last executing test programs:

40.379951752s ago: executing program 2 (id=411):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="400000001435010026bd0c333c84df250a4022fe", @ANYRES32, @ANYBLOB="140006000000000005"], 0x40}, 0x1, 0x0, 0x0, 0x811}, 0x0)
socket$inet6(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000c80)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000000)=ANY=[@ANYBLOB="480000001400090527bd7000fddbdf25022040cb", @ANYRES32=r2, @ANYBLOB="080004006401010208000400ac1414bb08000200ac14143d080002007f0108000200ac1414aa08000900030100000000"], 0x48}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kmem_cache_free\x00', r4, 0x0, 0x4}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r3}, &(0x7f0000000800), &(0x7f0000000840)=r4}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, 0x0, &(0x7f00000001c0)}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0xfec7, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
io_uring_setup(0x3b44, &(0x7f00000002c0)={0x0, 0x86a1, 0x0, 0x0, 0x20000004})
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e22, @remote}, 0x10)
ioctl$int_in(0xffffffffffffffff, 0x5452, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r6, 0x4b72, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x5, 0x200, &(0x7f0000003c40)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a73090000000000001b0f4743f490c585108c1331c774b399a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f4c2b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b370c000000000000000000000000000000000000000000f800"})
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r7}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0xc010)

40.161246739s ago: executing program 2 (id=413):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x7, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xbf)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
close(r1)
unlinkat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x0)

39.995236092s ago: executing program 2 (id=415):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2b, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0x20)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0x12, r3, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x6, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

39.427755767s ago: executing program 2 (id=424):
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
r0 = socket$packet(0x11, 0x0, 0x300)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000680)='./file0\x00', 0x10e, &(0x7f0000000280)={[{@errors_remount}, {@nodelalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@jqfmt_vfsv0}, {@quota}]}, 0x3, 0x44d, &(0x7f0000000a40)="$eJzs28tvG8UfAPDvrpP219cvoZRHH0CgICIeSZMW6IEDIJA4gITEpRxDklalboOaINGqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrlQuFktPZu/IjtJsGJS/35SNvM7I498/Xs2LM73QAG1lj2TxKxNyJ+jYiRWra5wFjtz82VK7N/rVyZTaJSefOPpFruz5Urs0XR4nV78sx4GpF+ksThNvUuXrp8bqZcnr+Y5yeXzr87uXjp8tNnz8+cmT8zf2H65MkTx6eee3b6mZ7EeVfW1kMfLBw5+Opb116fPXXt7R+/Tor4W+LokbFuBx+rVHpcXX/ta0gnQ31sCBtSioisu4ar438kSlHvvJF45eO+Ng7YUpVch8PLFeAOlkS/WwD0R/FDn13/Ftv2zT7678aLtQugLO6b+VY7MhRp1C6Mhluub3tpLCJOLf/9RbbF1tyHAABo8m02/3mq3fwvjXsbyv0/XxsazddS9kfE3RFxICLuiaiWvS8i7t9g/a2LJGvnP+n1TQW2Ttn87/l8bat5/pcWRUZLeW5fNTOcnD5bnj+WfybjMbwzy091qeO7l3/5rNOxxvlftmX1F3PBvB3Xh3Y2v2ZuZmnm38Tc6MZHEYeG2sWfrK4EJBFxMCIObbKOs098daTTsdb4K0m3d3qhOduDdabKlxGP1/p/OVriLyTd1ycn/xfl+WOTxVmx1k8/X32jU/237v+tlfX/7rbn/2r8o0njeu3ixuu4+tunHa9pJjZ1/td37Mj/vj+ztHRxKmJH8lqt0Y37p+uvLfJF+Sz+8aPtx//+qH8ShyMiO4kfiIgHI+KhvO8ejohHIuJol/h/eOnRdzodux36f66l/0ebi7T0fz2xI1r3tE+Uzn3/TfM71pPr+/47UU2N53vW8/23nnZt7mwGAACA/540IvZGkk6sptN0YqL2f/gPxO60vLC49OTphfcuzNWeERiN4bS401W7H1y7HzqVX9YX+emW/PH8vvHnpV3V/MTsQnmu38HDgNvTYfxnfi/1u3XAlvO8Fgwu4x8Gl/EPg8v4h8HVZvzv6kc7gO3X7vf/w3qyMrKdjQG2Vcv4t+wHA8T1Pwwu4x8GV+P47/r8PXAnWdwVt35IXkJiTSLS26IZvUkkWzwK9vY7wI0n+v3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA///oO+WP")
creat(&(0x7f0000000000)='./file1\x00', 0x20)
rmdir(&(0x7f0000000000)='./file0\x00')
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000005c0)='kmem_cache_free\x00', r4}, 0x10)
mount$tmpfs(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000340), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='mpol=interleave,mpol=local'])
open$dir(&(0x7f0000000640)='./file0/file0\x00', 0x101042, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r5, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000040], 0x0, 0x0, &(0x7f0000000040)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}]}, 0x108)
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
r7 = dup3(r1, r0, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r8=>0x0, <r9=>0x0})
mq_timedreceive(r7, &(0x7f0000000100)=""/107, 0x6b, 0x7, &(0x7f00000001c0)={r8, r9+10000000})
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000240), r1)
sendmsg$TIPC_NL_MON_SET(r7, &(0x7f0000000500)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000280)={0x1b4, r10, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}]}, @TIPC_NLA_BEARER={0x20, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xbc2}]}]}, @TIPC_NLA_LINK={0xf8, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xe00}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffc00000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xecc}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa9d1}]}, @TIPC_NLA_LINK_PROP={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8000}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffff1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xfffffffd}]}, @TIPC_NLA_LINK={0x64, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x875d}]}]}, 0x1b4}, 0x1, 0x0, 0x0, 0x20000851}, 0x0)
sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r6}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

38.572789104s ago: executing program 2 (id=451):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0xb)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
getgroups(0x1, &(0x7f00000000c0)=[0xee01])

38.505404719s ago: executing program 2 (id=452):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x2000000020000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000140)={0x0, 0xc, 0x0, 0x0, 0x0, "810000cc2b000000000000fa25ffff00ffffff"})
r3 = syz_open_pts(r2, 0x141601)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000001c0)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000002480)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=")
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file7/file0\x00', 0x0)
fcntl$setstatus(r3, 0x4, 0x102800)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TIOCNOTTY(r5, 0x5422)
write(r3, &(0x7f0000000000)="d5", 0xfffffedf)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)

38.504939329s ago: executing program 32 (id=452):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x2000000020000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000140)={0x0, 0xc, 0x0, 0x0, 0x0, "810000cc2b000000000000fa25ffff00ffffff"})
r3 = syz_open_pts(r2, 0x141601)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000001c0)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000002480)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=")
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file7/file0\x00', 0x0)
fcntl$setstatus(r3, 0x4, 0x102800)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TIOCNOTTY(r5, 0x5422)
write(r3, &(0x7f0000000000)="d5", 0xfffffedf)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)

2.54851728s ago: executing program 3 (id=1145):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0xa}, {0xffff, 0xffff}, {0x1a, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x2, 0x0, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0xffffffd}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x44080)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x3, 0x7, @loopback, 0x800000}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x18, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x9, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0xfffffffffffffffc}, 0x18)
r3 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x40, 0x24, 0xd0f, 0x70bd2c, 0x25dfdbfb, {0x60, 0x0, 0x0, r5, {}, {0xffe0, 0xa}, {0x1, 0x10}}, [@qdisc_kind_options=@q_pfifo_head_drop={{0x14}, {0x8, 0x2, 0x4}}]}, 0x40}}, 0xc010)

2.42729474s ago: executing program 4 (id=1146):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
symlink(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
readlink(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000001200)=""/4096, 0x1000)

2.403168242s ago: executing program 4 (id=1148):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000a40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d8000000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d10bfe150a7487535f7866907dc6751dfb261a0e3ccae669e173a649c1cfd6587d452d46b7c57d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983c044c03bf3ff03fe3e26e7a23129d6606fd28a7f9105f82317874b33d96b39fa4e045469989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f1623ed38ae89d24e14b40234756ddcebfba2f87925bfacba83109753f543ad027edd68149ee99eebc6f7d6dd4aed4afe1f44ccb19e810879b70a70900000000000000000000d7900a820b6327944e9a217b9800e02a92895614cd50cbf83a1ed25268816b004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d6209000000c773713a66b223fa8b148871c8d31d24000025449f106b99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed208ada12f7a1525320e71666f472a972d5eb1affb87ba55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c35d32940f19dff00ffffffff080000ff003853e59de7621e348955735264f34b1046a1813668297a7edad187ef106ae7fcbb25090f17d0baadeb8ae190a1fb5a315f8347fb0379659500000000000000000000000000000000000000002fdf0193ec79c90ed210ebc2fbed6d4216770c1b0dec886b388d138c2b69c6aacb714e7264093061c660a5100b7cc165889eb94c8d7c77b6fa06f1a4d8e4a6b6cb37e319c5c22f276b03cae853f42b07ca0b03b1eb32a6b1a81cd511fd0b59d57a11c6a3ebf9731464ad21f07f618efc31023ac60007426162b57e803519954d7c952197b0a508c0e16fda392fa84be38e937d36af1c35138e05a9e8d6dc0272de72c41500000000304402e22af23437126f330f8eb4075daaeae3134ece35cd86d95bd9836bd186c4b6565e967a4e3e86f299b7400994ba136b4eccf3b0f001a266c0d160b3ce1182001d64b52a5ce7f506295d59eea6903b84ffbabf5a5b91c1d6ecce8728a224aec66c610e3becd60a35e848c224f8251947eed20e2b612cb099bfe8924d33ba7f0691fed04a43e9c64b7a1e3165e86cdb9871c678a6bbb14821f441c6c14d1bd78d8ffdfea12c19ea04264335d60b6b7a7da6fb83f33101db32f6ab137d943dd3c1e8db9f3e1263573dc721ae82fe0bc63598751a5092c9f7dbfc39d564834e3703492c2a651643d8ce5c36d97a4812cf73fc8ea0d6"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0xb)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x0, &(0x7f0000000080)})
getgroups(0x8, &(0x7f0000000140)=[0xffffffffffffffff, 0xee01, 0xee01, 0xffffffffffffffff, 0xee01, 0x0, 0xee00, 0xee00])

2.338927077s ago: executing program 4 (id=1150):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = syz_io_uring_setup(0x2f90, &(0x7f00000002c0)={0x0, 0x4dd8, 0x3850, 0x2, 0x200004}, &(0x7f0000000100), &(0x7f0000000140))
r1 = epoll_create(0xaf2)
epoll_pwait2(r1, &(0x7f0000000280)=[{}], 0x1, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0xe000200f})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r4 = io_uring_setup(0x6c4, &(0x7f0000000080)={0x0, 0x4075, 0x18, 0x3})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
pread64(r3, &(0x7f0000000340)=""/20, 0x14, 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r4, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000002700)=""/4096, 0x1000}], 0x0, 0xa}, 0x20)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r5)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r6, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r9=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010028bd7040010000000200000008000300", @ANYRES32=r9], 0x34}}, 0x18)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r5, &(0x7f0000000580)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x30, r8, 0x20, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x7}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000480}, 0x40045)
r10 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r10, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

