last executing test programs:

2m56.197762616s ago: executing program 2 (id=258):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_read_part_table(0x59f, &(0x7f0000000f80)="$eJzs0r1Ls1cYB+CTwEsoVCIiONhBMLg0KsRBh2SwEtMsRsSKFGfBQQfBwUFSorMf/4DiF4iL2NlRjCAKcZKM4lxQXDKltD6FtnZpiyl9ua4lnHPf59w5/J7A/1o8/NRsNmMhhGbi75/+7jQ/XuyZHJ2aDiEW5kII+a++/LUSizp+u/U8WpeidTGRqe3fjL2ctt/23ldTh/GofhEP4YcQwuLjUfLfvo3P31nuKrm+sVzYXM0tPBTWnobm+/PdW/mlneGDbHmmKzsbfVgX8dbMT9VGju+apefdtoFP1Vojcx31pWMfM5//1p/z3+us1CuNib6TlcF0R/2yvB3l/ip/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgg53lrpLrG8uFzdXcwkNh7Wlovj/fvZVf2hk+yJZnurKz8be+i3hr5qdqI8d3zdLzbtvAp2qtkbmO+tKxd0e/+fFj/hIt9HX4Y/57nZV6pTHRd7IymO6oX5a3o9xf3+cPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCX8uPFnsnRqekQYmEuhPDt/fe9v+w3E2/1WNR3Hv2Wov1iIlPbvxl7OW2/7b2vpg4nEyEkfnfv4uNR8otWPoR/5OcAAAD//2wlhu4=")

2m56.131400797s ago: executing program 2 (id=260):
unshare(0x2040400)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@bloom_filter={0x1e, 0x0, 0x2, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x9}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x83c2}, 0x18)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001100)={r0, 0x0, 0x0}, 0x20)

2m56.057013708s ago: executing program 2 (id=264):
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Lu1cUB/CbgIRCJSKCgx0Eg0ujQhx0SAYrMWQxIlYcnAUHHQQHB0mJzr78A4pvIC5iZ0cxgijESTKKc0FxyZTS+hTa2qUtpvTH57OEe8+59+TyfQL/a/HwU7PZjIUQmom/f/r7s/xEsXdqbHomhFiYDyHkv/n610os6vjt1otoXYrWxUSmdnA7/nrWcdf3UE0dxaP6ZTyEH0IIS0/HyX/7Nr5857nr5MbmSmFrLbf4WFh/Hl4YyPds55d3Rw6z5dnu7Fz0YV3GWzM/VRs9uW+WXvbaB9uqtUbmJupLxz5nPv+tP+e/31WpVxqT/aerQ+nO+lV5J8r9Tf4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAnO89dJzc2Vwpba7nFx8L68/DCQL5nO7+8O3KYLc92Z+fi732X8dbMT9VGT+6bpZe99sG2aq2RuYn60rEPR7/78XP+Ei30bfhj/vtdlXqlMdl/ujqU7qxflXei3N8+5g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8JfyE8XeqbHpmRBiYT6EMB7vOP5lv5l4r8eivovotxTtFxOZ2sHt+OtZx13fQzV1NJUIIfG7e5eejpNftfIh/CM/BwAA//8514ZQ")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r0, &(0x7f0000000380)=ANY=[], 0x178)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffc}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
getsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000600)={@remote, @initdev, <r2=>0x0}, &(0x7f0000000640)=0xc)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000700)={0x4, &(0x7f00000006c0)=[{0x9, 0xff, 0x7, 0x10}, {0x6, 0xba, 0x8, 0x1000}, {0x5, 0x9, 0x3, 0x3b69}, {0x8, 0x8, 0x9, 0xfffffffc}]})
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f0000000680)=r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000740)=ANY=[@ANYRES8=r2], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = gettid()
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000340)='/sys/power/pm_wakeup_irq', 0x0, 0xb)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
r8 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
ioctl$LOOP_CONFIGURE(r8, 0x4c0a, &(0x7f0000000140)={r5, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1e, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90bf8b1c5512406c7f0000000000000000000000000000000000000000000009", [0x2, 0x40000000000000]}})
setpgid(r4, r4)
ioctl$LOOP_CTL_GET_FREE(r7, 0x4c82)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xc3, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xa19a, 0x1000}, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x40082406, &(0x7f0000000340)='cpu\t&0&&\t')
process_mrelease(0xffffffffffffffff, 0x700000000000000)
close(r0)

2m55.685302614s ago: executing program 2 (id=272):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = memfd_create(&(0x7f0000000080)=',\xea\x00', 0x4)
r3 = dup(r2)
preadv2(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/83, 0x200000}], 0x1000000000000146, 0x0, 0x0, 0x0)
ioctl$HIDIOCGREPORT(r3, 0x400c4807, &(0x7f0000000080)={0x1, 0x3, 0x4})
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x9851fd851afcec88, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r5 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r5, 0xc0096616, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r7, 0x13)
ptrace$getregs(0xc, r7, 0x8, &(0x7f0000000300)=""/219)
sendmsg$nl_netfilter(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001780)={&(0x7f0000000500)=ANY=[@ANYBLOB="cc020000210a0108fdffffff0000000000000000630003"], 0x2cc}}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r8}, 0x10)
shmget(0x1, 0x2000, 0x80, &(0x7f0000ffd000/0x2000)=nil)
r9 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r9, 0x10e, 0xc, &(0x7f0000000040)={0x8604}, 0x10)
sendmsg$nl_route(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="240000001a0069ae26bd7000000000001c"], 0x24}}, 0x0)
memfd_secret(0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c80)=ANY=[@ANYBLOB="54010000100001000000000400000000fc0100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000032000000fc0100000000000000000000000000000000000000000000fdffffffffffffff00000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000220e0000000000000000000002000003cd000000000000004800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c0017"], 0x154}}, 0x0)

2m55.495969416s ago: executing program 2 (id=276):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
recvmmsg$unix(r2, 0x0, 0x0, 0x400122a0, 0x0)
sendmmsg(r2, &(0x7f00000030c0), 0x1, 0x9200000000000000)

2m54.560051311s ago: executing program 2 (id=290):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='kfree\x00', r0}, 0x18)
r1 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$selinux_validatetrans(r1, 0x0, 0x79)
r2 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r2, 0x80045505, 0x0)

2m54.559484811s ago: executing program 32 (id=290):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='kfree\x00', r0}, 0x18)
r1 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$selinux_validatetrans(r1, 0x0, 0x79)
r2 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r2, 0x80045505, 0x0)

1.659802734s ago: executing program 4 (id=4228):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0xff, 0x0, 0x0, 0x0, 0x1888d07e92b1e73e}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
lsm_set_self_attr(0x66, &(0x7f0000000380)=ANY=[@ANYBLOB="650000000000000006000000000000003900000000000000190000"], 0x39, 0x0)

1.579971225s ago: executing program 4 (id=4231):
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000140), 0x121880, 0x0)
r1 = syz_io_uring_setup(0x53d3, &(0x7f0000000240)={0x0, 0x7d89, 0x10100, 0x3, 0x289}, &(0x7f0000000540)=<r2=>0x0, &(0x7f0000000700)=<r3=>0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000000)='kfree\x00', r5, 0x0, 0x1ffffffffffffffd}, 0x18)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4007, @fd=r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)=""/158, 0x9e}], 0x1})
io_uring_enter(r1, 0x567, 0x72, 0x0, 0x0, 0x0)

1.527501186s ago: executing program 4 (id=4234):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x7, 0x80, 0x0, 0x1, 0x101, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x8, 0xd9}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00'}, 0x18)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00', 0xc})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(0xffffffffffffffff, 0x404c534a, &(0x7f0000000380)={0x0, 0x1})
ioctl$USBDEVFS_REAPURBNDELAY(r0, 0x4008550d, 0x0)

1.435766388s ago: executing program 4 (id=4237):
r0 = syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000193c0)=@newlinkprop={0x28, 0x6c, 0x1, 0x70bd26, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x2680, 0x1800}, [@IFLA_NET_NS_PID={0x8}]}, 0x28}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=ANY=[@ANYBLOB="b70700000000000063118b000000000040000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x8, 0xb579, &(0x7f000000cf3d)=""/195}, 0x23)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x101, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=ANY=[@ANYBLOB="12000000030000000400000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r5}, &(0x7f0000000580)=0x2, &(0x7f00000005c0)=r4}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000004440)=ANY=[@ANYRES16=0x0, @ANYRES32=r2, @ANYBLOB="00000200", @ANYRESHEX=r3, @ANYBLOB="a6d92b186c13d7cc07c368f7d6ba02bb14388b444d12e237cfd67073c4a0184eea0dffb33a38884d7a1790a8c84ac2577f3354f5bb6f9057dae82730a7a613c87d8f60b28f34fdef5a7f58077b3a839e1e7988a0e1c13d167152644b776868dda27de0074b3f1a289a52138f1b76fbacc150e2f3a436fc95dec6b99b0c4e92b7591902c62b5f1e4a7abd9190b7aae4fc77d77a86c6b2230ba9d05c581fd24ad365a3b1ddf0dc41ee425dda8c7d767418f061731c3f7a818bb8e77b1399ffe9984b35800bf11a7cd1c4115aaaa4438c16b4efc23b2f3905d7f14c505998632fe0ca615cdb751d189d0625f8084ee598468a1d42874528e330af20db9ea61656b88f183212172ec2f182b680c2786f2ea736eb9222b24c2c96a4eabf06521b9368f93fb649e1772cb103943b73f076ac17a7b536979d90ec8b92ae19d52b5e384c583b8dd47b89202dd0b9f75776b141e9ebc7825d687f93206e613d04b7074e36680f78495e937160de3eca6fc3efcce07616c16296f7ed57b88caef6642be6c6576b0be3f0b2784dc14a4d0eaf143e235036357a85d9b94f8edfc9e88c762435b7299fe7d22c1774dad2990d0d2f69c66a419819af9179028ecc469dff4e8245f0c9d5cc0eafc8712eb7c9a610e174c776356ddd381d45fdddbcdb8690ec42660b506ce2a13529bd450ae8cb1fd57a5f461254e8761c6441279136d7c7c31e1b36c379391117bd34bdc514e0f33e8f5858eabdaccdbec47317f7a04cbb1e09250a79fe65550f940d571565321835dfe90c61a530cae025cede88c3779f7ca72aa71964055c154606f81c373de4982ccb6a6415dc1115d4aea831926a319bfae7c316dfee71404c9be4d65913bfbac2636ef453c55b40ca40374fb18f10dc3db7ed75c9fb9b1f44676f48357640278266faab60c75381095235e87af5b4c2ddbbb2b1e8c4ae83c814cfe6e745220f1542ae40c980a9104388c73f1e1175760c0c434b49e359caba1354a15c6114fbfa4395d2bc7a030b44a737e753d6f5a299cde078fc983c5667bfba6f4d933074e9ba3d86d73395c541d28ea162079d69a8df03f7ef44c4b80ba69f021eb34d3bdb0f7daae0b9b393a3751c38d8ade0dcd7db8ed8f5afc74990888471a2448f4834be15ccb52e9e5ae78659a76ffe964816a94b683c1b4de27e2cf4d791115c38c23147e9a1aa2d3f45f627d3bbde533a51bce49c762d0ad406576529f40bda604230d35539923a9ed6f085a4ddab2e5223bca2253d343d88f2cdd472c2a205bcf4e46c240d678b87aad716881e60d57973dba18780dc5173aeda0c2d3ff0a7f5acc882340e504442a436750ceb9f4c71457d51268927141a7122c691aee2004156832304ade0db4621729f0397c08cfac251afa0b6ad2c7b5806f185f602eb33c6ea0315f38171f5a6f69f8357d90a55aaa0e3dc6ea95fac391ba527ae7036072f13219b119ed63eba9972e59f1e01d081ccd85376ee687c05d12de5dfe88f54a34d10fbb52ecd0c466e4560f83231d2ae400f81af5664c7172c9042728ed310a85cbba050b338b124a5be2aae58d57b54f9f5c122b3c2ea7403bb3bb4ae1de293a9a7a14944eccf471e4e0675af29e4854da9d2bb8ea1cfab2d06ebd6f6e00d3c2f1d485507156256d05697e9621eace69bfed129697dd28ea3f34ec502f90244de3fb76492f12522570b9f97718ca1dd6fdf61237f9090dd880dcf1fab590fd4b471a4ece568df5aa8717821bfbe3df844f9ed0049ff1fae90bbd57ad7e70f60bcfd0f67092e36ce8eee6b7aaac5c8ee799becdaa1053a0975dc86c97ae91f9758e0ac5d17baa234005bc43924e64213735e6a7f6a6890520f3acf46b319fc13169e95cd79faad233db981bcd48b282283c60c94f28535cc01de92f429a71a8cecc6e6b4441ca59aa5cef34910f77cf0ac54abe4156b4358c3a7dcddfb94b18bd2a3d57ad6476560903c94e9958bf4bd21829d51108e7d57cc90f04a05f85ea29a195e0159e8895505d575ea6c3ef6b788975a63a3ea938f4aa7e7a9469be1dd2e84a07b56a9c2c8b576ae2c193d4abe297ab6e46f66f87c8880ffaa71d2ced1b1c518f45d1e6781632dea7a4efd7ccc76d9afd92a6d5aac2f1b331a267bb322656906548bd1a9f6c519da354f515bea02447decb87cdc10dabb2e5b21a0719171adaa3c1ee4a9717f81c82515eb2e9de87f6ad471312bc4fb920aa63a653dc637770c4a5ab18a03f212d18fd3aedc4dc3b75543faf453b314c3af83a70752122699b98e06e72b2b6b84366cfe7e51bb6fc9349014f055c13fcd7d637f17268f1248654aba5425ddcba847fbdecb157d642519c4e2534c368d761b7c78ea2e41ce1d38cb1f1dd4eb9d2d88237cd7a79eb21cc9b5652100b6e6474803bd7de7537328e80d9b550f394d7455407ec2efdad2efa7533d401dc684f12b5d49fbd1f466cac4fad03eae17cb8ef6afd456571c7b8480a7952dc994884f04e05b5c3aabeabf2fb7ee8cc32a03c6059639d2624e21369270d25d5f4cea13dfdd2f52963929b9a810ddde9f341b79539fe7c37ee171d3d12acdafc1327f4fa1737f25c0e20f8d6c4f3c508cd43573b3c965785e82bf2478554a7a601bbec78ca977e20f984bd21f5e7130c3e1a2803e5a4970f6cbae12735b9341f1a108f14eb0551e16aa9b1c264c4bb724561c0406a14ac22b99ee7cc7d0b34ba634179aeffb15dadf2c1cfaf393be90768aef0e32ef08a10cb207dab12a5054e9d5c93021b2cb9664936598d10dd10bbba685d99058fb3a6d93a71e0cfe79dfadd2e02a5251d52f4dc17ea86a7e9aa3a1ae0218dac1e83eb9f276031cd4884d967ba7bcd8fba732f9f236d985da8f1f83ce6afd39701f5213c2434422d2a2821b0ed2ea704c321bb091d3c1b2e919942615c39940f81a7911bfb4df9e1776d65b27b41b24c571b6942fa789c72f483431255f69caf071fbf137bcbf6796bc97fdbbf0698dd945189ac3ebc6790326f371253499fcdcfad2cd11dcc9bed7db4e409d9cd1dc5ffabb026879584f913f3cb27123d017639c84bcff2a05f0987d767c20e827aa400788886311fac721813d4e9847e929c2a9f128a2e3713ded8812448b4d9f92daf75ab4324bc069b8127c80545aff9c20301c52d35c9a29e5fd27ccfb73023d107022ca7fdc0d68c7529ebc787a2825301deaadb2e7976d4dd1e7da2e241d9453ab177f870fafcf3bf25d3933a830e055d34ed1ab0fff8feafb90d56915b201f6ee07a686eb2b52bd28b1bb6982282bef0e21f683817a14f02a375baa07eff689f4eb6d778a78da6e5624ed26b5aacaf81bc9d20fb427315d5c11c9b974634a254caca7dbf6eb77562380c10082f500c7aca767bbfa7e374b6186405b3814762c2e900bf7cb84d99cb67a825c17ef71c323789c733b4a831c41016f32c0c54496895c67cb8c96552de8094bb2939bf00fb8650b48878950119ce2580d5fd492a0a5b88a737502cfae1d4bf3e60b8bf9db4bee256245be1cfcf9041e8846a9b0f23f47c7edf083e6749c227de9ff7aa488d29cbcb8fca3dd1b12f9d3d3136a233b0bfd17c9acda2b2cdd4771c93d560d9df4b8c98662c1da1f90db330363cae2abeb37e13744e00c61f6b6365a42a60bfc315b9b4da5f729cb9dd5849c93d47a001f5ce3742bebf8af93cbe55dc2e1b0dfc7addee47aa64d63bcec9f94e38ea6722b14bc09e93901c07cdfe033b7add46a785f6eea2018be19d83f8e94ebf24132e25c393a7dac6751e0879c04f5780c91a53f4fbfd7699c4f7211a137773bb4e27ab7a843fd0379cb517326ce9b8ab5b5927a93248bf42d12c4e6c53b1b217535285329f70e018d76050d078da65cb08d7272ca663d34daabfd5ee98fb7e7ebf3964d569fbb94505b39ac7541595d0d4c77fb46f1f3e01b64eb18426510aabbab105bffcdb3c4c55f5961911abd3c2ccd2c349ffa3ae9c7b33e21d3bf68d03104f7a8eb1547cb79ed9c10308e0300eb13c73d0b3ed16dc50a88c2b2a95d80b67b1efbdb775a0ebf7c6a594efec4b90597ebcc0ecb0c9838ca966df9097a57355cf64735ee9349e23fc0f61f48c4c3e37ac0fdbfcb087924fc505248f6e6b8a4c2711ee6591673d6e6cb94a811bd17e15054d8dfbab4919d91883b31a3f3ec02017d13b7d938b1d8f274603857e24234d0ac4dc75c6b2e60d5dd1b2c9a32e6b0016139558910024a519286e747311ce821dd8f0f2375454ceefd466940a11d88df1e7e6996eb16d0902580ba007f28ab0e6c33c092e93eb1925da8de36069df496a8dfc7d388490d036e36cad60101ba74111ca3865703d66141b26ef1ee50ddd186b6a815fd0a98e4ff3108df4a62ac7cf31d0a30d464c873f1ba987737b3f32a5a8f2bfcc1b8e2622d06acb12401088917dab4d81a382ad2753e2c6168e8f411940295baa537c416120837376087f42914c0ce98b06e69721bf4f98312a76ecfb1a23403ac15da1ab387ad8b9cf1b4d51e0c6c8c51403f73bc4f313ce5371801ac384d0aa5ad40305c6e98f385a3cbcaae5cf73180851495de13f51be588b460e46956b0966cefddb5bd4ee34807512861d02476a2ce1c2291201ad33a724fcb7e16c98cd0dd972c75994a5eb8aeaf2e1f6d3d41ff876643a2c6b7323c340b26c61576be966309020583777ac0bc5386103c0352c7b65bd1ea3372e6f77736e2c73b13b287e57adc6e483f154d9fdd5044501de549d8b59542e8c0bfc7355543c949bcc6c425bf011f67fcf2d544ff6b26a0801fdcdc1ccd7b706bbd5bdfad19e516a8679ce09783330758e99e95b5214534fdcfa36deb0237e5c7a008928cecd2ffd516632a5b06824c82fc84fdba360dbde10571721f63dd65300b0c536cd3d1f984c69a11bda9cc0b4ef5f5ebce03cdba0359a3de78d79e5678134aba00c211e44b8b7b62c5d58bfe5bbadfc802755da4355e2aba694030feb4359cecc9c347472a3ae979b5e8b73a32d7ea1cc3a3a45dd17e1e6d6f1f68a63c3d4abbaf2c41d64775f2d87adaa4da1d9a747104b8738d72e2ecf639e71d321ea96070bdb5c066c513551107ed58d17aa303e0991472d75f89f8d4d37722d789e132d67ffbceaee708fb1a68da16fde940e87244c2768adca60476b71da9fd9d0390c9daa84aee730868eae08a0446466dbe1553bf35899d006b7341d835a2f947397b673bd8ee4afbd93c52ea343fc41102b40e7f09dd30a97a2b9d4cc01bc3bab0772814c539b9a2bd53d44d698917540c14dd84ad85d29efec5e333e7f96cb7deeafc63066275a99068f48adfd68ed99a3fe31482e07cfbf9e5d5e0ca85826e614d98b41891a8e17404d51dc7de89512651c1e8d0b3d47c7b28ed7137e876170e021d6fdcf168772c5f9ecc8e0199c1e116855e893808c8fb076e59ed99f6032228d1e821ca3e084edbd4eea56c1666b1b2991e86e4dc68e27134980e72a4b51652ab172b3c642f668f0148116c364290e1049e690cefe790615e0aa1ce2f2674f4980ad7ed4872090e78bda120775ebfe450ebe44e413abfc3bccbbd762d3ee5f5f81bfa483b25e5e54fb02175b746e717ccac8cf5d393d38ed195d2f5ff8b4758f7d8c9c6a3f5cf3a2dbcb4bd0d98ffafe24eb54658967fda2050bdd5467334ba2dc29b56ed6e7e9648173a40e30b4d930b4298033219177b6b2c6fa676966b272bb61457f6e02554eb572c4c82066c1b84a572f99719539368b282f8e995a5932493e2547a6f8d38d2ba7d86de6c03dd06ea2adf4a0c55", @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
close(r4)
socket$inet_sctp(0x2, 0x5, 0x84)
syz_open_dev$usbfs(&(0x7f0000000180), 0x1, 0x100)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000400000/0x3000)=nil, 0x3000, 0x2000009, 0x4d032, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x35, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r6 = fspick(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x1)
fsmount(r6, 0x0, 0x71)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r8, &(0x7f0000004200)='t', 0x1)
sendfile(r8, r7, 0x0, 0x3ffff)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x5, &(0x7f0000000000)=@framed={{}, [@map_fd={0x18, 0x8, 0x1, 0x0, r7}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r9, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$setlease(r0, 0x400, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r10, 0x0, 0x20000000}, 0x18)
sendfile(r8, r7, 0x0, 0x7ffff000)

