last executing test programs:

55.728936705s ago: executing program 1 (id=735):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0x2, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYRES64=0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0xdc0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r0, 0x0, 0x800000000000}, 0x18) (async)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) (async)
r1 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x6, &(0x7f0000000340)=0xfffffff6, 0x4) (async)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000380)=[@in={0x2, 0x4e20, @private=0xa010102}, @in6={0xa, 0x1ffe, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, @in6={0xa, 0x4e20, 0x9, @dev={0xfe, 0x80, '\x00', 0x13}, 0x9}, @in6={0xa, 0x4e21, 0x81000000, @mcast1, 0x81}], 0x64) (async)
r2 = fsopen(&(0x7f0000000180)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) (async)
r3 = fsmount(r2, 0x1, 0x0)
fchdir(r3) (async)
r4 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r4, 0x0, 0x25, 0x0, 0xc) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) (async)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0, 0x0) (async)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f00000001c0)=0x2, 0x11) (async)
syz_open_procfs(0x0, &(0x7f0000000140)='net/tcp6\x00')
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x2}, 0x1c) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0900000004d100005393000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYRES64, @ANYRES32, @ANYRESHEX=r5], &(0x7f0000000780)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
listen(r6, 0x0) (async)
setsockopt$sock_int(r6, 0x1, 0xf, &(0x7f0000000000)=0x8, 0x4)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0x2b, &(0x7f0000000180)=0xfffffffd, 0x4) (async)
bind$inet6(r7, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x7, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r8, 0x6, 0x3, &(0x7f0000000280)=0x40, 0x4)
listen(r7, 0x0)

55.654906396s ago: executing program 1 (id=738):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x0, 0xa, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x61980, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
fcntl$lock(0xffffffffffffffff, 0x5, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x10001, 0x7)
r1 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000005c0)={r2, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=ANY=[@ANYRES64, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00dfcdb5aa288e6a67000000000000000000000000000000000000003b3dc64a9aae056bb05cf1f199c243300dab5e50"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r3}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001cc0)=ANY=[], 0x48)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r4, &(0x7f00000001c0), &(0x7f0000000280)=@udp=r5}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000f8dbdf250301f2800c00180008ac0f00000000001400010000000000000000000000ffffac14142d50bb2d6f67d29d6fabadb107d0def49c880704abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be0400e90000"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r4, &(0x7f0000000640)="b4", &(0x7f0000000180)=@udp=r5}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC=0x0, @ANYRES8=r5, @ANYBLOB="0000000000000000b7080000930882a07b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000000140001"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket(0x10, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

55.520090058s ago: executing program 1 (id=742):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00'}, 0x10)
r0 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000080)={0x0})
r1 = socket$igmp(0x2, 0x3, 0x2)
ioctl$SIOCGETMIFCNT_IN6(r1, 0x89e0, &(0x7f0000000040)={0xffffffffffffffff})
ioctl$MON_IOCX_GETX(r0, 0x80089203, 0x0)
syz_open_dev$usbfs(&(0x7f0000000000), 0x205, 0x44680)

55.263324142s ago: executing program 1 (id=744):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==") (async)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) (async)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x16}, {}, {}, {}, {}, {}, {0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x7}, {}, {}, {}, {0x0, 0x0, 0x0, 0xffff8acc}]}}, @common=@hl={{0x28}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@private, 'veth1_macvtap\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)
r1 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000009c0)="010000000037a788a11d1f000000000000006923c63a4541062101b60a2156566de77062086575a59ea9cb", 0x2b, r1)
keyctl$instantiate(0xc, r1, &(0x7f0000000000)=ANY=[@ANYBLOB=': 00000000000000000230\x00'], 0x27, 0xfffffffffffffffb)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x5) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x5)
mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0)
syz_emit_ethernet(0x9a, &(0x7f0000000600)=ANY=[@ANYBLOB="0180c20000030180c200000188a8060081002b0086dd60400000005c060100000000000000000000000000000000fe8000000000000000000000000000aa0106000000000000032f1c77ec50c8a5260b9657f14c0b4d5f8413ff4eb8537049fd4ebef9682db13788a5a2d1164b5a0c737fe04631c13502000000000000005e0005c8650000004e214e1e", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYRESHEX=r2], 0x0) (async)
syz_emit_ethernet(0x9a, &(0x7f0000000600)=ANY=[@ANYBLOB="0180c20000030180c200000188a8060081002b0086dd60400000005c060100000000000000000000000000000000fe8000000000000000000000000000aa0106000000000000032f1c77ec50c8a5260b9657f14c0b4d5f8413ff4eb8537049fd4ebef9682db13788a5a2d1164b5a0c737fe04631c13502000000000000005e0005c8650000004e214e1e", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYRESHEX=r2], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000500)=0x2) (async)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000500)=0x2)
socket$inet6(0xa, 0x3, 0xff)
r4 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=<r5=>0x0, &(0x7f0000000580)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x100000004, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r4, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
rt_sigsuspend(&(0x7f00000002c0)={[0x225c17d03]}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYRESOCT=r3], &(0x7f00000001c0)='GPL\x00'}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
dup(r7)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3014850, &(0x7f00000006c0)={[{@noquota}, {@noquota}, {@grpjquota}, {@noauto_da_alloc}, {@dioread_lock}]}, 0x2, 0x4f3, &(0x7f0000000700)="$eJzs3c9vG0sdAPDvOnGTtHk4Dzg8nsSjgofSCmonDW0jDiVICE6VKOXCKYTEiaI4cRQ7bRNVKBV/ABLil+DEiQsSZ4SE+icgpEpwRwiBKmjLgQNgtM6ahtRJnNc4buPPR5ru7M7ufmfqeOzZWXkD6FsXI2ImIgYi4nJEFLLtuSzFzm5K93v29MF8mpJoDN35WxJJtq11riRbXsgOG46Ir30l4lvJy3FrW9src5VKeSNbL9VX10u1re0ry6tzS+Wl8trM1OT16RvT16YnTqytN7/05x9+9+dfvvmbz9774+xfL307rdZoVra3HZ3Y6XC/3abnm/8XLYMRsXGcYK+xgaw9+V5XBACAjqTf8T8cEZ+MiOc/6XVtAAAAgG5ofGE0/pVENAAAAIAzK9e8BzbJFbN7AUYjlysWd+/h/Wicz1WqtfpnFqubawu798qORT63uFwpT2T3Co9FPknXJ5v5F+tX961PRcTbEfH9wkhzvThfrSz0+uIHAAAA9IkL+8b//yjsjv8BAACAM2as1xUAAAAAus74HwAAAM6+A8f/yeDpVgQAAADohq/eupWmRuv51wt3tzZXqnevLJRrK8XVzfnifHVjvbhUrS41f7Nv9ajzVarV9c/F2ub9Ur1cq5dqW9uzq9XNtfps87nes+VG4VSaBQAAAOzx9ice/SGJiJ3PjzRT6lxWlj/68Jnu1g7optzxdk+6VQ/g9A30ugJAz7jBF/pXB2N84Iw7YmD/g33rx7xsAAAAvA7GP/ZK8//mA+ENZiAP/cv8P/Qv8//Qv8z/Q58bOnqX4YMKfnvCdQEAALpmtJmSXDGbCxyNXK5YjHir+ViAfLK4XClPRMSHIuL3hfxQuj7Z60oDAAAAAAAAAAAAAAAAAAAAAAAAwBum0UiiAQAAAJxpEbm/JNmD/McL74/uvz5wLvlnobmMiHs/vfOj+3P1+sZkuv3v/9te/3G2/WprS+obp3wlAwAAAGhpjdNb43gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOEnPnj6Yb6XTjPvkixEx1i7+YAw3l8O/KkTE+edJDO45LomIgROIv/MwIt5pFz9JqxVjWS32x89FxEiP4184gfjQzx6l/c9M+v7L73v/5eJic9n+/TeYpVf15OJB/V+u1f81+7l2/d9bh596uJV59/EvSy+VFrL4DyPeHWzf/7TiJ+3in+u8jd/8+vb2QWWNn0WMH/H5k8Yv1VfXS7Wt7SvLq3NL5aXy2tTU5PXpG9PXpidKi8uVcvZv2xjf+/iv/3NQ/LT959vG3+1/D2x/RLzfYfv//fj+048cEv/Sp9q//u8cEj/9m/h09jmQlo+38ju7+b3e+8Xv3jus/QsHtP/Q1z8iLnXY/su3v/OnDncFAE5BbWt7Za5SKW90JTPStTPLpJnq2lH7pN8TP3CI/Kn8kch0M3M7ew2PfXgPOyUAAKArXnzp319yjAkeAAAAAAAAAAAAAAAAAAAA4JV0/UfIhv7/lwWGe9dUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBD/TcAAP//V7HNuw==")
chmod(&(0x7f0000000340)='./file1\x00', 0x0) (async)
chmod(&(0x7f0000000340)='./file1\x00', 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x66960000)

54.424983306s ago: executing program 1 (id=751):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000000)={0x4000004}, 0x10)
write(r1, &(0x7f0000000080)="240000001a007f0214f9f407000904080a000000000000050002000008000f40fe00000e", 0x24) (fail_nth: 5)

54.054489252s ago: executing program 1 (id=753):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r2, 0x402, 0x8000001f)
r3 = openat(r2, &(0x7f0000000040)='.\x00', 0x0, 0x82)
fcntl$notify(r3, 0x402, 0x4)
close(r3)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r4}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00', <r9=>0x0})
fcntl$notify(r5, 0x402, 0x4)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x20, r7, 0x1, 0x0, 0x0, {0x1a}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r10}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
close(r0)

54.053882042s ago: executing program 32 (id=753):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r2, 0x402, 0x8000001f)
r3 = openat(r2, &(0x7f0000000040)='.\x00', 0x0, 0x82)
fcntl$notify(r3, 0x402, 0x4)
close(r3)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r4}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00', <r9=>0x0})
fcntl$notify(r5, 0x402, 0x4)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x20, r7, 0x1, 0x0, 0x0, {0x1a}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r10}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
close(r0)

16.163803334s ago: executing program 0 (id=1466):
r0 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0), 0x4)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r1}, &(0x7f0000000380), &(0x7f00000003c0)=r2}, 0x20)
bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e20, 0x1fffffe, @local, 0xb852}, 0x1c)

16.126477434s ago: executing program 0 (id=1467):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x0)
r1 = accept4$unix(r0, 0x0, 0x0, 0x0)
recvfrom$unix(r1, &(0x7f0000000140)=""/263, 0x107, 0x0, 0x0, 0x0)

15.235601808s ago: executing program 0 (id=1487):
add_key(&(0x7f00000001c0)='logon\x00', &(0x7f00000002c0)={'syz', 0x0}, &(0x7f0000000340)='J', 0x1, 0xffffffffffffffff)

15.234588628s ago: executing program 0 (id=1489):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f0000000100), 0x1, 0x596, &(0x7f0000000140)="$eJzs3U1oHOUbAPBnZpN/v/I3FRRUeigqVCjdfLTV6qm9ioVCD4IIGjbbULLJhmyiTQiY3ovYg6j0Um968Kh48CBePHr1ongWig0KTQ+6MvuRpskm3aRNtmZ/P5jdeeedned9d/Z5d2cymw2gax3NbtKIZyPiQhLRv6quJxqVR+vrLS8tFO4uLRSSqFYv/pFEEhF3lhYKzfWTxv2hiFiMiGci4ofeiOPp+riVufnxkVKpON0oD8xMTA1U5uZPXJ4YGSuOFSdPvvLq6TOnTg8ND61+2N3q6lLv1vp67dfrH1776fWb17/86shi4eORJM5GX6Ou2Y/hrW3ygZJGQ8+uWX7qEcfptKTTDWBbco08z1Lp6eiPXCPrW6n272rTgB1W3RdRBbpUIv+hSzU/B2THv81pNz9/3DpXPwDJ4i43pnpNT/3cROyvHZsc/DO578gkO948vJsNZU9avBoRgz0961//SeP1t32DqwsHHnJj7Ijvz9V31Pr9n66MP9Fi/Olrnjt9SM3xb3nd+Hcvfm6D8e9CmzH+fuu3zyLi7Zbxr0Y81xP7Y138ZCV+0iJ+GhHvthn/xpvfntmorvp5xLFo1f97ZxSTzc8PD1y6XCoO1m9bxvju2JHXNoqf9f/gBvHr52z3195mWj3/U232/5sfv35+cZP4L72w+f5v9fxnw8lHbcZ/8s4Xb2xUd+tqcjv7FNCq/5vFz5bdbDP+y2eP/tLmqgAAAAAAAAAAwBaktWvZkjS/Mp+m+Xz9O7xPxcG0VK7MHL9Unp0crV/zdjh60+aVVv31cpKVhxrX4zbLw2vKJ3ONgLkDtXK+UC6NdrjvAAAAAAAAAAAAAAAAAAAA8Lg4tOb7/3/lat//X/tz1cBetfFPfgN7nfyH7nV//icdawew+7z/Q9eqyn/oXvIfupf8h+4l/6F7bTP//aEA9gDv/9C95D8AAAAAAAAAAAAAAAAAAAAAAAAAAOyIC+fPZ1P17tJCISuP9szNjpffOzFarIznJ2YL+UJ5eio/Vi6PlYr5QnniQdtLyuWpwZicvTIwU6zMDFTm5t+ZKM9ONv9VeLF3x3sEAAAAAAAAAAAAAAAAAAAA/z19tSlJ8xGR1ubTNJ+P+H9EHI7e5NLlUnEwIp6IiJ9zvfuy8lCnGw0AAAAAAAAAAAAAAAAAAAB7TGVufnykVCpON2Y+mF67ZG/N9Gxl5YhYfLTNyLa45Uf1NvbV4/IcmumGmQ4PTAAAAAAAAAAAAAAAAAAA0IUqc/PVakRxutLuI/7Z2QYBAAAAAAAAAAAAAAAAAABAV0p/TyIim471v9i3tvZ/yXKudh8R79+4+MmVkZmZ6aFs+e2V5TOfNpYPd6L9QLuaedrMYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCeytz8+EipVJzewZlO9xEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgO/4NAAD//w1H15g=")
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000001280)={'bond0\x00', &(0x7f0000001240)=@ethtool_channels={0x3d, 0x6, 0x7, 0x7f, 0x2, 0x0, 0xfffffff9, 0x6, 0x1}})
fallocate(0xffffffffffffffff, 0x1, 0xfff, 0x5)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x3, 0x7}, 0x0, 0x5, 0x800000, 0x7, 0x6, 0x2, 0x3, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000740)={0x1, &(0x7f0000000700)=[{0x200000000006, 0x0, 0xff, 0x7ffc1ff8}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001300)=@newtaction={0x88c, 0x30, 0xffff, 0x3, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x4, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffc, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7fff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x7, 0x0, 0x0, 0xfffffffe, {0x4, 0x0, 0x0, 0x0, 0xb, 0x3}, {0x4, 0x2, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x3, 0x2}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1000000, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, 0x4, 0x0, 0x0, 0x0, 0x1, 0x25d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x2, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x80000, 0x0, 0x0, 0x0, 0xf9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xffffff81, 0x0, 0x0, 0xffffff7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x8]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x2}}}}]}]}, 0x88c}}, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xbfd1, 0x0)
write$selinux_user(0xffffffffffffffff, 0x0, 0x27)
semget$private(0x0, 0x6, 0x180)
write$cgroup_int(r1, &(0x7f0000000000)=0xfe8e, 0x12)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000040), 0x66)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r4, 0x1, 0x14, &(0x7f0000000040), 0x3b)
ioctl$sock_SIOCGIFCONF(r2, 0x8912, &(0x7f00000007c0)=@req={0x28, &(0x7f0000000780)={'ip6_vti0\x00', @ifru_addrs=@llc={0x1a, 0x101, 0xb, 0x6, 0x0, 0x7, @random="8aa1ba97fc79"}}})
kexec_load(0x3e00, 0x0, 0x0, 0x0)
ioctl$SIOCPNADDRESOURCE(r1, 0x89e0, &(0x7f0000000040)=0x1)
socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000800)={0xf, {{0x2, 0x4e23, @local}}}, 0x88)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)
syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x5, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)

14.971430683s ago: executing program 0 (id=1505):
epoll_create(0x7)

14.573944189s ago: executing program 0 (id=1517):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@nojournal_checksum}, {@barrier_val={'barrier', 0x3d, 0x10002}}, {@dioread_lock}, {@data_err_ignore}, {@mb_optimize_scan}, {@dioread_nolock}, {@nobarrier}, {@abort}, {@user_xattr}, {@norecovery}, {@errors_remount}]}, 0x1, 0x570, &(0x7f00000019c0)="$eJzs3c1rHOUfAPDvbF76+vs1hVJURAI9WNFumsSXCh7qUbRY0HtdkjGUbLoluylNLLQ92IsXKYKIBfHgTe8ei/+Af0VBi0VK0IOXyGxm022zm2zTbXbrfj4w4XlmZvM835l5nn1mn1k2gIE1nv0pRDwfEV8mEYciIsm3DUe+cXx9v9X7V2ayJYm1tY/+TOr7ZfnG/2q87kCeeS4ifvk84tXC5nKryyvzpXI5XczzE7WFixPV5ZUT5xdKc+lcemFqevrUG9NTb7/1ZtdifeXs3998ePu9U18cW/36p7uHbyZxOg7m25rjeALXmjPjMZ4fk5E4/ciOk10orJ8kva4AOzKUt/ORyPqAQzGUt3rgv+9qRKwBAyrR/mFANcYBjXv7Lt0HPzPuvbt+A7Q5/uH1z0Zib/3eaP9q8tCdUXa/O9aF8rMyfv791s1sie59DgGwrWvXI+Lk8PDm/i/J+7+dO9nBPo+Wof+D3XM7G/+81mr8U9gY/0SL8c+BFm13J7Zv/4W7XSimrWz8907L8e/GpNXYUJ77X33MN5J8er6cZn3b/yPieIzsyfJbzeecWr2z1m5b8/gvW7LyG2PBvB53h/c8/JrZUq30JDE3u3c94oWW499k4/wnLc5/djzOdljG0fTWS+22bR//07X2fcTLLc//gxmtZOv5yYn69TDRuCo2++vG0V/blb85/tHYzfiz879/6/jHkub52urjl/Hd3n/Sdtseij86v/5Hk4/r6dF83eVSrbY4GTGafLB5/dSD1zbyjf2z+I8f27r/a3X974uITzqM/8aRH1/sKP4eXP9Z/LOPdf4fP3Hn/c++bVd+Z/3f6/XU8XxNJ/1fpxV8kmMHAAAAAAAA/aYQEQcjKRQ30oVCsbj+fMeR2F8oj60//xGzUf+u7FiMFBoz3YeanoeYzJ+HbeSnHslPR8ThiPhqaF89X5yplGd7HTwAAAAAAAAAAAAAAAAAAAD0iQNtvv+f+W2o17UDnjo/+Q2Da9v2341fegL6kvd/GFzaPwwu7R8Gl/YPg6up/e/pZT2A3ef9HwaX9g+DS/sHAAAAAAAAAAAAAAAAAAAAAAAAAACArjp75ky2rK3evzKT5WcvLS/NVy6dmE2r88WFpZniTGXxYnGuUpkrp8WZysJ2/69cqVycnIqlyxO1tFqbqC6vnFuoLF2onTu/UJpLz6UjuxIVAAAAAAAAAAAAAAAAAAAAPFuqyyvzpXI5XZSQ2FFiuD+qsZ7ILummNVd7XZ+tEn/80BfVaJfodc8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/8GwAA//9ITzKe")
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003380)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000006cfa000018120000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000200)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4, 0x0, 0xfffffffffffffffe}, 0x18)
r5 = socket(0x10, 0x80003, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
r6 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r6, &(0x7f0000000140)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e20, @broadcast}}, 0x24)
sendmmsg(r6, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x1, '\n'}], 0x18, 0xe000}, 0x5}], 0x1, 0x0)
getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000b40)=@delchain={0x3c, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r7, {0xffe0, 0xffe0}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_IPV4_DST={0x8, 0xc, @multicast2}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x0)

