 comm="syz.2.1822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd01a75d169 code=0x7ffc0000
[  147.367592][   T29] audit: type=1326 audit(1741347325.957:26633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9101 comm="syz.2.1822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd01a75bad0 code=0x7ffc0000
[  147.417876][   T29] audit: type=1326 audit(1741347326.017:26634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9101 comm="syz.2.1822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd01a75d169 code=0x7ffc0000
[  147.417918][   T29] audit: type=1326 audit(1741347326.017:26635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9101 comm="syz.2.1822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd01a75d169 code=0x7ffc0000
[  147.618035][ T9108] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  147.628682][ T9108] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  147.726794][ T9098] netlink: 'syz.4.1820': attribute type 15 has an invalid length.
[  147.736487][ T9097] pim6reg: left allmulticast mode
[  147.778630][ T9124] loop1: detected capacity change from 0 to 1024
[  147.789194][ T9124] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.811304][ T9122] netlink: 'syz.2.1827': attribute type 6 has an invalid length.
[  147.848450][ T9122] loop2: detected capacity change from 0 to 256
[  147.993515][ T9135] pim6reg: entered allmulticast mode
[  148.176902][ T9147] netlink: 'syz.4.1831': attribute type 1 has an invalid length.
[  148.198613][ T9147] 8021q: adding VLAN 0 to HW filter on device bond5
[  148.219494][ T9137] vlan5: entered promiscuous mode
[  148.224693][ T9137] bond5: entered promiscuous mode
[  148.274802][ T9151] pim6reg: entered allmulticast mode
[  148.650239][ T9134] pim6reg: left allmulticast mode
[  148.741426][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.839562][ T9175] loop4: detected capacity change from 0 to 1024
[  148.875548][ T9175] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  148.886566][ T9175] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  148.926185][ T9175] JBD2: no valid journal superblock found
[  148.931988][ T9175] EXT4-fs (loop4): Could not load journal inode
[  148.979712][ T9175] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  149.094838][ T9150] pim6reg: left allmulticast mode
[  149.225761][ T9197] loop4: detected capacity change from 0 to 1024
[  149.262639][ T9197] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.464042][ T9212] pim6reg: entered allmulticast mode
[  149.475514][ T9213] loop1: detected capacity change from 0 to 1024
[  149.499027][ T9213] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.511282][ T9213] ext4 filesystem being mounted at /394/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.596621][ T9228] FAULT_INJECTION: forcing a failure.
[  149.596621][ T9228] name failslab, interval 1, probability 0, space 0, times 0
[  149.609527][ T9228] CPU: 1 UID: 0 PID: 9228 Comm: syz.3.1857 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  149.609553][ T9228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  149.609567][ T9228] Call Trace:
[  149.609575][ T9228]  <TASK>
[  149.609585][ T9228]  dump_stack_lvl+0xf2/0x150
[  149.609628][ T9228]  dump_stack+0x15/0x1a
[  149.609653][ T9228]  should_fail_ex+0x24a/0x260
[  149.609692][ T9228]  should_failslab+0x8f/0xb0
[  149.609785][ T9228]  __kmalloc_noprof+0xab/0x3f0
[  149.609812][ T9228]  ? __se_sys_name_to_handle_at+0x270/0x560
[  149.609851][ T9228]  __se_sys_name_to_handle_at+0x270/0x560
[  149.609920][ T9228]  ? ksys_write+0x176/0x1b0
[  149.609958][ T9228]  __x64_sys_name_to_handle_at+0x67/0x80
[  149.610047][ T9228]  x64_sys_call+0xe82/0x2dc0
[  149.610075][ T9228]  do_syscall_64+0xc9/0x1c0
[  149.610121][ T9228]  ? clear_bhb_loop+0x55/0xb0
[  149.610152][ T9228]  ? clear_bhb_loop+0x55/0xb0
[  149.610187][ T9228]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.610263][ T9228] RIP: 0033:0x7f37530ed169
[  149.610281][ T9228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.610301][ T9228] RSP: 002b:00007f3751751038 EFLAGS: 00000246 ORIG_RAX: 000000000000012f
[  149.610322][ T9228] RAX: ffffffffffffffda RBX: 00007f3753305fa0 RCX: 00007f37530ed169
[  149.610334][ T9228] RDX: 0000400000004780 RSI: 0000400000004740 RDI: 0000000000000004
[  149.610345][ T9228] RBP: 00007f3751751090 R08: 0000000000001200 R09: 0000000000000000
[  149.610357][ T9228] R10: 00004000000047c0 R11: 0000000000000246 R12: 0000000000000001
[  149.610445][ T9228] R13: 0000000000000000 R14: 00007f3753305fa0 R15: 00007ffd24630048
[  149.610467][ T9228]  </TASK>
[  149.829570][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.034465][ T9210] pim6reg: left allmulticast mode
[  150.111869][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.137993][ T9243] loop4: detected capacity change from 0 to 512
[  150.155432][ T9243] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  150.176014][ T9243] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.1862: Failed to acquire dquot type 0
[  150.190349][ T9244] loop2: detected capacity change from 0 to 512
[  150.207280][ T9244] EXT4-fs: Ignoring removed mblk_io_submit option
[  150.234492][ T9244] EXT4-fs: Mount option(s) incompatible with ext2
[  150.242483][ T9243] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  150.300670][ T9243] EXT4-fs (loop4): 1 truncate cleaned up
[  150.316068][ T9243] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.378339][ T9243] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  150.412002][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.561853][ T9239] validate_nla: 4 callbacks suppressed
[  150.561872][ T9239] netlink: 'syz.3.1861': attribute type 15 has an invalid length.
[  150.656986][ T9265] capability: warning: `syz.4.1868' uses 32-bit capabilities (legacy support in use)
[  150.711112][ T9267] loop4: detected capacity change from 0 to 512
[  150.721204][ T9267] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  150.730941][ T9267] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[  150.744086][ T9267] System zones: 1-12
[  150.748358][ T9267] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1870: corrupted in-inode xattr: e_value size too large
[  150.765677][ T9267] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.1870: couldn't read orphan inode 15 (err -117)
[  150.779779][ T9267] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.800316][ T9267] EXT4-fs warning (device loop4): dx_probe:833: inode #2: comm syz.4.1870: Unrecognised inode hash code 4
[  150.811913][ T9267] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.1870: Corrupt directory, running e2fsck is recommended
[  150.840372][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.865077][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x1
[  150.872554][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  150.880050][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  150.887551][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  150.895023][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  150.902513][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  150.909956][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x4
[  150.917537][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  150.925024][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  150.932445][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  150.940021][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x4
[  150.947528][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  150.955015][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  150.962426][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x4
[  150.969876][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  150.977505][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  150.984948][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x4
[  150.992366][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  150.999821][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  151.007306][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  151.009059][ T9275] lo speed is unknown, defaulting to 1000
[  151.014728][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  151.014759][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  151.025428][ T9275] lo speed is unknown, defaulting to 1000
[  151.027894][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  151.038220][ T9275] lo speed is unknown, defaulting to 1000
[  151.041013][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  151.041038][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  151.069308][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  151.076735][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  151.084291][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  151.088365][ T9275] infiniband s
z1: set active
[  151.091722][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  151.091751][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  151.096483][ T9275] infiniband s
z1: added lo
[  151.103819][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  151.103847][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  151.103874][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  151.111909][ T3381] lo speed is unknown, defaulting to 1000
[  151.115770][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  151.115800][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  151.158765][ T8098] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  151.166278][ T8098] hid-generic 0000:0000:0000.0002: item fetching failed at offset 41/43
[  151.176357][ T8098] hid-generic 0000:0000:0000.0002: probe with driver hid-generic failed with error -22
[  151.258003][ T9275] RDS/IB: s
z1: added
[  151.262067][ T9275] smc: adding ib device s
z1 with port count 1
[  151.269953][ T9275] smc:    ib device s
z1 port 1 has pnetid 
[  151.276040][ T1043] lo speed is unknown, defaulting to 1000
[  151.313324][ T9275] lo speed is unknown, defaulting to 1000
[  151.365248][ T9275] lo speed is unknown, defaulting to 1000
[  151.426555][ T9275] lo speed is unknown, defaulting to 1000
[  151.474880][ T9275] lo speed is unknown, defaulting to 1000
[  151.521565][ T9297] netlink: 'syz.0.1879': attribute type 3 has an invalid length.
[  151.529617][ T9297] __nla_validate_parse: 18 callbacks suppressed
[  151.529635][ T9297] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1879'.