919.293915ms ago: executing program 3 (id=4260):
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000140), 0x121880, 0x0)
r1 = syz_io_uring_setup(0x53d3, &(0x7f0000000240)={0x0, 0x7d89, 0x10100, 0x3, 0x289}, &(0x7f0000000540)=<r2=>0x0, &(0x7f0000000700)=<r3=>0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000000)='kfree\x00', r5, 0x0, 0x1ffffffffffffffd}, 0x18)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4007, @fd=r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)=""/158, 0x9e}], 0x1})
io_uring_enter(r1, 0x567, 0x72, 0x0, 0x0, 0x0)

884.960926ms ago: executing program 3 (id=4262):
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x2)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20000, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$igmp(0x2, 0x3, 0x2)
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000180)='./file1\x00', 0x804800, &(0x7f0000000000)=ANY=[@ANYRES8=0x0, @ANYBLOB="6092034e5823f645654f6e8edfc3b8e1a948efb0d4b9a9d4c30f5dacb3c1a7ea2587d59165777f070017c2921e793ec5a1384e143b57bb832f14bb43afdef6cb4ed4960b6c732be46a927cdd8c57f93ee6c15401df91ebcbe4f9989843313ea9f243d4dc3d276b966b898100a620b69b543033b9b7bcd9069b9248fbdff46c4a49f094a61938776ce1a1d0f0c84cb7a84bf0b1e2ce5f38f95e11d5b1977ead80625337f66dc391089ab8573d008a4bd03f6f9f01406db632558ed25be4beecd844ac00e52f95c5dc96a1e4a25c80d56aebf6cb33914d6bc72a40bf2fc94efed2f941cf3e"], 0xf9, 0x1213, &(0x7f0000000600)="$eJzs3E9rXFUYB+A3Y2rS1PxRa7Vd6AtuxMWlycKVIEFSkAwotRFaQbg1Ex0yzpTcITAiVldu/Ryu3Ql+g2z8DO6y6bIL8UrvNG1SU4vQZMQ+z2Luyz3nxzkHhoEz3HP33/3xq+2tqtgqh9GamorWrYi8m5HRigOvr4+v12+sr7bba1czr6xeW34nMxfe+PXTb2Yi4twnPy/8MhN7S5/t31n5fe/C3sX9P6992a2yW2V/MMwybw4Gw/JmbyE3u9V2kflRr1NWnez2q87OofZObr0dEaMs+5vzc7d2OlWVZX+U251RDgc53Bll+UXZ7WdRFDk/FzzWmSd32fjpbl3XEXV9Jp6Puq7rszEX5+KFmI+F+C4iXoyX4uU4H6/EhXg1XouLTa/TmD4AAAAAAAAAAAAAAAAAAAA8O/7p/P9iLDn/DwAAAAAAAAAAAAAAAAAAAKfg4+s31lfb7bWrmbMRvR92N3Y3xtdx+9K9j1504nIsxh/RnP4fG9dXPmivXc7GUnzfu30/f3t347kmv3qQX25eJ3A/P920HeSXx/k8mp+JuXv5reg2+ZVYjPPHj79ybH423nrzUL6Ixfjt8xhELzabsR/mv13OfP/D9iP5S00/AAAA+D8o8oFj9+9F8bj2cf7B/vrJ/w88sr+ejkvTk107EdXo6+2y1evsNEXvoJj9252TK+IUx3q6RcSduilmjja1TmjQVkx8yYeKqf/GNBRPpzgbR+9M+peJ0/DwazDpmQAAAAAAAAAAAPBvnPBzhdNxzJNl701mqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzFDhwLAAAAAAjzt06jYwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCoAAP//qH3FUA==")
r2 = openat$selinux_policy(0xffffff9c, &(0x7f00000005c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r2, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000300)='V', 0x1}], 0x1, 0x0, 0x0, 0x8010}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1200000028000000040000000200000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000700), &(0x7f0000000740)=r3}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={r5, &(0x7f0000000300), 0x0}, 0x20)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
setsockopt$MRT_FLUSH(r0, 0x0, 0xd1, &(0x7f00000000c0)=0x1, 0x4)
ioctl$PPPIOCSPASS(r1, 0x40107447, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0xe, 0x4, &(0x7f0000001480)=ANY=[@ANYBLOB="1800000002200000000000000000080071107e000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x94)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r6, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="000202"], 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800004008000004130000d6f0d0bd91fe181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

751.888788ms ago: executing program 1 (id=4263):
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Lu1cUB/CbgIRCJSKCgx0Eg0ujQhx0SAYrMWQxIlYcnAUHHQQHB0mJzr78A4pvIC5iZ0cxgijESTKKc0FxyZTS+hTa2qUtpvTH57OEe8+59+TyfQL/a/HwU7PZjIUQmom/f/r7s/xEsXdqbHomhFiYDyHkv/n610os6vjt1otoXYrWxUSmdnA7/nrWcdf3UE0dxaP6ZTyEH0IIS0/HyX/7Nr5857nr5MbmSmFrLbf4WFh/Hl4YyPds55d3Rw6z5dnu7Fz0YV3GWzM/VRs9uW+WXvbaB9uqtUbmJupLxz5nPv+tP+e/31WpVxqT/aerQ+nO+lV5J8r9Tf4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAnO89dJzc2Vwpba7nFx8L68/DCQL5nO7+8O3KYLc92Z+fi732X8dbMT9VGT+6bpZe99sG2aq2RuYn60rEPR7/78XP+Ei30bfhj/vtdlXqlMdl/ujqU7qxflXei3N8+5g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8JfyE8XeqbHpmRBiYT6EMB7vOP5lv5l4r8eivovotxTtFxOZ2sHt+OtZx13fQzV1NJUIIfG7e5eejpNftfIh/CM/BwAA//8514ZQ")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r0, &(0x7f0000000380)=ANY=[], 0x178)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffc}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
getsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000600)={@remote, @initdev}, &(0x7f0000000640)=0xc)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000700)={0x3, &(0x7f00000006c0)=[{0x9, 0xff, 0x7, 0x10}, {0x5, 0x9, 0x3, 0x3b69}, {0x8, 0x8, 0x9, 0xfffffffc}]})
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = gettid()
r3 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0xb)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
ioctl$LOOP_CONFIGURE(r5, 0x4c0a, &(0x7f0000000140)={r3, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1e, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90bf8b1c5512406c7f0000000000000000000000000000000000000000000009", [0x2, 0x40000000000000]}})
setpgid(r2, r2)
ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
unlink(&(0x7f0000000340)='./cgroup.cpu/cpuset.cpus\x00')
r6 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xc3, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xa19a, 0x1000}, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f0000000340)='cpu\t&0&&\t')

751.472898ms ago: executing program 5 (id=4264):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0xff, 0x0, 0x0, 0x0, 0x1888d07e92b1e73e}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r3)
sendmsg$NL80211_CMD_GET_WIPHY(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0)

710.881399ms ago: executing program 5 (id=4266):
syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x65, 0x0, 0x0, 0x6, 0x0, @empty, @multicast1}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2, 0x0, 0x0, 0x6}}}}}}, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x40050)
getresuid(&(0x7f0000000080), &(0x7f0000000100), &(0x7f0000000140)=<r3=>0x0)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000040)=@sr0, r3, &(0x7f0000000180)='./file0\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = add_key$fscrypt_v1(&(0x7f00000001c0), &(0x7f0000000380)={'fscrypt:', @desc2}, &(0x7f00000003c0)={0x0, "952a48570cd52582eee2451f2807b1ef37b8b531aaaff76b24144551de579c420c06b0f3f33bf003f6f76f3a623d9674895de5461521fe7d0d82d607aedc945b", 0x19}, 0x48, 0xfffffffffffffff9)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000640)='id_legacy\x00', &(0x7f0000000680)=@secondary)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
perf_event_open(&(0x7f0000000000)={0x1, 0xffffffffffffffc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffc, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x10848a, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)

630.63312ms ago: executing program 0 (id=4267):
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./bus\x00', 0x0, &(0x7f0000002480)=ANY=[], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f0000000180)='./bus\x00', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000600000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
renameat2(r0, &(0x7f0000000380)='./file0\x00', r0, &(0x7f0000000200)='./bus/file0\x00', 0x0) (fail_nth: 7)

629.81383ms ago: executing program 3 (id=4268):
r0 = syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='freezer.self_freezing\x00', 0x275a, 0x0)
r2 = creat(&(0x7f00000008c0)='./file0\x00', 0x244)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1000000, 0x80010, r0, 0xed2d0000)
fallocate(r2, 0x0, 0x0, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@newqdisc={0x4c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x1c, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xd13a}, @TCA_FQ_PIE_LIMIT={0x8, 0x1, 0x8}, @TCA_FQ_PIE_TARGET={0x8}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x1)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000100)={'wlan1\x00'})
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r6, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x64}}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r9)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r10, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000300)={'team0\x00', <r11=>0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f0000000380)={'ip_vti0\x00', &(0x7f0000000340)={'tunl0\x00', <r12=>0x0, 0x40, 0x700, 0x0, 0xffff, {{0x8, 0x4, 0x3, 0x0, 0x20, 0x65, 0x0, 0x1, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x18}, @empty, {[@cipso={0x86, 0xb, 0xfffffffffffffffc, [{0x0, 0x5, "e0a209"}]}]}}}}})
r13 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r14=>0x0})
r15 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r15, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c000000100003052cbd7000fedbdf2500000020", @ANYRES32=0x0, @ANYBLOB="0000000000080400240012800b0001006d61637365630000140002800500060000000000050007000000000008000500", @ANYRES32=r14], 0x4c}}, 0x0)
sendmsg$ETHTOOL_MSG_WOL_GET(r2, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000900)={0x120, 0x0, 0x400, 0x70bd28, 0x25dfdbfc, {}, [@HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}]}, @HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x4}, @HEADER={0x4}]}, 0x120}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000040)
fallocate(r1, 0x0, 0x0, 0x10fff9)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0xc, r2, 0x8, 0x0, 0x2})

562.981261ms ago: executing program 5 (id=4269):
creat(&(0x7f0000000040)='./file0\x00', 0x0) (async)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000240)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) (async)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x100ef, 0x7fa962bfffff, 0x13012, r0, 0x0) (async, rerun: 32)
gettid() (async, rerun: 32)
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) (async, rerun: 64)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYBLOB="ad883b0b7afb7edc6083303f4a526413514ce8affe57139c09b54656d4c42423cef837feb4ce1d7bd974926740fe69811eae412a4579e50de1f74745282455b7c48da322de105576a7f25f27bf135c8e7bb9f930274066e22880b80b57a9e8a84fe47b07ad00f4164edcebdd69f7efd718ceb5e8f4af86e3b1322e731a712892d230c13fba96d22b4362488bd6a80ef6e4a90759191e71ea6e79bb384577e55204cf6d69439927795f22f92bff11bd97430bb055fbadb9ea0cea1369d932fe991ae5d72eb8350cfe1f9831c53f82e5e58050fddbf6f7ae9a5fbd8a104ff64f9acafe5caa92c279a244c67ba1cfb000809c", @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) (async)
r4 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r4, &(0x7f0000002980)={&(0x7f0000000180)={0x2, 0xe23, @remote}, 0x43, &(0x7f0000000680)=[{&(0x7f0000000380)="5f719d7a65b60f807ea7ae23fc0f30db3fe9a2ef5641b99632610557bf8460749986b0b723f4eccbef2a8e4b3414f1d2943c03ba10f89e31a8743b97b646eef98a00", 0x42}, {&(0x7f00000007c0)}], 0x2}, 0x448e4) (async, rerun: 64)
setsockopt$sock_attach_bpf(r4, 0x84, 0x1e, &(0x7f0000000000), 0x10) (async, rerun: 64)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000080)={'batadv_slave_1\x00', {0x2, 0x0, @remote}}) (async)
ioctl$sock_inet_SIOCSIFADDR(r5, 0x891c, &(0x7f0000000540)={'batadv_slave_1\x00', {0x2, 0x0, @broadcast}}) (async)
read$ptp(r1, 0x0, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x0, @thr={&(0x7f00000000c0)="1d022bab689357e5e7bf6985ee85a6a65c89d8b8b3b69b17fd07640471", &(0x7f0000000580)="17f013637493a5400b08dbd5b6d6cc223532987436884b820fb28f11211e16514dd2bd80ab4ddcd1872668962181dc728e3b6d2b50a5321d568aa4fd4d0920d872bb24269f9b1b33e65234d337bd91c6d7e3d45242e875b9f34e63c10c15265cdb1f34d41a5c1c3d8366bd41edfac8c3237c4ebb9991acbfe75cae4a289cb9f40a938fbab2de650aabba0ebc2eb752d4f58a392d689fd5b0876079327da8a512bd097d89e447bd9ff3"}}, &(0x7f0000bbdffc)=<r6=>0x0)
timer_settime(r6, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) (async)
syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r2, &(0x7f0000019200)=""/102400, 0x19000, 0x3) (async)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) (async)
r8 = dup(r7)
write$P9_RLERRORu(r8, &(0x7f0000000100)=ANY=[@ANYBLOB="5300000007000046009d40", @ANYBLOB="fe4cecb210bc091b10"], 0x53) (async)
r9 = syz_open_procfs(0x0, &(0x7f0000000640)='uid_map\x00')
readv(r9, &(0x7f0000001440)=[{&(0x7f0000000040)=""/20, 0x5}, {0x0, 0x2}], 0x2) (async)
syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)

558.104401ms ago: executing program 1 (id=4270):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0xff, 0x0, 0x0, 0x0, 0x1888d07e92b1e73e}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
lsm_set_self_attr(0x66, &(0x7f0000000380)=ANY=[@ANYBLOB="650000000000000006000000000000003900000000000000190000000000000021b2d4bc3a6db6b21f"], 0x39, 0x0)

504.057052ms ago: executing program 4 (id=4271):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
splice(r1, 0x0, r3, 0x0, 0x100000000, 0x4)
vmsplice(r2, &(0x7f0000000780)=[{&(0x7f0000000180)="151f", 0x2}], 0x1, 0x1)

503.582822ms ago: executing program 5 (id=4272):
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000140), 0x121880, 0x0)
r1 = syz_io_uring_setup(0x53d3, &(0x7f0000000240)={0x0, 0x7d89, 0x10100, 0x3, 0x289}, &(0x7f0000000540)=<r2=>0x0, &(0x7f0000000700)=<r3=>0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000000)='kfree\x00', r5, 0x0, 0x1ffffffffffffffd}, 0x18)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4007, @fd=r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)=""/158, 0x9e}], 0x1})
io_uring_enter(r1, 0x567, 0x72, 0x0, 0x0, 0x0)

503.167302ms ago: executing program 5 (id=4273):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000002e80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x18)
faccessat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x5)

427.847233ms ago: executing program 4 (id=4274):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = openat$cgroup_ro(r1, &(0x7f00000001c0)='blkio.bfq.sectors\x00', 0x7a05, 0x1700)
splice(r1, 0x0, r2, 0x0, 0x100000000, 0x4)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f0000006840), 0x0, 0x40010120, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0xfffffffffffffed7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newqdisc={0x44, 0x24, 0x2, 0x1, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xb, 0x5}, {0xe, 0xffff}, {0xa, 0xfff1}}, [@qdisc_kind_options=@q_rr={{0x7}, {0x18, 0x2, {0x7fff, "47dbd662e0b19199e244a66daeba0dbe"}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x4048084)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
write$char_usb(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_misc(r6, &(0x7f0000000000), 0xfffffecc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x7, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r7}, 0x10)
ioperm(0x0, 0x2, 0x7e)
syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000007b3a6d7b850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)

345.889584ms ago: executing program 0 (id=4275):
mkdir(0x0, 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0x20, &(0x7f0000000280)={&(0x7f0000000180)=""/190, 0xbe, <r2=>0x0, &(0x7f0000000080)=""/39, 0x27}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)={0x1b, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x81, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x3, 0x3}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r4 = dup(r1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x10, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}})

321.294924ms ago: executing program 1 (id=4276):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0xff, 0x0, 0x0, 0x0, 0x1888d07e92b1e73e}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r3)
sendmsg$NL80211_CMD_GET_WIPHY(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0)

252.795556ms ago: executing program 1 (id=4277):
pipe(&(0x7f00000007c0))
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000640)='kmem_cache_free\x00', r0, 0x0, 0x80001}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004"], 0x50)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, &(0x7f0000001640)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r1, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
capset(&(0x7f00000020c0)={0x19980330}, &(0x7f0000000500)={0x0, 0x3, 0x647, 0x0, 0x40000})
setrlimit(0x40000000000008, &(0x7f0000000000))
r2 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r2, 0x1, 0x3c, &(0x7f00000001c0)={0x200000000000001}, 0x8)
sendto$inet6(r2, 0x0, 0x5c4, 0x404c844, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @local}, 0x1c)

252.110676ms ago: executing program 5 (id=4278):
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x2)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20000, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$igmp(0x2, 0x3, 0x2)
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000180)='./file1\x00', 0x804800, &(0x7f0000000000)=ANY=[@ANYRES8=0x0, @ANYBLOB="6092034e5823f645654f6e8edfc3b8e1a948efb0d4b9a9d4c30f5dacb3c1a7ea2587d59165777f070017c2921e793ec5a1384e143b57bb832f14bb43afdef6cb4ed4960b6c732be46a927cdd8c57f93ee6c15401df91ebcbe4f9989843313ea9f243d4dc3d276b966b898100a620b69b543033b9b7bcd9069b9248fbdff46c4a49f094a61938776ce1a1d0f0c84cb7a84bf0b1e2ce5f38f95e11d5b1977ead80625337f66dc391089ab8573d008a4bd03f6f9f01406db632558ed25be4beecd844ac00e52f95c5dc96a1e4a25c80d56aebf6cb33914d6bc72a40bf2fc94efed2f941cf3e"], 0xf9, 0x1213, &(0x7f0000000600)="$eJzs3E9rXFUYB+A3Y2rS1PxRa7Vd6AtuxMWlycKVIEFSkAwotRFaQbg1Ex0yzpTcITAiVldu/Ryu3Ql+g2z8DO6y6bIL8UrvNG1SU4vQZMQ+z2Luyz3nxzkHhoEz3HP33/3xq+2tqtgqh9GamorWrYi8m5HRigOvr4+v12+sr7bba1czr6xeW34nMxfe+PXTb2Yi4twnPy/8MhN7S5/t31n5fe/C3sX9P6992a2yW2V/MMwybw4Gw/JmbyE3u9V2kflRr1NWnez2q87OofZObr0dEaMs+5vzc7d2OlWVZX+U251RDgc53Bll+UXZ7WdRFDk/FzzWmSd32fjpbl3XEXV9Jp6Puq7rszEX5+KFmI+F+C4iXoyX4uU4H6/EhXg1XouLTa/TmD4AAAAAAAAAAAAAAAAAAAA8O/7p/P9iLDn/DwAAAAAAAAAAAAAAAAAAAKfg4+s31lfb7bWrmbMRvR92N3Y3xtdx+9K9j1504nIsxh/RnP4fG9dXPmivXc7GUnzfu30/f3t347kmv3qQX25eJ3A/P920HeSXx/k8mp+JuXv5reg2+ZVYjPPHj79ybH423nrzUL6Ixfjt8xhELzabsR/mv13OfP/D9iP5S00/AAAA+D8o8oFj9+9F8bj2cf7B/vrJ/w88sr+ejkvTk107EdXo6+2y1evsNEXvoJj9252TK+IUx3q6RcSduilmjja1TmjQVkx8yYeKqf/GNBRPpzgbR+9M+peJ0/DwazDpmQAAAAAAAAAAAPBvnPBzhdNxzJNl701mqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzFDhwLAAAAAAjzt06jYwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCoAAP//qH3FUA==")
r2 = openat$selinux_policy(0xffffff9c, &(0x7f00000005c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r2, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000300)='V', 0x1}], 0x1, 0x0, 0x0, 0x8010}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1200000028000000040000000200000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000700), &(0x7f0000000740)=r3}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={r5, &(0x7f0000000300), 0x0}, 0x20)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
setsockopt$MRT_FLUSH(r0, 0x0, 0xd1, &(0x7f00000000c0)=0x1, 0x4)
ioctl$PPPIOCSPASS(r1, 0x40107447, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0xe, 0x4, &(0x7f0000001480)=ANY=[@ANYBLOB="1800000002200000000000000000080071107e000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x94)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r6, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="000202"], 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800004008000004130000d6f0d0bd91fe181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

