last executing test programs:

3m17.607765261s ago: executing program 4 (id=2570):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, 0x0, 0x0)
listen(r0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x9, 0x4, 0x10000000, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
creat(&(0x7f0000000380)='./file0\x00', 0xfe)

3m17.451633093s ago: executing program 4 (id=2576):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r1)
socket$kcm(0xa, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], 0x0, 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r3, r2, 0x26, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r3}, &(0x7f0000000000), &(0x7f0000000080)=r1}, 0x20)

3m17.326112375s ago: executing program 4 (id=2579):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000004c0)=""/249, 0xf9}], 0x1}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c480000", @ANYRES16=0x0, @ANYBLOB="010000000008000000001200"], 0x1c}}, 0x0)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_load(r2, &(0x7f0000000340)={0xf97cff8c, 0x8}, 0x2000)

3m16.429588886s ago: executing program 4 (id=2584):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
umount2(0x0, 0x0)

3m16.365381277s ago: executing program 4 (id=2586):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000020000000000000000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0x9}, 0x18)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x80ff, &(0x7f0000000b40)={&(0x7f0000001040)=ANY=[@ANYBLOB="38010000100013071400000000000000ffffffff000000000000000000000000fe8000000000000000000000000000bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e00000410000000000000000000000000000000032000000ff01000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000200000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}, 0x1, 0xe}, 0x0)

3m15.36089028s ago: executing program 4 (id=2596):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, @void, @value}, 0x94)
r2 = creat(&(0x7f00000001c0)='./bus\x00', 0x43)
close(r2)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
dup(r3)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r4}, 0x10)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r5, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
r6 = socket$inet_dccp(0x2, 0x6, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000200), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b700000081020100bfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff000000002d030000000000001d400500000000004704000001ed000072030200030000001d440000000000006b0a00fe000000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f1ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c107571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d1abf3cb17b40ac9b10968f38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d61f3b39c64307f9c82b2807c9ff4a269841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67a41b9e320146ee9f566a28"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r7}, 0x10)
syz_clone(0x24001100, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r8=>0xffffffffffffffff})
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
close_range(r8, 0xffffffffffffffff, 0x0)

3m14.947582605s ago: executing program 32 (id=2596):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, @void, @value}, 0x94)
r2 = creat(&(0x7f00000001c0)='./bus\x00', 0x43)
close(r2)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
dup(r3)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r4}, 0x10)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r5, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
r6 = socket$inet_dccp(0x2, 0x6, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000200), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b700000081020100bfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff000000002d030000000000001d400500000000004704000001ed000072030200030000001d440000000000006b0a00fe000000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f1ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c107571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d1abf3cb17b40ac9b10968f38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d61f3b39c64307f9c82b2807c9ff4a269841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67a41b9e320146ee9f566a28"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r7}, 0x10)
syz_clone(0x24001100, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r8=>0xffffffffffffffff})
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
close_range(r8, 0xffffffffffffffff, 0x0)

2m56.589431332s ago: executing program 3 (id=2839):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000"], 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3, 0x0, 0x3}, 0x18)
unshare(0x2040400)
r4 = fsopen(&(0x7f0000000440)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
unshare(0x2000400)
fsmount(r4, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r5, 0x0, 0xf7}, 0x18)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x2)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000003c0)=0x3)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r4, 0x7, 0x0, 0x0, 0x0)
ioctl$TIOCVHANGUP(r6, 0x5437, 0x2)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r8 = socket(0x400000000010, 0x3, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=@newtfilter={0x54, 0x2c, 0xd27, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r10, {0xffff, 0x7}, {}, {0xa}}, [@filter_kind_options=@f_flow={{0x9}, {0x24, 0x2, [@TCA_FLOW_EMATCHES={0x20, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0x10, 0x1, 0x0, 0x0, {{0x9, 0x0, 0x1}, "e8"}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}]}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)
r11 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r11, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x0)
syz_usb_connect(0x2, 0x0, 0x0, &(0x7f00000007c0)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x201, 0x3, 0x4, 0x6, 0xff, 0x2}, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="000f0c984e06a52519827298"], 0x9, [{0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x3001}}, {0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x1809}}, {0x80, &(0x7f0000000400)=@string={0x80, 0x3, "0fa38ae5a909335a0860b2abc384ca052540af75acc4db9c3b10120461f13dc5bea49c9b17768adbb6d50bd4f1ac8af526827af571fbbeb76db4c1a4ad486a8cb7fec61d2186fcafce157590ee22cc337e4ce19bcb51c0293f6709247adbe5202360253edf23c32adc3c718d4eec24e60434d547c02a6789725d9202cc65"}}, {0x4, &(0x7f00000004c0)=@lang_id={0x4, 0x3, 0x440a}}, {0xad, &(0x7f0000000500)=ANY=[]}, {0xda, &(0x7f00000005c0)=@string={0xda, 0x3, "88a94888988222ffdbe7a0ed039821493cbeae1cd23ea16220e2686eff588b6b241e2baa62d92cba399da08d4b80bca4dceea09004a451f0131bf9003c0171bd770aee09944f416ac37a3f04a69b41067892936e2cd87db21acd0014ab0ba75146b3c1ad2d61dcdd11a2adb4ae292d8852fb5ed14ea6bc38cd122883986ac8e4e51f6214e363c4748c16d2f60d9aee311a23dd4a5768e286dc8f46f03f7e2253fd13d42eb5a74b6e6531f9427a87323ea9da390c1f2324f9b0d70827945a527e73090816da1ac808fa61bae9eb0f68d6454dcf79aad4a325"}}, {0x4, &(0x7f00000006c0)=@lang_id={0x4, 0x3, 0x83e}}, {0x4, &(0x7f0000000700)=@lang_id={0x4, 0x3, 0xcf22632c9056e086}}, {0x7e, &(0x7f0000000740)=@string={0x7e, 0x3, "3689418954921f72f460302edc6ac97aef7a64624aa78b768186da80e2b117bfd98da76a931cb5e0eea8073acc4797b64d45ed068c71a25961ec1dcfe2b07467ff6d6aaf496468e7bbcdb7e04f92cec962f68dae33708b18b746c84bfb9a938a75c4e4b8ec3ac25e08f5c71c40dcd8b9907c7837ef87105adabdc6d7"}}]})
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x600, 0x0, 0x0)

2m54.218414873s ago: executing program 3 (id=2850):
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000c"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x3}, 0x18)
unshare(0x2040400)
r2 = fsopen(&(0x7f0000000440)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
unshare(0x2000400)
fsmount(r2, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r3, 0x0, 0xf7}, 0x18)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0x2)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000003c0)=0x3)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x2)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x0)

2m50.709406608s ago: executing program 3 (id=2882):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040), 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x8404, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f0000000080)}, 0x400, 0x1, 0x0, 0x0, 0x0, 0x1fffffff, 0x0, 0x0, 0x3e, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0900000004000000080000001000000000000000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000400)=0xffffffffffffffff, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3c00000013000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="00000000871006001c001a8018000580140009"], 0x3c}}, 0x0)

