last executing test programs:

1.559280133s ago: executing program 4 (id=1426):
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x10, &(0x7f0000000040)={[{@usrjquota}]}, 0x1, 0x3e7, &(0x7f0000000480)="$eJzs3E1vG0UfAPD/bl7apn1qV3oOvFwsQCISImnSFqgEEhEXDu2JHjhixWmJ6jSoMRKtIl4E4gYSiA8AB+AjcIQD3wHOwAEqRSgHUm5Ga+86Jn5pQx0skt9PGnlmZ+OZ9WTWu+PZCeDIqkTEixExERFnI6KUb0/zEO+2Q7bfzvbm8p/bm8tJNJuv/J5Ekm8r3ivJX0/mbzCbRqQfJPFon3I3bt2+Xq3XV27m6fnG2hvzG7duP726Vr22cm3lxuIz585fuPDcxcVnR3asW2vJR098demXTz6sffrDb9+Ws/qeyvO6j2NUKlHpfCZ7XRx1YWN2vCueTI6xIgAADJXm1/6Trev/UkzE7sVbKT7+fqyVAwAAAEai2SxeAQAAgMMrce8PAAAAh1wxD2Bne3O5CGOcjsC/bGspIsrt9r+bh3bOZOeZ3qk9z/eOUiUiXj5+eTELcUDPYQMAAAAcZd8ttRf+6x3/S+Ohrv1ORMRMsbbfCFX2pHvHf9I7Iy6SLltLEc9HxN2e8b+02KU8kaf+1xoqnEqurtZXzkbE6YiYjaljWXphSBlvP3b960F53eN/n//86kJWfva6u0d6Z/LY3/+mVm1UH+SY2bX1XsQjk/3aP+mM+Xavk/lPvLa688KgvKz9s/YuQm/7c5CaX0Q82bf/765cmgxfn3W+dT6YL84KvX469eX7g8rv7v9ZyMovfgvg4GX9f2Z4+7fWye2s17ux/zK++ePyj4Py7t3+/c//08mVVgWn821vVRuNmwsR08ml3u3+mzqKz6P4vLL2n328//d/cf2X5N/9p7vWh+4x5AfCl945c2VQnv4/Xln71/bV//cfeX3m4dlB5d9f/z/fqkzxJq7/7u1+G2jc9QQAAAAAAABgNNLW3L4knevE03Rurj3P9/8xk9bXNxpPXV1/80atPQewHFNpMdOr1DUfdKH9GHknvbgnfS4izkTEZ6UTrfTc8nq9Nu6DBwAAgCPi5ID7/8yvAx/2AAAAAP5zyuOuAAAAAHDg3P8DAADAofYg6/qLiIgc1si4z0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR9tfAQAA///8h8MD")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x3)
write(r1, &(0x7f0000000740)="cc", 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
ptrace$peek(0x3, r2, &(0x7f0000000180))
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
prlimit64(0x0, 0xe, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r6}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)

1.039788015s ago: executing program 1 (id=1460):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x20002)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000014c0)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001380)={0x11, 0x19, &(0x7f0000001740)=ANY=[@ANYBLOB="180800000600000000000000000000008510"], &(0x7f0000001340)='syzkaller\x00', 0xa, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x1}, 0x94)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r5, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r7, &(0x7f0000003340)=[{{0x0, 0xfffffffffffffed1, &(0x7f0000000280)=[{&(0x7f0000000600)='4', 0x1}], 0x1, &(0x7f00000002c0)=[@rights={{0x10}}], 0x10, 0x40}}], 0x1, 0x0)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
splice(r6, 0x0, r8, 0x0, 0x39011, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000200)={<r9=>0x0, 0x1c, &(0x7f0000001440)=[@in6={0xa, 0x4e20, 0x5, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f0000000240)=0xc)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r5, 0x84, 0x7a, &(0x7f0000000340)={r9, @in6={{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, &(0x7f0000000040)=0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x18, &(0x7f0000000440)=ANY=[@ANYBLOB="18fcffffffffffffff0000000500000018110000d5903d0fe25ee49d69c127a073c160a2e47ba3c3e5dd5f4ef66aede2387e24f6a5867909d956a80475a81b48eb04a23fd18dec90db36f40eebdcd557a2323c2f6312963b330c7b2b762675577d309b6e97d5c60c2e7909bd1126fd0d8067883f546b874a3def588f8141dd1f7b18446fcef0f36c55ee16878fe632cb3ac4fab8b89cbc7caabe65831a1bedf5ee7f49416e9c2601b720b77b977da661a230b65c1782240b463b9e4aa74f783504234fd4da8e69fc24dcbfe03362320b4b1ab91d5cfa7b694fe192785f68592068", @ANYRES32, @ANYBLOB="0000000000000000b7080000090000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], 0x0, 0x8, 0x0, 0x0, 0x41100, 0x71, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x2, 0x8, 0x472, 0x5}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000040)=[0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000001700), 0x10, 0xb}, 0x94)
getgid()
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a4fc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b87f7c40a1702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f600e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10f9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80729fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a85430600f1e49db5a5517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a00000000000000000000000047e628cd57cde4268f47c9aaec3a3dfe43e032b88ea53656a8740c1a4e0a99be5c97ba451d8b2b0f4e12ba96082e0f6b2dabe716699090058e61a38ce85611945106dd1309087d3a2cf3aaef6216ff3720c3917170544a509071166565eaa3c9285b5227f520cd47"], 0x0}, 0x94)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))

683.748825ms ago: executing program 1 (id=1473):
r0 = socket$inet6(0xa, 0x3, 0x3c)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4000, 0x0, @remote, 0x5}, 0x1c)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0x5aa}], 0x1)

671.601105ms ago: executing program 1 (id=1474):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000040)={[], [{@rootcontext={'rootcontext', 0x3d, 'root'}}, {@smackfsdef={'smackfsdef', 0x3d, 'ext4\x00'}}, {@obj_user}, {@fsuuid={'fsuuid', 0x3d, {[0x30, 0x39, 0x39, 0x66, 0x62, 0x34, 0x56, 0x32], 0x2d, [0x39, 0x36, 0x38, 0x36], 0x2d, [0x37, 0x65, 0x33, 0x37], 0x2d, [0x64, 0x72, 0x66, 0x62], 0x2d, [0x0, 0x65, 0x34, 0x32, 0x31, 0x61, 0x65, 0x66]}}}, {@obj_role={'obj_role', 0x3d, 'ext4\x00'}}, {@seclabel}]}, 0x0, 0x79c, &(0x7f0000001700)="$eJzs3c9rXNUeAPDvnck0Tdr3kgcP3qurgKCB0ompsVVwUXEhgoWCrm2HyTS0mWRKZlKaELBFBDeCFheCbrquWndu/bHV/8KFtFSbFisuJHInM+00mUmTJpkp5POB255zf53zvef+OJN7mAlgzxpJ/8lEHIqIj5OIocb8JCJy9VRfxInV9e4vLxXTKYmVlbd/T+rr3FteKkbLNqkDjcz/I+KHDyIOZ9aXW11YnC6Uy6W5Rn6sNnNhrLqweOTcTGGqNFWaPTY+MXH0+EvHj+1crH/8vHjw1idvPP/1ib/e/9+Nj35M4kQcbCxrjWOnjMRI45jk0kP4iNd3urAeS3pdAZ5IemlmV6/yOBRDka2nOhjoZs0AgN3yXkSsAAB7TOL5DwB7TPPvAPeWl4rNqbd/keiu269FxP7V+JvvN1eX9DXe2e2vvwcdvJc88mYkiYjhHSh/JCK++PbdL9Mpduk9JEA7l69ExJnhkfX3/2TdmIWtemET66x92+z+B93zXdr/ebld/y/zoP8Tbfo//c2xY9u0dh/rr//MzR0opqO0//dqy9i2+y3xNwxnG7l/1ft8ueTsuXIpvbf9OyJGI9ef5sc3KGP07t93Oy1r7f/duXr+elr+nWxcf7hG5mZf/yObZLcV8Bq3r0Q809cu/uRB+ycd+r+nNlnGm698+HmnZWn8adzNqR7/1fPXtxXUFqxci3iubfs/HNGWtBufOJVrjE8cq58OY82Too1vfvlssFP5re2fTmn5zc8C3ZC2/+DG8Q8nreM1q1sv46drQ993XJh5XPzrzv+YLNQK+5J36ul9jXmXCrXa3HjEvuSt9fOPPty2mW+un8Y/+mz763+j8z/9THhmk/H33frtq07Lnob2n9xS+289ceP+dMd71uPjT9t/op4abcxJ2/9xcW22gts5dgAAAAAAAAAAAAAAAAAAAAAAAACwWZmIOBhJJv8gncnk86u/4f3fGMyUK9Xa4bOV+dnJqP9W9nDkMs2vuhxq+T7U8cb34TfzR9fkX4yI/0TEp/0D9Xy+WClP9jp4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGg40OH3/1O/9ve6dgDArtnf6woAAF3n+Q8Ae8/Wnv8Du1YPAKB7fP4HgL3H8x8A9h7PfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbZqZMn02nlz+WlYpqfvLgwP125eGSyVJ3Oz8wX88XK3IX8VKUyVS7li5WZjju6vPpfuVK5MBGz85fGaqVqbay6sHh6pjI/Wzt9bqYwVTpdynUtMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYvOrC4nShXC7NbSeR7mgn9tOtRP/TUQ2JriaysXtF5OKJNs9GRK8Py0YXddNAz+5PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+7fwIAAP//IIQicg==")
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000500)={0xffffffffffffffff, 0xc0}, 0xc)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c010000100013070000000000000000ffffffff000000000000000000000000ff60000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000033000000ff0100000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000fdffffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000006a000000000000004c001400636d61632861657329"], 0x13c}}, 0x0)
r4 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r4, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xfffffffe, 0x3ff}}, './file0\x00'})
r5 = socket(0x2a, 0x2, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r7=>0x0})
sendto$packet(r6, &(0x7f0000000240)="f2435f0100088000000000850800", 0xe, 0x0, &(0x7f0000000200)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @link_local}, 0x14)
r8 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r3, 0x10e, 0x5, &(0x7f0000000440)=0x8000, 0x4)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c00000013000100000000000000000000000002", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=r7, @ANYBLOB="1400350064756d6d7930"], 0x3c}}, 0x0)
ioctl$SIOCSIFMTU(r5, 0x8922, &(0x7f0000000080)={'dummy0\x00'})
socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c000280050001000600000008000a0079"], 0x44}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.current\x00', 0x275a, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000020000103feffffff0000000002000000000000000400010008000a000008000005001e"], 0x50}}, 0x4000850)

592.231622ms ago: executing program 4 (id=1480):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x18, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x6e80}, [@nested={0x4, 0x1, 0x0, 0x1, [@generic]}]}, 0x18}}, 0x0)

564.366884ms ago: executing program 4 (id=1482):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0x400}, 0x100002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x8, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000130000000000000000010018110000", @ANYRES64=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
move_pages(0x0, 0x2064, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], &(0x7f0000001180), &(0x7f0000000000), 0x0)
r2 = socket(0x2c, 0x3, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "1e00040000000100"}, 0x28)
write$binfmt_script(r3, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
writev(r3, &(0x7f0000000100)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1)
close_range(r2, r3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6185}, 0x94)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0x10}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x78}, 0x1, 0x0, 0x0, 0x8800}, 0x24000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r5, 0x0, 0x6}, 0x18)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e20, @multicast2}, 0x10)

550.934075ms ago: executing program 1 (id=1484):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x20002)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000014c0)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001380)={0x11, 0x19, &(0x7f0000001740)=ANY=[@ANYBLOB="180800000600000000000000000000008510"], &(0x7f0000001340)='syzkaller\x00', 0xa, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x1}, 0x94)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r5, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r7, &(0x7f0000003340)=[{{0x0, 0xfffffffffffffed1, &(0x7f0000000280)=[{&(0x7f0000000600)='4', 0x1}], 0x1, &(0x7f00000002c0)=[@rights={{0x10}}], 0x10, 0x40}}], 0x1, 0x0)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
splice(r6, 0x0, r8, 0x0, 0x39011, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000200)={<r9=>0x0, 0x1c, &(0x7f0000001440)=[@in6={0xa, 0x4e20, 0x5, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f0000000240)=0xc)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r5, 0x84, 0x7a, &(0x7f0000000340)={r9, @in6={{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, &(0x7f0000000040)=0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x18, &(0x7f0000000440)=ANY=[@ANYBLOB="18fcffffffffffffff0000000500000018110000d5903d0fe25ee49d69c127a073c160a2e47ba3c3e5dd5f4ef66aede2387e24f6a5867909d956a80475a81b48eb04a23fd18dec90db36f40eebdcd557a2323c2f6312963b330c7b2b762675577d309b6e97d5c60c2e7909bd1126fd0d8067883f546b874a3def588f8141dd1f7b18446fcef0f36c55ee16878fe632cb3ac4fab8b89cbc7caabe65831a1bedf5ee7f49416e9c2601b720b77b977da661a230b65c1782240b463b9e4aa74f783504234fd4da8e69fc24dcbfe03362320b4b1ab91d5cfa7b694fe192785f68592068", @ANYRES32, @ANYBLOB="0000000000000000b7080000090000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], 0x0, 0x8, 0x0, 0x0, 0x41100, 0x71, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x2, 0x8, 0x472, 0x5}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000040)=[0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000001700), 0x10, 0xb}, 0x94)
getgid()
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a4fc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b87f7c40a1702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f600e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10f9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80729fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a85430600f1e49db5a5517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a00000000000000000000000047e628cd57cde4268f47c9aaec3a3dfe43e032b88ea53656a8740c1a4e0a99be5c97ba451d8b2b0f4e12ba96082e0f6b2dabe716699090058e61a38ce85611945106dd1309087d3a2cf3aaef6216ff3720c3917170544a509071166565eaa3c9285b5227f520cd47"], 0x0}, 0x94)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))

502.598679ms ago: executing program 4 (id=1487):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8f0, &(0x7f0000002400)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x2}])

478.451501ms ago: executing program 2 (id=1490):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
listen(r0, 0x1)
r3 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r3, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0}, 0x0)
close(r3)
accept4(r0, 0x0, 0x0, 0x400000000000000)

399.244978ms ago: executing program 4 (id=1491):
r0 = socket$igmp6(0xa, 0x3, 0x3a)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7}, 0x18)
setsockopt$MRT6_ADD_MFC(r0, 0x29, 0x22, 0x0, 0x0)

399.031558ms ago: executing program 4 (id=1492):
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x10, &(0x7f0000000040)={[{@usrjquota}]}, 0x1, 0x3e7, &(0x7f0000000480)="$eJzs3E1vG0UfAPD/bl7apn1qV3oOvFwsQCISImnSFqgEEhEXDu2JHjhixWmJ6jSoMRKtIl4E4gYSiA8AB+AjcIQD3wHOwAEqRSgHUm5Ga+86Jn5pQx0skt9PGnlmZ+OZ9WTWu+PZCeDIqkTEixExERFnI6KUb0/zEO+2Q7bfzvbm8p/bm8tJNJuv/J5Ekm8r3ivJX0/mbzCbRqQfJPFon3I3bt2+Xq3XV27m6fnG2hvzG7duP726Vr22cm3lxuIz585fuPDcxcVnR3asW2vJR098demXTz6sffrDb9+Ws/qeyvO6j2NUKlHpfCZ7XRx1YWN2vCueTI6xIgAADJXm1/6Trev/UkzE7sVbKT7+fqyVAwAAAEai2SxeAQAAgMMrce8PAAAAh1wxD2Bne3O5CGOcjsC/bGspIsrt9r+bh3bOZOeZ3qk9z/eOUiUiXj5+eTELcUDPYQMAAAAcZd8ttRf+6x3/S+Ohrv1ORMRMsbbfCFX2pHvHf9I7Iy6SLltLEc9HxN2e8b+02KU8kaf+1xoqnEqurtZXzkbE6YiYjaljWXphSBlvP3b960F53eN/n//86kJWfva6u0d6Z/LY3/+mVm1UH+SY2bX1XsQjk/3aP+mM+Xavk/lPvLa688KgvKz9s/YuQm/7c5CaX0Q82bf/765cmgxfn3W+dT6YL84KvX469eX7g8rv7v9ZyMovfgvg4GX9f2Z4+7fWye2s17ux/zK++ePyj4Py7t3+/c//08mVVgWn821vVRuNmwsR08ml3u3+mzqKz6P4vLL2n328//d/cf2X5N/9p7vWh+4x5AfCl945c2VQnv4/Xln71/bV//cfeX3m4dlB5d9f/z/fqkzxJq7/7u1+G2jc9QQAAAAAAABgNNLW3L4knevE03Rurj3P9/8xk9bXNxpPXV1/80atPQewHFNpMdOr1DUfdKH9GHknvbgnfS4izkTEZ6UTrfTc8nq9Nu6DBwAAgCPi5ID7/8yvAx/2AAAAAP5zyuOuAAAAAHDg3P8DAADAofYg6/qLiIgc1si4z0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR9tfAQAA///8h8MD")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x3)
write(r1, &(0x7f0000000740)="cc", 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
ptrace$peek(0x3, r2, &(0x7f0000000180))
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
prlimit64(0x0, 0xe, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r6}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)