251.585306ms ago: executing program 1 (id=4279):
syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x65, 0x0, 0x0, 0x6, 0x0, @empty, @multicast1}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2, 0x0, 0x0, 0x6}}}}}}, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x40050)
getresuid(&(0x7f0000000080), &(0x7f0000000100), &(0x7f0000000140)=<r3=>0x0)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000040)=@sr0, r3, &(0x7f0000000180)='./file0\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = add_key$fscrypt_v1(&(0x7f00000001c0), &(0x7f0000000380)={'fscrypt:', @desc2}, &(0x7f00000003c0)={0x0, "952a48570cd52582eee2451f2807b1ef37b8b531aaaff76b24144551de579c420c06b0f3f33bf003f6f76f3a623d9674895de5461521fe7d0d82d607aedc945b", 0x19}, 0x48, 0xfffffffffffffff9)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000640)='id_legacy\x00', &(0x7f0000000680)=@secondary)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
perf_event_open(&(0x7f0000000000)={0x1, 0xffffffffffffffc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffc, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x10848a, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)

212.462967ms ago: executing program 0 (id=4280):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000500)='kfree\x00', r0}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000400)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="a1832abd7000ffffffff05"], 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x4040004)

165.644467ms ago: executing program 0 (id=4281):
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Lu1cUB/CbgIRCJSKCgx0Eg0ujQhx0SAYrMWQxIlYcnAUHHQQHB0mJzr78A4pvIC5iZ0cxgijESTKKc0FxyZTS+hTa2qUtpvTH57OEe8+59+TyfQL/a/HwU7PZjIUQmom/f/r7s/xEsXdqbHomhFiYDyHkv/n610os6vjt1otoXYrWxUSmdnA7/nrWcdf3UE0dxaP6ZTyEH0IIS0/HyX/7Nr5857nr5MbmSmFrLbf4WFh/Hl4YyPds55d3Rw6z5dnu7Fz0YV3GWzM/VRs9uW+WXvbaB9uqtUbmJupLxz5nPv+tP+e/31WpVxqT/aerQ+nO+lV5J8r9Tf4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAnO89dJzc2Vwpba7nFx8L68/DCQL5nO7+8O3KYLc92Z+fi732X8dbMT9VGT+6bpZe99sG2aq2RuYn60rEPR7/78XP+Ei30bfhj/vtdlXqlMdl/ujqU7qxflXei3N8+5g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8JfyE8XeqbHpmRBiYT6EMB7vOP5lv5l4r8eivovotxTtFxOZ2sHt+OtZx13fQzV1NJUIIfG7e5eejpNftfIh/CM/BwAA//8514ZQ")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r0, &(0x7f0000000380)=ANY=[], 0x178)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffc}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
getsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000600)={@remote, @initdev}, &(0x7f0000000640)=0xc)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000700)={0x3, &(0x7f00000006c0)=[{0x9, 0xff, 0x7, 0x10}, {0x5, 0x9, 0x3, 0x3b69}, {0x8, 0x8, 0x9, 0xfffffffc}]})
ioctl$TUNSETIFINDEX(r0, 0x400454da, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = gettid()
r3 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0xb)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
ioctl$LOOP_CONFIGURE(r5, 0x4c0a, &(0x7f0000000140)={r3, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1e, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90bf8b1c5512406c7f0000000000000000000000000000000000000000000009", [0x2, 0x40000000000000]}})
setpgid(r2, r2)
ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
unlink(0x0)
r6 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xc3, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xa19a, 0x1000}, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f0000000340)='cpu\t&0&&\t')

143.912448ms ago: executing program 3 (id=4282):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x328, 0x170, 0x2b8, 0x25c, 0x0, 0x7, 0x258, 0x3a8, 0x3a8, 0x258, 0x3a8, 0x7fffffe, 0x0, {[{{@uncond, 0x16c, 0x108, 0x170, 0xa010000, {0x0, 0x4000000}, [@common=@unspec=@quota={{0x38}}, @common=@inet=@socket3={{0x28, 'socket\x00', 0x2}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x14, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@ipv6={@local, @local, [], [], 'sit0\x00', 'veth0_to_bond\x00'}, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x388)

121.398078ms ago: executing program 1 (id=4283):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt(r0, 0x1, 0x7ff, &(0x7f00000012c0)=""/106, &(0x7f0000000000)=0x6a)
socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x80000, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r3, 0x107, 0xa, 0x0, 0x0) (async)
setsockopt$packet_int(r3, 0x107, 0xa, 0x0, 0x0)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x4, 0xf83, 0x4}, 0x1c) (async)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x4, 0xf83, 0x4}, 0x1c)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000280)) (async)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000280))
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
sendfile(r2, r2, &(0x7f0000000040)=0x400, 0x98)
r6 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_mreqsrc(r2, 0x0, 0x28, &(0x7f0000000000)={@loopback, @dev={0xac, 0x14, 0x14, 0x40}, @multicast1}, 0xc)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r5, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r5], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0) (async)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r5, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r5], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYRESOCT=r1, @ANYRES32, @ANYRESOCT=r4], 0x0, 0x18, 0x0, 0x0, 0x0, 0x47, '\x00', 0x0, @fallback=0xc, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYRESOCT=r1, @ANYRES32, @ANYRESOCT=r4], 0x0, 0x18, 0x0, 0x0, 0x0, 0x47, '\x00', 0x0, @fallback=0xc, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = gettid()
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000000380)) (async)
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000000380))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000001440)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x0)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r12, 0x0, r11, 0x0, 0x3, 0x0)
fcntl$setpipe(r10, 0x4, 0xfffffffffffff000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
r13 = creat(&(0x7f00000000c0)='./file0\x00', 0x67)
close(r13) (async)
close(r13)

84.775969ms ago: executing program 0 (id=4284):
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000140), 0x121880, 0x0)
r1 = syz_io_uring_setup(0x53d3, &(0x7f0000000240)={0x0, 0x7d89, 0x10100, 0x3, 0x289}, &(0x7f0000000540)=<r2=>0x0, &(0x7f0000000700)=<r3=>0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000000)='kfree\x00', r5, 0x0, 0x1ffffffffffffffd}, 0x18)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4007, @fd=r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)=""/158, 0x9e}], 0x1})
io_uring_enter(r1, 0x567, 0x72, 0x0, 0x0, 0x0)

46.493249ms ago: executing program 3 (id=4285):
fsopen(0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x5)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = fsopen(&(0x7f0000000240)='gadgetfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
fchdir(r3)
mknod$loop(&(0x7f00000001c0)='./file0\x00', 0x8000, 0x0)
pipe2$9p(&(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
r6 = dup(r5)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@cache_loose}], [], 0x6b}})
open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80)
setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000280)={0x0, 0x4, 0x0, 0x0, 0xcb, 0x0, 0x4, 0x7}, 0xe)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={<r7=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e23, @local}]}, &(0x7f0000000240)=0x10)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000140)={0x1, [0x7fff]}, 0x6)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f0000000c80)={r7, @in6={{0xa, 0x4e24, 0xe92, @dev={0xfe, 0x80, '\x00', 0x2f}, 0x9}}, [0xfffffffffffffffe, 0xb, 0x9, 0xfffffffffffffff9, 0xae5, 0x0, 0x6, 0x7fffffffffffffff, 0x7, 0x4, 0x8000000000000001, 0x4, 0x0, 0x1, 0x7ffe]}, &(0x7f0000000d80)=0xfc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00'}, 0x10)
r8 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070"], 0x0, 0x2002, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r9}, 0x10)
r10 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_inet_SIOCSARP(r10, 0x8953, &(0x7f0000000080)={{0x2, 0x0, @empty}, {0x0, @random="bb03b6b88637"}, 0x6, {0x2, 0x4, @multicast1=0xe000cc02}, 'bond_slave_0\x00'})
r11 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r11, &(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10)

45.677919ms ago: executing program 0 (id=4286):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000180)={[{@dioread_nolock}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ") (async, rerun: 32)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000040)='./bus\x00', 0x2229c13, 0x0, 0x1, 0x0, &(0x7f0000000080)) (rerun: 32)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) (async)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10) (async)
mremap(&(0x7f0000000000/0x9000)=nil, 0x200003, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) (async)
sendto$inet6(r1, &(0x7f0000000240)="c4", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x105}, 0x1c) (async, rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={0x0}, 0x18) (async, rerun: 64)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async, rerun: 64)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) (rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) (async)
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800) (async, rerun: 32)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (rerun: 32)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001580)={0x9c, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2, 0x0, 0x5}, [@CTA_EXPECT_TUPLE={0x44, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @loopback}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @loopback}}}]}, @CTA_EXPECT_MASTER={0x40, 0x1, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @rand_addr=0x64010100}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @CTA_EXPECT_MASTER={0x4}]}, 0x9c}}, 0x0) (async, rerun: 32)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0) (rerun: 32)
set_mempolicy_home_node(&(0x7f0000349000/0xa000)=nil, 0xa000, 0x0, 0x0)
socket$inet(0x2, 0x4, 0xc4e4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
utimes(&(0x7f0000001ac0)='./file0\x00', 0x0) (async)
truncate(&(0x7f0000001480)='./bus\x00', 0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

0s ago: executing program 3 (id=4287):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000005600)='sys_enter\x00', r0}, 0x10)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', 0x0, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000680)='+}[@\x00[$oB\xfa=\xee\xc4F\xba\xed\x97')
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c9"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
syz_io_uring_setup(0x16e, &(0x7f0000000580)={0x0, 0x78a6, 0x200, 0x2, 0x265}, &(0x7f0000000140), &(0x7f0000000640))
msgsnd(0x0, &(0x7f0000000040)=ANY=[@ANYRESDEC], 0x401, 0x0)
msgctl$IPC_RMID(0x0, 0x0)

kernel console output (not intermixed with test programs):