2.189586209s ago: executing program 4 (id=1152):
prctl$PR_SET_UNALIGN(0x6, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0x7ffc0002}]})
getcwd(&(0x7f0000000080)=""/14, 0xe)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb3a}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r5], 0x0, 0x4, 0x0, 0x0, 0x41000, 0x12, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/hibernate_compression_threads', 0x60a02, 0x0)
sendfile(r6, r6, 0x0, 0x3)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r7}, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="2400000022000900000000000000000001000000040000000400018008000200", @ANYRES32, @ANYBLOB="2bf9907eac3cb16634dfb6d186d25a785ba7b6da41e0c95820060049c5936467d3cc263598ea7924eec6c24d06866ece88ddb1b2df8039c7f82200255181ffa62777b650902d7c588261916f391c6850f410a1b139782c57652491c66af1830b9828de11ec16029407d3615d5bc05605df58cdd85960552e8aae30a6a458ab6bb36f195e16285d920b6fe2c3a708f3f8e810342667facc7d47a86f4d214a11859c02e63cb583249bab194269d953df52d0d43ef3fea80ed7e88bea60c8a9371e811c1a8d8987ef5c1782c367a23f205b3538af58ad9017f471e52c34b6846a54f05711e64a89fca3d2237318f4dd637bb8379d023846fcd15d7472bf0c8127fa31ab84f515342697440399fa5e4b284aa5d2e49843c4e566181f313c0ce3762f28f58482c847407ed04fb7f23a0098b4034bfb24db8f60ab6f2751c7f4d9f69afba134416c8afdf885e9f55968f58481d7a786c7f68b253e77"], 0x24}}, 0x240048c1)
r8 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r8, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x400}}, 0x24)
sendmmsg(r8, &(0x7f0000001840)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1800edffffffffff00000000010000002400000000000000"], 0x18, 0xe000}, 0x5}, {{&(0x7f0000000080)=@l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1b}, 0x4}, 0x80, 0x0}}], 0x2, 0x0)
sendmmsg(r4, &(0x7f0000001680)=[{{&(0x7f00000003c0)=@isdn={0x22, 0x1, 0x5e, 0xfd, 0x8b}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="bb01374949e3fd034ed9ed463431515dbbbd6ca2c9bed698f1bd470ee4ebc2223da25bce56c0ea238c5acb45bb9db9e76de1cf3bb82f52e8c8759fc64cbd95ca3d", 0x41}, {&(0x7f00000008c0)="87a35610ce232471ff9bcfe44a1a127457c357dda51212a8a3ea5fbe61cc9e88d9debd0aaa869124bc10307ee2b38851bddee755b1be30cf40370dca6b08f634713c601299cf288b6291cb6b6816527c37ede38d86af12bae6de96a1ca66d67a8f35967d6e683607395f104a4c7ab082b9add4666a80dbdbad153205e882f8", 0x7f}, {&(0x7f0000000200)="d76354c2056cb650915cedbdc280ab8e6ffafb954c8a4491abad", 0x1a}, {&(0x7f0000000a00)="8406689d45dd9e1c3122bc1791cb6e2e998e192ec9f9d5e171f352ec6739616f475200350727a70e4833573569abad8443e272c20eef64db824d0892afb87c147281218baef152137598921b68c6964ec782c5d94839b5b85e512b807c8e75d5c724c8647950c3421c0df42de3eb0861221c8a8992c65148c01d19dd38be9ef965442c024adb4e20", 0x88}], 0x4, &(0x7f0000000980)=[{0x18, 0x11, 0x3, "c1"}], 0x18}}, {{&(0x7f0000000ac0)=@qipcrtr={0x2a, 0x4, 0x8000}, 0x80, &(0x7f0000000dc0)=[{&(0x7f0000000b40)="8de7c2fb756dab28516aaaebb9c02ae61dfc48beff21ed80a76d8effcad70fabb521c668981653f8c6bda720337c82c50a34e03233bd646f8de635650c046db921d77e73a778a78f7aa5ca4b82e849d73a924d9495f5e71b0da8f53341df94d9106faaa9cadf82266bfa369092c960676471a08c6648bea92f31431c7ac41eb170d19ec213b80056493eecfcd73b681499462cdd1e5e05157ac8634a6a95b75b66a78c8024baf980ef2d5614f6a9", 0xae}, {&(0x7f0000000c00)="0b2bb7621fa9d5d7c8cf662dc81938d12e5014edf5d516c55b79b6935b419175bfb135e8e42351ab06198ed86cb3977cf16e7699f62a40c2241bc4f408235c05d55350122a1d2ccfde5d227e088d477c96ed7abf7215c8a3d625c2c0eb7efffa4a7c8d39c60a2bb0f5c1bab9dde49be5b8cc2d08193362d86bc46ba5dce9", 0x7e}, {&(0x7f0000000c80)="8084c964b4dbd2a47bb1cbba0da7821b655e15e746b62d6bce8a16cb343cf959e549dfb06edc01b606dce55210d53acb5db8fdac486453fa8b82b9f0f24fbfef064c7430b6fdb5a191b3fefb0067a1c382ebd9e1f94162dc06a987fba0f95e8604a4aa96b17f2664154f509941d5cae9d888cadc2085c008375e4600e142a0f85239c63f427e8657cb9bf295c653713a22bd83d04e4263f1f6986003aa8a2c24", 0xa0}, {&(0x7f0000000d40)="4f651d69c59181de3a698ac4ccf41ae1956967331ec9287d3d4736e485831d2f150a9dc2e3b0cab6461b98f497f0bc17a879e4ae95b8a65b33c1eb98a8166a093547ddec6c3a9e12842d9a0dee", 0x4d}], 0x4, &(0x7f00000018c0)=[{0x38, 0x113, 0x9, "a4b8fe9504eba71299a6046d0f47f3fdd4497d74084526ded34ed0962973cc7b06db166df6"}, {0x60, 0x118, 0x0, "79c124bc555ab68bd8c047aba2c09c0f382dd1828a5ddaeb2defd1e1fa555ac89ca77085589f63c7297cba5dc2c42f81c00a9c82f5b6a93d508727974112adf4b4c2d1ddfaac1c52252b25f0b09837"}, {0x40, 0x111, 0x40, "b63c793ddad9f2b14ba21d194965ad78bde85d6552fd2ac511c7880542797d74a70e715d7fb41a5ccae62e704ea6"}, {0xc0, 0x117, 0x13, "1379e6abe330966833bd3599aedd7105a8d72896faca18f8a673d8959aa3204f53dcc07d51ac7efce66e746c9319e9bd045fdf4c0d396623cef95415a25abe2461449d93d33361c956bf34a2a29527752efb15e8d5bdc1c962176a4f02a99dce86336352aeb2acf314320014f89cc9912d68ba6a76c3aec9252fe94e730ca1498e21c1b689b508665b9e80ab1ee59eaf92760e4d055b954d9f324480eb48f10a220417a3fb21350e8d"}, {0xf0, 0x10d, 0xb, "e231ae1cb626d95c8b2f26e22ccc95ea486eac47c5d17c19c7164b29ba39f569302998e2b897164dcf461b4f0970e65866ba9eee47fda06aff83dc5a7a51956cfd7812a1616f91c421cecc1371a51202fe1c19eba97974f09a6c6cec68f4ae339f7739a630abcbe71aa61d5295b4ea3c3a2b06d4c5ddd3232a03e142a3165de918ff98b734a10a53c5fdb5d2cae7010862deda6f4fd805f7ad04c6f1fc8a4793076b87271945a44405b3aab86d8c7fa93303449a9959e52fac4701436b524f48f3ecaca0b3339b63b09756e2fe4ddca95c835c628501c2d049eefec533"}, {0x1010, 0x102, 0x3, "3a89a7f40ac9a595922f18ca68bcf95049e2ebf1ccb75e8259fa43045993f786ad6fdc7d8457398da756a4566a7111dd65354b76d284ec69a52275402ed122ab6746b7e82d230f93be06d79a1e3a58fadd764c007811ce9f6819705621e4fda6deba86aa749b8dff8a21bf4af09c0d8be3e94cf4bcc309ddab737a83326a16f827e8c99a2228e132890c922884484dc4144cc81fda3af31a3d3965f0189c4ee3159da87888501573dc9e335b639d621159f974580b9432a4485764afcb196352eca291355d5930487c2cb549f82dc11dcdda007dc3b013ff573fcda664e9ec35a6acfdf47f4051c1c3b48606965eb7937ab0bdd0bc05cc4630befede1a86e6465f631c22608f8a1b1c0866bb8b92a99db0225e64b6d42bbc00e231c16836432cb39b909d9ebfcc90826df2dfcdebc1604117e5a02c4e7d6876f6cab1f7b300329e1bbf007e38df8be950415adede6498bab54c127e7ac242d73ff1208b285c5c1280716d36879e4ddc905d965802ef9a95d2387aa097f36ae1bbcfdb0016756a1712102e208958f3251a1fc24803e630c03e33f2545c1e4b62b3a574e11c5e9b935a6817294a214c80f8d85437153db8e2987a02f2d9e5827155b0d5bdd22e263227c688c9b0a634a364715058448d53ec590e7e9d520863e8f3665b79a3f8a83774f85213789b503a8345a26c41bd1060aa8e3f98969d3adac34d3e3a37680b597865909ba306d5a90e986e2df38cddf4642a0e1fead61e23878f8ed4d137eea363cc17d14253d5ef0326cc5bc11c73d9fb9dd408f00e14846f1a939301862411d86dc89e792b26c4fa522d36f976d07c8c1a8434da20464f0fb45ed581789f2261a957db230f5571f00a59dc8578a53efd723e259509f8482095b6294f899c0a7250bdd2da249bc185113a4d12f3db9f6289e2b20df2fd169a5b4e946baf4e777726611564efdc513a4dc4ae39163b12df5be128f7ea8965f14efa3835bc1c736943ef9e80d86fa3309fa071ca5e12107e1b834bd38d52a81de8a4bb6f3db53bb5f431a67f8591707a1ceaa3c6670df5ff93d28d0692d989a0735e3eba24d2ae0922168fad097ad80d1fb0db9d48c105cdd07025ce484f2d0ebe648791457980859987674f33524bd8d088bb96ee04c9a3e190c8e542ab14bda98bb648f7c21fd6ef1d145ab1d2c90b75b1f14a9401d4cfa92acd6bc05be5c3d86cb41c3fd53398ae7b13bff63c4fb5ca40f17f1f29c181c5602b07e01037a3b1729020b22c41cf9a10fdf1268c663bff62a1ebb0cab3f0127c0b4f439a918c3709ed4d4592f75e63071b9298dc4e58f53a2cf9046903c48aa4dbd8a6c71c435bd8ec0b9528bb844d9168c745c71ac388a7fd28d051efabe3e38691ebba2b730ca0b7e734752521ad3c0ca3c7b26dc8e031a8a1a0fdf36fa8488dc5cae84415eefd070162fb675e17bc1cae5213d162f4ab747c73076a280c15f0752f7bcf89e3dc830ac37ae9cb559a21cc03ebb49f5f16a814e432d28e0337da6fb21b46b1344a2bb43f2679c1f6f40864357d2f5a5f15cd7358576cae1688b4b2958b951649b0e85a56ed793a6045ced441696a7e31065f40fa333a5ea6ce66eadd19c4df449f11286dc28c8d9897a27fdccf135e700c33ac938b27dfa3a3000b06aafb81cf9263280fc1a321b9b1f536750894e4b96d02641dc11e11e398e13bd8e7eb02b6cabca59826cbac1b65c8eb2d18b7269d385e65b1d4262dc2722772c08ee7af79b1f786c4dac43f68b6beab2dad403cad5ab2abc2d4d8ae036049fea1de4cc916749c58ef177519d1bead7da21c2391d99c371d3d74dbc33f40b40738b805205c2de03098e771ad17aa95c9e4d3ab6f2a55a6e21dd4f9054ea16eae1fab089d431a86e6c920e8c6c0aab65f012295629cd71193c134250c9383fa9b3dbf1da3b89ed0f24506618fc4a535be2c6d99b4c7254d311c5cbb4aab851316246e7828e2b997a5ba7ab9d4e50e1d993c28f295670036002d37666d1e617de52bf08cbdea26542b6fb36216fdb8fdb2ddd0b67132c0ddf829e4904d4b871cb5925acb6d516d8a4239515acd8cf657d877289db643a74adbce59a8910d466da8fb65bc69982d581091f2a4c13dbf634dfe26c9e6121b9da75078cbd6bb74050146be3977469ba7f83db9333cb61ef2e2dbef364203436da0c2f3dcffbeac965445be5f7e6ac6a8cd46f8f82855a807face537b8dc75955b082879255919e3c80830f47b80fe23cdb5842f5a7415b4535618c74e9ceebbc26e4bd90900f4e6f814845388360a3d9738e29933cc9b0324dae0f21124e2c1a44f9b02f6da4b51a6539fcf77d904b3011ac062811e4cc521601d80dd73f8bcd7bd78d09bc0bc07ecfb482da26df93b57526a6f85d6126c5b2625a4becd3b799ad83dc61789fb16a923e73e700211b1b34e6a21ff192195b5d1ffcd8fd73b1ae857674af019bf2e035f13c07e25655d0b89e5be74129b0c64a770fc32c75ccdaec9cb8d247643eca6af7faa899797643ac69f4998488b1ab7b09daa3f3e549ffc4b95ccb16d49759cbcac7f2ed0dbfe805c78d9ff7658698c46dfce4fcb6c82c59a26c26ba9a7c1ac888b503f53fbfdf1a8b46c7fb0b4f49692dc44cf512c28dffb031f1f9078b5ae613ae568a5d6b44ab3e59d7614ebdcc119d6bd6122098c116e76aecd27c7db76a05b32f7d3f2f5db22b6a5e46173a7eff39e56b22d2372e4de5a60b77b3527b71c20a7551f2c571979cbf54ca67c21f7ff24ae577fdf02676aa4cb38ce05cc1037180fd038aa3a9dfb4e46b261ed46f9700d727af256e4c3890a2ecca76a52f80cc9825bbb60b5668ff2f48950fb98c1d5ee3d16ee38d55feef05c905a2a695f13a04ccad52caf749a0fecfcf0062f1a83bae6cdb59576e6d91fa41e50ca4673dd5d448f4616f8b3916132a580c2c70d1f3677e3694579bb75f6f1ead3ed22f942929657c2a0fd8be4b462d6479fec919ef529c1511dc663092571d837010508f27673b9391babacab9e36da718fa6d35d649f05acecb0c069e1a59950ee51111cffdea41d9c865080fdf92427b847885bd8140f7d695e0df3abebfefe553bb020f819d7a040f138690db4d4cd2f888ddfe36f3443daeeb56552c506318d64368c42bce451ad763b4a03d887c3d12a9701293924c30a4e8a38fe35110db393aa893f855b8fa567ff93eb8b3d197c8bc3158da6f654684862ef609ec54558e8941a0380ab00198037ba4e8622b2c6858f84b86f09f65ec787a2602776e806bf52f1b22ae8df6758c540fb0ebd3ff6702873aaed2bba60ff401aec614c54bed61610dfb4ad48b6510391246b0475d041da7a3ed56db4905fb74761d8e92a24469c11497eb168b5589d0252cdca5341b8b596acb5a21dc907e732785f9413f72c637fcc936fd1ab6d1d3933e11bf1ca6a97e0db4faa0090521077535992dbe954c013bc17680b6b6af6b2501baca3f2ebce9c65c76b03c920fc3b781d455d72cdf9b8b54c151b0815a2ab02c8e9e20e5e8e1d39b3deededbed4a1e8d1005faf47daf244110d27b8d57140eed2a684b5a39748dfe1a27ef28a3659f49306624133a7e3bce2b622ab71c23ee4ad35316750d7b8b85af07a1280fadc857754387ee6bca78488a7b430fcb2c5f91289543ef02f50743d1d4fc43ad1df6fc7b62782fe8ce1f606a89c6fc78f431f65b247fd70bbf45df692d62e063ff3fdb4c53eef2f558ab6f9ba9a6404f9c7346ed8ef494eda46f8072456ef9c21aca6611e84a9c59612eb2c0bb9067ca958751de066eaf43b99f7affcb55b56d3043b2ec4f924b3bd3a8733125afe2c36d4ea299132b87af3b53d7d6885c1ce741c342842adb8fbee45002ef076af65dc8a62428ec504562b6e57cae8f1cbc87f84409c19c8332f6b8dfbddc16b743e4fc2ab1cf8b8a727a3b306538e7675c6c91d2cddc0fbc065d48f52b791f3603af3340ed95025facf038b52f136910160e714f3eadec295addd2a759cbcadf05ddafeb50d4b256315e7e5d0b95ba1f2bb25a10b0a204cf7e9896ee5cfccc2a7c3cebd6aace122b346041a88fc5b00e4d2b6efd1d4bb1b30819abf84f906bc6655c07e8a10678bb46eb40de9c0f01951fbb759eeab56dfaeac308c61d0e69bbfa4ed1cbb63911504c239310016e66cb8569785b9c1729f3d01051b4ea4f8b3165ef8077f4fa4953aff2dfc1fe4f7a2aab573a8bdc353c579448c3d33fed62dde5ed0c6e9fe8b94666e928b0ab23cb98e96a844e9f66675f167d5e7f1c79c846ed901b3755c8de432db0046cd95ee51cd94b5932c3de8d21d673b6fca7e5ef9e17c792938d981c3e79ef24a46bdbb5b146c666b515426d2e3e487c8d7780c3ea6a40be9ddddcced1123cb16ee448aaa6cc4ffc3dfb56cea7d3e083c06ede1048763fc1483a19ed5f08f225950983ecf5cee1dc340611f22565b39c0fd4f1f0682a7019b9d0706226c183a431a8573194d512245f5de48e662711638968185210614b1a06c680f85dfce0ca4c98f20aad681844ce4618b240381b43f47a8b3562447a9b6fb7c19601ff9056301e17b16b94642e5bc347e83c49079e4e5da7f6bb7947ca81786b2ad14439b84446855c5c9f00b7727f8732569fc818db7066b433637ff2d52ca6d517a2d01dd97fe8ce7eb41dd3cd23a55b2a7e0059789dfe0dc8df479afcccd70a15d012c78ed32f410c85588bd517b874abfc5d3f26937346ac0e0e6c8bdd0292b391f42ef83b069c7f726385c75f7a6000c8ca1b6f4afb00ed8ac97aad0c87e041220f11e8f856456cb508128f254ad6f4bc51e7510e28baefa40122c9ca08709f169e68cb233d0206769cc05767bd9abc04932afefd7236367185fe75330f3bbfc5a56e6f1e23377dc3bb5bcaa9cb5077f593ce2648641c86e954eeef9c5943e7a179c4d2b92a99838eb277b8ba68749e1aaa88a6c18add16c89c4dd0623b032f278ae53b5e5e3d1576eee5b536e66514944dffd652af4056aa71cb6eac90d87f7a33d8194ad6323a9ddbda8eec569aa528f48507290a19336d3494c7c86df90a1c5dc257c71829b91f1ad27631092f9e5e94e5077b350d27f992c62abdd1fedb95250deb4a5f0b3017935d0cf24561a931ef744a71044d8a0f8d9bda903ebd8db1cc37f5cd3017d939e3fc3e8b9aa8b7b5d80bb8cee8f45c34479b9f2741884fe3e0f5532dc4da00b50ab7380b3837afe7922bdf4ce6286c47343a9e34358eacf9b5020f47a71803866dc2facc01b70f9f4865dd4d2f6baebd840496e4972a58691b28d7aa3459ea68c589f4008e7ea99a3d8999c4a992c4f4a76c48291c8f3522bfdc31fdf31fb329edfcaab4f1a22a408b134d53b06e9e6090f5ac362f4362f45e9a98c85d5ca86eef3f12865ed1109abd2752a47f3976b5384b9150825799357e25a31fdb76ae989b90580fb0a94211bbac1fffbdd3a301e99b4be25cda73d816d92b8cd892ac28b10546b2ef279ea3ad007e51ff926eaf09688ab2c75c04794ec9f433408201a7e35bbf80eb683b8e0b44d5f4dbf9f720d3dfc81596b079ca7c66dfe810f47ab5bf1db3589ced85ad230789c67371e90f2296943a9eecc8a4168a67e6e8669acfccfc9a189436567715254d0b4795a3cd001bcf81ad43d91eb0305e33939c21b7cf1329e0ba8be7aa516c36006423feec8a8e53fd712e94470309acd7c6b00860b4fed306c4d993c94dbed9a33429903828632fbaf0b067d0affa32708b2d325abc5b9f7786a639f5c385e2fde4e346fd5ddfdb6b"}], 0x1298}}, {{&(0x7f0000000e00)=@hci={0x1f, 0xffffffffffffffff, 0x3}, 0x80, &(0x7f0000001240)=[{&(0x7f0000000e80)="be24e62efdf23f4ae66bf39312dfd0ccf7f60a7d3dd34991e69fd13148706ec1d7ec2bdbcd2e3d1df41fb1d78a6fa1d17cc74a5484392f4a8a9855e04c6c84f9fe56f3ff", 0x44}, {&(0x7f0000000f00)="363cab232c7af6859950630ced1d941811f34a11d244340e0eaf84e215f537ed0c7ceada84567782aabb0e51e8d2a4887c6c2e88da9c481db81960fc6b347376286ba78cd9d522e823ae0af27d2320ce86c93fa6692a64f8b12a69fe4627f0d169526f3b6a69096fc79fa599fbda65d909a4c29a8c3520162773e35593ff33f83d9b5233089571d349cc5d0581bc38b0fdfb22303171ff50af358c4762dc39ebb65e523f36a2df10541e9a2f1757cf4b0c8652df6aea74e1af13f8558a0f02f66e95751a2289fa433020ef22d94db01c2d479120e4363c1f5ce0444abaecdb33da8793d50175aa65cd5c70b5883876", 0xef}, {&(0x7f0000001000)="06a610a89b0a5ff9cf6cca8dfaee68951be8d837e5a2031ea275ce75fa0d8bc794bad3d6bc0740456f62cac1c09502ac3e2c6dacb80c25e7db11baa7a25f9e12c39dcaacf51b30ab3960507b415392e5f7e04f37a1c16c820d933cee36", 0x5d}, {&(0x7f0000001080)="2a28784111b0f36883fecd761a41a26592543d1aa42e741809510e3aa2a6918605c7d757eeb692cf286b0d6cc474fb9f38fd3978fec42cb1dac93ef99a03c539366bc83fece8e86e19684d166006b118caa4dd744a1d00e094bfdbfffdf1bbc98733fac1898962c1559b943b55bcd69bd94f50987fbce4b9c0d01b3b1863ab6d687cde", 0x83}, {&(0x7f0000001140)="90effa935703dee94490764b10949d0ccf5613b5d5e81e36f036260b5ba7afa028523e6d9a6c7f73fa0c397170561b2569efda4cabcd54231b599b15adf9a929602805d172c1b545f3f7ba28ccb3a789fe3750eca09d0a527ca17e7074de1b7ae41213b7dee9e4c054bec39b28394ec797f8f68de58aaa8bdd2a3ad72dbcbc9abfc2750ce0b0de6c5704a656a26ec7aa015674711b628f2c34ec7765987229b2def9fa1f474628af227c608a1e4fda9971a120113eb1f541e12927139a8196b7de8dad46", 0xc4}], 0x5, &(0x7f00000012c0)=[{0x78, 0x6, 0x10000, "968c6de5e6d0f0bf34ce426cfc486adfdbe7cbd166432b05f29c03305129075b5076f9145e609936668571aea62fc70f53cf4e3355fffea071114fcf6690edf47b5090b4dce466c0a8bd10e54c425b9e76920fd4d49443755cad3bb803bec38256"}, {0x50, 0x3a, 0xf0a, "6244655cadc4c3b99173be9fa73cd94a504bdf1f23dde28c84189e5e08d3036a43810ad87cd1e5d90f767fe61f43e9d655c89cef5487111d5a"}], 0xc8}}, {{&(0x7f00000013c0)=@ethernet={0x306, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x80, &(0x7f0000001480)=[{&(0x7f0000001440)="130e135ec0b861384482dbbd6934ecbe792c", 0x12}], 0x1, &(0x7f00000014c0)=[{0x88, 0x10d, 0x1, "19e411517f4e9aba0ab5c6eaa6c7c1e6192a37136a0a45ab02718c7f058726d80a774a3b430239eb20e93434ccc94598953e51529b1b771af02f0da6ae874c6245fc4e7371e11451bcee168a7162ed49f2dc498bbac320517368bc3a6e0ffd999770df8336db570a914e4d6a52f88e356968b0"}, {0x108, 0x1, 0xffffffff, "af0b9e1d082ee52dd61b797590008f9e1c76701e37c51ac5135e169119268f26d39c3c3cdba01c84f93260a075116f30210d52babb6ccdc844e4a3e2fd0c217303d02933fc15a2597ef956f3f7b2c11b001ad22795bf6c3c15c262096ec7821d57ccd42b5fe9ad9d9bb3108e6f03956cbd0fbf0cb73cbfe8be33ab053720b161ee158b2dd3e9753f405d59dc3d2e753257e38ec22dcb6361ad71e89eaaaafa858581426485da02023b38e7fc370be3b161af373307d502c4aff8019a13a124ceebef37ac18fd9c71ec8b0c919cd3e374c3c7de6e772550da0f7004343e3994df4dd4112c23242c644163b11ab17b4f3925ad31f175"}], 0x190}}], 0x4, 0x2000005c)
ioprio_set$pid(0x2, 0x0, 0x0)
r9 = socket$packet(0x11, 0x2, 0x300)
read(r9, 0x0, 0x0)
waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x2, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x44000, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), r4)

2.161185731s ago: executing program 4 (id=1154):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000680)='kmem_cache_free\x00', r1}, 0x18)
syz_clone(0x623f, &(0x7f00000006c0), 0x0, 0x0, 0x0, 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)

2.124337914s ago: executing program 4 (id=1156):
r0 = epoll_create1(0x80000)
r1 = socket$inet6(0xa, 0x3, 0x3c)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001", @ANYRES16=r0], 0x7c}}, 0x0)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f0000000f00)=ANY=[@ANYBLOB="00020201000000000000010000001c000000000000000000"], 0x18)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x201, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, @perf_config_ext={0xc, 0x4000007}, 0x180, 0xa88, 0x8406, 0x5, 0x0, 0x3c, 0xffff, 0x0, 0x0, 0x0, 0x46}, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0xa)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCGPTPEER(r4, 0x5441, 0x10000000007)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000004700))
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, 0x0, {0xfff3, 0x9}, {0x8, 0xa}, {0xffe0, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000400)=ANY=[@ANYRESOCT, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
kexec_load(0x0, 0x0, 0x0, 0x0)

1.694184407s ago: executing program 3 (id=1162):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x4e20, @multicast2}, 0x2, 0x0, 0x3}}, 0x2e)

1.633242642s ago: executing program 3 (id=1163):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = syz_io_uring_setup(0x2f90, &(0x7f00000002c0)={0x0, 0x4dd8, 0x3850, 0x2, 0x200004}, &(0x7f0000000100), &(0x7f0000000140))
r1 = epoll_create(0xaf2)
epoll_pwait2(r1, &(0x7f0000000280)=[{}], 0x1, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0xe000200f})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r4 = io_uring_setup(0x6c4, &(0x7f0000000080)={0x0, 0x4075, 0x18, 0x3})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
pread64(r3, &(0x7f0000000340)=""/20, 0x14, 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r4, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000002700)=""/4096, 0x1000}], 0x0, 0xa}, 0x20)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r5)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r6, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r9=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010028bd7040010000000200000008000300", @ANYRES32=r9], 0x34}}, 0x18)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r5, &(0x7f0000000580)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x30, r8, 0x20, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x7}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000480}, 0x40045)
r10 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r10, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