[  151.630877][ T9275] lo speed is unknown, defaulting to 1000
[  152.015176][ T9309] loop2: detected capacity change from 0 to 512
[  152.022099][ T9309] EXT4-fs: Ignoring removed mblk_io_submit option
[  152.039147][ T9309] EXT4-fs: Mount option(s) incompatible with ext2
[  152.131867][ T9324] loop3: detected capacity change from 0 to 1024
[  152.143661][ T9324] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  152.200745][ T9287] syz.4.1876 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  152.212039][ T9287] CPU: 1 UID: 0 PID: 9287 Comm: syz.4.1876 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  152.212140][ T9287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  152.212153][ T9287] Call Trace:
[  152.212160][ T9287]  <TASK>
[  152.212168][ T9287]  dump_stack_lvl+0xf2/0x150
[  152.212273][ T9287]  dump_stack+0x15/0x1a
[  152.212295][ T9287]  dump_header+0x83/0x2d0
[  152.212314][ T9287]  oom_kill_process+0x341/0x4c0
[  152.212352][ T9287]  out_of_memory+0x9af/0xbe0
[  152.212390][ T9287]  ? css_next_descendant_pre+0x11c/0x140
[  152.212419][ T9287]  mem_cgroup_out_of_memory+0x13e/0x190
[  152.212491][ T9287]  try_charge_memcg+0x508/0x7f0
[  152.212516][ T9287]  charge_memcg+0x50/0xc0
[  152.212540][ T9287]  mem_cgroup_swapin_charge_folio+0xd0/0x150
[  152.212568][ T9287]  __read_swap_cache_async+0x236/0x480
[  152.212650][ T9287]  swap_cluster_readahead+0x381/0x3f0
[  152.212687][ T9287]  swapin_readahead+0xe4/0x6f0
[  152.212718][ T9287]  ? __rcu_read_unlock+0x34/0x70
[  152.212748][ T9287]  ? swap_cache_get_folio+0x77/0x210
[  152.212808][ T9287]  do_swap_page+0x31b/0x2550
[  152.212897][ T9287]  ? __rcu_read_lock+0x36/0x50
[  152.212923][ T9287]  ? __pfx_default_wake_function+0x10/0x10
[  152.212968][ T9287]  handle_mm_fault+0x8e4/0x2ac0
[  152.212996][ T9287]  exc_page_fault+0x3b9/0x650
[  152.213100][ T9287]  asm_exc_page_fault+0x26/0x30
[  152.213132][ T9287] RIP: 0033:0x7f5e8b313bfe
[  152.213151][ T9287] Code: 0c 85 c0 74 e7 48 89 df 48 81 c3 e0 00 00 00 e8 18 c4 ff ff 48 39 eb 75 df 0f 1f 00 8b 05 b6 3f 34 00 85 c0 0f 8e a3 fd ff ff <e8> 8d a6 fe ff 49 39 c4 73 a0 48 8d 1d 91 23 34 00 83 3d 96 3f 34
[  152.213228][ T9287] RSP: 002b:00007ffcfa0bf8c0 EFLAGS: 00010202
[  152.213252][ T9287] RAX: 0000000000000001 RBX: 00007f5e8b657ba0 RCX: 0000000000000000
[  152.213267][ T9287] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055555ac10808
[  152.213281][ T9287] RBP: 00007f5e8b657ba0 R08: 0000000000000000 R09: 7fffffffffffffff
[  152.213295][ T9287] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000025294
[  152.213307][ T9287] R13: 00007f5e8b656160 R14: ffffffffffffffff R15: 00007ffcfa0bf9d0
[  152.213326][ T9287]  </TASK>
[  152.418610][ T9287] memory: usage 307200kB, limit 307200kB, failcnt 10730
[  152.425596][ T9287] memory+swap: usage 296584kB, limit 9007199254740988kB, failcnt 0
[  152.433525][ T9287] kmem: usage 281300kB, limit 9007199254740988kB, failcnt 0
[  152.440961][ T9287] Memory cgroup stats for /syz4:
[  152.481794][ T9287] cache 0
[  152.489783][ T9287] rss 0
[  152.492585][ T9287] shmem 0
[  152.495565][ T9287] mapped_file 0
[  152.499044][ T9287] dirty 0
[  152.501989][ T9287] writeback 0
[  152.505323][ T9287] workingset_refault_anon 20
[  152.509919][ T9287] workingset_refault_file 32
[  152.514546][ T9287] swap 311296
[  152.517832][ T9287] swapcached 0
[  152.521375][ T9287] pgpgin 545549
[  152.524907][ T9287] pgpgout 545549
[  152.528513][ T9287] pgfault 538912
[  152.532138][ T9287] pgmajfault 26
[  152.535645][ T9287] inactive_anon 0
[  152.539295][ T9287] active_anon 0
[  152.542756][ T9287] inactive_file 0
[  152.546422][ T9287] active_file 0
[  152.549920][ T9287] unevictable 0
[  152.553411][ T9287] hierarchical_memory_limit 314572800
[  152.558788][ T9287] hierarchical_memsw_limit 9223372036854771712
[  152.564987][ T9287] total_cache 0
[  152.568451][ T9287] total_rss 0
[  152.571798][ T9287] total_shmem 0
[  152.575286][ T9287] total_mapped_file 0
[  152.579450][ T9287] total_dirty 0
[  152.583110][ T9287] total_writeback 0
[  152.586939][ T9287] total_workingset_refault_anon 20
[  152.592079][ T9287] total_workingset_refault_file 32
[  152.597255][ T9287] total_swap 311296
[  152.601075][ T9287] total_swapcached 0
[  152.605007][ T9287] total_pgpgin 545549
[  152.608989][ T9287] total_pgpgout 545549
[  152.613082][ T9287] total_pgfault 538912
[  152.617174][ T9287] total_pgmajfault 26
[  152.621180][ T9287] total_inactive_anon 0
[  152.625404][ T9287] total_active_anon 0
[  152.629467][ T9287] total_inactive_file 0
[  152.633791][ T9287] total_active_file 0
[  152.637802][ T9287] total_unevictable 0
[  152.641799][ T9287] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.1876,pid=9287,uid=0
[  152.656503][ T9287] Memory cgroup out of memory: Killed process 9287 (syz.4.1876) total-vm:93844kB, anon-rss:916kB, file-rss:22316kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  152.707455][   T29] kauditd_printk_skb: 61 callbacks suppressed
[  152.707472][   T29] audit: type=1326 audit(1741347331.327:26695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9334 comm="syz.2.1892" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd01a75d169 code=0x0
[  152.726691][ T9324] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1890'.
[  152.754334][ T9337] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1891'.
[  152.786571][ T9340] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1893'.
[  152.932870][ T9342] loop1: detected capacity change from 0 to 512
[  152.950721][ T9342] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  152.998081][ T9289] syz.4.1876 (9289) used greatest stack depth: 9088 bytes left
[  153.008090][ T9342] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[  153.018622][ T9342] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  153.028095][ T9342] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.1894: Failed to acquire dquot type 0
[  153.072056][ T9342] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  153.089923][ T9342] EXT4-fs (loop1): 1 truncate cleaned up
[  153.096262][ T9342] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.110699][   T29] audit: type=1326 audit(1741347331.727:26696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9341 comm="syz.1.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe446d2d169 code=0x7ffc0000
[  153.140054][   T29] audit: type=1326 audit(1741347331.757:26697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9341 comm="syz.1.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe446d2d169 code=0x7ffc0000
[  153.163652][   T29] audit: type=1326 audit(1741347331.757:26698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9341 comm="syz.1.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe446d2d169 code=0x7ffc0000
[  153.187268][   T29] audit: type=1326 audit(1741347331.757:26699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9341 comm="syz.1.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe446d2d169 code=0x7ffc0000
[  153.210858][   T29] audit: type=1326 audit(1741347331.757:26700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9341 comm="syz.1.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe446d2d169 code=0x7ffc0000
[  153.234405][   T29] audit: type=1326 audit(1741347331.757:26701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9341 comm="syz.1.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe446d2d169 code=0x7ffc0000
[  153.257995][   T29] audit: type=1326 audit(1741347331.757:26702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9341 comm="syz.1.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe446d2d169 code=0x7ffc0000
[  153.284725][ T9342] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  153.311651][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.349146][ T9357] FAULT_INJECTION: forcing a failure.