tap: entered promiscuous mode
[  177.638006][T12621] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3187'.
[  177.646407][T12486] batman_adv: batadv0: Interface activated: batadv_slave_0
[  177.662852][T12486] batman_adv: batadv0: Interface activated: batadv_slave_1
[  177.672133][T12486] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  177.680883][T12486] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  177.689718][T12486] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  177.698541][T12486] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  177.709345][T12621] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3187'.
[  177.723931][T12621] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  177.737983][T12621] batman_adv: batadv0: Removing interface: batadv_slave_0
[  177.784963][T12627] loop9: detected capacity change from 0 to 7
[  177.791320][T12627]  loop9: unable to read partition table
[  177.803756][T12627] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  177.803756][T12627] 
) failed (rc=-5)
[  177.952202][T12642] netlink: 'syz.4.3195': attribute type 298 has an invalid length.
[  177.994313][T12648] loop9: detected capacity change from 0 to 7
[  178.000495][T12648]  loop9: unable to read partition table
[  178.006623][T12648] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  178.006623][T12648] 
) failed (rc=-5)
[  178.221243][T12657] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3201'.
[  178.302249][T12661] loop9: detected capacity change from 0 to 7
[  178.308524][T12661]  loop9: unable to read partition table
[  178.315360][T12661] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  178.315360][T12661] 
) failed (rc=-5)
[  178.518874][T12674] netlink: 'syz.4.3209': attribute type 298 has an invalid length.
[  178.538513][T12675] loop9: detected capacity change from 0 to 7
[  178.546303][T12675]  loop9: unable to read partition table
[  178.558853][T12675] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  178.558853][T12675] 
) failed (rc=-5)
[  178.589083][T12683] netlink: 'syz.1.3214': attribute type 20 has an invalid length.
[  178.633915][T12687] loop9: detected capacity change from 0 to 7
[  178.640284][T12687]  loop9: unable to read partition table
[  178.646531][T12687] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  178.646531][T12687] 
) failed (rc=-5)
[  178.768593][T12702] netlink: 'syz.4.3223': attribute type 298 has an invalid length.
[  178.826797][T12711] loop9: detected capacity change from 0 to 7
[  178.833305][T12711]  loop9: unable to read partition table
[  178.838974][T12711] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  178.838974][T12711] 
) failed (rc=-5)
[  179.110092][T12737] loop9: detected capacity change from 0 to 7
[  179.116382][T12737]  loop9: unable to read partition table
[  179.122296][T12737] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  179.122296][T12737] 
) failed (rc=-5)
[  179.249938][T12747] loop9: detected capacity change from 0 to 7
[  179.258569][T12747]  loop9: unable to read partition table
[  179.264506][T12747] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  179.264506][T12747] 
) failed (rc=-5)
[  179.573327][T12770] validate_nla: 2 callbacks suppressed
[  179.573342][T12770] netlink: 'syz.4.3248': attribute type 298 has an invalid length.
[  179.732461][T12756] chnl_net:caif_netlink_parms(): no params data found
[  179.755859][ T1734] netdevsim netdevsim5 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  179.765768][ T1734] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.790048][T12756] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.797399][T12756] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.805931][T12756] bridge_slave_0: entered allmulticast mode
[  179.813444][T12756] bridge_slave_0: entered promiscuous mode
[  179.820158][T12756] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.827310][T12756] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.835454][T12756] bridge_slave_1: entered allmulticast mode
[  179.842155][T12756] bridge_slave_1: entered promiscuous mode
[  179.864301][T12787] loop9: detected capacity change from 0 to 7
[  179.870523][T12787]  loop9: unable to read partition table
[  179.871285][ T1734] netdevsim netdevsim5 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  179.876308][T12787] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  179.876308][T12787] 
) failed (rc=-5)
[  179.885898][ T1734] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.919687][T12756] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  179.948426][T12756] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  179.959257][ T1734] netdevsim netdevsim5 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  179.969188][ T1734] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.995711][T12756] team0: Port device team_slave_0 added
[  180.004408][T12756] team0: Port device team_slave_1 added
[  180.025013][T12756] batman_adv: batadv0: Adding interface: batadv_slave_0
[  180.032039][T12756] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  180.058081][T12756] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  180.070847][ T1734] netdevsim netdevsim5 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  180.080655][ T1734] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  180.092612][T12756] batman_adv: batadv0: Adding interface: batadv_slave_1
[  180.099614][T12756] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  180.105229][T12794] loop9: detected capacity change from 0 to 7
[  180.125550][T12756] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  180.133214][T12794]  loop9: unable to read partition table
[  180.150485][T12794] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  180.150485][T12794] 
) failed (rc=-5)
[  180.177711][T12756] hsr_slave_0: entered promiscuous mode
[  180.185636][T12756] hsr_slave_1: entered promiscuous mode
[  180.193488][T12756] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  180.201055][T12756] Cannot create hsr debugfs directory
[  180.309472][ T1734] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  180.320285][ T1734] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  180.336731][ T1734] bond0 (unregistering): Released all slaves
[  180.346049][ T1734] bond1 (unregistering): Released all slaves
[  180.355142][ T1734] bond2 (unregistering): Released all slaves
[  180.380792][T12807] netlink: 'syz.1.3265': attribute type 3 has an invalid length.
[  180.396611][ T1734] IPVS: stopping backup sync thread 7289 ...
[  180.851525][ T1734] veth1_macvtap: left promiscuous mode
[  180.857070][ T1734] veth0_macvtap: left promiscuous mode
[  180.862767][ T1734] veth1_vlan: left promiscuous mode
[  180.922316][T12835] loop9: detected capacity change from 0 to 7
[  180.928596][T12835] buffer_io_error: 20 callbacks suppressed
[  180.928608][T12835] Buffer I/O error on dev loop9, logical block 0, async page read
[  180.942614][T12835] Buffer I/O error on dev loop9, logical block 0, async page read
[  180.950440][T12835]  loop9: unable to read partition table
[  180.958707][T12835] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  180.958707][T12835] 
) failed (rc=-5)
[  180.959170][ T1734] team0 (unregistering): Port device team_slave_1 removed
[  180.983797][ T1734] team0 (unregistering): Port device team_slave_0 removed
[  181.253087][T12854] loop9: detected capacity change from 0 to 7
[  181.259428][T12854] Buffer I/O error on dev loop9, logical block 0, async page read
[  181.287383][T12854] Buffer I/O error on dev loop9, logical block 0, async page read
[  181.295308][T12854]  loop9: unable to read partition table
[  181.310890][T12859] netlink: 'syz.3.3277': attribute type 298 has an invalid length.
[  181.322483][T12854] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  181.322483][T12854] 
) failed (rc=-5)
[  181.360118][T12756] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  181.383362][T12756] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  181.416006][T12864] loop9: detected capacity change from 0 to 7
[  181.423486][T12864] Buffer I/O error on dev loop9, logical block 0, async page read
[  181.431575][T12864] Buffer I/O error on dev loop9, logical block 0, async page read
[  181.439387][T12864]  loop9: unable to read partition table
[  181.449104][T12864] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  181.449104][T12864] 
) failed (rc=-5)
[  181.473085][T12756] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  181.483692][ T1734] IPVS: stop unused estimator thread 0...
[  181.489840][T12756] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  181.561058][T12756] 8021q: adding VLAN 0 to HW filter on device bond0
[  181.572216][T12756] 8021q: adding VLAN 0 to HW filter on device team0
[  181.589023][T12756] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  181.599392][T12756] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  181.633886][ T1734] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.641732][ T1734] bridge0: port 1(bridge_slave_0) entered forwarding state
[  181.660171][ T1734] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.667321][ T1734] bridge0: port 2(bridge_slave_1) entered forwarding state
[  181.726055][T12756] 8021q: adding VLAN 0 to HW filter on device batadv0
[  181.778279][T12894] netlink: 'syz.4.3288': attribute type 298 has an invalid length.
[  181.857206][   T29] kauditd_printk_skb: 918 callbacks suppressed
[  181.857219][   T29] audit: type=1326 audit(1751104842.657:21439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12899 comm="syz.4.3290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f893556e929 code=0x7ffc0000
[  181.892865][T12902] loop9: detected capacity change from 0 to 7
[  181.899112][T12902] Buffer I/O error on dev loop9, logical block 0, async page read
[  181.911932][   T29] audit: type=1326 audit(1751104842.697:21440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12899 comm="syz.4.3290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f893556e929 code=0x7ffc0000
[  181.935615][T12902] Buffer I/O error on dev loop9, logical block 0, async page read
[  181.935696][T12902]  loop9: unable to read partition table
[  181.935712][T12902] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  181.935712][T12902] 
) failed (rc=-5)
[  181.961021][T12756] veth0_vlan: entered promiscuous mode
[  181.962429][   T29] audit: type=1326 audit(1751104842.697:21441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12899 comm="syz.4.3290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f893556e929 code=0x7ffc0000
[  181.981621][T12756] veth1_vlan: entered promiscuous mode
[  181.991471][   T29] audit: type=1326 audit(1751104842.697:21442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12899 comm="syz.4.3290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f893556e929 code=0x7ffc0000
[  182.011251][T12756] veth0_macvtap: entered promiscuous mode
[  182.020398][   T29] audit: type=1326 audit(1751104842.697:21443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12899 comm="syz.4.3290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f893556e929 code=0x7ffc0000
[  182.049666][   T29] audit: type=1326 audit(1751104842.697:21444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12899 comm="syz.4.3290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f893556e929 code=0x7ffc0000
[  182.073199][   T29] audit: type=1326 audit(1751104842.697:21445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12899 comm="syz.4.3290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f893556e929 code=0x7ffc0000
[  182.097458][   T29] audit: type=1326 audit(1751104842.697:21446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12899 comm="syz.4.3290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f893556e929 code=0x7ffc0000
[  182.121217][   T29] audit: type=1326 audit(1751104842.697:21447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12899 comm="syz.4.3290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f893556e929 code=0x7ffc0000
[  182.144872][   T29] audit: type=1326 audit(1751104842.697:21448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12899 comm="syz.4.3290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f893556e929 code=0x7ffc0000
[  182.147624][T12756] veth1_macvtap: entered promiscuous mode
[  182.207488][T12756] batman_adv: batadv0: Interface activated: batadv_slave_0
[  182.218638][T12756] batman_adv: batadv0: Interface activated: batadv_slave_1
[  182.232766][T12756] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  182.241639][T12756] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  182.250810][T12756] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  182.259546][T12756] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  182.320525][T12934] netlink: 'syz.5.3247': attribute type 20 has an invalid length.
[  182.332231][T12932] netlink: 'syz.4.3300': attribute type 298 has an invalid length.
[  182.427831][T12944] loop9: detected capacity change from 0 to 7
[  182.439577][T12944] Buffer I/O error on dev loop9, logical block 0, async page read
[  182.447753][T12944] Buffer I/O error on dev loop9, logical block 0, async page read
[  182.455644][T12944]  loop9: unable to read partition table
[  182.471524][T12944] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  182.471524][T12944] 
) failed (rc=-5)
[  182.719737][T12965] netlink: 'syz.5.3313': attribute type 298 has an invalid length.
[  182.992854][T12973] loop9: detected capacity change from 0 to 7
[  183.014947][T12973]  loop9: unable to read partition table
[  183.035522][T12973] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  183.035522][T12973] 
) failed (rc=-5)
[  183.189740][T12983] loop9: detected capacity change from 0 to 7
[  183.232788][T12983]  loop9: unable to read partition table
[  183.241692][T12983] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  183.241692][T12983] 
) failed (rc=-5)
[  183.366909][T12999] loop9: detected capacity change from 0 to 7
[  183.381635][T12999]  loop9: unable to read partition table
[  183.391429][T12999] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  183.391429][T12999] 
) failed (rc=-5)
[  183.428983][T13001] netlink: 'syz.4.3330': attribute type 298 has an invalid length.
[  183.679550][T13013] IPv4: Oversized IP packet from 127.202.26.0
[  183.780448][T13016] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3337'.
[  183.794894][T13016] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  183.802384][T13016] batman_adv: batadv0: Removing interface: batadv_slave_0
[  183.811080][T13016] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  183.818525][T13016] batman_adv: batadv0: Removing interface: batadv_slave_1
[  183.835751][T13017] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3338'.
[  183.855144][T13020] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  183.863904][T13020] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  183.867528][T13022] loop9: detected capacity change from 0 to 7
[  183.872628][T13020] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  183.878871][T13022]  loop9: unable to read partition table
[  183.887379][T13020] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  183.905738][T13023] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3338'.
[  183.926966][T13022] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  183.926966][T13022] 
) failed (rc=-5)
[  183.956415][T13020] netlink: 33912 bytes leftover after parsing attributes in process `syz.1.3337'.
[  184.143835][T13033] loop9: detected capacity change from 0 to 7
[  184.150292][T13033]  loop9: unable to read partition table
[  184.171431][T13033] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  184.171431][T13033] 
) failed (rc=-5)
[  184.264509][T13047] netlink: 'syz.4.3350': attribute type 298 has an invalid length.
[  184.375530][T13056] loop9: detected capacity change from 0 to 7
[  184.381800][T13056]  loop9: unable to read partition table
[  184.387434][T13056] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  184.387434][T13056] 
) failed (rc=-5)
[  184.626615][T13073] loop9: detected capacity change from 0 to 7
[  184.634600][T13073]  loop9: unable to read partition table
[  184.640465][T13073] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  184.640465][T13073] 
) failed (rc=-5)
[  184.698023][T13078] netlink: 'syz.5.3363': attribute type 298 has an invalid length.
[  185.190733][T13133] syzkaller0: entered promiscuous mode
[  185.196349][T13133] syzkaller0: entered allmulticast mode
[  185.231473][T13141] syzkaller0: entered promiscuous mode
[  185.236974][T13141] syzkaller0: entered allmulticast mode
[  185.998972][T13249] netlink: 'syz.1.3447': attribute type 298 has an invalid length.
[  186.414542][T13265] loop9: detected capacity change from 0 to 7
[  186.441521][T13265] buffer_io_error: 14 callbacks suppressed
[  186.441533][T13265] Buffer I/O error on dev loop9, logical block 0, async page read
[  186.455400][T13265] Buffer I/O error on dev loop9, logical block 0, async page read
[  186.463243][T13265]  loop9: unable to read partition table
[  186.468963][T13265] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  186.468963][T13265] 
) failed (rc=-5)
[  186.633156][T13285] netlink: 'syz.0.3460': attribute type 298 has an invalid length.
[  186.715446][T13291] loop9: detected capacity change from 0 to 7
[  186.724798][T13291] Buffer I/O error on dev loop9, logical block 0, async page read
[  186.732719][T13291] Buffer I/O error on dev loop9, logical block 0, async page read
[  186.740574][T13291]  loop9: unable to read partition table
[  186.747391][T13291] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  186.747391][T13291] 
) failed (rc=-5)
[  186.948062][T13313] netlink: 96 bytes leftover after parsing attributes in process `syz.4.3474'.
[  186.972484][T13313] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  186.981704][T13313] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  187.001143][T13318] netlink: 'syz.3.3476': attribute type 298 has an invalid length.
[  187.002030][T13313] netlink: 'syz.4.3474': attribute type 11 has an invalid length.
[  187.027807][   T29] kauditd_printk_skb: 865 callbacks suppressed
[  187.027821][   T29] audit: type=1326 audit(1751104847.827:22314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13316 comm="syz.1.3477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85f99be929 code=0x7ffc0000
[  187.060779][   T29] audit: type=1326 audit(1751104847.827:22315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13316 comm="syz.1.3477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85f99be929 code=0x7ffc0000
[  187.084565][   T29] audit: type=1400 audit(1751104847.827:22316): avc:  denied  { read write } for  pid=13312 comm="syz.4.3474" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  187.109610][   T29] audit: type=1400 audit(1751104847.827:22317): avc:  denied  { open } for  pid=13312 comm="syz.4.3474" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  187.134330][   T29] audit: type=1400 audit(1751104847.827:22318): avc:  denied  { mount } for  pid=13312 comm="syz.4.3474" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  187.156826][   T29] audit: type=1400 audit(1751104847.857:22319): avc:  denied  { unmount } for  pid=12486 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  187.180043][   T29] audit: type=1326 audit(1751104847.977:22320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13316 comm="syz.1.3477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85f99be929 code=0x7ffc0000
[  187.204014][   T29] audit: type=1326 audit(1751104847.977:22321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13316 comm="syz.1.3477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85f99be929 code=0x7ffc0000
[  187.227875][   T29] audit: type=1326 audit(1751104847.977:22322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13316 comm="syz.1.3477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85f99be929 code=0x7ffc0000
[  187.251441][   T29] audit: type=1326 audit(1751104847.977:22323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13316 comm="syz.1.3477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85f99be929 code=0x7ffc0000
[  187.319238][T13328] loop9: detected capacity change from 0 to 7
[  187.325732][T13328] Buffer I/O error on dev loop9, logical block 0, async page read
[  187.333963][T13328] Buffer I/O error on dev loop9, logical block 0, async page read
[  187.341891][T13328]  loop9: unable to read partition table
[  187.348035][T13328] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  187.348035][T13328] 
) failed (rc=-5)
[  187.785882][T13350] netlink: 'syz.3.3490': attribute type 298 has an invalid length.
[  188.043274][T13372] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  188.426220][T13405] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  188.914375][T13437] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  188.988698][T13441] loop9: detected capacity change from 0 to 7
[  189.056413][T13441] Buffer I/O error on dev loop9, logical block 0, async page read
[  189.065920][T13441] Buffer I/O error on dev loop9, logical block 0, async page read
[  189.073833][T13441]  loop9: unable to read partition table
[  189.083988][T13441] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  189.083988][T13441] 
) failed (rc=-5)
[  189.101237][T13446] netlink: 'syz.4.3531': attribute type 298 has an invalid length.
[  189.526005][T13477] netlink: 'syz.5.3545': attribute type 298 has an invalid length.
[  189.552966][T13473] loop9: detected capacity change from 0 to 7
[  189.566965][T13473] Buffer I/O error on dev loop9, logical block 0, async page read
[  189.576879][T13473] Buffer I/O error on dev loop9, logical block 0, async page read
[  189.584711][T13473]  loop9: unable to read partition table
[  189.638830][T13473] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  189.638830][T13473] 
) failed (rc=-5)
[  190.127273][T13506] netlink: 'syz.1.3558': attribute type 298 has an invalid length.
[  190.169339][T13512] loop9: detected capacity change from 0 to 7
[  190.175586][T13512]  loop9: unable to read partition table
[  190.181571][T13512] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  190.181571][T13512] 
) failed (rc=-5)
[  190.492428][T13533] netlink: 'syz.3.3571': attribute type 298 has an invalid length.
[  190.610412][T13540] loop9: detected capacity change from 0 to 7
[  190.621556][T13540]  loop9: unable to read partition table
[  190.632507][T13540] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  190.632507][T13540] 
) failed (rc=-5)
[  191.129288][T13568] netlink: 'syz.4.3586': attribute type 298 has an invalid length.
[  191.345413][T13570] IPv4: Oversized IP packet from 127.202.26.0
[  191.620354][T13584] loop9: detected capacity change from 0 to 7
[  191.626642][T13584] buffer_io_error: 4 callbacks suppressed
[  191.626654][T13584] Buffer I/O error on dev loop9, logical block 0, async page read
[  191.641476][T13584] Buffer I/O error on dev loop9, logical block 0, async page read
[  191.649300][T13584]  loop9: unable to read partition table
[  191.655953][T13584] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  191.655953][T13584] 
) failed (rc=-5)
[  191.669465][T13588] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  191.730346][T13596] netlink: 'syz.1.3599': attribute type 298 has an invalid length.
[  192.050215][   T29] kauditd_printk_skb: 823 callbacks suppressed