373.34067ms ago: executing program 0 (id=1493):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x7, 0x2c450, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x3, 0x8, 0x8, 0x20002, 0x40b, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000200), 0x54801)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000240)='kmem_cache_free\x00', r2, 0x0, 0x80000001}, 0x18)
r3 = syz_pidfd_open(0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000440)=ANY=[@ANYBLOB="0a000000bbbbbbbbbbbbaaaaaaaaaabb86dd6d0020000018111fcb2450a4361e94000080000000000000ff0200000000000000000000000000014f194e2000189078040000000b0000000000010000000000"], 0x52)
write$qrtrtun(r0, &(0x7f0000000240), 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
vmsplice(r3, &(0x7f00000006c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xa}, {&(0x7f00000015c0)="5fb7a40019743e6beb2bc962937264835bc9d3067da727a82a91c0bad434d5e70c161ff2f579fa007252a9fcc940b9d76e3a948f39cbf0ce08495cd964557b8b648fdb0383be1737495d0dc143331b69a5b6c3136581a236f388cbcee67e6aecb881792e214f540679a6a97ab9a8ff4073c7a312cde426c25329f934e4c0fbe8e80f353e613a2d2012870d68cb9aedf77fe236bac453ca04d98d7c13a7ed86d2b39b928c1626a9c4c57df43c6c9828502c551ce7e057efe02a2ca655c2b27a5cb0f62092c29d8149ca540f0363998b118ab075e8838148ec3a34a546b986c079fd7ea52b238b7ef2a9f1cf6322bccd2c641c024e101b32b7ab3a657442829531b9242472d217d7ea3ac130c1e6e008a8c6d78c1caf7c420413f32f04f3ee454c289705e941d1acd6b25cc47cfbf7858f7b6b6d2589d3cede37c010cb7d0a310b23fc3a76dca8481cc9125194229ba1a92d4a44c4ab8a032fb30cb88bf62e34e68b8becf18c90f788e77830f5a21d45d44368df5d31ac94cd38c0014f452a516f7c1159040f1b57c494dd9353648ad262d394fbeea2bd4c463f345fe5c414ba0559be6a11d5ba6be8d59795f829789f20a2a2493fea4d298b4f878d5127bd02329241ca9814e70f4dece0cc1c66e60aa6389a30c6e90f65b3c366ec774dce2988358be8df08f1cf163b562d3d2ac04638af530734591611feee8743b6ce7efcf5373e3d6df71113e343e7786fbf5bf6e6118725e67cdc514f2d826c522ebe79c79c6c750e7f03b76aa0e6fdbf2e77b6d1bf9b9e31f96b2e809bc89557d8f8fb3af8da39028ab5357a72ae752c8621b5d5c35508d372d6332c136ad95681eaa70060d24a5d39eaf5ef5a7c6e4bfd5ab290b05e926a98b3382119a7320429770452eb635ad5d72bad0720e1bdca90fe01c0a910a093d0ffea600df1b7f7a8e01537f2af977eadbaf496a34df5a318df7e5fbc1dd1cf9377f15e70a0657b77946458a11cd16b8f3f54a232f80247f927fe75f93554987d3baa6277e515b0dd61cef2b66ed89101162f783bd1ceb7113bc5a86a6c46ac33d2f6a9a4b86ad52bb193fad342e01d5b03dad67ce2c3af4ef6cf284a54251ec5e7f13d0fe93c3b2139b7a6dc311ae883fe261ba33c85d0ecb9cf03771255f88fc7eff19f452cb646eef1b34f65c7c2bd775ed8716b2bb813a6256056fa29491dbc6de0b4d722b7ae1c526ff9e7c8daeb4ac06ded432bbf378a936dd8edeef9da7bef09e28a80613a43a7da28b548d33b458aeb7ede232efcaf0780bd5889e4a8a50ae5c731ad3ad4c10a25bce3877c3b181cb4725f86da924a89438236744308b1eaa7a25cd8ecd24dc60aeaa90e5d5f8affd8d6a1950899bd69a8c1817a0218230c8c63334747724b967a87533963b4d5003f400a39793aafc4a187b25d7b4f4d5c6eac9ab692cccc411f67d57d1b679ebbcb403ab1934ecbd2359c1d81cb6a848e295e0a33eb6d5129616a15ed3a05d435dd1edb05a3212ce0f0410cf803f7e9b2e9828fb4d39e1641048f5ff15de95fdd2a48cd8357768c27a007579920d8ce764c5fb521f9370f9b5c9f9368205a30a0b0c72d46e113a50264f61fcd44b63c99edf05a96597eb1512fd94efb6dfd91e68ff0df4aaed9f0156776c6e7413e6ac625b31335fc26f7e9005bf75b1399dd207c933d5e345b8a96cd7bc5b7f9536e44301e4bb607c43a4bea15cc94ad2efea0442410a8d54784dd76697c13a71197ac198009a6bf809e10550b1b56522ec52b2d6e20fed746740b3f8b28e60a639f350d30f801e15a50e7b6501f300b3543e300bba23ece714a2bfd3d39a4119258fd2c6ba6b52928b32373526d89100abe27c12261522d126cc62297bead6b76b037acc3338ce305ef1f975e199ef91a2661edba5047c60f63beac70d50c2430df0882e3b2a2ae080986fbe3e874f424b3a5f22f23646ff00738e6b1c5b12d084c6eaf9a0469681bca4cde9611075142dd583c2a762a83134db4c8412f468b34ec8285d41c96909dcaa465cc3d88a4b89c423790decc48a34b583ffa844078cf07bed554b6f50d50aef990b4439fa24414dc32734a0bed9158a724d703c66e291d0882cfa572e219ef5e052cb1504fed9b822af8a437a26e871ecdae95fffef738abf35e1c5bd2985099c72312a522228053a76db6d2942ce39369edc46339bc1feb855c938e101c385416a64c96049b9231d3cd01ae4fe6915be4f5cc70a134174b8af469a8c478a8e64e76d122624076ef78b6fcadc792c991a649bc94ee4776940d8870e3139251832681eef174c3ebab48bc9446f17ada3f231964b3df79b3dd04fd630ed2c01968a2fc9fffb7023d2a8c8b9fa78a95fcba8deb8e15fe3af4c6daccde49c99955514428338c2fea1217cb5258730c1cc46bacbc665e60732ee9a2edb1d803583fa8f7d362a49ba970b886039b9708b25213efaf818756dedd01cc8d0aa4899ee3888172d270c3ff0fadf86219544bd32e56d4cc13f28eb9b3c1353e2ea05e9a588779c509a899dc18b53e30bc50b65d2f1e158ddb0cf89067b072f323be97ce78cda836827291385c6410960469d694f9afbd92baf3a89b48acb1dd74c02eedf6e667004b1f9e676044baaaf240ef3884e872765cdb860175842070b8de07177980e2c67ac7ca312a7750afc63f555ebd4ec05f26ff83ccc01716ee72bd6ea49e4e9190a275be9ea074ff654f91203e873c0060aa0a766739e9edc01882ad7ab49319a68a882f259be2812a13a5592d5802c21a3458bc0ff394fa7df5077c16a3c04e94315b8214182119c65221c90a90265abc8590ade81720528b6c03b3d2fe31a901b7d3ca3336192c42b88db7d753accab0b85ea5b082958214f9aaf1167794231254b8aa2bfceb51140a7744aaf29782fd068178a09bee09f425c9a06556c0d2582c7d500c6d9924bcff114fef769ca5abfcf09bae40df34b508e783c5f3ffdb6fe20ae1441e73a55514162fb60bc494fc004a17d71253a2d605c5d93fd24b0c841b7efd06551cf1d6424d0bebaae36da729b384e91db0d3e43ed75b8db3d4f50cf62a9b16fe94e5179dc1a4000083435e0144aad5ea2a69680d140ac925d5b2d1820c4aec57b1a0ea6de015760b5bddd53b78d0a6baa96af20d2737aab07e83b10ba91ba7ba3c518fc3e6815656c6d9b34711d435f11c1e7cd424e2e2733222f9bc3c92ea12a4abf233f699b08c8b1d3817b50dbffa10e60b8c81260d2898d4fd3de849b8c74de7da8806c7b68123508a70b52bd9159fd803ed0ecf8353e96be5a2a22be85921f1a48c2d7bf278467054e0835b2d0e39272f6189b03378f80f781bc0f0aa5c38424d0953bab21cc8cbee6171c3940554b2d3f673b1883d858a9ea59a272f8d51835f27bc22095ee8d8e790130f64b7c7101495da1c83b85219f019baece14e2e46d84d146c553c7166af009ec6e4c3af7159d8cbae9be667838f7d9fab0a1aa5d55ca9fc4d8eb1974c0fac080dbf70772259c974f78ff6ed21579d05aafa1d0a5930326285f5f871ddaab18f76dcbfd12bc34d328a1fa5e7577b2906af74aaf0816e0df5626a1f7393cc0332a4ccd40064c475e0704d44a632a7c146dba9a17b3bf9b0e5af7f0febb20956f9f83c4dc2cbdde1041c6a76d0b882e5f2c943fa2e652a25b6185fa9ada6f0754f8a4208abac5da840ff7a2422472727aab692473a7bdfbc186003df42a8c8d6c171733fde4d3cf7fb6a324640da20a60c9dc0805769bc4a3a1da320c08390201d3bc21d9646a829c72179c930400564e1207cfedc840f26e5ca92205efe16e0b4692cc082e34ec0d0da5f5417e049b9e1e3e557680586700881ba607b6384d99477be5ebd7cda22823c20dabe1b678eaa0f63dc614e65a7d460a27264944b0b21efc8abf1ee97088ef039c9ee7dd4d44da67470a4e8c885f1328ba2e84658c0d3db9a9f14588f8217be8740d24416d84e1efb7e75ebd2a48a567ca9217b6d1f91ed95520b6e4921e79060fd929dbeb271a1b3799e518ec4635b72315083ff93ba28bb6019ab3a4e07998b92cca7622d083a9ce7b49ddf5441f08c05415b5edd356ab1a32d460861e326899bb340e5b01f7939c127b8d642beb2ec5597ca4ad5d1e5b360585a56cb1abe708d8ba525324b0694e30e3bd3d5a5ba9abf39852088c00e2eb6250be598d618428a2fd619d7d15ec56503d0eda27b83f727200641bb7d76e839093bfbfa2190bf40ea19091e00c40410e11ca397458b9a08b3a5ac7b9d0ec72bed76e33fc35818f58c54ad05f8023ef6f2ca3cac74e32daa309e7e729a316924e2fec194348c18f22677c4f86cdef53f7470028cd0a5701f8ce1f11fe60d8f73a0ceb4479c1a4d6acb791872ca8c0b9fab3ca0aca7dd88d1db3c4e4d284d6184a5629ec04f82005a88ccac05432fd3abe288b930b172b8ff2598aa94d1d40e9d4b7912bfc58f343238e91ca5b8de0b2cde27f6ee106235744ebd96dfa95cc6fb8c049ada5f2929bc0d19b03d9f15e0e1c6837f0de37a681e337b1b75bc8e0e3f906ce313d51fdebd0760adcb3f5256683205c7fef8d9f78533f7acdb48459ea3b33fc8e90dadc9370240ad4d593ef63fa3c6863617c5b07fc37a3a2659c2e29a568a456bb9be55cb48b80a8e9b1a0da3b0fc9dc80a557877f3a235626f24c2c0da408b0d87d438448b79585f567f89d129696fc916eeec9456ab51596f2a3db2bc4f9384c9f0802e3bf46f9b2e4aeaf1c1067689a73e8db2fe168539629237fc8e43442e9ce0a6774faf119cf39dbe056d6de790f3da25e9a1e18c80e1ddcee704720bd0ef39b28b443b71f9b2cd5283881d1d9d16413956aea508ae924d30179b2848de7e7160c7120c7007815cd6654d1bc9fd35d25a793f0dac6a665a76fa8d01d287a66f0c34c595a823b05975c3dc70c0250461252018653de236f0f584af3a66ab248175abc519a8cc548107c65c8982869bf90360024c167f330c9f4e9af991a1f588523b25e9ac852ceda6f1d62960ea25547d8e516941ca9dc9d033af959573e04ce0a84d0d7907c1348ac691c7e306907efc584bcc35d6d53fb9930d2563915ad52fd6ae5fc9511e733b1ecf5fe7d81064f833d4e86f0daaf675d767a44539e1c0331907ac1c7d3ba08929c7cbf0b912c98bd615cd22accd5cc1a0042e021b1d0ccc4c6166d9f85ed71d435806ffdb765f593f6c365a58074140f3523d64bab764ab04cfc618d33a9deddc533bd4f0bb07423b04605a9955e2e07bc7ecdc187f362de345ec13ef9939065982463183f95f6f31cc70297af8bef6c03cee3085b438945d09340bf6c0411dd4aca528770d59f6c4685bf951291b7d94cbf663e1b0c4b51079b289b59513ee65d11906751b5da685b7405f69133b2d375dba3d350a041184effe35801df332023876948e4dd7d113a0fae8c24d5fd83d0659b0f0b35ab5fe99f81a8e14cc7f5c59945b7b560a55f351e8852314000e91a915caa097653041ebde760b27b89925d4056d508f5a3726bc3d0e8ba2fe61636a52d8778e4b0e16506d2d782c572eea0a73f8180a0aa022f7b2c049239b8ad992eb8bc8cbf68e9433dcd189a2f13302f9c9c60cf84517aa1b55007a65729a7b20986a71d0627e92eb16fc4e3614e84de8ae7dcff2a51fcfc4d26cf5cc68210acb8d1720bdabeab36d3d69dc474b427fde5a8b47c7ed8e420312e39d43f159b8fcf584a6e86d2108d1d8637aadff80cbaf94f399b30a3df51e261def100b0e7b66a4a0ade527916b1b60", 0x1000}, {&(0x7f0000000340)="88fe09a71edf4196302429ea2de16b701278e13c9e22b910c383962d48c73d44542634c688e04ceab6bbb84aaf784d9bb41a1956eb355103a8467bdcfd6eb211bbf1e5bb0900f0f415f481ab2ca913d4f8eb48bb69784d9c700285333544cfc02cc5f22b4e5869f68aa45ae2854303b8e5ea3b0f6d0452ed39e04f82c104debd5eba59397ac49c2dc429637ca3e97c7f17c99ba73f02a8cc2c5e1e5738d23c1aee9c614710527d3b5b38945f0dc2caaaf7b5ed7ceac99adbbef181359dcbcbcceaab", 0xc2}, {&(0x7f00000004c0)="698d8016ea56e9c795701e883e95bc431443ab73f25e091be51d3b30cdacf4d1e540ad2aa926692b72b95d8e7a47b88cac73d0e0ed83e13215b729166590c29828990c54595edb45da5cceb9493bf8d7a494792a8d2e5ef623a1ad8ee7248765162f130687ebf2269af058c2e8f12b2a6990109fc7346ad4650d61891aec325d6150aea92efebb3c6681ee3ff24f9ff83e0bf4059ae480e1adc60707fa23bf4ff8c5256e84a27f1cf8922f9969cb4cdc3f0cc3ac883d53fd1458cf374243cf6be85b5d432c323808e518", 0xca}, {&(0x7f00000005c0)="636f041a5b025d061542f2ae1135193d9da0148f920303531b5b66c3743b7c5207b41f88e0c84a7189018c86ee21d9e2bf617402d3a47ce1e933f6e7ee6757c33e659c9335840fab1e33bb503862518a385f834f0d88c21e0eb309964b90d6aced455f43b6a22cbc943c6679a8cd45dc63f6355c9e18efafb1554d28e2204a20311ed9b9e545f608c69c442122a711382895831e6b82086c9140419366930646e41a0b0cfe9d340f58c456a148efd98d98851ec41d9b4d94e65b88c475196f058190d30b46783f154a5e204b290aed48996d7e3ad53b192f8411624d1ed97fe837c2e1090888a805b1eb46593ce656cd", 0xf0}], 0x5, 0x1)

347.499172ms ago: executing program 2 (id=1494):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x18, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x6e80}, [@nested={0x4, 0x1, 0x0, 0x1, [@generic]}]}, 0x18}}, 0x0)

251.28287ms ago: executing program 3 (id=1496):
r0 = socket$inet6(0xa, 0x3, 0x3c)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4000, 0x0, @remote, 0x5}, 0x1c)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0x5aa}], 0x1)

251.02889ms ago: executing program 3 (id=1497):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0x800454e0, &(0x7f00000000c0)=r1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
memfd_create(0x0, 0x0)

223.497802ms ago: executing program 0 (id=1498):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0x400}, 0x100002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x8, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000130000000000000000010018110000", @ANYRES64=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
move_pages(0x0, 0x2064, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], &(0x7f0000001180), &(0x7f0000000000), 0x0)
r2 = socket(0x2c, 0x3, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "1e00040000000100"}, 0x28)
write$binfmt_script(r3, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
writev(r3, &(0x7f0000000100)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1)
close_range(r2, r3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6185}, 0x94)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0x10}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x78}, 0x1, 0x0, 0x0, 0x8800}, 0x24000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r5, 0x0, 0x6}, 0x18)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e20, @multicast2}, 0x10)

217.932612ms ago: executing program 3 (id=1499):
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x8, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000130000000000000000010018110000", @ANYRES64=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
move_pages(0x0, 0x2064, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], &(0x7f0000001180), &(0x7f0000000000), 0x0)
r2 = socket(0x2c, 0x3, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "1e00040000000100"}, 0x28)
write$binfmt_script(r3, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd87}, &(0x7f0000000240)=0x40)
writev(r3, &(0x7f0000000100)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1)
close_range(r2, r3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00'}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0x10}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x78}, 0x1, 0x0, 0x0, 0x8800}, 0x24000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r5, 0x0, 0x6}, 0x18)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e20, @multicast2}, 0x10)

212.087013ms ago: executing program 2 (id=1500):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=@delchain={0x34, 0x2d, 0x400, 0x2, 0x0, {0x0, 0x0, 0x0, 0x0, {0xfff2}, {0xfff2}}, [@filter_kind_options=@f_flow={{0x9}, {0xffffff02, 0x2, [@TCA_FLOW_DIVISOR={0x0, 0x8, 0x5}]}}]}, 0x34}}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4080000400000006110540000000000a6000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x0, 0x10, &(0x7f0000000080), 0xffffffffffffffb2}, 0x48)
r2 = socket(0x10, 0x803, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000400)=r1, 0x4)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000002980)=ANY=[@ANYBLOB="1c0000005200010000000000000000000200000008000100", @ANYRES32], 0x1c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000001040)=0x100001, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b7000000ff000000bfa30000000000000703000018feffff720aa9fff8ffffff71a400fe0000000072030200000000131d400500000000004704000001ed00006b030000000000001d440000000000007a0a00fe00ffffffc303000041000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7109000000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a1074649c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c0dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6acdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e50002a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de5c028d6112a0c2d21b2dc98814106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c53218294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb118888876b617398d00a7526103ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fed000000007baa5b6a686b50f0937f778af083e08b7ab6cd9c65ba55f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddc42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293d364b9effa9a9406ac2683e231d4774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479517dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a79e59e1712c8c546768e5722da19fcdb4c2890cda1f96b952511e3a49d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767987d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca485683252b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c32040098e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a0032f37ff559be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1be62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee07751532d5e7d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070f66b2b388f0f744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e2fa3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef907000000f01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e015cb56119df72c7533a48d028a3a981463f25c068d4410dad0c74e2a9478fa3be18a1a27bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb581012fd7a8139166fd5e59c84f4ab07001b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe293308b2a146f12a4c205235924cee765d94b1cc06641247c773ab8d1abbeb03ea68"], &(0x7f0000000080)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff11, 0x0, 0xffffffffffffffff, 0xfffffffffffffea5}, 0x48)
r3 = socket$netlink(0x10, 0x3, 0x1)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000440)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000002000000df25250000000e0001006e65746465b3f2866b83ff0acbb679deee0b68a07673696d0000000f360a97de8e5847017149114999c0a98ca6f5d3ed117e304e3496c36d14fc6944510f4e3c05940f27a202107203fbc13fc89a18b91118ca40085fefa3407b2c8f5e1e266c0d8788ae434fdbe1263bee2c9c6325d2897074083ff02ccaf756b0d1c8041549d3d59d6211784497873ca23aa1c00d420e44ec691fd839fca9bd163dc72c5dcd8f1e39a42cf23381f3e0bca4e6b1e57baf3fcfc0f2fb356c7464"], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r5 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r5, &(0x7f0000000180)={0x1a, 0x30f, 0xf9, 0x8, 0x0, 0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x24}}, 0x10)
listen(r5, 0xd)
r6 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r6, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
r7 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r7, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r7, 0x4)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r8}, 0x10)
io_uring_setup(0x16b3, &(0x7f00000005c0)={0x0, 0xa545, 0x0, 0x3, 0x1ae})
r9 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000000)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000009c0)="010000000037a788a11d18000000000000006923c63a4541062101b60a2156566de77062", 0x24, r9)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1008082, &(0x7f00000010c0)={[{@nodioread_nolock}, {@nogrpid}, {@abort}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@dioread_nolock}, {@jqfmt_vfsv0}, {@nomblk_io_submit}, {@nobarrier}, {@block_validity}], [{@flag='ro'}, {@uid_gt}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@seclabel}]}, 0x0, 0x5f1, &(0x7f0000000ac0)="$eJzs3ctvFVUYAPBvbh+0FG0hRsWFNDEGEqWlBQwxLmBrSIOPuHFjpQWRAg2t0aIJJcGNiXFjjIkrF+J/oUS2rHTlwo0rQ0LUsDTxmrmdKX3M7eNyH8j8fsml87jD+SbTr3Pm3HPODaC0htN/KhF7I2I2iRhMFpf3dUe2c3jpfff+/uR0+kqiWn3jzySSbFv+/iT7OZAd3BcRP/+UxJ6u9eXOLVw5PzkzM305Wx+dvzA7Ordw5eC5C5Nnp89OXxx/afzY0SNHj40dWnNksqXzulqw7eT19z8c/Gzi7e+++ScZ+/63iSSOx6vZG1eeR7MMx3At2oKIB441u7AO6cp+T1Ze4qS76J097QuKLcuvX3p1norB6Ir7F28wPn2to8EBLVVNIqpASSXyH0oqrwfkz/Zrn4MrHamVAO1w98RSA8D6/O9eahuMvlrbwM57Saxs1kkiYm3LXCN2RcTtWxPXz9yauB4taocDii1ei4ini/I/qeX/UPTFUC3/K6vyP60XnMp+pttfb7D8tU3F8h/aZyn/+zbM/6iT/++syP93Gyx/+P7ie/2r8r+/0VMCAAAAAACA0rp5IiJeLPr8v7Lc/ycK+v8MRMTxJpQ/vGZ9/ef/lTtNKAYocPdExCuF/X8ree/foa5s6bFaf4Ce5My5melDEfF4RByInh3p+tgGZRz8fM/X9fYNZ/3/8lda/u2sL2AWx53uHauPmZqcn3zQ8wYi7l6LeKaw/2+yfP9PCu7/6d+D2S2Wsef5G6fq7ds8/4FWqX4bsb/w/n9/1opk4/k5Rmv1gdG8VrDesx9/8UO98hvN/8IpJoBtSe//OzfO/6Fk5Xw9c9sv4/BCd7Xevkbr/73Jm7UpZ3qzbR9Nzs9fHovoTU52pVtXbR/ffszwKMrzIc+XNP8PPLdx+19R/b8/IhbX/N/JX6vHFOee/Hfg93rxqP9D56T5P7Wt+//2F8ZvDP1Yr/yt3f+P1O71B7It2v9gyVd5mvau3l6Qjt1Fu9odLwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CioRsSuSysjycqUyMhIxEBFPxM7KzKW5+RfOXPrg4lS6r/b9/5X8m34Hl9aT/Pv/h1asj69ZPxwRuyPiy67+2vrI6UszU50+eQAAAAAAAAAAAAAAAAAAAHhIDNQZ/5/6o6vT0QEt193pAICOKcj/XzoRB9B+jd3/k6bHAbSf+j+Ul/yH8pL/UF7yH8pL/kN5yX8oL/kPAAAAAACPlN37bv6aRMTiy/21V6o329fT0ciAVqt0OgCgY0zxA+Wl6w+Ul2d8YLPJfPrqHvQg0wDNnn6AgwEAAAAAAAAAAACgdPbvNf4fysr4fygv4/+hvPLx//s6HAfQfp7xgdhkJH/h+P9NjwIAAAAAAAAAAAAAmmlu4cr5yZmZ6cstWTieDS9oYRHNW3jr4QijnQvVavVqen0elnj+5wt5V/iWFbEjIho/PB/rt7WjOvQHCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWOe/AAAA//+Mwh/s")
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r10, 0xffffffffffffffff, 0x0)