[  153.349146][ T9357] name failslab, interval 1, probability 0, space 0, times 0
[  153.362053][ T9357] CPU: 1 UID: 0 PID: 9357 Comm: syz.4.1897 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  153.362081][ T9357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  153.362095][ T9357] Call Trace:
[  153.362102][ T9357]  <TASK>
[  153.362110][ T9357]  dump_stack_lvl+0xf2/0x150
[  153.362144][ T9357]  dump_stack+0x15/0x1a
[  153.362172][ T9357]  should_fail_ex+0x24a/0x260
[  153.362269][ T9357]  ? percpu_ref_init+0x96/0x240
[  153.362302][ T9357]  should_failslab+0x8f/0xb0
[  153.362337][ T9357]  ? __pfx_active_io_release+0x10/0x10
[  153.362365][ T9357]  __kmalloc_cache_noprof+0x4e/0x320
[  153.362471][ T9357]  ? __pfx_active_io_release+0x10/0x10
[  153.362501][ T9357]  percpu_ref_init+0x96/0x240
[  153.362535][ T9357]  ? mddev_init+0x14/0x420
[  153.362612][ T9357]  mddev_init+0x31/0x420
[  153.362632][ T9357]  md_alloc+0xa9/0xa00
[  153.362658][ T9357]  ? __pfx_resume_store+0x10/0x10
[  153.362682][ T9357]  md_alloc_and_put+0x18/0x150
[  153.362811][ T9357]  md_probe+0x79/0x90
[  153.362897][ T9357]  ? __pfx_md_probe+0x10/0x10
[  153.362929][ T9357]  blk_request_module+0x1bb/0x1e0
[  153.362965][ T9357]  blkdev_get_no_open+0x43/0xe0
[  153.363000][ T9357]  bdev_file_open_by_dev+0x99/0x220
[  153.363169][ T9357]  ? __pfx_resume_store+0x10/0x10
[  153.363199][ T9357]  swsusp_check+0x3f/0x260
[  153.363234][ T9357]  software_resume+0x43/0x2e0
[  153.363256][ T9357]  resume_store+0x34e/0x3a0
[  153.363388][ T9357]  kobj_attr_store+0x47/0x70
[  153.363414][ T9357]  ? __pfx_kobj_attr_store+0x10/0x10
[  153.363443][ T9357]  sysfs_kf_write+0xae/0xd0
[  153.363470][ T9357]  ? __pfx_sysfs_kf_write+0x10/0x10
[  153.363492][ T9357]  kernfs_fop_write_iter+0x1c8/0x2c0
[  153.363605][ T9357]  vfs_write+0x77b/0x920
[  153.363630][ T9357]  ? bpf_get_current_ancestor_cgroup_id+0xce/0xe0
[  153.363664][ T9357]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  153.363829][ T9357]  ksys_write+0xe8/0x1b0
[  153.363862][ T9357]  __x64_sys_write+0x42/0x50
[  153.363943][ T9357]  x64_sys_call+0x287e/0x2dc0
[  153.363977][ T9357]  do_syscall_64+0xc9/0x1c0
[  153.364013][ T9357]  ? clear_bhb_loop+0x55/0xb0
[  153.364079][ T9357]  ? clear_bhb_loop+0x55/0xb0
[  153.364176][ T9357]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.364238][ T9357] RIP: 0033:0x7f5e8b43d169
[  153.364255][ T9357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.364274][ T9357] RSP: 002b:00007f5e89a86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  153.364292][ T9357] RAX: ffffffffffffffda RBX: 00007f5e8b656080 RCX: 00007f5e8b43d169
[  153.364317][ T9357] RDX: 0000000000000012 RSI: 0000400000000000 RDI: 0000000000000003
[  153.364332][ T9357] RBP: 00007f5e89a86090 R08: 0000000000000000 R09: 0000000000000000
[  153.364347][ T9357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  153.364362][ T9357] R13: 0000000000000000 R14: 00007f5e8b656080 R15: 00007ffcfa0bf758
[  153.364391][ T9357]  </TASK>
[  153.653557][ T9357] netlink: 112 bytes leftover after parsing attributes in process `syz.4.1897'.
[  153.664867][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.686602][ T9360] FAULT_INJECTION: forcing a failure.
[  153.686602][ T9360] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.699986][ T9360] CPU: 0 UID: 0 PID: 9360 Comm: syz.2.1903 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  153.700019][ T9360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  153.700077][ T9360] Call Trace:
[  153.700085][ T9360]  <TASK>
[  153.700095][ T9360]  dump_stack_lvl+0xf2/0x150
[  153.700155][ T9360]  dump_stack+0x15/0x1a
[  153.700182][ T9360]  should_fail_ex+0x24a/0x260
[  153.700219][ T9360]  should_fail+0xb/0x10
[  153.700252][ T9360]  should_fail_usercopy+0x1a/0x20
[  153.700362][ T9360]  _copy_from_user+0x1c/0xa0
[  153.700385][ T9360]  kstrtouint_from_user+0x76/0xe0
[  153.700442][ T9360]  ? 0xffffffff81000000
[  153.700458][ T9360]  ? selinux_file_permission+0x22a/0x360
[  153.700500][ T9360]  proc_fail_nth_write+0x4f/0x150
[  153.700587][ T9360]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  153.700641][ T9360]  vfs_write+0x27d/0x920
[  153.700672][ T9360]  ? bpf_get_current_ancestor_cgroup_id+0xce/0xe0
[  153.700706][ T9360]  ? __fget_files+0x17c/0x1c0
[  153.700750][ T9360]  ksys_write+0xe8/0x1b0
[  153.700798][ T9360]  __x64_sys_write+0x42/0x50
[  153.700881][ T9360]  x64_sys_call+0x287e/0x2dc0
[  153.700914][ T9360]  do_syscall_64+0xc9/0x1c0
[  153.700953][ T9360]  ? clear_bhb_loop+0x55/0xb0
[  153.700997][ T9360]  ? clear_bhb_loop+0x55/0xb0
[  153.701030][ T9360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.701064][ T9360] RIP: 0033:0x7fd01a75bc1f
[  153.701082][ T9360] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  153.701104][ T9360] RSP: 002b:00007fd018dc1030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  153.701151][ T9360] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd01a75bc1f
[  153.701165][ T9360] RDX: 0000000000000001 RSI: 00007fd018dc10a0 RDI: 0000000000000004
[  153.701180][ T9360] RBP: 00007fd018dc1090 R08: 0000000000000000 R09: 0000000000000000
[  153.701265][ T9360] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  153.701279][ T9360] R13: 0000000000000000 R14: 00007fd01a975fa0 R15: 00007ffc5df447a8
[  153.701301][ T9360]  </TASK>
[  153.927855][ T9364] loop1: detected capacity change from 0 to 512
[  153.937458][ T9364] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  153.957562][ T9370] FAULT_INJECTION: forcing a failure.
[  153.957562][ T9370] name failslab, interval 1, probability 0, space 0, times 0
[  153.971026][ T9370] CPU: 0 UID: 0 PID: 9370 Comm: syz.2.1906 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  153.971057][ T9370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  153.971073][ T9370] Call Trace:
[  153.971094][ T9370]  <TASK>
[  153.971104][ T9370]  dump_stack_lvl+0xf2/0x150
[  153.971139][ T9370]  dump_stack+0x15/0x1a
[  153.971167][ T9370]  should_fail_ex+0x24a/0x260
[  153.971204][ T9370]  ? p9_fd_create+0xc6/0x260
[  153.971267][ T9370]  should_failslab+0x8f/0xb0
[  153.971362][ T9370]  __kmalloc_cache_noprof+0x4e/0x320
[  153.971391][ T9370]  p9_fd_create+0xc6/0x260
[  153.971423][ T9370]  p9_client_create+0x5ee/0xb90
[  153.971455][ T9370]  v9fs_session_init+0xf9/0xda0
[  153.971534][ T9370]  ? v9fs_mount+0x53/0x570
[  153.971558][ T9370]  ? should_fail_ex+0xd7/0x260
[  153.971596][ T9370]  ? v9fs_mount+0x53/0x570
[  153.971618][ T9370]  ? __kmalloc_cache_noprof+0x186/0x320
[  153.971649][ T9370]  v9fs_mount+0x69/0x570
[  153.971711][ T9370]  ? __pfx_v9fs_mount+0x10/0x10
[  153.971746][ T9370]  legacy_get_tree+0x77/0xd0
[  153.971784][ T9370]  vfs_get_tree+0x56/0x1e0
[  153.971883][ T9370]  do_new_mount+0x227/0x690
[  153.971917][ T9370]  path_mount+0x49b/0xb30
[  153.971987][ T9370]  __se_sys_mount+0x27f/0x2d0
[  153.972023][ T9370]  ? fput+0x1c4/0x200
[  153.972094][ T9370]  __x64_sys_mount+0x67/0x80
[  153.972134][ T9370]  x64_sys_call+0x2c84/0x2dc0
[  153.972269][ T9370]  do_syscall_64+0xc9/0x1c0
[  153.972302][ T9370]  ? clear_bhb_loop+0x55/0xb0
[  153.972378][ T9370]  ? clear_bhb_loop+0x55/0xb0
[  153.972413][ T9370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.972446][ T9370] RIP: 0033:0x7fd01a75d169
[  153.972463][ T9370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.972482][ T9370] RSP: 002b:00007fd018dc1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  153.972575][ T9370] RAX: ffffffffffffffda RBX: 00007fd01a975fa0 RCX: 00007fd01a75d169
[  153.972644][ T9370] RDX: 00004000000002c0 RSI: 0000400000000080 RDI: 0000000000000000
[  153.972659][ T9370] RBP: 00007fd018dc1090 R08: 0000400000000400 R09: 0000000000000000
[  153.972674][ T9370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  153.972689][ T9370] R13: 0000000000000000 R14: 00007fd01a975fa0 R15: 00007ffc5df447a8
[  153.972712][ T9370]  </TASK>
[  154.211538][ T9374] netlink: 'syz.0.1905': attribute type 16 has an invalid length.