2m50.615100539s ago: executing program 3 (id=2885):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, @void, @value}, 0x94)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {}, 0x4, 0x0, 0x1000}}, 0x26)
ioctl$PPPIOCGL2TPSTATS(r0, 0x40047459, 0x0)
pipe2$9p(&(0x7f0000001900), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e74657200180100000c0a010300000000000000000700fffe0900020073797a31000000000900010073797a3000000000ec000380e8000080d00001"], 0x1ac}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r2}, 0x10)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[], 0x15)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX])
creat(&(0x7f0000000040)='./file0\x00', 0x0)

2m50.58922955s ago: executing program 3 (id=2886):
r0 = open(&(0x7f0000000740)='./bus\x00', 0x143c62, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, @perf_bp={&(0x7f0000000200)}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0xd50, 0x10, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = io_uring_setup(0xf08, &(0x7f0000000280)={0x0, 0x826e, 0x40, 0x3, 0xf0, 0x0, r0})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x286ca06bbee933dc, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000640)=[{0x0}], 0x1)
syz_clone3(&(0x7f0000000000)={0x285002400, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x46)
io_uring_register$IORING_REGISTER_FILES(r1, 0x1e, &(0x7f0000000000)=[r1], 0x1)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)=0x1)
mmap(&(0x7f00002c4000/0x2000)=nil, 0x2000, 0x100000a, 0x10010, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
unlink(0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0)
ftruncate(r4, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000400)={<r5=>0xffffffffffffffff})
fcntl$setlease(0xffffffffffffffff, 0x400, 0x1)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_config_ext, 0x8, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8923, &(0x7f0000000000)={'vlan1\x00', @broadcast})
sendfile(r5, r4, 0x0, 0x578410e9)
write$cgroup_int(r4, &(0x7f0000000040)=0x5, 0x12)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

2m49.132852389s ago: executing program 3 (id=2919):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, @void, @value}, 0x94)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {}, 0x4, 0x0, 0x1000}}, 0x26)
ioctl$PPPIOCGL2TPSTATS(r0, 0x40047459, 0x0)
pipe2$9p(&(0x7f0000001900), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e74657200180100000c0a010300000000000000000700fffe0900020073797a31000000000900010073797a3000000000ec000380e8000080d00001"], 0x1ac}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r2}, 0x10)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[], 0x15)
r5 = dup(r4)
write$P9_RLERRORu(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000000180)=0xe, 0x4)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
creat(&(0x7f0000000040)='./file0\x00', 0x0)

2m34.092000652s ago: executing program 33 (id=2919):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, @void, @value}, 0x94)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {}, 0x4, 0x0, 0x1000}}, 0x26)
ioctl$PPPIOCGL2TPSTATS(r0, 0x40047459, 0x0)
pipe2$9p(&(0x7f0000001900), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e74657200180100000c0a010300000000000000000700fffe0900020073797a31000000000900010073797a3000000000ec000380e8000080d00001"], 0x1ac}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r2}, 0x10)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[], 0x15)
r5 = dup(r4)
write$P9_RLERRORu(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000000180)=0xe, 0x4)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
creat(&(0x7f0000000040)='./file0\x00', 0x0)

2.864025124s ago: executing program 6 (id=5129):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), r0)
r2 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000100)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="fd8d00000000000000000200000008000300", @ANYRES32=r3, @ANYBLOB="0a0009000180c2000000fdff08000b"], 0x30}}, 0x0) (fail_nth: 1)

2.608732507s ago: executing program 6 (id=5131):
r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000000140))
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x20}}, 0x10)
ioctl$FS_IOC_SETFLAGS(r0, 0xc0606610, &(0x7f0000000040)=0x60)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000040000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00\x00\b\x00\x00\x00\b'], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000000400)=[{&(0x7f0000000600)=""/194, 0xc2}, {&(0x7f0000000800)=""/208, 0xd0}, {&(0x7f0000001080)=""/4096, 0x1000}], 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a7"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r3}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x4}, 0x0, 0x0)

2.33026896s ago: executing program 2 (id=5134):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7fffffffffffffff}, 0x18)
r2 = socket$inet_sctp(0x2, 0x800000000000001, 0x84)
sendto$inet(r2, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r2, &(0x7f0000000100)='\x00', 0x1, 0x0, &(0x7f00000000c0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r2, 0x1)

1.919478035s ago: executing program 5 (id=5139):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r1=>r0}, './cgroup.cpu/cgroup.procs\x00'})
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, 0x0, &(0x7f0000000780))
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000000c0)="1f", 0x1}], 0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x18, 0xc, &(0x7f00000007c0)=ANY=[@ANYRES8=r1], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x1014088, &(0x7f0000000080)=ANY=[@ANYBLOB='utf8=0,shortname=mixed,fmask=00000000000000066,uni_xlate=1,uni_xlate=0,shortname=lower,shortname=lower,uni_xlate=0,utf8=1,shortname=lower,shortname=win95,rodir,shortname=mixed,rodir,dos1xfloppy,shortname=winnt,check=relaxed,\x00'], 0x10, 0x2e1, &(0x7f0000000480)="$eJzs3bFrJFUYAPBvNpPZVYtNYSWCA1pYHeZamw1yB2IqjxRqocHLgWSCkEDAU1yvsrWxsPAvEAT/EBv/A8FWsPOEg5GZndmZvay7l+M2ovn9mnz75n3fvPf2hUyKffvRyyfHd/O49+CLX2MUSQwmMYmHSezEIFpfxYLJNwEA/Jc9LMv4o5xZdn34D3lJRIw2OzQAYEPW/f2fSbvwpysZFgCwQXfee/+dvf39W+/m+Shun3x9flD9Z1/9nF3fuxefRBFH8UaM41FE/aCwHfXTQhXeLstymuaVnXjtZHp+UGWefPhzU3/v94g6fzfGsVM3zZ826vy392/t5jO9/Gk1jueb+0+q/JsxjhfnyUlbqMq/uSQ/DrJ4/dXe+G/EOH75OD6NIu7WuV3+l7t5/lb57Z+ff1BVrfKT6fnBsO7XKbeu9p0BAAAAAAAAAAAAAAAAAAAAAOD/7EZzds4w6vN7qqbm/J2tR9WL7chbO4vn88zyk7ZQ/3ygsiynZXxfn6+TJAsdu/w0Xkr7BwsCAAAAAAAAAAAAAAAAAADA9XX22f3jw6I4On0mQXsaQBoRf92JeNo6k17LK9EEgyYYNTdp+gybl4dFMWjCxYJpvyW22j5JRNdn1pb0Wu5Xk3ja1UjjUnN/7sKYm+CHHy9799H6PtvL7/Usg3Z3HR8my9dwGG3LqFmo77KIosiaDZnFE94re7ylHFd1jk7L7i1od8iKOtnSS+O1M20nOq/zQh1MV2RFsmpvvPnbQsHk8Y2U1as6X+dRdAu13QT98SzujSfaz1XN+jflgsRpHQAAAAAAAAAAAAAAAAAAsFHdp3/j4pfxP1iZOiiHmxwZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFyd7vv/LxFMm+Sj07N0TecsTs/+5SkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwDfwdAAD//9/WQ0s=")
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000840)={0x4, 0x5, 0x8003, 0xd, 0x2, 0x1565, 0x1, 0x2cbc}, &(0x7f0000000980)=0x20)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
preadv(r3, &(0x7f0000000000)=[{&(0x7f0000000080)=""/242, 0xf2}], 0x1, 0x2, 0x2)
syz_open_dev$usbfs(&(0x7f0000000000), 0xc, 0x101301)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r5, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001"], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x4f, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000380), &(0x7f00000003c0)=r6}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000002000000e27f000001"], 0x48)
faccessat2(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x5, 0x300)