165.248087ms ago: executing program 1 (id=1501):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8f0, &(0x7f0000002400)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x2}])

164.821947ms ago: executing program 3 (id=1502):
r0 = socket$igmp6(0xa, 0x3, 0x3a)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7}, 0x18)
setsockopt$MRT6_ADD_MFC(r0, 0x29, 0x22, 0x0, 0x0)

155.532588ms ago: executing program 2 (id=1503):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1}, 0x10)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=@delqdisc={0xc0, 0x25, 0x1, 0x70bdad, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, {0xe, 0xffff}, {0x7, 0x9}, {0x0, 0xffe3}}, [@TCA_STAB={0x84, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x9, 0x6, 0x8, 0x6, 0x1, 0x9, 0x6, 0x3}}, {0xa, 0x2, [0xf28, 0x9, 0x3]}}, {{0x1c, 0x1, {0xf9, 0xb8, 0x56d6, 0x6571, 0x2, 0x0, 0x4, 0x4}}, {0xc, 0x2, [0x0, 0x6, 0x7, 0x3]}}, {{0x1c, 0x1, {0x6, 0x1, 0x5, 0x1ff, 0x2, 0x263c, 0x5, 0x7}}, {0x12, 0x2, [0x6, 0x3, 0x3, 0x0, 0x3, 0x3, 0x100]}}]}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0xa5}, @TCA_RATE={0x6, 0x5, {0x0, 0x8}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x102}]}, 0xc0}, 0x1, 0x0, 0x0, 0x30b6bc86405c165e}, 0x20040054)
semtimedop(0x0, &(0x7f0000000000)=[{0x2, 0x2, 0x2800}, {0x2, 0x7f, 0x1000}, {0x3, 0xfffd, 0xf2b7dfbc48659ebf}, {0x0, 0x401, 0x1000}, {0x3, 0x0, 0x1800}, {0x2, 0x1, 0x1000}, {0x4, 0xc4, 0x1800}], 0x7, &(0x7f0000000240)={0x0, 0x3938700})

117.624311ms ago: executing program 3 (id=1504):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
listen(r0, 0x1)
r3 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r3, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0}, 0x0)
close(r3)
accept4(r0, 0x0, 0x0, 0x400000000000000)

117.2645ms ago: executing program 0 (id=1505):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x95)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
syz_pidfd_open(0x0, 0x0)

116.984771ms ago: executing program 1 (id=1506):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000700), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000240)={0x34, r2, 0x1, 0x200, 0x0, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}]}, @ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8}]}, 0x34}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYRES32=r5, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)
write$selinux_user(r3, 0x0, 0x2b)
syz_clone(0xc0126080, 0x0, 0x0, 0x0, 0x0, 0x0)

116.654041ms ago: executing program 0 (id=1507):
r0 = socket$inet6(0xa, 0x3, 0x3c)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a31000000000800054000000004"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4000, 0x0, @remote, 0x5}, 0x1c)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0x5aa}], 0x1)

81.301094ms ago: executing program 3 (id=1508):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000700), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000240)={0x34, r2, 0x1, 0x200, 0x0, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}]}, @ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8}]}, 0x34}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB, @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)
write$selinux_user(r3, 0x0, 0x2b)
syz_clone(0xc0126080, 0x0, 0x0, 0x0, 0x0, 0x0)

81.122803ms ago: executing program 0 (id=1509):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f00000007c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)

58.819445ms ago: executing program 2 (id=1510):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x25, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000000}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x0)
ioctl$SG_GET_VERSION_NUM(r6, 0x2284, &(0x7f0000000080))
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})

11.074239ms ago: executing program 0 (id=1511):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x20002)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000014c0)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001380)={0x11, 0x19, &(0x7f0000001740)=ANY=[@ANYBLOB="180800000600000000000000000000008510"], &(0x7f0000001340)='syzkaller\x00', 0xa, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x1}, 0x94)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r5, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r7, &(0x7f0000003340)=[{{0x0, 0xfffffffffffffed1, &(0x7f0000000280)=[{&(0x7f0000000600)='4', 0x1}], 0x1, &(0x7f00000002c0)=[@rights={{0x10}}], 0x10, 0x40}}], 0x1, 0x0)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
splice(r6, 0x0, r8, 0x0, 0x39011, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000200)={<r9=>0x0, 0x1c, &(0x7f0000001440)=[@in6={0xa, 0x4e20, 0x5, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f0000000240)=0xc)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r5, 0x84, 0x7a, &(0x7f0000000340)={r9, @in6={{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, &(0x7f0000000040)=0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x18, &(0x7f0000000440)=ANY=[@ANYBLOB="18fcffffffffffffff0000000500000018110000d5903d0fe25ee49d69c127a073c160a2e47ba3c3e5dd5f4ef66aede2387e24f6a5867909d956a80475a81b48eb04a23fd18dec90db36f40eebdcd557a2323c2f6312963b330c7b2b762675577d309b6e97d5c60c2e7909bd1126fd0d8067883f546b874a3def588f8141dd1f7b18446fcef0f36c55ee16878fe632cb3ac4fab8b89cbc7caabe65831a1bedf5ee7f49416e9c2601b720b77b977da661a230b65c1782240b463b9e4aa74f783504234fd4da8e69fc24dcbfe03362320b4b1ab91d5cfa7b694fe192785f68592068", @ANYRES32, @ANYBLOB="0000000000000000b7080000090000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], 0x0, 0x8, 0x0, 0x0, 0x41100, 0x71, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x2, 0x8, 0x472, 0x5}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000040)=[0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000001700), 0x10, 0xb}, 0x94)
getgid()
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a4fc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b87f7c40a1702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f600e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10f9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80729fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a85430600f1e49db5a5517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a00000000000000000000000047e628cd57cde4268f47c9aaec3a3dfe43e032b88ea53656a8740c1a4e0a99be5c97ba451d8b2b0f4e12ba96082e0f6b2dabe716699090058e61a38ce85611945106dd1309087d3a2cf3aaef6216ff3720c3917170544a509071166565eaa3c9285b5227f520cd47"], 0x0}, 0x94)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))

0s ago: executing program 2 (id=1512):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x18, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x6e80}, [@nested={0x4, 0x1, 0x0, 0x1, [@generic]}]}, 0x18}}, 0x0)

kernel console output (not intermixed with test programs):