[  154.219520][ T9374] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1905'.
[  154.229016][ T9364] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.1900: Failed to acquire dquot type 0
[  154.241903][ T9364] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  154.257128][ T9364] EXT4-fs (loop1): 1 truncate cleaned up
[  154.262113][ T9376] loop4: detected capacity change from 0 to 512
[  154.263508][ T9364] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.287967][ T9364] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  154.301426][ T9376] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  154.325198][ T9381] SELinux:  Context system_u:object_r:udev_helper_exec_t:s0 is not valid (left unmapped).
[  154.334981][ T9376] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.1907: Failed to acquire dquot type 0
[  154.346797][ T9377] loop3: detected capacity change from 0 to 512
[  154.354913][ T9377] EXT4-fs: Ignoring removed mblk_io_submit option
[  154.357605][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.371263][ T9377] EXT4-fs: Mount option(s) incompatible with ext2
[  154.379576][ T9376] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  154.404042][ T9376] EXT4-fs (loop4): 1 truncate cleaned up
[  154.410312][ T9376] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.436190][ T9376] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  154.502663][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.548540][ T9397] lo speed is unknown, defaulting to 1000
[  154.838806][ T9402] loop3: detected capacity change from 0 to 164
[  154.980954][ T9404] loop3: detected capacity change from 0 to 128
[  155.063895][ T9404] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1917'.
[  155.153383][ T9408] lo speed is unknown, defaulting to 1000
[  155.181163][ T9397] sit0: entered promiscuous mode
[  155.186263][ T9397] sit0: entered allmulticast mode
[  155.293223][ T9412] FAULT_INJECTION: forcing a failure.
[  155.293223][ T9412] name failslab, interval 1, probability 0, space 0, times 0
[  155.306104][ T9412] CPU: 1 UID: 0 PID: 9412 Comm: syz.1.1919 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  155.306136][ T9412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  155.306151][ T9412] Call Trace:
[  155.306157][ T9412]  <TASK>
[  155.306165][ T9412]  dump_stack_lvl+0xf2/0x150
[  155.306192][ T9412]  dump_stack+0x15/0x1a
[  155.306213][ T9412]  should_fail_ex+0x24a/0x260
[  155.306269][ T9412]  should_failslab+0x8f/0xb0
[  155.306298][ T9412]  kmem_cache_alloc_noprof+0x52/0x320
[  155.306321][ T9412]  ? hashtab_duplicate+0x10f/0x370
[  155.306357][ T9412]  hashtab_duplicate+0x10f/0x370
[  155.306457][ T9412]  ? __pfx_cond_bools_copy+0x10/0x10
[  155.306484][ T9412]  ? __pfx_cond_bools_destroy+0x10/0x10
[  155.306563][ T9412]  cond_policydb_dup+0xd9/0x4d0
[  155.306592][ T9412]  security_set_bools+0xa8/0x350
[  155.306672][ T9412]  ? sel_commit_bools_write+0x164/0x260
[  155.306696][ T9412]  sel_commit_bools_write+0x1de/0x260
[  155.306719][ T9412]  vfs_writev+0x3fa/0x880
[  155.306743][ T9412]  ? __pfx_sel_commit_bools_write+0x10/0x10
[  155.306825][ T9412]  ? mutex_lock+0xd/0x40
[  155.306865][ T9412]  do_writev+0xf4/0x220
[  155.306890][ T9412]  __x64_sys_writev+0x45/0x50
[  155.306923][ T9412]  x64_sys_call+0x1fab/0x2dc0
[  155.306963][ T9412]  do_syscall_64+0xc9/0x1c0
[  155.306995][ T9412]  ? clear_bhb_loop+0x55/0xb0
[  155.307029][ T9412]  ? clear_bhb_loop+0x55/0xb0
[  155.307056][ T9412]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.307095][ T9412] RIP: 0033:0x7fe446d2d169
[  155.307113][ T9412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.307136][ T9412] RSP: 002b:00007fe445391038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  155.307158][ T9412] RAX: ffffffffffffffda RBX: 00007fe446f45fa0 RCX: 00007fe446d2d169
[  155.307172][ T9412] RDX: 0000000000000001 RSI: 00004000000025c0 RDI: 0000000000000004
[  155.307186][ T9412] RBP: 00007fe445391090 R08: 0000000000000000 R09: 0000000000000000
[  155.307200][ T9412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  155.307271][ T9412] R13: 0000000000000000 R14: 00007fe446f45fa0 R15: 00007ffd5ceccbe8
[  155.307290][ T9412]  </TASK>
[  155.334782][ T9414] lo speed is unknown, defaulting to 1000
[  155.447019][ T9408] loop2: detected capacity change from 0 to 1024
[  155.551752][ T9408] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.621884][ T9422] pim6reg: entered allmulticast mode
[  155.706258][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.941039][ T9439] loop2: detected capacity change from 0 to 512
[  155.954790][ T9439] EXT4-fs: Ignoring removed mblk_io_submit option
[  155.982171][ T9439] EXT4-fs: Mount option(s) incompatible with ext2
[  155.999794][ T9447] loop3: detected capacity change from 0 to 1024
[  156.030497][ T9447] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  156.049416][ T9447] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 43 with error 28
[  156.061874][ T9447] EXT4-fs (loop3): This should not happen!! Data will be lost
[  156.061874][ T9447] 
[  156.071660][ T9447] EXT4-fs (loop3): Total free blocks count 0
[  156.077837][ T9447] EXT4-fs (loop3): Free/Dirty block details
[  156.083846][ T9447] EXT4-fs (loop3): free_blocks=20480
[  156.089205][ T9447] EXT4-fs (loop3): dirty_blocks=64
[  156.094449][ T9447] EXT4-fs (loop3): Block reservation details
[  156.100554][ T9447] EXT4-fs (loop3): i_reserved_data_blocks=4
[  156.132272][ T9422] netlink: 'syz.4.1922': attribute type 15 has an invalid length.
[  156.140852][ T9422] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1922'.
[  156.150280][ T9421] pim6reg: left allmulticast mode
[  156.181959][ T9405] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  156.194391][ T9405] EXT4-fs (loop3): This should not happen!! Data will be lost
[  156.194391][ T9405] 
[  156.254545][ T9455] loop3: detected capacity change from 0 to 512
[  156.261146][ T9455] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  156.487958][ T9466] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1937'.
[  156.578810][ T9472] loop4: detected capacity change from 0 to 512
[  156.586121][ T9472] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  156.604369][ T9472] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.1939: Failed to acquire dquot type 0
[  156.620125][ T9472] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  156.635528][ T9472] EXT4-fs (loop4): 1 truncate cleaned up
[  156.645585][ T9472] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  156.683339][ T9478] loop2: detected capacity change from 0 to 128
[  156.689992][ T9478] msdos: Unknown parameter '�Bi(�솝��L����Io�n$wn�砯�b'
[  156.782913][ T9488] pim6reg: entered allmulticast mode
[  156.851397][ T9494] ip6gre1: entered allmulticast mode
[  156.987056][ T9502] loop4: detected capacity change from 0 to 4096
[  156.994274][ T9502] EXT4-fs: Ignoring removed nomblk_io_submit option
[  157.016179][ T9502] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #15: comm syz.4.1949: corrupted inode contents
[  157.031612][ T9502] EXT4-fs error (device loop4): ext4_dirty_inode:6042: inode #15: comm syz.4.1949: mark_inode_dirty error
[  157.043518][ T9502] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #15: comm syz.4.1949: corrupted inode contents
[  157.056099][ T9502] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.1949: mark_inode_dirty error
[  157.071270][ T9502] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #15: comm syz.4.1949: corrupted inode contents
[  157.086788][ T9502] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.1949: mark_inode_dirty error
[  157.100648][ T9502] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #15: comm syz.4.1949: corrupted inode contents
[  157.116183][ T9502] EXT4-fs error (device loop4): ext4_truncate:4240: inode #15: comm syz.4.1949: mark_inode_dirty error
[  157.140934][ T9502] EXT4-fs error (device loop4) in ext4_setattr:5569: Corrupt filesystem
[  157.160139][ T9504] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #15: comm syz.4.1949: corrupted inode contents
[  157.178562][ T9504] EXT4-fs warning (device loop4): swap_inode_boot_loader:477: couldn't mark inode #15 dirty (err -117)
[  157.205090][ T9488] netlink: 'syz.1.1945': attribute type 15 has an invalid length.