1.53399125s ago: executing program 3 (id=1165):
socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0xf, 0x4, 0x4, 0x20002, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x50)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000140)={0x5, &(0x7f00000001c0)=[{0x5, 0x0, 0x9, 0xd}, {0x2, 0xa, 0x0, 0x2}, {0x5, 0x7, 0x10, 0x5}, {0x8, 0x4, 0x7, 0x2}, {0x9, 0x80, 0x9, 0xa}]})
get_robust_list(0x0, &(0x7f00000007c0)=0x0, &(0x7f0000000800))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x3, 0x0, 0x7ffc1002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
syz_io_uring_setup(0x1104, &(0x7f0000000400)={0x0, 0xffffffff, 0x1000, 0xfffffffe, 0xcb}, &(0x7f00000003c0), &(0x7f0000000000))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)

1.492503783s ago: executing program 5 (id=1167):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000680)='kmem_cache_free\x00', r1}, 0x18)
syz_clone(0x623f, &(0x7f00000006c0), 0x0, 0x0, 0x0, 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)

1.460661605s ago: executing program 5 (id=1168):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x8, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000004000000000000000300000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000001b000000b700000000000000950000000000000053a62835ca4f79851bdfd66093770de5a97de9ef1bba6e4644f4f275deb018c378eaa6fc0f8ddadd97a54de0ebed86bce08002826de7f41a137fc0ed0cb424e57d96f8699fdbfbe854b92676d1b8f71e360035ad3402095e5597d6c6ee7a77c0fdb234c1ff04c921540e38a233c441d261d9cd79d521a3b623b3f891cd56ad06c5dbe5b7f9a23b2e9ee86cbdfc9d575aa744bf9cac3655e8dbe59495cdbba9c36555d16812273dfa3c880d4be12a24954c660fb4ae2bd139fd111b4a7d514719d2295f2ed23487a4da4dfaf9ec67ce5291c1e0463aceb37dbd2d60a991aeb86a7c5a26130b9ad047c6036f1126355ebeeac249"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000040)={{0x1, 0x1, 0x4}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f0000000100))

1.439459347s ago: executing program 5 (id=1170):
r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
socket(0x2, 0x80805, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000840), 0x81, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000280)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
fsmount(r0, 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRESHEX], 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x4040800)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.373964303s ago: executing program 0 (id=1172):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
setxattr$security_ima(&(0x7f00000018c0)='./file1\x00', &(0x7f0000001900), 0x0, 0x0, 0x1)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000280)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x4008084)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="020a000307000000"], 0x38}}, 0x0)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r3, &(0x7f0000000400)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0xffffffff}, 0x1c, &(0x7f0000000700)=[{&(0x7f0000000440)="87", 0x1}], 0x1}}, {{&(0x7f0000000080)={0xa, 0x4e22, 0x4, @dev={0xfe, 0x80, '\x00', 0xa}, 0xa}, 0x1c, &(0x7f0000000280)=[{&(0x7f00000022c0)='t', 0x1}], 0x1}}], 0x2, 0x48081)
r4 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x3c00, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r5=>0x0, &(0x7f00000000c0)=<r6=>0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r7}, &(0x7f0000000040), &(0x7f00000003c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r9, 0x5420, &(0x7f0000000100)=0xcf5)
ioctl$TCSETS(r9, 0x40045431, &(0x7f0000000dc0)={0x0, 0x40000001, 0x4, 0x0, 0x2, "0062ba7d8207000000ecf5000000f7ffffff00"})
r10 = syz_open_pts(r9, 0x0)
ioctl$TIOCSTI(r10, 0x5412, &(0x7f0000000280)=0x13)
ioctl$TCXONC(r10, 0x540a, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb:\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x1223}})
io_uring_enter(r4, 0x47f6, 0x0, 0x700000000000000, 0x0, 0x0)
shutdown(r3, 0x1)

1.369076653s ago: executing program 5 (id=1173):
r0 = syz_open_dev$loop(&(0x7f0000000440), 0x7, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x4, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdf}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0x7}, 0x18)
capget(&(0x7f0000000180)={0x19980330}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$IP_VS_SO_GET_SERVICES(r6, 0x0, 0x482, &(0x7f0000000480)=""/209, 0x0)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="2c000000020601020000000000000000000c00000900020073797a3100000002040007800500040000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x20000884}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0x60, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0x2}, {0xffff, 0xffff}, {0x4, 0xb}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x2c, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0x1}, @TCA_FQ_CODEL_FLOWS={0x8, 0x5, 0x1}, @TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5, 0xb, 0xd}, @TCA_FQ_CODEL_INTERVAL={0xffffffdd, 0x3, 0x9}, @TCA_FQ_CODEL_FLOWS={0x8, 0x5, 0x5}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000005c0)={0xffffffffffffffff, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x5, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe10859892d0000b420a9c81f40f05f819e0117020000f20020000000e903001000", "90be8b1c5512406c7f00", [0x4, 0x5]}})
r8 = syz_open_dev$loop(&(0x7f0000000300), 0x8f, 0x0)
ioctl$LOOP_CONFIGURE(r8, 0x4c0a, &(0x7f0000001280)={0xffffffffffffffff, 0x200, {0x2a12, 0x80010000, 0x0, 0x3, 0x20000000000006, 0x0, 0x0, 0x7, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7ca64c6a4b4e00d9683dda1af1ea80000000000000000000000deff1200100000000000000000000000000800", "2809a9000000038948224ad54afac11d875375bdb2420000b420a1a93c7540f4767f9e01177d3dd40600000061ac000000800800", "90be8b1c55f96400", [0x5, 0x9]}})

943.107326ms ago: executing program 0 (id=1175):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
symlink(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
readlink(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000001200)=""/4096, 0x1000)

852.683453ms ago: executing program 0 (id=1176):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = syz_io_uring_setup(0x2f90, &(0x7f00000002c0)={0x0, 0x4dd8, 0x3850, 0x2, 0x200004}, &(0x7f0000000100), &(0x7f0000000140))
r1 = epoll_create(0xaf2)
epoll_pwait2(r1, &(0x7f0000000280)=[{}], 0x1, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0xe000200f})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r4 = io_uring_setup(0x6c4, &(0x7f0000000080)={0x0, 0x4075, 0x18, 0x3})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
pread64(r3, &(0x7f0000000340)=""/20, 0x14, 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r4, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000002700)=""/4096, 0x1000}], 0x0, 0xa}, 0x20)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r5)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r6, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r9=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010028bd7040010000000200000008000300", @ANYRES32=r9], 0x34}}, 0x18)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r5, &(0x7f0000000580)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x30, r8, 0x20, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x7}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000480}, 0x40045)
r10 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r10, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

714.521824ms ago: executing program 0 (id=1177):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)

696.217355ms ago: executing program 0 (id=1178):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000680)='kmem_cache_free\x00', r1}, 0x18)
syz_clone(0x623f, &(0x7f00000006c0), 0x0, 0x0, 0x0, 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)

658.381138ms ago: executing program 0 (id=1180):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r1=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYRES64=r0, @ANYRESOCT=r1, @ANYRESHEX=r1], 0x48)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x1a, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x2, 0x0, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0xffffffd}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x44080)
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newqdisc={0x50, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffe0, 0xa}, {0xf, 0x10}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x20, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x100008}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x6}, @TCA_CAKE_ATM={0x8, 0x4, 0x1}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x55}, 0x4004)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x3, 0x7, @loopback, 0x800000}, 0x1c)

657.812958ms ago: executing program 3 (id=1181):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000d9"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x8, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000004000000000000000300000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b700000000000000950000000000000053a62835ca4f79851bdfd66093770de5a97de9ef1bba6e4644f4f275deb018c378eaa6fc0f8ddadd97a54de0ebed86bce08002826de7f41a137fc0ed0cb424e57d96f8699fdbfbe854b92676d1b8f71e360035ad3402095e5597d6c6ee7a77c0fdb234c1ff04c921540e38a233c441d261d9cd79d521a3b623b3f891cd56ad06c5dbe5b7f9a23b2e9ee86cbdfc9d575aa744bf9cac3655e8dbe59495cdbba9c36555d16812273dfa3c880d4be12a24954c660fb4ae2bd139fd111b4a7d514719d2295f2ed23487a4da4dfaf9ec67ce5291c1e0463aceb37dbd2d60a991aeb86a7c5a26130b9ad047c6036f1126355ebeeac249"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000040)={{0x1, 0x1, 0x4}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
ioctl$SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, &(0x7f0000000100))

589.358513ms ago: executing program 3 (id=1182):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0xa}, {0xffff, 0xffff}, {0x1a, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x2, 0x0, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0xffffffd}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x44080)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x7, @loopback, 0x800000}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x18, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x9, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x40, 0x24, 0xd0f, 0x70bd2c, 0x25dfdbfb, {0x60, 0x0, 0x0, r4, {}, {0xffe0, 0xa}, {0x1, 0x10}}, [@qdisc_kind_options=@q_pfifo_head_drop={{0x14}, {0x8, 0x2, 0x4}}]}, 0x40}}, 0xc010)

557.125676ms ago: executing program 1 (id=1183):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00'}, 0x10)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x4e20, @multicast2}, 0x2, 0x0, 0x3}}, 0x2e)

540.926567ms ago: executing program 1 (id=1184):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2b, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0x20)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0x12, r3, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x6, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

477.195332ms ago: executing program 5 (id=1185):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd2d, 0x1, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0x0, 0x300}, 0x93}, [{0x0, 0x0, 0x200, 0x0, 0xfffffffd, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x3000000, 0x40000000}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8000, 0x5, 0x0, 0xfffffffc, 0x5}, {0x0, 0x8000000}, {0x0, 0x0, 0x800000, 0x0, 0x6}, {0xfffffffd, 0xc3}, {0x2, 0x5}, {0x3}, {}, {0x0, 0x10}, {0x0, 0x470a, 0x0, 0x8000000}, {0x0, 0x0, 0x10, 0x0, 0xfffffffc}, {0x2, 0x0, 0x0, 0x0, 0x6, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x1, 0x0, 0xfff}, {0x0, 0x0, 0x0, 0x8000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x20}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {0x20000}, {0x0, 0x0, 0x8000}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x0, 0x5, 0xfffffffc}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x60569add}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff, 0x9}, {0x0, 0x0, 0x0, 0x0, 0xfffff800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, {}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0xfffffffd}, {}, {0x0, 0x9, 0x0, 0xffffffff, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x33}, {0x80}, {0x80, 0x2}, {0x0, 0x0, 0x0, 0x5, 0x5}, {}, {0x0, 0x0, 0x8}, {0x0, 0x2, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x8, 0x0, 0x3}, {0x0, 0x9}, {0x0, 0xffffffff, 0xfffffffd}, {0x0, 0x0, 0x0, 0x8510, 0x400}, {0xffff}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0xfffefffd}, {0x0, 0x0, 0x0, 0x1}, {}, {0x5}, {0x0, 0x0, 0x2000, 0x0, 0x0, 0x8000000}, {0x0, 0x7}, {}, {0xffffffff, 0x0, 0x0, 0xfffffffe, 0xd, 0x9}, {0x0, 0xfffffff9, 0x200}, {0x0, 0x0, 0x40, 0x200}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, {0x4, 0x0, 0x0, 0x0, 0x80}, {}, {0x0, 0x0, 0x800, 0x0, 0x2}, {0xdb3, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x3, 0xfffffffe}, {0x0, 0x0, 0x0, 0x4, 0x9}, {}, {0x0, 0x0, 0x0, 0x0, 0x1, 0x7}, {0x0, 0xb}, {0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x56}, {0x0, 0x9797, 0x0, 0xec33, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, {0xb, 0x0, 0x0, 0x0, 0x0, 0xfe1}, {0x0, 0x3, 0x0, 0x0, 0x4}, {0x0, 0x0, 0xfffffffc}, {}, {0x0, 0xfffffffd}, {0x6}, {0x7f}, {}, {0x0, 0x8, 0x0, 0x0, 0xfffffffe}, {0x4, 0x2, 0x2000000, 0x2, 0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0xe9d, 0x58a}, {0x2}, {0x2, 0x9, 0x22000000}, {0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0xe600, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x101}, {0x0, 0x5, 0x0, 0x7, 0x1}, {0x0, 0x5, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x10000, 0x0, 0x0, 0xfffffffc}, {0x3, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x40000000}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0xfffffffb, 0x0, 0x0, 0x0, 0x8000}, {0x6, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, {0x2d, 0x0, 0x10000}, {0x0, 0x0, 0x8000, 0x0, 0x0, 0x1000}, {0x0, 0x8000}, {0x7, 0x0, 0x10000}, {0x0, 0x80000000, 0x0, 0x7fff800, 0x4}, {0x0, 0x3}, {0x80, 0x0, 0x0, 0x0, 0xd}], [{}, {}, {0x0, 0x1}, {0x1}, {}, {0x3}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x4, 0x1}, {0x0, 0x1}, {}, {0x5, 0x1}, {}, {0x4}, {0x3, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {0x4}, {}, {}, {0x1}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x4}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {0x0, 0x1}, {}, {0x5}, {0x5}, {0x4}, {}, {}, {}, {}, {}, {0x5}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x1, 0x1}, {}, {0x1}, {}, {0x5}, {}, {0x3, 0x1}, {}, {}, {}, {0x0, 0x1}, {0x1}, {0x1, 0x1}, {}, {}, {}, {}, {0x5, 0x1}, {}, {}, {}, {0x2}, {}, {}, {0x4}, {0x2}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)

325.343794ms ago: executing program 1 (id=1186):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x7, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xbf)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x0)

305.542306ms ago: executing program 1 (id=1187):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x7, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xbf)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
close(r2)
unlinkat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x0)

287.777478ms ago: executing program 1 (id=1188):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000020000008500000086000000"], &(0x7f0000000e80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
writev(r2, &(0x7f0000000400)=[{&(0x7f0000000040)="aa1d484ea0c00000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e44", 0x2b}], 0x1)

251.67667ms ago: executing program 1 (id=1189):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0, r3, 0x0, 0x3}, 0x18)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02003c000b05d25a806f8c6394f90124fc600c05000f90c60100053582c137153e370a48018004f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x5}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

0s ago: executing program 5 (id=1190):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r1=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYRES64=r0, @ANYRESOCT=r1, @ANYRESHEX=r1], 0x48)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0xa}, {0xffff, 0xffff}, {0x1a, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x2, 0x0, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0xffffffd}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x44080)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x3, 0x7, @loopback, 0x800000}, 0x1c)

kernel console output (not intermixed with test programs):