re.
[  100.781983][ T6534] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.795246][ T6534] CPU: 1 UID: 0 PID: 6534 Comm: syz.4.995 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(voluntary) 
[  100.795275][ T6534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  100.795290][ T6534] Call Trace:
[  100.795297][ T6534]  <TASK>
[  100.795304][ T6534]  __dump_stack+0x1d/0x30
[  100.795323][ T6534]  dump_stack_lvl+0xe8/0x140
[  100.795427][ T6534]  dump_stack+0x15/0x1b
[  100.795445][ T6534]  should_fail_ex+0x265/0x280
[  100.795466][ T6534]  should_fail+0xb/0x20
[  100.795490][ T6534]  should_fail_usercopy+0x1a/0x20
[  100.795515][ T6534]  _copy_from_user+0x1c/0xb0
[  100.795530][ T6534]  do_fcntl+0x5f9/0xdf0
[  100.795541][ T6534]  ? selinux_file_fcntl+0x1cb/0x1e0
[  100.795577][ T6534]  __se_sys_fcntl+0xb1/0x120
[  100.795588][ T6534]  __x64_sys_fcntl+0x43/0x50
[  100.795614][ T6534]  x64_sys_call+0x29a0/0x2ff0
[  100.795761][ T6534]  do_syscall_64+0xd2/0x200
[  100.795774][ T6534]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.795868][ T6534]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  100.795887][ T6534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.795960][ T6534] RIP: 0033:0x7f82810ee9a9
[  100.796027][ T6534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.796038][ T6534] RSP: 002b:00007f827f74f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  100.796049][ T6534] RAX: ffffffffffffffda RBX: 00007f8281315fa0 RCX: 00007f82810ee9a9
[  100.796081][ T6534] RDX: 0000200000000140 RSI: 0000000000000024 RDI: 0000000000000009
[  100.796088][ T6534] RBP: 00007f827f74f090 R08: 0000000000000000 R09: 0000000000000000
[  100.796149][ T6534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.796245][ T6534] R13: 0000000000000000 R14: 00007f8281315fa0 R15: 00007fff24d83c18
[  100.796257][ T6534]  </TASK>
[  100.995974][ T6539] loop4: detected capacity change from 0 to 512
[  101.011554][ T6539] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.024295][ T6539] ext4 filesystem being mounted at /193/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.227833][ T6539] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.292497][ T6539] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.362080][ T6539] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.372645][ T4823] hid-generic 0000:0000:0000.0034: unknown main item tag 0x0
[  101.389229][ T4823] hid-generic 0000:0000:0000.0034: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  101.421866][ T6539] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.421955][ T6555] loop2: detected capacity change from 0 to 1024
[  101.438258][ T6555] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  101.496768][ T6380] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.513391][ T6428] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.529605][ T6428] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.546899][ T6428] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.563234][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.602385][ T6572] loop4: detected capacity change from 0 to 1024
[  101.609216][ T6572] EXT4-fs: inline encryption not supported
[  101.615147][ T6572] EXT4-fs: Ignoring removed i_version option
[  101.640304][ T6572] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  101.676307][ T6572] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #3: block 1: comm syz.4.1003: lblock 1 mapped to illegal pblock 1 (length 1)
[  101.694380][ T6572] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1003: Failed to acquire dquot type 0
[  101.735348][ T6572] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.1003: Freeing blocks not in datazone - block = 0, count = 4096
[  101.772275][ T6572] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.1003: Invalid inode bitmap blk 0 in block_group 0
[  101.802091][ T6572] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[  101.826602][ T6572] EXT4-fs (loop4): 1 orphan inode deleted
[  101.842627][ T6572] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.869201][ T6572] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1003'.
[  101.878137][ T6386] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:26: lblock 1 mapped to illegal pblock 1 (length 1)
[  101.878496][ T6572] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1003'.
[  101.904729][ T6386] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:26: Failed to release dquot type 0
[  101.929460][ T6406] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.949925][ T6406] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.949932][ T6572] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5134 sclass=netlink_route_socket pid=6572 comm=syz.4.1003
[  101.971951][ T6572] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.1003: iget: bad extra_isize 65535 (inode size 256)
[  101.977454][ T6406] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.993841][ T3297] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.994299][ T6406] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.021117][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.142122][   T10] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0
[  102.150167][   T10] hid-generic 0000:0000:0000.0035: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  102.366182][ T6593] FAULT_INJECTION: forcing a failure.
[  102.366182][ T6593] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  102.379254][ T6593] CPU: 0 UID: 0 PID: 6593 Comm: syz.1.1011 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(voluntary) 
[  102.379333][ T6593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  102.379345][ T6593] Call Trace:
[  102.379351][ T6593]  <TASK>
[  102.379359][ T6593]  __dump_stack+0x1d/0x30
[  102.379379][ T6593]  dump_stack_lvl+0xe8/0x140
[  102.379464][ T6593]  dump_stack+0x15/0x1b
[  102.379479][ T6593]  should_fail_ex+0x265/0x280
[  102.379497][ T6593]  should_fail+0xb/0x20
[  102.379511][ T6593]  should_fail_usercopy+0x1a/0x20
[  102.379534][ T6593]  _copy_from_iter+0xcf/0xe40
[  102.379575][ T6593]  ? mntput_no_expire+0x6f/0x460
[  102.379598][ T6593]  ? mntput+0x4b/0x80
[  102.379617][ T6593]  tun_get_user+0x14d/0x2680
[  102.379679][ T6593]  ? path_openat+0x1bf8/0x2170
[  102.379702][ T6593]  ? _parse_integer_limit+0x170/0x190
[  102.379858][ T6593]  ? ref_tracker_alloc+0x1f2/0x2f0
[  102.379896][ T6593]  ? selinux_file_permission+0x1e4/0x320
[  102.379918][ T6593]  tun_chr_write_iter+0x15e/0x210
[  102.380001][ T6593]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  102.380032][ T6593]  vfs_write+0x49d/0x8e0
[  102.380058][ T6593]  ksys_write+0xda/0x1a0
[  102.380138][ T6593]  __x64_sys_write+0x40/0x50
[  102.380217][ T6593]  x64_sys_call+0x27fe/0x2ff0
[  102.380255][ T6593]  do_syscall_64+0xd2/0x200
[  102.380275][ T6593]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  102.380302][ T6593]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  102.380354][ T6593]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.380437][ T6593] RIP: 0033:0x7f65e59de9a9
[  102.380453][ T6593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.380473][ T6593] RSP: 002b:00007f65e403f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  102.380504][ T6593] RAX: ffffffffffffffda RBX: 00007f65e5c05fa0 RCX: 00007f65e59de9a9
[  102.380519][ T6593] RDX: 000000000000002e RSI: 0000200000000140 RDI: 0000000000000003
[  102.380532][ T6593] RBP: 00007f65e403f090 R08: 0000000000000000 R09: 0000000000000000
[  102.380546][ T6593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.380558][ T6593] R13: 0000000000000000 R14: 00007f65e5c05fa0 R15: 00007ffc8a2a1418
[  102.380573][ T6593]  </TASK>
[  102.605872][ T6596] netlink: 'syz.2.1012': attribute type 21 has an invalid length.
[  102.613896][ T6596] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1012'.
[  102.666689][ T6574] syz.0.1004 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  102.680944][ T6574] CPU: 0 UID: 0 PID: 6574 Comm: syz.0.1004 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(voluntary) 
[  102.680975][ T6574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  102.681043][ T6574] Call Trace:
[  102.681049][ T6574]  <TASK>
[  102.681055][ T6574]  __dump_stack+0x1d/0x30
[  102.681138][ T6574]  dump_stack_lvl+0xe8/0x140
[  102.681168][ T6574]  dump_stack+0x15/0x1b
[  102.681184][ T6574]  dump_header+0x81/0x220
[  102.681221][ T6574]  oom_kill_process+0x342/0x400
[  102.681245][ T6574]  out_of_memory+0x979/0xb80
[  102.681271][ T6574]  try_charge_memcg+0x5e6/0x9e0
[  102.681308][ T6574]  obj_cgroup_charge_pages+0xa6/0x150
[  102.681329][ T6574]  __memcg_kmem_charge_page+0x9f/0x170
[  102.681394][ T6574]  __alloc_frozen_pages_noprof+0x188/0x360
[  102.681427][ T6574]  alloc_pages_mpol+0xb3/0x250
[  102.681453][ T6574]  alloc_pages_noprof+0x90/0x130
[  102.681538][ T6574]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  102.681641][ T6574]  __kvmalloc_node_noprof+0x30f/0x4e0
[  102.681666][ T6574]  ? ip_set_alloc+0x1f/0x30
[  102.681722][ T6574]  ? ip_set_alloc+0x1f/0x30
[  102.681748][ T6574]  ? __kmalloc_cache_noprof+0x189/0x320
[  102.681768][ T6574]  ip_set_alloc+0x1f/0x30
[  102.681845][ T6574]  hash_netiface_create+0x282/0x740
[  102.681870][ T6574]  ? __pfx_hash_netiface_create+0x10/0x10
[  102.681896][ T6574]  ip_set_create+0x3cc/0x960
[  102.682000][ T6574]  ? __nla_parse+0x40/0x60
[  102.682021][ T6574]  nfnetlink_rcv_msg+0x4c6/0x590
[  102.682058][ T6574]  netlink_rcv_skb+0x123/0x220
[  102.682091][ T6574]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  102.682125][ T6574]  nfnetlink_rcv+0x16b/0x1690
[  102.682150][ T6574]  ? nlmon_xmit+0x4f/0x60
[  102.682230][ T6574]  ? consume_skb+0x49/0x150
[  102.682259][ T6574]  ? nlmon_xmit+0x4f/0x60
[  102.682282][ T6574]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  102.682339][ T6574]  ? __dev_queue_xmit+0x1200/0x2000
[  102.682373][ T6574]  ? __dev_queue_xmit+0x182/0x2000
[  102.682480][ T6574]  ? ref_tracker_free+0x37d/0x3e0
[  102.682515][ T6574]  ? __netlink_deliver_tap+0x4dc/0x500
[  102.682559][ T6574]  netlink_unicast+0x5bd/0x690
[  102.682606][ T6574]  netlink_sendmsg+0x58b/0x6b0
[  102.682641][ T6574]  ? __pfx_netlink_sendmsg+0x10/0x10
[  102.682669][ T6574]  __sock_sendmsg+0x142/0x180
[  102.682762][ T6574]  ____sys_sendmsg+0x31e/0x4e0
[  102.682792][ T6574]  ___sys_sendmsg+0x17b/0x1d0
[  102.682836][ T6574]  __x64_sys_sendmsg+0xd4/0x160
[  102.682948][ T6574]  x64_sys_call+0x191e/0x2ff0
[  102.682970][ T6574]  do_syscall_64+0xd2/0x200
[  102.682999][ T6574]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  102.683026][ T6574]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  102.683143][ T6574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.683167][ T6574] RIP: 0033:0x7f5a3286e9a9
[  102.683184][ T6574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.683200][ T6574] RSP: 002b:00007f5a30ecf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  102.683217][ T6574] RAX: ffffffffffffffda RBX: 00007f5a32a95fa0 RCX: 00007f5a3286e9a9
[  102.683229][ T6574] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  102.683240][ T6574] RBP: 00007f5a328f0d69 R08: 0000000000000000 R09: 0000000000000000
[  102.683256][ T6574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  102.683267][ T6574] R13: 0000000000000000 R14: 00007f5a32a95fa0 R15: 00007ffe7ee5c258
[  102.683283][ T6574]  </TASK>
[  102.683289][ T6574] memory: usage 307200kB, limit 307200kB, failcnt 314
[  103.021363][ T6574] memory+swap: usage 307392kB, limit 9007199254740988kB, failcnt 0
[  103.029245][ T6574] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  103.036613][ T6574] Memory cgroup stats for /syz0:
[  103.036887][ T6574] cache 0
[  103.044889][ T6574] rss 0
[  103.047636][ T6574] shmem 0
[  103.050586][ T6574] mapped_file 0
[  103.054147][ T6574] dirty 0
[  103.057093][ T6574] writeback 0
[  103.060541][ T6574] workingset_refault_anon 74
[  103.065319][ T6574] workingset_refault_file 205
[  103.070350][ T6574] swap 196608
[  103.073617][ T6574] swapcached 0
[  103.076968][ T6574] pgpgin 100003
[  103.080495][ T6574] pgpgout 100003
[  103.084065][ T6574] pgfault 113466
[  103.087597][ T6574] pgmajfault 46
[  103.091106][ T6574] inactive_anon 0
[  103.094783][ T6574] active_anon 0
[  103.098258][ T6574] inactive_file 0
[  103.101911][ T6574] active_file 0
[  103.105441][ T6574] unevictable 0
[  103.108887][ T6574] hierarchical_memory_limit 314572800
[  103.114376][ T6574] hierarchical_memsw_limit 9223372036854771712
[  103.120560][ T6574] total_cache 0
[  103.124028][ T6574] total_rss 0
[  103.127319][ T6574] total_shmem 0
[  103.130795][ T6574] total_mapped_file 0
[  103.134802][ T6574] total_dirty 0
[  103.138250][ T6574] total_writeback 0
[  103.142068][ T6574] total_workingset_refault_anon 74
[  103.147269][ T6574] total_workingset_refault_file 205
[  103.152569][ T6574] total_swap 196608
[  103.156356][ T6574] total_swapcached 0
[  103.160245][ T6574] total_pgpgin 100003
[  103.164288][ T6574] total_pgpgout 100003
[  103.168337][ T6574] total_pgfault 113466
[  103.172470][ T6574] total_pgmajfault 46
[  103.176436][ T6574] total_inactive_anon 0
[  103.180644][ T6574] total_active_anon 0
[  103.184616][ T6574] total_inactive_file 0
[  103.188751][ T6574] total_active_file 0
[  103.192761][ T6574] total_unevictable 0
[  103.196733][ T6574] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.1004,pid=6573,uid=0
[  103.211554][ T6574] Memory cgroup out of memory: Killed process 6573 (syz.0.1004) total-vm:93760kB, anon-rss:944kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  103.511327][ T3382] hid-generic 0000:0000:0000.0036: unknown main item tag 0x0
[  103.519255][ T3382] hid-generic 0000:0000:0000.0036: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  103.543056][ T6614] loop1: detected capacity change from 0 to 1024
[  103.557557][ T6614] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  103.649238][ T6626] loop2: detected capacity change from 0 to 2048
[  103.657161][ T6626] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  103.671260][ T6631] loop1: detected capacity change from 0 to 1024
[  103.678036][ T6631] EXT4-fs: inline encryption not supported
[  103.683922][ T6631] EXT4-fs: Ignoring removed i_version option
[  103.695598][ T6631] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  103.711379][ T6631] EXT4-fs error (device loop1): ext4_map_blocks:816: inode #3: block 1: comm syz.1.1026: lblock 1 mapped to illegal pblock 1 (length 1)
[  103.725828][ T6631] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1026: Failed to acquire dquot type 0
[  103.737798][ T6631] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.1026: Freeing blocks not in datazone - block = 0, count = 4096
[  103.752765][ T6631] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.1026: Invalid inode bitmap blk 0 in block_group 0
[  103.757797][ T6626] bond1: entered promiscuous mode
[  103.770678][ T6626] bond1: entered allmulticast mode
[  103.776579][ T6626] 8021q: adding VLAN 0 to HW filter on device bond1
[  103.783234][ T6406] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:41: lblock 1 mapped to illegal pblock 1 (length 1)
[  103.784482][ T6631] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  103.807142][ T6641] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1024'.
[  103.807777][ T6631] EXT4-fs (loop1): 1 orphan inode deleted
[  103.822941][ T6626] bond1 (unregistering): Released all slaves
[  103.831958][ T6406] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:41: Failed to release dquot type 0
[  103.844377][ T6631] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.889112][ T6631] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1026'.
[  103.902551][ T6631] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1026'.
[  103.916760][ T6631] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5134 sclass=netlink_route_socket pid=6631 comm=syz.1.1026
[  103.933113][ T4823] hid-generic 0000:0000:0000.0037: unknown main item tag 0x0
[  103.941837][ T6631] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.1026: iget: bad extra_isize 65535 (inode size 256)
[  103.954967][ T4823] hid-generic 0000:0000:0000.0037: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  103.960639][ T6650] loop4: detected capacity change from 0 to 512
[  103.973273][ T6650] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.989687][ T6646] loop2: detected capacity change from 0 to 1024
[  103.996858][ T6646] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  104.005928][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.281700][ T6660] loop9: detected capacity change from 0 to 7
[  104.287975][ T6660] Buffer I/O error on dev loop9, logical block 0, async page read
[  104.295883][ T6660] Buffer I/O error on dev loop9, logical block 0, async page read
[  104.303821][ T6660]  loop9: unable to read partition table
[  104.309488][ T6660] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ �â·û
[  104.309488][ T6660] 
) failed (rc=-5)
[  104.506615][ T4823] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0
[  104.547444][ T6666] loop3: detected capacity change from 0 to 1024
[  104.622707][ T4823] hid-generic 0000:0000:0000.0038: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  104.637020][ T6666] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  104.666100][   T29] kauditd_printk_skb: 201 callbacks suppressed
[  104.666115][   T29] audit: type=1326 audit(1753928703.285:4966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6671 comm="syz.2.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c502de9a9 code=0x7ffc0000
[  104.723545][ T6674] loop3: detected capacity change from 0 to 128
[  104.743320][ T6674] FAT-fs (loop3): Directory bread(block 162) failed
[  104.753498][   T29] audit: type=1326 audit(1753928703.315:4967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6671 comm="syz.2.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c502de9a9 code=0x7ffc0000
[  104.777010][   T29] audit: type=1326 audit(1753928703.315:4968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6671 comm="syz.2.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f8c502de9a9 code=0x7ffc0000
[  104.787928][ T6674] FAT-fs (loop3): Directory bread(block 163) failed
[  104.800484][   T29] audit: type=1326 audit(1753928703.315:4969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6671 comm="syz.2.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c502de9a9 code=0x7ffc0000
[  104.800513][   T29] audit: type=1326 audit(1753928703.315:4970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6671 comm="syz.2.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c502de9a9 code=0x7ffc0000
[  104.853991][   T29] audit: type=1326 audit(1753928703.325:4971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6671 comm="syz.2.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8c502de9a9 code=0x7ffc0000
[  104.877407][   T29] audit: type=1326 audit(1753928703.325:4972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6671 comm="syz.2.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c502de9a9 code=0x7ffc0000
[  104.900867][   T29] audit: type=1326 audit(1753928703.325:4973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6671 comm="syz.2.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c502de9a9 code=0x7ffc0000
[  104.900943][ T6674] FAT-fs (loop3): Directory bread(block 164) failed
[  104.924292][   T29] audit: type=1326 audit(1753928703.325:4974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6671 comm="syz.2.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8c502de9a9 code=0x7ffc0000
[  104.924320][   T29] audit: type=1326 audit(1753928703.325:4975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6671 comm="syz.2.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c502de9a9 code=0x7ffc0000
[  105.090009][ T6674] FAT-fs (loop3): Directory bread(block 165) failed
[  105.113221][ T6674] FAT-fs (loop3): Directory bread(block 166) failed
[  105.130597][ T6674] FAT-fs (loop3): Directory bread(block 167) failed
[  105.137450][ T6674] FAT-fs (loop3): Directory bread(block 168) failed
[  105.198130][ T6674] FAT-fs (loop3): Directory bread(block 169) failed
[  105.204588][ T6682] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  105.222195][ T6674] FAT-fs (loop3): Directory bread(block 162) failed
[  105.229927][ T6682] SELinux: failed to load policy
[  105.239957][ T6674] FAT-fs (loop3): Directory bread(block 163) failed
[  105.240858][ T6684] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  105.250470][ T6674] syz.3.1037: attempt to access beyond end of device
[  105.250470][ T6674] loop3: rw=3, sector=226, nr_sectors = 6 limit=128
[  105.259867][ T6684] SELinux: failed to load policy
[  105.290075][ T6674] syz.3.1037: attempt to access beyond end of device
[  105.290075][ T6674] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128
[  105.385388][ T4823] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0
[  105.395018][ T4823] hid-generic 0000:0000:0000.0039: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  105.421342][ T6690] loop3: detected capacity change from 0 to 1024
[  105.438272][ T6690] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  105.495541][ T4823] hid-generic 0000:0000:0000.003A: unknown main item tag 0x0
[  105.508271][ T6700] loop0: detected capacity change from 0 to 1024
[  105.515381][ T6700] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  105.529891][ T4823] hid-generic 0000:0000:0000.003A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  105.578465][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.675264][ T6678] loop2: detected capacity change from 0 to 1024
[  105.695032][ T6678] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.699235][ T6719] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  105.707416][ T6678] ext4 filesystem being mounted at /182/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.725153][ T6719] SELinux: failed to load policy
[  105.930647][ T6726] loop3: detected capacity change from 0 to 128
[  105.950605][ T6726] FAT-fs (loop3): Directory bread(block 162) failed
[  105.957224][ T6726] FAT-fs (loop3): Directory bread(block 163) failed
[  105.979828][ T6726] FAT-fs (loop3): Directory bread(block 164) failed
[  105.986440][ T6726] FAT-fs (loop3): Directory bread(block 165) failed
[  105.999825][ T6726] FAT-fs (loop3): Directory bread(block 166) failed
[  106.007317][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.017028][ T6726] FAT-fs (loop3): Directory bread(block 167) failed
[  106.029780][ T6726] FAT-fs (loop3): Directory bread(block 168) failed
[  106.037098][ T6726] FAT-fs (loop3): Directory bread(block 169) failed
[  106.053728][ T6726] FAT-fs (loop3): Directory bread(block 162) failed
[  106.061923][ T6726] FAT-fs (loop3): Directory bread(block 163) failed
[  106.070235][ T6726] syz.3.1056: attempt to access beyond end of device
[  106.070235][ T6726] loop3: rw=3, sector=226, nr_sectors = 6 limit=128
[  106.083499][ T6726] syz.3.1056: attempt to access beyond end of device
[  106.083499][ T6726] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128
[  106.116262][ T6734] FAULT_INJECTION: forcing a failure.
[  106.116262][ T6734] name failslab, interval 1, probability 0, space 0, times 0
[  106.129193][ T6734] CPU: 1 UID: 0 PID: 6734 Comm: syz.2.1060 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(voluntary) 
[  106.129256][ T6734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  106.129267][ T6734] Call Trace:
[  106.129273][ T6734]  <TASK>
[  106.129356][ T6734]  __dump_stack+0x1d/0x30
[  106.129375][ T6734]  dump_stack_lvl+0xe8/0x140
[  106.129409][ T6734]  dump_stack+0x15/0x1b
[  106.129457][ T6734]  should_fail_ex+0x265/0x280
[  106.129474][ T6734]  should_failslab+0x8c/0xb0
[  106.129556][ T6734]  kmem_cache_alloc_noprof+0x50/0x310
[  106.129574][ T6734]  ? getname_flags+0x80/0x3b0
[  106.129599][ T6734]  getname_flags+0x80/0x3b0
[  106.129624][ T6734]  __x64_sys_unlink+0x21/0x40
[  106.129644][ T6734]  x64_sys_call+0x2dc0/0x2ff0
[  106.129744][ T6734]  do_syscall_64+0xd2/0x200
[  106.129765][ T6734]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  106.129788][ T6734]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  106.129851][ T6734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.129879][ T6734] RIP: 0033:0x7f8c502de9a9
[  106.129894][ T6734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.129991][ T6734] RSP: 002b:00007f8c4e947038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[  106.130011][ T6734] RAX: ffffffffffffffda RBX: 00007f8c50505fa0 RCX: 00007f8c502de9a9
[  106.130025][ T6734] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000140
[  106.130038][ T6734] RBP: 00007f8c4e947090 R08: 0000000000000000 R09: 0000000000000000
[  106.130055][ T6734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.130066][ T6734] R13: 0000000000000000 R14: 00007f8c50505fa0 R15: 00007ffeeddd84c8
[  106.130081][ T6734]  </TASK>
[  106.387146][ T6737] ip6gre1: entered allmulticast mode
[  106.426292][ T3393] hid-generic 0000:0000:0000.003B: unknown main item tag 0x0
[  106.439295][ T6739] loop2: detected capacity change from 0 to 1024
[  106.446005][ T6739] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  106.486954][ T3393] hid-generic 0000:0000:0000.003B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  106.514929][ T6744] SELinux: failed to load policy
[  106.619716][ T6755] loop2: detected capacity change from 0 to 1024
[  106.638288][ T6757] loop1: detected capacity change from 0 to 128
[  106.640193][ T6755] EXT4-fs: inline encryption not supported
[  106.650448][ T6755] EXT4-fs: Ignoring removed i_version option
[  106.681243][ T6755] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  106.706216][ T6755] EXT4-fs error (device loop2): ext4_map_blocks:816: inode #3: block 1: comm syz.2.1069: lblock 1 mapped to illegal pblock 1 (length 1)
[  106.707464][ T6760] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  106.730239][ T6755] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1069: Failed to acquire dquot type 0
[  106.743520][ T6755] EXT4-fs error (device loop2): ext4_free_blocks:6587: comm syz.2.1069: Freeing blocks not in datazone - block = 0, count = 4096
[  106.757498][ T6755] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.1069: Invalid inode bitmap blk 0 in block_group 0
[  106.770587][ T6755] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[  106.779230][ T6755] EXT4-fs (loop2): 1 orphan inode deleted
[  106.785314][ T6755] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.798214][ T6380] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:20: lblock 1 mapped to illegal pblock 1 (length 1)
[  106.812899][ T6380] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:20: Failed to release dquot type 0
[  106.828220][ T6755] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1069'.
[  106.837432][ T6755] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1069'.
[  106.848302][ T6757] FAT-fs (loop1): Directory bread(block 162) failed
[  106.850957][ T6755] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5134 sclass=netlink_route_socket pid=6755 comm=syz.2.1069
[  106.857496][ T6757] FAT-fs (loop1): Directory bread(block 163) failed
[  106.869275][ T6755] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz.2.1069: iget: bad extra_isize 65535 (inode size 256)
[  106.897393][ T6764] 9pnet: Could not find request transport: fdrfdno=0xffffffffffffffff
[  106.909473][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.918325][ T6757] FAT-fs (loop1): Directory bread(block 164) failed
[  106.935339][ T6768] netlink: 'syz.2.1073': attribute type 1 has an invalid length.
[  106.943644][ T6757] FAT-fs (loop1): Directory bread(block 165) failed
[  106.955842][ T6768] 8021q: adding VLAN 0 to HW filter on device bond1
[  106.971035][ T6768] bond1: (slave gretap1): making interface the new active one
[  106.979516][ T6768] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  106.982207][ T6757] FAT-fs (loop1): Directory bread(block 166) failed
[  107.017113][ T6757] FAT-fs (loop1): Directory bread(block 167) failed
[  107.033278][ T6757] FAT-fs (loop1): Directory bread(block 168) failed
[  107.049201][ T6757] FAT-fs (loop1): Directory bread(block 169) failed
[  107.074885][ T6757] FAT-fs (loop1): Directory bread(block 162) failed
[  107.093052][ T6757] FAT-fs (loop1): Directory bread(block 163) failed
[  107.105670][ T6757] syz.1.1070: attempt to access beyond end of device
[  107.105670][ T6757] loop1: rw=3, sector=226, nr_sectors = 6 limit=128
[  107.118874][ T6757] syz.1.1070: attempt to access beyond end of device
[  107.118874][ T6757] loop1: rw=2051, sector=232, nr_sectors = 2 limit=128
[  107.391806][ T6733] syz.3.1059 (6733) used greatest stack depth: 6824 bytes left
[  107.467771][ T3393] hid-generic 0000:0000:0000.003C: unknown main item tag 0x0
[  107.475465][ T3393] hid-generic 0000:0000:0000.003C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  107.491021][ T6780] loop2: detected capacity change from 0 to 1024
[  107.500186][ T6780] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  107.555334][ T6782] SELinux: failed to load policy
[  107.632212][ T6792] loop2: detected capacity change from 0 to 1024
[  107.653031][ T6792] EXT4-fs: inline encryption not supported
[  107.658880][ T6792] EXT4-fs: Ignoring removed i_version option
[  107.680905][ T6792] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  107.703172][ T6792] EXT4-fs error (device loop2): ext4_map_blocks:816: inode #3: block 1: comm syz.2.1083: lblock 1 mapped to illegal pblock 1 (length 1)
[  107.727702][ T6792] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1083: Failed to acquire dquot type 0
[  107.729932][ T6799] loop3: detected capacity change from 0 to 512
[  107.746265][ T6792] EXT4-fs error (device loop2): ext4_free_blocks:6587: comm syz.2.1083: Freeing blocks not in datazone - block = 0, count = 4096
[  107.747441][ T6799] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.780245][ T6792] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.1083: Invalid inode bitmap blk 0 in block_group 0
[  107.796467][ T6792] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[  107.805265][ T6417] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:49: lblock 1 mapped to illegal pblock 1 (length 1)
[  107.820110][ T6417] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:49: Failed to release dquot type 0
[  107.831829][ T6792] EXT4-fs (loop2): 1 orphan inode deleted
[  107.837807][ T6792] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.928321][ T6792] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1083'.
[  107.945054][ T6792] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1083'.
[  108.006279][ T6815] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5134 sclass=netlink_route_socket pid=6815 comm=syz.2.1083
[  108.050803][ T6792] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz.2.1083: iget: bad extra_isize 65535 (inode size 256)
[  108.150469][ T3466] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  108.158768][ T3466] hid-generic 0000:0000:0000.003D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  108.224000][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.240659][ T6819] loop1: detected capacity change from 0 to 1024
[  108.250147][ T6819] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  108.537499][ T6825] loop2: detected capacity change from 0 to 1024
[  108.561025][ T6825] EXT4-fs: Ignoring removed orlov option
[  108.618458][ T6825] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  108.634678][ T6825] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.655653][ T6830] SELinux: failed to load policy
[  108.661175][ T6825] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  108.678122][ T6825] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1092'.
[  108.696494][ T3297] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.793128][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.853706][ T6848] netlink: 'syz.4.1100': attribute type 21 has an invalid length.
[  108.861555][ T6848] netlink: 164 bytes leftover after parsing attributes in process `syz.4.1100'.
[  108.939142][ T6855] loop2: detected capacity change from 0 to 512
[  108.947534][ T6855] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.809897][   T29] kauditd_printk_skb: 845 callbacks suppressed
[  109.809911][   T29] audit: type=1326 audit(1753928707.725:5815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6857 comm="syz.1.1102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f65e597ab89 code=0x7ffc0000
[  109.839472][   T29] audit: type=1326 audit(1753928708.425:5816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6857 comm="syz.1.1102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f65e59d5967 code=0x7ffc0000
[  109.862831][   T29] audit: type=1326 audit(1753928708.425:5817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6857 comm="syz.1.1102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f65e597ab89 code=0x7ffc0000
[  109.886150][   T29] audit: type=1326 audit(1753928708.425:5818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6857 comm="syz.1.1102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f65e59d5967 code=0x7ffc0000
[  109.909562][   T29] audit: type=1326 audit(1753928708.425:5819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6857 comm="syz.1.1102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f65e597ab89 code=0x7ffc0000
[  109.932944][   T29] audit: type=1326 audit(1753928708.425:5820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6857 comm="syz.1.1102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f65e59d5967 code=0x7ffc0000
[  109.956351][   T29] audit: type=1326 audit(1753928708.425:5821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6857 comm="syz.1.1102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f65e597ab89 code=0x7ffc0000
[  109.979651][   T29] audit: type=1326 audit(1753928708.425:5822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6857 comm="syz.1.1102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f65e59d5967 code=0x7ffc0000
[  110.002986][   T29] audit: type=1326 audit(1753928708.425:5823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6857 comm="syz.1.1102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f65e597ab89 code=0x7ffc0000
[  110.026308][   T29] audit: type=1326 audit(1753928708.425:5824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6857 comm="syz.1.1102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f65e59d5967 code=0x7ffc0000
[  110.086836][ T6868] SELinux: failed to load policy
[  110.134277][ T3466] hid-generic 0000:0000:0000.003E: unknown main item tag 0x0
[  110.156724][ T6866] loop0: detected capacity change from 0 to 1024
[  110.163817][ T6866] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  110.172727][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.182355][ T3466] hid-generic 0000:0000:0000.003E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  110.205330][ T6876] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6876 comm=syz.3.1108
[  110.382893][ T6897] SELinux: failed to load policy
[  110.428462][ T6904] loop2: detected capacity change from 0 to 512
[  110.436570][ T6904] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.777426][ T3466] hid-generic 0000:0000:0000.003F: unknown main item tag 0x0
[  110.797930][ T6914] loop1: detected capacity change from 0 to 1024
[  110.807893][ T3466] hid-generic 0000:0000:0000.003F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  110.837767][ T6914] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  110.905627][ T6921] netlink: 'syz.1.1122': attribute type 21 has an invalid length.
[  110.913499][ T6921] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1122'.
[  111.196724][ T6928] loop1: detected capacity change from 0 to 512
[  111.221486][ T6928] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.269920][ T6928] ext4 filesystem being mounted at /244/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.309946][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.329442][ T6928] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.406602][   T36] hid-generic 0000:0000:0000.0040: unknown main item tag 0x0
[  111.416146][ T6928] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.419457][ T6940] SELinux: failed to load policy
[  111.431338][   T36] hid-generic 0000:0000:0000.0040: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  111.441148][ T6941] loop4: detected capacity change from 0 to 1024
[  111.476437][ T6945] loop2: detected capacity change from 0 to 512
[  111.485560][ T6947] loop3: detected capacity change from 0 to 512
[  111.492416][ T6941] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  111.502235][ T6928] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.513912][ T6947] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.518139][ T6953] netlink: 'syz.0.1133': attribute type 21 has an invalid length.
[  111.528452][ T6945] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.534283][ T6953] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1133'.
[  111.550001][ T6947] ext4 filesystem being mounted at /242/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.556808][ T6945] ext4 filesystem being mounted at /204/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.588127][ T6928] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.604269][ T3297] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.606347][ T6955] loop4: detected capacity change from 0 to 512
[  111.632246][ T6955] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.634178][ T6957] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1135'.
[  111.644969][ T6955] ext4 filesystem being mounted at /212/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.695049][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.708063][ T6386] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.724778][ T6386] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.740457][ T6386] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.748780][ T6386] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.762093][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.815121][ T6975] SELinux: failed to load policy
[  111.822662][ T6979] loop3: detected capacity change from 0 to 512
[  111.824909][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.848629][ T6979] EXT4-fs error (device loop3): ext4_iget_extra_inode:5030: inode #15: comm syz.3.1143: corrupted in-inode xattr: invalid ea_ino
[  111.864571][ T6979] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.1143: couldn't read orphan inode 15 (err -117)
[  111.876923][ T6979] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.890520][ T6979] FAULT_INJECTION: forcing a failure.
[  111.890520][ T6979] name failslab, interval 1, probability 0, space 0, times 0
[  111.903146][ T6979] CPU: 0 UID: 0 PID: 6979 Comm: syz.3.1143 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(voluntary) 
[  111.903237][ T6979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  111.903250][ T6979] Call Trace:
[  111.903258][ T6979]  <TASK>
[  111.903278][ T6979]  __dump_stack+0x1d/0x30
[  111.903299][ T6979]  dump_stack_lvl+0xe8/0x140
[  111.903330][ T6979]  dump_stack+0x15/0x1b
[  111.903344][ T6979]  should_fail_ex+0x265/0x280
[  111.903437][ T6979]  should_failslab+0x8c/0xb0
[  111.903468][ T6979]  kmem_cache_alloc_noprof+0x50/0x310
[  111.903485][ T6979]  ? audit_log_start+0x365/0x6c0
[  111.903560][ T6979]  audit_log_start+0x365/0x6c0
[  111.903604][ T6979]  audit_seccomp+0x48/0x100
[  111.903655][ T6979]  ? __seccomp_filter+0x68c/0x10d0
[  111.903676][ T6979]  __seccomp_filter+0x69d/0x10d0
[  111.903702][ T6979]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  111.903736][ T6979]  ? vfs_write+0x75e/0x8e0
[  111.903762][ T6979]  ? __rcu_read_unlock+0x4f/0x70
[  111.903785][ T6979]  ? __fget_files+0x184/0x1c0
[  111.903810][ T6979]  __secure_computing+0x82/0x150
[  111.903912][ T6979]  syscall_trace_enter+0xcf/0x1e0
[  111.903939][ T6979]  do_syscall_64+0xac/0x200
[  111.903962][ T6979]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  111.903985][ T6979]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  111.904051][ T6979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.904083][ T6979] RIP: 0033:0x7f3f5997e9a9
[  111.904096][ T6979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.904112][ T6979] RSP: 002b:00007f3f57fdf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  111.904159][ T6979] RAX: ffffffffffffffda RBX: 00007f3f59ba5fa0 RCX: 00007f3f5997e9a9
[  111.904173][ T6979] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff80000902
[  111.904186][ T6979] RBP: 00007f3f57fdf090 R08: 0000000000000000 R09: 0000000000000000
[  111.904199][ T6979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.904283][ T6979] R13: 0000000000000000 R14: 00007f3f59ba5fa0 R15: 00007ffe009360f8
[  111.904298][ T6979]  </TASK>
[  112.121431][ T3297] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.157433][ T6985] loop2: detected capacity change from 0 to 1024
[  112.164529][ T6985] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  112.173049][ T6992] loop3: detected capacity change from 0 to 128
[  112.177648][ T6993] netlink: 'syz.1.1147': attribute type 21 has an invalid length.
[  112.183125][ T6992] FAT-fs (loop3): Directory bread(block 162) failed
[  112.188895][ T6993] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1147'.
[  112.195496][ T6992] FAT-fs (loop3): Directory bread(block 163) failed
[  112.211507][ T6992] FAT-fs (loop3): Directory bread(block 164) failed
[  112.218100][ T6992] FAT-fs (loop3): Directory bread(block 165) failed
[  112.224870][ T6992] FAT-fs (loop3): Directory bread(block 166) failed
[  112.231790][ T6992] FAT-fs (loop3): Directory bread(block 167) failed
[  112.238550][ T6992] FAT-fs (loop3): Directory bread(block 168) failed
[  112.245401][ T6992] FAT-fs (loop3): Directory bread(block 169) failed
[  112.253302][ T6985] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  112.263682][ T6985] EXT4-fs (loop2): orphan cleanup on readonly fs
[  112.271227][ T6985] EXT4-fs error (device loop2): ext4_free_blocks:6587: comm syz.2.1145: Freeing blocks not in datazone - block = 0, count = 4096
[  112.275557][ T6992] FAT-fs (loop3): Directory bread(block 162) failed
[  112.285233][ T6985] EXT4-fs (loop2): 1 orphan inode deleted
[  112.291419][ T6992] FAT-fs (loop3): Directory bread(block 163) failed
[  112.297342][ T6985] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  112.303746][ T6992] syz.3.1146: attempt to access beyond end of device
[  112.303746][ T6992] loop3: rw=3, sector=226, nr_sectors = 6 limit=128
[  112.329604][ T6992] syz.3.1146: attempt to access beyond end of device
[  112.329604][ T6992] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128
[  112.334208][ T6985] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 16: comm syz.2.1145: path /207/file1: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  112.363350][ T6985] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 17: comm syz.2.1145: path /207/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  112.384127][ T6985] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 18: comm syz.2.1145: path /207/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  112.404974][ T6985] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 19: comm syz.2.1145: path /207/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  112.425776][ T6985] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 20: comm syz.2.1145: path /207/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  112.446432][ T6985] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 21: comm syz.2.1145: path /207/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  112.473374][ T7003] loop1: detected capacity change from 0 to 1024
[  112.475294][ T6985] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 22: comm syz.2.1145: path /207/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  112.481270][ T7003] EXT4-fs: inline encryption not supported
[  112.501219][ T7000] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz.2.1145: iget: bad i_size value: 1970324836974602
[  112.506014][ T7003] EXT4-fs: Ignoring removed i_version option
[  112.520484][ T6985] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 23: comm syz.2.1145: path /207/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  112.537001][ T7003] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  112.570837][ T7003] EXT4-fs error (device loop1): ext4_map_blocks:816: inode #3: block 1: comm syz.1.1150: lblock 1 mapped to illegal pblock 1 (length 1)
[  112.585163][ T7003] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1150: Failed to acquire dquot type 0
[  112.586189][ T7011] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1153'.
[  112.611055][ T7003] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.1150: Freeing blocks not in datazone - block = 0, count = 4096
[  112.625933][ T7003] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.1150: Invalid inode bitmap blk 0 in block_group 0
[  112.638928][ T6380] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:20: lblock 1 mapped to illegal pblock 1 (length 1)
[  112.653672][ T7003] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  112.653629][ T6380] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:20: Failed to release dquot type 0
[  112.683641][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.693776][ T7003] EXT4-fs (loop1): 1 orphan inode deleted
[  112.696299][ T7015] SELinux: failed to load policy
[  112.705084][ T7003] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.727788][ T7003] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1150'.
[  112.743270][ T7003] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1150'.
[  112.834716][ T7003] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5134 sclass=netlink_route_socket pid=7003 comm=syz.1.1150
[  112.847854][ T7003] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.1150: iget: bad extra_isize 65535 (inode size 256)
[  112.877017][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.964968][ T7027] netlink: 'syz.0.1160': attribute type 21 has an invalid length.
[  112.972909][ T7027] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1160'.
[  113.205525][ T7040] loop0: detected capacity change from 0 to 512
[  113.306060][ T7046] loop1: detected capacity change from 0 to 128
[  113.313235][ T7046] FAT-fs (loop1): Directory bread(block 162) failed
[  113.320176][ T7046] FAT-fs (loop1): Directory bread(block 163) failed
[  113.328118][ T7040] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.341165][ T7046] FAT-fs (loop1): Directory bread(block 164) failed
[  113.347759][ T7046] FAT-fs (loop1): Directory bread(block 165) failed