14.549761269s ago: executing program 33 (id=1517):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@nojournal_checksum}, {@barrier_val={'barrier', 0x3d, 0x10002}}, {@dioread_lock}, {@data_err_ignore}, {@mb_optimize_scan}, {@dioread_nolock}, {@nobarrier}, {@abort}, {@user_xattr}, {@norecovery}, {@errors_remount}]}, 0x1, 0x570, &(0x7f00000019c0)="$eJzs3c1rHOUfAPDvbF76+vs1hVJURAI9WNFumsSXCh7qUbRY0HtdkjGUbLoluylNLLQ92IsXKYKIBfHgTe8ei/+Af0VBi0VK0IOXyGxm022zm2zTbXbrfj4w4XlmZvM835l5nn1mn1k2gIE1nv0pRDwfEV8mEYciIsm3DUe+cXx9v9X7V2ayJYm1tY/+TOr7ZfnG/2q87kCeeS4ifvk84tXC5nKryyvzpXI5XczzE7WFixPV5ZUT5xdKc+lcemFqevrUG9NTb7/1ZtdifeXs3998ePu9U18cW/36p7uHbyZxOg7m25rjeALXmjPjMZ4fk5E4/ciOk10orJ8kva4AOzKUt/ORyPqAQzGUt3rgv+9qRKwBAyrR/mFANcYBjXv7Lt0HPzPuvbt+A7Q5/uH1z0Zib/3eaP9q8tCdUXa/O9aF8rMyfv791s1sie59DgGwrWvXI+Lk8PDm/i/J+7+dO9nBPo+Wof+D3XM7G/+81mr8U9gY/0SL8c+BFm13J7Zv/4W7XSimrWz8907L8e/GpNXYUJ77X33MN5J8er6cZn3b/yPieIzsyfJbzeecWr2z1m5b8/gvW7LyG2PBvB53h/c8/JrZUq30JDE3u3c94oWW499k4/wnLc5/djzOdljG0fTWS+22bR//07X2fcTLLc//gxmtZOv5yYn69TDRuCo2++vG0V/blb85/tHYzfiz879/6/jHkub52urjl/Hd3n/Sdtseij86v/5Hk4/r6dF83eVSrbY4GTGafLB5/dSD1zbyjf2z+I8f27r/a3X974uITzqM/8aRH1/sKP4eXP9Z/LOPdf4fP3Hn/c++bVd+Z/3f6/XU8XxNJ/1fpxV8kmMHAAAAAAAA/aYQEQcjKRQ30oVCsbj+fMeR2F8oj60//xGzUf+u7FiMFBoz3YeanoeYzJ+HbeSnHslPR8ThiPhqaF89X5yplGd7HTwAAAAAAAAAAAAAAAAAAAD0iQNtvv+f+W2o17UDnjo/+Q2Da9v2341fegL6kvd/GFzaPwwu7R8Gl/YPg6up/e/pZT2A3ef9HwaX9g+DS/sHAAAAAAAAAAAAAAAAAAAAAAAAAACArjp75ky2rK3evzKT5WcvLS/NVy6dmE2r88WFpZniTGXxYnGuUpkrp8WZysJ2/69cqVycnIqlyxO1tFqbqC6vnFuoLF2onTu/UJpLz6UjuxIVAAAAAAAAAAAAAAAAAAAAPFuqyyvzpXI5XZSQ2FFiuD+qsZ7ILummNVd7XZ+tEn/80BfVaJfodc8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/8GwAA//9ITzKe")
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003380)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000006cfa000018120000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000200)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4, 0x0, 0xfffffffffffffffe}, 0x18)
r5 = socket(0x10, 0x80003, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
r6 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r6, &(0x7f0000000140)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e20, @broadcast}}, 0x24)
sendmmsg(r6, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x1, '\n'}], 0x18, 0xe000}, 0x5}], 0x1, 0x0)
getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000b40)=@delchain={0x3c, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r7, {0xffe0, 0xffe0}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_IPV4_DST={0x8, 0xc, @multicast2}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x0)

1.868065751s ago: executing program 6 (id=1836):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)={0x114, 0x28, 0x1, 0x4, 0x25dfdbf8, "", [@nested={0x104, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2d}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82", @typed={0x4, 0xe9}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

1.800280212s ago: executing program 6 (id=1838):
r0 = timerfd_create(0x8, 0x80000)
timerfd_settime(r0, 0x3, &(0x7f0000000140), 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = perf_event_open(&(0x7f0000000380)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000009, 0x11, r5, 0x0)
perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x46a4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x200, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, r5, 0x3)
close_range(r4, 0xffffffffffffffff, 0x0)
kcmp(r2, r3, 0x1, r1, r0)
clock_adjtime(0x0, &(0x7f0000000000)={0xffff, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b9ac9ff, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x5a6c103, 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0, 0x80000000, 0xfffffffffffffffd})
timerfd_settime(r0, 0x3, &(0x7f00000001c0)={{}, {0x77359400}}, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x10, 0x103)
kexec_load(0x1, 0x0, 0x0, 0x3e0000)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
r7 = dup(r6)
write$P9_RLERRORu(r7, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
dup(r6)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000000, 0x80010, r7, 0xaffd000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000c00)=@newtfilter={0x24, 0x2c, 0xd29, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, 0x0, {0x3, 0xfff3}, {}, {0xc, 0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)
syz_emit_ethernet(0x56, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaa1a02d47b44e2421200084d0000480000000000059078ac1e0001ac141434440c0503ac14142b00f83ffc890fceffffffffe0000000e9000000830200000000004e2251d972ede0822d341aa76f81", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c00000190780000"], 0x0)
socket$netlink(0x10, 0x3, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
io_setup(0x8, &(0x7f0000004200))
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')

1.642276665s ago: executing program 6 (id=1840):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
keyctl$restrict_keyring(0xa, r1, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='dd:cb2e')
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000001c0), 0x81, r0}, 0x38)
r3 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000740)='fscache_acquire\x00', r4}, 0x18)
pipe2$9p(&(0x7f0000000140), 0x4000)
r5 = socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f00000000c0))
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000001ec0)={{{@in6=@local, @in6=@loopback}}, {{@in6=@private1}, 0x0, @in6=@dev}}, &(0x7f0000001fc0)=0xe8)
r6 = socket$inet(0xa, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x44, 0x6, 0x408, 0x0, 0x2d0, 0x2d0, 0x230, 0x138, 0x370, 0x370, 0x370, 0x370, 0x370, 0x6, 0x0, {[{{@uncond, 0x7a00, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x7f00007f, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@multicast2, @multicast2, 0xff, 0x0, 'veth1_vlan\x00', 'veth1_macvtap\x00', {}, {0xff}, 0x0, 0x1, 0xc1513f04b421a003}, 0x0, 0x98, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@private0={0xfc, 0x0, '\x00', 0x1}, [0xffffffff, 0x0, 0x0, 0x5c6cad92e6a38bac], 0x4e21, 0x4e23, 0x4e21, 0x4e21, 0x56, 0x9, 0xb, 0x3, 0x7ff1}}}, {{@uncond, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00', {}, {}, 0xff}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x4, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x468)
syz_read_part_table(0x5d6, &(0x7f0000000880)="$eJzs0r1rW1cYB+D33lZROgSJEEihSyEmk5oULSlUohSjCi9OCGnJ0H8gGQoJdPBgpCqZU3vqZuOPgvFiOrSToYuxDMYFeTLy6rF0MF00lFtkXbe07sdg7NbmeQade373vHrP5ZzgQkvjpyzLkojIisfZF/mbiGfv/nP1x6uNjybefvDhw0cRSTyNiMl3nn43fJPkK47/9Zt8fj+fTxSrvYXt8cPV8s6t3e7YUhpRGOZXIqI9rG8vl072S+L9038yl8hafbP04uXz5qup+pO95vRBIc9n7y3WWj/erD1OR3dqPf2t5PenyP7ijp2u/9U8n7t2p9DtDapb+bySnLYT/0drv2RDb2bD8/9g+mD+RqffGUzeXincrVzvb7Rmjs79+78rL5zrZgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEttrb5ZevHyeRoR2WujqPHWl43PZu8t1lqf3Kw9Tkfhenqm/ZuvpupP9prTB2O9977+Ibsac9fuFLpXBtWtfF0l+UNZ62x2w3n78/nP3+j0O4PJ2yuf361c72+0ZpKvng3Xvf5fbxQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuDAaP+9HxMNHEUl8GhHjaXl5mGfFiPL+yfX3i6NxoljtLWyPH66Wd27tdseWHuT5ehrRjjeOnr89+p06Li2NhsJoaEdEerbfxr/7NQAA//+laYDO")

1.550746526s ago: executing program 6 (id=1847):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000880)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000020000000000001d0000000b000000000000000000000009021300010000"], 0x0, 0x3e}, 0x20)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
socket$kcm(0x2, 0x1000000000000002, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1e, 0x4, 0x0)
socket(0x1e, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001100)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
socket$netlink(0x10, 0x3, 0x5)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_io_uring_setup(0x10d, &(0x7f0000000200)={0x0, 0x9e74, 0x0, 0x1}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$inet(r9, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r8, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r10, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, r10, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080), 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_LINK_TIMEOUT={0xf, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1})
io_uring_enter(r5, 0x3f70, 0x0, 0x0, 0x0, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000fdffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r11, 0x0, 0x385}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)

1.541589086s ago: executing program 4 (id=1848):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r1, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
listen(r2, 0x4)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1/file4\x00', 0x1c0)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[], 0x48)
r3 = openat(0xffffffffffffff9c, 0x0, 0x121c00, 0x0)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r3, 0x6628)
ioctl$SG_GET_REQUEST_TABLE(r3, 0x2286, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r4, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000040)=0x11)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r4, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0}, 0x3}, {{0x0, 0x0, 0x0}, 0xa1}], 0x2, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000218110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
setregid(0xffffffffffffffff, 0x0)
pipe2(&(0x7f0000000040), 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000080), 0xffffffffffffffff)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r9 = epoll_create(0x8)
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r8, 0x0)

1.475753697s ago: executing program 2 (id=1852):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
epoll_create(0x7)

1.425499878s ago: executing program 2 (id=1853):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000008c0), r0)
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000600)=ANY=[@ANYBLOB='@\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000ffdbdf25150000000c000600010000000100000020002b80080001"], 0x40}, 0x1, 0x0, 0x0, 0x4000010}, 0x4000)

1.397369148s ago: executing program 2 (id=1854):
syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
pause()

654.53915ms ago: executing program 6 (id=1863):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
epoll_create(0x7)

641.86464ms ago: executing program 4 (id=1865):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r1=>r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=@base={0xa, 0x6, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x4}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000540)={r2, 0x0, 0x0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES32=r1], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffd8, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000002000000000000000000000903000000000000000000000d008d0f61"], &(0x7f0000000100)=""/223, 0x3e, 0xdf, 0x1}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0x1c, &(0x7f0000000340)=ANY=[@ANYBLOB="05000000000000009500000000000000b7080000000000007b8af8", @ANYRES32, @ANYBLOB="0000000000002000b70500f7ffffff0085000000a5000000b7080000000000007b8af8ff00000000b7080000050000007b8af0ff00000000bfa100000000000007010000f8"], 0x0, 0x401, 0x93, &(0x7f0000000480)=""/147, 0x41000, 0x0, '\x00', 0x0, @fallback, r6, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4, 0x0, &(0x7f0000000980)=[{0x1, 0x1}, {0x5, 0x0, 0xf, 0x1}, {0x5, 0x2, 0xe, 0x9}, {0x0, 0x3, 0x0, 0x7}], 0x10, 0x7}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000005000000090000008b00000044"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r7}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000680), &(0x7f0000000540), 0x6c, r7}, 0x38)

543.948732ms ago: executing program 6 (id=1866):
prctl$PR_SET_NAME(0xf, &(0x7f0000000200)='gtp\x00\xe4\xaa\xae\xdf~2\xa6X\x14\x92\xdarV\xf4U\xf7\xa2\xc3l\x1b@\xaf\xf9\xc9\xa9#\xf0S\xd9=q\xd6\x14\xedt\xc8!W\xe9@\xeb\x7f~\tB0EE\x9a:\xb7\xff\xc1\xfc\x9a\x1f\xf2\xfb\x19\xda#x\xc5F\x1c~\x8c\xe1\xdf\xdc\x01k\f\xde0~\x95\r\xa2\x80\b4M\x14\xe7\xd0\t`n!g\x14\xe6\xd1\xc2\xd3\x88\xf8cVtd\xbeY\xa5\xe7\x16sD\x96}7\n\x88e\x00\xf0\xff\xff\xf0\xcb\x94\xb4S\x00\x00')
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10)
socket$packet(0x11, 0x3, 0x300)
r3 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r3, &(0x7f0000000180)="0b036812e0ff64000200475400f6", 0xe, 0x0, &(0x7f0000000140)={0x11, 0x86dd, 0x0, 0x1, 0x0, 0x6, @random="86fcaaa67bbe"}, 0x14)

534.195582ms ago: executing program 2 (id=1868):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x15, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x44}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ff7fffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='sys_enter\x00', r1}, 0x10)
r2 = signalfd4(0xffffffffffffffff, &(0x7f00000000c0), 0x8, 0x0)
faccessat2(r2, &(0x7f0000001400)='\x00', 0x0, 0x1100)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$inet6(0x10, 0x2, 0x6)
sendto$inet6(r3, &(0x7f00000002c0)="100000001200050f0c1000000049b23e", 0x10, 0x0, 0x0, 0x0)

433.643254ms ago: executing program 2 (id=1870):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f00000003c0)='kmem_cache_free\x00'}, 0x10)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x121a02, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000000c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "000080", 0x14, 0x6, 0x64dd3302af046af5, @private1, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x10, 0x0, 0x0, 0x300}}}}}}}, 0x0)

433.192854ms ago: executing program 3 (id=1871):
bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x0, 0xa, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x61980, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f00000005c0)={0xffffffffffffffff, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

413.832254ms ago: executing program 2 (id=1872):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800001f1a0068099b3c0000000000001860000000000000824d086bb227733218120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x1d, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffce5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000014c0)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x18)
ioperm(0x0, 0x40, 0x80)
syz_read_part_table(0x5c8, &(0x7f0000000600)="$eJzs2z1oE2gYB/Anaq6Hwrk4ORzWwclFcTSDlSQqCiHaRRwUFBEzRRAiBAQdbIaWZigdu5RCln5MTcPR4WhpoXMpHXoUOnQ62qXQpTl6fY+7sXdtD4TfD17er3/y5BkyvsF37Vz83u12MxHR7fn3n+5v5QsPr5XulZ9FZOJFRPT++tP04U0mJf761utpv5H242MXOwO7D7Kt9ad7N14uNM6l+89pXJpo95+4Oc7cZG7x8pev1eJgLfdurVjf+ra68mRqJ19uP240px9l779OuaU0X0jzh6jFp3gfr6ISlXgT1VOqP9ravHVwtdiafXt3v9AZmr+dcqUT9nnc+h97h5836303Z66M3KnNLZe3zx/lKv/h3wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP9vMrd4+cvXanGwlnu3VqxvfVtdeTK1ky+3Hzea04+y91/HLz2HuaWUv5DmD1GLT/E+XkUlKvEmqqdUf7S1eevgarE1+/bufqEzNH875Uonb/VY9T/2Dj9v1vtuzlwZuVObWy5vnz/KVXrO6AcAAAAAAAAAAAAAAAAAAABAROQLD6+V7pWfRWTiRUS0f+7786l/N713z6Tc9bTYSOfjYxc7A7sPsq31p3s3Xi40fkvnn9O4NNHu/2edH/5e/nj2XXFcfwQAAP//HQGWmQ==")
syz_mount_image$ext4(0x0, &(0x7f00000001c0)='./file0\x00', 0x1809049, 0x0, 0xff, 0x0, 0x0)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000040)=@v3, 0x18, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], &(0x7f00000002c0)=""/203, 0xfffffffffffffe5f)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000400)={@map=0x1, 0x26, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="a183000000000000000005"], 0x78}}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)

389.507994ms ago: executing program 3 (id=1873):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000440)='sys_exit\x00', 0xffffffffffffffff, 0x0, 0xd418}, 0x18)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x1b, &(0x7f0000000400)=0x1, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0, 0x50, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x26, 0x8, 0x1b, 0x0}}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
socket(0x1e, 0x803, 0x0)
r2 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r2, &(0x7f0000000380)={0xc, 0x8, 0xfa00, {0x0}}, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000540)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000001c0)={<r3=>0xffffffffffffffff}, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000600)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0x3, @loopback, 0x1}, {0xa, 0x0, 0x5, @mcast2}, r3}}, 0x48)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x3, 0xc}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000240)={0xfeff, 0xfffc, 0x4000, 0x800c, 0x17})
ioctl$TIOCL_PASTESEL(r4, 0x541c, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0xe, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX=r4, @ANYRES8=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYRES64], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x3, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000600)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
faccessat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x2)
syz_mount_image$ext4(&(0x7f0000000140)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0xa14401, &(0x7f0000000100), 0x8, 0x48d, &(0x7f0000000a80)="$eJzs3M1vVFUbAPDnTqfl+21fxA8QBUUj0djSgsrCBRhNWGhi1AUua1sIUiih1QghWl3g0pAYt8aFCxP/Ale6McrKxK3uDQkxbEDdXHNn7i23Q2ectlPGOr9fMsw592POebjnzJxzT2cC6Fl7s3+SiK0R8UtEDNaziw/YW3+6dePSxB83Lk0kkaav/57Ujrt549JEcWhx3pYiM794e9nshYunx6enp87n+ZG5M+dGZi9cfPrUmfGTUyenzo4dPnzo4Ohzz44905E4szrd3PX+zO6dx9688srE8Stv/fh1UsS/KI53O1Je6aXL+orE450q5V9iWymdVOvPr3WrMrQta5DZ5eqv9f/B6Ivqwr7BeOmjrlYOWFNpmqYbmu+eT4H/sCS6XQOgO/LP+SRifiKbA5fn873g+tH6BCiL+1b+qO+pRiU/pr9hfttJ2Wzr+Pyfn2ePaLifAgCwFr49Wn8uxn63xx+Vavm4I/na0FBE/D8itkfEPRGxIyLujYj7IuL+iHhg4Yz+tspfvEiSjbgaxz+VaysMrS3Z+O/5fG1r8fivGP3FUF+e21aLvz85cWp66kBE/C8i9kf/hiw/2qKM7178+ZNm+/aWxn/ZIyu/GAvm9bhWbbhBNzk+N76amMuufxixq7pU/MnCSkASETsjYteelZVx6smvdjfb98/xt1BdWX3K0i8inqhf//loiL+QtF6fHNkY01MHRopWcaerP11+tVn5q4q/A7Lrv3nJ9r8Q/1BSXq+dXX4Zl3/9uOmcps32P1A+J2v/A8kbtXSx473xubnzoxEDycv59iP59sXl1Y4bu318Fv/+fUv3/+1x+3/iwYjIGvFDEfFwROzJ6/5IRDwaEftaxP/DC4+9vYz4j50rlbvWsvgnl3X9myaKte07dvWd/v6b0qWqf4g0iz+JJa7/oVpqf76lnfe/ljU9v5rWDAAAAOtPJSK2RlIZXkhXKsPD9b+X3xGbK9Mzs3NPnZh55+xk/TsCQ9FfKe50DS7cD4350XxaX9wfHWvIH8zvG3+6YVMtPzwxMz3Z7eChx21p0v8zv/V1u3bAmuvAOhqwTq20/6dp+kGHqwLcZT7/oXfp/9C7luj/mxryLX4jAFjPsv6/sWGbiT30BuN/6F36P/Qu/R96l/4PPSn/Jny1lrgaEe19bb6ziez9564XuopEmnap9IGOvWCarPZ1otK1SxDdbgDLTPyV/9hmtuWzu1r6lys/vdvvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//KxjgDg==")
close(r7)
openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
shutdown(r6, 0x0)

366.383084ms ago: executing program 4 (id=1874):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=@base={0xa, 0x6, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
add_key(&(0x7f00000001c0)='logon\x00', &(0x7f00000002c0)={'syz', 0x0}, &(0x7f0000000340)='J', 0x1, 0xffffffffffffffff)

351.703165ms ago: executing program 4 (id=1875):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000eb99710c0000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000060a0b0400000000000000000200fffe540004802800018007000100637400001c0002800800014000000002080002400000000a05000300010000002800018007000100637400001c0002800800024000000011080004400000000c05000300010000000900010073797a30000000000900020073797a32"], 0xa8}, 0x1, 0x0, 0x0, 0x840}, 0x0)