T3981] Node 0 DMA32 free:2945972kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2949500kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:3528kB free_cma:0kB
[   51.609572][ T3991] netlink: 24 bytes leftover after parsing attributes in process `syz.0.155'.
[   51.627341][ T3981] lowmem_reserve[]: 0 0 4978 4978
[   51.627384][ T3981] Node 0 Normal free:4464224kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:97888kB inactive_anon:0kB active_file:74632kB inactive_file:9004kB unevictable:0kB writepending:1028kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:59444kB local_pcp:50236kB free_cma:0kB
[   51.756584][ T3947] dvmrp1: left allmulticast mode
[   51.764796][ T3981] lowmem_reserve[]: 0 0 0 0
[   51.812406][ T3981] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   51.825109][ T3981] Node 0 DMA32: 5*4kB (M) 2*8kB (M) 5*16kB (M) 2*32kB (M) 4*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 716*4096kB (M) = 2945972kB
[   51.841804][ T3981] Node 0 Normal: 69*4kB (UME) 18*8kB (U) 12*16kB (UME) 24*32kB (UME) 12*64kB (UM) 10*128kB (UME) 8*256kB (UME) 8*512kB (UM) 2*1024kB (UM) 2*2048kB (ME) 1086*4096kB (M) = 4463972kB
[   51.859915][ T3981] Node 0 hugepages_total=6 hugepages_free=6 hugepages_surp=2 hugepages_size=2048kB
[   51.869277][ T3981] 37584 total pagecache pages
[   51.874000][ T3981] 0 pages in swap cache
[   51.878164][ T3981] Free swap  = 124996kB
[   51.882312][ T3981] Total swap = 124996kB
[   51.886528][ T3981] 2097051 pages RAM
[   51.890385][ T3981] 0 pages HighMem/MovableOnly
[   51.895103][ T3981] 81276 pages reserved
[   51.924550][ T3970] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   51.972347][ T3993] FAULT_INJECTION: forcing a failure.
[   51.972347][ T3993] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   51.985514][ T3993] CPU: 1 UID: 0 PID: 3993 Comm: syz.2.156 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   51.985609][ T3993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   51.985622][ T3993] Call Trace:
[   51.985628][ T3993]  <TASK>
[   51.985635][ T3993]  __dump_stack+0x1d/0x30
[   51.985660][ T3993]  dump_stack_lvl+0xe8/0x140
[   51.985692][ T3993]  dump_stack+0x15/0x1b
[   51.985711][ T3993]  should_fail_ex+0x265/0x280
[   51.985797][ T3993]  should_fail+0xb/0x20
[   51.985815][ T3993]  should_fail_usercopy+0x1a/0x20
[   51.985866][ T3993]  strncpy_from_user+0x27/0x260
[   51.985910][ T3993]  getname_flags+0xae/0x3b0
[   51.986034][ T3993]  __se_sys_statx+0x5e/0x1b0
[   51.986066][ T3993]  ? vfs_write+0x7e8/0x960
[   51.986087][ T3993]  ? __rcu_read_unlock+0x4f/0x70
[   51.986162][ T3993]  ? __fget_files+0x184/0x1c0
[   51.986192][ T3993]  ? mutex_unlock+0x4f/0x90
[   51.986222][ T3993]  ? fput+0x8f/0xc0
[   51.986255][ T3993]  ? ksys_write+0x192/0x1a0
[   51.986275][ T3993]  __x64_sys_statx+0x67/0x80
[   51.986309][ T3993]  x64_sys_call+0x2d43/0x3000
[   51.986339][ T3993]  do_syscall_64+0xd8/0x2c0
[   51.986407][ T3993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.986428][ T3993] RIP: 0033:0x7f4701f2f749
[   51.986442][ T3993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.986500][ T3993] RSP: 002b:00007f4700997038 EFLAGS: 00000246 ORIG_RAX: 000000000000014c
[   51.986522][ T3993] RAX: ffffffffffffffda RBX: 00007f4702185fa0 RCX: 00007f4701f2f749
[   51.986535][ T3993] RDX: 0000000000006000 RSI: 0000200000000c80 RDI: ffffffffffffffff
[   51.986546][ T3993] RBP: 00007f4700997090 R08: 0000000000000000 R09: 0000000000000000
[   51.986587][ T3993] R10: 0000000000000010 R11: 0000000000000246 R12: 0000000000000001
[   51.986602][ T3993] R13: 00007f4702186038 R14: 00007f4702185fa0 R15: 00007ffdf1de5588
[   51.986626][ T3993]  </TASK>
[   52.192349][ T3993] dvmrp1: entered allmulticast mode
[   52.219476][ T3993] netlink: 4 bytes leftover after parsing attributes in process `syz.2.156'.
[   52.231295][ T4000] netlink: 'syz.4.159': attribute type 10 has an invalid length.
[   52.244542][ T4000] netlink: 'syz.4.159': attribute type 10 has an invalid length.
[   52.262472][ T4000] .`: (slave dummy0): Enslaving as an active interface with an up link
[   52.292912][ T4000] loop4: detected capacity change from 0 to 1024
[   52.310124][ T4000] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   52.321108][ T4000] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   52.331212][ T4000] JBD2: no valid journal superblock found
[   52.337043][ T4000] EXT4-fs (loop4): Could not load journal inode
[   52.373949][ T4000] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   52.506854][ T3992] dvmrp1: left allmulticast mode
[   52.508729][ T4011] netlink: 4 bytes leftover after parsing attributes in process `syz.1.163'.
[   52.582865][ T4013] netlink: 16 bytes leftover after parsing attributes in process `syz.0.160'.
[   52.597048][  T793] Bluetooth: hci0: Frame reassembly failed (-84)
[   52.896178][ T4017] loop2: detected capacity change from 0 to 512
[   52.903031][ T4017] ext4: Bad value for 'max_dir_size_kb'
[   53.145014][ T4025] loop2: detected capacity change from 0 to 8192
[   53.278241][ T4033] netlink: 'syz.2.171': attribute type 10 has an invalid length.
[   53.290427][ T4033] team0: Port device dummy0 added
[   53.300178][ T4033] netlink: 'syz.2.171': attribute type 10 has an invalid length.
[   53.312690][ T4033] team0: Port device dummy0 removed
[   53.329791][ T4033] .`: (slave dummy0): Enslaving as an active interface with an up link
[   53.374037][ T4033] loop2: detected capacity change from 0 to 1024
[   53.384421][ T4033] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   53.395408][ T4033] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   53.407174][ T4033] JBD2: no valid journal superblock found
[   53.412929][ T4033] EXT4-fs (loop2): Could not load journal inode
[   53.420754][ T2849] Bluetooth: hci1: Frame reassembly failed (-84)
[   53.427417][ T4035] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   53.447046][ T4033] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   53.575859][ T4047] loop4: detected capacity change from 0 to 512
[   53.582956][ T4047] ext4: Bad value for 'max_dir_size_kb'
[   53.641616][ T4054] FAULT_INJECTION: forcing a failure.
[   53.641616][ T4054] name failslab, interval 1, probability 0, space 0, times 0
[   53.654408][ T4054] CPU: 1 UID: 0 PID: 4054 Comm: syz.2.179 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   53.654440][ T4054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   53.654451][ T4054] Call Trace:
[   53.654457][ T4054]  <TASK>
[   53.654465][ T4054]  __dump_stack+0x1d/0x30
[   53.654492][ T4054]  dump_stack_lvl+0xe8/0x140
[   53.654512][ T4054]  dump_stack+0x15/0x1b
[   53.654582][ T4054]  should_fail_ex+0x265/0x280
[   53.654603][ T4054]  should_failslab+0x8c/0xb0
[   53.654623][ T4054]  kmem_cache_alloc_noprof+0x69/0x4b0
[   53.654642][ T4054]  ? audit_log_start+0x342/0x720
[   53.654663][ T4054]  audit_log_start+0x342/0x720
[   53.654684][ T4054]  ? __rcu_read_unlock+0x4f/0x70
[   53.654703][ T4054]  audit_seccomp+0x48/0x100
[   53.654731][ T4054]  ? __seccomp_filter+0x832/0x1260
[   53.654796][ T4054]  __seccomp_filter+0x843/0x1260
[   53.654823][ T4054]  ? __schedule+0x85f/0xcd0
[   53.654922][ T4054]  ? __cond_resched+0x4e/0x90
[   53.654999][ T4054]  __secure_computing+0x82/0x150
[   53.655023][ T4054]  syscall_trace_enter+0xcf/0x1e0
[   53.655120][ T4054]  do_syscall_64+0xb2/0x2c0
[   53.655199][ T4054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.655219][ T4054] RIP: 0033:0x7f4701f2e15c
[   53.655232][ T4054] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   53.655274][ T4054] RSP: 002b:00007f4700997030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   53.655290][ T4054] RAX: ffffffffffffffda RBX: 00007f4702185fa0 RCX: 00007f4701f2e15c
[   53.655302][ T4054] RDX: 000000000000000f RSI: 00007f47009970a0 RDI: 0000000000000006
[   53.655312][ T4054] RBP: 00007f4700997090 R08: 0000000000000000 R09: 0000000000000000
[   53.655368][ T4054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.655379][ T4054] R13: 00007f4702186038 R14: 00007f4702185fa0 R15: 00007ffdf1de5588
[   53.655397][ T4054]  </TASK>
[   53.939589][ T4064] 9p: Bad value for 'rfdno'
[   53.941255][ T4056] netlink: 24 bytes leftover after parsing attributes in process `syz.4.178'.
[   53.998837][  T793] Bluetooth: hci2: Frame reassembly failed (-84)
[   54.007139][ T4066] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   54.495093][ T4071] netlink: 'syz.4.186': attribute type 10 has an invalid length.
[   54.504351][ T4071] .`: (slave dummy0): Releasing backup interface
[   54.512348][ T4071] netlink: 'syz.4.186': attribute type 10 has an invalid length.
[   54.522429][ T4071] .`: (slave dummy0): Enslaving as an active interface with an up link
[   54.548325][ T4071] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   54.559256][ T4071] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   54.569205][ T4071] JBD2: no valid journal superblock found
[   54.575029][ T4071] EXT4-fs (loop4): Could not load journal inode
[   54.575027][ T3560] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   54.597155][ T4071] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   54.648947][ T4076] ext4: Bad value for 'max_dir_size_kb'
[   54.715368][ T4079] syzkaller0: entered promiscuous mode
[   54.720983][ T4079] syzkaller0: entered allmulticast mode
[   54.841054][ T4090] 9p: Bad value for 'rfdno'
[   54.858749][ T4088] netlink: 24 bytes leftover after parsing attributes in process `syz.1.191'.
[   54.899709][ T4092] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[   54.908285][ T4092] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.195: invalid indirect mapped block 2683928664 (level 1)
[   54.922514][ T4092] EXT4-fs (loop4): Remounting filesystem read-only
[   54.929524][ T4092] EXT4-fs (loop4): 1 truncate cleaned up
[   54.935616][ T4092] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.949180][   T29] kauditd_printk_skb: 1021 callbacks suppressed
[   54.949233][   T29] audit: type=1400 audit(1765887536.760:2416): avc:  denied  { quotaon } for  pid=4091 comm="syz.4.195" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   54.977874][   T29] audit: type=1400 audit(1765887536.760:2417): avc:  denied  { read write } for  pid=4091 comm="syz.4.195" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   55.001053][   T29] audit: type=1400 audit(1765887536.760:2418): avc:  denied  { open } for  pid=4091 comm="syz.4.195" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   55.024123][   T29] audit: type=1400 audit(1765887536.760:2419): avc:  denied  { ioctl } for  pid=4091 comm="syz.4.195" path="/dev/ppp" dev="devtmpfs" ino=140 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   55.106072][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.179965][   T29] audit: type=1326 audit(1765887536.990:2420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4099 comm="syz.4.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[   55.203704][   T29] audit: type=1326 audit(1765887536.990:2421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4099 comm="syz.4.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[   55.227136][   T29] audit: type=1326 audit(1765887537.000:2422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4099 comm="syz.4.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[   55.250408][   T29] audit: type=1326 audit(1765887537.000:2423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4099 comm="syz.4.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[   55.273850][   T29] audit: type=1326 audit(1765887537.000:2424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4099 comm="syz.4.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[   55.297181][   T29] audit: type=1326 audit(1765887537.000:2425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4099 comm="syz.4.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[   55.453600][   T44] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   55.661975][ T4108] netlink: 'syz.0.199': attribute type 10 has an invalid length.
[   55.724516][ T4108] netlink: 'syz.0.199': attribute type 10 has an invalid length.
[   55.748518][ T4109] set_capacity_and_notify: 3 callbacks suppressed
[   55.748548][ T4109] loop4: detected capacity change from 0 to 512
[   55.826823][ T4109] ext4: Bad value for 'max_dir_size_kb'
[   55.864891][ T4113] loop0: detected capacity change from 0 to 1024
[   55.877653][ T4113] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   55.888640][ T4113] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   55.909436][ T4113] JBD2: no valid journal superblock found
[   55.915268][ T4113] EXT4-fs (loop0): Could not load journal inode
[   55.929779][ T4112] syzkaller0: entered promiscuous mode
[   55.935392][ T4112] syzkaller0: entered allmulticast mode
[   55.962587][ T4108] team0: Port device dummy0 removed
[   55.976960][ T4113] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   55.992449][ T4108] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   56.013902][ T3560] Bluetooth: hci2: command 0x1003 tx timeout
[   56.019927][ T4040] Bluetooth: hci2: Opcode 0x1003 failed: -110
[   56.045841][ T4115] syzkaller0: entered promiscuous mode
[   56.051559][ T4115] syzkaller0: entered allmulticast mode
[   56.111159][ T4120] 9p: Bad value for 'rfdno'
[   56.137978][ T4124] loop0: detected capacity change from 0 to 512
[   56.163521][ T4124] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13
[   56.172095][ T4124] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.207: invalid indirect mapped block 2683928664 (level 1)
[   56.188058][ T4124] EXT4-fs (loop0): Remounting filesystem read-only
[   56.194930][ T4124] EXT4-fs (loop0): 1 truncate cleaned up
[   56.201250][ T4124] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.257197][ T4130] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   56.257197][ T4130]    program syz.2.209 not setting count and/or reply_len properly
[   56.297159][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.379215][ T4148] netlink: 24 bytes leftover after parsing attributes in process `syz.1.212'.
[   56.395097][ T4150] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   56.395097][ T4150]    program syz.0.214 not setting count and/or reply_len properly
[   56.409663][ T4152] netlink: 'syz.2.217': attribute type 10 has an invalid length.
[   56.424618][ T4152] .`: (slave dummy0): Releasing backup interface
[   56.431366][ T4145] loop4: detected capacity change from 0 to 512
[   56.440955][ T4152] team0: Port device dummy0 added
[   56.449524][ T4152] netlink: 'syz.2.217': attribute type 10 has an invalid length.
[   56.458765][ T4145] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   56.466831][ T4145] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[   56.475056][ T4145] System zones: 0-1, 15-15, 18-18, 34-34
[   56.476107][ T4152] team0: Port device dummy0 removed
[   56.480820][ T4145] EXT4-fs (loop4): orphan cleanup on readonly fs
[   56.492548][ T4145] EXT4-fs warning (device loop4): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   56.507250][ T4145] EXT4-fs (loop4): Cannot turn on quotas: error -22
[   56.515874][ T4145] EXT4-fs (loop4): 1 truncate cleaned up
[   56.522900][ T4152] .`: (slave dummy0): Enslaving as an active interface with an up link
[   56.531733][ T4145] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   56.582453][ T4152] loop2: detected capacity change from 0 to 1024
[   56.592153][ T4158] loop0: detected capacity change from 0 to 512
[   56.599290][ T4152] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   56.608906][ T4158] ext4: Bad value for 'max_dir_size_kb'
[   56.610263][ T4152] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   56.634779][ T4152] JBD2: no valid journal superblock found
[   56.640641][ T4152] EXT4-fs (loop2): Could not load journal inode
[   56.649444][ T4152] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   56.771566][ T4169] 9p: Bad value for 'rfdno'
[   56.783472][ T4173] loop2: detected capacity change from 0 to 512
[   56.802072][ T4173] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13
[   56.813945][ T4173] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.224: invalid indirect mapped block 2683928664 (level 1)
[   56.830066][  T381] Bluetooth: hci0: Frame reassembly failed (-84)
[   56.842012][ T4173] EXT4-fs (loop2): Remounting filesystem read-only
[   56.849684][ T4173] EXT4-fs (loop2): 1 truncate cleaned up
[   56.859995][ T4168] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   56.869300][ T4173] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.938009][ T4182] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   56.938009][ T4182]    program syz.0.228 not setting count and/or reply_len properly
[   57.024263][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.084051][ T4184] netlink: 24 bytes leftover after parsing attributes in process `syz.1.229'.
[   57.131754][ T4192] loop0: detected capacity change from 0 to 4096
[   57.141103][ T4192] EXT4-fs: Ignoring removed nomblk_io_submit option
[   57.159908][ T4195] loop1: detected capacity change from 0 to 512
[   57.166967][ T4195] ext4: Bad value for 'max_dir_size_kb'
[   57.193407][ T4192] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.238535][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.278391][ T4199] netlink: 'syz.1.234': attribute type 10 has an invalid length.
[   57.350297][ T4199] .`: (slave dummy0): Releasing backup interface
[   57.361993][ T4199] team0: Port device dummy0 added
[   57.371006][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.383677][ T4207] netlink: 'syz.1.234': attribute type 10 has an invalid length.
[   57.413372][ T4207] team0: Port device dummy0 removed
[   57.438498][ T4207] .`: (slave dummy0): Enslaving as an active interface with an up link
[   57.454187][ T4199] loop1: detected capacity change from 0 to 1024
[   57.461393][ T4199] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   57.472330][ T4199] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   57.513334][ T4199] JBD2: no valid journal superblock found
[   57.519178][ T4199] EXT4-fs (loop1): Could not load journal inode
[   57.536157][ T4199] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   57.643667][ T4225] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[   57.662100][ T4225] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.241: invalid indirect mapped block 2683928664 (level 1)
[   57.687559][ T4225] EXT4-fs (loop4): Remounting filesystem read-only
[   57.695271][ T4223] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   57.695271][ T4223]    program syz.1.240 not setting count and/or reply_len properly
[   57.723577][ T4225] EXT4-fs (loop4): 1 truncate cleaned up
[   57.739936][ T4225] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.800010][ T4233] ext4: Bad value for 'max_dir_size_kb'
[   57.885549][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.914280][ T4230] netlink: 24 bytes leftover after parsing attributes in process `syz.2.243'.
[   57.948390][ T4240] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   57.998611][ T4240] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4240 comm=syz.4.246
[   58.011053][ T4240] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4240 comm=syz.4.246
[   58.131973][ T4260] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   58.131973][ T4260]    program syz.1.254 not setting count and/or reply_len properly
[   58.182472][ T4261] EXT4-fs: Ignoring removed nomblk_io_submit option
[   58.208935][ T4262] netlink: 24 bytes leftover after parsing attributes in process `syz.0.250'.
[   58.222624][ T4261] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.240230][ T4264] ext4: Bad value for 'max_dir_size_kb'
[   58.287296][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.339390][ T4270] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13
[   58.352705][ T4270] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.256: invalid indirect mapped block 2683928664 (level 1)
[   58.369424][ T4270] EXT4-fs (loop2): Remounting filesystem read-only
[   58.376378][ T4270] EXT4-fs (loop2): 1 truncate cleaned up
[   58.384064][ T4270] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.468599][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.750221][ T4296] EXT4-fs: Ignoring removed nomblk_io_submit option
[   58.786648][ T4296] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.803718][ T4298] syzkaller0: entered promiscuous mode
[   58.809310][ T4298] syzkaller0: entered allmulticast mode
[   58.832933][ T4301] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[   58.846289][ T4301] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.269: invalid indirect mapped block 2683928664 (level 1)
[   58.861201][ T4301] EXT4-fs (loop4): Remounting filesystem read-only
[   58.861808][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.868233][ T4301] EXT4-fs (loop4): 1 truncate cleaned up
[   58.883738][ T4301] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.896323][ T4040] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   58.968454][ T4308] netlink: 'syz.2.270': attribute type 10 has an invalid length.
[   59.027900][ T4313] netlink: 'syz.2.270': attribute type 10 has an invalid length.
[   59.055694][ T4306] netlink: 83992 bytes leftover after parsing attributes in process `syz.1.272'.
[   59.074182][ T4306] netlink: zone id is out of range
[   59.079352][ T4306] netlink: zone id is out of range
[   59.170004][ T4306] netlink: zone id is out of range
[   59.214600][ T4323] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   59.225832][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.235457][ T4308] .`: (slave dummy0): Releasing backup interface
[   59.244684][ T4323] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   59.369114][ T4308] team0: Port device dummy0 added
[   59.414848][ T4306] netlink: set zone limit has 8 unknown bytes
[   59.430031][ T4315] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   59.440997][ T4315] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   59.559069][ T4315] JBD2: no valid journal superblock found
[   59.564864][ T4315] EXT4-fs (loop2): Could not load journal inode
[   59.583572][ T4313] team0: Port device dummy0 removed
[   59.591462][ T4313] .`: (slave dummy0): Enslaving as an active interface with an up link
[   59.599947][ T4318] netlink: 16 bytes leftover after parsing attributes in process `syz.0.271'.
[   59.603179][ T4308] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   59.612068][ T4331] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   59.661336][ T4331] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   59.969007][   T29] kauditd_printk_skb: 1185 callbacks suppressed