1.772925817s ago: executing program 6 (id=5141):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000100)={'batadv0\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16, @ANYBLOB="fd8d00000000000000000200000008000300", @ANYRES32=r3, @ANYBLOB="0a0009000180c2000000fdff08000b"], 0x30}}, 0x0)

1.720513018s ago: executing program 0 (id=5144):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x0)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=ANY=[], 0xa0}}, 0x0)
r6 = socket(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000540)=0x7, 0x4)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file2\x00', 0x187842, 0x0)
r9 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
fallocate(r9, 0x0, 0x0, 0x1001f0)
fallocate(r9, 0x3, 0x9, 0x10000)
copy_file_range(r9, 0x0, r9, 0x0, 0x1000, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r8, 0xc028660f, &(0x7f0000000240)={0x3920e, r7, 0x3, 0x1, 0x5})
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmmsg(r6, &(0x7f0000000000), 0x4000000000001f2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r5}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newqdisc={0x58, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xf30, 0x1, 0x9, 0x1ff, 0x80, 0x7, 0x9, 0x3, 0x1}}}}]}, 0x58}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@gettclass={0x24, 0x2a, 0x1, 0xff81, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {}, {0x0, 0xc}}}, 0x24}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000000020200ddb1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000ca0000009500000000000000"], &(0x7f0000000400)='GPL\x00', 0x1, 0x3, &(0x7f0000000440)=""/224, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

1.720198238s ago: executing program 6 (id=5145):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0) (fail_nth: 1)

1.668895119s ago: executing program 1 (id=5146):
r0 = openat$ptp0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = dup(r0)
ioctl$PTP_EXTTS_REQUEST2(r3, 0x43403d05, 0x0)

1.418387812s ago: executing program 1 (id=5147):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(0x0, r0)
r2 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000100)={'batadv0\x00', <r3=>0x0})
r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="fd8d00000000000000000200000008000300", @ANYRES32=r3, @ANYBLOB="0a0009000180c2000000fdff08000b"], 0x30}}, 0x0)

1.408796542s ago: executing program 2 (id=5148):
socket(0x1d, 0x2, 0x6)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000), 0xffffff6a)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x794, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000400003800800014000000000080002400000fbff2b0003801400010067656e6576653000000000000000000014000100776732000000000000000000c6e49c0f5c000000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010067656e657665300000000000000000001400010076657468315f746f5f7465616d"], 0x110}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRESHEX=0x0, @ANYBLOB="00000000010000010078a2e730e2b01c000000"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x7, 0x0, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
recvmmsg(r3, &(0x7f0000000a00), 0x0, 0x10000, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0a00000004000000e27f00000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000cd1ccf3fefe70b6af648aa14939614afa5295dadcdcb74375850f358cfa550ec222113b78f65a3332b6c5bcd0ef31910ec763a82decae6abe36b16f16384b8767c9e3d44bd348e08d660cf27a7cd3d6aa12db7896012860ddba240db5eba5f88d0"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008b000000000000009500000000000000"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r8 = getpid()
sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
ioprio_get$uid(0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x4000, &(0x7f0000000580)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="796100000000000000007e00000033000300", @ANYRES32=0x0, @ANYBLOB="f679acab8222c8d994b7cf4628e0676e968f5dec0cdfbd1848bb1236569e21c2388a50aeca7685c24b07f92cba1e243537dd81918c6e438ee3e81b14efe0ba830e8500ce6f7aae9280d1d65bd9bf523d97a00613a08788a8cfee57f20e0ba2991205e48c3ee37570f80868b357cecca3729534fc83cfb09bbd24b95a12aadd025395790793308177a128cdc5039009f99d12e0b6693c87d0191e92cc2325fc24e929244bb1df332fe87453d630ff8740308d70e4e850a016f23bad63da295d279211cdf272bd8d2dee965c7ff83983e0123509bf18838c93b1fef10c7ea35255fae68dfe3894"], 0x1c}}, 0x4000054)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='nilfs2_segment_usage_freed\x00', r2, 0x0, 0x3}, 0x18)

1.408419272s ago: executing program 6 (id=5149):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='kmem_cache_free\x00', r1, 0x0, 0x800}, 0x18)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x80000)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x14, 0xc, &(0x7f0000000700)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095", @ANYRES8=0x0, @ANYRES64=r0], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @lirc_mode2, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="15000000fe00000000fb050544b464e15688d32a5c5533289936ec0000"], 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
gettid()
semget(0x2, 0x3, 0x650)

1.336605743s ago: executing program 6 (id=5150):
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000c"], 0x50)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x3}, 0x18)
unshare(0x2040400)
r2 = fsopen(&(0x7f0000000440)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
unshare(0x2000400)
fsmount(r2, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r3, 0x0, 0xf7}, 0x18)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x0)

1.274488954s ago: executing program 1 (id=5151):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="cd91f100efde175bd3772f7ab3c0904e3da7b8641de88335"], 0xffdd)

1.094113136s ago: executing program 1 (id=5152):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000000042a71d72caef000032000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f00000004c0)={0x0, 0x0, 0x1})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000480))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
unlinkat(0xffffffffffffffff, 0x0, 0x200)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='kfree\x00', r4, 0x0, 0x8}, 0x18)
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x42b00, 0x0)
ioctl$PTP_EXTTS_REQUEST2(r5, 0x43403d0e, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000002200)=[@in={0x2, 0x4e20, @remote}]}, &(0x7f0000000180)=0x10)

1.075126956s ago: executing program 2 (id=5153):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018020000", @ANYRES32, @ANYBLOB="00000000000000006600020000000000180000000000000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.039906647s ago: executing program 0 (id=5154):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="f4fbffff00000000000000000009000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000001c0)='kfree\x00', r0, 0x0, 0x4}, 0x18)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a)

1.023745217s ago: executing program 5 (id=5155):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$unlink(0x9, r1, r1)

1.014460977s ago: executing program 2 (id=5156):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000040), 0x10)
syz_io_uring_setup(0x2dec, &(0x7f0000000140)={0x0, 0xfada, 0x80, 0x2, 0x166}, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x4048884)

956.374288ms ago: executing program 0 (id=5157):
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x60ae0}], 0x318, 0x0, 0xdb0, 0xf5ffffff}, 0x3f01)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, &(0x7f00000000c0), 0x31}, 0x0)

956.013188ms ago: executing program 2 (id=5158):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7fffffffffffffff}, 0x18)
r2 = socket$inet_sctp(0x2, 0x800000000000001, 0x84)
sendto$inet(r2, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r2, &(0x7f0000000100)='\x00', 0x1, 0x0, &(0x7f00000000c0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r2, 0x1)