[  192.050229][   T29] audit: type=1326 audit(1751104852.847:23147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13612 comm="syz.3.3607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df9ee929 code=0x7ffc0000
[  192.092912][T13613] loop9: detected capacity change from 0 to 7
[  192.099301][T13613] Buffer I/O error on dev loop9, logical block 0, async page read
[  192.107461][T13613] Buffer I/O error on dev loop9, logical block 0, async page read
[  192.115329][T13613]  loop9: unable to read partition table
[  192.140690][T13618] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  192.204954][   T29] audit: type=1326 audit(1751104852.887:23148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13612 comm="syz.3.3607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df9ee929 code=0x7ffc0000
[  192.228630][   T29] audit: type=1326 audit(1751104852.887:23149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13612 comm="syz.3.3607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f43df9ee929 code=0x7ffc0000
[  192.252266][   T29] audit: type=1326 audit(1751104852.887:23150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13612 comm="syz.3.3607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df9ee929 code=0x7ffc0000
[  192.275833][   T29] audit: type=1326 audit(1751104852.887:23151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13612 comm="syz.3.3607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df9ee929 code=0x7ffc0000
[  192.277966][T13613] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  192.277966][T13613] 
) failed (rc=-5)
[  192.299399][   T29] audit: type=1326 audit(1751104852.887:23152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13612 comm="syz.3.3607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f43df9ee929 code=0x7ffc0000
[  192.336692][   T29] audit: type=1326 audit(1751104852.887:23153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13612 comm="syz.3.3607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df9ee929 code=0x7ffc0000
[  192.360429][   T29] audit: type=1326 audit(1751104852.887:23154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13612 comm="syz.3.3607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df9ee929 code=0x7ffc0000
[  192.384018][   T29] audit: type=1326 audit(1751104852.887:23155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13612 comm="syz.3.3607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f43df9ee929 code=0x7ffc0000
[  192.407494][   T29] audit: type=1326 audit(1751104852.887:23156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13612 comm="syz.3.3607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43df9ee929 code=0x7ffc0000
[  192.466962][T13624] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3610'.
[  192.520930][T13630] netlink: 'syz.5.3613': attribute type 298 has an invalid length.
[  192.546619][T13633] FAULT_INJECTION: forcing a failure.
[  192.546619][T13633] name failslab, interval 1, probability 0, space 0, times 0
[  192.559324][T13633] CPU: 1 UID: 0 PID: 13633 Comm: syz.5.3614 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  192.559353][T13633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  192.559387][T13633] Call Trace:
[  192.559393][T13633]  <TASK>
[  192.559400][T13633]  __dump_stack+0x1d/0x30
[  192.559424][T13633]  dump_stack_lvl+0xe8/0x140
[  192.559443][T13633]  dump_stack+0x15/0x1b
[  192.559459][T13633]  should_fail_ex+0x265/0x280
[  192.559490][T13633]  ? __pfx_asymmetric_key_cmp_partial+0x10/0x10
[  192.559519][T13633]  should_failslab+0x8c/0xb0
[  192.559561][T13633]  __kmalloc_noprof+0xa5/0x3e0
[  192.559587][T13633]  ? asymmetric_key_hex_to_key_id+0x5f/0xe0
[  192.559757][T13633]  ? __pfx_asymmetric_key_cmp_partial+0x10/0x10
[  192.559783][T13633]  asymmetric_key_hex_to_key_id+0x5f/0xe0
[  192.559808][T13633]  ? __pfx_asymmetric_key_cmp_partial+0x10/0x10
[  192.559846][T13633]  asymmetric_key_match_preparse+0x193/0x210
[  192.559870][T13633]  request_key_and_link+0x108/0xd70
[  192.559896][T13633]  ? should_fail_ex+0xdb/0x280
[  192.559969][T13633]  ? __pfx_key_default_cmp+0x10/0x10
[  192.560033][T13633]  __se_sys_request_key+0x1df/0x290
[  192.560058][T13633]  ? fput+0x8f/0xc0
[  192.560080][T13633]  __x64_sys_request_key+0x55/0x70
[  192.560100][T13633]  x64_sys_call+0x2f19/0x2fb0
[  192.560118][T13633]  do_syscall_64+0xd2/0x200
[  192.560191][T13633]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  192.560218][T13633]  ? clear_bhb_loop+0x40/0x90
[  192.560239][T13633]  ? clear_bhb_loop+0x40/0x90
[  192.560260][T13633]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.560335][T13633] RIP: 0033:0x7f2e3048e929
[  192.560367][T13633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.560383][T13633] RSP: 002b:00007f2e2eaf7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[  192.560402][T13633] RAX: ffffffffffffffda RBX: 00007f2e306b5fa0 RCX: 00007f2e3048e929
[  192.560412][T13633] RDX: 0000200000001fee RSI: 0000200000001ffb RDI: 0000200000000040
[  192.560422][T13633] RBP: 00007f2e2eaf7090 R08: 0000000000000000 R09: 0000000000000000
[  192.560496][T13633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  192.560508][T13633] R13: 0000000000000000 R14: 00007f2e306b5fa0 R15: 00007ffff3c9e588
[  192.560525][T13633]  </TASK>
[  192.877842][T13638] random: crng reseeded on system resumption
[  193.046785][T13658] netlink: 'syz.4.3625': attribute type 298 has an invalid length.
[  193.095667][T13653] IPv4: Oversized IP packet from 127.202.26.0
[  193.125966][T13663] netlink: 'syz.0.3627': attribute type 2 has an invalid length.
[  193.133770][T13663] netlink: 'syz.0.3627': attribute type 1 has an invalid length.
[  193.141539][T13663] netlink: 199820 bytes leftover after parsing attributes in process `syz.0.3627'.
[  193.240790][T13676] 9pnet: Could not find request transport: fd0x0000000000000009
[  193.545461][T13699] IPv4: Oversized IP packet from 127.202.26.0
[  193.613319][T13708] 9pnet: Could not find request transport: fd0x0000000000000009
[  193.770605][T13726] FAULT_INJECTION: forcing a failure.
[  193.770605][T13726] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  193.783740][T13726] CPU: 0 UID: 0 PID: 13726 Comm: syz.3.3652 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  193.783818][T13726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  193.783828][T13726] Call Trace:
[  193.783833][T13726]  <TASK>
[  193.783839][T13726]  __dump_stack+0x1d/0x30
[  193.783857][T13726]  dump_stack_lvl+0xe8/0x140
[  193.783874][T13726]  dump_stack+0x15/0x1b
[  193.783952][T13726]  should_fail_ex+0x265/0x280
[  193.783983][T13726]  should_fail+0xb/0x20
[  193.784067][T13726]  should_fail_usercopy+0x1a/0x20
[  193.784099][T13726]  _copy_from_user+0x1c/0xb0
[  193.784118][T13726]  __sys_connect+0xd0/0x2b0
[  193.784176][T13726]  __x64_sys_connect+0x3f/0x50
[  193.784204][T13726]  x64_sys_call+0x1daa/0x2fb0
[  193.784265][T13726]  do_syscall_64+0xd2/0x200
[  193.784284][T13726]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  193.784307][T13726]  ? clear_bhb_loop+0x40/0x90
[  193.784324][T13726]  ? clear_bhb_loop+0x40/0x90
[  193.784398][T13726]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.784419][T13726] RIP: 0033:0x7f43df9ee929
[  193.784435][T13726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.784551][T13726] RSP: 002b:00007f43de057038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  193.784568][T13726] RAX: ffffffffffffffda RBX: 00007f43dfc15fa0 RCX: 00007f43df9ee929
[  193.784580][T13726] RDX: 000000000000001c RSI: 0000200000000000 RDI: 0000000000000005
[  193.784593][T13726] RBP: 00007f43de057090 R08: 0000000000000000 R09: 0000000000000000
[  193.784606][T13726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  193.784618][T13726] R13: 0000000000000000 R14: 00007f43dfc15fa0 R15: 00007fffca921268
[  193.784637][T13726]  </TASK>
[  194.159411][T13742] netlink: 'syz.4.3659': attribute type 10 has an invalid length.
[  194.173204][T13742] team0: Port device dummy0 added
[  194.324103][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811a06d800: rx timeout, send abort
[  194.444680][T13779] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3674'.
[  194.460062][T13779] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3674'.
[  194.492509][T13779] bond1: entered promiscuous mode
[  194.497569][T13779] bond1: entered allmulticast mode
[  194.515847][T13779] 8021q: adding VLAN 0 to HW filter on device bond1
[  194.543434][T13779] bond1 (unregistering): Released all slaves
[  194.559875][T13784] netlink: 'syz.0.3676': attribute type 298 has an invalid length.
[  194.644404][T13799] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3682'.
[  194.654823][T13799] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3682'.
[  194.683917][T13807] FAULT_INJECTION: forcing a failure.
[  194.683917][T13807] name failslab, interval 1, probability 0, space 0, times 0
[  194.696575][T13807] CPU: 1 UID: 0 PID: 13807 Comm: syz.0.3685 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  194.696599][T13807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  194.696623][T13807] Call Trace:
[  194.696629][T13807]  <TASK>
[  194.696636][T13807]  __dump_stack+0x1d/0x30
[  194.696654][T13807]  dump_stack_lvl+0xe8/0x140
[  194.696745][T13807]  dump_stack+0x15/0x1b
[  194.696790][T13807]  should_fail_ex+0x265/0x280
[  194.696820][T13807]  ? nsim_fib_event_nb+0x1a0/0xcb0
[  194.696845][T13807]  should_failslab+0x8c/0xb0
[  194.696867][T13807]  __kmalloc_cache_noprof+0x4c/0x320
[  194.696984][T13807]  nsim_fib_event_nb+0x1a0/0xcb0
[  194.697076][T13807]  ? __rcu_read_unlock+0x4f/0x70
[  194.697114][T13807]  ? __pfx_nsim_fib_event_nb+0x10/0x10
[  194.697136][T13807]  atomic_notifier_call_chain+0x73/0x1c0
[  194.697232][T13807]  call_fib_notifiers+0x65/0xa0
[  194.697299][T13807]  call_fib6_notifiers+0x30/0x40
[  194.697318][T13807]  fib6_del+0x734/0x8a0
[  194.697332][T13807]  ? fib6_del+0x331/0x8a0
[  194.697432][T13807]  __ip6_del_rt+0x5e/0x120
[  194.697450][T13807]  ip6_del_rt+0x69/0x90
[  194.697478][T13807]  __ipv6_ifa_notify+0x58a/0x880
[  194.697575][T13807]  ? timer_delete+0x17/0x20
[  194.697604][T13807]  ? work_grab_pending+0x225/0x480
[  194.697630][T13807]  ipv6_del_addr+0x455/0x5e0
[  194.697650][T13807]  inet6_addr_del+0x2f4/0x400
[  194.697769][T13807]  addrconf_del_ifaddr+0xa7/0xe0
[  194.697806][T13807]  inet6_ioctl+0x84/0x190
[  194.697825][T13807]  ? ioctl_has_perm+0x257/0x2a0
[  194.697853][T13807]  sock_do_ioctl+0x70/0x220
[  194.697879][T13807]  sock_ioctl+0x41b/0x610
[  194.697947][T13807]  ? __pfx_sock_ioctl+0x10/0x10
[  194.697968][T13807]  __se_sys_ioctl+0xce/0x140
[  194.697998][T13807]  __x64_sys_ioctl+0x43/0x50
[  194.698024][T13807]  x64_sys_call+0x19a8/0x2fb0
[  194.698149][T13807]  do_syscall_64+0xd2/0x200
[  194.698168][T13807]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  194.698249][T13807]  ? clear_bhb_loop+0x40/0x90
[  194.698271][T13807]  ? clear_bhb_loop+0x40/0x90
[  194.698297][T13807]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.698314][T13807] RIP: 0033:0x7f528bb7e929
[  194.698330][T13807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.698370][T13807] RSP: 002b:00007f528a1e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  194.698408][T13807] RAX: ffffffffffffffda RBX: 00007f528bda5fa0 RCX: 00007f528bb7e929
[  194.698420][T13807] RDX: 0000200000000000 RSI: 0000000000008936 RDI: 0000000000000007
[  194.698430][T13807] RBP: 00007f528a1e7090 R08: 0000000000000000 R09: 0000000000000000
[  194.698441][T13807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.698454][T13807] R13: 0000000000000000 R14: 00007f528bda5fa0 R15: 00007fff60019cb8
[  194.698474][T13807]  </TASK>
[  194.824117][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811a06d400: rx timeout, send abort
[  194.985852][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811a06d800: abort rx timeout. Force session deactivation
[  195.068485][T13822] netlink: 14593 bytes leftover after parsing attributes in process `syz.3.3692'.
[  195.145521][T13830] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  195.154091][T13830] FAULT_INJECTION: forcing a failure.
[  195.154091][T13830] name failslab, interval 1, probability 0, space 0, times 0
[  195.166777][T13830] CPU: 1 UID: 0 PID: 13830 Comm: syz.1.3695 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  195.166807][T13830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  195.166818][T13830] Call Trace:
[  195.166825][T13830]  <TASK>
[  195.166833][T13830]  __dump_stack+0x1d/0x30
[  195.166854][T13830]  dump_stack_lvl+0xe8/0x140
[  195.166873][T13830]  dump_stack+0x15/0x1b
[  195.166948][T13830]  should_fail_ex+0x265/0x280
[  195.166978][T13830]  should_failslab+0x8c/0xb0
[  195.167068][T13830]  __kmalloc_noprof+0xa5/0x3e0
[  195.167147][T13830]  ? copy_splice_read+0xc2/0x5f0
[  195.167175][T13830]  copy_splice_read+0xc2/0x5f0
[  195.167234][T13830]  ? __pfx_copy_splice_read+0x10/0x10
[  195.167262][T13830]  splice_direct_to_actor+0x26f/0x680
[  195.167311][T13830]  ? __pfx_direct_splice_actor+0x10/0x10
[  195.167418][T13830]  do_splice_direct+0xda/0x150
[  195.167445][T13830]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  195.167527][T13830]  do_sendfile+0x380/0x650
[  195.167554][T13830]  __x64_sys_sendfile64+0x105/0x150
[  195.167578][T13830]  x64_sys_call+0xb39/0x2fb0
[  195.167595][T13830]  do_syscall_64+0xd2/0x200
[  195.167617][T13830]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  195.167700][T13830]  ? clear_bhb_loop+0x40/0x90
[  195.167724][T13830]  ? clear_bhb_loop+0x40/0x90
[  195.167741][T13830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.167792][T13830] RIP: 0033:0x7f85f99be929
[  195.167816][T13830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.167909][T13830] RSP: 002b:00007f85f8027038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  195.167925][T13830] RAX: ffffffffffffffda RBX: 00007f85f9be5fa0 RCX: 00007f85f99be929
[  195.167955][T13830] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006
[  195.167969][T13830] RBP: 00007f85f8027090 R08: 0000000000000000 R09: 0000000000000000
[  195.167982][T13830] R10: 000000040000f63c R11: 0000000000000246 R12: 0000000000000001
[  195.167996][T13830] R13: 0000000000000000 R14: 00007f85f9be5fa0 R15: 00007ffdb9da2008
[  195.168088][T13830]  </TASK>
[  195.484898][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811a06d400: abort rx timeout. Force session deactivation
[  195.574956][T13851] loop9: detected capacity change from 0 to 7
[  195.595527][T13844] IPv4: Oversized IP packet from 127.202.26.0
[  195.613525][T13851] Buffer I/O error on dev loop9, logical block 0, async page read
[  195.622167][T13851] Buffer I/O error on dev loop9, logical block 0, async page read
[  195.630120][T13851]  loop9: unable to read partition table
[  195.647477][T13851] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  195.647477][T13851] 
) failed (rc=-5)
[  195.692496][T13860] validate_nla: 2 callbacks suppressed
[  195.692591][T13860] netlink: 'syz.3.3702': attribute type 298 has an invalid length.
[  195.722086][T13863] FAULT_INJECTION: forcing a failure.
[  195.722086][T13863] name failslab, interval 1, probability 0, space 0, times 0
[  195.734909][T13863] CPU: 0 UID: 0 PID: 13863 Comm: syz.4.3701 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  195.734936][T13863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  195.734948][T13863] Call Trace:
[  195.734955][T13863]  <TASK>
[  195.734962][T13863]  __dump_stack+0x1d/0x30
[  195.734984][T13863]  dump_stack_lvl+0xe8/0x140
[  195.735063][T13863]  dump_stack+0x15/0x1b
[  195.735089][T13863]  should_fail_ex+0x265/0x280
[  195.735173][T13863]  should_failslab+0x8c/0xb0
[  195.735214][T13863]  kmem_cache_alloc_node_noprof+0x57/0x320
[  195.735237][T13863]  ? __alloc_skb+0x101/0x320
[  195.735283][T13863]  __alloc_skb+0x101/0x320
[  195.735305][T13863]  ? audit_log_start+0x365/0x6c0
[  195.735331][T13863]  audit_log_start+0x380/0x6c0
[  195.735424][T13863]  audit_seccomp+0x48/0x100
[  195.735542][T13863]  ? __seccomp_filter+0x68c/0x10d0
[  195.735565][T13863]  __seccomp_filter+0x69d/0x10d0
[  195.735590][T13863]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  195.735625][T13863]  ? vfs_write+0x75e/0x8e0
[  195.735724][T13863]  __secure_computing+0x82/0x150
[  195.735748][T13863]  syscall_trace_enter+0xcf/0x1e0
[  195.735768][T13863]  do_syscall_64+0xac/0x200
[  195.735782][T13863]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  195.735861][T13863]  ? clear_bhb_loop+0x40/0x90
[  195.735881][T13863]  ? clear_bhb_loop+0x40/0x90
[  195.735942][T13863]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.735962][T13863] RIP: 0033:0x7f893556e929
[  195.735978][T13863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.735996][T13863] RSP: 002b:00007f8933bd7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c2
[  195.736016][T13863] RAX: ffffffffffffffda RBX: 00007f8935795fa0 RCX: 00007f893556e929
[  195.736028][T13863] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  195.736061][T13863] RBP: 00007f8933bd7090 R08: 0000000000000000 R09: 0000000000000000
[  195.736074][T13863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  195.736085][T13863] R13: 0000000000000000 R14: 00007f8935795fa0 R15: 00007ffdc1235758
[  195.736101][T13863]  </TASK>
[  196.104528][T13900] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  196.291069][T13930] netlink: 'syz.4.3713': attribute type 298 has an invalid length.
[  196.845585][T14015] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3718'.
[  196.990377][T14023] FAULT_INJECTION: forcing a failure.
[  196.990377][T14023] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  197.003512][T14023] CPU: 0 UID: 0 PID: 14023 Comm: syz.5.3722 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  197.003540][T14023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  197.003552][T14023] Call Trace:
[  197.003558][T14023]  <TASK>
[  197.003565][T14023]  __dump_stack+0x1d/0x30
[  197.003626][T14023]  dump_stack_lvl+0xe8/0x140
[  197.003646][T14023]  dump_stack+0x15/0x1b
[  197.003662][T14023]  should_fail_ex+0x265/0x280
[  197.003768][T14023]  should_fail+0xb/0x20
[  197.003791][T14023]  should_fail_usercopy+0x1a/0x20
[  197.003869][T14023]  _copy_to_user+0x20/0xa0
[  197.003888][T14023]  simple_read_from_buffer+0xb5/0x130
[  197.003914][T14023]  proc_fail_nth_read+0x100/0x140
[  197.004018][T14023]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  197.004044][T14023]  vfs_read+0x1a0/0x6f0
[  197.004150][T14023]  ? __rcu_read_unlock+0x4f/0x70
[  197.004208][T14023]  ? __fget_files+0x184/0x1c0
[  197.004226][T14023]  ksys_read+0xda/0x1a0
[  197.004267][T14023]  __x64_sys_read+0x40/0x50
[  197.004297][T14023]  x64_sys_call+0x2d77/0x2fb0
[  197.004318][T14023]  do_syscall_64+0xd2/0x200
[  197.004367][T14023]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  197.004390][T14023]  ? clear_bhb_loop+0x40/0x90
[  197.004410][T14023]  ? clear_bhb_loop+0x40/0x90
[  197.004432][T14023]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.004452][T14023] RIP: 0033:0x7f2e3048d33c
[  197.004507][T14023] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  197.004524][T14023] RSP: 002b:00007f2e2eaf7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  197.004541][T14023] RAX: ffffffffffffffda RBX: 00007f2e306b5fa0 RCX: 00007f2e3048d33c
[  197.004599][T14023] RDX: 000000000000000f RSI: 00007f2e2eaf70a0 RDI: 0000000000000006
[  197.004612][T14023] RBP: 00007f2e2eaf7090 R08: 0000000000000000 R09: 0000000000000000
[  197.004623][T14023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  197.004636][T14023] R13: 0000000000000000 R14: 00007f2e306b5fa0 R15: 00007ffff3c9e588
[  197.004654][T14023]  </TASK>
[  197.242946][T14025] loop9: detected capacity change from 0 to 7
[  197.250116][T14025] Buffer I/O error on dev loop9, logical block 0, async page read
[  197.259373][T14025] Buffer I/O error on dev loop9, logical block 0, async page read
[  197.267386][T14025]  loop9: unable to read partition table
[  197.273278][   T29] kauditd_printk_skb: 803 callbacks suppressed
[  197.273289][   T29] audit: type=1326 audit(1751104858.037:23958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14024 comm="syz.4.3723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f893556e929 code=0x7ffc0000
[  197.302987][   T29] audit: type=1326 audit(1751104858.037:23959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14024 comm="syz.4.3723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f893556e929 code=0x7ffc0000
[  197.326633][   T29] audit: type=1326 audit(1751104858.037:23960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14024 comm="syz.4.3723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f893556e929 code=0x7ffc0000
[  197.350236][   T29] audit: type=1326 audit(1751104858.037:23961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14024 comm="syz.4.3723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f893556e929 code=0x7ffc0000
[  197.373836][   T29] audit: type=1326 audit(1751104858.037:23962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14024 comm="syz.4.3723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f893556e929 code=0x7ffc0000
[  197.397454][   T29] audit: type=1326 audit(1751104858.037:23963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14024 comm="syz.4.3723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f893556e929 code=0x7ffc0000
[  197.397492][T14025] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  197.397492][T14025] 
) failed (rc=-5)
[  197.421017][   T29] audit: type=1326 audit(1751104858.037:23964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14024 comm="syz.4.3723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f893556e929 code=0x7ffc0000
[  197.421047][   T29] audit: type=1326 audit(1751104858.037:23965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14024 comm="syz.4.3723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f893556e929 code=0x7ffc0000
[  197.421070][   T29] audit: type=1326 audit(1751104858.037:23966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14024 comm="syz.4.3723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f893556e929 code=0x7ffc0000
[  197.505511][   T29] audit: type=1326 audit(1751104858.037:23967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14024 comm="syz.4.3723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f893556e929 code=0x7ffc0000
[  197.533434][T14030] netlink: 'syz.1.3724': attribute type 3 has an invalid length.
[  197.573774][T14034] xt_connbytes: Forcing CT accounting to be enabled
[  197.580512][T14034] Cannot find set identified by id 0 to match
[  197.689589][T14048] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  197.745933][T14061] FAULT_INJECTION: forcing a failure.
[  197.745933][T14061] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  197.759063][T14061] CPU: 0 UID: 0 PID: 14061 Comm: syz.4.3737 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  197.759088][T14061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  197.759117][T14061] Call Trace:
[  197.759122][T14061]  <TASK>
[  197.759129][T14061]  __dump_stack+0x1d/0x30
[  197.759149][T14061]  dump_stack_lvl+0xe8/0x140
[  197.759170][T14061]  dump_stack+0x15/0x1b
[  197.759210][T14061]  should_fail_ex+0x265/0x280
[  197.759238][T14061]  should_fail+0xb/0x20
[  197.759262][T14061]  should_fail_usercopy+0x1a/0x20
[  197.759385][T14061]  _copy_from_iter+0xcf/0xe40
[  197.759413][T14061]  ? __schedule+0x6a8/0xb30
[  197.759434][T14061]  ? __cond_resched+0x4e/0x90
[  197.759457][T14061]  file_tty_write+0x32f/0x670