[   59.969036][   T29] audit: type=1326 audit(1765887541.780:3610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4345 comm="syz.1.282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   59.986437][ T4344] netlink: 24 bytes leftover after parsing attributes in process `syz.0.281'.
[   60.010884][   T29] audit: type=1326 audit(1765887541.810:3611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4345 comm="syz.1.282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   60.034353][   T29] audit: type=1326 audit(1765887541.810:3612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4345 comm="syz.1.282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   60.057723][   T29] audit: type=1326 audit(1765887541.810:3613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4345 comm="syz.1.282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   60.080991][   T29] audit: type=1326 audit(1765887541.810:3614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4345 comm="syz.1.282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   60.104383][   T29] audit: type=1326 audit(1765887541.810:3615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4345 comm="syz.1.282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   60.127967][   T29] audit: type=1326 audit(1765887541.810:3616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4345 comm="syz.1.282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   60.151318][   T29] audit: type=1326 audit(1765887541.810:3617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4345 comm="syz.1.282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   60.174781][   T29] audit: type=1326 audit(1765887541.810:3618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4345 comm="syz.1.282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   60.198104][   T29] audit: type=1326 audit(1765887541.810:3619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4345 comm="syz.1.282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   60.264132][ T4356] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[   60.272449][ T4356] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.286: invalid indirect mapped block 2683928664 (level 1)
[   60.292059][ T4356] EXT4-fs (loop1): Remounting filesystem read-only
[   60.298794][ T4356] EXT4-fs (loop1): 1 truncate cleaned up
[   60.304979][ T4356] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   60.364277][ T3325] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.634229][ T4369] netlink: 16 bytes leftover after parsing attributes in process `syz.2.289'.
[   61.011675][   T12] Bluetooth: hci0: Frame reassembly failed (-84)
[   61.374852][ T4387] netlink: 24 bytes leftover after parsing attributes in process `syz.2.297'.
[   61.987765][ T4391] set_capacity_and_notify: 12 callbacks suppressed
[   61.987785][ T4391] loop2: detected capacity change from 0 to 512
[   62.009966][ T4391] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13
[   62.021331][ T4391] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.298: invalid indirect mapped block 2683928664 (level 1)
[   62.035597][ T4391] EXT4-fs (loop2): Remounting filesystem read-only
[   62.042294][ T4391] EXT4-fs (loop2): 1 truncate cleaned up
[   62.049205][ T4391] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.126918][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.215303][ T4402] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   62.422956][ T4421] loop3: detected capacity change from 0 to 512
[   62.437399][ T4421] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[   62.446094][ T4421] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.310: invalid indirect mapped block 2683928664 (level 1)
[   62.460684][ T4421] EXT4-fs (loop3): Remounting filesystem read-only
[   62.467477][ T4421] EXT4-fs (loop3): 1 truncate cleaned up
[   62.473843][ T4421] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.555279][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.600809][ T4427] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   62.611574][ T4427] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   63.063859][ T3560] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   63.325995][ T4433] mmap: syz.0.313 (4433) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   63.345806][ T4437] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   63.427226][ T4437] netlink: 4 bytes leftover after parsing attributes in process `syz.1.315'.
[   63.436308][ T4437] bridge_slave_1: left allmulticast mode
[   63.441958][ T4437] bridge_slave_1: left promiscuous mode
[   63.447709][ T4437] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.467322][ T4437] bridge_slave_0: left allmulticast mode
[   63.473390][ T4437] bridge_slave_0: left promiscuous mode
[   63.479321][ T4437] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.553284][ T4448] loop0: detected capacity change from 0 to 512
[   63.560147][ T4448] ext4: Bad value for 'max_dir_size_kb'
[   63.568287][ T4444] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   63.601916][ T4451] netlink: 24 bytes leftover after parsing attributes in process `syz.2.317'.
[   63.634353][ T4444] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4444 comm=syz.3.318
[   63.646779][ T4444] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4444 comm=syz.3.318
[   63.870167][ T4465] netlink: 16 bytes leftover after parsing attributes in process `syz.0.320'.
[   64.108286][ T4462] netlink: 24 bytes leftover after parsing attributes in process `syz.1.323'.
[   64.216677][ T4467] netlink: 16 bytes leftover after parsing attributes in process `syz.1.324'.
[   64.334146][ T4477] syzkaller0: entered promiscuous mode
[   64.339663][ T4477] syzkaller0: entered allmulticast mode
[   64.947277][ T4496] netlink: 4 bytes leftover after parsing attributes in process `syz.1.334'.
[   64.975797][   T29] kauditd_printk_skb: 859 callbacks suppressed
[   64.975814][   T29] audit: type=1400 audit(1765887546.780:4479): avc:  denied  { kexec_image_load } for  pid=4495 comm="syz.1.334" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[   65.014724][   T29] audit: type=1400 audit(1765887546.820:4480): avc:  denied  { create } for  pid=4495 comm="syz.1.334" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   65.034286][   T29] audit: type=1400 audit(1765887546.820:4481): avc:  denied  { name_bind } for  pid=4495 comm="syz.1.334" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   65.188901][   T29] audit: type=1326 audit(1765887546.870:4482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4497 comm="syz.0.335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e877f749 code=0x7ffc0000
[   65.212301][   T29] audit: type=1326 audit(1765887546.870:4483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4497 comm="syz.0.335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd7e877f783 code=0x7ffc0000
[   65.235586][   T29] audit: type=1326 audit(1765887546.870:4484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4497 comm="syz.0.335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fd7e877f807 code=0x7ffc0000
[   65.258825][   T29] audit: type=1326 audit(1765887546.870:4485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4497 comm="syz.0.335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fd7e8736bdd code=0x7ffc0000
[   65.282177][   T29] audit: type=1326 audit(1765887546.870:4486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4497 comm="syz.0.335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7fd7e87b3e89 code=0x7ffc0000
[   65.289540][   T31] Bluetooth: hci0: Frame reassembly failed (-84)
[   65.305536][   T29] audit: type=1326 audit(1765887546.870:4488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4497 comm="syz.0.335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7fd7e8736357 code=0x7ffc0000
[   65.305566][   T29] audit: type=1326 audit(1765887546.870:4487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4497 comm="syz.0.335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fd7e8736c47 code=0x7ffc0000
[   65.392541][ T4505] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   65.410850][ T4505] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4505 comm=syz.2.336
[   65.423322][ T4505] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4505 comm=syz.2.336
[   65.510846][ T4512] netlink: 16 bytes leftover after parsing attributes in process `syz.0.338'.
[   65.584498][ T4519] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   65.584498][ T4519]    program syz.4.341 not setting count and/or reply_len properly
[   65.594633][ T4521] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   65.636839][ T4521] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4521 comm=syz.0.342
[   65.649319][ T4521] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4521 comm=syz.0.342
[   65.824439][ T4531] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   65.824439][ T4531]    program syz.4.345 not setting count and/or reply_len properly
[   65.842205][ T4532] netlink: 16 bytes leftover after parsing attributes in process `syz.3.343'.
[   66.281320][ T4540] FAULT_INJECTION: forcing a failure.
[   66.281320][ T4540] name failslab, interval 1, probability 0, space 0, times 0
[   66.294027][ T4540] CPU: 0 UID: 0 PID: 4540 Comm: syz.2.347 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   66.294052][ T4540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   66.294067][ T4540] Call Trace:
[   66.294075][ T4540]  <TASK>
[   66.294139][ T4540]  __dump_stack+0x1d/0x30
[   66.294176][ T4540]  dump_stack_lvl+0xe8/0x140
[   66.294199][ T4540]  dump_stack+0x15/0x1b
[   66.294246][ T4540]  should_fail_ex+0x265/0x280
[   66.294273][ T4540]  should_failslab+0x8c/0xb0
[   66.294298][ T4540]  __kmalloc_cache_noprof+0x65/0x4c0
[   66.294320][ T4540]  ? audit_log_d_path+0x8d/0x150
[   66.294393][ T4540]  audit_log_d_path+0x8d/0x150
[   66.294414][ T4540]  audit_log_d_path_exe+0x42/0x70
[   66.294442][ T4540]  audit_log_task+0x1e9/0x250
[   66.294526][ T4540]  audit_seccomp+0x61/0x100
[   66.294554][ T4540]  ? __seccomp_filter+0x832/0x1260
[   66.294630][ T4540]  __seccomp_filter+0x843/0x1260
[   66.294668][ T4540]  ? _raw_spin_unlock+0x26/0x50
[   66.294699][ T4540]  ? finish_task_switch+0x7a/0x2a0
[   66.294732][ T4540]  __secure_computing+0x82/0x150
[   66.294759][ T4540]  syscall_trace_enter+0xcf/0x1e0
[   66.294923][ T4540]  do_syscall_64+0xb2/0x2c0
[   66.295012][ T4540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.295034][ T4540] RIP: 0033:0x7f4701f2f749
[   66.295055][ T4540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.295071][ T4540] RSP: 002b:00007f4700996e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   66.295093][ T4540] RAX: ffffffffffffffda RBX: 000000000000053a RCX: 00007f4701f2f749
[   66.295144][ T4540] RDX: 00007f4700996ef0 RSI: 0000000000000000 RDI: 00007f4701fb4960
[   66.295158][ T4540] RBP: 0000200000000c80 R08: 00007f4700996bb7 R09: 00007f4700996e40
[   66.295172][ T4540] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000100
[   66.295221][ T4540] R13: 00007f4700996ef0 R14: 00007f4700996eb0 R15: 00002000000000c0
[   66.295241][ T4540]  </TASK>
[   66.302468][ T4540] loop2: detected capacity change from 0 to 512
[   66.860857][ T4540] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.874002][ T4540] ext4 filesystem being mounted at /85/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.884613][ T4544] loop3: detected capacity change from 0 to 8192
[   66.887736][ T4548] loop0: detected capacity change from 0 to 8192
[   66.899474][ T4554] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   66.928248][ T4554] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   66.954708][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.986027][ T4040] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   67.068124][ T4562] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   67.077272][ T4563] FAULT_INJECTION: forcing a failure.
[   67.077272][ T4563] name failslab, interval 1, probability 0, space 0, times 0
[   67.090089][ T4563] CPU: 1 UID: 0 PID: 4563 Comm: syz.0.355 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   67.090122][ T4563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   67.090136][ T4563] Call Trace:
[   67.090143][ T4563]  <TASK>
[   67.090151][ T4563]  __dump_stack+0x1d/0x30
[   67.090194][ T4563]  dump_stack_lvl+0xe8/0x140
[   67.090287][ T4563]  dump_stack+0x15/0x1b
[   67.090314][ T4563]  should_fail_ex+0x265/0x280
[   67.090344][ T4563]  should_failslab+0x8c/0xb0
[   67.090373][ T4563]  __kmalloc_node_track_caller_noprof+0xb9/0x5b0
[   67.090415][ T4563]  ? resume_store+0xf2/0x3d0
[   67.090434][ T4563]  ? __pfx_resume_store+0x10/0x10
[   67.090453][ T4563]  kstrndup+0x80/0x130
[   67.090476][ T4563]  resume_store+0xf2/0x3d0
[   67.090499][ T4563]  ? _copy_from_iter+0x13e/0xe70
[   67.090599][ T4563]  ? should_fail_ex+0xdb/0x280
[   67.090627][ T4563]  ? __pfx_resume_store+0x10/0x10
[   67.090724][ T4563]  kobj_attr_store+0x4a/0x70
[   67.090746][ T4563]  ? __pfx_kobj_attr_store+0x10/0x10
[   67.090820][ T4563]  sysfs_kf_write+0xfe/0x120
[   67.090884][ T4563]  ? __pfx_sysfs_kf_write+0x10/0x10
[   67.090904][ T4563]  kernfs_fop_write_iter+0x1eb/0x300
[   67.091023][ T4563]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[   67.091062][ T4563]  vfs_write+0x52a/0x960
[   67.091089][ T4563]  ksys_write+0xda/0x1a0
[   67.091179][ T4563]  __x64_sys_write+0x40/0x50
[   67.091211][ T4563]  x64_sys_call+0x2847/0x3000
[   67.091295][ T4563]  do_syscall_64+0xd8/0x2c0
[   67.091352][ T4563]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.091380][ T4563] RIP: 0033:0x7fd7e877f749
[   67.091398][ T4563] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.091463][ T4563] RSP: 002b:00007fd7e71df038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   67.091482][ T4563] RAX: ffffffffffffffda RBX: 00007fd7e89d5fa0 RCX: 00007fd7e877f749
[   67.091494][ T4563] RDX: 0000000000000012 RSI: 0000200000000040 RDI: 0000000000000007
[   67.091506][ T4563] RBP: 00007fd7e71df090 R08: 0000000000000000 R09: 0000000000000000
[   67.091595][ T4563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.091612][ T4563] R13: 00007fd7e89d6038 R14: 00007fd7e89d5fa0 R15: 00007ffe860907d8
[   67.091663][ T4563]  </TASK>
[   67.398445][ T4574] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4574 comm=syz.2.354
[   67.410990][ T4574] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4574 comm=syz.2.354
[   67.499971][ T4591] loop0: detected capacity change from 0 to 512
[   67.520628][ T4591] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   67.534236][ T4591] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   67.546126][ T4591] EXT4-fs (loop0): failed to initialize system zone (-117)
[   67.561314][ T4591] EXT4-fs (loop0): mount failed
[   67.623395][ T4598] loop3: detected capacity change from 0 to 8192
[   67.642361][ T4603] loop1: detected capacity change from 0 to 256
[   67.666500][ T4603] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   67.684754][ T4605] netlink: 8 bytes leftover after parsing attributes in process `syz.0.371'.
[   67.709039][ T4608] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   67.749823][ T4608] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4608 comm=syz.3.372
[   67.762230][ T4608] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4608 comm=syz.3.372
[   67.778617][ T4612] netlink: 28 bytes leftover after parsing attributes in process `syz.0.374'.
[   67.818759][ T4612] team0: Port device team_slave_1 removed
[   68.040001][ T4644] syzkaller0: entered promiscuous mode
[   68.045704][ T4644] syzkaller0: entered allmulticast mode
[   68.763912][ T4663] FAULT_INJECTION: forcing a failure.
[   68.763912][ T4663] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   68.777136][ T4663] CPU: 0 UID: 0 PID: 4663 Comm: syz.3.394 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   68.777171][ T4663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   68.777264][ T4663] Call Trace:
[   68.777293][ T4663]  <TASK>
[   68.777303][ T4663]  __dump_stack+0x1d/0x30
[   68.777335][ T4663]  dump_stack_lvl+0xe8/0x140
[   68.777436][ T4663]  dump_stack+0x15/0x1b
[   68.777459][ T4663]  should_fail_ex+0x265/0x280
[   68.777522][ T4663]  should_fail+0xb/0x20
[   68.777548][ T4663]  should_fail_usercopy+0x1a/0x20
[   68.777578][ T4663]  _copy_to_user+0x20/0xa0
[   68.777616][ T4663]  simple_read_from_buffer+0xb5/0x130
[   68.777645][ T4663]  proc_fail_nth_read+0x10e/0x150
[   68.777738][ T4663]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   68.777775][ T4663]  vfs_read+0x1a8/0x770
[   68.777799][ T4663]  ? __rcu_read_unlock+0x4f/0x70
[   68.777825][ T4663]  ? __fget_files+0x184/0x1c0
[   68.777922][ T4663]  ? mutex_lock+0x58/0x90
[   68.777959][ T4663]  ksys_read+0xda/0x1a0
[   68.778026][ T4663]  __x64_sys_read+0x40/0x50
[   68.778044][ T4663]  x64_sys_call+0x2889/0x3000
[   68.778072][ T4663]  do_syscall_64+0xd8/0x2c0
[   68.778117][ T4663]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.778208][ T4663] RIP: 0033:0x7fe1aea7e15c
[   68.778229][ T4663] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   68.778288][ T4663] RSP: 002b:00007fe1ad4e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   68.778313][ T4663] RAX: ffffffffffffffda RBX: 00007fe1aecd5fa0 RCX: 00007fe1aea7e15c
[   68.778330][ T4663] RDX: 000000000000000f RSI: 00007fe1ad4e70a0 RDI: 0000000000000007
[   68.778388][ T4663] RBP: 00007fe1ad4e7090 R08: 0000000000000000 R09: 0000000000000000
[   68.778469][ T4663] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[   68.778485][ T4663] R13: 00007fe1aecd6038 R14: 00007fe1aecd5fa0 R15: 00007fff3f0359d8
[   68.778511][ T4663]  </TASK>
[   69.052041][ T4669] __nla_validate_parse: 6 callbacks suppressed
[   69.052078][ T4669] netlink: 16 bytes leftover after parsing attributes in process `syz.1.397'.
[   69.071348][ T4665] syzkaller0: entered promiscuous mode
[   69.076895][ T4665] syzkaller0: entered allmulticast mode
[   69.653198][ T4704] netlink: 16 bytes leftover after parsing attributes in process `syz.2.411'.
[   69.728164][ T4708] netlink: 16 bytes leftover after parsing attributes in process `syz.1.407'.
[   69.757374][ T4707] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   69.804593][ T3560] Bluetooth: hci0: sending frame failed (-49)
[   69.810819][ T4040] Bluetooth: hci0: Opcode 0x1003 failed: -49
[   70.141606][   T29] kauditd_printk_skb: 852 callbacks suppressed
[   70.141620][   T29] audit: type=1400 audit(1765887551.950:5341): avc:  denied  { connect } for  pid=4718 comm="syz.4.416" lport=17 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   70.258815][   T29] audit: type=1326 audit(1765887552.070:5342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4723 comm="syz.4.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[   70.282421][   T29] audit: type=1326 audit(1765887552.070:5343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4723 comm="syz.4.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[   70.348395][   T29] audit: type=1326 audit(1765887552.070:5344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4723 comm="syz.4.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[   70.371801][   T29] audit: type=1326 audit(1765887552.070:5345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4723 comm="syz.4.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[   70.395220][   T29] audit: type=1326 audit(1765887552.070:5346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4723 comm="syz.4.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[   70.418648][   T29] audit: type=1326 audit(1765887552.120:5347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4693 comm="syz.1.407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   70.441987][   T29] audit: type=1326 audit(1765887552.150:5348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4723 comm="syz.4.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[   70.465644][   T29] audit: type=1326 audit(1765887552.150:5349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4723 comm="syz.4.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[   70.488979][   T29] audit: type=1326 audit(1765887552.150:5350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4723 comm="syz.4.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[   70.531706][ T4730] loop3: detected capacity change from 0 to 8192
[   70.637168][ T4738] loop2: detected capacity change from 0 to 512
[   70.649298][ T4738] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   70.700741][ T4738] EXT4-fs (loop2): 1 orphan inode deleted
[   70.706654][ T4738] EXT4-fs (loop2): 1 truncate cleaned up
[   70.721134][ T4738] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.746321][ T4738] EXT4-fs error (device loop2): ext4_lookup:1785: inode #15: comm syz.2.424: iget: bad extra_isize 46 (inode size 256)
[   70.767092][ T4738] EXT4-fs (loop2): Remounting filesystem read-only
[   70.800290][ T4753] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   70.881843][ T4757] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4757 comm=syz.3.430
[   70.894396][ T4757] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4757 comm=syz.3.430
[   71.342186][ T4794] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   71.342186][ T4794]    program syz.0.446 not setting count and/or reply_len properly
[   71.419470][ T4799] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   71.451612][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.483757][ T4804] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4804 comm=syz.0.448
[   71.496359][ T4804] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4804 comm=syz.0.448
[   71.715059][ T4826] loop3: detected capacity change from 0 to 8192
[   71.760092][ T4810] chnl_net:caif_netlink_parms(): no params data found
[   71.824276][ T4810] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.831525][ T4810] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.839312][ T4810] bridge_slave_0: entered allmulticast mode
[   71.846009][ T4810] bridge_slave_0: entered promiscuous mode
[   71.853172][ T4810] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.858992][ T4838] netlink: 4 bytes leftover after parsing attributes in process `syz.3.462'.
[   71.860346][ T4810] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.875808][   T37] Bluetooth: hci0: Frame reassembly failed (-84)
[   71.876521][ T4810] bridge_slave_1: entered allmulticast mode
[   71.889287][ T4810] bridge_slave_1: entered promiscuous mode
[   71.901507][ T4838] team0 (unregistering): Port device team_slave_0 removed
[   71.910952][ T4838] team0 (unregistering): Port device team_slave_1 removed
[   71.935051][ T4810] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.946266][ T4810] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.967133][ T4810] team0: Port device team_slave_0 added
[   71.974047][ T4810] team0: Port device team_slave_1 added