323.937065ms ago: executing program 4 (id=1876):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x23, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1, 0x2}, 0x10)
bind$tipc(r1, 0x0, 0x0)
close(r1)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='sched_switch\x00', r3, 0x0, 0xffffffffffffffff}, 0x18)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0)={0x0, r3}, 0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x3, 0x8, &(0x7f0000000440)=ANY=[@ANYRES32=r4], &(0x7f00000004c0)='GPL\x00', 0x200, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r4}, &(0x7f0000000540), &(0x7f0000000580)=r5}, 0x20)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r7, &(0x7f0000000040)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @local}}, 0x80, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec"], 0x10b8}, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000500)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000c40)=0x14)
sendmmsg$inet(r2, &(0x7f0000001140)=[{{&(0x7f00000001c0)={0x2, 0x4e21, @private=0xa010101}, 0x10, &(0x7f0000000a00)=[{&(0x7f0000000280)="0ff50f1426f90f0aa730cddee4141f764063970d49a05af468dac37e9d37d8669821cecaa1", 0x25}, {&(0x7f0000000780)="2d1cbe29e6a2c7c4a8ae037f4a2ab670952e9e2f35ac78ea605aa8f6951ede54f328ef84ad5c7bb21403481dbe1c8ab1d353b41cea7dcde6367a82cf7f22821a6e2ef39b78fa72ce8f61bcdec5fc34e9f8cca95fcdbf82", 0x57}, {&(0x7f0000000800)="677a19a9ce095a935bbda95c10b8ff66b95cecd44f0c5d6a9213ecb7e99f87240d4fb7b3a206587fc9eb87661bec0aa99b886169afbf1335e0113ae99921b9bade6888942be976b4dcf2ffd160759c6a88d97a02f7f07bb30de89e939ba8a85eae7a85a40bc0ae94f8f67b4d0f6893727408ea203f4547edf40abaffea11e65fd155b555", 0x84}, {&(0x7f00000008c0)="92270656347d800599b23daf28bdd433b66d02734966f0a94ad8d43aa3ef6cb53830c2841a02581e6907450691a3bc53c86d33498932a366a516d09d3023e44c40e2ed650fea79b350a61169e2d973692f0451e218d962174befc98d7982cfae499bce93fb1ac4ba", 0x68}, {&(0x7f0000000940)="dcccf8879908c7867fea47715dc4e5e7e987fee87b7e77d26e772f4d15983a526be26e0c6aa05cc9c52b578cc14be6f3585bd2efe76ed8c390c460a115731193742b7054810e574041eb", 0x4a}], 0x5, &(0x7f0000000c80)=[@ip_retopts={{0xcc, 0x0, 0x7, {[@generic={0x94, 0x3, "e3"}, @timestamp_addr={0x44, 0x2c, 0x7f, 0x1, 0x1, [{@multicast1, 0x2}, {@rand_addr=0x64010100, 0x549}, {@dev={0xac, 0x14, 0x14, 0x2a}, 0x3}, {@remote, 0x5}, {@multicast1, 0x5}]}, @lsrr={0x83, 0xb, 0x98, [@loopback, @empty]}, @cipso={0x86, 0x2a, 0x3, [{0x0, 0xf, "a61759233c0eeb89a780790883"}, {0x0, 0x2}, {0x5, 0xf, "0b33fffad8708a99cd2d2468c6"}, {0x2, 0x4, "76fe"}]}, @noop, @noop, @timestamp_addr={0x44, 0x34, 0xb, 0x1, 0x4, [{@local, 0xcb17}, {@loopback, 0x6}, {@rand_addr=0x64010101, 0xeb1}, {@rand_addr=0x64010100, 0x100}, {@loopback, 0x5}, {@rand_addr=0x64010101, 0x80}]}, @ssrr={0x89, 0x13, 0xb1, [@dev={0xac, 0x14, 0x14, 0x1a}, @loopback, @loopback, @dev={0xac, 0x14, 0x14, 0x3a}]}, @timestamp={0x44, 0xc, 0xab, 0x0, 0x4, [0x3, 0xfffffffc]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @loopback, @dev={0xac, 0x14, 0x14, 0x32}}}}, @ip_ttl={{0x14, 0x0, 0x2, 0xbdd9}}, @ip_ttl={{0x14, 0x0, 0x2, 0xb6}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x6}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x3}}], 0x170}}, {{&(0x7f0000000e00)={0x2, 0x4e23, @rand_addr=0x64010100}, 0x10, &(0x7f0000001040)=[{&(0x7f0000000e40)}, {&(0x7f0000000e80)="fa28995b7f568d3c7ed1a5906a0330e4364606638c621af7c41abba6e6fc87da624a0f8e04b41893da25c91a1594d0d79b82159902610d45fd73897d59b39bc9036a869a6aa4858048fd952af6f0d85912a1bcc10572112055ddfdeb7d0826a3949732afa0386102697a509f2cf7bfb366f644f9c033c2922f7f5b7e087daa31452b74f0433d25170cbdd85042012acbfb2a2460956046fcee6c180798cb4a2ec1e1d0ea9d648336eb1edc389b78df1e87f69f117ae24e012e44a1ebc1a6214967", 0xc1}, {&(0x7f0000001ac0)}, {&(0x7f0000000f80)="098f18a20714c1e8fae272223bbb3ba768df4af54fc05a0aa5d6ab7433bf2a481f7548b66d76f584945a5740fd20ee69fc644ca1ce828bc161c79ce0010c425f03cb44bb8d2acbbd2d0626cf07da8e9fc772f72d875e2f8122a92e07fd46f158beaf52eb90dd2d5c7203e23767a5ad28e0", 0x71}, {&(0x7f0000001000)="cd394e56bbcdd00a2e7d154ae0d2c53a84e104b21f2cefcaf9244a4aa53e2b27ac505b5b53c009a72483d0", 0x2b}], 0x5, &(0x7f00000010c0)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x1}}, @ip_retopts={{0x4c, 0x0, 0x7, {[@timestamp={0x44, 0xc, 0xb1, 0x0, 0x2, [0x9, 0x2]}, @ssrr={0x89, 0x1b, 0x4c, [@dev={0xac, 0x14, 0x14, 0x1a}, @multicast1, @rand_addr=0x64010102, @multicast2, @private=0xa010100, @rand_addr=0x64010102]}, @rr={0x7, 0xb, 0x62, [@local, @rand_addr=0x64010100]}, @ssrr={0x89, 0x7, 0x49, [@remote]}]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x8197}}], 0x80}}], 0x2, 0x44000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
shutdown(r1, 0x0)
fchdir(r6)
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='mm_page_pcpu_drain\x00', 0xffffffffffffffff, 0x0, 0xb82}, 0x18)
socket$netlink(0x10, 0x3, 0x2)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r9, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x38, 0x1403, 0x1, 0x70bd2d, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth0_to_bridge\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8081}, 0x20000010)

280.565596ms ago: executing program 4 (id=1877):
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x17, 0x0, 0x0, 0x0}, 0x94)
socket$inet6(0xa, 0x3, 0x8000000003c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000140)="6d527cd53870164a3a0d4b64fb0d7bebad2dce076e7768215970e33adf15173c9e665cff10727f6273ef2aace367c13b8e834788d7da2d60077ebc24a796b221a2f39fd294dc01861206b499138d02ebf3cfc3b11f0e18858568476bac483df9c4d0a61da2d2f9b7c4cb601c0141f209fc9e06d9457920a9a749a23ccd52eb91db50189627774719cf91bd6e63a2b8a3b657c0e438ffc3e275b03ef0f384a0c1f20143b7b87f2e34729b000000805e0ad338423d4200f349c545516c46bb9f104a3816b12950faa20fab5827bc62a8d4cc12c4c8954308a933d63aa66cdb3646a37626de7361b5338c197dd3e6844dafcb4338dce0b79ee41da150eca12fbd36b4873ce8", 0x104)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x9323, 0xfffffffffffffffe, 0x0, 0x2}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x7dc48146, 0x7fffffff, 0x5539e0cf}, 0x0, 0x0)
fcntl$setpipe(r0, 0x407, 0x7000000)

151.454508ms ago: executing program 5 (id=1878):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
epoll_create(0x7)

150.816018ms ago: executing program 5 (id=1879):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x387, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x1a103e43)
socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup(r2)
getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14)
syz_emit_ethernet(0x4a, &(0x7f00000007c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd600000000014060100000000000000000000000000000000fe8000000000000000000000000000b1fdee600bf59dfd632e72aa4e244e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5010000490780000"], 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000080)='kmem_cache_free\x00', r4, 0x0, 0x800}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000008c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9feb}]})
r5 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$tipc(r5, &(0x7f0000000540)={&(0x7f00000001c0)=@name={0x1e, 0x2, 0x0, {{0x42}, 0x2}}, 0x10, 0x0}, 0x10)

108.905579ms ago: executing program 5 (id=1880):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
syz_read_part_table(0x5d6, &(0x7f0000000880)="$eJzs0r1rW1cYB+D33lZROgSJEEihSyEmk5oULSlUohSjCi9OCGnJ0H8gGQoJdPBgpCqZU3vqZuOPgvFiOrSToYuxDMYFeTLy6rF0MF00lFtkXbe07sdg7NbmeQade373vHrP5ZzgQkvjpyzLkojIisfZF/mbiGfv/nP1x6uNjybefvDhw0cRSTyNiMl3nn43fJPkK47/9Zt8fj+fTxSrvYXt8cPV8s6t3e7YUhpRGOZXIqI9rG8vl072S+L9038yl8hafbP04uXz5qup+pO95vRBIc9n7y3WWj/erD1OR3dqPf2t5PenyP7ijp2u/9U8n7t2p9DtDapb+bySnLYT/0drv2RDb2bD8/9g+mD+RqffGUzeXincrVzvb7Rmjs79+78rL5zrZgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEttrb5ZevHyeRoR2WujqPHWl43PZu8t1lqf3Kw9Tkfhenqm/ZuvpupP9prTB2O9977+Ibsac9fuFLpXBtWtfF0l+UNZ62x2w3n78/nP3+j0O4PJ2yuf361c72+0ZpKvng3Xvf5fbxQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuDAaP+9HxMNHEUl8GhHjaXl5mGfFiPL+yfX3i6NxoljtLWyPH66Wd27tdseWHuT5ehrRjjeOnr89+p06Li2NhsJoaEdEerbfxr/7NQAA//+laYDO")

99.006769ms ago: executing program 3 (id=1881):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffff02, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r0}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

76.373499ms ago: executing program 3 (id=1882):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, 0x0, 0x0)

44.12619ms ago: executing program 3 (id=1883):
bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x0, 0xa, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x61980, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f00000005c0)={0xffffffffffffffff, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

43.13143ms ago: executing program 5 (id=1884):
r0 = socket$inet(0xa, 0x801, 0x84)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
io_getevents(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
fcntl$lock(r0, 0x25, &(0x7f0000000200)={0x1, 0x0, 0x0, 0x100000001, r1})

37.74996ms ago: executing program 3 (id=1885):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r1=>r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=@base={0xa, 0x6, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x4}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000540)={r2, 0x0, 0x0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES32=r1], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffd8, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000002000000000000000000000903000000000000000000000d008d0f61"], &(0x7f0000000100)=""/223, 0x3e, 0xdf, 0x1}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0x1c, &(0x7f0000000340)=ANY=[@ANYBLOB="05000000000000009500000000000000b7080000000000007b8af8", @ANYRES32, @ANYBLOB="0000000000002000b70500f7ffffff0085000000a5000000b7080000000000007b8af8ff00000000b7080000050000007b8af0ff00000000bfa100000000000007010000f8"], 0x0, 0x401, 0x93, &(0x7f0000000480)=""/147, 0x41000, 0x0, '\x00', 0x0, @fallback, r6, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4, 0x0, &(0x7f0000000980)=[{0x1, 0x1}, {0x5, 0x0, 0xf, 0x1}, {0x5, 0x2, 0xe, 0x9}, {0x0, 0x3, 0x0, 0x7}], 0x10, 0x7}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000005000000090000008b00000044"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r7}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000680), &(0x7f0000000540), 0x6c, r7}, 0x38)

785.43µs ago: executing program 5 (id=1886):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000eb99710c0000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000060a0b0400000000000000000200fffe540004802800018007000100637400001c0002800800014000000002080002400000000a05000300010000002800018007000100637400001c0002800800024000000011080004400000000c05000300010000000900010073797a30000000000900020073797a32"], 0xa8}, 0x1, 0x0, 0x0, 0x840}, 0x0)

0s ago: executing program 5 (id=1887):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x18)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) (async)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
write$cgroup_int(r0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000012000100000000efffffff00fe80000000540000000000000000002bfff4fffd0000000014000d00200100000400000000000000000000000c000300ff"], 0x48}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x190, 0x5230}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_SELECT={0x5, 0x16, 0x1}]}}}]}, 0x3c}}, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x190, 0x5230}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_SELECT={0x5, 0x16, 0x1}]}}}]}, 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00000018"], 0x50}}, 0x0) (async)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00000018"], 0x50}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000500)='sched_switch\x00', r2}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x7f}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
socket$inet6_sctp(0xa, 0x801, 0x84) (async)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x3}, 0x8)
sendto$inet6(r5, &(0x7f0000000000)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x6}, 0x3}, 0x1c) (async)
sendto$inet6(r5, &(0x7f0000000000)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x6}, 0x3}, 0x1c)
shutdown(r5, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r7=>0xffffffffffffffff})
r8 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0xe1002)
ioctl$SCSI_IOCTL_SEND_COMMAND(r8, 0x1, &(0x7f0000000040)=ANY=[@ANYRES64=r7])
syz_clone(0x400a1400, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0x400a1400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
socket$nl_rdma(0x10, 0x3, 0x14) (async)
socket$nl_rdma(0x10, 0x3, 0x14)

kernel console output (not intermixed with test programs):