[  197.759510][T14061]  ? __pfx_tty_write+0x10/0x10
[  197.759580][T14061]  tty_write+0x25/0x30
[  197.759610][T14061]  vfs_write+0x4a0/0x8e0
[  197.759673][T14061]  ksys_write+0xda/0x1a0
[  197.759700][T14061]  __x64_sys_write+0x40/0x50
[  197.759726][T14061]  x64_sys_call+0x2cdd/0x2fb0
[  197.759747][T14061]  do_syscall_64+0xd2/0x200
[  197.759829][T14061]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  197.759850][T14061]  ? clear_bhb_loop+0x40/0x90
[  197.759871][T14061]  ? clear_bhb_loop+0x40/0x90
[  197.759889][T14061]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.759963][T14061] RIP: 0033:0x7f893556e929
[  197.759979][T14061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.760058][T14061] RSP: 002b:00007f8933bd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  197.760078][T14061] RAX: ffffffffffffffda RBX: 00007f8935795fa0 RCX: 00007f893556e929
[  197.760091][T14061] RDX: 00000000fffffedf RSI: 0000200000000000 RDI: 0000000000000007
[  197.760103][T14061] RBP: 00007f8933bd7090 R08: 0000000000000000 R09: 0000000000000000
[  197.760116][T14061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  197.760129][T14061] R13: 0000000000000000 R14: 00007f8935795fa0 R15: 00007ffdc1235758
[  197.760153][T14061]  </TASK>
[  198.003016][T14064] FAULT_INJECTION: forcing a failure.
[  198.003016][T14064] name failslab, interval 1, probability 0, space 0, times 0
[  198.015711][T14064] CPU: 1 UID: 0 PID: 14064 Comm: syz.5.3738 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  198.015736][T14064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  198.015746][T14064] Call Trace:
[  198.015751][T14064]  <TASK>
[  198.015758][T14064]  __dump_stack+0x1d/0x30
[  198.015779][T14064]  dump_stack_lvl+0xe8/0x140
[  198.015845][T14064]  dump_stack+0x15/0x1b
[  198.015860][T14064]  should_fail_ex+0x265/0x280
[  198.015925][T14064]  should_failslab+0x8c/0xb0
[  198.015945][T14064]  __kmalloc_noprof+0xa5/0x3e0
[  198.016101][T14064]  ? memcg_list_lru_alloc+0x195/0x490
[  198.016129][T14064]  memcg_list_lru_alloc+0x195/0x490
[  198.016158][T14064]  __memcg_slab_post_alloc_hook+0x1a7/0x580
[  198.016224][T14064]  kmem_cache_alloc_lru_noprof+0x229/0x310
[  198.016256][T14064]  ? shmem_alloc_inode+0x34/0x50
[  198.016272][T14064]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  198.016287][T14064]  shmem_alloc_inode+0x34/0x50
[  198.016301][T14064]  alloc_inode+0x40/0x170
[  198.016325][T14064]  new_inode+0x1d/0xe0
[  198.016341][T14064]  shmem_get_inode+0x244/0x750
[  198.016360][T14064]  shmem_fill_super+0x4b5/0x5e0
[  198.016385][T14064]  ? __pfx_shmem_fill_super+0x10/0x10
[  198.016465][T14064]  get_tree_nodev+0x83/0x100
[  198.016489][T14064]  shmem_get_tree+0x1c/0x30
[  198.016512][T14064]  vfs_get_tree+0x54/0x1d0
[  198.016548][T14064]  do_new_mount+0x207/0x680
[  198.016575][T14064]  path_mount+0x4a4/0xb20
[  198.016634][T14064]  ? user_path_at+0x109/0x130
[  198.016655][T14064]  __se_sys_mount+0x28f/0x2e0
[  198.016668][T14064]  ? fput+0x8f/0xc0
[  198.016729][T14064]  __x64_sys_mount+0x67/0x80
[  198.016744][T14064]  x64_sys_call+0xd36/0x2fb0
[  198.016809][T14064]  do_syscall_64+0xd2/0x200
[  198.016823][T14064]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  198.016876][T14064]  ? clear_bhb_loop+0x40/0x90
[  198.016892][T14064]  ? clear_bhb_loop+0x40/0x90
[  198.016909][T14064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.016964][T14064] RIP: 0033:0x7f2e3048e929
[  198.016977][T14064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.017003][T14064] RSP: 002b:00007f2e2eaf7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  198.017054][T14064] RAX: ffffffffffffffda RBX: 00007f2e306b5fa0 RCX: 00007f2e3048e929
[  198.017064][T14064] RDX: 00002000000001c0 RSI: 0000200000000400 RDI: 0000000000000000
[  198.017074][T14064] RBP: 00007f2e2eaf7090 R08: 0000000000000000 R09: 0000000000000000
[  198.017083][T14064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  198.017093][T14064] R13: 0000000000000000 R14: 00007f2e306b5fa0 R15: 00007ffff3c9e588
[  198.017110][T14064]  </TASK>
[  198.019026][T14059] SELinux: failed to load policy
[  198.329287][T14083] netlink: 'syz.4.3745': attribute type 1 has an invalid length.
[  198.340810][T14086] FAULT_INJECTION: forcing a failure.
[  198.340810][T14086] name failslab, interval 1, probability 0, space 0, times 0
[  198.343409][T14083] bond1: entered promiscuous mode
[  198.353493][T14086] CPU: 1 UID: 0 PID: 14086 Comm: syz.5.3746 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  198.353568][T14086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  198.353580][T14086] Call Trace:
[  198.353586][T14086]  <TASK>
[  198.353593][T14086]  __dump_stack+0x1d/0x30
[  198.353675][T14086]  dump_stack_lvl+0xe8/0x140
[  198.353694][T14086]  dump_stack+0x15/0x1b
[  198.353710][T14086]  should_fail_ex+0x265/0x280
[  198.353740][T14086]  should_failslab+0x8c/0xb0
[  198.353830][T14086]  __kvmalloc_node_noprof+0x123/0x4e0
[  198.353856][T14086]  ? alloc_fdtable+0xa5/0x1b0
[  198.353888][T14086]  alloc_fdtable+0xa5/0x1b0
[  198.353927][T14086]  dup_fd+0x4c7/0x540
[  198.353957][T14086]  copy_files+0x98/0xf0
[  198.353981][T14086]  copy_process+0xc44/0x1fe0
[  198.354026][T14086]  kernel_clone+0x16c/0x5b0
[  198.354049][T14086]  ? vfs_write+0x75e/0x8e0
[  198.354133][T14086]  __x64_sys_clone+0xe6/0x120
[  198.354164][T14086]  x64_sys_call+0x2c59/0x2fb0
[  198.354196][T14086]  do_syscall_64+0xd2/0x200
[  198.354214][T14086]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  198.354239][T14086]  ? clear_bhb_loop+0x40/0x90
[  198.354277][T14086]  ? clear_bhb_loop+0x40/0x90
[  198.354299][T14086]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.354319][T14086] RIP: 0033:0x7f2e3048e929
[  198.354334][T14086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.354402][T14086] RSP: 002b:00007f2e2eaf6fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  198.354497][T14086] RAX: ffffffffffffffda RBX: 00007f2e306b5fa0 RCX: 00007f2e3048e929
[  198.354507][T14086] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  198.354581][T14086] RBP: 00007f2e2eaf7090 R08: 0000000000000000 R09: 0000000000000000
[  198.354593][T14086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  198.354605][T14086] R13: 0000000000000000 R14: 00007f2e306b5fa0 R15: 00007ffff3c9e588
[  198.354660][T14086]  </TASK>
[  198.380353][T14091] netlink: 'syz.5.3747': attribute type 39 has an invalid length.
[  198.382118][T14083] 8021q: adding VLAN 0 to HW filter on device bond1
[  198.601464][T14096] FAULT_INJECTION: forcing a failure.
[  198.601464][T14096] name failslab, interval 1, probability 0, space 0, times 0
[  198.614162][T14096] CPU: 0 UID: 0 PID: 14096 Comm: syz.1.3748 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  198.614193][T14096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  198.614242][T14096] Call Trace:
[  198.614291][T14096]  <TASK>
[  198.614297][T14096]  __dump_stack+0x1d/0x30
[  198.614315][T14096]  dump_stack_lvl+0xe8/0x140
[  198.614333][T14096]  dump_stack+0x15/0x1b
[  198.614350][T14096]  should_fail_ex+0x265/0x280
[  198.614427][T14096]  should_failslab+0x8c/0xb0
[  198.614446][T14096]  kmem_cache_alloc_noprof+0x50/0x310
[  198.614468][T14096]  ? alloc_empty_file+0x76/0x200
[  198.614564][T14096]  ? mntput+0x4b/0x80
[  198.614634][T14096]  alloc_empty_file+0x76/0x200
[  198.614658][T14096]  path_openat+0x68/0x2170
[  198.614685][T14096]  ? _parse_integer_limit+0x170/0x190
[  198.614709][T14096]  ? kstrtoull+0x111/0x140
[  198.614782][T14096]  ? kstrtouint+0x76/0xc0
[  198.614876][T14096]  do_filp_open+0x109/0x230
[  198.614938][T14096]  do_sys_openat2+0xa6/0x110
[  198.614962][T14096]  __x64_sys_openat+0xf2/0x120
[  198.614988][T14096]  x64_sys_call+0x1af/0x2fb0
[  198.615008][T14096]  do_syscall_64+0xd2/0x200
[  198.615096][T14096]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  198.615188][T14096]  ? clear_bhb_loop+0x40/0x90
[  198.615208][T14096]  ? clear_bhb_loop+0x40/0x90
[  198.615229][T14096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.615253][T14096] RIP: 0033:0x7f85f99be929
[  198.615266][T14096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.615282][T14096] RSP: 002b:00007f85f8027038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  198.615299][T14096] RAX: ffffffffffffffda RBX: 00007f85f9be5fa0 RCX: 00007f85f99be929
[  198.615313][T14096] RDX: 000000000000275a RSI: 00002000000001c0 RDI: ffffffffffffff9c
[  198.615326][T14096] RBP: 00007f85f8027090 R08: 0000000000000000 R09: 0000000000000000
[  198.615339][T14096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  198.615351][T14096] R13: 0000000000000000 R14: 00007f85f9be5fa0 R15: 00007ffdb9da2008
[  198.615445][T14096]  </TASK>
[  198.624144][T14092] bond1: (slave bridge1): making interface the new active one
[  198.707829][T14103] netlink: 'syz.1.3751': attribute type 4 has an invalid length.
[  198.710271][T14092] bridge1: entered promiscuous mode
[  198.711682][T14092] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  198.759312][T14104] netlink: 'syz.1.3751': attribute type 4 has an invalid length.
[  198.882199][T14108] netlink: 'syz.4.3753': attribute type 298 has an invalid length.
[  198.906310][T14111] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  198.925039][T14111] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  198.967137][T14106] netlink: 'syz.3.3752': attribute type 4 has an invalid length.
[  199.024836][T14117] FAULT_INJECTION: forcing a failure.
[  199.024836][T14117] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  199.038010][T14117] CPU: 0 UID: 0 PID: 14117 Comm: syz.1.3755 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  199.038054][T14117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  199.038078][T14117] Call Trace:
[  199.038153][T14117]  <TASK>
[  199.038162][T14117]  __dump_stack+0x1d/0x30
[  199.038184][T14117]  dump_stack_lvl+0xe8/0x140
[  199.038204][T14117]  dump_stack+0x15/0x1b
[  199.038220][T14117]  should_fail_ex+0x265/0x280
[  199.038259][T14117]  should_fail+0xb/0x20
[  199.038285][T14117]  should_fail_usercopy+0x1a/0x20
[  199.038313][T14117]  _copy_to_user+0x20/0xa0
[  199.038357][T14117]  __se_sys_rt_sigtimedwait+0x172/0x200
[  199.038421][T14117]  __x64_sys_rt_sigtimedwait+0x55/0x70
[  199.038504][T14117]  x64_sys_call+0x9c6/0x2fb0
[  199.038525][T14117]  do_syscall_64+0xd2/0x200
[  199.038543][T14117]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  199.038574][T14117]  ? clear_bhb_loop+0x40/0x90
[  199.038596][T14117]  ? clear_bhb_loop+0x40/0x90
[  199.038693][T14117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.038715][T14117] RIP: 0033:0x7f85f99be929
[  199.038730][T14117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.038746][T14117] RSP: 002b:00007f85f8027038 EFLAGS: 00000246 ORIG_RAX: 0000000000000080
[  199.038764][T14117] RAX: ffffffffffffffda RBX: 00007f85f9be5fa0 RCX: 00007f85f99be929
[  199.038835][T14117] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000200000000080
[  199.038848][T14117] RBP: 00007f85f8027090 R08: 0000000000000000 R09: 0000000000000000
[  199.038860][T14117] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  199.038873][T14117] R13: 0000000000000000 R14: 00007f85f9be5fa0 R15: 00007ffdb9da2008
[  199.038915][T14117]  </TASK>
[  199.317055][T14138] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3764'.
[  199.609128][T14156] FAULT_INJECTION: forcing a failure.
[  199.609128][T14156] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  199.622317][T14156] CPU: 1 UID: 0 PID: 14156 Comm: syz.0.3769 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  199.622342][T14156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  199.622372][T14156] Call Trace:
[  199.622379][T14156]  <TASK>
[  199.622386][T14156]  __dump_stack+0x1d/0x30
[  199.622408][T14156]  dump_stack_lvl+0xe8/0x140
[  199.622425][T14156]  dump_stack+0x15/0x1b
[  199.622512][T14156]  should_fail_ex+0x265/0x280
[  199.622537][T14156]  should_fail+0xb/0x20
[  199.622558][T14156]  should_fail_usercopy+0x1a/0x20
[  199.622603][T14156]  _copy_from_user+0x1c/0xb0
[  199.622625][T14156]  do_ip_setsockopt+0x338/0x2240
[  199.622656][T14156]  ip_setsockopt+0x58/0x110
[  199.622685][T14156]  raw_setsockopt+0xbd/0x150
[  199.622737][T14156]  sock_common_setsockopt+0x66/0x80
[  199.622764][T14156]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  199.622790][T14156]  __sys_setsockopt+0x181/0x200
[  199.622882][T14156]  __x64_sys_setsockopt+0x64/0x80
[  199.622907][T14156]  x64_sys_call+0x2bd5/0x2fb0
[  199.622924][T14156]  do_syscall_64+0xd2/0x200
[  199.623007][T14156]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  199.623033][T14156]  ? clear_bhb_loop+0x40/0x90
[  199.623056][T14156]  ? clear_bhb_loop+0x40/0x90
[  199.623073][T14156]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.623132][T14156] RIP: 0033:0x7f528bb7e929
[  199.623147][T14156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.623164][T14156] RSP: 002b:00007f528a1e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  199.623183][T14156] RAX: ffffffffffffffda RBX: 00007f528bda5fa0 RCX: 00007f528bb7e929
[  199.623194][T14156] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000006
[  199.623205][T14156] RBP: 00007f528a1e7090 R08: 0000000000000004 R09: 0000000000000000
[  199.623278][T14156] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  199.623290][T14156] R13: 0000000000000000 R14: 00007f528bda5fa0 R15: 00007fff60019cb8
[  199.623309][T14156]  </TASK>
[  200.275411][T14176] netlink: 'syz.5.3776': attribute type 298 has an invalid length.
[  200.849090][T14192] loop9: detected capacity change from 0 to 7
[  200.871124][T14192] Buffer I/O error on dev loop9, logical block 0, async page read
[  200.896792][T14192] Buffer I/O error on dev loop9, logical block 0, async page read
[  200.904692][T14192]  loop9: unable to read partition table
[  200.972072][T14192] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  200.972072][T14192] 
) failed (rc=-5)
[  200.999376][T14195] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3782'.
[  201.417078][T14205] netlink: 'syz.1.3784': attribute type 1 has an invalid length.
[  201.517500][T14205] bond1: entered promiscuous mode
[  201.566668][T14205] 8021q: adding VLAN 0 to HW filter on device bond1
[  201.608208][T14207] loop9: detected capacity change from 0 to 7
[  201.620623][T14207] Buffer I/O error on dev loop9, logical block 0, async page read
[  201.639332][T14207] Buffer I/O error on dev loop9, logical block 0, async page read
[  201.647254][T14207]  loop9: unable to read partition table
[  201.664043][T14207] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  201.664043][T14207] 
) failed (rc=-5)
[  202.264917][T14218] netlink: 'syz.3.3788': attribute type 10 has an invalid length.
[  202.272810][T14218] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3788'.
[  202.304997][T14218] team0: Port device geneve1 added
[  202.493368][T14226] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3792'.
[  202.507822][T14226] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3792'.
[  202.534043][T14226] Cannot find add_set index 0 as target
[  202.552344][   T29] kauditd_printk_skb: 482 callbacks suppressed
[  202.552356][   T29] audit: type=1326 audit(1751104863.357:24450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14225 comm="syz.0.3792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  202.598553][T14224] IPv4: Oversized IP packet from 127.202.26.0
[  202.659634][   T29] audit: type=1326 audit(1751104863.387:24451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14225 comm="syz.0.3792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  202.683442][   T29] audit: type=1326 audit(1751104863.387:24452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14225 comm="syz.0.3792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  202.707245][   T29] audit: type=1326 audit(1751104863.397:24453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14225 comm="syz.0.3792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  202.731174][   T29] audit: type=1326 audit(1751104863.397:24454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14225 comm="syz.0.3792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  202.754849][   T29] audit: type=1326 audit(1751104863.397:24455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14225 comm="syz.0.3792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  202.778461][   T29] audit: type=1326 audit(1751104863.397:24456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14225 comm="syz.0.3792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  202.802115][   T29] audit: type=1326 audit(1751104863.397:24457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14225 comm="syz.0.3792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  202.825754][   T29] audit: type=1326 audit(1751104863.397:24458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14225 comm="syz.0.3792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  202.849527][   T29] audit: type=1326 audit(1751104863.397:24459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14225 comm="syz.0.3792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  202.850829][T14235] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3796'.
[  202.929425][T14237] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3797'.
[  203.116285][T14245] netlink: 'syz.3.3801': attribute type 3 has an invalid length.
[  203.762602][T14260] IPv4: Oversized IP packet from 127.202.26.0
[  203.955755][T14273] FAULT_INJECTION: forcing a failure.
[  203.955755][T14273] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  203.968904][T14273] CPU: 1 UID: 0 PID: 14273 Comm: syz.0.3812 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  203.968930][T14273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  203.968989][T14273] Call Trace:
[  203.968995][T14273]  <TASK>
[  203.969001][T14273]  __dump_stack+0x1d/0x30
[  203.969096][T14273]  dump_stack_lvl+0xe8/0x140
[  203.969113][T14273]  dump_stack+0x15/0x1b
[  203.969137][T14273]  should_fail_ex+0x265/0x280
[  203.969167][T14273]  should_fail+0xb/0x20
[  203.969196][T14273]  should_fail_usercopy+0x1a/0x20
[  203.969250][T14273]  _copy_from_user+0x1c/0xb0
[  203.969268][T14273]  memdup_user+0x5e/0xd0
[  203.969288][T14273]  proc_pid_attr_write+0x15e/0x220
[  203.969376][T14273]  vfs_writev+0x403/0x8b0
[  203.969396][T14273]  ? __pfx_proc_pid_attr_write+0x10/0x10
[  203.969494][T14273]  ? mutex_lock+0xd/0x30
[  203.969521][T14273]  do_writev+0xe7/0x210
[  203.969546][T14273]  __x64_sys_writev+0x45/0x50
[  203.969567][T14273]  x64_sys_call+0x2006/0x2fb0
[  203.969635][T14273]  do_syscall_64+0xd2/0x200
[  203.969653][T14273]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  203.969680][T14273]  ? clear_bhb_loop+0x40/0x90
[  203.969700][T14273]  ? clear_bhb_loop+0x40/0x90
[  203.969751][T14273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.969771][T14273] RIP: 0033:0x7f528bb7e929
[  203.969786][T14273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.969804][T14273] RSP: 002b:00007f528a1e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  203.969824][T14273] RAX: ffffffffffffffda RBX: 00007f528bda5fa0 RCX: 00007f528bb7e929
[  203.969899][T14273] RDX: 0000000000000001 RSI: 0000200000000080 RDI: 0000000000000005
[  203.969910][T14273] RBP: 00007f528a1e7090 R08: 0000000000000000 R09: 0000000000000000
[  203.969921][T14273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.969931][T14273] R13: 0000000000000000 R14: 00007f528bda5fa0 R15: 00007fff60019cb8
[  203.969947][T14273]  </TASK>
[  204.337597][T14294] netlink: 'syz.5.3821': attribute type 12 has an invalid length.
[  204.345567][T14294] netlink: 172 bytes leftover after parsing attributes in process `syz.5.3821'.
[  204.355436][T14294] futex_wake_op: syz.5.3821 tries to shift op by -1; fix this program
[  204.363819][T14294] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3821'.
[  204.378832][T14294] hsr_slave_1 (unregistering): left promiscuous mode
[  204.394538][T14298] netlink: 'syz.3.3823': attribute type 3 has an invalid length.
[  204.770606][T14318] FAULT_INJECTION: forcing a failure.
[  204.770606][T14318] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.783692][T14318] CPU: 0 UID: 0 PID: 14318 Comm: syz.1.3830 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  204.783756][T14318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  204.783769][T14318] Call Trace:
[  204.783776][T14318]  <TASK>
[  204.783784][T14318]  __dump_stack+0x1d/0x30
[  204.783843][T14318]  dump_stack_lvl+0xe8/0x140
[  204.783859][T14318]  dump_stack+0x15/0x1b
[  204.783873][T14318]  should_fail_ex+0x265/0x280
[  204.783933][T14318]  should_fail+0xb/0x20
[  204.783960][T14318]  should_fail_usercopy+0x1a/0x20
[  204.783985][T14318]  _copy_from_user+0x1c/0xb0
[  204.784041][T14318]  file_ioctl+0xbe/0x530
[  204.784071][T14318]  do_vfs_ioctl+0x943/0x11d0
[  204.784098][T14318]  ? selinux_file_ioctl+0x2e3/0x370
[  204.784122][T14318]  ? __fget_files+0x184/0x1c0
[  204.784201][T14318]  __se_sys_ioctl+0x82/0x140
[  204.784224][T14318]  __x64_sys_ioctl+0x43/0x50
[  204.784296][T14318]  x64_sys_call+0x19a8/0x2fb0
[  204.784370][T14318]  do_syscall_64+0xd2/0x200
[  204.784467][T14318]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  204.784528][T14318]  ? clear_bhb_loop+0x40/0x90
[  204.784545][T14318]  ? clear_bhb_loop+0x40/0x90
[  204.784563][T14318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.784581][T14318] RIP: 0033:0x7f85f99be929
[  204.784595][T14318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.784637][T14318] RSP: 002b:00007f85f8027038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  204.784655][T14318] RAX: ffffffffffffffda RBX: 00007f85f9be5fa0 RCX: 00007f85f99be929
[  204.784666][T14318] RDX: 0000200000000240 RSI: 0000000040305829 RDI: 0000000000000003
[  204.784676][T14318] RBP: 00007f85f8027090 R08: 0000000000000000 R09: 0000000000000000
[  204.784686][T14318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  204.784697][T14318] R13: 0000000000000000 R14: 00007f85f9be5fa0 R15: 00007ffdb9da2008
[  204.784713][T14318]  </TASK>
[  205.322852][T14346] FAULT_INJECTION: forcing a failure.
[  205.322852][T14346] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  205.335997][T14346] CPU: 0 UID: 0 PID: 14346 Comm: syz.0.3841 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  205.336043][T14346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  205.336055][T14346] Call Trace:
[  205.336062][T14346]  <TASK>
[  205.336069][T14346]  __dump_stack+0x1d/0x30
[  205.336089][T14346]  dump_stack_lvl+0xe8/0x140
[  205.336105][T14346]  dump_stack+0x15/0x1b
[  205.336118][T14346]  should_fail_ex+0x265/0x280
[  205.336296][T14346]  should_fail+0xb/0x20
[  205.336316][T14346]  should_fail_usercopy+0x1a/0x20
[  205.336397][T14346]  _copy_to_user+0x20/0xa0
[  205.336454][T14346]  simple_read_from_buffer+0xb5/0x130
[  205.336483][T14346]  proc_fail_nth_read+0x100/0x140
[  205.336667][T14346]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  205.336739][T14346]  vfs_read+0x1a0/0x6f0
[  205.336762][T14346]  ? fcntl_setlease+0x1e7/0x300
[  205.336799][T14346]  ? kmem_cache_free+0xdf/0x300
[  205.336821][T14346]  ? do_fcntl+0x524/0xdf0
[  205.336901][T14346]  ? selinux_file_fcntl+0x1b4/0x1e0
[  205.336921][T14346]  ksys_read+0xda/0x1a0
[  205.336945][T14346]  __x64_sys_read+0x40/0x50
[  205.337042][T14346]  x64_sys_call+0x2d77/0x2fb0
[  205.337059][T14346]  do_syscall_64+0xd2/0x200
[  205.337074][T14346]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  205.337150][T14346]  ? clear_bhb_loop+0x40/0x90