[   71.993118][ T4810] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.000182][ T4810] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   72.026320][ T4810] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   72.037801][ T4810] batman_adv: batadv0: Adding interface: batadv_slave_1
[   72.044843][ T4810] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   72.070850][ T4810] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   72.101222][ T4810] hsr_slave_0: entered promiscuous mode
[   72.107961][ T4810] hsr_slave_1: entered promiscuous mode
[   72.114025][ T4810] debugfs: 'hsr0' already exists in 'hsr'
[   72.119775][ T4810] Cannot create hsr debugfs directory
[   72.218080][ T4810] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   72.227415][ T4810] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   72.237418][ T4810] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   72.251624][ T4810] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   72.307101][ T4810] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.326152][ T4810] 8021q: adding VLAN 0 to HW filter on device team0
[   72.337577][  T407] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.344764][  T407] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.358492][  T407] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.365752][  T407] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.456720][ T4868] loop4: detected capacity change from 0 to 512
[   72.466150][ T4866] loop0: detected capacity change from 0 to 512
[   72.472919][ T4866] ext4: Bad value for 'max_dir_size_kb'
[   72.511167][ T4868] ------------[ cut here ]------------
[   72.516815][ T4868] EA inode 11 i_nlink=1026
[   72.516841][ T4868] WARNING: fs/ext4/xattr.c:1058 at ext4_xattr_inode_update_ref+0x2e6/0x320, CPU#1: syz.4.470/4868
[   72.532195][ T4868] Modules linked in:
[   72.536311][ T4868] CPU: 1 UID: 0 PID: 4868 Comm: syz.4.470 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   72.542919][ T4810] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.546116][ T4868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   72.563083][ T4868] RIP: 0010:ext4_xattr_inode_update_ref+0x305/0x320
[   72.569772][ T4868] Code: 11 d1 9c ff 4c 8d 2d 6a bf 20 05 49 8d 7e 40 e8 91 63 b8 ff 49 8b 6e 40 4c 89 e7 e8 a5 5e b8 ff 41 8b 56 48 4c 89 ef 48 89 ee <67> 48 0f b9 3a e9 2b ff ff ff e8 ac ed ba 03 66 66 66 2e 0f 1f 84
[   72.589635][ T4868] RSP: 0018:ffffc90012bcf5a0 EFLAGS: 00010246
[   72.595790][ T4868] RAX: ffff88811b8f5d10 RBX: ffff88811ad797b0 RCX: ffffffff81bb4deb
[   72.603932][ T4868] RDX: 0000000000000402 RSI: 000000000000000b RDI: ffffffff86dc0d40
[   72.611931][ T4868] RBP: 000000000000000b R08: 000188811ad79763 R09: 0000000000000000
[   72.619970][ T4868] R10: ffffc90012bcf4d0 R11: 0001c90012bcf4d0 R12: ffff88811ad79760
[   72.628057][ T4868] R13: ffffffff86dc0d40 R14: ffff88811ad79718 R15: 0000000000000001
[   72.636108][ T4868] FS:  00007f94ce3c76c0(0000) GS:ffff8882aeec2000(0000) knlGS:0000000000000000
[   72.645098][ T4868] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   72.651697][ T4868] CR2: 00007feddb54a000 CR3: 000000011fb9e000 CR4: 00000000003506f0
[   72.659912][ T4868] Call Trace:
[   72.663289][ T4868]  <TASK>
[   72.666306][ T4868]  ext4_xattr_set_entry+0x77f/0x1020
[   72.671675][ T4868]  ext4_xattr_ibody_set+0x184/0x3c0
[   72.677024][ T4868]  ext4_expand_extra_isize_ea+0xcbb/0x11f0
[   72.683007][ T4868]  __ext4_expand_extra_isize+0x246/0x280
[   72.688727][ T4868]  __ext4_mark_inode_dirty+0x29d/0x3f0
[   72.694311][ T4868]  ext4_evict_inode+0x7c4/0xd40
[   72.699377][ T4868]  ? __pfx_ext4_evict_inode+0x10/0x10
[   72.705044][ T4868]  evict+0x2af/0x510
[   72.709011][ T4868]  ? __dquot_initialize+0x146/0x7c0
[   72.714305][ T4868]  iput+0x4bd/0x650
[   72.718217][ T4868]  ext4_process_orphan+0x1a9/0x1c0
[   72.723438][ T4868]  ext4_orphan_cleanup+0x6a8/0xa00
[   72.728657][ T4868]  ext4_fill_super+0x3411/0x37a0
[   72.733763][ T4868]  ? set_blocksize+0x1a8/0x310
[   72.738628][ T4868]  ? sb_set_blocksize+0xfc/0x170
[   72.743654][ T4868]  ? setup_bdev_super+0x30e/0x370
[   72.748763][ T4868]  ? __pfx_ext4_fill_super+0x10/0x10
[   72.754130][ T4868]  get_tree_bdev_flags+0x291/0x300
[   72.759274][ T4868]  ? __pfx_ext4_fill_super+0x10/0x10
[   72.764629][ T4868]  get_tree_bdev+0x1f/0x30
[   72.769103][ T4868]  ext4_get_tree+0x1c/0x30
[   72.773688][ T4868]  vfs_get_tree+0x57/0x1d0
[   72.778136][ T4868]  do_new_mount+0x24d/0x6a0
[   72.782680][ T4868]  path_mount+0x4ab/0xb80
[   72.787149][ T4868]  ? user_path_at+0xbf/0x130
[   72.791804][ T4868]  __se_sys_mount+0x28c/0x2e0
[   72.796812][ T4868]  __x64_sys_mount+0x67/0x80
[   72.801494][ T4868]  x64_sys_call+0x2cca/0x3000
[   72.806326][ T4868]  do_syscall_64+0xd8/0x2c0
[   72.810901][ T4868]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.816997][ T4868] RIP: 0033:0x7f94cf960eea
[   72.821434][ T4868] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.841148][ T4868] RSP: 002b:00007f94ce3c6e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   72.849677][ T4868] RAX: ffffffffffffffda RBX: 00007f94ce3c6ef0 RCX: 00007f94cf960eea
[   72.857960][ T4868] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f94ce3c6eb0
[   72.866104][ T4868] RBP: 0000200000000180 R08: 00007f94ce3c6ef0 R09: 0000000000800718
[   72.874456][ T4868] R10: 0000000000800718 R11: 0000000000000246 R12: 00002000000001c0
[   72.882472][ T4868] R13: 00007f94ce3c6eb0 R14: 000000000000047c R15: 0000200000000200
[   72.890526][ T4868]  </TASK>
[   72.893641][ T4868] ---[ end trace 0000000000000000 ]---
[   72.901211][ T4868] EXT4-fs (loop4): 1 orphan inode deleted
[   72.909580][ T4868] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.965169][  T793] Bluetooth: hci1: Frame reassembly failed (-84)
[   73.037181][ T4810] veth0_vlan: entered promiscuous mode
[   73.048262][ T4810] veth1_vlan: entered promiscuous mode
[   73.064728][ T4810] veth0_macvtap: entered promiscuous mode
[   73.072416][ T4810] veth1_macvtap: entered promiscuous mode
[   73.084610][ T4810] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.097165][ T4810] batman_adv: batadv0: Interface activated: batadv_slave_1
[   73.108630][  T407] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.171255][  T407] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.205733][  T407] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.220542][  T407] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.232749][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.341741][ T4917] loop5: detected capacity change from 0 to 512
[   73.349047][ T4917] ext4: Bad value for 'max_dir_size_kb'
[   73.467238][ T4932] netlink: 16 bytes leftover after parsing attributes in process `syz.1.487'.
[   73.527965][ T4939] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   73.527965][ T4939]    program syz.1.489 not setting count and/or reply_len properly
[   73.727209][ T4966] loop4: detected capacity change from 0 to 512
[   73.741150][ T4969] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   73.741150][ T4969]    program syz.1.501 not setting count and/or reply_len properly
[   73.748689][ T4966] ext4: Unknown parameter 'nouser_xattr'
[   73.884998][ T4966] netlink: 296 bytes leftover after parsing attributes in process `syz.4.499'.
[   73.934011][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[   73.935582][ T3560] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   74.060122][ T4998] loop1: detected capacity change from 0 to 164
[   74.085824][ T4998] iso9660: Corrupted directory entry in block 2 of inode 1920
[   74.204648][ T5010] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   74.236900][ T5013] netlink: 4 bytes leftover after parsing attributes in process `syz.3.520'.
[   74.247803][  T851] Bluetooth: hci0: Frame reassembly failed (-84)
[   74.360988][ T5022] netlink: 16 bytes leftover after parsing attributes in process `syz.1.517'.
[   74.434053][ T5025] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   74.973618][ T4040] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   75.166935][ T5046] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   75.203708][ T5050] netlink: 16 bytes leftover after parsing attributes in process `syz.1.530'.
[   75.215289][   T29] kauditd_printk_skb: 1005 callbacks suppressed
[   75.215304][   T29] audit: type=1326 audit(1765887557.030:6356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5049 comm="syz.1.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   75.246739][   T29] audit: type=1326 audit(1765887557.030:6357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5049 comm="syz.1.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   75.246782][   T29] audit: type=1326 audit(1765887557.030:6358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5049 comm="syz.1.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   75.246813][   T29] audit: type=1326 audit(1765887557.030:6359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5049 comm="syz.1.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   75.246848][   T29] audit: type=1326 audit(1765887557.030:6360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5049 comm="syz.1.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   75.246879][   T29] audit: type=1326 audit(1765887557.030:6361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5049 comm="syz.1.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   75.246986][   T29] audit: type=1326 audit(1765887557.030:6362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5049 comm="syz.1.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   75.247089][   T29] audit: type=1326 audit(1765887557.030:6363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5049 comm="syz.1.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   75.247196][   T29] audit: type=1326 audit(1765887557.030:6364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5049 comm="syz.1.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   75.247236][   T29] audit: type=1326 audit(1765887557.030:6365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5049 comm="syz.1.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   75.597892][ T5070] loop4: detected capacity change from 0 to 512
[   75.605958][ T5070] ext4: Bad value for 'max_dir_size_kb'
[   75.705777][ T5082] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   75.705777][ T5082]    program syz.4.538 not setting count and/or reply_len properly
[   75.752902][ T4472] Bluetooth: hci2: Frame reassembly failed (-84)
[   75.763216][ T5079] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   75.861691][ T5093] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   75.861691][ T5093]    program syz.1.543 not setting count and/or reply_len properly
[   76.078900][ T5106] loop0: detected capacity change from 0 to 512
[   76.085758][ T5106] ext4: Bad value for 'max_dir_size_kb'
[   76.169957][ T5112] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   76.249255][ T5116] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   76.253629][ T4040] Bluetooth: hci0: command 0x1003 tx timeout
[   76.257452][ T3560] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   76.367169][ T5129] netlink: 16 bytes leftover after parsing attributes in process `syz.3.558'.
[   76.459437][ T4472] Bluetooth: hci0: Frame reassembly failed (-84)
[   76.485556][ T5139] netlink: 4 bytes leftover after parsing attributes in process `syz.4.564'.
[   76.688612][ T5159] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   76.688612][ T5159]    program syz.0.571 not setting count and/or reply_len properly
[   76.697665][ T5161] netlink: 16 bytes leftover after parsing attributes in process `syz.3.572'.
[   76.752303][ T5167] bond0 (unregistering): Released all slaves
[   76.856424][ T5183] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   76.898910][ T5189] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   76.898910][ T5189]    program syz.1.584 not setting count and/or reply_len properly
[   76.942710][ T5194] netlink: 4 bytes leftover after parsing attributes in process `syz.0.586'.
[   76.958329][ T5194] team0 (unregistering): Port device team_slave_0 removed
[   76.970808][ T5196] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   77.271432][ T5213] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   77.271432][ T5213]    program syz.1.595 not setting count and/or reply_len properly
[   77.350390][ T1356] Bluetooth: hci1: Frame reassembly failed (-84)
[   77.356983][ T1356] Bluetooth: hci1: Frame reassembly failed (-84)
[   77.362742][ T5219] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   77.708116][ T5221] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   77.773890][ T4067] Bluetooth: hci2: command 0x1003 tx timeout
[   77.779944][   T44] Bluetooth: hci2: Opcode 0x1003 failed: -110
[   77.821281][ T5228] loop3: detected capacity change from 0 to 512
[   77.827988][ T5228] ext4: Bad value for 'max_dir_size_kb'
[   77.878705][ T5235] netlink: 16 bytes leftover after parsing attributes in process `syz.3.605'.
[   77.890236][ T5239] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   77.890236][ T5239]    program syz.0.606 not setting count and/or reply_len properly
[   77.945570][ T5246] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   77.974346][ T5016] Bluetooth: hci2: Frame reassembly failed (-84)
[   78.047206][ T5260] loop3: detected capacity change from 0 to 512
[   78.054301][ T5260] ext4: Bad value for 'max_dir_size_kb'
[   78.513583][ T3560] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   78.882697][ T5282] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   79.206827][ T1356] Bluetooth: hci0: Frame reassembly failed (-84)
[   79.224384][ T5300] team0 (unregistering): Port device team_slave_0 removed
[   79.238949][ T5300] team0 (unregistering): Port device team_slave_1 removed
[   79.271870][ T4501] Bluetooth: hci3: Frame reassembly failed (-84)
[   79.295556][ T5304] __nla_validate_parse: 5 callbacks suppressed
[   79.295577][ T5304] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   79.373673][ T4040] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   79.403385][ T5309] loop1: detected capacity change from 0 to 512
[   79.410138][ T5309] ext4: Bad value for 'max_dir_size_kb'
[   79.999284][ T5326] loop3: detected capacity change from 0 to 164
[   80.006749][ T5326] Unable to read rock-ridge attributes
[   80.023601][ T4040] Bluetooth: hci2: command 0x1003 tx timeout
[   80.025967][ T5224] Bluetooth: hci2: Opcode 0x1003 failed: -110
[   80.178844][ T5337] netlink: 83992 bytes leftover after parsing attributes in process `syz.0.644'.
[   80.198927][ T5337] netlink: zone id is out of range
[   80.204131][ T5337] netlink: zone id is out of range
[   80.211513][ T5337] netlink: zone id is out of range
[   80.226197][ T5337] netlink: set zone limit has 8 unknown bytes
[   80.489322][   T29] kauditd_printk_skb: 1247 callbacks suppressed
[   80.489358][   T29] audit: type=1326 audit(1765887562.300:7611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5344 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e877f749 code=0x7ffc0000
[   80.518632][   T29] audit: type=1326 audit(1765887562.300:7612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5344 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd7e877f749 code=0x7ffc0000
[   80.541735][   T29] audit: type=1326 audit(1765887562.300:7613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5344 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e877f749 code=0x7ffc0000
[   80.564683][   T29] audit: type=1326 audit(1765887562.300:7614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5344 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7fd7e877f749 code=0x7ffc0000
[   80.588171][   T29] audit: type=1326 audit(1765887562.400:7615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5344 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e877f749 code=0x7ffc0000
[   80.611208][   T29] audit: type=1326 audit(1765887562.400:7616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5344 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e877f749 code=0x7ffc0000
[   80.634175][   T29] audit: type=1326 audit(1765887562.430:7617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5346 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e877f749 code=0x7ffc0000
[   80.657536][   T29] audit: type=1326 audit(1765887562.430:7618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5346 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e877f749 code=0x7ffc0000
[   80.680979][   T29] audit: type=1326 audit(1765887562.430:7619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5346 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7fd7e877f749 code=0x7ffc0000
[   80.704466][   T29] audit: type=1326 audit(1765887562.430:7620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5346 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e877f749 code=0x7ffc0000
[   80.717810][ T5349] loop0: detected capacity change from 0 to 1024
[   80.734987][ T5349] EXT4-fs (loop0): Invalid log cluster size: 30
[   80.925799][ T5361] netlink: 83992 bytes leftover after parsing attributes in process `syz.3.653'.
[   80.945986][ T5361] netlink: zone id is out of range
[   80.951137][ T5361] netlink: zone id is out of range
[   80.967844][ T5361] netlink: zone id is out of range
[   80.992560][ T5361] netlink: set zone limit has 8 unknown bytes
[   81.321790][ T3622] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   81.328246][ T5224] Bluetooth: hci0: command 0x1003 tx timeout
[   81.334425][ T4040] Bluetooth: hci3: command 0x1003 tx timeout
[   81.463860][ T3560] Bluetooth: hci3: Opcode 0x1003 failed: -110
[   81.696402][ T5382] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   81.705387][ T5383] netlink: 16 bytes leftover after parsing attributes in process `syz.0.662'.
[   81.835793][ T1356] Bluetooth: hci0: Frame reassembly failed (-84)
[   81.845920][ T5390] netlink: 12 bytes leftover after parsing attributes in process `syz.1.667'.
[   81.878770][ T5387] netlink: 4 bytes leftover after parsing attributes in process `syz.0.665'.
[   81.982560][ T5399] FAULT_INJECTION: forcing a failure.
[   81.982560][ T5399] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   81.995946][ T5399] CPU: 1 UID: 0 PID: 5399 Comm: syz.3.668 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   81.996053][ T5399] Tainted: [W]=WARN
[   81.996062][ T5399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   81.996076][ T5399] Call Trace:
[   81.996085][ T5399]  <TASK>
[   81.996094][ T5399]  __dump_stack+0x1d/0x30
[   81.996132][ T5399]  dump_stack_lvl+0xe8/0x140
[   81.996230][ T5399]  dump_stack+0x15/0x1b
[   81.996256][ T5399]  should_fail_ex+0x265/0x280
[   81.996287][ T5399]  should_fail+0xb/0x20
[   81.996312][ T5399]  should_fail_usercopy+0x1a/0x20
[   81.996384][ T5399]  _copy_from_iter+0xcf/0xe70
[   81.996418][ T5399]  ? __alloc_skb+0x3bb/0x4d0
[   81.996448][ T5399]  ? __alloc_skb+0x24d/0x4d0
[   81.996483][ T5399]  netlink_sendmsg+0x471/0x6b0
[   81.996574][ T5399]  ? __pfx_netlink_sendmsg+0x10/0x10
[   81.996615][ T5399]  __sock_sendmsg+0x145/0x180
[   81.996641][ T5399]  ____sys_sendmsg+0x31e/0x4a0
[   81.996718][ T5399]  ___sys_sendmsg+0x17b/0x1d0
[   81.996772][ T5399]  __x64_sys_sendmsg+0xd4/0x160
[   81.996815][ T5399]  x64_sys_call+0x17ba/0x3000
[   81.996907][ T5399]  do_syscall_64+0xd8/0x2c0
[   81.996951][ T5399]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.996987][ T5399] RIP: 0033:0x7fe1aea7f749
[   81.997006][ T5399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.997102][ T5399] RSP: 002b:00007fe1ad4e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   81.997121][ T5399] RAX: ffffffffffffffda RBX: 00007fe1aecd5fa0 RCX: 00007fe1aea7f749
[   81.997132][ T5399] RDX: 0000000020000050 RSI: 00002000000002c0 RDI: 0000000000000004
[   81.997146][ T5399] RBP: 00007fe1ad4e7090 R08: 0000000000000000 R09: 0000000000000000
[   81.997187][ T5399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.997203][ T5399] R13: 00007fe1aecd6038 R14: 00007fe1aecd5fa0 R15: 00007fff3f0359d8
[   81.997229][ T5399]  </TASK>
[   82.461348][ T5425] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   82.513213][ T5428] netlink: 28 bytes leftover after parsing attributes in process `syz.5.678'.
[   82.549438][ T5431] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   82.979545][ T5435] syzkaller0: entered promiscuous mode
[   82.985198][ T5435] syzkaller0: entered allmulticast mode
[   83.148764][ T5437] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   83.363701][ T5453] loop4: detected capacity change from 0 to 512
[   83.370486][ T5453] ext4: Bad value for 'max_dir_size_kb'
[   83.464892][ T5466] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   83.615602][ T5474] netlink: 16 bytes leftover after parsing attributes in process `syz.4.694'.
[   83.956412][ T5224] Bluetooth: hci0: command 0x1003 tx timeout
[   84.013623][ T3560] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   84.276214][ T5486] loop5: detected capacity change from 0 to 512
[   84.283309][ T5486] ext4: Bad value for 'max_dir_size_kb'
[   84.366709][   T31] Bluetooth: hci0: Frame reassembly failed (-84)
[   84.394765][ T5497] FAULT_INJECTION: forcing a failure.
[   84.394765][ T5497] name failslab, interval 1, probability 0, space 0, times 0
[   84.394795][ T5497] CPU: 1 UID: 0 PID: 5497 Comm: syz.3.701 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   84.394824][ T5497] Tainted: [W]=WARN
[   84.394844][ T5497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   84.394887][ T5497] Call Trace:
[   84.394895][ T5497]  <TASK>
[   84.394904][ T5497]  __dump_stack+0x1d/0x30
[   84.394931][ T5497]  dump_stack_lvl+0xe8/0x140
[   84.394955][ T5497]  dump_stack+0x15/0x1b
[   84.395031][ T5497]  should_fail_ex+0x265/0x280
[   84.395055][ T5497]  should_failslab+0x8c/0xb0
[   84.395077][ T5497]  __kmalloc_cache_noprof+0x65/0x4c0
[   84.395102][ T5497]  ? audit_log_d_path+0x8d/0x150
[   84.395148][ T5497]  audit_log_d_path+0x8d/0x150
[   84.395170][ T5497]  audit_log_d_path_exe+0x42/0x70
[   84.395193][ T5497]  audit_log_task+0x1e9/0x250
[   84.395249][ T5497]  ? kstrtouint+0x76/0xc0
[   84.395270][ T5497]  audit_seccomp+0x61/0x100
[   84.395301][ T5497]  ? __seccomp_filter+0x832/0x1260
[   84.395362][ T5497]  __seccomp_filter+0x843/0x1260
[   84.395391][ T5497]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   84.395421][ T5497]  ? vfs_write+0x7e8/0x960
[   84.395439][ T5497]  ? __rcu_read_unlock+0x4f/0x70
[   84.395471][ T5497]  ? __fget_files+0x184/0x1c0
[   84.395562][ T5497]  __secure_computing+0x82/0x150
[   84.395591][ T5497]  syscall_trace_enter+0xcf/0x1e0
[   84.395661][ T5497]  do_syscall_64+0xb2/0x2c0
[   84.395740][ T5497]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.395762][ T5497] RIP: 0033:0x7fe1aea7f749