[  157.213716][ T9488] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1945'.
[  157.223503][ T9487] pim6reg: left allmulticast mode
[  157.296480][ T9509] loop3: detected capacity change from 0 to 512
[  157.303159][ T9509] EXT4-fs: Ignoring removed mblk_io_submit option
[  157.310182][ T9509] EXT4-fs: Mount option(s) incompatible with ext2
[  157.323270][ T9502] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1949'.
[  157.376285][ T9514] nfs4: Bad value for 'source'
[  157.426044][ T9518] loop4: detected capacity change from 0 to 512
[  157.436704][ T9518] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  157.458797][ T9518] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.1953: Failed to acquire dquot type 0
[  157.471807][ T9518] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  157.491068][ T9518] EXT4-fs (loop4): 1 truncate cleaned up
[  157.501113][ T9518] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  157.534218][ T9524] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1956'.
[  157.545288][ T9524] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[  157.612636][ T9535] FAULT_INJECTION: forcing a failure.
[  157.612636][ T9535] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.619075][ T9533] pim6reg: entered allmulticast mode
[  157.625921][ T9535] CPU: 1 UID: 0 PID: 9535 Comm: syz.4.1955 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  157.625958][ T9535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  157.625974][ T9535] Call Trace:
[  157.625981][ T9535]  <TASK>
[  157.625989][ T9535]  dump_stack_lvl+0xf2/0x150
[  157.626026][ T9535]  dump_stack+0x15/0x1a
[  157.626054][ T9535]  should_fail_ex+0x24a/0x260
[  157.626169][ T9535]  should_fail+0xb/0x10
[  157.626203][ T9535]  should_fail_usercopy+0x1a/0x20
[  157.626243][ T9535]  _copy_from_user+0x1c/0xa0
[  157.626268][ T9535]  memdup_user+0x64/0xc0
[  157.626337][ T9535]  strndup_user+0x68/0xa0
[  157.626372][ T9535]  __se_sys_mount+0x91/0x2d0
[  157.626410][ T9535]  ? fput+0x1c4/0x200
[  157.626436][ T9535]  ? ksys_write+0x176/0x1b0
[  157.626471][ T9535]  __x64_sys_mount+0x67/0x80
[  157.626535][ T9535]  x64_sys_call+0x2c84/0x2dc0
[  157.626607][ T9535]  do_syscall_64+0xc9/0x1c0
[  157.626646][ T9535]  ? clear_bhb_loop+0x55/0xb0
[  157.626680][ T9535]  ? clear_bhb_loop+0x55/0xb0
[  157.626715][ T9535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.626753][ T9535] RIP: 0033:0x7f5e8b43d169
[  157.626773][ T9535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.626830][ T9535] RSP: 002b:00007f5e89aa7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  157.626855][ T9535] RAX: ffffffffffffffda RBX: 00007f5e8b655fa0 RCX: 00007f5e8b43d169
[  157.626871][ T9535] RDX: 00004000000003c0 RSI: 0000400000000240 RDI: 00004000000001c0
[  157.626886][ T9535] RBP: 00007f5e89aa7090 R08: 0000000000000000 R09: 0000000000000000
[  157.626934][ T9535] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000001
[  157.626950][ T9535] R13: 0000000000000000 R14: 00007f5e8b655fa0 R15: 00007ffcfa0bf758
[  157.626973][ T9535]  </TASK>
[  157.821907][ T9545] pim6reg: entered allmulticast mode
[  157.958399][ T9548] netlink: 'syz.1.1960': attribute type 15 has an invalid length.
[  157.966388][ T9548] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1960'.
[  158.020303][ T9551] loop3: detected capacity change from 0 to 512
[  158.036689][ T9551] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  158.087160][ T9551] __quota_error: 184 callbacks suppressed
[  158.087243][ T9551] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[  158.104279][ T9551] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  158.113885][ T9551] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.1965: Failed to acquire dquot type 0
[  158.129472][ T9551] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  158.147528][ T9551] EXT4-fs (loop3): 1 truncate cleaned up
[  158.162817][ T9532] pim6reg: left allmulticast mode
[  158.176062][   T29] audit: type=1326 audit(1741347336.797:26879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9550 comm="syz.3.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37530ed169 code=0x7ffc0000
[  158.199956][ T9551] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  158.200017][   T29] audit: type=1326 audit(1741347336.797:26880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9550 comm="syz.3.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f37530ed169 code=0x7ffc0000
[  158.233943][   T29] audit: type=1326 audit(1741347336.797:26881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9550 comm="syz.3.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37530ed169 code=0x7ffc0000
[  158.257642][   T29] audit: type=1326 audit(1741347336.797:26882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9550 comm="syz.3.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f37530ed169 code=0x7ffc0000
[  158.281754][   T29] audit: type=1326 audit(1741347336.797:26883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9550 comm="syz.3.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37530ed169 code=0x7ffc0000
[  158.305563][   T29] audit: type=1326 audit(1741347336.797:26884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9550 comm="syz.3.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f37530ed169 code=0x7ffc0000
[  158.329155][   T29] audit: type=1326 audit(1741347336.797:26885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9550 comm="syz.3.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37530ed169 code=0x7ffc0000
[  158.352702][   T29] audit: type=1326 audit(1741347336.797:26886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9550 comm="syz.3.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f37530ed169 code=0x7ffc0000
[  158.382526][ T3298] EXT4-fs unmount: 9 callbacks suppressed
[  158.382599][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.411039][ T9545] netlink: 'syz.4.1964': attribute type 15 has an invalid length.
[  158.418986][ T9545] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1964'.
[  158.428587][ T9544] pim6reg: left allmulticast mode
[  158.566639][ T9565] IPv6: Can't replace route, no match found
[  158.578013][ T9566] loop3: detected capacity change from 0 to 2048
[  158.634404][ T9566]  loop3: p1 < > p4
[  158.644104][ T9566] loop3: p4 size 8388608 extends beyond EOD, truncated
[  158.864143][ T9585] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1976'.
[  158.877932][ T9578] loop3: detected capacity change from 0 to 8192
[  158.887156][ T9578] vfat: Unknown parameter ''
[  158.896914][ T9585] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  158.908810][ T9590] FAULT_INJECTION: forcing a failure.