[  205.337173][T14346]  ? clear_bhb_loop+0x40/0x90
[  205.337190][T14346]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.337206][T14346] RIP: 0033:0x7f528bb7d33c
[  205.337219][T14346] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  205.337232][T14346] RSP: 002b:00007f528a1e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  205.337248][T14346] RAX: ffffffffffffffda RBX: 00007f528bda5fa0 RCX: 00007f528bb7d33c
[  205.337278][T14346] RDX: 000000000000000f RSI: 00007f528a1e70a0 RDI: 0000000000000005
[  205.337288][T14346] RBP: 00007f528a1e7090 R08: 0000000000000000 R09: 0000000000000000
[  205.337298][T14346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.337308][T14346] R13: 0000000000000000 R14: 00007f528bda5fa0 R15: 00007fff60019cb8
[  205.337341][T14346]  </TASK>
[  205.566540][T14349] loop9: detected capacity change from 0 to 7
[  205.575812][T14349] Buffer I/O error on dev loop9, logical block 0, async page read
[  205.584072][T14349] Buffer I/O error on dev loop9, logical block 0, async page read
[  205.591943][T14349]  loop9: unable to read partition table
[  205.598671][T14349] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  205.598671][T14349] 
) failed (rc=-5)
[  205.746958][T14371] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3852'.
[  205.775961][T14371] 8021q: adding VLAN 0 to HW filter on device bond0
[  205.783385][T14371] bond0: (slave gre0): The slave device specified does not support setting the MAC address
[  205.822230][T14371] bond0: (slave gre0): Error -95 calling set_mac_address
[  205.886972][T14378] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3854'.
[  205.895998][T14378] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3854'.
[  205.961436][T14384] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  205.970389][T14385] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[  206.041029][T14389] loop9: detected capacity change from 0 to 7
[  206.048520][T14389] Buffer I/O error on dev loop9, logical block 0, async page read
[  206.064937][T14389] Buffer I/O error on dev loop9, logical block 0, async page read
[  206.072849][T14389]  loop9: unable to read partition table
[  206.083121][T14389] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  206.083121][T14389] 
) failed (rc=-5)
[  206.100236][T14393] netlink: 'syz.0.3861': attribute type 3 has an invalid length.
[  206.192732][T14411] xt_hashlimit: max too large, truncated to 1048576
[  206.226153][T14416] sch_tbf: burst 0 is lower than device lo mtu (18) !
[  206.254450][T14418] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3870'.
[  206.355294][T14427] loop9: detected capacity change from 0 to 7
[  206.361572][T14427] Buffer I/O error on dev loop9, logical block 0, async page read
[  206.369506][T14427] Buffer I/O error on dev loop9, logical block 0, async page read
[  206.377376][T14427]  loop9: unable to read partition table
[  206.385104][T14427] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  206.385104][T14427] 
) failed (rc=-5)
[  206.556482][T14437] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3877'.
[  206.641415][T14443] netlink: 'syz.4.3879': attribute type 3 has an invalid length.
[  206.676870][T14445] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  206.695649][T14445] vlan2: entered allmulticast mode
[  206.700863][T14445] veth1: entered allmulticast mode
[  206.756206][T14453] netlink: 202920 bytes leftover after parsing attributes in process `syz.4.3884'.
[  206.769327][T14447] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3881'.
[  206.854610][T14456] loop9: detected capacity change from 0 to 7
[  206.861005][T14456] Buffer I/O error on dev loop9, logical block 0, async page read
[  206.881211][T14456] Buffer I/O error on dev loop9, logical block 0, async page read
[  206.889118][T14456]  loop9: unable to read partition table
[  206.896787][T14456] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  206.896787][T14456] 
) failed (rc=-5)
[  206.955222][T14453] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.962514][T14453] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.970075][T14453] bridge0: entered allmulticast mode
[  206.979243][T14453] bridge_slave_1: left allmulticast mode
[  206.984934][T14453] bridge_slave_1: left promiscuous mode
[  206.990786][T14453] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.000392][T14453] bridge_slave_0: left allmulticast mode
[  207.006079][T14453] bridge_slave_0: left promiscuous mode
[  207.011833][T14453] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.027137][T14467] vhci_hcd: invalid port number 96
[  207.032444][T14467] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  207.170303][T14479] netlink: 'syz.3.3894': attribute type 3 has an invalid length.
[  207.256184][T14485] netlink: 164 bytes leftover after parsing attributes in process `syz.3.3897'.
[  207.379278][T14493] xt_HMARK: proto mask must be zero with L3 mode
[  207.565920][   T29] kauditd_printk_skb: 533 callbacks suppressed
[  207.565932][   T29] audit: type=1326 audit(1751104868.367:24993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14470 comm="syz.1.3891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85f99be929 code=0x7ffc0000
[  207.644185][   T29] audit: type=1326 audit(1751104868.407:24994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14470 comm="syz.1.3891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85f99be929 code=0x7ffc0000
[  207.667922][   T29] audit: type=1326 audit(1751104868.427:24995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14497 comm="syz.0.3902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  207.691856][   T29] audit: type=1326 audit(1751104868.427:24996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14497 comm="syz.0.3902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  207.715518][   T29] audit: type=1326 audit(1751104868.427:24997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14497 comm="syz.0.3902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  207.739262][   T29] audit: type=1326 audit(1751104868.427:24998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14497 comm="syz.0.3902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  207.762916][   T29] audit: type=1326 audit(1751104868.427:24999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14497 comm="syz.0.3902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  207.786517][   T29] audit: type=1326 audit(1751104868.427:25000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14497 comm="syz.0.3902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  207.810234][   T29] audit: type=1326 audit(1751104868.427:25001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14497 comm="syz.0.3902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  207.833822][   T29] audit: type=1326 audit(1751104868.427:25002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14497 comm="syz.0.3902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  208.149937][T14485] syz.3.3897 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  208.164269][T14485] CPU: 1 UID: 0 PID: 14485 Comm: syz.3.3897 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  208.164378][T14485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  208.164391][T14485] Call Trace:
[  208.164398][T14485]  <TASK>
[  208.164406][T14485]  __dump_stack+0x1d/0x30
[  208.164432][T14485]  dump_stack_lvl+0xe8/0x140
[  208.164450][T14485]  dump_stack+0x15/0x1b
[  208.164469][T14485]  dump_header+0x81/0x220
[  208.164622][T14485]  oom_kill_process+0x334/0x3f0
[  208.164657][T14485]  out_of_memory+0x979/0xb80
[  208.164687][T14485]  try_charge_memcg+0x5e6/0x9e0
[  208.164771][T14485]  obj_cgroup_charge_pages+0xa6/0x150
[  208.164803][T14485]  __memcg_kmem_charge_page+0x9f/0x170
[  208.164838][T14485]  __alloc_frozen_pages_noprof+0x188/0x360
[  208.164871][T14485]  alloc_pages_mpol+0xb3/0x250
[  208.164943][T14485]  alloc_pages_noprof+0x90/0x130
[  208.164990][T14485]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  208.165028][T14485]  __kvmalloc_node_noprof+0x30f/0x4e0
[  208.165052][T14485]  ? ip_set_alloc+0x1f/0x30
[  208.165236][T14485]  ? ip_set_alloc+0x1f/0x30
[  208.165261][T14485]  ? hash_netiface_create+0x21b/0x740
[  208.165288][T14485]  ? __kmalloc_cache_noprof+0x189/0x320
[  208.165345][T14485]  ip_set_alloc+0x1f/0x30
[  208.165430][T14485]  hash_netiface_create+0x282/0x740
[  208.165468][T14485]  ? __pfx_hash_netiface_create+0x10/0x10
[  208.165522][T14485]  ip_set_create+0x3c9/0x960
[  208.165558][T14485]  ? __nla_parse+0x40/0x60
[  208.165579][T14485]  nfnetlink_rcv_msg+0x4c6/0x590
[  208.165625][T14485]  ? selinux_capable+0x1f9/0x270
[  208.165701][T14485]  netlink_rcv_skb+0x120/0x220
[  208.165736][T14485]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  208.165781][T14485]  nfnetlink_rcv+0x16b/0x1690
[  208.165807][T14485]  ? __kfree_skb+0x109/0x150
[  208.165898][T14485]  ? nlmon_xmit+0x4f/0x60
[  208.165917][T14485]  ? consume_skb+0x49/0x150
[  208.166006][T14485]  ? nlmon_xmit+0x4f/0x60
[  208.166029][T14485]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  208.166065][T14485]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  208.166203][T14485]  ? __dev_queue_xmit+0x182/0x1fb0
[  208.166231][T14485]  ? __rcu_read_unlock+0x4f/0x70
[  208.166257][T14485]  ? ref_tracker_free+0x37d/0x3e0
[  208.166297][T14485]  ? __netlink_deliver_tap+0x4dc/0x500
[  208.166336][T14485]  netlink_unicast+0x5a1/0x670
[  208.166367][T14485]  netlink_sendmsg+0x58b/0x6b0
[  208.166391][T14485]  ? __pfx_netlink_sendmsg+0x10/0x10
[  208.166413][T14485]  __sock_sendmsg+0x142/0x180
[  208.166487][T14485]  ____sys_sendmsg+0x31e/0x4e0
[  208.166522][T14485]  ___sys_sendmsg+0x17b/0x1d0
[  208.166616][T14485]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  208.166657][T14485]  __x64_sys_sendmsg+0xd4/0x160
[  208.166696][T14485]  x64_sys_call+0x2999/0x2fb0
[  208.166750][T14485]  do_syscall_64+0xd2/0x200
[  208.166771][T14485]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  208.166837][T14485]  ? clear_bhb_loop+0x40/0x90
[  208.166859][T14485]  ? clear_bhb_loop+0x40/0x90
[  208.166957][T14485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.166978][T14485] RIP: 0033:0x7f43df9ee929
[  208.166992][T14485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.167008][T14485] RSP: 002b:00007f43de057038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  208.167154][T14485] RAX: ffffffffffffffda RBX: 00007f43dfc15fa0 RCX: 00007f43df9ee929
[  208.167168][T14485] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 000000000000000c
[  208.167182][T14485] RBP: 00007f43dfa70b39 R08: 0000000000000000 R09: 0000000000000000
[  208.167194][T14485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  208.167205][T14485] R13: 0000000000000000 R14: 00007f43dfc15fa0 R15: 00007fffca921268
[  208.167259][T14485]  </TASK>
[  208.167266][T14485] memory: usage 307200kB, limit 307200kB, failcnt 207
[  208.530755][T14515] netlink: 'syz.1.3906': attribute type 3 has an invalid length.
[  208.536409][T14485] memory+swap: usage 307264kB, limit 9007199254740988kB, failcnt 0
[  208.552123][T14485] kmem: usage 307060kB, limit 9007199254740988kB, failcnt 0
[  208.552147][T14485] Memory cgroup stats for /syz3:
[  208.552398][T14485] cache 4096
[  208.567756][T14485] rss 8192
[  208.570795][T14485] shmem 0
[  208.573746][T14485] mapped_file 4096
[  208.577527][T14485] dirty 0
[  208.580455][T14485] writeback 0
[  208.583762][T14485] workingset_refault_anon 14
[  208.588339][T14485] workingset_refault_file 95
[  208.592957][T14485] swap 188416
[  208.596238][T14485] swapcached 8192
[  208.599902][T14485] pgpgin 407934
[  208.603369][T14485] pgpgout 407929
[  208.606958][T14485] pgfault 425863
[  208.610490][T14485] pgmajfault 17
[  208.614025][T14485] inactive_anon 12288
[  208.617998][T14485] active_anon 0
[  208.621530][T14485] inactive_file 0
[  208.625154][T14485] active_file 8192
[  208.628868][T14485] unevictable 0
[  208.632345][T14485] hierarchical_memory_limit 314572800
[  208.637749][T14485] hierarchical_memsw_limit 9223372036854771712
[  208.643956][T14485] total_cache 4096
[  208.647718][T14485] total_rss 8192
[  208.651356][T14485] total_shmem 0
[  208.654981][T14485] total_mapped_file 4096
[  208.659220][T14485] total_dirty 0
[  208.662739][T14485] total_writeback 0
[  208.666592][T14485] total_workingset_refault_anon 14
[  208.671719][T14485] total_workingset_refault_file 95
[  208.676815][T14485] total_swap 188416
[  208.680606][T14485] total_swapcached 8192
[  208.684773][T14485] total_pgpgin 407934
[  208.688735][T14485] total_pgpgout 407929
[  208.692813][T14485] total_pgfault 425863
[  208.696897][T14485] total_pgmajfault 17
[  208.700919][T14485] total_inactive_anon 12288
[  208.705433][T14485] total_active_anon 0
[  208.709411][T14485] total_inactive_file 0
[  208.713625][T14485] total_active_file 8192
[  208.717891][T14485] total_unevictable 0
[  208.721966][T14485] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.3897,pid=14484,uid=0
[  208.736658][T14485] Memory cgroup out of memory: Killed process 14484 (syz.3.3897) total-vm:93752kB, anon-rss:1064kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000
[  209.025147][T14532] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=14532 comm=syz.5.3913
[  209.160003][T14540] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  209.191864][T14485] syz.3.3897 (14485) used greatest stack depth: 6952 bytes left
[  209.229861][T14545] x_tables: duplicate underflow at hook 2
[  209.331186][T14557] FAULT_INJECTION: forcing a failure.
[  209.331186][T14557] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  209.344509][T14557] CPU: 0 UID: 0 PID: 14557 Comm: syz.0.3924 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  209.344533][T14557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  209.344543][T14557] Call Trace:
[  209.344549][T14557]  <TASK>
[  209.344555][T14557]  __dump_stack+0x1d/0x30
[  209.344576][T14557]  dump_stack_lvl+0xe8/0x140
[  209.344634][T14557]  dump_stack+0x15/0x1b
[  209.344652][T14557]  should_fail_ex+0x265/0x280
[  209.344683][T14557]  should_fail_alloc_page+0xf2/0x100
[  209.344705][T14557]  __alloc_frozen_pages_noprof+0xff/0x360
[  209.344793][T14557]  alloc_pages_mpol+0xb3/0x250
[  209.344825][T14557]  alloc_migration_target_by_mpol+0x11b/0x280
[  209.344877][T14557]  migrate_pages_batch+0x2e7/0x17d0
[  209.344903][T14557]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[  209.344925][T14557]  ? __walk_page_range+0x324/0x340
[  209.345000][T14557]  ? mas_ascend+0x1e9/0x560
[  209.345019][T14557]  migrate_pages+0xf5f/0x1770
[  209.345042][T14557]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[  209.345072][T14557]  __se_sys_mbind+0x975/0xac0
[  209.345167][T14557]  __x64_sys_mbind+0x78/0x90
[  209.345195][T14557]  x64_sys_call+0x14af/0x2fb0
[  209.345218][T14557]  do_syscall_64+0xd2/0x200
[  209.345235][T14557]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  209.345293][T14557]  ? clear_bhb_loop+0x40/0x90
[  209.345316][T14557]  ? clear_bhb_loop+0x40/0x90
[  209.345382][T14557]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.345403][T14557] RIP: 0033:0x7f528bb7e929
[  209.345418][T14557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.345434][T14557] RSP: 002b:00007f528a1e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  209.345474][T14557] RAX: ffffffffffffffda RBX: 00007f528bda5fa0 RCX: 00007f528bb7e929
[  209.345486][T14557] RDX: 0000000000000000 RSI: 0100000000004000 RDI: 00002000005b4000
[  209.345498][T14557] RBP: 00007f528a1e7090 R08: 0000000000000000 R09: 0000000000000002
[  209.345544][T14557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  209.345555][T14557] R13: 0000000000000000 R14: 00007f528bda5fa0 R15: 00007fff60019cb8
[  209.345572][T14557]  </TASK>
[  209.616308][T14566] __nla_validate_parse: 3 callbacks suppressed
[  209.616323][T14566] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3926'.
[  209.638899][T14568] netlink: 'syz.5.3928': attribute type 29 has an invalid length.
[  209.665470][T14568] netlink: 'syz.5.3928': attribute type 29 has an invalid length.
[  209.677253][T14568] netlink: 500 bytes leftover after parsing attributes in process `syz.5.3928'.
[  209.763084][T14583] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3935'.
[  209.794384][T14588] IPVS: set_ctl: invalid protocol: 0 255.255.255.255:20002
[  209.879601][T14599] FAULT_INJECTION: forcing a failure.
[  209.879601][T14599] name failslab, interval 1, probability 0, space 0, times 0
[  209.892304][T14599] CPU: 0 UID: 0 PID: 14599 Comm: syz.5.3938 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  209.892332][T14599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  209.892342][T14599] Call Trace:
[  209.892348][T14599]  <TASK>
[  209.892355][T14599]  __dump_stack+0x1d/0x30
[  209.892373][T14599]  dump_stack_lvl+0xe8/0x140
[  209.892438][T14599]  dump_stack+0x15/0x1b
[  209.892530][T14599]  should_fail_ex+0x265/0x280
[  209.892555][T14599]  should_failslab+0x8c/0xb0
[  209.892652][T14599]  __kmalloc_noprof+0xa5/0x3e0
[  209.892674][T14599]  ? security_sk_alloc+0x52/0x120
[  209.892744][T14599]  security_sk_alloc+0x52/0x120
[  209.892794][T14599]  sk_prot_alloc+0xc2/0x190
[  209.892896][T14599]  sk_alloc+0x34/0x360
[  209.892921][T14599]  inet_create+0x3c0/0x780
[  209.892941][T14599]  __sock_create+0x2e9/0x5b0
[  209.892964][T14599]  sock_create_kern+0x38/0x50
[  209.893014][T14599]  mptcp_subflow_create_socket+0x84/0x630
[  209.893044][T14599]  __mptcp_nmpc_sk+0xb3/0x3b0
[  209.893070][T14599]  mptcp_bind+0x71/0x2f0
[  209.893105][T14599]  __sys_bind+0x1d1/0x2a0
[  209.893237][T14599]  __x64_sys_bind+0x3f/0x50
[  209.893303][T14599]  x64_sys_call+0x2086/0x2fb0
[  209.893324][T14599]  do_syscall_64+0xd2/0x200
[  209.893340][T14599]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  209.893364][T14599]  ? clear_bhb_loop+0x40/0x90
[  209.893409][T14599]  ? clear_bhb_loop+0x40/0x90
[  209.893431][T14599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.893449][T14599] RIP: 0033:0x7f2e3048e929
[  209.893465][T14599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.893480][T14599] RSP: 002b:00007f2e2ead6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  209.893519][T14599] RAX: ffffffffffffffda RBX: 00007f2e306b6080 RCX: 00007f2e3048e929
[  209.893530][T14599] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 0000000000000004
[  209.893540][T14599] RBP: 00007f2e2ead6090 R08: 0000000000000000 R09: 0000000000000000
[  209.893573][T14599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  209.893584][T14599] R13: 0000000000000000 R14: 00007f2e306b6080 R15: 00007ffff3c9e588
[  209.893600][T14599]  </TASK>
[  210.271599][T14606] netlink: 'syz.4.3942': attribute type 298 has an invalid length.
[  210.332424][T14612] Cannot find add_set index 0 as target
[  210.381272][T14614] FAULT_INJECTION: forcing a failure.
[  210.381272][T14614] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  210.394490][T14614] CPU: 1 UID: 0 PID: 14614 Comm: syz.5.3946 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  210.394535][T14614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  210.394545][T14614] Call Trace:
[  210.394551][T14614]  <TASK>
[  210.394557][T14614]  __dump_stack+0x1d/0x30
[  210.394578][T14614]  dump_stack_lvl+0xe8/0x140
[  210.394595][T14614]  dump_stack+0x15/0x1b
[  210.394609][T14614]  should_fail_ex+0x265/0x280
[  210.394654][T14614]  should_fail+0xb/0x20
[  210.394683][T14614]  should_fail_usercopy+0x1a/0x20
[  210.394763][T14614]  _copy_from_iter+0xcf/0xe40
[  210.394851][T14614]  ? __build_skb_around+0x1a0/0x200
[  210.394948][T14614]  ? __alloc_skb+0x223/0x320
[  210.394989][T14614]  netlink_sendmsg+0x471/0x6b0
[  210.395007][T14614]  ? __pfx_netlink_sendmsg+0x10/0x10
[  210.395023][T14614]  __sock_sendmsg+0x142/0x180
[  210.395049][T14614]  ____sys_sendmsg+0x31e/0x4e0
[  210.395138][T14614]  ___sys_sendmsg+0x17b/0x1d0
[  210.395249][T14614]  __x64_sys_sendmsg+0xd4/0x160
[  210.395287][T14614]  x64_sys_call+0x2999/0x2fb0
[  210.395343][T14614]  do_syscall_64+0xd2/0x200
[  210.395361][T14614]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  210.395391][T14614]  ? clear_bhb_loop+0x40/0x90
[  210.395493][T14614]  ? clear_bhb_loop+0x40/0x90
[  210.395515][T14614]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.395616][T14614] RIP: 0033:0x7f2e3048e929
[  210.395632][T14614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.395649][T14614] RSP: 002b:00007f2e2eaf7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  210.395670][T14614] RAX: ffffffffffffffda RBX: 00007f2e306b5fa0 RCX: 00007f2e3048e929
[  210.395681][T14614] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000006
[  210.395754][T14614] RBP: 00007f2e2eaf7090 R08: 0000000000000000 R09: 0000000000000000
[  210.395767][T14614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  210.395780][T14614] R13: 0000000000000000 R14: 00007f2e306b5fa0 R15: 00007ffff3c9e588
[  210.395872][T14614]  </TASK>
[  210.613818][T14621] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3949'.
[  210.646368][T14624] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  210.677971][T14629] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  210.708562][T14631] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3955'.
[  210.721452][T14631] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  210.728998][T14631] batman_adv: batadv0: Removing interface: batadv_slave_0
[  210.769202][T14631] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  210.776708][T14631] batman_adv: batadv0: Removing interface: batadv_slave_1
[  210.797921][T14633] netlink: 'syz.3.3956': attribute type 298 has an invalid length.
[  210.901789][T14644] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3959'.
[  211.033532][T14627] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3952'.
[  211.138337][T14655] vhci_hcd: invalid port number 96
[  211.143531][T14655] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  211.183764][T14659] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3963'.
[  211.199491][T14662] xt_HMARK: proto mask must be zero with L3 mode
[  211.218173][T14664] sch_tbf: burst 0 is lower than device lo mtu (18) !
[  211.614214][T14688] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3977'.
[  211.637590][T14691] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3978'.
[  212.103002][T14731] IPv4: Oversized IP packet from 127.202.26.0
[  212.399195][T14749] vhci_hcd: invalid port number 96
[  212.404408][T14749] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  212.436111][T14757] netlink: 'syz.5.4004': attribute type 10 has an invalid length.
[  212.452138][T14757] 8021q: adding VLAN 0 to HW filter on device bond0
[  212.462244][T14757] team0: Port device bond0 added
[  212.566897][T14776] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  212.591806][T14778] netlink: 'syz.4.4014': attribute type 298 has an invalid length.
[  212.698415][T14772] IPv4: Oversized IP packet from 127.202.26.0
[  212.705774][T14782] vhci_hcd: invalid port number 96
[  212.710904][T14782] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  212.763996][   T29] kauditd_printk_skb: 651 callbacks suppressed