[  113.349316][ T7040] ext4 filesystem being mounted at /235/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.355469][ T7046] FAT-fs (loop1): Directory bread(block 166) failed
[  113.371998][ T7046] FAT-fs (loop1): Directory bread(block 167) failed
[  113.378770][ T7046] FAT-fs (loop1): Directory bread(block 168) failed
[  113.385576][ T7046] FAT-fs (loop1): Directory bread(block 169) failed
[  113.393584][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.396739][ T7046] FAT-fs (loop1): Directory bread(block 162) failed
[  113.409229][ T7046] FAT-fs (loop1): Directory bread(block 163) failed
[  113.416648][ T7046] syz.1.1159: attempt to access beyond end of device
[  113.416648][ T7046] loop1: rw=3, sector=226, nr_sectors = 6 limit=128
[  113.429851][ T7046] syz.1.1159: attempt to access beyond end of device
[  113.429851][ T7046] loop1: rw=2051, sector=232, nr_sectors = 2 limit=128
[  113.434847][ T7052] loop0: detected capacity change from 0 to 512
[  113.451714][ T7052] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.501770][ T7059] loop1: detected capacity change from 0 to 1024
[  113.508667][ T7059] EXT4-fs: inline encryption not supported
[  113.514598][ T7059] EXT4-fs: Ignoring removed i_version option
[  113.521275][ T7059] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  113.534042][ T7059] EXT4-fs error (device loop1): ext4_map_blocks:816: inode #3: block 1: comm syz.1.1170: lblock 1 mapped to illegal pblock 1 (length 1)
[  113.607541][ T7059] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1170: Failed to acquire dquot type 0
[  113.619505][ T7059] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.1170: Freeing blocks not in datazone - block = 0, count = 4096
[  113.635830][ T7059] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.1170: Invalid inode bitmap blk 0 in block_group 0
[  113.648750][ T7059] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  113.657688][ T6386] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:26: lblock 1 mapped to illegal pblock 1 (length 1)
[  113.672630][ T7059] EXT4-fs (loop1): 1 orphan inode deleted
[  113.678645][ T7059] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.694183][ T6386] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:26: Failed to release dquot type 0
[  113.709390][ T7059] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1170'.
[  113.724660][ T7059] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5134 sclass=netlink_route_socket pid=7059 comm=syz.1.1170
[  113.738935][ T7059] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.1170: iget: bad extra_isize 65535 (inode size 256)
[  113.793042][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.154379][ T7078] loop2: detected capacity change from 0 to 512
[  114.179261][ T7078] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.196993][ T7078] ext4 filesystem being mounted at /212/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.212663][ T7083] loop3: detected capacity change from 0 to 128
[  114.220328][ T7083] FAT-fs (loop3): Directory bread(block 162) failed
[  114.227272][ T7083] FAT-fs (loop3): Directory bread(block 163) failed
[  114.234054][ T7083] FAT-fs (loop3): Directory bread(block 164) failed
[  114.240936][ T7083] FAT-fs (loop3): Directory bread(block 165) failed
[  114.247787][ T7083] FAT-fs (loop3): Directory bread(block 166) failed
[  114.254500][ T7083] FAT-fs (loop3): Directory bread(block 167) failed
[  114.320962][ T7083] FAT-fs (loop3): Directory bread(block 168) failed
[  114.327629][ T7083] FAT-fs (loop3): Directory bread(block 169) failed
[  114.350537][ T7083] FAT-fs (loop3): Directory bread(block 162) failed
[  114.373985][ T7083] FAT-fs (loop3): Directory bread(block 163) failed
[  114.382153][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.404988][ T7083] syz.3.1178: attempt to access beyond end of device
[  114.404988][ T7083] loop3: rw=3, sector=226, nr_sectors = 6 limit=128
[  114.429557][ T7092] loop1: detected capacity change from 0 to 1024
[  114.435228][ T7083] syz.3.1178: attempt to access beyond end of device
[  114.435228][ T7083] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128
[  114.450851][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.452430][ T7092] EXT4-fs: inline encryption not supported
[  114.465705][ T7092] EXT4-fs: Ignoring removed i_version option
[  114.480374][ T7092] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  114.493506][ T7092] EXT4-fs error (device loop1): ext4_map_blocks:816: inode #3: block 1: comm syz.1.1182: lblock 1 mapped to illegal pblock 1 (length 1)
[  114.513063][ T7092] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1182: Failed to acquire dquot type 0
[  114.524754][ T7092] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.1182: Freeing blocks not in datazone - block = 0, count = 4096
[  114.538927][ T7092] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.1182: Invalid inode bitmap blk 0 in block_group 0
[  114.552119][ T7092] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  114.564452][ T6371] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:13: lblock 1 mapped to illegal pblock 1 (length 1)
[  114.579386][ T7092] EXT4-fs (loop1): 1 orphan inode deleted
[  114.585458][ T7092] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.598712][ T6371] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:13: Failed to release dquot type 0
[  114.626619][ T7092] __nla_validate_parse: 3 callbacks suppressed
[  114.626634][ T7092] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1182'.
[  114.642310][ T7092] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1182'.
[  114.656213][ T7092] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5134 sclass=netlink_route_socket pid=7092 comm=syz.1.1182
[  114.670843][ T7092] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.1182: iget: bad extra_isize 65535 (inode size 256)
[  114.695666][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.730387][ T7123] loop1: detected capacity change from 0 to 512
[  114.742122][ T7123] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.754882][ T7123] ext4 filesystem being mounted at /258/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.786299][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.835947][ T7130] netlink: 'syz.1.1194': attribute type 21 has an invalid length.
[  114.843810][ T7130] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1194'.
[  115.024547][ T7138] loop1: detected capacity change from 0 to 128
[  115.040883][ T7138] FAT-fs (loop1): Directory bread(block 162) failed
[  115.047655][ T7138] FAT-fs (loop1): Directory bread(block 163) failed
[  115.054700][ T7138] FAT-fs (loop1): Directory bread(block 164) failed
[  115.061480][ T7138] FAT-fs (loop1): Directory bread(block 165) failed
[  115.068197][ T7138] FAT-fs (loop1): Directory bread(block 166) failed
[  115.074989][ T7138] FAT-fs (loop1): Directory bread(block 167) failed
[  115.081726][ T7138] FAT-fs (loop1): Directory bread(block 168) failed
[  115.088551][ T7138] FAT-fs (loop1): Directory bread(block 169) failed
[  115.096235][ T7138] FAT-fs (loop1): Directory bread(block 162) failed
[  115.103150][ T7138] FAT-fs (loop1): Directory bread(block 163) failed
[  115.110225][ T7138] syz.1.1197: attempt to access beyond end of device
[  115.110225][ T7138] loop1: rw=3, sector=226, nr_sectors = 6 limit=128
[  115.123502][ T7138] syz.1.1197: attempt to access beyond end of device
[  115.123502][ T7138] loop1: rw=2051, sector=232, nr_sectors = 2 limit=128
[  115.227094][ T3926] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[  115.235115][ T3926] hid-generic 0000:0000:0000.0041: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  115.252048][ T7147] loop1: detected capacity change from 0 to 1024
[  115.258995][ T7147] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  115.314357][ T7155] loop2: detected capacity change from 0 to 512
[  115.331700][ T7155] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.344892][ T7155] ext4 filesystem being mounted at /215/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.374155][ T7132] syz.3.1195 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  115.388814][ T7132] CPU: 0 UID: 0 PID: 7132 Comm: syz.3.1195 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(voluntary) 
[  115.388850][ T7132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  115.388869][ T7132] Call Trace:
[  115.388876][ T7132]  <TASK>
[  115.388885][ T7132]  __dump_stack+0x1d/0x30
[  115.388947][ T7132]  dump_stack_lvl+0xe8/0x140
[  115.388982][ T7132]  dump_stack+0x15/0x1b
[  115.388999][ T7132]  dump_header+0x81/0x220
[  115.389034][ T7132]  oom_kill_process+0x342/0x400
[  115.389079][ T7132]  out_of_memory+0x979/0xb80
[  115.389101][ T7132]  try_charge_memcg+0x5e6/0x9e0
[  115.389158][ T7132]  obj_cgroup_charge_pages+0xa6/0x150
[  115.389183][ T7132]  __memcg_kmem_charge_page+0x9f/0x170
[  115.389304][ T7132]  __alloc_frozen_pages_noprof+0x188/0x360
[  115.389376][ T7132]  alloc_pages_mpol+0xb3/0x250
[  115.389449][ T7132]  alloc_pages_noprof+0x90/0x130
[  115.389529][ T7132]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  115.389563][ T7132]  __kvmalloc_node_noprof+0x30f/0x4e0
[  115.389583][ T7132]  ? ip_set_alloc+0x1f/0x30
[  115.389666][ T7132]  ? ip_set_alloc+0x1f/0x30
[  115.389688][ T7132]  ? __kmalloc_cache_noprof+0x189/0x320
[  115.389709][ T7132]  ip_set_alloc+0x1f/0x30
[  115.389737][ T7132]  hash_netiface_create+0x282/0x740
[  115.389782][ T7132]  ? __pfx_hash_netiface_create+0x10/0x10
[  115.389809][ T7132]  ip_set_create+0x3cc/0x960
[  115.389899][ T7132]  ? __nla_parse+0x40/0x60
[  115.389919][ T7132]  nfnetlink_rcv_msg+0x4c6/0x590
[  115.389959][ T7132]  netlink_rcv_skb+0x123/0x220
[  115.389991][ T7132]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  115.390052][ T7132]  nfnetlink_rcv+0x16b/0x1690
[  115.390075][ T7132]  ? nlmon_xmit+0x4f/0x60
[  115.390168][ T7132]  ? consume_skb+0x49/0x150
[  115.390195][ T7132]  ? nlmon_xmit+0x4f/0x60
[  115.390221][ T7132]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  115.390296][ T7132]  ? __dev_queue_xmit+0x1200/0x2000
[  115.390331][ T7132]  ? __dev_queue_xmit+0x182/0x2000
[  115.390442][ T7132]  ? ref_tracker_free+0x37d/0x3e0
[  115.390532][ T7132]  ? __netlink_deliver_tap+0x4dc/0x500
[  115.390624][ T7132]  netlink_unicast+0x5bd/0x690
[  115.390650][ T7132]  netlink_sendmsg+0x58b/0x6b0
[  115.390684][ T7132]  ? __pfx_netlink_sendmsg+0x10/0x10
[  115.390736][ T7132]  __sock_sendmsg+0x142/0x180
[  115.390756][ T7132]  ____sys_sendmsg+0x31e/0x4e0
[  115.390786][ T7132]  ___sys_sendmsg+0x17b/0x1d0
[  115.390895][ T7132]  __x64_sys_sendmsg+0xd4/0x160
[  115.390993][ T7132]  x64_sys_call+0x191e/0x2ff0
[  115.391017][ T7132]  do_syscall_64+0xd2/0x200
[  115.391040][ T7132]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  115.391064][ T7132]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  115.391142][ T7132]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.391165][ T7132] RIP: 0033:0x7f3f5997e9a9
[  115.391178][ T7132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.391194][ T7132] RSP: 002b:00007f3f57fdf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  115.391277][ T7132] RAX: ffffffffffffffda RBX: 00007f3f59ba5fa0 RCX: 00007f3f5997e9a9
[  115.391289][ T7132] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  115.391301][ T7132] RBP: 00007f3f59a00d69 R08: 0000000000000000 R09: 0000000000000000
[  115.391311][ T7132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  115.391332][ T7132] R13: 0000000000000000 R14: 00007f3f59ba5fa0 R15: 00007ffe009360f8
[  115.391348][ T7132]  </TASK>
[  115.722570][ T7132] memory: usage 307200kB, limit 307200kB, failcnt 696
[  115.724717][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.729320][ T7132] memory+swap: usage 307384kB, limit 9007199254740988kB, failcnt 0
[  115.746196][ T7132] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[  115.753496][ T7132] Memory cgroup stats for /syz3:
[  115.756264][ T7132] cache 0
[  115.764148][ T7132] rss 0
[  115.766981][ T7132] shmem 0
[  115.769173][   T29] kauditd_printk_skb: 264 callbacks suppressed
[  115.769185][   T29] audit: type=1326 audit(1753928714.385:6078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7159 comm="syz.4.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82810ee9a9 code=0x7ffc0000
[  115.769995][ T7132] mapped_file 0
[  115.770002][ T7132] dirty 0
[  115.770009][ T7132] writeback 0
[  115.770015][ T7132] workingset_refault_anon 111
[  115.770079][ T7132] workingset_refault_file 266
[  115.770087][ T7132] swap 188416
[  115.770093][ T7132] swapcached 8192
[  115.770101][ T7132] pgpgin 143805
[  115.776919][   T29] audit: type=1326 audit(1753928714.395:6079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7159 comm="syz.4.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f82810ee9a9 code=0x7ffc0000
[  115.799683][ T7132] pgpgout 143803
[  115.818911][ T7162] netlink: 'syz.4.1206': attribute type 21 has an invalid length.
[  115.821829][ T7132] pgfault 138023
[  115.821838][ T7132] pgmajfault 89
[  115.825466][ T7162] netlink: 164 bytes leftover after parsing attributes in process `syz.4.1206'.
[  115.828894][ T7132] inactive_anon 8192
[  115.828903][ T7132] active_anon 0
[  115.884167][   T29] audit: type=1326 audit(1753928714.425:6080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7159 comm="syz.4.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82810ee9a9 code=0x7ffc0000
[  115.887025][ T7132] inactive_file 0
[  115.910408][   T29] audit: type=1326 audit(1753928714.425:6081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7159 comm="syz.4.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82810ee9a9 code=0x7ffc0000
[  115.914016][ T7132] active_file 0
[  115.937420][   T29] audit: type=1326 audit(1753928714.425:6082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7159 comm="syz.4.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f82810ee9a9 code=0x7ffc0000
[  115.940874][ T7132] unevictable 0
[  115.940882][ T7132] hierarchical_memory_limit 314572800
[  115.940892][ T7132] hierarchical_memsw_limit 9223372036854771712
[  115.964339][   T29] audit: type=1326 audit(1753928714.425:6083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7159 comm="syz.4.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82810ee9a9 code=0x7ffc0000
[  115.967760][ T7132] total_cache 0
[  115.973123][   T29] audit: type=1326 audit(1753928714.425:6084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7159 comm="syz.4.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82810ee9a9 code=0x7ffc0000
[  115.979264][ T7132] total_rss 0
[  115.979273][ T7132] total_shmem 0
[  116.002603][   T29] audit: type=1326 audit(1753928714.425:6085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7159 comm="syz.4.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f82810ee9a9 code=0x7ffc0000
[  116.006030][ T7132] total_mapped_file 0
[  116.006039][ T7132] total_dirty 0
[  116.029377][   T29] audit: type=1326 audit(1753928714.425:6086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7159 comm="syz.4.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82810ee9a9 code=0x7ffc0000
[  116.029425][   T29] audit: type=1326 audit(1753928714.425:6087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7159 comm="syz.4.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82810ee9a9 code=0x7ffc0000
[  116.032726][ T7132] total_writeback 0
[  116.117606][ T7132] total_workingset_refault_anon 111
[  116.122870][ T7132] total_workingset_refault_file 266
[  116.128065][ T7132] total_swap 188416
[  116.131891][ T7132] total_swapcached 8192
[  116.136085][ T7132] total_pgpgin 143805
[  116.137999][ T7168] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1207'.
[  116.140078][ T7132] total_pgpgout 143803
[  116.140087][ T7132] total_pgfault 138023
[  116.140094][ T7132] total_pgmajfault 89
[  116.140101][ T7132] total_inactive_anon 8192
[  116.140108][ T7132] total_active_anon 0
[  116.140114][ T7132] total_inactive_file 0
[  116.140121][ T7132] total_active_file 0
[  116.149080][ T7168] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1207'.
[  116.153116][ T7132] total_unevictable 0
[  116.190432][ T7132] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.1195,pid=7131,uid=0
[  116.205073][ T7132] Memory cgroup out of memory: Killed process 7131 (syz.3.1195) total-vm:93760kB, anon-rss:944kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  116.315966][ T7175] loop1: detected capacity change from 0 to 128
[  116.327917][ T7175] FAT-fs (loop1): Directory bread(block 162) failed
[  116.344267][ T7175] FAT-fs (loop1): Directory bread(block 163) failed
[  116.360269][ T7175] FAT-fs (loop1): Directory bread(block 164) failed
[  116.383610][ T7175] FAT-fs (loop1): Directory bread(block 165) failed
[  116.390288][ T7175] FAT-fs (loop1): Directory bread(block 166) failed
[  116.396961][ T7175] FAT-fs (loop1): Directory bread(block 167) failed
[  116.404037][ T7175] FAT-fs (loop1): Directory bread(block 168) failed
[  116.410764][ T7175] FAT-fs (loop1): Directory bread(block 169) failed
[  116.418276][ T7175] FAT-fs (loop1): Directory bread(block 162) failed
[  116.425393][ T7175] FAT-fs (loop1): Directory bread(block 163) failed
[  116.432523][ T7175] syz.1.1209: attempt to access beyond end of device
[  116.432523][ T7175] loop1: rw=3, sector=226, nr_sectors = 6 limit=128
[  116.446065][ T7175] syz.1.1209: attempt to access beyond end of device
[  116.446065][ T7175] loop1: rw=2051, sector=232, nr_sectors = 2 limit=128
[  116.505286][   T10] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  116.522586][ T7186] loop0: detected capacity change from 0 to 1024
[  116.529368][ T7186] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  116.537882][   T10] hid-generic 0000:0000:0000.0042: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  116.562151][ T7192] capability: warning: `syz.4.1215' uses deprecated v2 capabilities in a way that may be insecure
[  116.706079][ T7211] netlink: 'syz.4.1220': attribute type 21 has an invalid length.
[  116.714158][ T7211] netlink: 164 bytes leftover after parsing attributes in process `syz.4.1220'.
[  116.841030][ T7213] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1221'.
[  116.857229][ T7215] loop3: detected capacity change from 0 to 512
[  116.866753][ T7215] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.078782][ T7225] loop4: detected capacity change from 0 to 128
[  117.100474][ T7225] FAT-fs (loop4): Directory bread(block 162) failed
[  117.119826][ T7225] FAT-fs (loop4): Directory bread(block 163) failed
[  117.127565][ T7225] FAT-fs (loop4): Directory bread(block 164) failed
[  117.144160][ T7225] FAT-fs (loop4): Directory bread(block 165) failed
[  117.158785][ T7225] FAT-fs (loop4): Directory bread(block 166) failed
[  117.173253][ T7225] FAT-fs (loop4): Directory bread(block 167) failed
[  117.179994][ T7225] FAT-fs (loop4): Directory bread(block 168) failed
[  117.186731][ T7225] FAT-fs (loop4): Directory bread(block 169) failed
[  117.255208][ T7225] FAT-fs (loop4): Directory bread(block 162) failed
[  117.269763][ T7225] FAT-fs (loop4): Directory bread(block 163) failed
[  117.383833][ T7239] netlink: 'syz.2.1231': attribute type 21 has an invalid length.
[  117.391732][ T7239] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1231'.
[  117.442443][ T3304] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  117.453409][ T3304] CPU: 1 UID: 0 PID: 3304 Comm: syz-executor Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(voluntary) 
[  117.453595][ T3304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  117.453607][ T3304] Call Trace:
[  117.453613][ T3304]  <TASK>
[  117.453680][ T3304]  __dump_stack+0x1d/0x30
[  117.453699][ T3304]  dump_stack_lvl+0xe8/0x140
[  117.453807][ T3304]  dump_stack+0x15/0x1b
[  117.453832][ T3304]  dump_header+0x81/0x220
[  117.453862][ T3304]  oom_kill_process+0x342/0x400
[  117.453907][ T3304]  out_of_memory+0x979/0xb80
[  117.453930][ T3304]  try_charge_memcg+0x5e6/0x9e0
[  117.454035][ T3304]  charge_memcg+0x51/0xc0
[  117.454095][ T3304]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  117.454124][ T3304]  __read_swap_cache_async+0x1df/0x350
[  117.454185][ T3304]  swap_cluster_readahead+0x277/0x3e0
[  117.454229][ T3304]  swapin_readahead+0xde/0x6f0
[  117.454253][ T3304]  ? __filemap_get_folio+0x4f7/0x6b0
[  117.454278][ T3304]  ? __rcu_read_unlock+0x4f/0x70
[  117.454347][ T3304]  ? swap_cache_get_folio+0x77/0x200
[  117.454368][ T3304]  do_swap_page+0x301/0x2430
[  117.454396][ T3304]  ? finish_task_switch+0xad/0x2b0
[  117.454497][ T3304]  ? __schedule+0x6c8/0xb50
[  117.454523][ T3304]  ? __pfx_default_wake_function+0x10/0x10
[  117.454550][ T3304]  handle_mm_fault+0x9a5/0x2c20
[  117.454635][ T3304]  ? mas_walk+0xf2/0x120
[  117.454658][ T3304]  do_user_addr_fault+0x636/0x1090
[  117.454762][ T3304]  ? fpregs_restore_userregs+0xe2/0x1d0
[  117.454792][ T3304]  ? switch_fpu_return+0xe/0x20
[  117.454816][ T3304]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  117.454839][ T3304]  exc_page_fault+0x62/0xa0
[  117.454908][ T3304]  asm_exc_page_fault+0x26/0x30
[  117.454928][ T3304] RIP: 0033:0x7f5a328a1225
[  117.454941][ T3304] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 1e 63 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[  117.455009][ T3304] RSP: 002b:00007ffe7ee5c598 EFLAGS: 00010246
[  117.455057][ T3304] RAX: 0000000000000000 RBX: 0000000000000264 RCX: 00007f5a328a1223
[  117.455070][ T3304] RDX: 00007ffe7ee5c5b0 RSI: 0000000000000000 RDI: 0000000000000000
[  117.455081][ T3304] RBP: 00007ffe7ee5c61c R08: 0000000012b5ff48 R09: 0000000000000000
[  117.455092][ T3304] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[  117.455104][ T3304] R13: 00000000000927c0 R14: 000000000001c7ba R15: 00007ffe7ee5c670
[  117.455123][ T3304]  </TASK>
[  117.689666][ T3304] memory: usage 307200kB, limit 307200kB, failcnt 533
[  117.696433][ T3304] memory+swap: usage 307384kB, limit 9007199254740988kB, failcnt 0
[  117.704325][ T3304] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[  117.711654][ T3304] Memory cgroup stats for /syz0:
[  117.722121][ T7241] netlink: 'syz.4.1232': attribute type 21 has an invalid length.
[  117.734938][ T7241] netlink: 164 bytes leftover after parsing attributes in process `syz.4.1232'.
[  117.763508][ T3304] cache 0
[  117.766475][ T3304] rss 0
[  117.769281][ T3304] shmem 0
[  117.772249][ T3304] mapped_file 0
[  117.775733][ T3304] dirty 0
[  117.778707][ T3304] writeback 0
[  117.782033][ T3304] workingset_refault_anon 88
[  117.786609][ T3304] workingset_refault_file 318
[  117.791289][ T3304] swap 188416
[  117.794559][ T3304] swapcached 8192
[  117.798172][ T3304] pgpgin 116862
[  117.801681][ T3304] pgpgout 116860
[  117.805210][ T3304] pgfault 129568
[  117.808739][ T3304] pgmajfault 60
[  117.812268][ T3304] inactive_anon 8192
[  117.816180][ T3304] active_anon 0
[  117.819633][ T3304] inactive_file 0
[  117.823353][ T3304] active_file 0
[  117.823487][ T7245] loop1: detected capacity change from 0 to 512
[  117.826855][ T3304] unevictable 0
[  117.826863][ T3304] hierarchical_memory_limit 314572800
[  117.826872][ T3304] hierarchical_memsw_limit 9223372036854771712
[  117.848167][ T3304] total_cache 0
[  117.851749][ T3304] total_rss 0
[  117.855113][ T3304] total_shmem 0
[  117.858574][ T3304] total_mapped_file 0
[  117.862647][ T3304] total_dirty 0
[  117.866090][ T3304] total_writeback 0
[  117.869917][ T3304] total_workingset_refault_anon 88