[  158.908810][ T9590] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  158.922351][ T9590] CPU: 1 UID: 0 PID: 9590 Comm: syz.4.1978 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  158.922381][ T9590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  158.922396][ T9590] Call Trace:
[  158.922404][ T9590]  <TASK>
[  158.922413][ T9590]  dump_stack_lvl+0xf2/0x150
[  158.922454][ T9590]  dump_stack+0x15/0x1a
[  158.922518][ T9590]  should_fail_ex+0x24a/0x260
[  158.922549][ T9590]  should_fail+0xb/0x10
[  158.922620][ T9590]  should_fail_usercopy+0x1a/0x20
[  158.922715][ T9590]  _copy_to_user+0x20/0xa0
[  158.922741][ T9590]  simple_read_from_buffer+0xa0/0x110
[  158.922782][ T9590]  proc_fail_nth_read+0xf9/0x140
[  158.922820][ T9590]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  158.922857][ T9590]  vfs_read+0x19b/0x6f0
[  158.922888][ T9590]  ? __rcu_read_unlock+0x4e/0x70
[  158.922916][ T9590]  ? __fget_files+0x17c/0x1c0
[  158.923071][ T9590]  ksys_read+0xe8/0x1b0
[  158.923107][ T9590]  __x64_sys_read+0x42/0x50
[  158.923139][ T9590]  x64_sys_call+0x2874/0x2dc0
[  158.923187][ T9590]  do_syscall_64+0xc9/0x1c0
[  158.923225][ T9590]  ? clear_bhb_loop+0x55/0xb0
[  158.923269][ T9590]  ? clear_bhb_loop+0x55/0xb0
[  158.923300][ T9590]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.923334][ T9590] RIP: 0033:0x7f5e8b43bb7c
[  158.923370][ T9590] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  158.923398][ T9590] RSP: 002b:00007f5e89aa7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  158.923428][ T9590] RAX: ffffffffffffffda RBX: 00007f5e8b655fa0 RCX: 00007f5e8b43bb7c
[  158.923444][ T9590] RDX: 000000000000000f RSI: 00007f5e89aa70a0 RDI: 0000000000000006
[  158.923460][ T9590] RBP: 00007f5e89aa7090 R08: 0000000000000000 R09: 0000000000000000
[  158.923475][ T9590] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  158.923490][ T9590] R13: 0000000000000000 R14: 00007f5e8b655fa0 R15: 00007ffcfa0bf758
[  158.923522][ T9590]  </TASK>
[  159.175077][ T9597] loop3: detected capacity change from 0 to 512
[  159.195385][ T9597] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.208795][ T9597] ext4 filesystem being mounted at /370/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.283033][ T9597] loop3: detected capacity change from 512 to 64
[  159.336853][ T3298] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5838: Out of memory
[  159.346139][ T3298] EXT4-fs error (device loop3): ext4_dirty_inode:6042: inode #2: comm syz-executor: mark_inode_dirty error
[  159.584160][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.611619][ T2684] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.685742][ T2684] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.771433][ T9618] loop1: detected capacity change from 0 to 256
[  159.780165][ T2684] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.857495][ T2684] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.980740][ T9622] pim6reg: entered allmulticast mode
[  160.115029][ T2684] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  160.137294][ T2684] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  160.168090][ T2684] bond0 (unregistering): Released all slaves
[  160.189538][ T2684] bond1 (unregistering): left promiscuous mode
[  160.202003][ T2684] bond1 (unregistering): Released all slaves
[  160.214845][ T2684] bond2 (unregistering): left promiscuous mode
[  160.226486][ T2684] bond2 (unregistering): Released all slaves
[  160.237459][ T2684] bond3 (unregistering): left promiscuous mode
[  160.248250][ T2684] bond3 (unregistering): Released all slaves
[  160.259409][ T2684] bond4 (unregistering): left promiscuous mode
[  160.269377][ T2684] bond4 (unregistering): Released all slaves
[  160.308703][ T9637] loop4: detected capacity change from 0 to 512
[  160.335398][ T9637] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  160.380493][ T9637] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.1991: Failed to acquire dquot type 0
[  160.415214][ T9624] lo speed is unknown, defaulting to 1000
[  160.424354][ T9637] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  160.442632][ T9637] EXT4-fs (loop4): 1 truncate cleaned up
[  160.451559][ T9637] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.470570][ T2684] hsr_slave_0: left promiscuous mode
[  160.492508][ T2684] hsr_slave_1: left promiscuous mode
[  160.502817][ T2684] veth1_macvtap: left promiscuous mode
[  160.511601][ T2684] veth0_macvtap: left promiscuous mode
[  160.517259][ T2684] veth1_vlan: left promiscuous mode
[  160.517501][ T9637] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  160.522586][ T2684] veth0_vlan: left promiscuous mode
[  160.547403][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.580039][ T2684] pim6reg (unregistering): left allmulticast mode
[  160.641826][ T9646] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  160.652059][ T9622] netlink: 'syz.1.1988': attribute type 15 has an invalid length.
[  160.660252][ T9622] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1988'.
[  160.672954][ T9621] pim6reg: left allmulticast mode
[  160.720880][ T9653] lo speed is unknown, defaulting to 1000
[  160.729316][ T9624] chnl_net:caif_netlink_parms(): no params data found
[  160.804207][ T9624] bridge0: port 1(bridge_slave_0) entered blocking state
[  160.811319][ T9624] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.822507][ T9624] bridge_slave_0: entered allmulticast mode
[  160.830496][ T9624] bridge_slave_0: entered promiscuous mode
[  160.869543][ T9624] bridge0: port 2(bridge_slave_1) entered blocking state
[  160.876713][ T9624] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.898381][ T9624] bridge_slave_1: entered allmulticast mode
[  160.905205][ T9624] bridge_slave_1: entered promiscuous mode
[  160.942742][ T9624] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  160.959997][ T9624] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  160.985862][ T9624] team0: Port device team_slave_0 added
[  160.992717][ T9624] team0: Port device team_slave_1 added
[  161.010769][ T9624] batman_adv: batadv0: Adding interface: batadv_slave_0
[  161.018683][ T9624] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  161.045724][ T9624] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  161.057131][ T9624] batman_adv: batadv0: Adding interface: batadv_slave_1
[  161.064137][ T9624] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  161.090219][ T9624] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  161.121980][ T9624] hsr_slave_0: entered promiscuous mode
[  161.131282][ T9624] hsr_slave_1: entered promiscuous mode
[  161.226629][ T9624] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  161.235869][ T9624] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  161.248757][ T9624] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  161.257879][ T9624] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  161.279725][ T9624] bridge0: port 2(bridge_slave_1) entered blocking state
[  161.286922][ T9624] bridge0: port 2(bridge_slave_1) entered forwarding state
[  161.294315][ T9624] bridge0: port 1(bridge_slave_0) entered blocking state
[  161.301463][ T9624] bridge0: port 1(bridge_slave_0) entered forwarding state
[  161.347304][ T9624] 8021q: adding VLAN 0 to HW filter on device bond0
[  161.358925][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  161.371517][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  161.392424][ T9624] 8021q: adding VLAN 0 to HW filter on device team0
[  161.402907][   T28] bridge0: port 1(bridge_slave_0) entered blocking state
[  161.410041][   T28] bridge0: port 1(bridge_slave_0) entered forwarding state
[  161.441410][ T9672] loop4: detected capacity change from 0 to 512
[  161.452814][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[  161.459993][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[  161.470487][ T9672] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  161.487781][ T9672] EXT4-fs (loop4): 1 truncate cleaned up
[  161.495629][ T9672] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.530360][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.549495][ T9624] 8021q: adding VLAN 0 to HW filter on device batadv0
[  161.721924][ T9624] veth0_vlan: entered promiscuous mode
[  161.731300][ T9624] veth1_vlan: entered promiscuous mode
[  161.746645][ T9624] veth0_macvtap: entered promiscuous mode
[  161.755677][ T9624] veth1_macvtap: entered promiscuous mode
[  161.767704][ T9624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  161.778277][ T9624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.788326][ T9624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  161.798863][ T9624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.808702][ T9624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  161.819251][ T9624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.831070][ T9624] batman_adv: batadv0: Interface activated: batadv_slave_0
[  161.849283][ T9699] pim6reg: entered allmulticast mode
[  161.855724][ T9624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  161.866324][ T9624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.876390][ T9624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  161.887865][ T9624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.897780][ T9624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  161.908347][ T9624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.926197][ T9624] batman_adv: batadv0: Interface activated: batadv_slave_1
[  161.936840][ T9698] lo speed is unknown, defaulting to 1000
[  161.954451][ T9624] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  161.963343][ T9624] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  161.972060][ T9624] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  161.981484][ T9624] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  162.151145][ T9701] netlink: 'syz.0.2001': attribute type 15 has an invalid length.
[  162.159817][ T9701] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2001'.
[  162.281891][ T9708] loop5: detected capacity change from 0 to 128
[  162.356817][ T9708] syz.5.2002: attempt to access beyond end of device
[  162.356817][ T9708] loop5: rw=2049, sector=145, nr_sectors = 896 limit=128
[  162.474243][ T9708] syz.5.2002: attempt to access beyond end of device
[  162.474243][ T9708] loop5: rw=524288, sector=145, nr_sectors = 224 limit=128
[  162.533152][ T9708] syz.5.2002: attempt to access beyond end of device
[  162.533152][ T9708] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  162.552905][ T9708] syz.5.2002: attempt to access beyond end of device
[  162.552905][ T9708] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  162.573756][ T9710] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  162.579343][ T9708] syz.5.2002: attempt to access beyond end of device
[  162.579343][ T9708] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  162.637344][ T9708] syz.5.2002: attempt to access beyond end of device
[  162.637344][ T9708] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  162.750504][ T9697] pim6reg: left allmulticast mode
[  162.781258][ T9717] lo speed is unknown, defaulting to 1000
[  162.865170][ T9720] loop5: detected capacity change from 0 to 1024
[  162.919020][ T9720] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.089772][ T9727] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2007'.