[   85.361371][ T6424] loop0: detected capacity change from 0 to 1024
[   85.371669][ T6424] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (52289!=20869)
[   85.374424][ T6440] loop2: detected capacity change from 0 to 256
[   85.384698][ T6424] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   85.403231][ T6424] EXT4-fs (loop0): invalid journal inode
[   85.451516][ T6445] FAULT_INJECTION: forcing a failure.
[   85.451516][ T6445] name failslab, interval 1, probability 0, space 0, times 0
[   85.464211][ T6445] CPU: 0 UID: 0 PID: 6445 Comm: syz.2.1080 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(voluntary) 
[   85.464289][ T6445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   85.464299][ T6445] Call Trace:
[   85.464304][ T6445]  <TASK>
[   85.464310][ T6445]  __dump_stack+0x1d/0x30
[   85.464330][ T6445]  dump_stack_lvl+0xe8/0x140
[   85.464350][ T6445]  dump_stack+0x15/0x1b
[   85.464364][ T6445]  should_fail_ex+0x265/0x280
[   85.464442][ T6445]  should_failslab+0x8c/0xb0
[   85.464466][ T6445]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   85.464495][ T6445]  ? __d_alloc+0x3d/0x350
[   85.464607][ T6445]  __d_alloc+0x3d/0x350
[   85.464625][ T6445]  ? __pfx_proc_self_get_link+0x10/0x10
[   85.464731][ T6445]  d_alloc_parallel+0x53/0xc40
[   85.464760][ T6445]  ? __rcu_read_unlock+0x34/0x70
[   85.464793][ T6445]  ? lockref_get_not_dead+0x120/0x1c0
[   85.464908][ T6445]  ? __rcu_read_unlock+0x4f/0x70
[   85.464927][ T6445]  __lookup_slow+0x8c/0x250
[   85.464953][ T6445]  lookup_slow+0x3c/0x60
[   85.464981][ T6445]  link_path_walk+0x753/0x900
[   85.465062][ T6445]  path_openat+0x1de/0x2170
[   85.465093][ T6445]  ? _parse_integer_limit+0x170/0x190
[   85.465149][ T6445]  do_filp_open+0x109/0x230
[   85.465175][ T6445]  ? __pfx_kfree_link+0x10/0x10
[   85.465209][ T6445]  do_sys_openat2+0xa6/0x110
[   85.465367][ T6445]  __x64_sys_openat+0xf2/0x120
[   85.465454][ T6445]  x64_sys_call+0x1af/0x2fb0
[   85.465472][ T6445]  do_syscall_64+0xd2/0x200
[   85.465515][ T6445]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   85.465544][ T6445]  ? clear_bhb_loop+0x40/0x90
[   85.465567][ T6445]  ? clear_bhb_loop+0x40/0x90
[   85.465631][ T6445]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.465655][ T6445] RIP: 0033:0x7f8db00bd290
[   85.465671][ T6445] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[   85.465689][ T6445] RSP: 002b:00007f8dae726f60 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[   85.465704][ T6445] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f8db00bd290
[   85.465723][ T6445] RDX: 0000000000000000 RSI: 00007f8db0140c51 RDI: 00000000ffffff9c
[   85.465736][ T6445] RBP: 00007f8db0140c51 R08: 0000000000000000 R09: 0000000000000000
[   85.465749][ T6445] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   85.465762][ T6445] R13: 0000000000000000 R14: 00007f8db02e5fa0 R15: 00007fffc16f2988
[   85.465782][ T6445]  </TASK>
[   85.728734][ T6443] validate_nla: 4 callbacks suppressed
[   85.728751][ T6443] netlink: 'syz.3.1079': attribute type 1 has an invalid length.
[   85.742026][ T6443] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1079'.
[   85.760816][ T6450] loop5: detected capacity change from 0 to 1024
[   85.793429][ T6450] FAULT_INJECTION: forcing a failure.
[   85.793429][ T6450] name failslab, interval 1, probability 0, space 0, times 0
[   85.806159][ T6450] CPU: 1 UID: 0 PID: 6450 Comm: syz.5.1082 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(voluntary) 
[   85.806189][ T6450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   85.806203][ T6450] Call Trace:
[   85.806209][ T6450]  <TASK>
[   85.806217][ T6450]  __dump_stack+0x1d/0x30
[   85.806239][ T6450]  dump_stack_lvl+0xe8/0x140
[   85.806260][ T6450]  dump_stack+0x15/0x1b
[   85.806321][ T6450]  should_fail_ex+0x265/0x280
[   85.806354][ T6450]  should_failslab+0x8c/0xb0
[   85.806379][ T6450]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   85.806409][ T6450]  ? ext4_alloc_inode+0x38/0x310
[   85.806473][ T6450]  ? __pfx_ext4_alloc_inode+0x10/0x10
[   85.806500][ T6450]  ext4_alloc_inode+0x38/0x310
[   85.806527][ T6450]  ? __pfx_ext4_alloc_inode+0x10/0x10
[   85.806591][ T6450]  alloc_inode+0x40/0x170
[   85.806617][ T6450]  iget_locked+0xf4/0x5c0
[   85.806639][ T6450]  __ext4_iget+0x152/0x21c0
[   85.806667][ T6450]  ? d_alloc_parallel+0xb9a/0xc40
[   85.806778][ T6450]  ext4_lookup+0x161/0x390
[   85.806809][ T6450]  __lookup_slow+0x190/0x250
[   85.806961][ T6450]  lookup_slow+0x3c/0x60
[   85.807051][ T6450]  walk_component+0x1ec/0x220
[   85.807072][ T6450]  path_lookupat+0xfe/0x2a0
[   85.807098][ T6450]  filename_lookup+0x147/0x340
[   85.807141][ T6450]  filename_setxattr+0x56/0x400
[   85.807161][ T6450]  path_setxattrat+0x2c9/0x310
[   85.807195][ T6450]  __x64_sys_setxattr+0x6e/0x90
[   85.807276][ T6450]  x64_sys_call+0x28a7/0x2fb0
[   85.807296][ T6450]  do_syscall_64+0xd2/0x200
[   85.807311][ T6450]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   85.807333][ T6450]  ? clear_bhb_loop+0x40/0x90
[   85.807354][ T6450]  ? clear_bhb_loop+0x40/0x90
[   85.807378][ T6450]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.807401][ T6450] RIP: 0033:0x7faa631be929
[   85.807415][ T6450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.807430][ T6450] RSP: 002b:00007faa61827038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[   85.807445][ T6450] RAX: ffffffffffffffda RBX: 00007faa633e5fa0 RCX: 00007faa631be929
[   85.807455][ T6450] RDX: 0000200000000300 RSI: 0000200000000100 RDI: 00002000000000c0
[   85.807465][ T6450] RBP: 00007faa61827090 R08: 0000000000000000 R09: 0000000000000000
[   85.807531][ T6450] R10: 0000000000000381 R11: 0000000000000246 R12: 0000000000000002
[   85.807543][ T6450] R13: 0000000000000000 R14: 00007faa633e5fa0 R15: 00007fffbe582c98
[   85.807564][ T6450]  </TASK>
[   86.110612][ T6467] siw: device registration error -23
[   86.134497][ T6469] loop5: detected capacity change from 0 to 2048
[   86.159165][ T6473] loop3: detected capacity change from 0 to 512
[   86.169867][ T6472] loop0: detected capacity change from 0 to 512
[   86.177720][ T6473] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[   86.186391][ T6472] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[   86.196039][ T6472] EXT4-fs (loop0): orphan cleanup on readonly fs
[   86.211264][ T6476] loop2: detected capacity change from 0 to 2048
[   86.227843][ T6472] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[   86.244696][ T6473] EXT4-fs (loop3): orphan cleanup on readonly fs
[   86.254500][ T6472] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #11: comm syz.0.1087: corrupted inode contents
[   86.278892][ T6473] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[   86.295975][ T6469] Alternate GPT is invalid, using primary GPT.
[   86.302324][ T6469]  loop5: p1 p2 p3
[   86.306631][ T6476] Alternate GPT is invalid, using primary GPT.
[   86.312924][ T6476]  loop2: p1 p2 p3
[   86.313776][ T6472] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #11: comm syz.0.1087: mark_inode_dirty error
[   86.418444][ T6472] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.1087: invalid indirect mapped block 327680 (level 0)
[   86.440636][ T6474] netlink: 'syz.4.1090': attribute type 1 has an invalid length.
[   86.498740][ T6472] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #11: comm syz.0.1087: corrupted inode contents
[   86.512148][ T6472] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[   86.530347][ T6472] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #11: comm syz.0.1087: corrupted inode contents
[   86.543224][ T6473] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.1086: corrupted inode contents
[   86.558570][ T6473] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #11: comm syz.3.1086: mark_inode_dirty error
[   86.593263][ T6472] EXT4-fs error (device loop0): ext4_truncate:4597: inode #11: comm syz.0.1087: mark_inode_dirty error
[   86.621458][ T6473] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1086: invalid indirect mapped block 327680 (level 0)
[   86.635201][   T29] kauditd_printk_skb: 795 callbacks suppressed
[   86.635212][   T29] audit: type=1326 audit(1751788440.029:41601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.4.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f800926e929 code=0x7ffc0000
[   86.665017][   T29] audit: type=1326 audit(1751788440.029:41602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.4.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f800926e929 code=0x7ffc0000
[   86.668907][ T6472] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[   86.688534][   T29] audit: type=1326 audit(1751788440.029:41603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.4.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f800926e929 code=0x7ffc0000
[   86.688565][   T29] audit: type=1326 audit(1751788440.029:41604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.4.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f800926e929 code=0x7ffc0000
[   86.707759][ T6472] EXT4-fs (loop0): 1 truncate cleaned up
[   86.720899][   T29] audit: type=1326 audit(1751788440.029:41605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.4.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f800926e929 code=0x7ffc0000
[   86.720999][   T29] audit: type=1326 audit(1751788440.029:41606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.4.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7f800926e929 code=0x7ffc0000
[   86.721021][   T29] audit: type=1326 audit(1751788440.029:41607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.4.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f800926e929 code=0x7ffc0000
[   86.721043][   T29] audit: type=1326 audit(1751788440.029:41608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.4.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f800926e929 code=0x7ffc0000
[   86.757363][ T6473] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.1086: corrupted inode contents
[   86.773676][   T29] audit: type=1326 audit(1751788440.029:41609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.4.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f800926e929 code=0x7ffc0000
[   86.879617][   T29] audit: type=1326 audit(1751788440.039:41610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6479 comm="syz.4.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f800926e929 code=0x7ffc0000
[   86.951664][ T6473] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[   86.970492][ T6473] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.1086: corrupted inode contents
[   87.040639][ T6473] EXT4-fs error (device loop3): ext4_truncate:4597: inode #11: comm syz.3.1086: mark_inode_dirty error
[   87.062076][ T6473] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[   87.082636][ T6484] loop2: detected capacity change from 0 to 1024
[   87.100185][ T6473] EXT4-fs (loop3): 1 truncate cleaned up
[   87.155483][ T6496] 9pnet_fd: Insufficient options for proto=fd
[   87.324692][ T6506] netlink: 'syz.0.1098': attribute type 1 has an invalid length.
[   87.397592][ T6510] netlink: '+}[@': attribute type 1 has an invalid length.
[   87.426073][ T6510] netlink: '+}[@': attribute type 1 has an invalid length.
[   87.590322][ T6517] loop0: detected capacity change from 0 to 1024
[   87.626415][ T6517] __nla_validate_parse: 8 callbacks suppressed
[   87.626432][ T6517] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1102'.
[   87.662126][ T6522] loop5: detected capacity change from 0 to 2048
[   87.712375][ T6534] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1108'.
[   87.797198][ T6522] Alternate GPT is invalid, using primary GPT.
[   87.803657][ T6522]  loop5: p1 p2 p3
[   87.820689][ T6522] netlink: 100 bytes leftover after parsing attributes in process `syz.5.1104'.
[   87.845324][ T6539] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1111'.
[   88.006397][ T6546] loop2: detected capacity change from 0 to 512
[   88.014441][ T6546] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[   88.033331][ T6548] netlink: 'syz.3.1113': attribute type 1 has an invalid length.
[   88.041251][ T6548] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1113'.
[   88.051841][ T6546] EXT4-fs (loop2): orphan cleanup on readonly fs
[   88.059979][ T6546] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[   88.117160][ T6546] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #11: comm syz.2.1112: corrupted inode contents
[   88.249850][ T6546] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #11: comm syz.2.1112: mark_inode_dirty error
[   88.272487][ T6546] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1112: invalid indirect mapped block 327680 (level 0)
[   88.309531][ T6546] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #11: comm syz.2.1112: corrupted inode contents
[   88.336973][ T6546] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[   88.356095][ T6546] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #11: comm syz.2.1112: corrupted inode contents
[   88.382859][ T6546] EXT4-fs error (device loop2): ext4_truncate:4597: inode #11: comm syz.2.1112: mark_inode_dirty error
[   88.407277][ T6546] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[   88.426575][ T6546] EXT4-fs (loop2): 1 truncate cleaned up
[   88.753062][ T6535] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1106'.
[   88.773961][ T6529] loop4: detected capacity change from 0 to 512
[   88.783623][ T6529] EXT4-fs: Ignoring removed i_version option
[   88.794968][ T6529] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[   88.815432][ T6529] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e02c, mo2=0002]
[   88.827538][ T6529] System zones: 1-12
[   88.846123][ T6529] EXT4-fs (loop4): orphan cleanup on readonly fs
[   88.854427][ T6529] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1106: invalid indirect mapped block 12 (level 1)
[   88.922092][ T6529] EXT4-fs (loop4): Remounting filesystem read-only
[   88.949109][ T6529] EXT4-fs (loop4): 1 truncate cleaned up
[   89.048235][ T6584] xt_CT: You must specify a L4 protocol and not use inversions on it
[   89.330092][ T6590] loop3: detected capacity change from 0 to 4096
[   89.863189][ T6592] loop0: detected capacity change from 0 to 4096
[   89.918572][ T6592] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #12: block 80: comm syz.0.1124: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   89.958424][ T6592] EXT4-fs warning (device loop0): ext4_empty_dir:3095: inode #12: comm syz.0.1124: directory missing '..'
[   89.970524][ T6589] EXT4-fs error (device loop3): ext4_empty_dir:3093: inode #12: block 80: comm syz.3.1123: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   89.991970][ T6589] EXT4-fs warning (device loop3): ext4_empty_dir:3095: inode #12: comm syz.3.1123: directory missing '..'
[   90.053749][ T6598] loop5: detected capacity change from 0 to 1024
[   90.062628][ T6598] EXT4-fs: Ignoring removed nobh option
[   90.071777][ T6598] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   90.080615][ T6598] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   90.179423][ T6598] EXT4-fs (loop5): can't mount with data=, fs mounted w/o journal
[   90.327854][ T6614] 9pnet: p9_errstr2errno: server reported unknown error 184467440
[   90.361908][ T6611] netlink: 'syz.5.1132': attribute type 2 has an invalid length.
[   90.551399][ T6624] netlink: 'syz.4.1136': attribute type 1 has an invalid length.
[   90.559291][ T6624] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1136'.
[   90.989613][ T6639] loop3: detected capacity change from 0 to 4096
[   91.003610][ T6639] EXT4-fs error (device loop3): ext4_empty_dir:3093: inode #12: block 80: comm syz.3.1138: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   91.024542][ T6639] EXT4-fs warning (device loop3): ext4_empty_dir:3095: inode #12: comm syz.3.1138: directory missing '..'
[   91.041782][ T6643] FAULT_INJECTION: forcing a failure.
[   91.041782][ T6643] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   91.055048][ T6643] CPU: 1 UID: 0 PID: 6643 Comm: syz.4.1141 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(voluntary) 
[   91.055135][ T6643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   91.055146][ T6643] Call Trace:
[   91.055152][ T6643]  <TASK>
[   91.055158][ T6643]  __dump_stack+0x1d/0x30
[   91.055181][ T6643]  dump_stack_lvl+0xe8/0x140
[   91.055202][ T6643]  dump_stack+0x15/0x1b
[   91.055302][ T6643]  should_fail_ex+0x265/0x280
[   91.055359][ T6643]  should_fail+0xb/0x20
[   91.055388][ T6643]  should_fail_usercopy+0x1a/0x20
[   91.055422][ T6643]  _copy_to_user+0x20/0xa0
[   91.055498][ T6643]  simple_read_from_buffer+0xb5/0x130
[   91.055526][ T6643]  proc_fail_nth_read+0x100/0x140
[   91.055566][ T6643]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   91.055619][ T6643]  vfs_read+0x1a0/0x6f0
[   91.055644][ T6643]  ? __rcu_read_unlock+0x4f/0x70
[   91.055663][ T6643]  ? __fget_files+0x184/0x1c0
[   91.055685][ T6643]  ksys_read+0xda/0x1a0
[   91.055796][ T6643]  __x64_sys_read+0x40/0x50
[   91.055823][ T6643]  x64_sys_call+0x2d77/0x2fb0
[   91.055841][ T6643]  do_syscall_64+0xd2/0x200
[   91.055874][ T6643]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   91.055897][ T6643]  ? clear_bhb_loop+0x40/0x90
[   91.055920][ T6643]  ? clear_bhb_loop+0x40/0x90
[   91.056000][ T6643]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.056024][ T6643] RIP: 0033:0x7f800926d33c
[   91.056039][ T6643] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   91.056060][ T6643] RSP: 002b:00007f80078d7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   91.056153][ T6643] RAX: ffffffffffffffda RBX: 00007f8009495fa0 RCX: 00007f800926d33c
[   91.056164][ T6643] RDX: 000000000000000f RSI: 00007f80078d70a0 RDI: 0000000000000004
[   91.056174][ T6643] RBP: 00007f80078d7090 R08: 0000000000000000 R09: 0000000000000000
[   91.056185][ T6643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.056198][ T6643] R13: 0000000000000000 R14: 00007f8009495fa0 R15: 00007fffdd5843c8
[   91.056241][ T6643]  </TASK>
[   91.302506][ T6645] netlink: 'syz.4.1142': attribute type 1 has an invalid length.
[   91.310271][ T6645] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1142'.
[   91.493846][ T6647] netlink: 'wÞ£ÿ': attribute type 10 has an invalid length.
[   91.504578][ T6647] team0: Port device dummy0 added
[   91.526215][ T6647] netlink: 'wÞ£ÿ': attribute type 10 has an invalid length.
[   91.539241][ T6647] team0: Port device dummy0 removed
[   91.547117][ T6647] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   91.557633][ T6665] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1149'.
[   91.669309][ T6672] loop3: detected capacity change from 0 to 512
[   91.677305][ T6672] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[   91.690146][ T6672] EXT4-fs (loop3): orphan cleanup on readonly fs
[   91.696930][ T6672] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[   91.711444][ T6672] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.1150: corrupted inode contents
[   91.724924][ T6672] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #11: comm syz.3.1150: mark_inode_dirty error
[   91.739708][ T6672] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1150: invalid indirect mapped block 327680 (level 0)
[   91.757924][ T6672] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.1150: corrupted inode contents
[   91.774510][ T6677] loop5: detected capacity change from 0 to 2048
[   91.781999][ T6672] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[   91.791693][ T6672] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.1150: corrupted inode contents
[   91.803924][ T6672] EXT4-fs error (device loop3): ext4_truncate:4597: inode #11: comm syz.3.1150: mark_inode_dirty error
[   91.816257][ T6672] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[   91.825417][ T6672] EXT4-fs (loop3): 1 truncate cleaned up
[   91.880847][   T29] kauditd_printk_skb: 246 callbacks suppressed
[   91.880860][   T29] audit: type=1400 audit(1751788445.289:41857): avc:  denied  { create } for  pid=6679 comm="syz.5.1155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   91.903226][ T6682] SELinux: failed to load policy
[   91.918505][   T29] audit: type=1400 audit(1751788445.289:41858): avc:  denied  { write } for  pid=6679 comm="syz.5.1155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   91.940158][ T6684] netlink: 'syz.5.1157': attribute type 1 has an invalid length.
[   91.942174][   T29] audit: type=1400 audit(1751788445.349:41859): avc:  denied  { setopt } for  pid=6685 comm="syz.2.1152" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   91.947913][ T6684] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1157'.
[   92.023323][   T29] audit: type=1400 audit(1751788445.429:41860): avc:  denied  { block_suspend } for  pid=6685 comm="syz.2.1152" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   92.046171][   T29] audit: type=1400 audit(1751788445.429:41861): avc:  denied  { connect } for  pid=6689 comm="syz.5.1159" lport=64 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   92.066936][   T29] audit: type=1326 audit(1751788445.449:41862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6685 comm="syz.2.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8db00be929 code=0x7ffc0000
[   92.090511][   T29] audit: type=1326 audit(1751788445.449:41863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6685 comm="syz.2.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8db00be929 code=0x7ffc0000
[   92.114074][   T29] audit: type=1326 audit(1751788445.449:41864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6685 comm="syz.2.1152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f8db00be929 code=0x7ffc0000
[   92.326617][ T6696] loop5: detected capacity change from 0 to 1024
[   92.388059][   T29] audit: type=1400 audit(1751788445.789:41865): avc:  denied  { sqpoll } for  pid=6703 comm="syz.4.1163" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   92.411606][ T6704] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[   92.447141][ T6709] sd 0:0:1:0: device reset
[   92.455164][   T29] audit: type=1326 audit(1751788445.849:41866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6708 comm="syz.5.1165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa631be929 code=0x7ffc0000
[   92.462634][ T6709] syzkaller0: entered promiscuous mode
[   92.484610][ T6709] syzkaller0: entered allmulticast mode
[   92.492861][ T6711] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   92.535220][ T6713] loop0: detected capacity change from 0 to 256
[   92.581901][ T6719] netlink: 'syz.0.1170': attribute type 1 has an invalid length.
[   92.628547][ T6727] loop4: detected capacity change from 0 to 256
[   92.655304][ T6727] xt_CT: You must specify a L4 protocol and not use inversions on it
[   92.723782][ T6742] atomic_op ffff888117a24128 conn xmit_atomic 0000000000000000
[   92.738598][ T6741] loop4: detected capacity change from 0 to 2048
[   92.767107][ T6746] __nla_validate_parse: 3 callbacks suppressed
[   92.767126][ T6746] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1183'.