955.548868ms ago: executing program 5 (id=5159):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
chdir(&(0x7f0000000000)='./file0\x00')
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x1320, 0x0, 0x3, 0x5, 0x10000000, 0x800001, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000000300)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8004}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x30000c6, &(0x7f00000000c0), 0x2, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x242, 0x0)
pwrite64(r3, &(0x7f0000000480)='2', 0x1, 0x8080c64)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r4 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r4, r4, 0x0, 0x800000009)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00'}, 0x10)

881.699099ms ago: executing program 0 (id=5160):
socket$nl_rdma(0x10, 0x3, 0x14)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000009000000000000000020000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = msgget$private(0x0, 0x790)
msgsnd(r2, &(0x7f0000000800)=ANY=[@ANYRES8], 0x401, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001180)=@newtaction={0x898, 0x30, 0x12f, 0x0, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x2, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x247ecded, 0x0, 0x80000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0xb, 0x37, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0xb, 0x0, 0x0, 0x9, 0xfffffffd, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x5, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x3, 0x0, 0x1]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x10000004a56}, @TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x5, 0x0, 0x2, 0xb, 0xfffffffb, 0x0, 0x7, 0xfea7, 0x1, 0xffff8000, 0x90, 0x9fd, 0x2, 0xb8, 0xca2, 0x6, 0x3c, 0x7, 0x1, 0xa89c, 0x400, 0xc, 0x492217a0, 0xff, 0x5, 0x3, 0x1ff, 0xe5, 0x2f, 0xd, 0x3, 0xa, 0x3, 0x1, 0x9, 0x11, 0x188, 0x6, 0x3ff, 0x7, 0xd, 0x3, 0xc0000, 0x8, 0x8, 0xffffff40, 0x100, 0x3, 0x5, 0x7, 0xe0b2, 0x1, 0x8fc, 0x84, 0x9, 0x3, 0x9, 0x7ffffffd, 0x6, 0x0, 0x8, 0x800, 0x9, 0x4, 0x100, 0x401, 0x8, 0x3, 0xb5, 0x10001, 0x401, 0x1, 0x7f, 0x0, 0x8, 0x2, 0x7f, 0x0, 0x2, 0x4, 0x0, 0x1000004, 0x8000, 0x0, 0x9, 0x80, 0x7, 0x5, 0x1, 0x0, 0x7, 0xeb22, 0xd, 0x8000, 0xfffffff7, 0x0, 0x4, 0x3ff, 0x400000, 0x10, 0x5, 0x3, 0x10000, 0x5, 0x1, 0x0, 0x2, 0x6, 0x5, 0x6, 0xe5a, 0x4, 0x2, 0x81, 0xd44, 0x10, 0x6, 0x7fff, 0x800, 0xfffffff4, 0x10000, 0x5, 0x8, 0xba, 0x4, 0x89, 0x2, 0x6, 0x6, 0x9, 0xffffa3e0, 0x86b9, 0xff, 0x1, 0x2, 0xf, 0x24b9, 0x3a, 0xe01, 0x1, 0x6430, 0xd, 0x8, 0x0, 0x3, 0x7eb6, 0x3, 0x0, 0x200, 0xfffffeff, 0x9, 0xff, 0xa, 0x6, 0x7, 0x100, 0x1, 0x8001, 0x100, 0xffff9c71, 0x8, 0x101, 0x6, 0x2, 0xfffffc00, 0x81, 0x81, 0x200, 0x80000001, 0x1, 0xfffffffd, 0x9, 0x7, 0x4, 0xb, 0x80, 0x0, 0x0, 0x0, 0x5, 0x2, 0x65, 0x4, 0xfffffa0c, 0x3, 0x0, 0x2, 0x4, 0x35bc0, 0x9, 0xfffffffa, 0x7, 0x5, 0x3, 0x0, 0x6, 0x8, 0x28, 0x2, 0x5, 0x10001, 0x2, 0xf, 0xffffffff, 0x1, 0x723, 0x0, 0x9, 0x9, 0x4, 0x6, 0x7, 0x200, 0xfffffbff, 0x7, 0x3, 0x8, 0x5, 0xfffffffb, 0x2, 0x7f, 0x2, 0x80000002, 0x0, 0x9, 0x1ff, 0xfffffffe, 0x928, 0x4, 0xffffffff, 0x5, 0x6042, 0xb87, 0x6, 0x8d8d, 0x55, 0x101, 0x3, 0x64e8, 0x8, 0x82f, 0x772, 0x80a, 0xffe, 0x6, 0x3f7, 0x4, 0x8, 0x8, 0x1, 0x5d, 0x9, 0xd, 0x80]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x3}}}}]}]}, 0x898}, 0x1, 0x0, 0x0, 0x50}, 0x0)
msgrcv(r2, 0x0, 0x0, 0x3, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000400)={&(0x7f0000000a00)={0x32c, r4, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8}, @NL80211_ATTR_REG_RULES={0xa0, 0x22, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x6}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x5}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x401}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0xffffffff}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x8}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x1}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x10}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xffff}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x3}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x3}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xff}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x75a4}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x8}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x3}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x4}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xfffffff9}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x8f24}]}]}, @NL80211_ATTR_REG_RULES={0x1bc, 0x22, 0x0, 0x1, [{0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xa94}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xfffffff9}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x81}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x2}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x40}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x40}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x7f}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x401}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xd}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x800}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x8}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x1}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xfffffffe}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0xff}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x6}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x5}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x9}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x1}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x9}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x80}, @NL80211_ATTR_REG_RULE_FLAGS={0x8}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x81}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x2}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xffff}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0xfffffff9}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x6}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x800}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xfffffffe}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x5}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x6}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x8}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0xf0f}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0xdcb4}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x9df}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x9}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x6}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x1}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7fff}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x8001}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x9}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xff}, @NL80211_ATTR_FREQ_RANGE_END={0x8}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x5}, @NL80211_ATTR_REG_RULE_FLAGS={0x8}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x5}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xda7}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x9}]}]}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0xff}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_REG_RULES={0x8c, 0x22, 0x0, 0x1, [{0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x8}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x8}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x7ff}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x44b0}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x3ff}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x10000}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x7}]}, {0x4c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xffff}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0xfffffff8}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x4}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x1}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x6}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x4}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x4}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x9}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x6}]}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'bb\x00'}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x9}]}, 0x32c}, 0x1, 0x0, 0x0, 0xc0}, 0x20000081)
msgctl$IPC_RMID(r2, 0x0)
msgctl$IPC_RMID(r2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000580)='sched_switch\x00', r1}, 0x18)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r5}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4, 0x10000}, 0x0, 0x0)
socket$l2tp(0x2, 0x2, 0x73)

792.45998ms ago: executing program 5 (id=5161):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1b, 0x1ffffdf3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1da2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

754.566231ms ago: executing program 5 (id=5162):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$unlink(0x9, r1, r1)

733.337301ms ago: executing program 5 (id=5163):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000000042a71d72caef000032000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000480))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
ioctl$PTP_EXTTS_REQUEST2(0xffffffffffffffff, 0x43403d0e, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00'}, 0x10)
r2 = gettid()
socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
read$ptp(r3, 0x0, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="140100002800010004000040fcdbdf2503"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x4000000)

237.280077ms ago: executing program 1 (id=5164):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="cd91f100efde175bd3772f7ab3c0904e3da7b8641de88335"], 0xffdd)