[  163.090386][ T9624] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.222700][   T29] kauditd_printk_skb: 81 callbacks suppressed
[  163.222716][   T29] audit: type=1326 audit(1741347341.837:26966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9734 comm="syz.0.2011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5bf35d169 code=0x7ffc0000
[  163.265376][   T29] audit: type=1326 audit(1741347341.877:26967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9734 comm="syz.0.2011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5bf35d169 code=0x7ffc0000
[  163.289678][   T29] audit: type=1326 audit(1741347341.877:26968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9734 comm="syz.0.2011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb5bf35d169 code=0x7ffc0000
[  163.314346][   T29] audit: type=1326 audit(1741347341.877:26969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9734 comm="syz.0.2011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5bf35d169 code=0x7ffc0000
[  163.338122][   T29] audit: type=1326 audit(1741347341.877:26970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9734 comm="syz.0.2011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5bf35d169 code=0x7ffc0000
[  163.362703][   T29] audit: type=1326 audit(1741347341.877:26971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9734 comm="syz.0.2011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb5bf35d169 code=0x7ffc0000
[  163.386984][   T29] audit: type=1326 audit(1741347341.877:26972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9734 comm="syz.0.2011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5bf35d169 code=0x7ffc0000
[  163.399438][ T9743] loop5: detected capacity change from 0 to 512
[  163.410511][   T29] audit: type=1326 audit(1741347341.877:26973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9734 comm="syz.0.2011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5bf35d169 code=0x7ffc0000
[  163.429443][ T9743] EXT4-fs: Ignoring removed mblk_io_submit option
[  163.440990][   T29] audit: type=1326 audit(1741347341.877:26974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9734 comm="syz.0.2011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb5bf35d169 code=0x7ffc0000
[  163.441029][   T29] audit: type=1326 audit(1741347341.877:26975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9734 comm="syz.0.2011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5bf35d169 code=0x7ffc0000
[  163.498853][ T9743] EXT4-fs: Mount option(s) incompatible with ext2
[  163.518268][ T9746] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  163.547197][ T9748] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2015'.
[  163.562510][ T9748] loop2: detected capacity change from 0 to 512
[  163.569526][ T9748] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  163.587688][ T9748] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.607774][ T9748] ext4 filesystem being mounted at /404/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  163.635767][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.699629][ T9756] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2017'.
[  163.781900][ T9760] lo speed is unknown, defaulting to 1000
[  163.896460][ T9760] loop2: detected capacity change from 0 to 1024
[  163.914794][ T9765] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=617 sclass=netlink_route_socket pid=9765 comm=syz.4.2020
[  163.931129][ T9760] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.983675][ T9774] loop4: detected capacity change from 0 to 512
[  163.992478][ T9774] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  164.018049][ T9774] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.2023: Failed to acquire dquot type 0
[  164.029864][ T9774] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  164.045111][ T9774] EXT4-fs (loop4): 1 truncate cleaned up
[  164.051689][ T9774] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.068845][ T9774] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  164.095180][ T9780] netlink: 118396 bytes leftover after parsing attributes in process `syz.5.2025'.
[  164.107595][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.118781][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.127768][ T9780] lo speed is unknown, defaulting to 1000
[  164.173153][ T9789] FAULT_INJECTION: forcing a failure.
[  164.173153][ T9789] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.186263][ T9789] CPU: 1 UID: 0 PID: 9789 Comm: syz.2.2027 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  164.186294][ T9789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  164.186392][ T9789] Call Trace:
[  164.186398][ T9789]  <TASK>
[  164.186405][ T9789]  dump_stack_lvl+0xf2/0x150
[  164.186461][ T9789]  dump_stack+0x15/0x1a
[  164.186488][ T9789]  should_fail_ex+0x24a/0x260
[  164.186592][ T9789]  should_fail+0xb/0x10
[  164.186625][ T9789]  should_fail_usercopy+0x1a/0x20
[  164.186664][ T9789]  _copy_from_user+0x1c/0xa0
[  164.186688][ T9789]  kstrtouint_from_user+0x76/0xe0
[  164.186850][ T9789]  ? 0xffffffff81000000
[  164.186863][ T9789]  ? selinux_file_permission+0x22a/0x360
[  164.186896][ T9789]  proc_fail_nth_write+0x4f/0x150
[  164.186928][ T9789]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  164.186965][ T9789]  vfs_write+0x27d/0x920
[  164.187008][ T9789]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  164.187039][ T9789]  ? __fget_files+0x17c/0x1c0
[  164.187107][ T9789]  ksys_write+0xe8/0x1b0
[  164.187138][ T9789]  __x64_sys_write+0x42/0x50
[  164.187181][ T9789]  x64_sys_call+0x287e/0x2dc0
[  164.187209][ T9789]  do_syscall_64+0xc9/0x1c0
[  164.187243][ T9789]  ? clear_bhb_loop+0x55/0xb0
[  164.187285][ T9789]  ? clear_bhb_loop+0x55/0xb0
[  164.187436][ T9789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.187469][ T9789] RIP: 0033:0x7fd01a75bc1f
[  164.187490][ T9789] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  164.187512][ T9789] RSP: 002b:00007fd018dc1030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  164.187534][ T9789] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd01a75bc1f
[  164.187595][ T9789] RDX: 0000000000000001 RSI: 00007fd018dc10a0 RDI: 0000000000000004
[  164.187610][ T9789] RBP: 00007fd018dc1090 R08: 0000000000000000 R09: 0000000000000000
[  164.187625][ T9789] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  164.187702][ T9789] R13: 0000000000000000 R14: 00007fd01a975fa0 R15: 00007ffc5df447a8
[  164.187724][ T9789]  </TASK>
[  164.476811][ T9802] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2032'.
[  164.486985][ T9802] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2032'.
[  164.497741][ T9802] FAULT_INJECTION: forcing a failure.
[  164.497741][ T9802] name failslab, interval 1, probability 0, space 0, times 0
[  164.500163][ T9791] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2028'.
[  164.510492][ T9802] CPU: 0 UID: 0 PID: 9802 Comm: syz.2.2032 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  164.510529][ T9802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  164.510545][ T9802] Call Trace:
[  164.510553][ T9802]  <TASK>
[  164.510564][ T9802]  dump_stack_lvl+0xf2/0x150
[  164.510601][ T9802]  dump_stack+0x15/0x1a
[  164.510629][ T9802]  should_fail_ex+0x24a/0x260
[  164.510745][ T9802]  ? sctp_association_new+0x71/0x1280
[  164.510828][ T9802]  should_failslab+0x8f/0xb0
[  164.510867][ T9802]  __kmalloc_cache_noprof+0x4e/0x320
[  164.510896][ T9802]  ? __list_add_valid_or_report+0x38/0xe0
[  164.510944][ T9802]  sctp_association_new+0x71/0x1280
[  164.511054][ T9802]  sctp_connect_new_asoc+0x1b0/0x3b0
[  164.511090][ T9802]  sctp_sendmsg+0xefb/0x18f0
[  164.511127][ T9802]  ? __pfx_sctp_sendmsg+0x10/0x10
[  164.511157][ T9802]  inet_sendmsg+0xc5/0xd0
[  164.511265][ T9802]  __sock_sendmsg+0x102/0x180
[  164.511305][ T9802]  __sys_sendto+0x1a8/0x230
[  164.511345][ T9802]  __x64_sys_sendto+0x78/0x90
[  164.511442][ T9802]  x64_sys_call+0x29fa/0x2dc0
[  164.511510][ T9802]  do_syscall_64+0xc9/0x1c0
[  164.511549][ T9802]  ? clear_bhb_loop+0x55/0xb0
[  164.511584][ T9802]  ? clear_bhb_loop+0x55/0xb0
[  164.511617][ T9802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.511700][ T9802] RIP: 0033:0x7fd01a75d169
[  164.511720][ T9802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.511742][ T9802] RSP: 002b:00007fd018dc1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  164.511765][ T9802] RAX: ffffffffffffffda RBX: 00007fd01a975fa0 RCX: 00007fd01a75d169
[  164.511781][ T9802] RDX: 0000000000034000 RSI: 0000400000000500 RDI: 000000000000000c
[  164.511804][ T9802] RBP: 00007fd018dc1090 R08: 0000400000000140 R09: 000000000000001c
[  164.511819][ T9802] R10: 000000002000c851 R11: 0000000000000246 R12: 0000000000000001
[  164.511850][ T9802] R13: 0000000000000000 R14: 00007fd01a975fa0 R15: 00007ffc5df447a8
[  164.511874][ T9802]  </TASK>
[  164.737355][ T9807] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2033'.