[   92.789701][ T6741] Alternate GPT is invalid, using primary GPT.
[   92.796011][ T6741]  loop4: p1 p2 p3
[   92.826187][ T6741] netlink: 100 bytes leftover after parsing attributes in process `syz.4.1181'.
[   92.925440][ T6753] netlink: 'syz.2.1185': attribute type 1 has an invalid length.
[   92.933363][ T6753] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1185'.
[   93.049628][ T6758] loop3: detected capacity change from 0 to 1024
[   93.051220][ T6764] loop2: detected capacity change from 0 to 1024
[   93.062980][ T6764] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   93.165841][ T6776] tipc: Enabling of bearer <‰ý‘eth:gr> rejected, media not registered
[   93.223538][ T6788] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1197'.
[   93.247134][ T6791] SELinux: failed to load policy
[   93.415125][ T6808] xt_HMARK: spi-set and port-set can't be combined
[   93.430273][ T6808] loop5: detected capacity change from 0 to 2048
[   93.481953][ T6819] FAULT_INJECTION: forcing a failure.
[   93.481953][ T6819] name failslab, interval 1, probability 0, space 0, times 0
[   93.495020][ T6819] CPU: 1 UID: 0 PID: 6819 Comm: syz.3.1212 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(voluntary) 
[   93.495055][ T6819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   93.495069][ T6819] Call Trace:
[   93.495076][ T6819]  <TASK>
[   93.495083][ T6819]  __dump_stack+0x1d/0x30
[   93.495106][ T6819]  dump_stack_lvl+0xe8/0x140
[   93.495184][ T6819]  dump_stack+0x15/0x1b
[   93.495202][ T6819]  should_fail_ex+0x265/0x280
[   93.495252][ T6819]  should_failslab+0x8c/0xb0
[   93.495403][ T6819]  kmem_cache_alloc_noprof+0x50/0x310
[   93.495484][ T6819]  ? security_inode_alloc+0x37/0x100
[   93.495521][ T6819]  security_inode_alloc+0x37/0x100
[   93.495607][ T6819]  inode_init_always_gfp+0x4b7/0x500
[   93.495642][ T6819]  ? __pfx_shmem_alloc_inode+0x10/0x10
[   93.495660][ T6819]  alloc_inode+0x58/0x170
[   93.495708][ T6819]  new_inode+0x1d/0xe0
[   93.495731][ T6819]  shmem_get_inode+0x244/0x750
[   93.495756][ T6819]  __shmem_file_setup+0x113/0x210
[   93.495793][ T6819]  shmem_file_setup+0x3b/0x50
[   93.495870][ T6819]  __se_sys_memfd_create+0x2c3/0x590
[   93.495909][ T6819]  __x64_sys_memfd_create+0x31/0x40
[   93.495944][ T6819]  x64_sys_call+0x122f/0x2fb0
[   93.495970][ T6819]  do_syscall_64+0xd2/0x200
[   93.496005][ T6819]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.496031][ T6819]  ? clear_bhb_loop+0x40/0x90
[   93.496062][ T6819]  ? clear_bhb_loop+0x40/0x90
[   93.496088][ T6819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.496110][ T6819] RIP: 0033:0x7f9fa218e929
[   93.496195][ T6819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.496213][ T6819] RSP: 002b:00007f9fa07f6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   93.496229][ T6819] RAX: ffffffffffffffda RBX: 0000000000000722 RCX: 00007f9fa218e929
[   93.496318][ T6819] RDX: 00007f9fa07f6ef0 RSI: 0000000000000000 RDI: 00007f9fa22114cc
[   93.496329][ T6819] RBP: 0000200000002640 R08: 00007f9fa07f6bb7 R09: 00007f9fa07f6e40
[   93.496339][ T6819] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000780
[   93.496351][ T6819] R13: 00007f9fa07f6ef0 R14: 00007f9fa07f6eb0 R15: 0000200000000280
[   93.496374][ T6819]  </TASK>
[   93.776926][ T6823] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1213'.
[   93.840842][ T6827] sd 0:0:1:0: device reset
[   93.889928][ T6831] loop5: detected capacity change from 0 to 4096
[   93.924474][ T6831] EXT4-fs error (device loop5): ext4_empty_dir:3093: inode #12: block 80: comm syz.5.1211: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   93.944814][ T6831] EXT4-fs warning (device loop5): ext4_empty_dir:3095: inode #12: comm syz.5.1211: directory missing '..'
[   93.970093][ T6827] syzkaller0: entered promiscuous mode
[   93.975592][ T6827] syzkaller0: entered allmulticast mode
[   94.195079][ T6855] loop3: detected capacity change from 0 to 512
[   94.204064][ T6855] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   94.215092][ T6855] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[   94.224246][ T6855] System zones: 1-12
[   94.229663][ T6855] EXT4-fs (loop3): 1 truncate cleaned up
[   94.260049][ T6862] netlink: 'syz.2.1231': attribute type 1 has an invalid length.
[   94.267817][ T6862] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1231'.
[   94.286899][ T6866] netlink: '+}[@': attribute type 1 has an invalid length.
[   94.294169][ T6866] netlink: 224 bytes leftover after parsing attributes in process `+}[@'.
[   94.370340][ T6866] netlink: '+}[@': attribute type 1 has an invalid length.
[   94.378021][ T6866] netlink: 224 bytes leftover after parsing attributes in process `+}[@'.
[   94.386702][ T6869] netlink: 'syz.2.1232': attribute type 1 has an invalid length.
[   94.394626][ T6869] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1232'.
[   94.394724][ T6864] loop0: detected capacity change from 0 to 1024
[   94.426269][ T6875] SELinux: failed to load policy
[   94.451209][ T6883] FAULT_INJECTION: forcing a failure.
[   94.451209][ T6883] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   94.464401][ T6883] CPU: 1 UID: 0 PID: 6883 Comm: syz.2.1236 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(voluntary) 
[   94.464427][ T6883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.464440][ T6883] Call Trace:
[   94.464446][ T6883]  <TASK>
[   94.464455][ T6883]  __dump_stack+0x1d/0x30
[   94.464474][ T6883]  dump_stack_lvl+0xe8/0x140
[   94.464495][ T6883]  dump_stack+0x15/0x1b
[   94.464510][ T6883]  should_fail_ex+0x265/0x280
[   94.464538][ T6883]  should_fail+0xb/0x20
[   94.464597][ T6883]  should_fail_usercopy+0x1a/0x20
[   94.464626][ T6883]  _copy_to_user+0x20/0xa0
[   94.464645][ T6883]  simple_read_from_buffer+0xb5/0x130
[   94.464707][ T6883]  proc_fail_nth_read+0x100/0x140
[   94.464769][ T6883]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   94.464799][ T6883]  vfs_read+0x1a0/0x6f0
[   94.464870][ T6883]  ? __rcu_read_unlock+0x4f/0x70
[   94.464890][ T6883]  ? __fget_files+0x184/0x1c0
[   94.464936][ T6883]  ksys_read+0xda/0x1a0
[   94.464965][ T6883]  __x64_sys_read+0x40/0x50
[   94.465067][ T6883]  x64_sys_call+0x2d77/0x2fb0
[   94.465086][ T6883]  do_syscall_64+0xd2/0x200
[   94.465156][ T6883]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   94.465179][ T6883]  ? clear_bhb_loop+0x40/0x90
[   94.465198][ T6883]  ? clear_bhb_loop+0x40/0x90
[   94.465217][ T6883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.465273][ T6883] RIP: 0033:0x7f8db00bd33c
[   94.465286][ T6883] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   94.465399][ T6883] RSP: 002b:00007f8dae727030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   94.465415][ T6883] RAX: ffffffffffffffda RBX: 00007f8db02e5fa0 RCX: 00007f8db00bd33c
[   94.465426][ T6883] RDX: 000000000000000f RSI: 00007f8dae7270a0 RDI: 0000000000000003
[   94.465436][ T6883] RBP: 00007f8dae727090 R08: 0000000000000000 R09: 0000000000000000
[   94.465446][ T6883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.465456][ T6883] R13: 0000000000000001 R14: 00007f8db02e5fa0 R15: 00007fffc16f2988
[   94.465535][ T6883]  </TASK>
[   94.759929][ T6890] mmap: syz.3.1239 (6890): VmData 29208576 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data.
[   94.837526][ T6909] FAULT_INJECTION: forcing a failure.
[   94.837526][ T6909] name failslab, interval 1, probability 0, space 0, times 0
[   94.850296][ T6909] CPU: 0 UID: 0 PID: 6909 Comm: syz.5.1248 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(voluntary) 
[   94.850327][ T6909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.850341][ T6909] Call Trace:
[   94.850348][ T6909]  <TASK>
[   94.850356][ T6909]  __dump_stack+0x1d/0x30
[   94.850380][ T6909]  dump_stack_lvl+0xe8/0x140
[   94.850402][ T6909]  dump_stack+0x15/0x1b
[   94.850422][ T6909]  should_fail_ex+0x265/0x280
[   94.850458][ T6909]  should_failslab+0x8c/0xb0
[   94.850486][ T6909]  kmem_cache_alloc_noprof+0x50/0x310
[   94.850517][ T6909]  ? mpol_set_shared_policy+0x3d7/0x860
[   94.850558][ T6909]  mpol_set_shared_policy+0x3d7/0x860
[   94.850609][ T6909]  shmem_set_policy+0x3d/0x50
[   94.850645][ T6909]  mbind_range+0x23a/0x440
[   94.850664][ T6909]  ? mas_find+0x4ea/0x610
[   94.850684][ T6909]  __se_sys_mbind+0x648/0xac0
[   94.850739][ T6909]  __x64_sys_mbind+0x78/0x90
[   94.850771][ T6909]  x64_sys_call+0x14af/0x2fb0
[   94.850796][ T6909]  do_syscall_64+0xd2/0x200
[   94.850817][ T6909]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   94.850848][ T6909]  ? clear_bhb_loop+0x40/0x90
[   94.850871][ T6909]  ? clear_bhb_loop+0x40/0x90
[   94.850896][ T6909]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.850920][ T6909] RIP: 0033:0x7faa631be929
[   94.850946][ T6909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.850966][ T6909] RSP: 002b:00007faa61827038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[   94.850987][ T6909] RAX: ffffffffffffffda RBX: 00007faa633e5fa0 RCX: 00007faa631be929
[   94.851000][ T6909] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000200000001000
[   94.851011][ T6909] RBP: 00007faa61827090 R08: 0000000000000000 R09: 0000000000000000
[   94.851023][ T6909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.851036][ T6909] R13: 0000000000000000 R14: 00007faa633e5fa0 R15: 00007fffbe582c98
[   94.851053][ T6909]  </TASK>
[   94.858114][ T6914] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1249'.
[   94.973536][ T6924] batman_adv: batadv0: Removing interface: batadv_slave_0
[   95.074071][ T6924] batman_adv: batadv0: Removing interface: batadv_slave_1
[   95.085970][ T6929] loop4: detected capacity change from 0 to 512
[   95.093009][ T6929] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   95.104711][ T6929] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[   95.112933][ T6929] System zones: 1-12
[   95.118209][ T6929] EXT4-fs (loop4): 1 truncate cleaned up
[   95.151699][ T6934] loop4: detected capacity change from 0 to 512
[   95.160043][ T6934] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   95.170597][ T6934] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c118, mo2=0002]
[   95.180251][ T6934] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.1257: corrupted in-inode xattr: e_value size too large
[   95.196589][ T6934] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.1257: couldn't read orphan inode 15 (err -117)
[   95.226700][ T6945] FAULT_INJECTION: forcing a failure.
[   95.226700][ T6945] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   95.240023][ T6945] CPU: 0 UID: 0 PID: 6945 Comm: syz.3.1261 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(voluntary) 
[   95.240052][ T6945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   95.240066][ T6945] Call Trace:
[   95.240072][ T6945]  <TASK>
[   95.240079][ T6945]  __dump_stack+0x1d/0x30
[   95.240149][ T6945]  dump_stack_lvl+0xe8/0x140
[   95.240170][ T6945]  dump_stack+0x15/0x1b
[   95.240187][ T6945]  should_fail_ex+0x265/0x280
[   95.240217][ T6945]  should_fail+0xb/0x20
[   95.240239][ T6945]  should_fail_usercopy+0x1a/0x20
[   95.240338][ T6945]  _copy_from_user+0x1c/0xb0
[   95.240355][ T6945]  ___sys_sendmsg+0xc1/0x1d0
[   95.240467][ T6945]  __x64_sys_sendmsg+0xd4/0x160
[   95.240488][ T6945]  x64_sys_call+0x2999/0x2fb0
[   95.240507][ T6945]  do_syscall_64+0xd2/0x200
[   95.240589][ T6945]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   95.240618][ T6945]  ? clear_bhb_loop+0x40/0x90
[   95.240661][ T6945]  ? clear_bhb_loop+0x40/0x90
[   95.240743][ T6945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.240766][ T6945] RIP: 0033:0x7f9fa218e929
[   95.240782][ T6945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.240801][ T6945] RSP: 002b:00007f9fa07f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   95.240879][ T6945] RAX: ffffffffffffffda RBX: 00007f9fa23b5fa0 RCX: 00007f9fa218e929
[   95.240893][ T6945] RDX: 0000000000008000 RSI: 0000200000000140 RDI: 0000000000000004
[   95.240906][ T6945] RBP: 00007f9fa07f7090 R08: 0000000000000000 R09: 0000000000000000
[   95.240919][ T6945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.240932][ T6945] R13: 0000000000000000 R14: 00007f9fa23b5fa0 R15: 00007ffd6ccca288
[   95.240950][ T6945]  </TASK>
[   95.490812][ T6959] FAULT_INJECTION: forcing a failure.
[   95.490812][ T6959] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   95.504364][ T6959] CPU: 1 UID: 0 PID: 6959 Comm: syz.3.1268 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(voluntary) 
[   95.504398][ T6959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   95.504461][ T6959] Call Trace:
[   95.504468][ T6959]  <TASK>
[   95.504475][ T6959]  __dump_stack+0x1d/0x30
[   95.504500][ T6959]  dump_stack_lvl+0xe8/0x140
[   95.504523][ T6959]  dump_stack+0x15/0x1b
[   95.504542][ T6959]  should_fail_ex+0x265/0x280
[   95.504625][ T6959]  should_fail+0xb/0x20
[   95.504657][ T6959]  should_fail_usercopy+0x1a/0x20
[   95.504717][ T6959]  copy_fpstate_to_sigframe+0x628/0x7d0
[   95.504757][ T6959]  ? copy_fpstate_to_sigframe+0xe6/0x7d0
[   95.504798][ T6959]  ? x86_task_fpu+0x36/0x60
[   95.504869][ T6959]  get_sigframe+0x34d/0x490
[   95.504888][ T6959]  ? get_signal+0xdc8/0xf70
[   95.504977][ T6959]  x64_setup_rt_frame+0xa8/0x580
[   95.505005][ T6959]  arch_do_signal_or_restart+0x27c/0x480
[   95.505038][ T6959]  exit_to_user_mode_loop+0x7a/0x100
[   95.505066][ T6959]  do_syscall_64+0x1d6/0x200
[   95.505085][ T6959]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   95.505113][ T6959]  ? clear_bhb_loop+0x40/0x90
[   95.505137][ T6959]  ? clear_bhb_loop+0x40/0x90
[   95.505176][ T6959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.505261][ T6959] RIP: 0033:0x7f9fa218e929
[   95.505277][ T6959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.505325][ T6959] RSP: 002b:00007f9fa07f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[   95.505404][ T6959] RAX: fffffffffffffff5 RBX: 00007f9fa23b5fa0 RCX: 00007f9fa218e929
[   95.505418][ T6959] RDX: 0000000000000160 RSI: 00002000000005c0 RDI: 0000000000000005
[   95.505431][ T6959] RBP: 00007f9fa07f7090 R08: 0000000000000000 R09: 0000000000000000
[   95.505444][ T6959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.505457][ T6959] R13: 0000000000000000 R14: 00007f9fa23b5fa0 R15: 00007ffd6ccca288
[   95.505477][ T6959]  </TASK>
[   95.539746][ T6951] loop0: detected capacity change from 0 to 8192
[   95.725618][ T6951] syz.0.1266 (6951): attempted to duplicate a private mapping with mremap.  This is not supported.
[   95.787306][ T6971] SELinux: failed to load policy
[   95.830679][ T6978] xt_HMARK: spi-set and port-set can't be combined
[   95.857191][ T6978] loop5: detected capacity change from 0 to 2048
[   95.860069][ T6982] loop3: detected capacity change from 0 to 512
[   95.870408][ T6980] 9pnet: Unknown protocol version 9
[   95.960448][ T6988] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.968079][ T6988] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.993298][ T6982] EXT4-fs (loop3): 1 orphan inode deleted
[   96.007126][ T6982] ext4 filesystem being mounted at /273/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.028592][   T12] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 1
[   96.128705][ T6998] loop4: detected capacity change from 0 to 4096
[   96.191428][ T6998] EXT4-fs error (device loop4): ext4_empty_dir:3093: inode #12: block 80: comm syz.4.1279: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   96.212059][ T6998] EXT4-fs warning (device loop4): ext4_empty_dir:3095: inode #12: comm syz.4.1279: directory missing '..'
[   96.230158][ T7001] loop5: detected capacity change from 0 to 512
[   96.237474][ T7001] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   96.249955][ T7001] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[   96.258243][ T7001] System zones: 1-12
[   96.264132][ T7001] EXT4-fs (loop5): 1 truncate cleaned up
[   96.312124][ T6988] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   96.345331][ T7004] sd 0:0:1:0: device reset
[   96.412720][ T6988] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   96.421743][ T6988] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   96.430667][ T7010] SELinux: failed to load policy
[   96.435825][ T6988] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   96.444901][ T6988] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   96.461727][   T10] syz1: Port: 1 Link DOWN
[   96.475467][ T7004] syzkaller0: entered promiscuous mode
[   96.481093][ T7004] syzkaller0: entered allmulticast mode
[   96.534848][ T7025] validate_nla: 3 callbacks suppressed
[   96.534864][ T7025] netlink: 'syz.5.1292': attribute type 1 has an invalid length.
[   96.659994][ T7039] loop2: detected capacity change from 0 to 2048
[   96.670925][ T7028] loop5: detected capacity change from 0 to 1024
[   96.693641][ T7039] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   96.700995][ T7039] IPv6: NLM_F_CREATE should be set when creating new route
[   96.778541][ T3308] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   96.800073][ T3308] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   96.883377][ T7058] netlink: 'syz.5.1306': attribute type 1 has an invalid length.
[   96.927365][   T29] kauditd_printk_skb: 593 callbacks suppressed
[   96.927380][   T29] audit: type=1326 audit(1751788450.329:42459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7070 comm="syz.5.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa631be929 code=0x7ffc0000
[   96.927700][ T7071] sd 0:0:1:0: device reset
[   96.933743][   T29] audit: type=1326 audit(1751788450.329:42460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7070 comm="syz.5.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7faa631bd290 code=0x7ffc0000
[   96.933766][   T29] audit: type=1326 audit(1751788450.329:42461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7070 comm="syz.5.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa631be929 code=0x7ffc0000
[   97.009197][   T29] audit: type=1326 audit(1751788450.329:42462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7070 comm="syz.5.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7faa631be929 code=0x7ffc0000
[   97.049258][   T29] audit: type=1326 audit(1751788450.419:42463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7070 comm="syz.5.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa631be929 code=0x7ffc0000
[   97.072857][   T29] audit: type=1326 audit(1751788450.419:42464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7070 comm="syz.5.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa631be929 code=0x7ffc0000
[   97.097689][   T29] audit: type=1326 audit(1751788450.499:42465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7070 comm="syz.5.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faa631be929 code=0x7ffc0000
[   97.121353][   T29] audit: type=1326 audit(1751788450.499:42466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7070 comm="syz.5.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa631be929 code=0x7ffc0000
[   97.145017][   T29] audit: type=1326 audit(1751788450.499:42467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7070 comm="syz.5.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa631be929 code=0x7ffc0000
[   97.169371][ T7082] FAULT_INJECTION: forcing a failure.
[   97.169371][ T7082] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.182509][ T7082] CPU: 1 UID: 0 PID: 7082 Comm: +}[@ Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(voluntary) 
[   97.182600][ T7082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   97.182633][ T7082] Call Trace:
[   97.182639][ T7082]  <TASK>
[   97.182647][ T7082]  __dump_stack+0x1d/0x30
[   97.182664][ T7082]  dump_stack_lvl+0xe8/0x140
[   97.182746][ T7082]  dump_stack+0x15/0x1b
[   97.182760][ T7082]  should_fail_ex+0x265/0x280
[   97.182791][ T7082]  should_fail+0xb/0x20
[   97.182814][ T7082]  should_fail_usercopy+0x1a/0x20
[   97.182875][ T7082]  _copy_to_user+0x20/0xa0
[   97.182944][ T7082]  simple_read_from_buffer+0xb5/0x130
[   97.182979][ T7082]  proc_fail_nth_read+0x100/0x140
[   97.183096][ T7082]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   97.183133][ T7082]  vfs_read+0x1a0/0x6f0
[   97.183163][ T7082]  ? __rcu_read_unlock+0x4f/0x70
[   97.183257][ T7082]  ? __fget_files+0x184/0x1c0
[   97.183282][ T7082]  ksys_read+0xda/0x1a0
[   97.183313][ T7082]  __x64_sys_read+0x40/0x50
[   97.183411][ T7082]  x64_sys_call+0x2d77/0x2fb0
[   97.183429][ T7082]  do_syscall_64+0xd2/0x200
[   97.183445][ T7082]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.183466][ T7082]  ? clear_bhb_loop+0x40/0x90
[   97.183572][ T7082]  ? clear_bhb_loop+0x40/0x90
[   97.183606][ T7082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.183630][ T7082] RIP: 0033:0x7f8db00bd33c
[   97.183646][ T7082] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   97.183744][ T7082] RSP: 002b:00007f8dae727030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   97.183837][ T7082] RAX: ffffffffffffffda RBX: 00007f8db02e5fa0 RCX: 00007f8db00bd33c
[   97.183849][ T7082] RDX: 000000000000000f RSI: 00007f8dae7270a0 RDI: 0000000000000007
[   97.183934][ T7082] RBP: 00007f8dae727090 R08: 0000000000000000 R09: 0000000000000000
[   97.184020][ T7082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.184032][ T7082] R13: 0000000000000000 R14: 00007f8db02e5fa0 R15: 00007fffc16f2988
[   97.184048][ T7082]  </TASK>
[   97.185920][   T29] audit: type=1326 audit(1751788450.589:42468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7070 comm="syz.5.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7faa631be929 code=0x7ffc0000
[   97.472300][ T7093] loop2: detected capacity change from 0 to 1024
[   97.495026][ T7094] loop0: detected capacity change from 0 to 4096
[   97.513061][ T7094] EXT4-fs mount: 66 callbacks suppressed
[   97.513094][ T7094] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.537230][ T7094] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #12: block 80: comm syz.0.1313: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   97.560513][ T7094] EXT4-fs warning (device loop0): ext4_empty_dir:3095: inode #12: comm syz.0.1313: directory missing '..'
[   97.574291][ T7093] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.695169][ T7101] loop5: detected capacity change from 0 to 256
[   97.761487][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.832578][ T7101] xt_CT: You must specify a L4 protocol and not use inversions on it
[   97.893381][ T7105] loop2: detected capacity change from 0 to 2048
[   97.904011][ T7107] netlink: 'syz.3.1322': attribute type 1 has an invalid length.
[   97.911929][ T7107] __nla_validate_parse: 9 callbacks suppressed
[   97.911987][ T7107] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1322'.
[   97.937430][ T7109] netlink: '+}[@': attribute type 1 has an invalid length.
[   97.944726][ T7109] netlink: 224 bytes leftover after parsing attributes in process `+}[@'.
[   97.958408][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.960726][ T7109] netlink: '+}[@': attribute type 1 has an invalid length.