162.692638ms ago: executing program 1 (id=5165):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r1=>r0}, './cgroup.cpu/cgroup.procs\x00'})
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, 0x0, &(0x7f0000000780))
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000000c0)="1f", 0x1}], 0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x18, 0xc, &(0x7f00000007c0)=ANY=[@ANYRES8=r1], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x1014088, &(0x7f0000000080)=ANY=[@ANYBLOB='utf8=0,shortname=mixed,fmask=00000000000000066,uni_xlate=1,uni_xlate=0,shortname=lower,shortname=lower,uni_xlate=0,utf8=1,shortname=lower,shortname=win95,rodir,shortname=mixed,rodir,dos1xfloppy,shortname=winnt,check=relaxed,\x00'], 0x10, 0x2e1, &(0x7f0000000480)="$eJzs3bFrJFUYAPBvNpPZVYtNYSWCA1pYHeZamw1yB2IqjxRqocHLgWSCkEDAU1yvsrWxsPAvEAT/EBv/A8FWsPOEg5GZndmZvay7l+M2ovn9mnz75n3fvPf2hUyKffvRyyfHd/O49+CLX2MUSQwmMYmHSezEIFpfxYLJNwEA/Jc9LMv4o5xZdn34D3lJRIw2OzQAYEPW/f2fSbvwpysZFgCwQXfee/+dvf39W+/m+Shun3x9flD9Z1/9nF3fuxefRBFH8UaM41FE/aCwHfXTQhXeLstymuaVnXjtZHp+UGWefPhzU3/v94g6fzfGsVM3zZ826vy392/t5jO9/Gk1jueb+0+q/JsxjhfnyUlbqMq/uSQ/DrJ4/dXe+G/EOH75OD6NIu7WuV3+l7t5/lb57Z+ff1BVrfKT6fnBsO7XKbeu9p0BAAAAAAAAAAAAAAAAAAAAAOD/7EZzds4w6vN7qqbm/J2tR9WL7chbO4vn88zyk7ZQ/3ygsiynZXxfn6+TJAsdu/w0Xkr7BwsCAAAAAAAAAAAAAAAAAADA9XX22f3jw6I4On0mQXsaQBoRf92JeNo6k17LK9EEgyYYNTdp+gybl4dFMWjCxYJpvyW22j5JRNdn1pb0Wu5Xk3ja1UjjUnN/7sKYm+CHHy9799H6PtvL7/Usg3Z3HR8my9dwGG3LqFmo77KIosiaDZnFE94re7ylHFd1jk7L7i1od8iKOtnSS+O1M20nOq/zQh1MV2RFsmpvvPnbQsHk8Y2U1as6X+dRdAu13QT98SzujSfaz1XN+jflgsRpHQAAAAAAAAAAAAAAAAAAsFHdp3/j4pfxP1iZOiiHmxwZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFyd7vv/LxFMm+Sj07N0TecsTs/+5SkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwDfwdAAD//9/WQ0s=")
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000840)={0x4, 0x5, 0x8003, 0xd, 0x2, 0x1565, 0x1, 0x2cbc}, &(0x7f0000000980)=0x20)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
preadv(r3, &(0x7f0000000000)=[{&(0x7f0000000080)=""/242, 0xf2}], 0x1, 0x2, 0x2)
syz_open_dev$usbfs(&(0x7f0000000000), 0xc, 0x101301)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r5, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001"], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x4f, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000380), &(0x7f00000003c0)=r6}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000002000000e27f000001"], 0x48)
faccessat2(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x5, 0x300)

80.152659ms ago: executing program 2 (id=5166):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x0)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=ANY=[], 0xa0}}, 0x0)
r6 = socket(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000540)=0x7, 0x4)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file2\x00', 0x187842, 0x0)
r9 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
fallocate(r9, 0x0, 0x0, 0x1001f0)
fallocate(r9, 0x3, 0x9, 0x10000)
copy_file_range(r9, 0x0, r9, 0x0, 0x1000, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r8, 0xc028660f, &(0x7f0000000240)={0x3920e, r7, 0x3, 0x1, 0x5})
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmmsg(r6, &(0x7f0000000000), 0x4000000000001f2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r5}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newqdisc={0x58, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xf30, 0x1, 0x9, 0x1ff, 0x80, 0x7, 0x9, 0x3, 0x1}}}}]}, 0x58}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@gettclass={0x24, 0x2a, 0x1, 0xff81, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {}, {0x0, 0xc}}}, 0x24}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000000020200ddb1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000ca0000009500000000000000"], &(0x7f0000000400)='GPL\x00', 0x1, 0x3, &(0x7f0000000440)=""/224, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

47.616389ms ago: executing program 0 (id=5167):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018020000", @ANYRES32, @ANYBLOB="00000000000000006600020000000000180000000000000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

0s ago: executing program 0 (id=5168):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000001340)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000) (fail_nth: 2)

kernel console output (not intermixed with test programs):