[   84.395848][ T5497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.395930][ T5497] RSP: 002b:00007fe1ad4e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e3
[   84.395949][ T5497] RAX: ffffffffffffffda RBX: 00007fe1aecd5fa0 RCX: 00007fe1aea7f749
[   84.395962][ T5497] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000fffffffb
[   84.395974][ T5497] RBP: 00007fe1ad4e7090 R08: 0000000000000000 R09: 0000000000000000
[   84.395986][ T5497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   84.395998][ T5497] R13: 00007fe1aecd6038 R14: 00007fe1aecd5fa0 R15: 00007fff3f0359d8
[   84.396019][ T5497]  </TASK>
[   84.692418][ T5016] Bluetooth: hci1: Frame reassembly failed (-84)
[   84.739830][ T5516] netlink: 4 bytes leftover after parsing attributes in process `syz.3.707'.
[   84.780595][ T5527] loop4: detected capacity change from 0 to 512
[   84.787309][ T5527] ext4: Bad value for 'max_dir_size_kb'
[   84.901759][ T5540] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   84.923981][ T5540] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   85.681396][   T29] kauditd_printk_skb: 2450 callbacks suppressed
[   85.681416][   T29] audit: type=1400 audit(1765887569.492:10071): avc:  denied  { execmem } for  pid=5548 comm="syz.0.719" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   85.787317][   T29] audit: type=1326 audit(1765887569.602:10072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5551 comm="syz.1.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   85.811011][   T29] audit: type=1326 audit(1765887569.602:10073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5551 comm="syz.1.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   85.834646][   T29] audit: type=1326 audit(1765887569.602:10074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5551 comm="syz.1.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   85.858512][   T29] audit: type=1326 audit(1765887569.602:10075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5551 comm="syz.1.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   85.864558][ T5554] loop1: detected capacity change from 0 to 512
[   85.882126][   T29] audit: type=1326 audit(1765887569.602:10076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5551 comm="syz.1.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd7084f749 code=0x7ffc0000
[   85.896552][ T5554] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   85.923673][ T5554] EXT4-fs (loop1): failed to initialize system zone (-117)
[   85.931080][ T5554] EXT4-fs (loop1): mount failed
[   86.210403][   T29] audit: type=1400 audit(1765887570.022:10077): avc:  denied  { recv } for  pid=5548 comm="syz.0.719" saddr=10.128.0.163 src=30036 daddr=10.128.0.66 dest=37410 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[   86.423576][ T3560] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   86.643074][   T29] audit: type=1400 audit(1765887570.452:10078): avc:  denied  { read write } for  pid=5553 comm="syz.1.721" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   86.667230][   T29] audit: type=1400 audit(1765887570.452:10079): avc:  denied  { open } for  pid=5553 comm="syz.1.721" path="/dev/loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   86.691285][   T29] audit: type=1400 audit(1765887570.452:10080): avc:  denied  { ioctl } for  pid=5553 comm="syz.1.721" path="/dev/loop1" dev="devtmpfs" ino=101 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   86.734343][ T3622] Bluetooth: hci1: command 0x1003 tx timeout
[   86.740529][ T5224] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   86.742938][ T5559] syzkaller0: entered promiscuous mode
[   86.752348][ T5559] syzkaller0: entered allmulticast mode
[   86.906804][ T5575] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   86.939968][ T5575] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5575 comm=syz.0.727
[   86.952415][ T5575] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5575 comm=syz.0.727
[   86.965949][ T5576] netlink: 24 bytes leftover after parsing attributes in process `syz.3.725'.
[   87.543982][ T5582] netlink: 'syz.5.729': attribute type 10 has an invalid length.
[   87.554629][ T5582] netlink: 'syz.5.729': attribute type 10 has an invalid length.
[   87.564890][ T5582] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   87.597648][ T5582] loop5: detected capacity change from 0 to 1024
[   87.604874][ T5582] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   87.615809][ T5582] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   87.628048][ T5582] JBD2: no valid journal superblock found
[   87.633854][ T5582] EXT4-fs (loop5): Could not load journal inode
[   87.652286][ T5582] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   87.687093][ T5584] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   87.732048][ T5584] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5584 comm=syz.1.730
[   87.744476][ T5584] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5584 comm=syz.1.730
[   87.805700][ T5593] loop0: detected capacity change from 0 to 1024
[   87.813447][ T5593] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   87.834402][ T5593] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=484ce01c, mo2=0000]
[   87.844210][ T5593] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #3: block 2: comm syz.0.734: lblock 2 mapped to illegal pblock 2 (length 1)
[   87.858968][ T5593] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #3: block 48: comm syz.0.734: lblock 0 mapped to illegal pblock 48 (length 1)
[   87.874000][ T5593] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.734: Failed to acquire dquot type 0
[   87.896924][ T5593] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6298: Corrupt filesystem
[   87.906608][ T5593] EXT4-fs error (device loop0): ext4_evict_inode:253: inode #11: comm syz.0.734: mark_inode_dirty error
[   88.071623][ T5593] EXT4-fs warning (device loop0): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[   88.113654][ T5593] EXT4-fs (loop0): 1 orphan inode deleted
[   88.133860][ T5593] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.290372][ T5610] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   88.290372][ T5610]    program syz.4.737 not setting count and/or reply_len properly
[   88.308737][ T5593] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #2: block 16: comm syz.0.734: lblock 0 mapped to illegal pblock 16 (length 1)
[   88.712342][ T5626] netlink: 'syz.3.742': attribute type 10 has an invalid length.
[   88.771819][ T5627] netlink: 'syz.3.742': attribute type 10 has an invalid length.
[   88.813432][ T5627] .`: (slave dummy0): Enslaving as an active interface with an up link
[   88.836827][   T31] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:1: lblock 1 mapped to illegal pblock 1 (length 1)
[   88.884677][   T31] EXT4-fs error (device loop0): ext4_release_dquot:7022: comm kworker/u8:1: Failed to release dquot type 0
[   88.928011][ T5626] loop3: detected capacity change from 0 to 1024
[   88.938593][ T5593] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   88.964060][ T5626] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   88.975249][ T5626] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   89.018639][ T5639] netlink: 16 bytes leftover after parsing attributes in process `syz.4.748'.
[   89.022162][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.039687][ T5626] JBD2: no valid journal superblock found
[   89.045521][ T5626] EXT4-fs (loop3): Could not load journal inode
[   89.063007][ T5626] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   89.472880][ T5674] netlink: 16 bytes leftover after parsing attributes in process `syz.1.753'.
[   89.646576][ T5681] netlink: 16 bytes leftover after parsing attributes in process `syz.0.763'.
[   89.665250][ T5682] netlink: 'syz.3.766': attribute type 10 has an invalid length.
[   89.703883][ T5679] syzkaller0: entered promiscuous mode
[   89.709466][ T5679] syzkaller0: entered allmulticast mode
[   89.735653][ T5682] .`: (slave dummy0): Releasing backup interface
[   89.750057][ T5683] netlink: 'syz.3.766': attribute type 10 has an invalid length.
[   89.794599][ T5683] .`: (slave dummy0): Enslaving as an active interface with an up link
[   89.922145][ T5682] loop3: detected capacity change from 0 to 1024
[   89.945600][ T5682] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   89.956606][ T5682] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   90.024553][ T5682] JBD2: no valid journal superblock found
[   90.030343][ T5682] EXT4-fs (loop3): Could not load journal inode
[   90.037306][ T5688] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   90.037306][ T5688]    program syz.4.768 not setting count and/or reply_len properly
[   90.037595][ T5687] netlink: 83992 bytes leftover after parsing attributes in process `syz.0.767'.
[   90.096119][ T5682] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   90.114261][ T5687] netlink: zone id is out of range
[   90.119425][ T5687] netlink: zone id is out of range
[   90.124899][ T5693] netlink: 16 bytes leftover after parsing attributes in process `syz.4.770'.
[   90.146958][ T5687] netlink: zone id is out of range
[   90.189933][ T5687] netlink: set zone limit has 8 unknown bytes
[   90.331255][ T5710] netlink: 16 bytes leftover after parsing attributes in process `syz.3.778'.
[   90.354604][ T5708] netlink: 28 bytes leftover after parsing attributes in process `syz.4.777'.
[   90.524188][ T5719] loop3: detected capacity change from 0 to 512
[   90.531255][ T5719] ext4: Bad value for 'max_dir_size_kb'
[   90.646496][ T5724] netlink: 'syz.4.783': attribute type 10 has an invalid length.
[   90.682158][ T5724] .`: (slave dummy0): Releasing backup interface
[   90.689078][   T29] kauditd_printk_skb: 417 callbacks suppressed
[   90.689222][   T29] audit: type=1326 audit(1765887574.502:10495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5725 comm="syz.3.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fe1aea7f749 code=0x7ffc0000
[   90.697089][ T5727] netlink: 'syz.4.783': attribute type 10 has an invalid length.
[   90.730150][   T29] audit: type=1326 audit(1765887574.532:10496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5725 comm="syz.3.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1aea7f749 code=0x7ffc0000
[   90.753623][   T29] audit: type=1326 audit(1765887574.532:10497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5725 comm="syz.3.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1aea7f749 code=0x7ffc0000
[   90.780749][ T5727] .`: (slave dummy0): Enslaving as an active interface with an up link
[   90.791853][   T29] audit: type=1326 audit(1765887574.602:10498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5725 comm="syz.3.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe1aea7f749 code=0x7ffc0000
[   90.815456][   T29] audit: type=1326 audit(1765887574.602:10499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5725 comm="syz.3.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1aea7f749 code=0x7ffc0000
[   90.839114][   T29] audit: type=1326 audit(1765887574.602:10500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5725 comm="syz.3.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1aea7f749 code=0x7ffc0000
[   90.862817][   T29] audit: type=1326 audit(1765887574.602:10501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5725 comm="syz.3.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fe1aea7f749 code=0x7ffc0000
[   90.863107][ T5724] loop4: detected capacity change from 0 to 1024
[   90.886509][   T29] audit: type=1326 audit(1765887574.602:10502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5725 comm="syz.3.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1aea7f749 code=0x7ffc0000
[   90.916288][   T29] audit: type=1326 audit(1765887574.602:10503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5725 comm="syz.3.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1aea7f749 code=0x7ffc0000
[   90.924680][ T5724] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   90.939792][   T29] audit: type=1326 audit(1765887574.602:10504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5725 comm="syz.3.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe1aea7f749 code=0x7ffc0000
[   90.950694][ T5724] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   91.006467][ T5724] JBD2: no valid journal superblock found
[   91.012278][ T5724] EXT4-fs (loop4): Could not load journal inode
[   91.068673][ T5741] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   91.091282][ T5724] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   91.140814][ T5746] netlink: 28 bytes leftover after parsing attributes in process `syz.0.792'.
[   91.218330][ T5750] netlink: 16 bytes leftover after parsing attributes in process `syz.3.784'.
[   91.275304][ T5752] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   91.531502][ T5757] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   91.551881][   T12] Bluetooth: hci0: Frame reassembly failed (-84)
[   91.634865][ T5768] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   91.634865][ T5768]    program syz.3.800 not setting count and/or reply_len properly
[   91.866282][ T5776] netlink: 24 bytes leftover after parsing attributes in process `syz.3.804'.
[   92.056675][ T5792] netlink: 83992 bytes leftover after parsing attributes in process `syz.3.810'.
[   92.078380][ T5792] netlink: zone id is out of range
[   92.083561][ T5792] netlink: zone id is out of range
[   92.095612][ T5792] netlink: zone id is out of range
[   92.100841][ T5792] netlink: zone id is out of range
[   92.106203][ T5792] netlink: zone id is out of range
[   92.164688][ T5792] netlink: set zone limit has 8 unknown bytes
[   92.182338][ T5797] netlink: 'syz.0.812': attribute type 10 has an invalid length.
[   92.192781][ T5797] bond0: (slave dummy0): Releasing backup interface
[   92.202071][ T5797] netlink: 'syz.0.812': attribute type 10 has an invalid length.
[   92.218151][ T5797] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   92.251673][ T5797] loop0: detected capacity change from 0 to 1024
[   92.262396][ T5797] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   92.273357][ T5797] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   92.284424][ T5797] JBD2: no valid journal superblock found
[   92.290174][ T5797] EXT4-fs (loop0): Could not load journal inode
[   92.299710][ T5797] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   92.364282][ T5805] netlink: 16 bytes leftover after parsing attributes in process `syz.5.815'.
[   92.501845][ T5815] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   92.573234][ T5016] Bluetooth: hci1: Frame reassembly failed (-84)
[   92.734247][ T5842] syzkaller0: entered promiscuous mode
[   92.739777][ T5842] syzkaller0: entered allmulticast mode
[   93.533703][ T5224] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   93.563614][ T5887] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   93.580740][ T5889] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   93.621701][   T31] Bluetooth: hci0: Frame reassembly failed (-84)
[   93.881185][ T5919] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   93.912291][ T5925] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   93.912291][ T5925]    program syz.3.861 not setting count and/or reply_len properly
[   93.996265][ T5932] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   94.139265][ T5942] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   94.214295][ T5948] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   94.240918][ T5950] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   94.240918][ T5950]    program syz.3.872 not setting count and/or reply_len properly
[   94.303379][ T5954] syzkaller0: entered promiscuous mode
[   94.309020][ T5954] syzkaller0: entered allmulticast mode
[   94.416316][ T5958] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   94.549023][ T5973] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   94.573629][ T3622] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   95.208197][ T6001] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   95.229463][ T1634] Bluetooth: hci1: Frame reassembly failed (-84)
[   95.257023][ T6007] __nla_validate_parse: 7 callbacks suppressed
[   95.257042][ T6007] netlink: 4 bytes leftover after parsing attributes in process `syz.0.896'.
[   95.568645][ T6015] netlink: 16 bytes leftover after parsing attributes in process `syz.5.897'.
[   95.693718][ T5224] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   95.694545][ T3622] Bluetooth: hci0: command 0x1003 tx timeout
[   95.765390][ T6017] loop4: detected capacity change from 0 to 1024
[   95.772437][   T29] kauditd_printk_skb: 1279 callbacks suppressed
[   95.772454][   T29] audit: type=1400 audit(1765887579.582:11784): avc:  denied  { mounton } for  pid=6016 comm="syz.4.898" path="/158/file0" dev="tmpfs" ino=855 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   95.803042][ T6017] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   95.818805][ T6017] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=484ce01c, mo2=0000]
[   95.829068][ T6017] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #3: block 2: comm syz.4.898: lblock 2 mapped to illegal pblock 2 (length 1)
[   95.843459][ T6017] Quota error (device loop4): qtree_write_dquot: dquota write failed
[   95.851797][ T6017] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #3: block 48: comm syz.4.898: lblock 0 mapped to illegal pblock 48 (length 1)
[   95.866200][ T6017] Quota error (device loop4): v2_write_file_info: Can't write info structure
[   95.875063][ T6017] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.898: Failed to acquire dquot type 0
[   95.886663][ T6017] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6298: Corrupt filesystem
[   95.896408][ T6017] EXT4-fs error (device loop4): ext4_evict_inode:253: inode #11: comm syz.4.898: mark_inode_dirty error
[   95.908065][ T6017] EXT4-fs warning (device loop4): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[   95.918486][ T6017] EXT4-fs (loop4): 1 orphan inode deleted
[   95.928437][ T6017] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.941045][   T12] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1)
[   95.955570][   T12] Quota error (device loop4): remove_tree: Can't read quota data block 1
[   95.964083][   T12] EXT4-fs error (device loop4): ext4_release_dquot:7022: comm kworker/u8:0: Failed to release dquot type 0
[   95.975537][   T29] audit: type=1400 audit(1765887579.772:11785): avc:  denied  { mount } for  pid=6016 comm="syz.4.898" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   96.049925][   T29] audit: type=1400 audit(1765887579.862:11786): avc:  denied  { unmount } for  pid=3321 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   96.082262][   T29] audit: type=1400 audit(1765887579.892:11787): avc:  denied  { shutdown } for  pid=6020 comm="syz.1.899" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   96.102365][   T29] audit: type=1400 audit(1765887579.912:11788): avc:  denied  { getopt } for  pid=6020 comm="syz.1.899" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   96.103195][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.145773][ T3321] EXT4-fs error (device loop4): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0
[   96.159373][ T3321] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6298: Corrupt filesystem
[   96.189563][ T3321] EXT4-fs error (device loop4): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error
[   96.210609][   T29] audit: type=1326 audit(1765887580.012:11789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6022 comm="syz.3.901" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe1aea7f749 code=0x0
[   96.249165][ T6028] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   96.249165][ T6028]    program syz.4.900 not setting count and/or reply_len properly
[   96.263568][   T29] audit: type=1400 audit(1765887580.062:11790): avc:  denied  { write } for  pid=6027 comm="syz.4.900" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   96.477621][ T6033] netlink: 24 bytes leftover after parsing attributes in process `syz.1.904'.
[   96.539824][ T6049] loop5: detected capacity change from 0 to 1024
[   96.547541][ T6049] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   96.577951][ T6049] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=484ce01c, mo2=0000]
[   96.606271][ T6049] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 2: comm syz.5.910: lblock 2 mapped to illegal pblock 2 (length 1)
[   96.621750][ T6049] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 48: comm syz.5.910: lblock 0 mapped to illegal pblock 48 (length 1)
[   96.636954][ T6049] EXT4-fs error (device loop5): ext4_acquire_dquot:6986: comm syz.5.910: Failed to acquire dquot type 0
[   96.648747][ T6049] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6298: Corrupt filesystem
[   96.658585][ T6049] EXT4-fs error (device loop5): ext4_evict_inode:253: inode #11: comm syz.5.910: mark_inode_dirty error
[   96.670139][ T6049] EXT4-fs warning (device loop5): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[   96.680622][ T6049] EXT4-fs (loop5): 1 orphan inode deleted
[   96.686999][ T6049] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.699746][  T381] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[   96.721483][  T381] EXT4-fs error (device loop5): ext4_release_dquot:7022: comm kworker/u8:5: Failed to release dquot type 0
[   96.750461][ T4810] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.761233][ T4810] EXT4-fs error (device loop5): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0
[   96.774615][ T4810] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6298: Corrupt filesystem
[   96.785268][ T4810] EXT4-fs error (device loop5): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error
[   96.997467][ T6066] netlink: 16 bytes leftover after parsing attributes in process `syz.4.913'.
[   97.197893][ T6075] netlink: 16 bytes leftover after parsing attributes in process `syz.3.918'.
[   97.293677][ T3560] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   97.293746][ T5224] Bluetooth: hci1: command 0x1003 tx timeout
[   97.391721][ T6087] loop3: detected capacity change from 0 to 1024
[   97.401385][ T6087] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   97.413186][ T6087] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=484ce01c, mo2=0000]
[   97.423910][ T6087] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 2: comm syz.3.924: lblock 2 mapped to illegal pblock 2 (length 1)
[   97.438087][ T6087] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 48: comm syz.3.924: lblock 0 mapped to illegal pblock 48 (length 1)
[   97.452617][ T6087] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.924: Failed to acquire dquot type 0