[   97.974649][ T7109] netlink: 224 bytes leftover after parsing attributes in process `+}[@'.
[   98.012689][ T7114] 9p: Unknown access argument 18446744073709551615: -34
[   98.069916][ T7127] sd 0:0:1:0: device reset
[   98.106189][ T7129] loop2: detected capacity change from 0 to 512
[   98.106371][ T7132] netlink: 'syz.0.1333': attribute type 1 has an invalid length.
[   98.113126][ T7129] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   98.120392][ T7132] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1333'.
[   98.141565][ T7129] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[   98.155331][ T7129] System zones: 1-12
[   98.164423][ T7129] EXT4-fs (loop2): 1 truncate cleaned up
[   98.170697][ T7129] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.189543][ T7139] netlink: 'syz.0.1335': attribute type 1 has an invalid length.
[   98.197419][ T7139] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1335'.
[   98.207377][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.234088][ T7143] loop0: detected capacity change from 0 to 256
[   98.269222][ T7143] xt_CT: You must specify a L4 protocol and not use inversions on it
[   98.293735][ T7147] hub 9-0:1.0: USB hub found
[   98.306207][ T7147] hub 9-0:1.0: 8 ports detected
[   98.489832][ T7152] loop3: detected capacity change from 0 to 4096
[   98.575871][ T7152] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.637256][ T7152] EXT4-fs error (device loop3): ext4_empty_dir:3093: inode #12: block 80: comm syz.3.1336: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   98.670611][ T7152] EXT4-fs warning (device loop3): ext4_empty_dir:3095: inode #12: comm syz.3.1336: directory missing '..'
[   98.967645][ T7167] netlink: '+}[@': attribute type 1 has an invalid length.
[   98.974957][ T7167] netlink: 224 bytes leftover after parsing attributes in process `+}[@'.
[   99.062909][ T7173] loop5: detected capacity change from 0 to 164
[   99.090646][ T7174] netlink: 'syz.0.1342': attribute type 1 has an invalid length.
[   99.098626][ T7174] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1342'.
[   99.134446][ T7179] netlink: 'syz.2.1346': attribute type 1 has an invalid length.
[   99.142245][ T7179] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1346'.
[   99.190222][ T7183] loop4: detected capacity change from 0 to 512
[   99.234306][ T7183] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   99.245123][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.300460][ T7183] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[   99.308678][ T7183] System zones: 1-12
[   99.322115][ T7198] dvmrp1: entered allmulticast mode
[   99.344108][ T7183] EXT4-fs (loop4): 1 truncate cleaned up
[   99.351757][ T7183] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.373171][ T7193] loop5: detected capacity change from 0 to 512
[   99.380511][ T7193] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[   99.405750][ T7193] EXT4-fs (loop5): orphan cleanup on readonly fs
[   99.412554][ T7193] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[   99.427107][ T7193] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #11: comm syz.5.1353: corrupted inode contents
[   99.430002][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.440046][ T7205] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2306 sclass=netlink_route_socket pid=7205 comm=syz.2.1357
[   99.451417][ T7193] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #11: comm syz.5.1353: mark_inode_dirty error
[   99.473265][ T7193] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.1353: invalid indirect mapped block 327680 (level 0)
[   99.490771][ T7193] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #11: comm syz.5.1353: corrupted inode contents
[   99.503683][ T7193] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[   99.513847][ T7193] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #11: comm syz.5.1353: corrupted inode contents
[   99.529379][ T7193] EXT4-fs error (device loop5): ext4_truncate:4597: inode #11: comm syz.5.1353: mark_inode_dirty error
[   99.541997][ T7193] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[   99.545053][ T7211] loop0: detected capacity change from 0 to 256
[   99.552539][ T7193] EXT4-fs (loop5): 1 truncate cleaned up
[   99.563910][ T7193] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   99.576599][ T7193] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.635804][ T7216] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1361'.
[   99.663730][ T7218] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1362'.
[   99.692334][ T7220] SELinux: failed to load policy
[   99.735831][ T7214] loop5: detected capacity change from 0 to 1024
[   99.760896][ T7214] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.793686][ T7231] loop2: detected capacity change from 0 to 512
[   99.803419][ T7231] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   99.815968][ T7231] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[   99.826554][ T7231] System zones: 1-12
[   99.856583][ T7231] EXT4-fs (loop2): 1 truncate cleaned up
[   99.862638][ T7231] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.875947][ T5477] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.894307][ T7240] loop0: detected capacity change from 0 to 512
[   99.901202][ T7240] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[   99.912324][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.923016][ T7240] EXT4-fs (loop0): orphan cleanup on readonly fs
[   99.931338][ T7240] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[   99.950971][ T7240] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #11: comm syz.0.1370: corrupted inode contents
[   99.963397][ T7240] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #11: comm syz.0.1370: mark_inode_dirty error
[   99.975832][ T7240] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.1370: invalid indirect mapped block 327680 (level 0)
[   99.989663][ T7248] loop2: detected capacity change from 0 to 512
[   99.991275][ T7240] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #11: comm syz.0.1370: corrupted inode contents
[  100.007956][ T7248] EXT4-fs: old and new quota format mixing
[  100.015015][ T7240] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  100.024539][ T7240] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #11: comm syz.0.1370: corrupted inode contents
[  100.037754][ T7240] EXT4-fs error (device loop0): ext4_truncate:4597: inode #11: comm syz.0.1370: mark_inode_dirty error
[  100.055705][ T7240] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  100.066685][ T7240] EXT4-fs (loop0): 1 truncate cleaned up
[  100.073688][ T7240] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  100.090319][ T7258] x_tables: duplicate underflow at hook 2
[  100.098765][ T7240] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.127064][ T7263] loop2: detected capacity change from 0 to 256
[  100.200161][ T7269] loop3: detected capacity change from 0 to 2048
[  100.207402][ T7269] EXT4-fs: test_dummy_encryption option not supported
[  100.245200][ T7277] loop5: detected capacity change from 0 to 1024
[  100.252926][ T7277] EXT4-fs: Ignoring removed orlov option
[  100.276961][ T7277] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.680805][ T7314] loop3: detected capacity change from 0 to 256
[  100.771868][ T7317] loop3: detected capacity change from 0 to 512
[  100.809289][ T7317] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  100.858522][ T7317] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  100.866624][ T7317] System zones: 1-12
[  100.872427][ T7317] EXT4-fs (loop3): 1 truncate cleaned up
[  100.878799][ T7317] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.930165][ T5477] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.957206][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.043428][ T7336] xt_HMARK: spi-set and port-set can't be combined
[  101.048945][ T7338] FAULT_INJECTION: forcing a failure.
[  101.048945][ T7338] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.063360][ T7338] CPU: 1 UID: 0 PID: 7338 Comm: syz.5.1410 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(voluntary) 
[  101.063418][ T7338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  101.063462][ T7338] Call Trace:
[  101.063468][ T7338]  <TASK>
[  101.063475][ T7338]  __dump_stack+0x1d/0x30
[  101.063498][ T7338]  dump_stack_lvl+0xe8/0x140
[  101.063558][ T7338]  dump_stack+0x15/0x1b
[  101.063576][ T7338]  should_fail_ex+0x265/0x280
[  101.063608][ T7338]  should_fail+0xb/0x20
[  101.063699][ T7338]  should_fail_usercopy+0x1a/0x20
[  101.063735][ T7338]  _copy_from_user+0x1c/0xb0
[  101.063758][ T7338]  ___sys_sendmsg+0xc1/0x1d0
[  101.063828][ T7338]  __x64_sys_sendmsg+0xd4/0x160
[  101.063850][ T7338]  x64_sys_call+0x2999/0x2fb0
[  101.063930][ T7338]  do_syscall_64+0xd2/0x200
[  101.063951][ T7338]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.064024][ T7338]  ? clear_bhb_loop+0x40/0x90
[  101.064046][ T7338]  ? clear_bhb_loop+0x40/0x90
[  101.064072][ T7338]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.064100][ T7338] RIP: 0033:0x7faa631be929
[  101.064113][ T7338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.064134][ T7338] RSP: 002b:00007faa61827038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  101.064156][ T7338] RAX: ffffffffffffffda RBX: 00007faa633e5fa0 RCX: 00007faa631be929
[  101.064229][ T7338] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000004
[  101.064243][ T7338] RBP: 00007faa61827090 R08: 0000000000000000 R09: 0000000000000000
[  101.064257][ T7338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.064271][ T7338] R13: 0000000000000000 R14: 00007faa633e5fa0 R15: 00007fffbe582c98
[  101.064288][ T7338]  </TASK>
[  101.073771][ T7336] loop3: detected capacity change from 0 to 2048
[  101.255228][ T7345] loop4: detected capacity change from 0 to 256
[  101.399344][ T7360] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  101.409279][ T7360] SELinux: failed to load policy
[  101.493182][ T7369] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  101.506605][ T7369] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  101.609646][ T7381] loop5: detected capacity change from 0 to 2048
[  101.645531][ T7322] 9pnet_fd: p9_fd_create_tcp (7322): problem connecting socket to 127.0.0.1
[  101.686803][ T7386] FAULT_INJECTION: forcing a failure.
[  101.686803][ T7386] name failslab, interval 1, probability 0, space 0, times 0
[  101.687684][ T7390] validate_nla: 13 callbacks suppressed
[  101.687712][ T7390] netlink: 'syz.5.1429': attribute type 7 has an invalid length.
[  101.699556][ T7386] CPU: 1 UID: 0 PID: 7386 Comm: syz.3.1428 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(voluntary) 
[  101.699586][ T7386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  101.699597][ T7386] Call Trace:
[  101.699604][ T7386]  <TASK>
[  101.699610][ T7386]  __dump_stack+0x1d/0x30
[  101.699637][ T7386]  dump_stack_lvl+0xe8/0x140
[  101.699662][ T7386]  dump_stack+0x15/0x1b
[  101.699683][ T7386]  should_fail_ex+0x265/0x280
[  101.699722][ T7386]  should_failslab+0x8c/0xb0
[  101.699750][ T7386]  kmem_cache_alloc_noprof+0x50/0x310
[  101.699782][ T7386]  ? mas_alloc_nodes+0x265/0x520
[  101.699807][ T7386]  mas_alloc_nodes+0x265/0x520
[  101.699834][ T7386]  mas_preallocate+0x33e/0x520
[  101.699879][ T7386]  __split_vma+0x240/0x650
[  101.699910][ T7386]  ? selinux_file_open+0x2df/0x330
[  101.699942][ T7386]  vms_gather_munmap_vmas+0x172/0x7a0
[  101.699969][ T7386]  ? is_bpf_text_address+0x141/0x160
[  101.700007][ T7386]  ? __rcu_read_unlock+0x34/0x70
[  101.700032][ T7386]  ? unwind_next_frame+0xada/0xc80
[  101.700063][ T7386]  ? x64_sys_call+0x1af/0x2fb0
[  101.700088][ T7386]  ? do_syscall_64+0xd2/0x200
[  101.700110][ T7386]  ? __kernel_text_address+0xd/0x40
[  101.700139][ T7386]  ? unwind_get_return_address+0x16/0x40
[  101.700193][ T7386]  do_vmi_align_munmap+0x1a4/0x3d0
[  101.700232][ T7386]  do_vmi_munmap+0x1db/0x220
[  101.700259][ T7386]  mremap_at+0x100/0x690
[  101.700296][ T7386]  __se_sys_mremap+0x452/0x6f0
[  101.700334][ T7386]  ? ksys_write+0x192/0x1a0
[  101.700373][ T7386]  __x64_sys_mremap+0x67/0x80
[  101.700405][ T7386]  x64_sys_call+0x2ba9/0x2fb0
[  101.700429][ T7386]  do_syscall_64+0xd2/0x200
[  101.700449][ T7386]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.700480][ T7386]  ? clear_bhb_loop+0x40/0x90
[  101.700506][ T7386]  ? clear_bhb_loop+0x40/0x90
[  101.700531][ T7386]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.700556][ T7386] RIP: 0033:0x7f9fa218e929
[  101.700574][ T7386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.700595][ T7386] RSP: 002b:00007f9fa07f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  101.700616][ T7386] RAX: ffffffffffffffda RBX: 00007f9fa23b5fa0 RCX: 00007f9fa218e929
[  101.700631][ T7386] RDX: 0000000000001000 RSI: 0000000000c00000 RDI: 0000200000400000
[  101.700646][ T7386] RBP: 00007f9fa07f7090 R08: 00002000008b5000 R09: 0000000000000000
[  101.700661][ T7386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.700674][ T7386] R13: 0000000000000000 R14: 00007f9fa23b5fa0 R15: 00007ffd6ccca288
[  101.700697][ T7386]  </TASK>
[  101.750297][ T7394] loop3: detected capacity change from 0 to 256
[  101.751249][ T7390] netlink: 'syz.5.1429': attribute type 8 has an invalid length.
[  101.984846][   T29] kauditd_printk_skb: 627 callbacks suppressed
[  101.984861][   T29] audit: type=1326 audit(1751788461.389:43096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7393 comm="syz.3.1432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa218e929 code=0x7ffc0000
[  102.033542][ T7396] netlink: 'syz.0.1433': attribute type 1 has an invalid length.
[  102.051688][   T29] audit: type=1326 audit(1751788461.389:43097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7393 comm="syz.3.1432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa218e929 code=0x7ffc0000
[  102.075412][   T29] audit: type=1326 audit(1751788461.389:43098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7393 comm="syz.3.1432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9fa218e929 code=0x7ffc0000
[  102.098964][   T29] audit: type=1326 audit(1751788461.389:43099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7393 comm="syz.3.1432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa218e929 code=0x7ffc0000
[  102.122885][   T29] audit: type=1326 audit(1751788461.389:43100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7393 comm="syz.3.1432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa218e929 code=0x7ffc0000
[  102.185302][   T29] audit: type=1326 audit(1751788461.589:43101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7407 comm="syz.5.1439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa631be929 code=0x7ffc0000
[  102.209454][ T7408] sd 0:0:1:0: device reset
[  102.222363][   T29] audit: type=1326 audit(1751788461.619:43102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7407 comm="syz.5.1439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7faa631bd290 code=0x7ffc0000
[  102.246067][   T29] audit: type=1326 audit(1751788461.619:43103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7407 comm="syz.5.1439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa631be929 code=0x7ffc0000
[  102.270004][   T29] audit: type=1326 audit(1751788461.619:43104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7407 comm="syz.5.1439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7faa631be929 code=0x7ffc0000
[  102.276885][ T7411] loop2: detected capacity change from 0 to 512
[  102.293810][   T29] audit: type=1326 audit(1751788461.619:43105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7407 comm="syz.5.1439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa631be929 code=0x7ffc0000
[  102.302076][ T7411] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  102.342780][ T7399] loop0: detected capacity change from 0 to 1024
[  102.350303][ T7411] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  102.359041][ T7411] System zones: 1-12
[  102.363663][ T7411] EXT4-fs (loop2): 1 truncate cleaned up
[  102.369832][ T7411] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.371714][ T7399] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.405796][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.420264][ T7415] dummy0: entered promiscuous mode
[  102.427045][ T7415] dummy0: left promiscuous mode
[  102.513195][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.552261][ T7437] loop3: detected capacity change from 0 to 256
[  102.602278][ T7447] loop3: detected capacity change from 0 to 128
[  102.609130][ T7447] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  102.625517][ T7447] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  102.645455][ T7450] loop5: detected capacity change from 0 to 2048
[  102.662609][ T7450] EXT4-fs: Ignoring removed mblk_io_submit option
[  102.681320][ T7450] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.704609][ T5477] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.792570][ T7459] loop3: detected capacity change from 0 to 1024
[  102.812478][ T7459] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.845960][ T7472] loop5: detected capacity change from 0 to 2048
[  102.855370][ T7479] loop4: detected capacity change from 0 to 256
[  102.886483][ T7481] loop4: detected capacity change from 0 to 512
[  102.894661][ T7472] Alternate GPT is invalid, using primary GPT.
[  102.901017][ T7472]  loop5: p1 p2 p3
[  102.902354][ T7481] EXT4-fs error (device loop4): ext4_orphan_get:1419: comm syz.4.1469: bad orphan inode 15
[  102.905193][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.915233][ T7481] ext4_test_bit(bit=14, block=18) = 1
[  102.929271][ T7481] is_bad_inode(inode)=0
[  102.933430][ T7481] NEXT_ORPHAN(inode)=1023
[  102.937785][ T7481] max_ino=32
[  102.941162][ T7481] i_nlink=0
[  102.944669][ T7481] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2962: inode #15: comm syz.4.1469: corrupted xattr block 19: invalid header
[  102.965410][ T7481] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  102.975509][ T7481] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none.
[  102.988793][ T7481] ext4 filesystem being mounted at /270/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff)
[  103.007523][ T7481] __nla_validate_parse: 18 callbacks suppressed
[  103.007538][ T7481] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1469'.
[  103.035117][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0009-000000000000.
[  103.108991][ T7499] netlink: '+}[@': attribute type 1 has an invalid length.
[  103.116389][ T7499] netlink: 224 bytes leftover after parsing attributes in process `+}[@'.
[  103.133384][ T7499] netlink: '+}[@': attribute type 1 has an invalid length.
[  103.140788][ T7499] netlink: 224 bytes leftover after parsing attributes in process `+}[@'.
[  103.156630][ T7505] loop4: detected capacity change from 0 to 1024
[  103.163256][ T7505] EXT4-fs: Ignoring removed oldalloc option
[  103.169388][ T7505] EXT4-fs: Ignoring removed orlov option
[  103.175672][ T7505] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  103.191088][ T7505] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.205377][ T7505] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1478'.
[  103.214427][ T7505] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1478'.
[  103.241031][ T7511] loop3: detected capacity change from 0 to 256
[  103.248780][ T7505] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.1478: Allocating blocks 497-513 which overlap fs metadata
[  103.280034][ T7513] loop2: detected capacity change from 0 to 512
[  103.286840][ T7513] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  103.297876][ T7513] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  103.305863][ T7513] System zones: 1-12
[  103.311562][ T7513] EXT4-fs (loop2): 1 truncate cleaned up
[  103.317939][ T7513] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.335807][ T7516] loop3: detected capacity change from 0 to 512
[  103.347953][ T7516] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #17: comm syz.3.1482: iget: bogus i_mode (0)
[  103.361494][ T7516] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.1482: couldn't read orphan inode 17 (err -117)
[  103.362424][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.384196][ T7516] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.397663][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.421642][ T7522] FAULT_INJECTION: forcing a failure.
[  103.421642][ T7522] name failslab, interval 1, probability 0, space 0, times 0
[  103.434315][ T7522] CPU: 0 UID: 0 PID: 7522 Comm: syz.4.1483 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(voluntary) 
[  103.434369][ T7522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  103.434459][ T7522] Call Trace:
[  103.434464][ T7522]  <TASK>
[  103.434470][ T7522]  __dump_stack+0x1d/0x30
[  103.434489][ T7522]  dump_stack_lvl+0xe8/0x140
[  103.434505][ T7522]  dump_stack+0x15/0x1b
[  103.434520][ T7522]  should_fail_ex+0x265/0x280
[  103.434584][ T7522]  should_failslab+0x8c/0xb0
[  103.434604][ T7522]  __kmalloc_noprof+0xa5/0x3e0
[  103.434626][ T7522]  ? iter_file_splice_write+0xfe/0x970
[  103.434712][ T7522]  iter_file_splice_write+0xfe/0x970
[  103.434737][ T7522]  ? copy_splice_read+0x5ae/0x5f0
[  103.434763][ T7522]  ? copy_splice_read+0x5ae/0x5f0
[  103.434789][ T7522]  ? copy_splice_read+0x5ae/0x5f0
[  103.434816][ T7522]  ? __pfx_iter_file_splice_write+0x10/0x10
[  103.434842][ T7522]  direct_splice_actor+0x153/0x2a0
[  103.434891][ T7522]  ? splice_grow_spd+0xc1/0xe0
[  103.434914][ T7522]  splice_direct_to_actor+0x30f/0x680
[  103.434940][ T7522]  ? __pfx_direct_splice_actor+0x10/0x10
[  103.435036][ T7522]  do_splice_direct+0xda/0x150
[  103.435061][ T7522]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  103.435092][ T7522]  do_sendfile+0x380/0x650
[  103.435135][ T7522]  __x64_sys_sendfile64+0x105/0x150
[  103.435155][ T7522]  x64_sys_call+0xb39/0x2fb0
[  103.435173][ T7522]  do_syscall_64+0xd2/0x200
[  103.435188][ T7522]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  103.435210][ T7522]  ? clear_bhb_loop+0x40/0x90
[  103.435302][ T7522]  ? clear_bhb_loop+0x40/0x90
[  103.435322][ T7522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.435403][ T7522] RIP: 0033:0x7f800926e929
[  103.435415][ T7522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.435429][ T7522] RSP: 002b:00007f80078d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  103.435481][ T7522] RAX: ffffffffffffffda RBX: 00007f8009495fa0 RCX: 00007f800926e929
[  103.435490][ T7522] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[  103.435543][ T7522] RBP: 00007f80078d7090 R08: 0000000000000000 R09: 0000000000000000
[  103.435552][ T7522] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  103.435561][ T7522] R13: 0000000000000000 R14: 00007f8009495fa0 R15: 00007fffdd5843c8
[  103.435577][ T7522]  </TASK>
[  103.716678][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.749382][ T7535] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1488'.