0) rhport(0) sockfd(9)
[  412.980275][T26308] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  412.987987][T26308] vhci_hcd vhci_hcd.0: Device attached
[  413.000886][T26306] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4579'.
[  413.185877][T26310] vhci_hcd: connection closed
[  413.198074][T17021] vhci_hcd: stop threads
[  413.207132][T17021] vhci_hcd: release socket
[  413.211618][T17021] vhci_hcd: disconnect device
[  413.237297][ T3396] usb 1-1: new low-speed USB device number 17 using vhci_hcd
[  413.244826][ T3396] usb 1-1: enqueue for inactive port 0
[  413.269205][ T3396] usb 1-1: enqueue for inactive port 0
[  413.276414][ T3396] usb 1-1: enqueue for inactive port 0
[  413.343911][T26352] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4584'.
[  413.357471][ T3396] vhci_hcd: vhci_device speed not set
[  413.372556][T26354] macvtap1: entered allmulticast mode
[  413.377998][T26354] veth0_macvtap: entered allmulticast mode
[  413.699714][T26393] netlink: 'syz.6.4585': attribute type 1 has an invalid length.
[  413.719707][T17415] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.737881][T26393] netlink: 52 bytes leftover after parsing attributes in process `syz.6.4585'.
[  413.795385][T26405] sg_write: data in/out 512/1 bytes for SCSI command 0xb7-- guessing data in;
[  413.795385][T26405]    program syz.6.4587 not setting count and/or reply_len properly
[  413.925371][T26423] loop6: detected capacity change from 0 to 512
[  413.932239][T26423] EXT4-fs: Ignoring removed nomblk_io_submit option
[  413.939076][T26423] EXT4-fs: Ignoring removed mblk_io_submit option
[  413.948527][T26421] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4590'.
[  413.969213][T26423] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[  413.982789][T26423] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[  414.002381][T26423] EXT4-fs (loop6): 1 truncate cleaned up
[  414.017826][T26423] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  414.063738][T26423] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  414.216212][T26450] loop5: detected capacity change from 0 to 256
[  414.224062][T26450] FAT-fs (loop5): bogus sectors per cluster 0
[  414.230236][T26450] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; no bootstrapping code
[  414.240121][T26450] FAT-fs (loop5): Can't find a valid FAT filesystem
[  414.421889][T26457] loop2: detected capacity change from 0 to 256
[  414.430391][T26457] FAT-fs (loop2): bogus sectors per cluster 0
[  414.436733][T26457] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; no bootstrapping code
[  414.445919][T26457] FAT-fs (loop2): Can't find a valid FAT filesystem
[  414.723310][T18396] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  414.773109][   T29] kauditd_printk_skb: 149 callbacks suppressed
[  414.773162][   T29] audit: type=1326 audit(1748469420.025:34985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26465 comm="syz.1.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ed8be969 code=0x7ffc0000
[  414.833345][   T29] audit: type=1326 audit(1748469420.055:34986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26465 comm="syz.1.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f44ed8be969 code=0x7ffc0000
[  414.857054][   T29] audit: type=1326 audit(1748469420.055:34987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26465 comm="syz.1.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ed8be969 code=0x7ffc0000
[  414.880841][   T29] audit: type=1326 audit(1748469420.055:34988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26465 comm="syz.1.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f44ed8be969 code=0x7ffc0000
[  414.904452][   T29] audit: type=1326 audit(1748469420.055:34989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26465 comm="syz.1.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ed8be969 code=0x7ffc0000
[  414.928275][   T29] audit: type=1326 audit(1748469420.055:34990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26465 comm="syz.1.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f44ed8be969 code=0x7ffc0000
[  414.951906][   T29] audit: type=1326 audit(1748469420.055:34991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26465 comm="syz.1.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ed8be969 code=0x7ffc0000
[  414.975610][   T29] audit: type=1326 audit(1748469420.055:34992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26465 comm="syz.1.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f44ed8be969 code=0x7ffc0000
[  414.999513][   T29] audit: type=1326 audit(1748469420.055:34993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26465 comm="syz.1.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ed8be969 code=0x7ffc0000
[  415.023136][   T29] audit: type=1326 audit(1748469420.055:34994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26465 comm="syz.1.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44ed8be969 code=0x7ffc0000
[  415.091578][T26473] netlink: 'syz.0.4599': attribute type 1 has an invalid length.
[  415.113862][T26473] netlink: 52 bytes leftover after parsing attributes in process `syz.0.4599'.
[  415.128808][T26466] loop1: detected capacity change from 0 to 512
[  415.156398][T26466] EXT4-fs: Ignoring removed mblk_io_submit option
[  415.173405][T26466] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  415.201977][T26476] loop0: detected capacity change from 0 to 4096
[  415.213619][T26476] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  415.236375][T26466] EXT4-fs (loop1): 1 truncate cleaned up
[  415.263422][T26466] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  415.293783][T17415] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  415.322082][T26481] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4601'.
[  415.369992][T26484] sg_write: data in/out 512/1 bytes for SCSI command 0xb7-- guessing data in;
[  415.369992][T26484]    program syz.0.4602 not setting count and/or reply_len properly
[  415.391314][T26466] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  415.398038][T26466] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  415.406256][T26466] vhci_hcd vhci_hcd.0: Device attached
[  415.430899][T26482] vhci_hcd: connection closed
[  415.431144][   T35] vhci_hcd: stop threads
[  415.440845][   T35] vhci_hcd: release socket
[  415.445298][   T35] vhci_hcd: disconnect device
[  415.459978][T26491] netlink: 'syz.0.4604': attribute type 13 has an invalid length.
[  415.472823][T26491] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  415.676876][T26513] loop6: detected capacity change from 0 to 512
[  415.709706][T26513] EXT4-fs warning (device loop6): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  415.743421][T26513] EXT4-fs (loop6): mount failed
[  415.942333][T18517] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  416.034426][T26562] loop1: detected capacity change from 0 to 512
[  416.051453][T26562] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  416.065472][T26562] ext4 filesystem being mounted at /280/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  416.083881][T26562] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4610'.
[  416.143745][T18517] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  416.303380][T26584] loop2: detected capacity change from 0 to 4096
[  416.324420][T26584] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  416.460500][T17500] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  416.720605][T26598] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4615'.
[  416.888526][T26614] FAULT_INJECTION: forcing a failure.
[  416.888526][T26614] name failslab, interval 1, probability 0, space 0, times 0
[  416.901268][T26614] CPU: 0 UID: 0 PID: 26614 Comm: syz.2.4617 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  416.901304][T26614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  416.901391][T26614] Call Trace:
[  416.901399][T26614]  <TASK>
[  416.901407][T26614]  __dump_stack+0x1d/0x30
[  416.901476][T26614]  dump_stack_lvl+0xe8/0x140
[  416.901504][T26614]  dump_stack+0x15/0x1b
[  416.901544][T26614]  should_fail_ex+0x265/0x280
[  416.901577][T26614]  ? selinux_bpf_prog_load+0x36/0xf0
[  416.901653][T26614]  should_failslab+0x8c/0xb0
[  416.901673][T26614]  __kmalloc_cache_noprof+0x4c/0x320
[  416.901710][T26614]  selinux_bpf_prog_load+0x36/0xf0
[  416.901739][T26614]  security_bpf_prog_load+0x54/0xa0
[  416.901826][T26614]  bpf_prog_load+0xe6b/0x1070
[  416.901852][T26614]  ? security_bpf+0x2b/0x90
[  416.901934][T26614]  __sys_bpf+0x51d/0x790
[  416.901974][T26614]  __x64_sys_bpf+0x41/0x50
[  416.902012][T26614]  x64_sys_call+0x2478/0x2fb0
[  416.902119][T26614]  do_syscall_64+0xd2/0x200
[  416.902153][T26614]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  416.902215][T26614]  ? clear_bhb_loop+0x40/0x90
[  416.902245][T26614]  ? clear_bhb_loop+0x40/0x90
[  416.902269][T26614]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  416.902333][T26614] RIP: 0033:0x7f5bc524e969
[  416.902352][T26614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  416.902371][T26614] RSP: 002b:00007f5bc38b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  416.902390][T26614] RAX: ffffffffffffffda RBX: 00007f5bc5475fa0 RCX: 00007f5bc524e969