[  164.782039][ T9809] loop2: detected capacity change from 0 to 1024
[  164.794898][ T9809] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.872317][ T9818] loop4: detected capacity change from 0 to 512
[  164.882257][ T9821] FAULT_INJECTION: forcing a failure.
[  164.882257][ T9821] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.895533][ T9821] CPU: 0 UID: 0 PID: 9821 Comm: syz.5.2038 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  164.895582][ T9821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  164.895597][ T9821] Call Trace:
[  164.895606][ T9821]  <TASK>
[  164.895614][ T9821]  dump_stack_lvl+0xf2/0x150
[  164.895644][ T9821]  dump_stack+0x15/0x1a
[  164.895670][ T9821]  should_fail_ex+0x24a/0x260
[  164.895706][ T9821]  should_fail+0xb/0x10
[  164.895759][ T9821]  should_fail_usercopy+0x1a/0x20
[  164.895791][ T9821]  _copy_from_iter+0xd5/0xd00
[  164.895827][ T9821]  ? avc_has_perm+0xd4/0x160
[  164.895932][ T9821]  ? selinux_socket_sendmsg+0x185/0x1c0
[  164.895962][ T9821]  bcm_sendmsg+0xca/0x470
[  164.895998][ T9821]  ? __pfx_bcm_sendmsg+0x10/0x10
[  164.896097][ T9821]  __sock_sendmsg+0x140/0x180
[  164.896135][ T9821]  ____sys_sendmsg+0x326/0x4b0
[  164.896163][ T9821]  __sys_sendmsg+0x19d/0x230
[  164.896211][ T9821]  __x64_sys_sendmsg+0x46/0x50
[  164.896241][ T9821]  x64_sys_call+0x2734/0x2dc0
[  164.896300][ T9821]  do_syscall_64+0xc9/0x1c0
[  164.896331][ T9821]  ? clear_bhb_loop+0x55/0xb0
[  164.896360][ T9821]  ? clear_bhb_loop+0x55/0xb0
[  164.896387][ T9821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.896486][ T9821] RIP: 0033:0x7fd095a4d169
[  164.896504][ T9821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.896523][ T9821] RSP: 002b:00007fd0940b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  164.896544][ T9821] RAX: ffffffffffffffda RBX: 00007fd095c65fa0 RCX: 00007fd095a4d169
[  164.896558][ T9821] RDX: 0000000000000000 RSI: 0000400000000140 RDI: 0000000000000003
[  164.896642][ T9821] RBP: 00007fd0940b1090 R08: 0000000000000000 R09: 0000000000000000
[  164.896653][ T9821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.896665][ T9821] R13: 0000000000000000 R14: 00007fd095c65fa0 R15: 00007fff37972e08
[  164.896683][ T9821]  </TASK>
[  164.907350][ T9818] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  165.127652][ T9818] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.2037: Failed to acquire dquot type 0
[  165.139610][ T9818] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  165.163135][ T9818] EXT4-fs (loop4): 1 truncate cleaned up
[  165.169301][ T9818] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.190168][ T9818] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  165.229093][ T9809] ==================================================================
[  165.237234][ T9809] BUG: KCSAN: data-race in generic_buffers_fsync_noflush / redirty_tail_locked
[  165.246203][ T9809] 
[  165.248531][ T9809] read-write to 0xffff8881066be138 of 4 bytes by task 9827 on cpu 0:
[  165.256612][ T9809]  redirty_tail_locked+0x54/0x270
[  165.261653][ T9809]  writeback_single_inode+0x221/0x3f0
[  165.267060][ T9809]  sync_inode_metadata+0x5c/0x90
[  165.272006][ T9809]  generic_buffers_fsync_noflush+0xd8/0x120
[  165.277920][ T9809]  ext4_sync_file+0x1ff/0x6c0
[  165.282625][ T9809]  vfs_fsync_range+0x116/0x130
[  165.287410][ T9809]  ext4_buffered_write_iter+0x358/0x3c0
[  165.292982][ T9809]  ext4_file_write_iter+0x383/0xf20
[  165.298200][ T9809]  iter_file_splice_write+0x5f1/0x980
[  165.303587][ T9809]  direct_splice_actor+0x160/0x2c0
[  165.308749][ T9809]  splice_direct_to_actor+0x302/0x670
[  165.314134][ T9809]  do_splice_direct+0xd7/0x150
[  165.318909][ T9809]  do_sendfile+0x398/0x660
[  165.323332][ T9809]  __x64_sys_sendfile64+0x110/0x150
[  165.328550][ T9809]  x64_sys_call+0xfbd/0x2dc0
[  165.333166][ T9809]  do_syscall_64+0xc9/0x1c0
[  165.337699][ T9809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.343607][ T9809] 
[  165.345930][ T9809] read to 0xffff8881066be138 of 4 bytes by task 9809 on cpu 1:
[  165.353564][ T9809]  generic_buffers_fsync_noflush+0x83/0x120
[  165.359473][ T9809]  ext4_sync_file+0x1ff/0x6c0
[  165.364172][ T9809]  vfs_fsync_range+0x116/0x130
[  165.369044][ T9809]  ext4_buffered_write_iter+0x358/0x3c0
[  165.374608][ T9809]  ext4_file_write_iter+0x383/0xf20
[  165.379831][ T9809]  iter_file_splice_write+0x5f1/0x980
[  165.385217][ T9809]  direct_splice_actor+0x160/0x2c0
[  165.390338][ T9809]  splice_direct_to_actor+0x302/0x670
[  165.395721][ T9809]  do_splice_direct+0xd7/0x150
[  165.400591][ T9809]  do_sendfile+0x398/0x660
[  165.405035][ T9809]  __x64_sys_sendfile64+0x110/0x150
[  165.410258][ T9809]  x64_sys_call+0xfbd/0x2dc0
[  165.414861][ T9809]  do_syscall_64+0xc9/0x1c0
[  165.419382][ T9809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.425295][ T9809] 
[  165.427617][ T9809] value changed: 0x0000003a -> 0x00000002
[  165.433337][ T9809] 
[  165.435665][ T9809] Reported by Kernel Concurrency Sanitizer on:
[  165.441814][ T9809] CPU: 1 UID: 0 PID: 9809 Comm: syz.2.2034 Not tainted 6.14.0-rc5-syzkaller-00109-g0f52fd4f67c6 #0
[  165.452522][ T9809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  165.462589][ T9809] ==================================================================
[  165.485531][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.500003][ T9837] loop5: detected capacity change from 0 to 1024
[  165.515736][ T9837] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  165.528183][ T9837] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  165.536586][ T9837] EXT4-fs (loop5): orphan cleanup on readonly fs
[  165.544200][ T9837] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  165.554048][ T9837] EXT4-fs error (device loop5): ext4_dirty_inode:6042: inode #3: comm syz.5.2042: mark_inode_dirty error
[  165.565619][ T9837] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.2042: Invalid block bitmap block 3 in block_group 0
[  165.579468][ T9837] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.2042: Invalid block bitmap block 3 in block_group 0
[  165.593273][ T9837] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.2042: Invalid block bitmap block 3 in block_group 0
[  165.609835][ T9837] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  165.631901][ T9837] EXT4-fs error (device loop5): ext4_dirty_inode:6042: inode #3: comm syz.5.2042: mark_inode_dirty error
[  165.643498][ T9837] EXT4-fs error (device loop5): ext4_map_blocks:671: inode #3: block 1: comm syz.5.2042: lblock 6 mapped to illegal pblock 1 (length 1)
[  165.657952][ T9837] EXT4-fs error (device loop5): ext4_map_blocks:671: inode #3: block 48: comm syz.5.2042: lblock 0 mapped to illegal pblock 48 (length 1)
[  165.675034][ T9837] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.2042: Failed to acquire dquot type 0
[  165.686692][ T9837] EXT4-fs error (device loop5): ext4_map_blocks:671: inode #3: block 49: comm syz.5.2042: lblock 1 mapped to illegal pblock 49 (length 1)
[  165.701318][ T9837] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.2042: Failed to acquire dquot type 0
[  165.712906][ T9837] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  165.725059][ T9837] EXT4-fs error (device loop5): ext4_evict_inode:256: inode #15: comm syz.5.2042: mark_inode_dirty error
[  165.736940][ T9837] EXT4-fs warning (device loop5): ext4_evict_inode:259: couldn't mark inode dirty (err -117)
[  165.747830][ T9837] EXT4-fs (loop5): 1 orphan inode deleted
[  165.748655][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.756060][ T9837] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  165.789615][ T9837] syz.5.2042 (9837) used greatest stack depth: 8912 bytes left
[  165.798829][ T9624] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.