[  103.767900][ T7534] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1489'.
[  103.792986][ T7534] loop0: detected capacity change from 0 to 1024
[  103.803443][ T7543] netlink: 'syz.4.1493': attribute type 1 has an invalid length.
[  103.811269][ T7543] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1493'.
[  103.840509][ T7534] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.854486][ T7534] ext4 filesystem being mounted at /303/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.907871][ T7534] sock: sock_set_timeout: `syz.0.1489' (pid 7534) tries to set negative timeout
[  103.925574][ T7564] netlink: 'syz.5.1501': attribute type 1 has an invalid length.
[  103.933430][ T7564] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1501'.
[  103.975188][ T7573] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1504'.
[  103.994851][ T3302] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 16: comm syz-executor: path /303/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0
[  104.017699][ T3302] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 37: comm syz-executor: path /303/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[  104.020924][ T7575] sd 0:0:1:0: device reset
[  104.039141][ T3302] EXT4-fs error (device loop0): ext4_empty_dir:3116: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0
[  104.070117][ T3302] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 37: comm syz-executor: path /303/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[  104.092722][ T3302] EXT4-fs error (device loop0): ext4_empty_dir:3116: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0
[  104.114840][ T3302] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 37: comm syz-executor: path /303/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[  104.136647][ T3302] EXT4-fs error (device loop0): ext4_empty_dir:3116: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0
[  104.156461][ T3302] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 37: comm syz-executor: path /303/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[  104.159207][ T7579] netlink: 'syz.5.1508': attribute type 1 has an invalid length.
[  104.186293][ T3302] EXT4-fs error (device loop0): ext4_empty_dir:3116: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0
[  104.206133][ T3302] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 37: comm syz-executor: path /303/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[  104.233980][ T7581] loop3: detected capacity change from 0 to 256
[  104.248999][ T7583] sd 0:0:1:0: device reset
[  104.306921][ T3811] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.334038][ T7587] loop2: detected capacity change from 0 to 256
[  104.365322][ T7591] netlink: 'syz.5.1514': attribute type 1 has an invalid length.
[  104.406089][ T7597] netlink: 'syz.5.1527': attribute type 1 has an invalid length.
[  104.520652][ T7612] sd 0:0:1:0: device reset
[  104.606325][ T7602] chnl_net:caif_netlink_parms(): no params data found
[  104.648045][ T7602] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.655220][ T7602] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.662709][ T7602] bridge_slave_0: entered allmulticast mode
[  104.669143][ T7602] bridge_slave_0: entered promiscuous mode
[  104.676228][ T7602] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.683471][ T7602] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.690687][ T7602] bridge_slave_1: entered allmulticast mode
[  104.697089][ T7602] bridge_slave_1: entered promiscuous mode
[  104.717777][ T7602] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  104.727967][ T7602] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  104.761058][ T7602] team0: Port device team_slave_0 added
[  104.767891][ T7602] team0: Port device team_slave_1 added
[  104.774483][   T56] bridge_slave_1: left allmulticast mode
[  104.780183][   T56] bridge_slave_1: left promiscuous mode
[  104.785844][   T56] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.793936][ T7629] SELinux: failed to load policy
[  104.799433][   T56] bridge_slave_0: left allmulticast mode
[  104.805104][   T56] bridge_slave_0: left promiscuous mode
[  104.811062][   T56] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.896606][   T56] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  104.907181][   T56] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  104.916466][   T56] bond0 (unregistering): Released all slaves
[  104.925765][   T56] bond1 (unregistering): Released all slaves
[  104.948386][ T7602] batman_adv: batadv0: Adding interface: batadv_slave_0
[  104.955358][ T7602] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.981726][ T7602] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  104.997749][ T7602] batman_adv: batadv0: Adding interface: batadv_slave_1
[  105.004819][ T7602] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.031018][ T7602] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  105.047136][   T56] hsr_slave_0: left promiscuous mode
[  105.053434][   T56] hsr_slave_1: left promiscuous mode
[  105.060108][   T56] batman_adv: batadv0: Removing interface: batadv_slave_0
[  105.067676][   T56] batman_adv: batadv0: Removing interface: batadv_slave_1
[  105.107010][   T56] team0 (unregistering): Port device team_slave_1 removed
[  105.117597][   T56] team0 (unregistering): Port device team_slave_0 removed
[  105.149004][   T56] team0 (unregistering): Port device dummy0 removed
[  105.161828][ T7636] loop3: detected capacity change from 0 to 1024
[  105.181061][ T7636] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.182402][ T7602] hsr_slave_0: entered promiscuous mode
[  105.200142][ T7602] hsr_slave_1: entered promiscuous mode
[  105.205974][ T7602] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  105.213569][ T7602] Cannot create hsr debugfs directory
[  105.229575][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.294284][ T7646] loop3: detected capacity change from 0 to 2048
[  105.302654][ T7648] loop5: detected capacity change from 0 to 512
[  105.309670][ T7648] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  105.313251][ T7602] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  105.320686][ T7648] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  105.334306][ T7648] System zones: 1-12
[  105.336566][ T7602] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  105.346045][ T7646] Alternate GPT is invalid, using primary GPT.
[  105.346328][ T7648] EXT4-fs (loop5): 1 truncate cleaned up
[  105.352490][ T7646]  loop3: p1 p2 p3
[  105.358794][ T7648] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.381504][ T7602] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  105.393781][ T7602] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  105.403060][ T5477] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.442481][ T7602] 8021q: adding VLAN 0 to HW filter on device bond0
[  105.459706][ T7602] 8021q: adding VLAN 0 to HW filter on device team0
[  105.471657][ T7155] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.479212][ T7155] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.492045][ T7156] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.499125][ T7156] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.545785][ T7661] 9pnet_fd: Insufficient options for proto=fd
[  105.582985][ T7602] 8021q: adding VLAN 0 to HW filter on device batadv0
[  105.677675][ T7602] veth0_vlan: entered promiscuous mode
[  105.685393][ T7602] veth1_vlan: entered promiscuous mode
[  105.700988][ T7602] veth0_macvtap: entered promiscuous mode
[  105.708616][ T7602] veth1_macvtap: entered promiscuous mode
[  105.719740][ T7602] batman_adv: batadv0: Interface activated: batadv_slave_0
[  105.731655][ T7602] batman_adv: batadv0: Interface activated: batadv_slave_1
[  105.741895][ T7602] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.750670][ T7602] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.759550][ T7602] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.768519][ T7602] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.810925][ T7692] sd 0:0:1:0: device reset
[  105.892413][ T7699] loop6: detected capacity change from 0 to 256
[  106.308145][ T7708] 9pnet_fd: p9_fd_create_tcp (7708): problem connecting socket to 127.0.0.1
[  106.603629][ T7728] sd 0:0:1:0: device reset
[  106.627895][ T7731] loop4: detected capacity change from 0 to 2048
[  106.679255][ T7731] Alternate GPT is invalid, using primary GPT.
[  106.685545][ T7731]  loop4: p1 p2 p3
[  106.733045][ T7738] sd 0:0:1:0: device reset
[  106.887541][ T7749] pim6reg1: entered promiscuous mode
[  106.892967][ T7749] pim6reg1: entered allmulticast mode
[  107.069034][ T7757] loop5: detected capacity change from 0 to 4096
[  107.106119][ T7708] 9pnet_fd: p9_fd_create_tcp (7708): problem connecting socket to 127.0.0.1
[  107.181319][ T7757] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.187011][ T7757] EXT4-fs error (device loop5): ext4_empty_dir:3093: inode #12: block 80: comm syz.5.1557: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  107.187311][ T7757] EXT4-fs warning (device loop5): ext4_empty_dir:3095: inode #12: comm syz.5.1557: directory missing '..'
[  107.195141][ T7762] loop3: detected capacity change from 0 to 512
[  107.199063][ T7762] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  107.199806][ T7762] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  107.199844][ T7762] System zones: 1-12
[  107.200926][ T7762] EXT4-fs (loop3): 1 truncate cleaned up
[  107.201870][ T7762] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.271790][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.508556][ T7767] loop3: detected capacity change from 0 to 256
[  107.595777][ T7778] validate_nla: 2 callbacks suppressed
[  107.595794][ T7778] netlink: 'syz.2.1571': attribute type 1 has an invalid length.
[  107.630486][   T29] kauditd_printk_skb: 617 callbacks suppressed
[  107.630499][   T29] audit: type=1326 audit(1751788467.040:43723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7782 comm="syz.2.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8db00be929 code=0x7ffc0000
[  107.687822][   T29] audit: type=1326 audit(1751788467.070:43724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7782 comm="syz.2.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8db00be929 code=0x7ffc0000
[  107.711571][   T29] audit: type=1326 audit(1751788467.070:43725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7782 comm="syz.2.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8db00be929 code=0x7ffc0000
[  107.735127][   T29] audit: type=1326 audit(1751788467.070:43726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7782 comm="syz.2.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8db00be929 code=0x7ffc0000
[  107.758649][   T29] audit: type=1326 audit(1751788467.070:43727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7782 comm="syz.2.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8db00be929 code=0x7ffc0000
[  107.782171][   T29] audit: type=1326 audit(1751788467.070:43728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7782 comm="syz.2.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8db00be929 code=0x7ffc0000
[  107.805675][   T29] audit: type=1326 audit(1751788467.070:43729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7782 comm="syz.2.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8db00be929 code=0x7ffc0000
[  107.807761][ T7785] loop4: detected capacity change from 0 to 512
[  107.829141][   T29] audit: type=1326 audit(1751788467.070:43730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7782 comm="syz.2.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7f8db00be929 code=0x7ffc0000
[  107.829187][   T29] audit: type=1326 audit(1751788467.070:43731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7782 comm="syz.2.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8db00be929 code=0x7ffc0000
[  107.837089][ T7785] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  107.858967][   T29] audit: type=1326 audit(1751788467.070:43732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7782 comm="syz.2.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8db00be929 code=0x7ffc0000
[  107.904719][ T7787] loop6: detected capacity change from 0 to 2048
[  107.921582][ T5477] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.933267][ T7785] EXT4-fs (loop4): orphan cleanup on readonly fs
[  107.945593][ T7785] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  107.989840][ T7785] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #11: comm syz.4.1576: corrupted inode contents
[  108.004417][ T7785] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #11: comm syz.4.1576: mark_inode_dirty error
[  108.027848][ T7785] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1576: invalid indirect mapped block 327680 (level 0)
[  108.050299][ T7785] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #11: comm syz.4.1576: corrupted inode contents
[  108.068180][ T7785] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  108.086570][ T7785] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #11: comm syz.4.1576: corrupted inode contents
[  108.107975][ T7785] EXT4-fs error (device loop4): ext4_truncate:4597: inode #11: comm syz.4.1576: mark_inode_dirty error
[  108.110003][ T7806] netlink: 'syz.3.1584': attribute type 1 has an invalid length.
[  108.124859][ T7785] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  108.127112][ T7806] __nla_validate_parse: 13 callbacks suppressed
[  108.127125][ T7806] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1584'.
[  108.146345][ T7785] EXT4-fs (loop4): 1 truncate cleaned up
[  108.153152][ T7805] netlink: 'syz.2.1578': attribute type 1 has an invalid length.
[  108.164894][ T7805] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1578'.
[  108.164966][ T7785] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  108.186626][ T7785] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.202268][ T7808] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1585'.
[  108.266556][ T7820] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  108.305534][ T7823] netlink: 'syz.3.1590': attribute type 2 has an invalid length.
[  108.463327][ T7825] loop6: detected capacity change from 0 to 4096
[  108.479552][ T7835] netlink: 'syz.4.1596': attribute type 1 has an invalid length.
[  108.487408][ T7835] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1596'.
[  108.502549][ T7825] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.517008][ T7825] EXT4-fs error (device loop6): ext4_empty_dir:3093: inode #12: block 80: comm syz.6.1591: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  108.534612][ T7841] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1600'.
[  108.537006][ T7825] EXT4-fs warning (device loop6): ext4_empty_dir:3095: inode #12: comm syz.6.1591: directory missing '..'
[  108.603814][ T7602] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.617206][ T7842] loop3: detected capacity change from 0 to 512
[  108.625402][ T7842] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  108.648528][ T7842] EXT4-fs (loop3): orphan cleanup on readonly fs
[  108.666883][ T7842] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  108.682127][ T7842] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.1598: corrupted inode contents
[  108.694302][ T7842] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #11: comm syz.3.1598: mark_inode_dirty error
[  108.705988][ T7842] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1598: invalid indirect mapped block 327680 (level 0)
[  108.720246][ T7842] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.1598: corrupted inode contents
[  108.732476][ T7842] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  108.741463][ T7842] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.1598: corrupted inode contents
[  108.770208][ T7842] EXT4-fs error (device loop3): ext4_truncate:4597: inode #11: comm syz.3.1598: mark_inode_dirty error
[  108.845470][ T7842] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  108.855446][ T7842] EXT4-fs (loop3): 1 truncate cleaned up
[  108.879970][ T7842] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  109.035549][ T7842] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.281136][ T7866] siw: device registration error -23
[  109.369095][ T7872] netlink: 'syz.5.1610': attribute type 1 has an invalid length.
[  109.377030][ T7872] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1610'.
[  109.405139][ T7873] loop7: detected capacity change from 0 to 16384
[  109.448287][ T7876] loop5: detected capacity change from 0 to 1024
[  109.501189][ T7876] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.649497][ T7881] loop3: detected capacity change from 0 to 4096
[  109.660954][ T7876] serio: Serial port ttyS3
[  109.688925][ T7881] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.708977][ T7881] EXT4-fs error (device loop3): ext4_empty_dir:3093: inode #12: block 80: comm syz.3.1612: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  109.733747][ T7888] loop6: detected capacity change from 0 to 2048
[  109.740142][ T7881] EXT4-fs warning (device loop3): ext4_empty_dir:3095: inode #12: comm syz.3.1612: directory missing '..'
[  109.793222][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.856916][ T7896] sd 0:0:1:0: device reset
[  109.870669][ T7896] syzkaller0: entered promiscuous mode
[  109.876335][ T7896] syzkaller0: entered allmulticast mode
[  109.998031][ T7909] netlink: 'syz.3.1623': attribute type 1 has an invalid length.
[  110.005822][ T7909] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1623'.
[  110.031869][ T7911] siw: device registration error -23
[  110.251238][ T7923] loop3: detected capacity change from 0 to 2048
[  110.288567][ T5477] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.451801][ T7937] netlink: 'syz.5.1635': attribute type 1 has an invalid length.
[  110.459659][ T7937] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1635'.
[  110.671147][ T7931] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1633'.
[  110.683336][ T7931] loop3: detected capacity change from 0 to 512
[  110.690393][ T7931] EXT4-fs: Ignoring removed i_version option
[  110.696867][ T7931] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  110.707683][ T7931] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e02c, mo2=0002]
[  110.715724][ T7931] System zones: 1-12
[  110.720028][ T7931] EXT4-fs (loop3): orphan cleanup on readonly fs
[  110.726539][ T7931] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1633: invalid indirect mapped block 12 (level 1)
[  110.740420][ T7931] EXT4-fs (loop3): Remounting filesystem read-only
[  110.747376][ T7931] EXT4-fs (loop3): 1 truncate cleaned up
[  110.754055][ T7931] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  110.825197][ T7962] loop4: detected capacity change from 0 to 2048
[  110.971431][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  111.014535][ T7975] siw: device registration error -23
[  111.037396][ T7978] siw: device registration error -23
[  111.058268][ T7973] loop3: detected capacity change from 0 to 4096
[  111.066713][ T7973] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.080488][ T7973] EXT4-fs error (device loop3): ext4_empty_dir:3093: inode #12: block 80: comm syz.3.1648: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  111.100187][ T7973] EXT4-fs warning (device loop3): ext4_empty_dir:3095: inode #12: comm syz.3.1648: directory missing '..'
[  111.120597][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.185358][ T7992] netlink: 'syz.4.1656': attribute type 2 has an invalid length.
[  111.268752][ T8004] loop4: detected capacity change from 0 to 2048
[  111.361350][ T8007] loop4: detected capacity change from 0 to 4096
[  111.370364][ T8007] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.384028][ T8007] EXT4-fs error (device loop4): ext4_empty_dir:3093: inode #12: block 80: comm syz.4.1663: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  111.403765][ T8007] EXT4-fs warning (device loop4): ext4_empty_dir:3095: inode #12: comm syz.4.1663: directory missing '..'
[  111.423652][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.525680][ T8024] loop5: detected capacity change from 0 to 512
[  111.534319][ T8024] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  111.546238][ T8024] EXT4-fs (loop5): orphan cleanup on readonly fs
[  111.558949][ T8024] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  111.575125][ T8024] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #11: comm syz.5.1666: corrupted inode contents
[  111.589903][ T8024] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #11: comm syz.5.1666: mark_inode_dirty error
[  111.614713][ T8024] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.1666: invalid indirect mapped block 327680 (level 0)
[  111.630655][ T8024] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #11: comm syz.5.1666: corrupted inode contents
[  111.635466][ T8035] siw: device registration error -23
[  111.650226][ T8024] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  111.662168][ T8024] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #11: comm syz.5.1666: corrupted inode contents
[  111.675054][ T8024] EXT4-fs error (device loop5): ext4_truncate:4597: inode #11: comm syz.5.1666: mark_inode_dirty error
[  111.686723][ T8024] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  111.696876][ T8024] EXT4-fs (loop5): 1 truncate cleaned up
[  111.887775][ T8066] siw: device registration error -23
[  111.918684][ T8070] loop2: detected capacity change from 0 to 2048
[  112.000678][ T8076] loop2: detected capacity change from 0 to 2048
[  112.075017][ T8080] siw: device registration error -23
[  112.240680][ T8096] loop2: detected capacity change from 0 to 512
[  112.256737][ T8096] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  112.269454][ T8096] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  112.277372][ T8096] System zones: 1-12
[  112.298173][ T8096] EXT4-fs (loop2): 1 truncate cleaned up
[  112.315094][ T8103] loop3: detected capacity change from 0 to 2048
[  112.474822][ T8116] loop2: detected capacity change from 0 to 512
[  112.490157][ T8116] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  112.509637][ T8116] EXT4-fs (loop2): orphan cleanup on readonly fs
[  112.521461][ T8116] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  112.535980][ T8113] loop5: detected capacity change from 0 to 4096
[  112.539244][ T8116] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #11: comm syz.2.1707: corrupted inode contents
[  112.555013][ T8116] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #11: comm syz.2.1707: mark_inode_dirty error
[  112.559127][ T8113] EXT4-fs error (device loop5): ext4_empty_dir:3093: inode #12: block 80: comm syz.5.1708: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  112.586622][ T8113] EXT4-fs warning (device loop5): ext4_empty_dir:3095: inode #12: comm syz.5.1708: directory missing '..'