[  117.875009][ T3304] total_workingset_refault_file 318
[  117.880320][ T3304] total_swap 188416
[  117.884276][ T3304] total_swapcached 8192
[  117.888419][ T3304] total_pgpgin 116862
[  117.892402][ T3304] total_pgpgout 116860
[  117.896571][ T3304] total_pgfault 129568
[  117.900634][ T3304] total_pgmajfault 60
[  117.904592][ T3304] total_inactive_anon 8192
[  117.908991][ T3304] total_active_anon 0
[  117.913034][ T3304] total_inactive_file 0
[  117.917192][ T3304] total_active_file 0
[  117.921175][ T3304] total_unevictable 0
[  117.925135][ T3304] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.1218,pid=7197,uid=0
[  117.939795][ T3304] Memory cgroup out of memory: Killed process 7197 (syz.0.1218) total-vm:93760kB, anon-rss:944kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  117.960841][ T7245] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.983721][ T7245] ext4 filesystem being mounted at /272/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.041553][ T7245] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.111426][ T7245] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.129868][ T7253] loop2: detected capacity change from 0 to 512
[  118.138102][ T7253] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  118.161712][ T7245] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.300938][ T7257] FAULT_INJECTION: forcing a failure.
[  118.300938][ T7257] name failslab, interval 1, probability 0, space 0, times 0
[  118.313710][ T7257] CPU: 1 UID: 0 PID: 7257 Comm: syz.3.1237 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(voluntary) 
[  118.313742][ T7257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  118.313755][ T7257] Call Trace:
[  118.313761][ T7257]  <TASK>
[  118.313769][ T7257]  __dump_stack+0x1d/0x30
[  118.313791][ T7257]  dump_stack_lvl+0xe8/0x140
[  118.313894][ T7257]  dump_stack+0x15/0x1b
[  118.313911][ T7257]  should_fail_ex+0x265/0x280
[  118.313933][ T7257]  should_failslab+0x8c/0xb0
[  118.313966][ T7257]  __kmalloc_node_noprof+0xa9/0x410
[  118.313988][ T7257]  ? __vmalloc_node_range_noprof+0x3f9/0xe00
[  118.314059][ T7257]  __vmalloc_node_range_noprof+0x3f9/0xe00
[  118.314161][ T7257]  ? cred_has_capability+0x210/0x280
[  118.314180][ T7257]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[  118.314236][ T7257]  __vmalloc_noprof+0x83/0xc0
[  118.314261][ T7257]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[  118.314372][ T7257]  bpf_prog_alloc_no_stats+0x47/0x3a0
[  118.314446][ T7257]  ? bpf_prog_alloc+0x2a/0x150
[  118.314473][ T7257]  bpf_prog_alloc+0x3c/0x150
[  118.314533][ T7257]  bpf_prog_load+0x514/0x1070
[  118.314556][ T7257]  ? security_bpf+0x2b/0x90
[  118.314587][ T7257]  __sys_bpf+0x462/0x7b0
[  118.314662][ T7257]  __x64_sys_bpf+0x41/0x50
[  118.314688][ T7257]  x64_sys_call+0x2aea/0x2ff0
[  118.314766][ T7257]  do_syscall_64+0xd2/0x200
[  118.314786][ T7257]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  118.314926][ T7257]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  118.314956][ T7257]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.315043][ T7257] RIP: 0033:0x7f3f5997e9a9
[  118.315058][ T7257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.315086][ T7257] RSP: 002b:00007f3f57fdf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  118.315102][ T7257] RAX: ffffffffffffffda RBX: 00007f3f59ba5fa0 RCX: 00007f3f5997e9a9
[  118.315113][ T7257] RDX: 0000000000000094 RSI: 0000200000000200 RDI: 0000000000000005
[  118.315124][ T7257] RBP: 00007f3f57fdf090 R08: 0000000000000000 R09: 0000000000000000
[  118.315208][ T7257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.315219][ T7257] R13: 0000000000000000 R14: 00007f3f59ba5fa0 R15: 00007ffe009360f8
[  118.315251][ T7257]  </TASK>
[  118.315257][ T7257] syz.3.1237: vmalloc error: size 4096, failed to allocated page array size 8, mode:0x500dc2(GFP_HIGHUSER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0
[  118.556450][ T7257] CPU: 1 UID: 0 PID: 7257 Comm: syz.3.1237 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(voluntary) 
[  118.556480][ T7257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  118.556492][ T7257] Call Trace:
[  118.556509][ T7257]  <TASK>
[  118.556517][ T7257]  __dump_stack+0x1d/0x30
[  118.556537][ T7257]  dump_stack_lvl+0xe8/0x140
[  118.556567][ T7257]  dump_stack+0x15/0x1b
[  118.556632][ T7257]  warn_alloc+0x12b/0x1a0
[  118.556656][ T7257]  ? should_failslab+0x8c/0xb0
[  118.556688][ T7257]  __vmalloc_node_range_noprof+0x497/0xe00
[  118.556715][ T7257]  ? cred_has_capability+0x210/0x280
[  118.556807][ T7257]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[  118.556838][ T7257]  __vmalloc_noprof+0x83/0xc0
[  118.556861][ T7257]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[  118.556924][ T7257]  bpf_prog_alloc_no_stats+0x47/0x3a0
[  118.556952][ T7257]  ? bpf_prog_alloc+0x2a/0x150
[  118.557015][ T7257]  bpf_prog_alloc+0x3c/0x150
[  118.557084][ T7257]  bpf_prog_load+0x514/0x1070
[  118.557108][ T7257]  ? security_bpf+0x2b/0x90
[  118.557137][ T7257]  __sys_bpf+0x462/0x7b0
[  118.557159][ T7257]  __x64_sys_bpf+0x41/0x50
[  118.557188][ T7257]  x64_sys_call+0x2aea/0x2ff0
[  118.557221][ T7257]  do_syscall_64+0xd2/0x200
[  118.557234][ T7257]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  118.557249][ T7257]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  118.557321][ T7257]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.557334][ T7257] RIP: 0033:0x7f3f5997e9a9
[  118.557344][ T7257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.557354][ T7257] RSP: 002b:00007f3f57fdf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  118.557441][ T7257] RAX: ffffffffffffffda RBX: 00007f3f59ba5fa0 RCX: 00007f3f5997e9a9
[  118.557448][ T7257] RDX: 0000000000000094 RSI: 0000200000000200 RDI: 0000000000000005
[  118.557455][ T7257] RBP: 00007f3f57fdf090 R08: 0000000000000000 R09: 0000000000000000
[  118.557462][ T7257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.557468][ T7257] R13: 0000000000000000 R14: 00007f3f59ba5fa0 R15: 00007ffe009360f8
[  118.557478][ T7257]  </TASK>
[  118.557493][ T7257] Mem-Info:
[  118.773985][ T7257] active_anon:6783 inactive_anon:2 isolated_anon:0
[  118.773985][ T7257]  active_file:6097 inactive_file:2312 isolated_file:0
[  118.773985][ T7257]  unevictable:0 dirty:82 writeback:0
[  118.773985][ T7257]  slab_reclaimable:3229 slab_unreclaimable:14459
[  118.773985][ T7257]  mapped:31941 shmem:3199 pagetables:1264
[  118.773985][ T7257]  sec_pagetables:0 bounce:0
[  118.773985][ T7257]  kernel_misc_reclaimable:0
[  118.773985][ T7257]  free:1839352 free_pcp:71209 free_cma:0
[  118.818999][ T7257] Node 0 active_anon:27132kB inactive_anon:8kB active_file:24388kB inactive_file:9248kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:127764kB dirty:328kB writeback:0kB shmem:12796kB writeback_tmp:0kB kernel_stack:4224kB pagetables:5056kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  118.847891][ T7257] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  118.876539][ T7257] lowmem_reserve[]: 0 2883 7862 7862
[  118.881840][ T7257] Node 0 DMA32 free:2949496kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953028kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB
[  118.911861][ T7257] lowmem_reserve[]: 0 0 4978 4978
[  118.916989][ T7257] Node 0 Normal free:4392552kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:27132kB inactive_anon:8kB active_file:24388kB inactive_file:9248kB unevictable:0kB writepending:328kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:281304kB local_pcp:49256kB free_cma:0kB
[  118.949095][ T7257] lowmem_reserve[]: 0 0 0 0
[  118.953626][ T7257] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  118.966252][ T7257] Node 0 DMA32: 4*4kB (M) 3*8kB (M) 3*16kB (M) 3*32kB (M) 5*64kB (M) 3*128kB (M) 2*256kB (M) 4*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949496kB
[  118.982475][ T7257] Node 0 Normal: 100*4kB (UE) 5*8kB (E) 390*16kB (UME) 435*32kB (UME) 478*64kB (UME) 250*128kB (UME) 73*256kB (UME) 26*512kB (UM) 31*1024kB (UM) 53*2048kB (UE) 1010*4096kB (UM) = 4392440kB
[  119.001222][ T7257] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  119.010526][ T7257] 11631 total pagecache pages
[  119.015173][ T7257] 28 pages in swap cache
[  119.019387][ T7257] Free swap  = 124884kB
[  119.023534][ T7257] Total swap = 124996kB
[  119.027712][ T7257] 2097051 pages RAM
[  119.031504][ T7257] 0 pages HighMem/MovableOnly
[  119.036157][ T7257] 80394 pages reserved
[  119.062027][ T7245] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.301764][ T6380] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  119.449976][ T6380] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  119.473831][ T6380] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  119.482288][ T6380] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  119.498964][ T7281] loop0: detected capacity change from 0 to 512
[  119.537778][ T7288] netlink: 'syz.1.1249': attribute type 21 has an invalid length.
[  119.545876][ T7290] FAULT_INJECTION: forcing a failure.
[  119.545876][ T7290] name failslab, interval 1, probability 0, space 0, times 0
[  119.558621][ T7290] CPU: 0 UID: 0 PID: 7290 Comm: syz.2.1251 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(voluntary) 
[  119.558665][ T7290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  119.558677][ T7290] Call Trace:
[  119.558684][ T7290]  <TASK>
[  119.558692][ T7290]  __dump_stack+0x1d/0x30
[  119.558781][ T7290]  dump_stack_lvl+0xe8/0x140
[  119.558816][ T7290]  dump_stack+0x15/0x1b
[  119.558833][ T7290]  should_fail_ex+0x265/0x280
[  119.558853][ T7290]  should_failslab+0x8c/0xb0
[  119.558900][ T7290]  kmem_cache_alloc_noprof+0x50/0x310
[  119.558918][ T7290]  ? skb_clone+0x151/0x1f0
[  119.558948][ T7290]  skb_clone+0x151/0x1f0
[  119.559040][ T7290]  __netlink_deliver_tap+0x2c9/0x500
[  119.559100][ T7290]  netlink_unicast+0x66b/0x690
[  119.559128][ T7290]  netlink_sendmsg+0x58b/0x6b0
[  119.559161][ T7290]  ? __pfx_netlink_sendmsg+0x10/0x10
[  119.559204][ T7290]  __sock_sendmsg+0x142/0x180
[  119.559225][ T7290]  ____sys_sendmsg+0x345/0x4e0
[  119.559254][ T7290]  ___sys_sendmsg+0x17b/0x1d0
[  119.559293][ T7290]  __sys_sendmmsg+0x178/0x300
[  119.559353][ T7290]  __x64_sys_sendmmsg+0x57/0x70
[  119.559452][ T7290]  x64_sys_call+0x1c4a/0x2ff0
[  119.559474][ T7290]  do_syscall_64+0xd2/0x200
[  119.559496][ T7290]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  119.559522][ T7290]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  119.559578][ T7290]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.559600][ T7290] RIP: 0033:0x7f8c502de9a9
[  119.559616][ T7290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.559633][ T7290] RSP: 002b:00007f8c4e947038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  119.559653][ T7290] RAX: ffffffffffffffda RBX: 00007f8c50505fa0 RCX: 00007f8c502de9a9
[  119.559663][ T7290] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003
[  119.559674][ T7290] RBP: 00007f8c4e947090 R08: 0000000000000000 R09: 0000000000000000
[  119.559685][ T7290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  119.559696][ T7290] R13: 0000000000000000 R14: 00007f8c50505fa0 R15: 00007ffeeddd84c8
[  119.559711][ T7290]  </TASK>
[  119.866389][ T7302] loop2: detected capacity change from 0 to 512
[  119.893273][ T7302] ext4 filesystem being mounted at /229/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.915612][ T7311] loop4: detected capacity change from 0 to 1024
[  119.957668][ T7311] EXT4-fs: inline encryption not supported
[  119.963565][ T7311] EXT4-fs: Ignoring removed i_version option
[  119.969877][ T7315] IPVS: stopping master sync thread 7316 ...
[  119.983325][ T7311] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  119.994742][ T7302] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.015372][ T7318] loop3: detected capacity change from 0 to 512
[  120.042236][ T7302] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.056958][ T7318] ext4 filesystem being mounted at /266/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.072247][ T7311] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #3: block 1: comm syz.4.1257: lblock 1 mapped to illegal pblock 1 (length 1)
[  120.092783][ T7311] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1257: Failed to acquire dquot type 0
[  120.104546][ T7311] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.1257: Freeing blocks not in datazone - block = 0, count = 4096
[  120.125390][ T7302] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.138382][ T7318] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.149941][ T7311] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.1257: Invalid inode bitmap blk 0 in block_group 0
[  120.165202][ T7302] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.176756][ T6428] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:60: lblock 1 mapped to illegal pblock 1 (length 1)
[  120.231357][ T7318] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.241342][ T7311] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[  120.250356][ T6428] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:60: Failed to release dquot type 0
[  120.251550][ T7311] EXT4-fs (loop4): 1 orphan inode deleted
[  120.315749][ T6417] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  120.325572][ T7318] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.347370][ T6417] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  120.355962][ T6417] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  120.380913][ T7328] loop2: detected capacity change from 0 to 512
[  120.401611][ T7318] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.470142][ T7311] __nla_validate_parse: 1 callbacks suppressed
[  120.470159][ T7311] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1257'.
[  120.486768][ T6417] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  120.512219][ T6428] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  120.521080][ T7311] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1257'.
[  120.544900][ T7311] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5134 sclass=netlink_route_socket pid=7311 comm=syz.4.1257
[  120.570242][ T6380] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  120.592643][ T6380] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  120.605013][ T7332] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.1257: iget: bad extra_isize 65535 (inode size 256)
[  120.630298][ T6380] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  120.979875][   T29] kauditd_printk_skb: 687 callbacks suppressed
[  120.979892][   T29] audit: type=1326 audit(1753928719.585:6772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7344 comm="syz.0.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a3286e9a9 code=0x7ffc0000
[  121.009603][   T29] audit: type=1326 audit(1753928719.585:6773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7344 comm="syz.0.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a3286e9a9 code=0x7ffc0000
[  121.033054][   T29] audit: type=1326 audit(1753928719.585:6774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7344 comm="syz.0.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5a3286e9a9 code=0x7ffc0000
[  121.056445][   T29] audit: type=1326 audit(1753928719.585:6775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7344 comm="syz.0.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a3286e9a9 code=0x7ffc0000
[  121.107017][   T29] audit: type=1326 audit(1753928719.705:6776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7344 comm="syz.0.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a3286e9a9 code=0x7ffc0000
[  121.130521][   T29] audit: type=1326 audit(1753928719.705:6777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7344 comm="syz.0.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a3286e9a9 code=0x7ffc0000
[  121.154133][   T29] audit: type=1326 audit(1753928719.705:6778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7344 comm="syz.0.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a3286e9a9 code=0x7ffc0000
[  121.177610][   T29] audit: type=1326 audit(1753928719.705:6779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7344 comm="syz.0.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a3286e9a9 code=0x7ffc0000
[  121.201392][   T29] audit: type=1326 audit(1753928719.705:6780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7344 comm="syz.0.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a3286e9a9 code=0x7ffc0000
[  121.224835][   T29] audit: type=1326 audit(1753928719.705:6781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7344 comm="syz.0.1268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a3286e9a9 code=0x7ffc0000
[  121.350409][ T7360] loop1: detected capacity change from 0 to 1024
[  121.360098][ T7360] EXT4-fs: inline encryption not supported
[  121.365980][ T7360] EXT4-fs: Ignoring removed i_version option
[  121.367449][ T7362] FAULT_INJECTION: forcing a failure.
[  121.367449][ T7362] name failslab, interval 1, probability 0, space 0, times 0
[  121.384613][ T7362] CPU: 1 UID: 0 PID: 7362 Comm: syz.3.1276 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(voluntary) 
[  121.384641][ T7362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  121.384666][ T7362] Call Trace:
[  121.384672][ T7362]  <TASK>
[  121.384678][ T7362]  __dump_stack+0x1d/0x30
[  121.384698][ T7362]  dump_stack_lvl+0xe8/0x140
[  121.384744][ T7362]  dump_stack+0x15/0x1b
[  121.384761][ T7362]  should_fail_ex+0x265/0x280
[  121.384787][ T7362]  should_failslab+0x8c/0xb0
[  121.384818][ T7362]  kmem_cache_alloc_noprof+0x50/0x310
[  121.384863][ T7362]  ? audit_log_start+0x365/0x6c0
[  121.384897][ T7362]  audit_log_start+0x365/0x6c0
[  121.384940][ T7362]  audit_seccomp+0x48/0x100
[  121.385022][ T7362]  ? __seccomp_filter+0x68c/0x10d0
[  121.385046][ T7362]  __seccomp_filter+0x69d/0x10d0
[  121.385068][ T7362]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  121.385096][ T7362]  ? vfs_write+0x75e/0x8e0
[  121.385121][ T7362]  ? __rcu_read_unlock+0x4f/0x70
[  121.385180][ T7362]  ? __fget_files+0x184/0x1c0
[  121.385211][ T7362]  __secure_computing+0x82/0x150
[  121.385235][ T7362]  syscall_trace_enter+0xcf/0x1e0
[  121.385341][ T7362]  do_syscall_64+0xac/0x200
[  121.385362][ T7362]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  121.385403][ T7362]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  121.385437][ T7362]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.385460][ T7362] RIP: 0033:0x7f3f5997e9a9
[  121.385476][ T7362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.385523][ T7362] RSP: 002b:00007f3f57fdf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000043
[  121.385570][ T7362] RAX: ffffffffffffffda RBX: 00007f3f59ba5fa0 RCX: 00007f3f5997e9a9
[  121.385583][ T7362] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  121.385595][ T7362] RBP: 00007f3f57fdf090 R08: 0000000000000000 R09: 0000000000000000
[  121.385605][ T7362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  121.385618][ T7362] R13: 0000000000000000 R14: 00007f3f59ba5fa0 R15: 00007ffe009360f8
[  121.385636][ T7362]  </TASK>
[  121.386342][ T7360] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  121.620881][ T7360] EXT4-fs error (device loop1): ext4_map_blocks:816: inode #3: block 1: comm syz.1.1275: lblock 1 mapped to illegal pblock 1 (length 1)
[  121.639108][ T7360] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1275: Failed to acquire dquot type 0
[  121.654585][ T7360] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.1275: Freeing blocks not in datazone - block = 0, count = 4096
[  121.697296][ T7360] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.1275: Invalid inode bitmap blk 0 in block_group 0
[  121.710295][ T6406] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:41: lblock 1 mapped to illegal pblock 1 (length 1)
[  121.726992][ T1045] hid-generic 0000:0000:0000.0043: unknown main item tag 0x0
[  121.744937][ T7376] loop4: detected capacity change from 0 to 1024
[  121.752126][ T1045] hid-generic 0000:0000:0000.0043: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  121.770713][ T7376] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  121.789390][ T6406] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:41: Failed to release dquot type 0
[  121.880576][ T7360] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  121.942102][ T7360] EXT4-fs (loop1): 1 orphan inode deleted
[  122.008711][ T7391] loop4: detected capacity change from 0 to 128
[  122.016004][ T7391] FAT-fs (loop4): Directory bread(block 162) failed
[  122.023397][ T7391] FAT-fs (loop4): Directory bread(block 163) failed
[  122.032636][ T7360] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1275'.
[  122.052440][ T7360] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1275'.
[  122.064039][ T7391] FAT-fs (loop4): Directory bread(block 164) failed
[  122.070898][ T7391] FAT-fs (loop4): Directory bread(block 165) failed
[  122.077564][ T7391] FAT-fs (loop4): Directory bread(block 166) failed
[  122.084663][ T7391] FAT-fs (loop4): Directory bread(block 167) failed
[  122.091509][ T7391] FAT-fs (loop4): Directory bread(block 168) failed
[  122.098242][ T7391] FAT-fs (loop4): Directory bread(block 169) failed
[  122.105865][ T7393] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5134 sclass=netlink_route_socket pid=7393 comm=syz.1.1275
[  122.122287][ T7393] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.1275: iget: bad extra_isize 65535 (inode size 256)
[  122.126220][ T7394] FAULT_INJECTION: forcing a failure.
[  122.126220][ T7394] name failslab, interval 1, probability 0, space 0, times 0
[  122.142423][ T7391] FAT-fs (loop4): Directory bread(block 162) failed
[  122.147683][ T7394] CPU: 1 UID: 0 PID: 7394 Comm: syz.2.1286 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(voluntary) 
[  122.147760][ T7394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  122.147779][ T7394] Call Trace:
[  122.147786][ T7394]  <TASK>
[  122.147794][ T7394]  __dump_stack+0x1d/0x30
[  122.147814][ T7394]  dump_stack_lvl+0xe8/0x140
[  122.147847][ T7394]  dump_stack+0x15/0x1b
[  122.147862][ T7394]  should_fail_ex+0x265/0x280
[  122.147921][ T7394]  should_failslab+0x8c/0xb0
[  122.147951][ T7394]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  122.147971][ T7394]  ? __d_alloc+0x3d/0x340
[  122.148031][ T7394]  __d_alloc+0x3d/0x340
[  122.148061][ T7394]  d_alloc_parallel+0x53/0xc60
[  122.148114][ T7394]  ? selinux_inode_permission+0x62d/0x740
[  122.148148][ T7394]  ? make_vfsuid+0x49/0xa0
[  122.148176][ T7394]  ? lockref_get_not_dead+0x120/0x1c0
[  122.148245][ T7394]  ? __rcu_read_unlock+0x4f/0x70
[  122.148269][ T7394]  __lookup_slow+0x8c/0x250
[  122.148353][ T7394]  lookup_slow+0x3c/0x60
[  122.148370][ T7394]  walk_component+0x1ec/0x220
[  122.148423][ T7394]  path_lookupat+0xfe/0x2a0
[  122.148456][ T7394]  filename_lookup+0x147/0x340
[  122.148495][ T7394]  user_path_at+0x3e/0x130
[  122.148514][ T7394]  __se_sys_inotify_add_watch+0x102/0x7b0
[  122.148651][ T7394]  ? fput+0x8f/0xc0
[  122.148668][ T7394]  ? ksys_write+0x192/0x1a0
[  122.148700][ T7394]  __x64_sys_inotify_add_watch+0x43/0x50
[  122.148728][ T7394]  x64_sys_call+0xfc7/0x2ff0
[  122.148749][ T7394]  do_syscall_64+0xd2/0x200
[  122.148841][ T7394]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  122.148868][ T7394]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  122.148901][ T7394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.148923][ T7394] RIP: 0033:0x7f8c502de9a9