[  416.902403][T26614] RDX: 0000000000000080 RSI: 0000200000000040 RDI: 0000000000000005
[  416.902415][T26614] RBP: 00007f5bc38b7090 R08: 0000000000000000 R09: 0000000000000000
[  416.902484][T26614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  416.902520][T26614] R13: 0000000000000001 R14: 00007f5bc5475fa0 R15: 00007ffe28b46ec8
[  416.902540][T26614]  </TASK>
[  417.415126][T26622] loop2: detected capacity change from 0 to 512
[  417.449831][T26622] EXT4-fs: Ignoring removed mblk_io_submit option
[  417.464565][T26622] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  417.513368][T26622] EXT4-fs (loop2): 1 truncate cleaned up
[  417.538872][T26622] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  417.670176][T26622] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  417.676831][T26622] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  417.690492][T26622] vhci_hcd vhci_hcd.0: Device attached
[  417.796882][T26673] netlink: 96 bytes leftover after parsing attributes in process `syz.5.4629'.
[  417.800223][T26666] vhci_hcd: connection closed
[  417.806318][T17018] vhci_hcd: stop threads
[  417.816059][T17018] vhci_hcd: release socket
[  417.820598][T17018] vhci_hcd: disconnect device
[  417.845095][T26675] sg_write: data in/out 512/1 bytes for SCSI command 0xb7-- guessing data in;
[  417.845095][T26675]    program syz.5.4630 not setting count and/or reply_len properly
[  417.887536][ T3394] vhci_hcd: vhci_device speed not set
[  417.964638][T26683] loop5: detected capacity change from 0 to 512
[  417.980308][T26683] EXT4-fs warning (device loop5): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  417.996605][T26683] EXT4-fs (loop5): mount failed
[  418.107944][T26697] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4640'.
[  418.292282][T26701] loop0: detected capacity change from 0 to 4096
[  418.312080][T26701] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  418.357783][T17415] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  418.512095][T17500] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  418.581858][T26714] loop0: detected capacity change from 0 to 512
[  418.605286][T26714] ext4: Unknown parameter 'dont_appraise'
[  418.684480][T26719] 9pnet_fd: Insufficient options for proto=fd
[  418.755694][T26722] loop2: detected capacity change from 0 to 164
[  418.790699][T26722] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13160 sclass=netlink_route_socket pid=26722 comm=syz.2.4648
[  418.837053][T26722] iso9660: Corrupted directory entry in block 4 of inode 1792
[  419.090532][T26725] loop2: detected capacity change from 0 to 512
[  419.125037][T26725] EXT4-fs warning (device loop2): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  419.205323][T26725] EXT4-fs (loop2): mount failed
[  419.309016][T26732] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4652'.
[  419.393147][T26738] loop2: detected capacity change from 0 to 512
[  419.432215][T26738] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  419.463162][T26738] ext4 filesystem being mounted at /364/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  419.515221][T26738] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4654'.
[  419.574129][T26748] loop5: detected capacity change from 0 to 4096
[  419.588856][T26748] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  419.608632][T17500] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  419.634114][T15798] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  419.683477][T26759] loop5: detected capacity change from 0 to 164
[  419.706553][T26759] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13160 sclass=netlink_route_socket pid=26759 comm=syz.5.4660
[  419.735388][T26759] iso9660: Corrupted directory entry in block 4 of inode 1792
[  419.911578][T26762] loop5: detected capacity change from 0 to 256
[  419.928545][T26762] FAT-fs (loop5): bogus sectors per cluster 0
[  419.934669][T26762] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; no bootstrapping code
[  419.943942][T26762] FAT-fs (loop5): Can't find a valid FAT filesystem
[  420.249986][T26767] loop0: detected capacity change from 0 to 512
[  420.268768][T26767] ext4: Unknown parameter 'dont_appraise'
[  420.487174][   T29] kauditd_printk_skb: 127 callbacks suppressed
[  420.487191][   T29] audit: type=1326 audit(1748469425.735:35119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26755 comm="syz.2.4658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bc524e969 code=0x7fc00000
[  420.788747][   T29] audit: type=1326 audit(1748469426.045:35120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26776 comm="syz.5.4668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe80edde969 code=0x7ffc0000
[  420.813169][   T29] audit: type=1326 audit(1748469426.045:35121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26776 comm="syz.5.4668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe80edde969 code=0x7ffc0000
[  420.837552][   T29] audit: type=1326 audit(1748469426.045:35122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26776 comm="syz.5.4668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe80edde969 code=0x7ffc0000
[  420.861946][   T29] audit: type=1326 audit(1748469426.045:35123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26776 comm="syz.5.4668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe80edde969 code=0x7ffc0000
[  420.928019][T26781] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4667'.
[  420.997289][   T29] audit: type=1326 audit(1748469426.145:35124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26776 comm="syz.5.4668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe80edde969 code=0x7ffc0000
[  421.021675][   T29] audit: type=1326 audit(1748469426.145:35125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26776 comm="syz.5.4668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe80edde969 code=0x7ffc0000
[  421.045990][   T29] audit: type=1326 audit(1748469426.145:35126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26776 comm="syz.5.4668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe80edde969 code=0x7ffc0000
[  421.070280][   T29] audit: type=1326 audit(1748469426.145:35127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26776 comm="syz.5.4668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe80edde969 code=0x7ffc0000
[  421.094769][   T29] audit: type=1326 audit(1748469426.145:35128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26776 comm="syz.5.4668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe80edde969 code=0x7ffc0000
[  421.185282][T26777] loop5: detected capacity change from 0 to 512
[  421.222808][T26777] EXT4-fs: Ignoring removed mblk_io_submit option
[  421.247065][T26777] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  421.503073][T26777] EXT4-fs (loop5): 1 truncate cleaned up
[  421.514996][T26787] loop6: detected capacity change from 0 to 4096
[  421.525935][T26787] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  421.561077][T26777] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  421.605681][T18396] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  421.669570][T26794] loop6: detected capacity change from 0 to 164
[  421.691927][T26791] 9pnet: Could not find request transport: fd0x0000000000000004
[  421.702190][T26794] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13160 sclass=netlink_route_socket pid=26794 comm=syz.6.4671
[  421.720062][T26794] iso9660: Corrupted directory entry in block 4 of inode 1792
[  421.730072][T26795] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(11)
[  421.736773][T26795] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  421.744311][T26795] vhci_hcd vhci_hcd.0: Device attached
[  421.835309][T26796] vhci_hcd: connection closed
[  421.835654][T17028] vhci_hcd: stop threads
[  421.844736][T17028] vhci_hcd: release socket
[  421.849188][T17028] vhci_hcd: disconnect device
[  421.883103][T26812] loop2: detected capacity change from 0 to 512
[  421.890471][T26812] ext4: Unknown parameter 'dont_appraise'
[  421.987998][T26810] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4676'.
[  421.995634][T26815] loop6: detected capacity change from 0 to 256
[  422.013640][T26815] FAT-fs (loop6): bogus sectors per cluster 0
[  422.019867][T26815] FAT-fs (loop6): This doesn't look like a DOS 1.x volume; no bootstrapping code
[  422.029761][T26815] FAT-fs (loop6): Can't find a valid FAT filesystem
[  422.156478][T26824] loop0: detected capacity change from 0 to 1024
[  422.180534][T26824] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  422.198772][T26824] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz.0.4681: Allocating blocks 497-513 which overlap fs metadata
[  422.219294][T26824] EXT4-fs (loop0): pa ffff888106de5620: logic 16, phys. 145, len 23
[  422.228090][T26824] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  422.243191][T26824] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[  422.256288][T26824] EXT4-fs (loop0): This should not happen!! Data will be lost
[  422.256288][T26824] 
[  422.266025][T26824] EXT4-fs (loop0): Total free blocks count 0
[  422.272741][T26824] EXT4-fs (loop0): Free/Dirty block details