[  112.586658][ T8116] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1707: invalid indirect mapped block 327680 (level 0)
[  112.637823][ T8116] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #11: comm syz.2.1707: corrupted inode contents
[  112.658434][ T8116] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  112.670472][ T8116] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #11: comm syz.2.1707: corrupted inode contents
[  112.683142][ T8116] EXT4-fs error (device loop2): ext4_truncate:4597: inode #11: comm syz.2.1707: mark_inode_dirty error
[  112.694881][ T8116] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  112.714899][ T8116] EXT4-fs (loop2): 1 truncate cleaned up
[  112.750903][   T29] kauditd_printk_skb: 414 callbacks suppressed
[  112.750919][   T29] audit: type=1326 audit(1751788472.150:44147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8126 comm="syz.4.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f800926e929 code=0x7ffc0000
[  112.751530][ T8127] sd 0:0:1:0: device reset
[  112.757247][   T29] audit: type=1326 audit(1751788472.150:44148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8126 comm="syz.4.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f800926d290 code=0x7ffc0000
[  112.808788][   T29] audit: type=1326 audit(1751788472.150:44149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8126 comm="syz.4.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f800926e929 code=0x7ffc0000
[  112.832306][   T29] audit: type=1326 audit(1751788472.150:44150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8126 comm="syz.4.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f800926e929 code=0x7ffc0000
[  112.860366][   T29] audit: type=1326 audit(1751788472.210:44151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8126 comm="syz.4.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f800926e929 code=0x7ffc0000
[  112.867421][ T8127] syzkaller0: entered promiscuous mode
[  112.883969][   T29] audit: type=1326 audit(1751788472.210:44152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8126 comm="syz.4.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f800926e929 code=0x7ffc0000
[  112.889453][ T8127] syzkaller0: entered allmulticast mode
[  112.912913][   T29] audit: type=1326 audit(1751788472.220:44153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8126 comm="syz.4.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f800926e929 code=0x7ffc0000
[  112.942002][   T29] audit: type=1326 audit(1751788472.260:44154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8126 comm="syz.4.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f800926e929 code=0x7ffc0000
[  112.965544][   T29] audit: type=1326 audit(1751788472.260:44155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8126 comm="syz.4.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f800926e929 code=0x7ffc0000
[  112.989166][   T29] audit: type=1326 audit(1751788472.260:44156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8126 comm="syz.4.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f800926e929 code=0x7ffc0000
[  113.052145][ T8134] loop3: detected capacity change from 0 to 512
[  113.060060][ T8134] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  113.071193][ T8134] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  113.090695][ T8134] System zones: 1-12
[  113.117456][ T8134] EXT4-fs (loop3): 1 truncate cleaned up
[  113.125219][ T8140] siw: device registration error -23
[  113.167285][ T8145] loop4: detected capacity change from 0 to 2048
[  113.300766][ T8155] sd 0:0:1:0: device reset
[  113.325287][ T8155] syzkaller0: entered promiscuous mode
[  113.330900][ T8155] syzkaller0: entered allmulticast mode
[  113.495579][ T8177] loop3: detected capacity change from 0 to 2048
[  113.618295][ T8193] loop2: detected capacity change from 0 to 512
[  113.633220][ T8193] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  113.658208][ T8193] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  113.675426][ T8193] System zones: 1-12
[  113.687595][ T8193] EXT4-fs (loop2): 1 truncate cleaned up
[  113.785710][ T8180] loop6: detected capacity change from 0 to 4096
[  113.815617][ T8185] xt_hashlimit: max too large, truncated to 1048576
[  113.825005][ T8180] EXT4-fs error (device loop6): ext4_empty_dir:3093: inode #12: block 80: comm syz.6.1736: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  113.846370][ T8185] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  113.859847][ T8211] loop2: detected capacity change from 0 to 512
[  113.860475][ T8180] EXT4-fs warning (device loop6): ext4_empty_dir:3095: inode #12: comm syz.6.1736: directory missing '..'
[  113.867184][ T8211] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  113.899530][ T8211] EXT4-fs (loop2): orphan cleanup on readonly fs
[  113.918625][ T8211] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  113.949558][ T8211] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #11: comm syz.2.1747: corrupted inode contents
[  113.979181][ T8211] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #11: comm syz.2.1747: mark_inode_dirty error
[  113.995688][ T8222] netlink: 'syz.4.1752': attribute type 2 has an invalid length.
[  114.003405][ T8211] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1747: invalid indirect mapped block 327680 (level 0)
[  114.003592][ T8211] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #11: comm syz.2.1747: corrupted inode contents
[  114.029790][ T8211] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  114.047281][ T8211] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #11: comm syz.2.1747: corrupted inode contents
[  114.064985][ T8211] EXT4-fs error (device loop2): ext4_truncate:4597: inode #11: comm syz.2.1747: mark_inode_dirty error
[  114.076451][ T8211] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  114.080403][ T8227] siw: device registration error -23
[  114.094869][ T8211] EXT4-fs (loop2): 1 truncate cleaned up
[  114.108910][ T8230] loop6: detected capacity change from 0 to 512
[  114.115813][ T8230] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  114.127291][ T8230] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  114.135405][ T8230] System zones: 1-12
[  114.140331][ T8230] EXT4-fs (loop6): 1 truncate cleaned up
[  114.166398][ T8237] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1758'.
[  114.210699][ T8243] sd 0:0:1:0: device reset
[  114.220571][ T8243] syzkaller0: entered promiscuous mode
[  114.226110][ T8243] syzkaller0: entered allmulticast mode
[  114.430061][ T8270] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1771'.
[  114.679304][ T8300] sd 0:0:1:0: device reset
[  114.728216][ T8300] syzkaller0: entered promiscuous mode
[  114.733780][ T8300] syzkaller0: entered allmulticast mode
[  114.773700][ T8303] netlink: 'syz.6.1784': attribute type 2 has an invalid length.
[  115.087304][ T8312] loop6: detected capacity change from 0 to 1024
[  115.124883][ T8312] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1789'.
[  115.531090][ T8341] loop6: detected capacity change from 0 to 1024
[  115.583760][ T8341] serio: Serial port ttyS3
[  115.694584][ T8356] loop5: detected capacity change from 0 to 2048
[  115.789437][ T8364] FAULT_INJECTION: forcing a failure.
[  115.789437][ T8364] name failslab, interval 1, probability 0, space 0, times 0
[  115.802236][ T8364] CPU: 1 UID: 0 PID: 8364 Comm: syz.5.1810 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(voluntary) 
[  115.802307][ T8364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  115.802319][ T8364] Call Trace:
[  115.802324][ T8364]  <TASK>
[  115.802331][ T8364]  __dump_stack+0x1d/0x30
[  115.802353][ T8364]  dump_stack_lvl+0xe8/0x140
[  115.802374][ T8364]  dump_stack+0x15/0x1b
[  115.802392][ T8364]  should_fail_ex+0x265/0x280
[  115.802447][ T8364]  ? resv_map_alloc+0x57/0x190
[  115.802472][ T8364]  should_failslab+0x8c/0xb0
[  115.802494][ T8364]  __kmalloc_cache_noprof+0x4c/0x320
[  115.802563][ T8364]  resv_map_alloc+0x57/0x190
[  115.802592][ T8364]  hugetlbfs_get_inode+0x67/0x370
[  115.802625][ T8364]  hugetlb_file_setup+0x192/0x3d0
[  115.802688][ T8364]  ksys_mmap_pgoff+0x157/0x310
[  115.802724][ T8364]  x64_sys_call+0x1602/0x2fb0
[  115.802742][ T8364]  do_syscall_64+0xd2/0x200
[  115.802762][ T8364]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  115.802803][ T8364]  ? clear_bhb_loop+0x40/0x90
[  115.802821][ T8364]  ? clear_bhb_loop+0x40/0x90
[  115.802857][ T8364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.802892][ T8364] RIP: 0033:0x7faa631be929
[  115.802907][ T8364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.802927][ T8364] RSP: 002b:00007faa61827038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  115.802944][ T8364] RAX: ffffffffffffffda RBX: 00007faa633e5fa0 RCX: 00007faa631be929
[  115.802960][ T8364] RDX: 0000000007000001 RSI: 0000000000800006 RDI: 0000200000800000
[  115.802970][ T8364] RBP: 00007faa61827090 R08: ffffffffffffffff R09: 0000000000002000
[  115.802980][ T8364] R10: 000000000006e073 R11: 0000000000000246 R12: 0000000000000001
[  115.803052][ T8364] R13: 0000000000000000 R14: 00007faa633e5fa0 R15: 00007fffbe582c98
[  115.803072][ T8364]  </TASK>
[  116.058836][ T8373] netlink: 'syz.5.1814': attribute type 1 has an invalid length.
[  116.066796][ T8373] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1814'.
[  116.112226][ T8379] loop2: detected capacity change from 0 to 1024
[  116.122816][ T8379] EXT4-fs: Ignoring removed nobh option
[  116.130064][ T8379] EXT4-fs: Ignoring removed bh option
[  116.138292][ T8379] syz.2.1816: attempt to access beyond end of device
[  116.138292][ T8379] loop2: rw=4096, sector=2, nr_sectors = 2 limit=0
[  116.151651][ T8379] EXT4-fs (loop2): unable to read superblock
[  116.580000][ T8407] loop6: detected capacity change from 0 to 512
[  116.586712][ T8407] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  116.595957][ T8407] EXT4-fs (loop6): orphan cleanup on readonly fs
[  116.602698][ T8407] EXT4-fs error (device loop6): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  116.617227][ T8407] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #11: comm syz.6.1826: corrupted inode contents
[  116.629289][ T8407] EXT4-fs error (device loop6): ext4_dirty_inode:6459: inode #11: comm syz.6.1826: mark_inode_dirty error
[  116.641041][ T8407] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.1826: invalid indirect mapped block 327680 (level 0)
[  116.654979][ T8407] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #11: comm syz.6.1826: corrupted inode contents
[  116.667027][ T8407] EXT4-fs error (device loop6) in ext4_orphan_del:305: Corrupt filesystem
[  116.675749][ T8407] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #11: comm syz.6.1826: corrupted inode contents
[  116.688618][ T8407] EXT4-fs error (device loop6): ext4_truncate:4597: inode #11: comm syz.6.1826: mark_inode_dirty error
[  116.699935][ T8407] EXT4-fs error (device loop6) in ext4_process_orphan:347: Corrupt filesystem
[  116.709044][ T8407] EXT4-fs (loop6): 1 truncate cleaned up
[  116.801501][ T8413] tipc: Can't bind to reserved service type 0
[  117.075008][ T8415] loop2: detected capacity change from 0 to 512
[  117.093359][ T8415] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  117.131035][ T8415] EXT4-fs (loop2): orphan cleanup on readonly fs
[  117.139409][ T8431] netlink: 'syz.6.1836': attribute type 1 has an invalid length.
[  117.147172][ T8431] netlink: 224 bytes leftover after parsing attributes in process `syz.6.1836'.
[  117.171325][ T8415] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  117.189661][ T8415] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #11: comm syz.2.1829: corrupted inode contents
[  117.205122][ T8415] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #11: comm syz.2.1829: mark_inode_dirty error
[  117.218098][ T8415] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1829: invalid indirect mapped block 327680 (level 0)
[  117.232794][ T8415] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #11: comm syz.2.1829: corrupted inode contents
[  117.251162][ T8415] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  117.260668][ T8415] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #11: comm syz.2.1829: corrupted inode contents
[  117.272719][ T8415] EXT4-fs error (device loop2): ext4_truncate:4597: inode #11: comm syz.2.1829: mark_inode_dirty error
[  117.285272][ T8415] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  117.294429][ T8415] EXT4-fs (loop2): 1 truncate cleaned up
[  117.321963][ T8444] xt_HMARK: spi-set and port-set can't be combined
[  117.359569][ T8449] netlink: 'syz.2.1843': attribute type 10 has an invalid length.
[  117.368397][ T8444] loop6: detected capacity change from 0 to 2048
[  117.378877][ T8449] veth0_macvtap: left promiscuous mode
[  117.387377][ T8449] veth0_macvtap: entered promiscuous mode
[  117.394911][ T8449] team0: Device macvtap0 failed to register rx_handler
[  117.403507][ T8449] veth0_macvtap: left promiscuous mode
[  117.680605][ T8480] FAULT_INJECTION: forcing a failure.
[  117.680605][ T8480] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  117.693928][ T8480] CPU: 0 UID: 0 PID: 8480 Comm: +}[@ Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(voluntary) 
[  117.693954][ T8480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  117.694003][ T8480] Call Trace:
[  117.694009][ T8480]  <TASK>
[  117.694016][ T8480]  __dump_stack+0x1d/0x30
[  117.694040][ T8480]  dump_stack_lvl+0xe8/0x140
[  117.694061][ T8480]  dump_stack+0x15/0x1b
[  117.694080][ T8480]  should_fail_ex+0x265/0x280
[  117.694186][ T8480]  should_fail+0xb/0x20
[  117.694216][ T8480]  should_fail_usercopy+0x1a/0x20
[  117.694249][ T8480]  _copy_to_user+0x20/0xa0
[  117.694294][ T8480]  simple_read_from_buffer+0xb5/0x130
[  117.694331][ T8480]  proc_fail_nth_read+0x100/0x140
[  117.694366][ T8480]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  117.694428][ T8480]  vfs_read+0x1a0/0x6f0
[  117.694458][ T8480]  ? __rcu_read_unlock+0x4f/0x70
[  117.694482][ T8480]  ? __fget_files+0x184/0x1c0
[  117.694570][ T8480]  ksys_read+0xda/0x1a0
[  117.694605][ T8480]  __x64_sys_read+0x40/0x50
[  117.694639][ T8480]  x64_sys_call+0x2d77/0x2fb0
[  117.694663][ T8480]  do_syscall_64+0xd2/0x200
[  117.694705][ T8480]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  117.694727][ T8480]  ? clear_bhb_loop+0x40/0x90
[  117.694751][ T8480]  ? clear_bhb_loop+0x40/0x90
[  117.694817][ T8480]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.694872][ T8480] RIP: 0033:0x7f9fa218d33c
[  117.694888][ T8480] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  117.694907][ T8480] RSP: 002b:00007f9fa07f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  117.694999][ T8480] RAX: ffffffffffffffda RBX: 00007f9fa23b5fa0 RCX: 00007f9fa218d33c
[  117.695012][ T8480] RDX: 000000000000000f RSI: 00007f9fa07f70a0 RDI: 0000000000000003
[  117.695025][ T8480] RBP: 00007f9fa07f7090 R08: 0000000000000000 R09: 0000000000000000
[  117.695037][ T8480] R10: 0000000000002000 R11: 0000000000000246 R12: 0000000000000001
[  117.695047][ T8480] R13: 0000000000000000 R14: 00007f9fa23b5fa0 R15: 00007ffd6ccca288
[  117.695064][ T8480]  </TASK>
[  117.910341][   T29] kauditd_printk_skb: 679 callbacks suppressed
[  117.910374][   T29] audit: type=1400 audit(1751788477.310:44836): avc:  denied  { unmount } for  pid=3312 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  117.945383][   T29] audit: type=1326 audit(1751788477.340:44837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8481 comm="syz.3.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa218e929 code=0x7ffc0000
[  117.970392][   T29] audit: type=1326 audit(1751788477.340:44838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8481 comm="syz.3.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa218e929 code=0x7ffc0000
[  117.994088][   T29] audit: type=1326 audit(1751788477.340:44839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8481 comm="syz.3.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f9fa218e929 code=0x7ffc0000
[  118.017518][   T29] audit: type=1326 audit(1751788477.340:44840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8481 comm="syz.3.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa218e929 code=0x7ffc0000
[  118.142748][ T8491] syzkaller0: entered promiscuous mode
[  118.148332][ T8491] syzkaller0: entered allmulticast mode
[  118.168941][ T8488] loop3: detected capacity change from 0 to 4096
[  118.179194][ T8488] EXT4-fs error (device loop3): ext4_empty_dir:3093: inode #12: block 80: comm syz.3.1859: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  118.198779][ T8488] EXT4-fs warning (device loop3): ext4_empty_dir:3095: inode #12: comm syz.3.1859: directory missing '..'
[  118.238694][   T29] audit: type=1400 audit(1751788477.640:44841): avc:  denied  { setopt } for  pid=8494 comm="syz.5.1861" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  118.287103][   T29] audit: type=1326 audit(1751788477.680:44842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8496 comm="syz.6.1863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61683be929 code=0x7ffc0000
[  118.336028][   T29] audit: type=1326 audit(1751788477.680:44843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8496 comm="syz.6.1863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f61683be929 code=0x7ffc0000
[  118.359814][   T29] audit: type=1326 audit(1751788477.680:44844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8496 comm="syz.6.1863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61683be929 code=0x7ffc0000
[  118.383484][   T29] audit: type=1326 audit(1751788477.680:44845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8496 comm="syz.6.1863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61683be929 code=0x7ffc0000
[  118.528884][ T8519] netlink: 244 bytes leftover after parsing attributes in process `syz.3.1871'.
[  118.572124][ T8523] loop2: detected capacity change from 0 to 2048
[  118.618331][ T8523] Alternate GPT is invalid, using primary GPT.
[  118.624683][ T8523]  loop2: p1 p2 p3
[  118.635562][ T8523] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1872'.
[  118.654867][ T8525] loop3: detected capacity change from 0 to 512
[  118.662495][ T8525] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  118.674574][ T8532] siw: device registration error -23
[  118.699891][ T8525] EXT4-fs (loop3): orphan cleanup on readonly fs
[  118.706685][ T8525] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  118.722139][ T8525] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.1873: corrupted inode contents
[  118.735748][ T8525] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #11: comm syz.3.1873: mark_inode_dirty error
[  118.778801][ T8525] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1873: invalid indirect mapped block 327680 (level 0)
[  118.792771][ T8525] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.1873: corrupted inode contents
[  118.805797][ T8525] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  118.814574][ T8525] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #11: comm syz.3.1873: corrupted inode contents
[  118.830568][ T8525] EXT4-fs error (device loop3): ext4_truncate:4597: inode #11: comm syz.3.1873: mark_inode_dirty error
[  118.841856][ T8525] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  118.851911][ T8525] EXT4-fs (loop3): 1 truncate cleaned up
[  118.875723][ T8544] loop5: detected capacity change from 0 to 2048
[  118.914967][ T8550] netlink: 244 bytes leftover after parsing attributes in process `syz.3.1883'.
[  118.975128][ T8561] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1887'.
[  118.975128][ T8560] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1887'.
[  118.975215][ T8560] netlink: 'syz.5.1887': attribute type 3 has an invalid length.
[  118.975253][ T8561] ==================================================================
[  118.975288][ T8561] BUG: KCSAN: data-race in data_push_tail / vsnprintf
[  118.975333][ T8561] 
[  118.975341][ T8561] write to 0xffffffff88e5b690 of 11 bytes by task 8560 on cpu 0:
[  118.975359][ T8561]  vsnprintf+0x2ce/0x890
[  118.975395][ T8561]  vscnprintf+0x41/0x90
[  118.975422][ T8561]  printk_sprint+0x30/0x2d0
[  118.975442][ T8561]  vprintk_store+0x599/0x860
[  118.975459][ T8561]  vprintk_emit+0x178/0x650
[  118.975474][ T8561]  vprintk_default+0x26/0x30
[  118.975494][ T8561]  vprintk+0x1d/0x30
[  118.975520][ T8561]  _printk+0x79/0xa0
[  118.975551][ T8561]  __nla_validate_parse+0x1738/0x1d00
[  118.975573][ T8561]  __nla_parse+0x40/0x60
[  118.975592][ T8561]  rtnl_newlink+0xf1/0x12d0
[  118.975614][ T8561]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  118.975635][ T8561]  netlink_rcv_skb+0x123/0x220
[  118.975671][ T8561]  rtnetlink_rcv+0x1c/0x30
[  118.975688][ T8561]  netlink_unicast+0x59e/0x670
[  118.975725][ T8561]  netlink_sendmsg+0x58b/0x6b0
[  118.975746][ T8561]  __sock_sendmsg+0x142/0x180
[  118.975773][ T8561]  ____sys_sendmsg+0x31e/0x4e0
[  118.975809][ T8561]  ___sys_sendmsg+0x17b/0x1d0
[  118.975843][ T8561]  __x64_sys_sendmsg+0xd4/0x160
[  118.975858][ T8561]  x64_sys_call+0x2999/0x2fb0
[  118.975877][ T8561]  do_syscall_64+0xd2/0x200
[  118.975896][ T8561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.975919][ T8561] 
[  118.975927][ T8561] read to 0xffffffff88e5b698 of 8 bytes by task 8561 on cpu 1:
[  118.975945][ T8561]  data_push_tail+0xfd/0x420
[  118.975980][ T8561]  data_alloc+0xbf/0x2b0
[  118.976008][ T8561]  prb_reserve+0x808/0xaf0
[  118.976033][ T8561]  vprintk_store+0x56d/0x860
[  118.976048][ T8561]  vprintk_emit+0x178/0x650
[  118.976063][ T8561]  vprintk_default+0x26/0x30
[  118.976083][ T8561]  vprintk+0x1d/0x30
[  118.976110][ T8561]  _printk+0x79/0xa0
[  118.976140][ T8561]  __nla_validate_parse+0x1738/0x1d00
[  118.976161][ T8561]  __nla_parse+0x40/0x60
[  118.976180][ T8561]  rtnl_newlink+0xf1/0x12d0
[  118.976200][ T8561]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  118.976217][ T8561]  netlink_rcv_skb+0x123/0x220
[  118.976248][ T8561]  rtnetlink_rcv+0x1c/0x30
[  118.976270][ T8561]  netlink_unicast+0x59e/0x670
[  118.976301][ T8561]  netlink_sendmsg+0x58b/0x6b0
[  118.976319][ T8561]  __sock_sendmsg+0x142/0x180
[  118.976338][ T8561]  ____sys_sendmsg+0x31e/0x4e0
[  118.976366][ T8561]  ___sys_sendmsg+0x17b/0x1d0
[  118.976406][ T8561]  __x64_sys_sendmsg+0xd4/0x160
[  118.976427][ T8561]  x64_sys_call+0x2999/0x2fb0
[  118.976452][ T8561]  do_syscall_64+0xd2/0x200
[  118.976471][ T8561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.976489][ T8561] 
[  118.976494][ T8561] value changed: 0x00000000ffffea0f -> 0x7365747962203820
[  118.976505][ T8561] 
[  118.976511][ T8561] Reported by Kernel Concurrency Sanitizer on:
[  118.976525][ T8561] CPU: 1 UID: 0 PID: 8561 Comm: syz.5.1887 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(voluntary) 
[  118.976554][ T8561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  118.976570][ T8561] ==================================================================
[  119.300024][ T8561] netlink: 'syz.5.1887': attribute type 3 has an invalid length.