[  122.148963][ T7394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.148980][ T7394] RSP: 002b:00007f8c4e947038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fe
[  122.148999][ T7394] RAX: ffffffffffffffda RBX: 00007f8c50505fa0 RCX: 00007f8c502de9a9
[  122.149011][ T7394] RDX: 0000000040000022 RSI: 0000200000000080 RDI: 0000000000000003
[  122.149023][ T7394] RBP: 00007f8c4e947090 R08: 0000000000000000 R09: 0000000000000000
[  122.149035][ T7394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.149048][ T7394] R13: 0000000000000000 R14: 00007f8c50505fa0 R15: 00007ffeeddd84c8
[  122.149065][ T7394]  </TASK>
[  122.153469][ T7394] loop2: detected capacity change from 0 to 1024
[  122.155069][ T7391] FAT-fs (loop4): Directory bread(block 163) failed
[  122.169194][ T7394] EXT4-fs: inline encryption not supported
[  122.177739][ T7391] bio_check_eod: 2 callbacks suppressed
[  122.177751][ T7391] syz.4.1285: attempt to access beyond end of device
[  122.177751][ T7391] loop4: rw=3, sector=226, nr_sectors = 6 limit=128
[  122.179885][ T7394] EXT4-fs: Ignoring removed i_version option
[  122.191751][ T7394] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  122.194318][ T7394] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 2: comm syz.2.1286: lblock 2 mapped to illegal pblock 2 (length 1)
[  122.196045][ T7391] syz.4.1285: attempt to access beyond end of device
[  122.196045][ T7391] loop4: rw=2051, sector=232, nr_sectors = 2 limit=128
[  122.205360][ T7394] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 48: comm syz.2.1286: lblock 0 mapped to illegal pblock 48 (length 1)
[  122.488943][ T7394] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1286: Failed to acquire dquot type 0
[  122.503770][ T7394] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6250: Corrupt filesystem
[  122.518886][ T7394] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.1286: mark_inode_dirty error
[  122.530338][ T7400] loop4: detected capacity change from 0 to 2048
[  122.530979][ T7394] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  122.547150][ T7394] EXT4-fs (loop2): 1 orphan inode deleted
[  122.570245][ T6417] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:49: lblock 1 mapped to illegal pblock 1 (length 1)
[  122.570303][ T7400]  loop4: p1 < > p4
[  122.589120][ T7400] loop4: p4 size 8388608 extends beyond EOD, truncated
[  122.599770][ T6417] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:49: Failed to release dquot type 0
[  122.626822][ T3301] EXT4-fs error (device loop2): __ext4_get_inode_loc:4787: comm syz-executor: Invalid inode table block 1 in block_group 0
[  122.652017][ T3301] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6250: Corrupt filesystem
[  122.666500][ T7404] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1291'.
[  122.674824][ T3301] EXT4-fs error (device loop2): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error
[  122.682757][ T7404] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  122.693982][ T7404] batman_adv: batadv0: Removing interface: batadv_slave_0
[  122.706712][ T7404] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  122.714132][ T7404] batman_adv: batadv0: Removing interface: batadv_slave_1
[  122.936632][ T7430] netlink: 7 bytes leftover after parsing attributes in process `syz.3.1297'.
[  122.945949][ T7430] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1297'.
[  122.954946][ T7430] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1297'.
[  123.551889][ T7439] netlink: 'syz.4.1300': attribute type 21 has an invalid length.
[  123.559772][ T7439] netlink: 164 bytes leftover after parsing attributes in process `syz.4.1300'.
[  123.931092][    T9] hid-generic 0000:0000:0000.0044: unknown main item tag 0x0
[  123.941203][    T9] hid-generic 0000:0000:0000.0044: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  123.956378][ T7460] loop3: detected capacity change from 0 to 1024
[  123.963740][ T7460] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  124.090215][ T7479] netlink: 'syz.3.1314': attribute type 21 has an invalid length.
[  124.098092][ T7479] netlink: 164 bytes leftover after parsing attributes in process `syz.3.1314'.
[  124.234542][ T7457] syz.4.1306 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  124.248789][ T7457] CPU: 1 UID: 0 PID: 7457 Comm: syz.4.1306 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(voluntary) 
[  124.248821][ T7457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  124.248835][ T7457] Call Trace:
[  124.248858][ T7457]  <TASK>
[  124.248866][ T7457]  __dump_stack+0x1d/0x30
[  124.248888][ T7457]  dump_stack_lvl+0xe8/0x140
[  124.248921][ T7457]  dump_stack+0x15/0x1b
[  124.249015][ T7457]  dump_header+0x81/0x220
[  124.249045][ T7457]  oom_kill_process+0x342/0x400
[  124.249071][ T7457]  out_of_memory+0x979/0xb80
[  124.249099][ T7457]  try_charge_memcg+0x5e6/0x9e0
[  124.249190][ T7457]  obj_cgroup_charge_pages+0xa6/0x150
[  124.249214][ T7457]  __memcg_kmem_charge_page+0x9f/0x170
[  124.249293][ T7457]  __alloc_frozen_pages_noprof+0x188/0x360
[  124.249323][ T7457]  alloc_pages_mpol+0xb3/0x250
[  124.249421][ T7457]  alloc_pages_noprof+0x90/0x130
[  124.249448][ T7457]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  124.249487][ T7457]  __kvmalloc_node_noprof+0x30f/0x4e0
[  124.249511][ T7457]  ? ip_set_alloc+0x1f/0x30
[  124.249685][ T7457]  ? ip_set_alloc+0x1f/0x30
[  124.249712][ T7457]  ? __kmalloc_cache_noprof+0x189/0x320
[  124.249819][ T7457]  ip_set_alloc+0x1f/0x30
[  124.249844][ T7457]  hash_netiface_create+0x282/0x740
[  124.249872][ T7457]  ? __pfx_hash_netiface_create+0x10/0x10
[  124.249976][ T7457]  ip_set_create+0x3cc/0x960
[  124.250074][ T7457]  ? __nla_parse+0x40/0x60
[  124.250098][ T7457]  nfnetlink_rcv_msg+0x4c6/0x590
[  124.250196][ T7457]  netlink_rcv_skb+0x123/0x220
[  124.250224][ T7457]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  124.250251][ T7457]  nfnetlink_rcv+0x16b/0x1690
[  124.250273][ T7457]  ? nlmon_xmit+0x4f/0x60
[  124.250338][ T7457]  ? consume_skb+0x49/0x150
[  124.250365][ T7457]  ? nlmon_xmit+0x4f/0x60
[  124.250427][ T7457]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  124.250460][ T7457]  ? __dev_queue_xmit+0x1200/0x2000
[  124.250487][ T7457]  ? __dev_queue_xmit+0x182/0x2000
[  124.250521][ T7457]  ? ref_tracker_free+0x37d/0x3e0
[  124.250564][ T7457]  ? __netlink_deliver_tap+0x4dc/0x500
[  124.250594][ T7457]  netlink_unicast+0x5bd/0x690
[  124.250638][ T7457]  netlink_sendmsg+0x58b/0x6b0
[  124.250666][ T7457]  ? __pfx_netlink_sendmsg+0x10/0x10
[  124.250694][ T7457]  __sock_sendmsg+0x142/0x180
[  124.250781][ T7457]  ____sys_sendmsg+0x31e/0x4e0
[  124.250814][ T7457]  ___sys_sendmsg+0x17b/0x1d0
[  124.250854][ T7457]  __x64_sys_sendmsg+0xd4/0x160
[  124.250911][ T7457]  x64_sys_call+0x191e/0x2ff0
[  124.250992][ T7457]  do_syscall_64+0xd2/0x200
[  124.251017][ T7457]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  124.251042][ T7457]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  124.251101][ T7457]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.251121][ T7457] RIP: 0033:0x7f82810ee9a9
[  124.251192][ T7457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.251216][ T7457] RSP: 002b:00007f827f74f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  124.251237][ T7457] RAX: ffffffffffffffda RBX: 00007f8281315fa0 RCX: 00007f82810ee9a9
[  124.251250][ T7457] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  124.251262][ T7457] RBP: 00007f8281170d69 R08: 0000000000000000 R09: 0000000000000000
[  124.251273][ T7457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  124.251353][ T7457] R13: 0000000000000000 R14: 00007f8281315fa0 R15: 00007fff24d83c18
[  124.251372][ T7457]  </TASK>
[  124.581768][ T7457] memory: usage 307200kB, limit 307200kB, failcnt 434
[  124.588509][ T7457] memory+swap: usage 307396kB, limit 9007199254740988kB, failcnt 0
[  124.596740][ T7457] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[  124.604116][ T7457] Memory cgroup stats for /syz4:
[  124.604299][ T7457] cache 0
[  124.612338][ T7457] rss 0
[  124.615203][ T7457] shmem 0
[  124.618137][ T7457] mapped_file 0
[  124.621603][ T7457] dirty 0
[  124.624526][ T7457] writeback 4096
[  124.628055][ T7457] workingset_refault_anon 144
[  124.632996][ T7457] workingset_refault_file 498
[  124.637824][ T7457] swap 200704
[  124.641142][ T7457] swapcached 4096
[  124.644764][ T7457] pgpgin 138733
[  124.647545][ T7492] loop0: detected capacity change from 0 to 1024
[  124.648219][ T7457] pgpgout 138732
[  124.648227][ T7457] pgfault 159906
[  124.648234][ T7457] pgmajfault 107
[  124.655464][ T7492] EXT4-fs: inline encryption not supported
[  124.658385][ T7457] inactive_anon 4096
[  124.658395][ T7457] active_anon 0
[  124.658402][ T7457] inactive_file 0
[  124.661982][ T7492] EXT4-fs: Ignoring removed i_version option
[  124.665504][ T7457] active_file 0
[  124.665514][ T7457] unevictable 0
[  124.665521][ T7457] hierarchical_memory_limit 314572800
[  124.665529][ T7457] hierarchical_memsw_limit 9223372036854771712
[  124.665538][ T7457] total_cache 0
[  124.672374][ T7492] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  124.675229][ T7457] total_rss 0
[  124.675239][ T7457] total_shmem 0
[  124.675246][ T7457] total_mapped_file 0
[  124.680087][ T7492] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #3: block 1: comm syz.0.1319: lblock 1 mapped to illegal pblock 1 (length 1)
[  124.682310][ T7457] total_dirty 0
[  124.682319][ T7457] total_writeback 4096
[  124.688478][ T7492] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1319: Failed to acquire dquot type 0
[  124.691804][ T7457] total_workingset_refault_anon 144
[  124.691815][ T7457] total_workingset_refault_file 498
[  124.691828][ T7457] total_swap 200704
[  124.691835][ T7457] total_swapcached 4096
[  124.691843][ T7457] total_pgpgin 138733
[  124.695791][ T7492] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.1319: Freeing blocks not in datazone - block = 0, count = 4096
[  124.700660][ T7457] total_pgpgout 138732
[  124.700669][ T7457] total_pgfault 159906
[  124.707234][ T7492] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.1319: Invalid inode bitmap blk 0 in block_group 0
[  124.710328][ T7457] total_pgmajfault 107
[  124.710337][ T7457] total_inactive_anon 4096
[  124.710345][ T7457] total_active_anon 0
[  124.720725][ T6417] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:49: lblock 1 mapped to illegal pblock 1 (length 1)
[  124.723843][ T7457] total_inactive_file 0
[  124.727606][ T6417] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:49: Failed to release dquot type 0
[  124.731419][ T7457] total_active_file 0
[  124.746291][ T7492] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  124.749158][ T7457] total_unevictable 0
[  124.749231][ T7457] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null)
[  124.753492][ T7492] EXT4-fs (loop0): 1 orphan inode deleted
[  124.764434][ T7457] ,cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.1306,pid=7456,uid=0
[  124.901619][ T7457] Memory cgroup out of memory: Killed process 7456 (syz.4.1306) total-vm:95808kB, anon-rss:944kB, file-rss:22180kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  125.023643][ T7492] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5134 sclass=netlink_route_socket pid=7492 comm=syz.0.1319
[  125.044331][ T7492] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.1319: iget: bad extra_isize 65535 (inode size 256)
[  125.115905][ T3466] hid-generic 0000:0000:0000.0045: unknown main item tag 0x0
[  125.129025][ T7502] loop1: detected capacity change from 0 to 1024
[  125.136083][ T7502] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  125.144595][ T3466] hid-generic 0000:0000:0000.0045: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  125.186650][ T7518] netlink: 'syz.0.1329': attribute type 10 has an invalid length.
[  125.194973][ T7518] ipvlan0: entered allmulticast mode
[  125.200304][ T7518] veth0_vlan: entered allmulticast mode
[  125.206056][ T7518] team0: Device ipvlan0 is VLAN challenged and team device has VLAN set up
[  125.287408][ T7525] loop0: detected capacity change from 0 to 2048
[  125.387444][ T7535] loop1: detected capacity change from 0 to 1024
[  125.394389][ T7535] EXT4-fs: inline encryption not supported
[  125.400342][ T7535] EXT4-fs: Ignoring removed i_version option
[  125.407174][ T7535] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  125.420361][ T7535] EXT4-fs error (device loop1): ext4_map_blocks:816: inode #3: block 1: comm syz.1.1334: lblock 1 mapped to illegal pblock 1 (length 1)
[  125.434905][ T7535] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1334: Failed to acquire dquot type 0
[  125.446873][ T7535] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.1334: Freeing blocks not in datazone - block = 0, count = 4096
[  125.461201][ T7535] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.1334: Invalid inode bitmap blk 0 in block_group 0
[  125.474163][ T7535] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  125.483338][ T7535] EXT4-fs (loop1): 1 orphan inode deleted
[  125.492131][ T7535] __nla_validate_parse: 3 callbacks suppressed
[  125.492146][ T7535] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1334'.
[  125.507628][ T6380] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:20: lblock 1 mapped to illegal pblock 1 (length 1)
[  125.525871][ T6380] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:20: Failed to release dquot type 0
[  125.538271][ T7535] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1334'.
[  125.553817][ T7535] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5134 sclass=netlink_route_socket pid=7535 comm=syz.1.1334
[  125.588895][ T7535] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.1334: iget: bad extra_isize 65535 (inode size 256)
[  125.621481][ T7543] FAULT_INJECTION: forcing a failure.
[  125.621481][ T7543] name failslab, interval 1, probability 0, space 0, times 0
[  125.634236][ T7543] CPU: 0 UID: 0 PID: 7543 Comm: syz.0.1335 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(voluntary) 
[  125.634330][ T7543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  125.634342][ T7543] Call Trace:
[  125.634347][ T7543]  <TASK>
[  125.634353][ T7543]  __dump_stack+0x1d/0x30
[  125.634372][ T7543]  dump_stack_lvl+0xe8/0x140
[  125.634408][ T7543]  dump_stack+0x15/0x1b
[  125.634422][ T7543]  should_fail_ex+0x265/0x280
[  125.634501][ T7543]  ? bpf_prog_alloc_no_stats+0xc4/0x3a0
[  125.634610][ T7543]  should_failslab+0x8c/0xb0
[  125.634637][ T7543]  __kmalloc_cache_noprof+0x4c/0x320
[  125.634731][ T7543]  bpf_prog_alloc_no_stats+0xc4/0x3a0
[  125.634764][ T7543]  bpf_prog_alloc+0x3c/0x150
[  125.634795][ T7543]  bpf_prog_load+0x514/0x1070
[  125.634817][ T7543]  ? security_bpf+0x2b/0x90
[  125.634920][ T7543]  __sys_bpf+0x462/0x7b0
[  125.634943][ T7543]  __x64_sys_bpf+0x41/0x50
[  125.634971][ T7543]  x64_sys_call+0x2aea/0x2ff0
[  125.634992][ T7543]  do_syscall_64+0xd2/0x200
[  125.635017][ T7543]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  125.635044][ T7543]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  125.635075][ T7543]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.635095][ T7543] RIP: 0033:0x7f5a3286e9a9
[  125.635126][ T7543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.635141][ T7543] RSP: 002b:00007f5a30ecf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  125.635158][ T7543] RAX: ffffffffffffffda RBX: 00007f5a32a95fa0 RCX: 00007f5a3286e9a9
[  125.635171][ T7543] RDX: 0000000000000094 RSI: 00002000000001c0 RDI: 0000000000000005
[  125.635184][ T7543] RBP: 00007f5a30ecf090 R08: 0000000000000000 R09: 0000000000000000
[  125.635262][ T7543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.635275][ T7543] R13: 0000000000000000 R14: 00007f5a32a95fa0 R15: 00007ffe7ee5c258
[  125.635293][ T7543]  </TASK>
[  125.943493][ T7564] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1346'.
[  125.953962][ T7554] FAULT_INJECTION: forcing a failure.
[  125.953962][ T7554] name failslab, interval 1, probability 0, space 0, times 0
[  125.966622][ T7554] CPU: 1 UID: 0 PID: 7554 Comm: syz.1.1337 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(voluntary) 
[  125.966652][ T7554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  125.966663][ T7554] Call Trace:
[  125.966722][ T7554]  <TASK>
[  125.966731][ T7554]  __dump_stack+0x1d/0x30
[  125.966753][ T7554]  dump_stack_lvl+0xe8/0x140
[  125.966862][ T7554]  dump_stack+0x15/0x1b
[  125.966890][ T7554]  should_fail_ex+0x265/0x280
[  125.966908][ T7554]  should_failslab+0x8c/0xb0
[  125.966977][ T7554]  kmem_cache_alloc_noprof+0x50/0x310
[  125.966996][ T7554]  ? __send_signal_locked+0x154/0x760
[  125.967026][ T7554]  __send_signal_locked+0x154/0x760
[  125.967100][ T7554]  send_signal_locked+0x34e/0x3c0
[  125.967129][ T7554]  force_sig_info_to_task+0x1fb/0x290
[  125.967155][ T7554]  force_sig_fault+0x71/0xa0
[  125.967188][ T7554]  __bad_area_nosemaphore+0x25d/0x330
[  125.967258][ T7554]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  125.967364][ T7554]  exc_page_fault+0x62/0xa0
[  125.967399][ T7554]  asm_exc_page_fault+0x26/0x30
[  125.967434][ T7554] RIP: 0033:0x7f65e59c207e
[  125.967449][ T7554] Code: fd d7 c9 0f bc d1 c5 fe 7f 27 c5 fe 7f 6f 20 c5 fe 7f 77 40 c5 fe 7f 7f 60 49 83 c0 1f 49 29 d0 48 8d 7c 17 61 e9 d2 04 00 00 <c5> fe 6f 1e c5 fe 6f 56 20 c5 fd 74 cb c5 fd d7 d1 49 83 f8 21 0f
[  125.967469][ T7554] RSP: 002b:00007f65e403ebe8 EFLAGS: 00010287
[  125.967486][ T7554] RAX: 00007f65e403ec10 RBX: 0000000000000080 RCX: 0000000000000000
[  125.967499][ T7554] RDX: 00000000000003ff RSI: 0000000000000000 RDI: 00007f65e403ec10
[  125.967513][ T7554] RBP: 00007f65e403ec10 R08: 00000000000003ff R09: 0000000000000000
[  125.967527][ T7554] R10: 0000000000000000 R11: 0000000000000000 R12: cccccccccccccccd
[  125.967539][ T7554] R13: 0000000000000000 R14: 00007f65e5c05fa0 R15: 00007ffc8a2a1418
[  125.967606][ T7554]  </TASK>
[  125.984321][ T7569] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1348'.
[  126.039238][   T29] kauditd_printk_skb: 218 callbacks suppressed
[  126.039252][   T29] audit: type=1400 audit(1753928724.615:6986): avc:  denied  { prog_load } for  pid=7553 comm="syz.1.1337" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  126.055184][ T7570] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1348'.
[  126.061293][   T29] audit: type=1400 audit(1753928724.615:6987): avc:  denied  { create } for  pid=7553 comm="syz.1.1337" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  126.084333][ T7576] netlink: 'syz.3.1350': attribute type 21 has an invalid length.
[  126.094693][   T29] audit: type=1400 audit(1753928724.665:6988): avc:  denied  { execmem } for  pid=7566 comm="syz.2.1347" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=0
[  126.100623][ T7576] netlink: 164 bytes leftover after parsing attributes in process `syz.3.1350'.
[  126.158309][ T7582] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5134 sclass=netlink_route_socket pid=7582 comm=syz.0.1348
[  126.159153][   T29] audit: type=1400 audit(1753928724.665:6989): avc:  denied  { read write } for  pid=3298 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  126.280224][   T29] audit: type=1400 audit(1753928724.665:6990): avc:  denied  { read write } for  pid=3297 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  126.304429][   T29] audit: type=1400 audit(1753928724.685:6991): avc:  denied  { prog_load } for  pid=7571 comm="syz.1.1349" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  126.323453][   T29] audit: type=1400 audit(1753928724.685:6992): avc:  denied  { prog_load } for  pid=7571 comm="syz.1.1349" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  126.342559][   T29] audit: type=1326 audit(1753928724.685:6993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7571 comm="syz.1.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65e59de9a9 code=0x7ffc0000
[  126.365952][   T29] audit: type=1326 audit(1753928724.685:6994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7571 comm="syz.1.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65e59de9a9 code=0x7ffc0000
[  126.389377][   T29] audit: type=1326 audit(1753928724.685:6995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7571 comm="syz.1.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7f65e59de9a9 code=0x7ffc0000
[  126.516510][ T7596] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1358'.
[  126.598473][ T7608] netlink: 'syz.0.1364': attribute type 21 has an invalid length.
[  126.606382][ T7608] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1364'.
[  126.618220][ T7610] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1365'.
[  126.629189][ T7610] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1365'.
[  126.642781][ T7610] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5134 sclass=netlink_route_socket pid=7610 comm=syz.4.1365
[  128.053292][ T7727] netlink: 'syz.1.1417': attribute type 21 has an invalid length.
[  128.228001][ T7749] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5134 sclass=netlink_route_socket pid=7749 comm=syz.0.1429
[  129.078603][ T7845] bond1: entered promiscuous mode
[  129.083791][ T7845] bond1: entered allmulticast mode
[  129.089234][ T7845] 8021q: adding VLAN 0 to HW filter on device bond1
[  129.099259][ T7845] bond1 (unregistering): Released all slaves
[  129.116195][ T7853] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  129.720937][ T7887] ==================================================================
[  129.729038][ T7887] BUG: KCSAN: data-race in touch_atime / touch_atime
[  129.735739][ T7887] 
[  129.738048][ T7887] write to 0xffff88811a9f86c0 of 4 bytes by task 7884 on cpu 0:
[  129.745660][ T7887]  touch_atime+0x1e8/0x340
[  129.750075][ T7887]  shmem_file_splice_read+0x5b1/0x600
[  129.755442][ T7887]  splice_direct_to_actor+0x26c/0x680
[  129.760813][ T7887]  do_splice_direct+0xda/0x150
[  129.765572][ T7887]  do_sendfile+0x380/0x650
[  129.769996][ T7887]  __x64_sys_sendfile64+0x105/0x150
[  129.775198][ T7887]  x64_sys_call+0x2bb0/0x2ff0
[  129.779878][ T7887]  do_syscall_64+0xd2/0x200
[  129.784387][ T7887]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.790285][ T7887] 
[  129.792595][ T7887] read to 0xffff88811a9f86c0 of 4 bytes by task 7887 on cpu 1:
[  129.800120][ T7887]  touch_atime+0x194/0x340
[  129.804541][ T7887]  shmem_file_splice_read+0x5b1/0x600
[  129.809916][ T7887]  splice_direct_to_actor+0x26c/0x680
[  129.815298][ T7887]  do_splice_direct+0xda/0x150
[  129.820058][ T7887]  do_sendfile+0x380/0x650
[  129.824476][ T7887]  __x64_sys_sendfile64+0x105/0x150
[  129.829672][ T7887]  x64_sys_call+0x2bb0/0x2ff0
[  129.834343][ T7887]  do_syscall_64+0xd2/0x200
[  129.838845][ T7887]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.844734][ T7887] 
[  129.847044][ T7887] value changed: 0x13fe3b2e -> 0x1496d1ae
[  129.852749][ T7887] 
[  129.855054][ T7887] Reported by Kernel Concurrency Sanitizer on:
[  129.861189][ T7887] CPU: 1 UID: 0 PID: 7887 Comm: syz.4.1492 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(voluntary) 
[  129.873242][ T7887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  129.883285][ T7887] ==================================================================