[   97.464636][ T6087] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6298: Corrupt filesystem
[   97.474430][ T6087] EXT4-fs error (device loop3): ext4_evict_inode:253: inode #11: comm syz.3.924: mark_inode_dirty error
[   97.486210][ T6087] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[   97.496591][ T6087] EXT4-fs (loop3): 1 orphan inode deleted
[   97.505692][ T6087] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.525063][  T381] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[   97.569387][  T381] EXT4-fs error (device loop3): ext4_release_dquot:7022: comm kworker/u8:5: Failed to release dquot type 0
[   97.622464][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.646006][ T3320] EXT4-fs error (device loop3): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0
[   97.659698][ T3320] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6298: Corrupt filesystem
[   97.670065][ T3320] EXT4-fs error (device loop3): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error
[   97.746829][ T6096] tbf_change: 1 callbacks suppressed
[   97.746848][ T6096] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   97.955357][ T6103] netlink: 83992 bytes leftover after parsing attributes in process `syz.5.928'.
[   97.988697][ T6103] net_ratelimit: 6 callbacks suppressed
[   97.988715][ T6103] netlink: zone id is out of range
[   97.999709][ T6103] netlink: zone id is out of range
[   98.044098][ T6103] netlink: zone id is out of range
[   98.064723][ T6103] netlink: zone id is out of range
[   98.149033][ T6103] netlink: set zone limit has 8 unknown bytes
[   98.189669][ T6126] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   98.207407][ T6123] loop4: detected capacity change from 0 to 1024
[   98.276497][ T6123] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   98.386743][ T6123] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=484ce01c, mo2=0000]
[   98.397252][ T6123] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #3: block 2: comm syz.4.937: lblock 2 mapped to illegal pblock 2 (length 1)
[   98.433770][ T6123] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #3: block 48: comm syz.4.937: lblock 0 mapped to illegal pblock 48 (length 1)
[   98.463748][ T6123] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.937: Failed to acquire dquot type 0
[   98.523996][ T6123] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6298: Corrupt filesystem
[   98.545574][ T6140] netlink: 16 bytes leftover after parsing attributes in process `syz.3.940'.
[   98.631581][ T6150] syzkaller0: entered promiscuous mode
[   98.637139][ T6150] syzkaller0: entered allmulticast mode
[   98.646788][ T6123] EXT4-fs error (device loop4): ext4_evict_inode:253: inode #11: comm syz.4.937: mark_inode_dirty error
[   98.687874][ T6123] EXT4-fs warning (device loop4): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[   98.713699][ T6123] EXT4-fs (loop4): 1 orphan inode deleted
[   98.732142][ T6123] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.748593][ T2849] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:12: lblock 1 mapped to illegal pblock 1 (length 1)
[   98.811822][ T2849] EXT4-fs error (device loop4): ext4_release_dquot:7022: comm kworker/u8:12: Failed to release dquot type 0
[   98.828408][ T6151] netlink: 24 bytes leftover after parsing attributes in process `syz.5.944'.
[   98.884958][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.926740][ T3321] EXT4-fs error (device loop4): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0
[   98.977854][ T3321] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6298: Corrupt filesystem
[   99.008424][ T3321] EXT4-fs error (device loop4): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error
[   99.055961][ T6165] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   99.154238][ T6173] netlink: 83992 bytes leftover after parsing attributes in process `syz.4.954'.
[   99.163483][ T6173] netlink: zone id is out of range
[   99.168658][ T6173] netlink: zone id is out of range
[   99.177478][ T1356] Bluetooth: hci0: Frame reassembly failed (-84)
[   99.184354][ T6177] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   99.194151][ T6173] netlink: zone id is out of range
[   99.199320][ T6173] netlink: zone id is out of range
[   99.317343][ T6173] netlink: set zone limit has 8 unknown bytes
[   99.382150][ T1634] Bluetooth: hci1: Frame reassembly failed (-84)
[   99.686729][ T6211] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   99.790445][ T6225] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   99.824943][ T6230] loop3: detected capacity change from 0 to 1024
[   99.832688][ T6230] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   99.845479][ T6230] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=484ce01c, mo2=0000]
[   99.855404][ T6230] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 2: comm syz.3.976: lblock 2 mapped to illegal pblock 2 (length 1)
[   99.869692][ T6230] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 48: comm syz.3.976: lblock 0 mapped to illegal pblock 48 (length 1)
[   99.883950][ T6230] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.976: Failed to acquire dquot type 0
[   99.895786][ T6230] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6298: Corrupt filesystem
[   99.905671][ T6230] EXT4-fs error (device loop3): ext4_evict_inode:253: inode #11: comm syz.3.976: mark_inode_dirty error
[   99.917222][ T6230] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[   99.927660][ T6230] EXT4-fs (loop3): 1 orphan inode deleted
[   99.933918][ T6230] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.946490][ T2849] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:12: lblock 1 mapped to illegal pblock 1 (length 1)
[   99.961842][ T2849] EXT4-fs error (device loop3): ext4_release_dquot:7022: comm kworker/u8:12: Failed to release dquot type 0
[   99.984084][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.993782][ T3320] EXT4-fs error (device loop3): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0
[  100.006862][ T3320] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6298: Corrupt filesystem
[  100.016949][ T3320] EXT4-fs error (device loop3): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error
[  100.178063][ T6250] syzkaller0: entered promiscuous mode
[  100.183716][ T6250] syzkaller0: entered allmulticast mode
[  100.254438][ T6258] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[  100.254438][ T6258]    program syz.4.987 not setting count and/or reply_len properly
[  100.512106][ T6285] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  100.538807][ T6287] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[  100.538807][ T6287]    program syz.5.999 not setting count and/or reply_len properly
[  100.549271][ T6279] __nla_validate_parse: 1 callbacks suppressed
[  100.549290][ T6279] netlink: 24 bytes leftover after parsing attributes in process `syz.4.996'.
[  100.972589][   T29] kauditd_printk_skb: 1120 callbacks suppressed
[  100.972607][   T29] audit: type=1400 audit(1765887584.782:12899): avc:  denied  { create } for  pid=6299 comm="syz.5.1005" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  101.123456][   T29] audit: type=1326 audit(1765887584.812:12900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6308 comm="syz.4.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[  101.147237][   T29] audit: type=1326 audit(1765887584.812:12901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6308 comm="syz.4.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[  101.170825][   T29] audit: type=1326 audit(1765887584.822:12902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6308 comm="syz.4.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[  101.194329][   T29] audit: type=1326 audit(1765887584.822:12903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6308 comm="syz.4.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[  101.217859][   T29] audit: type=1326 audit(1765887584.822:12904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6308 comm="syz.4.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[  101.241369][   T29] audit: type=1326 audit(1765887584.822:12905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6308 comm="syz.4.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[  101.264951][   T29] audit: type=1326 audit(1765887584.822:12906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6308 comm="syz.4.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[  101.288459][   T29] audit: type=1326 audit(1765887584.822:12907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6308 comm="syz.4.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[  101.311942][   T29] audit: type=1326 audit(1765887584.822:12908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6308 comm="syz.4.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94cf95f749 code=0x7ffc0000
[  101.367595][ T3622] Bluetooth: hci0: command 0x1003 tx timeout
[  101.376501][ T3560] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  101.419774][ T6324] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  101.439312][ T6309] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1008'.
[  101.454186][ T5224] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  101.455018][ T3560] Bluetooth: hci1: command 0x1003 tx timeout
[  101.634025][ T6326] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1013'.
[  101.724645][ T6330] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1014'.
[  101.793763][ T5016] Bluetooth: hci0: Frame reassembly failed (-84)
[  101.849493][ T6345] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1021'.
[  101.857782][ T6360] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1023'.
[  101.965985][ T6371] netlink: 83992 bytes leftover after parsing attributes in process `syz.5.1029'.
[  102.252077][ T6370] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1027'.
[  102.530919][ T6388] netlink: 'syz.1.1035': attribute type 10 has an invalid length.
[  102.572913][ T6388] .`: (slave dummy0): Releasing backup interface
[  102.596790][ T6388] team0: Port device dummy0 added
[  102.602067][ T6391] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  102.638826][ T6388] netlink: 'syz.1.1035': attribute type 10 has an invalid length.
[  102.656126][ T6388] team0: Port device dummy0 removed
[  102.676336][ T6388] .`: (slave dummy0): Enslaving as an active interface with an up link
[  102.706302][ T6388] loop1: detected capacity change from 0 to 1024
[  102.713491][ T6388] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  102.724463][ T6388] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  102.750391][ T6388] JBD2: no valid journal superblock found
[  102.756223][ T6388] EXT4-fs (loop1): Could not load journal inode
[  102.768979][ T6388] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  102.824500][ T6396] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1038'.
[  102.903819][ T6408] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  102.953052][ T6413] loop3: detected capacity change from 0 to 1024
[  102.960492][ T6413] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  102.977439][ T6413] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=484ce01c, mo2=0000]
[  102.988031][ T6413] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 2: comm syz.3.1044: lblock 2 mapped to illegal pblock 2 (length 1)
[  103.002927][ T6413] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 48: comm syz.3.1044: lblock 0 mapped to illegal pblock 48 (length 1)
[  103.017408][ T6413] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.1044: Failed to acquire dquot type 0
[  103.069993][ T6413] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6298: Corrupt filesystem
[  103.249706][ T6413] EXT4-fs error (device loop3): ext4_evict_inode:253: inode #11: comm syz.3.1044: mark_inode_dirty error
[  103.294221][ T6412] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1045'.
[  103.311845][ T6413] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  103.370626][ T6413] EXT4-fs (loop3): 1 orphan inode deleted
[  103.392877][ T6413] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.553856][  T381] Bluetooth: hci1: Frame reassembly failed (-84)
[  103.853562][ T5224] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  103.909778][ T6432] netlink: 'syz.0.1052': attribute type 10 has an invalid length.
[  103.919619][ T6432] bond0: (slave dummy0): Releasing backup interface
[  103.928314][ T6432] netlink: 'syz.0.1052': attribute type 10 has an invalid length.
[  103.937714][ T6432] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  103.963597][ T1634] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:10: lblock 1 mapped to illegal pblock 1 (length 1)
[  103.984327][ T1634] EXT4-fs error (device loop3): ext4_release_dquot:7022: comm kworker/u8:10: Failed to release dquot type 0
[  104.017998][ T6432] loop0: detected capacity change from 0 to 1024
[  104.026447][ T6432] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  104.037487][ T6432] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  104.037935][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.048024][ T6432] JBD2: no valid journal superblock found
[  104.062015][ T6432] EXT4-fs (loop0): Could not load journal inode
[  104.072954][ T6432] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  104.092480][ T3320] EXT4-fs error (device loop3): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0
[  104.105525][ T3320] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6298: Corrupt filesystem
[  104.115173][ T3320] EXT4-fs error (device loop3): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error
[  105.580694][ T6506] __nla_validate_parse: 4 callbacks suppressed
[  105.580708][ T6506] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1078'.
[  105.614925][ T3560] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  105.936584][ T6541] loop5: detected capacity change from 0 to 512
[  105.947540][ T6541] ext4: Bad value for 'max_dir_size_kb'
[  105.975108][   T29] kauditd_printk_skb: 1245 callbacks suppressed
[  105.975127][   T29] audit: type=1326 audit(1765887589.792:14151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6540 comm="syz.5.1094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2ae07bf749 code=0x7ffc0000
[  106.062039][   T29] audit: type=1326 audit(1765887589.792:14152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6540 comm="syz.5.1094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae07bf749 code=0x7ffc0000
[  106.085952][   T29] audit: type=1326 audit(1765887589.792:14153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6540 comm="syz.5.1094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f2ae07bf749 code=0x7ffc0000
[  106.109560][   T29] audit: type=1326 audit(1765887589.792:14154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6540 comm="syz.5.1094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae07bf749 code=0x7ffc0000
[  106.133229][   T29] audit: type=1326 audit(1765887589.792:14155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6540 comm="syz.5.1094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f2ae07bf749 code=0x7ffc0000
[  106.157035][   T29] audit: type=1326 audit(1765887589.822:14156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6545 comm="**&.(" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1aea7f749 code=0x7ffc0000
[  106.180129][   T29] audit: type=1326 audit(1765887589.822:14157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6545 comm="**&.(" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe1aea7f749 code=0x7ffc0000
[  106.203237][   T29] audit: type=1326 audit(1765887589.822:14158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6545 comm="**&.(" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1aea7f749 code=0x7ffc0000
[  106.226346][   T29] audit: type=1326 audit(1765887589.822:14159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6545 comm="**&.(" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe1aea7f749 code=0x7ffc0000
[  106.249529][   T29] audit: type=1326 audit(1765887589.822:14160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6545 comm="**&.(" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1aea7f749 code=0x7ffc0000
[  106.491184][ T6583] loop3: detected capacity change from 0 to 512
[  106.498891][ T6583] ext4: Bad value for 'max_dir_size_kb'
[  106.571124][ T6592] netlink: 83992 bytes leftover after parsing attributes in process `syz.4.1112'.
[  106.592395][ T6592] net_ratelimit: 5 callbacks suppressed
[  106.592414][ T6592] netlink: zone id is out of range
[  106.603255][ T6592] netlink: zone id is out of range
[  106.629321][ T6592] netlink: zone id is out of range
[  106.678770][ T6592] netlink: set zone limit has 8 unknown bytes
[  106.725449][ T1356] Bluetooth: hci0: Frame reassembly failed (-84)
[  106.996423][ T6615] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  107.178326][ T6643] loop4: detected capacity change from 0 to 512
[  107.185277][ T6643] ext4: Bad value for 'max_dir_size_kb'
[  107.304882][ T6654] syzkaller0: entered promiscuous mode
[  107.310498][ T6654] syzkaller0: entered allmulticast mode
[  107.360435][ T6660] netlink: 83992 bytes leftover after parsing attributes in process `syz.0.1139'.
[  107.388571][ T6660] netlink: zone id is out of range
[  107.393897][ T6660] netlink: zone id is out of range
[  107.400636][ T6660] netlink: zone id is out of range
[  107.420191][ T6660] netlink: set zone limit has 8 unknown bytes
[  107.470497][ T6659] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  107.634623][ T6680] netlink: 'syz.5.1149': attribute type 10 has an invalid length.
[  107.645369][ T6680] bond0: (slave dummy0): Releasing backup interface
[  107.663072][ T6680] netlink: 'syz.5.1149': attribute type 10 has an invalid length.
[  107.674008][ T6680] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  107.708833][ T6680] loop5: detected capacity change from 0 to 1024
[  107.715875][ T6680] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  107.726907][ T6680] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  107.742563][ T6680] JBD2: no valid journal superblock found
[  107.748487][ T6680] EXT4-fs (loop5): Could not load journal inode
[  107.760918][ T6680] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  107.789745][ T6682] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1150'.
[  107.927137][  T381] Bluetooth: hci1: Frame reassembly failed (-84)
[  107.951576][ T6697] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  107.990695][ T6705] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[  107.990695][ T6705]    program syz.5.1159 not setting count and/or reply_len properly
[  108.200037][ T6712] netlink: 83992 bytes leftover after parsing attributes in process `syz.5.1161'.
[  108.209418][ T6712] netlink: zone id is out of range
[  108.214669][ T6712] netlink: zone id is out of range
[  108.446949][ T6716] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1163'.
[  108.595323][ T6737] netlink: 'syz.0.1172': attribute type 10 has an invalid length.
[  108.605561][ T6737] bond0: (slave dummy0): Releasing backup interface
[  108.615730][ T6737] netlink: 'syz.0.1172': attribute type 10 has an invalid length.
[  108.626908][ T6737] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  108.665378][ T6737] loop0: detected capacity change from 0 to 1024
[  108.678703][ T6737] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  108.689677][ T6737] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  108.701586][ T6737] JBD2: no valid journal superblock found
[  108.707442][ T6737] EXT4-fs (loop0): Could not load journal inode
[  108.733680][ T5224] Bluetooth: hci0: command 0x1003 tx timeout
[  108.739901][ T4040] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  108.760446][ T6737] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  108.856960][ T6744] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1173'.
[  109.729373][ T6781] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[  109.729373][ T6781]    program syz.1.1188 not setting count and/or reply_len properly
[  110.013616][ T4040] Bluetooth: hci1: command 0x1003 tx timeout
[  110.013635][ T3560] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  110.013758][ T4040] ==================================================================
[  110.013790][ T4040] BUG: KCSAN: data-race in data_push_tail / string
[  110.013833][ T4040] 
[  110.013842][ T4040] write to 0xffffffff88e9ecf0 of 1 bytes by task 3560 on cpu 1:
[  110.013864][ T4040]  string+0x187/0x220
[  110.013889][ T4040]  vsnprintf+0x532/0x860
[  110.013915][ T4040]  pointer+0x821/0xcb0
[  110.013940][ T4040]  vsnprintf+0x491/0x860
[  110.013959][ T4040]  vscnprintf+0x41/0x90
[  110.013978][ T4040]  printk_sprint+0x30/0x2d0
[  110.014007][ T4040]  vprintk_store+0x599/0x860
[  110.014044][ T4040]  vprintk_emit+0x15a/0x610
[  110.014080][ T4040]  vprintk_default+0x26/0x30
[  110.014114][ T4040]  vprintk+0x1d/0x30
[  110.014137][ T4040]  _printk+0x79/0xa0
[  110.014157][ T4040]  bt_err+0x9d/0xd0
[  110.014195][ T4040]  hci_dev_open_sync+0xfa4/0x2290
[  110.014222][ T4040]  hci_power_on+0xef/0x390
[  110.014243][ T4040]  process_scheduled_works+0x4ce/0x9d0
[  110.014266][ T4040]  worker_thread+0x582/0x770
[  110.014289][ T4040]  kthread+0x489/0x510
[  110.014316][ T4040]  ret_from_fork+0x149/0x290
[  110.014341][ T4040]  ret_from_fork_asm+0x1a/0x30
[  110.014371][ T4040] 
[  110.014386][ T4040] read to 0xffffffff88e9ecf0 of 8 bytes by task 4040 on cpu 0:
[  110.014407][ T4040]  data_push_tail+0x100/0x470
[  110.014443][ T4040]  data_alloc+0x11b/0x390
[  110.014469][ T4040]  prb_reserve+0x964/0xb60
[  110.014494][ T4040]  vprintk_store+0x56d/0x860
[  110.014521][ T4040]  vprintk_emit+0x15a/0x610
[  110.014550][ T4040]  vprintk_default+0x26/0x30
[  110.014587][ T4040]  vprintk+0x1d/0x30
[  110.014613][ T4040]  _printk+0x79/0xa0
[  110.014633][ T4040]  bt_err+0x9d/0xd0
[  110.014662][ T4040]  hci_cmd_timeout+0x97/0x140
[  110.014681][ T4040]  process_scheduled_works+0x4ce/0x9d0
[  110.014709][ T4040]  worker_thread+0x582/0x770
[  110.014739][ T4040]  kthread+0x489/0x510
[  110.014767][ T4040]  ret_from_fork+0x149/0x290
[  110.014791][ T4040]  ret_from_fork_asm+0x1a/0x30
[  110.014816][ T4040] 
[  110.014823][ T4040] value changed: 0x00000000ffffe06c -> 0x2065646f63704f20
[  110.014838][ T4040] 
[  110.014845][ T4040] Reported by Kernel Concurrency Sanitizer on:
[  110.014864][ T4040] CPU: 0 UID: 0 PID: 4040 Comm: kworker/u9:3 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  110.014921][ T4040] Tainted: [W]=WARN
[  110.014932][ T4040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  110.014948][ T4040] Workqueue: hci1 hci_cmd_timeout
[  110.014975][ T4040] ==================================================================