[  212.764040][   T29] audit: type=1400 audit(1751104873.557:25654): avc:  denied  { write } for  pid=14795 comm="syz.0.4022" name="mcfilter6" dev="proc" ino=4026533165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  212.798704][   T29] audit: type=1326 audit(1751104873.577:25655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14797 comm="syz.0.4023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  212.822338][   T29] audit: type=1326 audit(1751104873.577:25656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14797 comm="syz.0.4023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  212.845962][   T29] audit: type=1326 audit(1751104873.577:25657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14797 comm="syz.0.4023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  212.869676][   T29] audit: type=1326 audit(1751104873.577:25658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14797 comm="syz.0.4023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  212.893258][   T29] audit: type=1326 audit(1751104873.577:25659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14797 comm="syz.0.4023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  212.916915][   T29] audit: type=1326 audit(1751104873.577:25660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14797 comm="syz.0.4023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  212.940611][   T29] audit: type=1326 audit(1751104873.577:25661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14797 comm="syz.0.4023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  212.964239][   T29] audit: type=1326 audit(1751104873.577:25662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14797 comm="syz.0.4023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  212.988068][   T29] audit: type=1326 audit(1751104873.577:25663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14797 comm="syz.0.4023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  212.994051][T14803] netlink: 'syz.3.4026': attribute type 298 has an invalid length.
[  213.102541][T14813] netlink: 'syz.5.4030': attribute type 3 has an invalid length.
[  213.196566][T14820] vhci_hcd: invalid port number 96
[  213.201737][T14820] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  213.346905][T14826] netlink: 'syz.5.4036': attribute type 3 has an invalid length.
[  213.364361][T14836] netlink: 'syz.0.4039': attribute type 298 has an invalid length.
[  213.670719][T14858] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  213.681830][T14856] program syz.0.4047 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  214.101991][T14902] FAULT_INJECTION: forcing a failure.
[  214.101991][T14902] name failslab, interval 1, probability 0, space 0, times 0
[  214.114672][T14902] CPU: 0 UID: 0 PID: 14902 Comm: syz.5.4069 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  214.114699][T14902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  214.114710][T14902] Call Trace:
[  214.114715][T14902]  <TASK>
[  214.114722][T14902]  __dump_stack+0x1d/0x30
[  214.114740][T14902]  dump_stack_lvl+0xe8/0x140
[  214.114756][T14902]  dump_stack+0x15/0x1b
[  214.114806][T14902]  should_fail_ex+0x265/0x280
[  214.114833][T14902]  ? io_wq_create+0x4b/0x4a0
[  214.114869][T14902]  should_failslab+0x8c/0xb0
[  214.114890][T14902]  __kmalloc_cache_noprof+0x4c/0x320
[  214.114916][T14902]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  214.115005][T14902]  io_wq_create+0x4b/0x4a0
[  214.115164][T14902]  io_uring_alloc_task_context+0x17d/0x2d0
[  214.115193][T14902]  __io_uring_add_tctx_node+0x1f3/0x2d0
[  214.115247][T14902]  __io_uring_add_tctx_node_from_submit+0x69/0xc0
[  214.115277][T14902]  __se_sys_io_uring_enter+0x195b/0x1b70
[  214.115307][T14902]  ? irq_work_queue+0x93/0x100
[  214.115391][T14902]  ? bpf_send_signal_common+0x280/0x300
[  214.115492][T14902]  ? __rcu_read_unlock+0x4f/0x70
[  214.115516][T14902]  ? bpf_trace_run2+0x124/0x1c0
[  214.115595][T14902]  ? __bpf_trace_sys_enter+0x10/0x30
[  214.115618][T14902]  __x64_sys_io_uring_enter+0x78/0x90
[  214.115649][T14902]  x64_sys_call+0x28c8/0x2fb0
[  214.115719][T14902]  do_syscall_64+0xd2/0x200
[  214.115737][T14902]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  214.115763][T14902]  ? clear_bhb_loop+0x40/0x90
[  214.115799][T14902]  ? clear_bhb_loop+0x40/0x90
[  214.115834][T14902]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.115888][T14902] RIP: 0033:0x7f2e3048e929
[  214.115904][T14902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.115922][T14902] RSP: 002b:00007f2e2eaf7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  214.115942][T14902] RAX: ffffffffffffffda RBX: 00007f2e306b5fa0 RCX: 00007f2e3048e929
[  214.115956][T14902] RDX: 0000000000000000 RSI: 00000000000047fa RDI: 0000000000000007
[  214.115969][T14902] RBP: 00007f2e2eaf7090 R08: 0000000000000000 R09: 0000000000000000
[  214.115982][T14902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.115996][T14902] R13: 0000000000000000 R14: 00007f2e306b5fa0 R15: 00007ffff3c9e588
[  214.116056][T14902]  </TASK>
[  214.130609][T14914] x_tables: duplicate underflow at hook 2
[  214.603306][T14950] netlink: 'syz.3.4087': attribute type 3 has an invalid length.
[  214.773539][T14983] __nla_validate_parse: 11 callbacks suppressed
[  214.773553][T14983] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4102'.
[  214.940898][T15002] FAULT_INJECTION: forcing a failure.
[  214.940898][T15002] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  214.954083][T15002] CPU: 1 UID: 0 PID: 15002 Comm: syz.5.4110 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  214.954112][T15002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  214.954125][T15002] Call Trace:
[  214.954132][T15002]  <TASK>
[  214.954139][T15002]  __dump_stack+0x1d/0x30
[  214.954228][T15002]  dump_stack_lvl+0xe8/0x140
[  214.954245][T15002]  dump_stack+0x15/0x1b
[  214.954259][T15002]  should_fail_ex+0x265/0x280
[  214.954357][T15002]  should_fail+0xb/0x20
[  214.954379][T15002]  should_fail_usercopy+0x1a/0x20
[  214.954406][T15002]  _copy_to_user+0x20/0xa0
[  214.954514][T15002]  simple_read_from_buffer+0xb5/0x130
[  214.954541][T15002]  proc_fail_nth_read+0x100/0x140
[  214.954618][T15002]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  214.954647][T15002]  vfs_read+0x1a0/0x6f0
[  214.954678][T15002]  ? __rcu_read_unlock+0x4f/0x70
[  214.954727][T15002]  ? __fget_files+0x184/0x1c0
[  214.954745][T15002]  ksys_read+0xda/0x1a0
[  214.954813][T15002]  __x64_sys_read+0x40/0x50
[  214.954843][T15002]  x64_sys_call+0x2d77/0x2fb0
[  214.954865][T15002]  do_syscall_64+0xd2/0x200
[  214.954889][T15002]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  214.954916][T15002]  ? clear_bhb_loop+0x40/0x90
[  214.954934][T15002]  ? clear_bhb_loop+0x40/0x90
[  214.954953][T15002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.954974][T15002] RIP: 0033:0x7f2e3048d33c
[  214.954994][T15002] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  214.955011][T15002] RSP: 002b:00007f2e2eaf7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  214.955031][T15002] RAX: ffffffffffffffda RBX: 00007f2e306b5fa0 RCX: 00007f2e3048d33c
[  214.955044][T15002] RDX: 000000000000000f RSI: 00007f2e2eaf70a0 RDI: 0000000000000005
[  214.955057][T15002] RBP: 00007f2e2eaf7090 R08: 0000000000000000 R09: 0000000000000000
[  214.955070][T15002] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000001
[  214.955084][T15002] R13: 0000000000000000 R14: 00007f2e306b5fa0 R15: 00007ffff3c9e588
[  214.955105][T15002]  </TASK>
[  215.201660][T15014] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4116'.
[  215.226085][T15013] block device autoloading is deprecated and will be removed.
[  215.276018][T15027] netlink: 'syz.5.4122': attribute type 298 has an invalid length.
[  215.415785][T15044] vhci_hcd: invalid port number 96
[  215.420947][T15044] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  215.448731][T15050] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[  215.656303][T15066] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4134'.
[  215.667801][T15066] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  215.675281][T15066] batman_adv: batadv0: Removing interface: batadv_slave_0
[  215.689234][T15066] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  215.696901][T15066] batman_adv: batadv0: Removing interface: batadv_slave_1
[  216.269198][T15116] FAULT_INJECTION: forcing a failure.
[  216.269198][T15116] name failslab, interval 1, probability 0, space 0, times 0
[  216.281970][T15116] CPU: 1 UID: 0 PID: 15116 Comm: syz.1.4151 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  216.282000][T15116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  216.282012][T15116] Call Trace:
[  216.282019][T15116]  <TASK>
[  216.282027][T15116]  __dump_stack+0x1d/0x30
[  216.282069][T15116]  dump_stack_lvl+0xe8/0x140
[  216.282084][T15116]  dump_stack+0x15/0x1b
[  216.282097][T15116]  should_fail_ex+0x265/0x280
[  216.282177][T15116]  should_failslab+0x8c/0xb0
[  216.282244][T15116]  kmem_cache_alloc_noprof+0x50/0x310
[  216.282266][T15116]  ? getname_flags+0x80/0x3b0
[  216.282284][T15116]  getname_flags+0x80/0x3b0
[  216.282302][T15116]  getname_uflags+0x21/0x30
[  216.282414][T15116]  __x64_sys_execveat+0x5d/0x90
[  216.282440][T15116]  x64_sys_call+0x2dae/0x2fb0
[  216.282456][T15116]  do_syscall_64+0xd2/0x200
[  216.282471][T15116]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  216.282501][T15116]  ? clear_bhb_loop+0x40/0x90
[  216.282558][T15116]  ? clear_bhb_loop+0x40/0x90
[  216.282575][T15116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.282591][T15116] RIP: 0033:0x7f85f99be929
[  216.282604][T15116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.282640][T15116] RSP: 002b:00007f85f8027038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  216.282658][T15116] RAX: ffffffffffffffda RBX: 00007f85f9be5fa0 RCX: 00007f85f99be929
[  216.282669][T15116] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  216.282731][T15116] RBP: 00007f85f8027090 R08: 0000000000001000 R09: 0000000000000000
[  216.282741][T15116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.282751][T15116] R13: 0000000000000000 R14: 00007f85f9be5fa0 R15: 00007ffdb9da2008
[  216.282768][T15116]  </TASK>
[  216.533411][T15128] netlink: 'syz.0.4157': attribute type 1 has an invalid length.
[  216.544246][T15128] syzkaller1: entered promiscuous mode
[  216.549729][T15128] syzkaller1: entered allmulticast mode
[  216.549958][T15124] vhci_hcd: invalid port number 96
[  216.560552][T15124] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  216.582428][T15126] FAULT_INJECTION: forcing a failure.
[  216.582428][T15126] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  216.595543][T15126] CPU: 0 UID: 0 PID: 15126 Comm: syz.3.4156 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  216.595645][T15126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  216.595657][T15126] Call Trace:
[  216.595702][T15126]  <TASK>
[  216.595710][T15126]  __dump_stack+0x1d/0x30
[  216.595732][T15126]  dump_stack_lvl+0xe8/0x140
[  216.595753][T15126]  dump_stack+0x15/0x1b
[  216.595770][T15126]  should_fail_ex+0x265/0x280
[  216.595799][T15126]  should_fail+0xb/0x20
[  216.595884][T15126]  should_fail_usercopy+0x1a/0x20
[  216.595948][T15126]  _copy_from_user+0x1c/0xb0
[  216.596050][T15126]  load_msg+0x173/0x2f0
[  216.596072][T15126]  do_msgsnd+0xdc/0xaf0
[  216.596090][T15126]  ? __rcu_read_unlock+0x4f/0x70
[  216.596109][T15126]  ? __fget_files+0x184/0x1c0
[  216.596176][T15126]  ? fput+0x8f/0xc0
[  216.596201][T15126]  __x64_sys_msgsnd+0xa8/0xc0
[  216.596226][T15126]  x64_sys_call+0x28de/0x2fb0
[  216.596258][T15126]  do_syscall_64+0xd2/0x200
[  216.596348][T15126]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  216.596369][T15126]  ? clear_bhb_loop+0x40/0x90
[  216.596387][T15126]  ? clear_bhb_loop+0x40/0x90
[  216.596408][T15126]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.596470][T15126] RIP: 0033:0x7f43df9ee929
[  216.596484][T15126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.596499][T15126] RSP: 002b:00007f43de057038 EFLAGS: 00000246 ORIG_RAX: 0000000000000045
[  216.596522][T15126] RAX: ffffffffffffffda RBX: 00007f43dfc15fa0 RCX: 00007f43df9ee929
[  216.596535][T15126] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000000
[  216.596548][T15126] RBP: 00007f43de057090 R08: 0000000000000000 R09: 0000000000000000
[  216.596562][T15126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.596575][T15126] R13: 0000000000000000 R14: 00007f43dfc15fa0 R15: 00007fffca921268
[  216.596599][T15126]  </TASK>
[  216.799173][T15136] netlink: 'syz.1.4160': attribute type 3 has an invalid length.
[  216.852131][T15144] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4163'.
[  216.873328][T15147] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15147 comm=syz.5.4165
[  217.060008][T15172] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4174'.
[  217.097631][T15174] 9pnet_fd: Insufficient options for proto=fd
[  217.165593][T15180] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4177'.
[  217.291639][T15194] vhci_hcd: invalid port number 96
[  217.296864][T15194] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  217.380928][T15208] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4192'.
[  217.422962][T15162] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4172'.
[  217.463142][T15218] validate_nla: 1 callbacks suppressed
[  217.463156][T15218] netlink: 'syz.0.4197': attribute type 3 has an invalid length.
[  217.612551][T15228] vhci_hcd: invalid port number 96
[  217.617751][T15228] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  217.666972][T15236] FAULT_INJECTION: forcing a failure.
[  217.666972][T15236] name failslab, interval 1, probability 0, space 0, times 0
[  217.679760][T15236] CPU: 1 UID: 0 PID: 15236 Comm: syz.0.4205 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  217.679860][T15236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  217.679872][T15236] Call Trace:
[  217.679880][T15236]  <TASK>
[  217.679887][T15236]  __dump_stack+0x1d/0x30
[  217.679909][T15236]  dump_stack_lvl+0xe8/0x140
[  217.679929][T15236]  dump_stack+0x15/0x1b
[  217.679946][T15236]  should_fail_ex+0x265/0x280
[  217.680015][T15236]  ? __se_sys_mount+0xef/0x2e0
[  217.680034][T15236]  should_failslab+0x8c/0xb0
[  217.680057][T15236]  __kmalloc_cache_noprof+0x4c/0x320
[  217.680112][T15236]  ? memdup_user+0x99/0xd0
[  217.680137][T15236]  __se_sys_mount+0xef/0x2e0
[  217.680155][T15236]  ? fput+0x8f/0xc0
[  217.680180][T15236]  ? ksys_write+0x192/0x1a0
[  217.680278][T15236]  __x64_sys_mount+0x67/0x80
[  217.680296][T15236]  x64_sys_call+0xd36/0x2fb0
[  217.680318][T15236]  do_syscall_64+0xd2/0x200
[  217.680337][T15236]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  217.680363][T15236]  ? clear_bhb_loop+0x40/0x90
[  217.680424][T15236]  ? clear_bhb_loop+0x40/0x90
[  217.680447][T15236]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.680468][T15236] RIP: 0033:0x7f528bb7e929
[  217.680484][T15236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.680579][T15236] RSP: 002b:00007f528a1e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  217.680666][T15236] RAX: ffffffffffffffda RBX: 00007f528bda5fa0 RCX: 00007f528bb7e929
[  217.680680][T15236] RDX: 0000200000000040 RSI: 0000200000000000 RDI: 0000000000000000
[  217.680693][T15236] RBP: 00007f528a1e7090 R08: 0000200000000140 R09: 0000000000000000
[  217.680706][T15236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.680728][T15236] R13: 0000000000000000 R14: 00007f528bda5fa0 R15: 00007fff60019cb8
[  217.680748][T15236]  </TASK>
[  217.952101][T15245] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4208'.
[  218.029756][T15253] netlink: 'syz.1.4212': attribute type 3 has an invalid length.
[  218.069466][   T29] kauditd_printk_skb: 602 callbacks suppressed
[  218.069480][   T29] audit: type=1400 audit(1751104878.857:26266): avc:  denied  { read } for  pid=15248 comm="syz.5.4209" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  218.103840][   T29] audit: type=1400 audit(1751104878.887:26267): avc:  denied  { create } for  pid=15248 comm="syz.5.4209" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  218.123507][   T29] audit: type=1400 audit(1751104878.887:26268): avc:  denied  { getopt } for  pid=15248 comm="syz.5.4209" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  218.143114][   T29] audit: type=1400 audit(1751104878.887:26269): avc:  denied  { bind } for  pid=15248 comm="syz.5.4209" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  218.190431][   T29] audit: type=1326 audit(1751104878.977:26270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15264 comm="syz.0.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  218.214066][   T29] audit: type=1326 audit(1751104878.977:26271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15264 comm="syz.0.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  218.240223][   T29] audit: type=1326 audit(1751104879.007:26272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15264 comm="syz.0.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  218.263911][   T29] audit: type=1326 audit(1751104879.007:26273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15264 comm="syz.0.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  218.287500][   T29] audit: type=1326 audit(1751104879.007:26274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15264 comm="syz.0.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  218.311124][   T29] audit: type=1326 audit(1751104879.007:26275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15264 comm="syz.0.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f528bb7e929 code=0x7ffc0000
[  218.579203][T15281] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4220'.
[  219.011942][T15276] SELinux:  policydb table sizes (-1123177151,1006851136) do not match mine (6,7)
[  219.042033][T15276] SELinux: failed to load policy
[  219.206256][T15303] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  219.345385][T15313] vhci_hcd: invalid port number 96
[  219.350532][T15313] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  219.399447][T15317] netlink: 'syz.1.4236': attribute type 8 has an invalid length.
[  219.685833][T15344] vhci_hcd: invalid port number 96
[  219.690983][T15344] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  219.755412][T15356] netlink: 'syz.0.4252': attribute type 3 has an invalid length.
[  219.832158][T15363] netlink: 'syz.1.4256': attribute type 1 has an invalid length.
[  219.852024][T15359] netlink: 'syz.5.4253': attribute type 1 has an invalid length.
[  219.859854][T15359] __nla_validate_parse: 3 callbacks suppressed
[  219.859905][T15359] netlink: 224 bytes leftover after parsing attributes in process `syz.5.4253'.
[  220.141825][T15385] vhci_hcd: invalid port number 96
[  220.147003][T15385] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  220.251455][T15392] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4268'.
[  220.270033][T15392] vlan2: entered promiscuous mode
[  220.275152][T15392] hsr0: entered promiscuous mode
[  220.300065][T15403] SELinux:  Context !�Լ:m�� is not valid (left unmapped).
[  220.308858][T15406] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4268'.
[  220.318789][T15390] FAULT_INJECTION: forcing a failure.
[  220.318789][T15390] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  220.324178][T15406] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4268'.
[  220.332029][T15390] CPU: 1 UID: 0 PID: 15390 Comm: syz.0.4267 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  220.332072][T15390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  220.332084][T15390] Call Trace:
[  220.332090][T15390]  <TASK>
[  220.332097][T15390]  __dump_stack+0x1d/0x30
[  220.332119][T15390]  dump_stack_lvl+0xe8/0x140
[  220.332207][T15390]  dump_stack+0x15/0x1b
[  220.332224][T15390]  should_fail_ex+0x265/0x280
[  220.332254][T15390]  should_fail+0xb/0x20
[  220.332285][T15390]  should_fail_usercopy+0x1a/0x20
[  220.332360][T15390]  _copy_to_user+0x20/0xa0
[  220.332381][T15390]  simple_read_from_buffer+0xb5/0x130
[  220.332483][T15390]  proc_fail_nth_read+0x100/0x140
[  220.332515][T15390]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  220.332592][T15390]  vfs_read+0x1a0/0x6f0
[  220.332621][T15390]  ? __rcu_read_unlock+0x4f/0x70
[  220.332642][T15390]  ? __fget_files+0x184/0x1c0
[  220.332664][T15390]  ksys_read+0xda/0x1a0
[  220.332729][T15390]  __x64_sys_read+0x40/0x50
[  220.332759][T15390]  x64_sys_call+0x2d77/0x2fb0
[  220.332780][T15390]  do_syscall_64+0xd2/0x200
[  220.332839][T15390]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  220.332864][T15390]  ? clear_bhb_loop+0x40/0x90
[  220.332964][T15390]  ? clear_bhb_loop+0x40/0x90
[  220.333007][T15390]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.333085][T15390] RIP: 0033:0x7f528bb7d33c
[  220.333098][T15390] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  220.333113][T15390] RSP: 002b:00007f528a1e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  220.333131][T15390] RAX: ffffffffffffffda RBX: 00007f528bda5fa0 RCX: 00007f528bb7d33c
[  220.333161][T15390] RDX: 000000000000000f RSI: 00007f528a1e70a0 RDI: 0000000000000007
[  220.333173][T15390] RBP: 00007f528a1e7090 R08: 0000000000000000 R09: 0000000000000000
[  220.333185][T15390] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000001
[  220.333198][T15390] R13: 0000000000000000 R14: 00007f528bda5fa0 R15: 00007fff60019cb8
[  220.333215][T15390]  </TASK>
[  220.635669][T15424] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4280'.
[  220.709517][T15432] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4283'.
[  220.718763][T15429] xt_CT: You must specify a L4 protocol and not use inversions on it
[  220.727653][T15431] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4283'.
[  220.783516][T15439] ==================================================================
[  220.791616][T15439] BUG: KCSAN: data-race in mas_replace_node / mas_state_walk
[  220.798986][T15439] 
[  220.801296][T15439] write to 0xffff888103095c00 of 8 bytes by task 15438 on cpu 0:
[  220.809000][T15439]  mas_replace_node+0x1a6/0x410
[  220.813841][T15439]  mas_wr_store_entry+0x2406/0x2b50
[  220.819044][T15439]  mas_store_prealloc+0x74d/0x9e0
[  220.824070][T15439]  vma_iter_store_new+0x1c5/0x200
[  220.829087][T15439]  vma_complete+0x125/0x580
[  220.833578][T15439]  __split_vma+0x591/0x650
[  220.837987][T15439]  vma_modify+0x21e/0xc80
[  220.842309][T15439]  vma_modify_flags+0x101/0x130
[  220.847152][T15439]  mprotect_fixup+0x2cc/0x570
[  220.851823][T15439]  do_mprotect_pkey+0x6d6/0x980
[  220.856667][T15439]  __x64_sys_mprotect+0x48/0x60
[  220.861507][T15439]  x64_sys_call+0x2794/0x2fb0
[  220.866176][T15439]  do_syscall_64+0xd2/0x200
[  220.870669][T15439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.876549][T15439] 
[  220.878862][T15439] read to 0xffff888103095c00 of 8 bytes by task 15439 on cpu 1:
[  220.886481][T15439]  mas_state_walk+0x485/0x650
[  220.891154][T15439]  mas_walk+0x30/0x120
[  220.895223][T15439]  lock_vma_under_rcu+0xa2/0x2f0
[  220.900153][T15439]  do_user_addr_fault+0x233/0x1090
[  220.905265][T15439]  exc_page_fault+0x62/0xa0
[  220.909761][T15439]  asm_exc_page_fault+0x26/0x30
[  220.914599][T15439] 
[  220.916905][T15439] value changed: 0xffff888108cc9b0e -> 0xffff888103095c00
[  220.923994][T15439] 
[  220.926304][T15439] Reported by Kernel Concurrency Sanitizer on:
[  220.932442][T15439] CPU: 1 UID: 0 PID: 15439 Comm: syz.0.4286 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  220.944926][T15439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  220.954970][T15439] ==================================================================