[  422.278770][T26824] EXT4-fs (loop0): free_blocks=16
[  422.283802][T26824] EXT4-fs (loop0): dirty_blocks=0
[  422.289581][T26824] EXT4-fs (loop0): Block reservation details
[  422.295584][T26824] EXT4-fs (loop0): i_reserved_data_blocks=0
[  422.323496][T26824] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  422.323496][T26824]    program syz.0.4681 not setting count and/or reply_len properly
[  422.342921][T26824] pim6reg1: entered promiscuous mode
[  422.348978][T26824] pim6reg1: entered allmulticast mode
[  422.357340][T15798] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  422.398219][T26834] 9pnet: Could not find request transport: fd0x0000000000000004
[  422.603953][T26848] loop0: detected capacity change from 0 to 164
[  422.644175][T26848] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13160 sclass=netlink_route_socket pid=26848 comm=syz.0.4688
[  422.658966][T26848] iso9660: Corrupted directory entry in block 4 of inode 1792
[  422.781044][T26856] loop1: detected capacity change from 0 to 512
[  422.841959][T26856] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  422.869009][T26860] loop0: detected capacity change from 0 to 512
[  422.922504][T26856] EXT4-fs (loop1): mount failed
[  422.952653][T26860] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  422.973723][T26865] 9pnet: Could not find request transport: fd0x0000000000000004
[  423.000391][T26860] ext4 filesystem being mounted at /390/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  423.034065][T26860] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4693'.
[  423.076598][T17415] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  423.266227][T26883] SELinux:  policydb magic number 0x3 does not match expected magic number 0xf97cff8c
[  423.315340][T26883] SELinux: failed to load policy
[  423.482913][T26902] loop5: detected capacity change from 0 to 512
[  423.499172][T26902] EXT4-fs warning (device loop5): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  423.514046][T26902] EXT4-fs (loop5): mount failed
[  423.517039][T26906] bridge: RTM_NEWNEIGH with invalid ether address
[  423.554027][T26910] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4710'.
[  423.584746][T26915] netlink: 96 bytes leftover after parsing attributes in process `syz.5.4712'.
[  423.742849][T26922] loop0: detected capacity change from 0 to 512
[  423.761189][T26922] EXT4-fs: Ignoring removed mblk_io_submit option
[  423.802304][T26922] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  423.865297][T26922] EXT4-fs (loop0): 1 truncate cleaned up
[  423.893123][T26922] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  423.978243][T26922] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11)
[  423.984886][T26922] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  423.992764][T26922] vhci_hcd vhci_hcd.0: Device attached
[  424.080316][T26938] netlink: 'syz.1.4720': attribute type 13 has an invalid length.
[  424.091990][T26938] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  424.137042][T26930] vhci_hcd: connection closed
[  424.137179][T17022] vhci_hcd: stop threads
[  424.146991][T17022] vhci_hcd: release socket
[  424.151457][T17022] vhci_hcd: disconnect device
[  424.156921][T26936] loop6: detected capacity change from 0 to 4096
[  424.185395][T26940] loop1: detected capacity change from 0 to 512
[  424.187305][   T37] vhci_hcd: vhci_device speed not set
[  424.200107][T26936] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  424.214606][T26940] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  424.232031][T26940] EXT4-fs (loop1): mount failed
[  424.266010][T26945] netlink: 96 bytes leftover after parsing attributes in process `syz.1.4722'.
[  424.275851][T18396] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  424.308056][T26948] netlink: 96 bytes leftover after parsing attributes in process `syz.1.4724'.
[  424.327084][T26949] sg_write: data in/out 512/1 bytes for SCSI command 0xb7-- guessing data in;
[  424.327084][T26949]    program syz.6.4723 not setting count and/or reply_len properly
[  424.405947][T26954] netlink: 96 bytes leftover after parsing attributes in process `syz.6.4726'.
[  424.407949][T26956] loop1: detected capacity change from 0 to 164
[  424.425815][T26956] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13160 sclass=netlink_route_socket pid=26956 comm=syz.1.4727
[  424.441685][T26956] iso9660: Corrupted directory entry in block 4 of inode 1792
[  424.572042][T26959] loop5: detected capacity change from 0 to 512
[  424.580388][T26959] ext4: Unknown parameter 'dont_appraise'
[  424.663072][T17415] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  424.684855][T26966] loop2: detected capacity change from 0 to 512
[  424.691687][T26966] EXT4-fs: Ignoring removed nomblk_io_submit option
[  424.700869][T26961] loop1: detected capacity change from 0 to 512
[  424.702900][T26966] EXT4-fs: Ignoring removed mblk_io_submit option
[  424.730240][T26961] EXT4-fs: Ignoring removed mblk_io_submit option
[  424.748142][T26961] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  424.760870][T26966] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  424.775579][T26966] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  424.793899][T26961] EXT4-fs (loop1): 1 truncate cleaned up
[  424.918406][T26966] EXT4-fs (loop2): 1 truncate cleaned up
[  424.924586][T26966] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  424.964748][T26966] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  424.991562][T26961] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  425.026270][T26974] netlink: 'syz.5.4732': attribute type 13 has an invalid length.
[  425.037484][T26974] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  425.106643][T26961] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  425.113289][T26961] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  425.131793][T26978] loop5: detected capacity change from 0 to 512
[  425.137656][T26961] vhci_hcd vhci_hcd.0: Device attached
[  425.159724][T26975] vhci_hcd: connection closed
[  425.159934][   T12] vhci_hcd: stop threads
[  425.168980][   T12] vhci_hcd: release socket
[  425.173405][   T12] vhci_hcd: disconnect device
[  425.180788][T26978] EXT4-fs warning (device loop5): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  425.196126][T26978] EXT4-fs (loop5): mount failed
[  425.295770][T26989] sg_write: data in/out 512/1 bytes for SCSI command 0xb7-- guessing data in;
[  425.295770][T26989]    program syz.5.4737 not setting count and/or reply_len properly
[  425.481117][T17500] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  425.515505][   T29] kauditd_printk_skb: 185 callbacks suppressed
[  425.515524][   T29] audit: type=1326 audit(1748469430.765:35310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26996 comm="syz.2.4741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  425.525589][T26999] netlink: 'syz.6.4742': attribute type 1 has an invalid length.
[  425.555782][   T29] audit: type=1326 audit(1748469430.765:35311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26996 comm="syz.2.4741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  425.580232][   T29] audit: type=1326 audit(1748469430.805:35312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26996 comm="syz.2.4741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  425.598418][T26999] 8021q: adding VLAN 0 to HW filter on device bond1
[  425.604750][   T29] audit: type=1326 audit(1748469430.805:35313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26996 comm="syz.2.4741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  425.634915][   T29] audit: type=1326 audit(1748469430.805:35314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26996 comm="syz.2.4741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  425.641351][T27003] bond1: (slave veth0_to_bond): Enslaving as an active interface with a down link
[  425.659332][   T29] audit: type=1326 audit(1748469430.805:35315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26996 comm="syz.2.4741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  425.692217][   T29] audit: type=1326 audit(1748469430.805:35316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26996 comm="syz.2.4741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  425.716634][   T29] audit: type=1326 audit(1748469430.805:35317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26996 comm="syz.2.4741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  425.740862][   T29] audit: type=1326 audit(1748469430.805:35318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26996 comm="syz.2.4741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  425.765182][   T29] audit: type=1326 audit(1748469430.805:35319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26996 comm="syz.2.4741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  425.810349][T18517] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  425.883964][T27011] loop1: detected capacity change from 0 to 512
[  425.894340][T27013] loop2: detected capacity change from 0 to 164
[  425.919794][T27013] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13160 sclass=netlink_route_socket pid=27013 comm=syz.2.4746
[  425.949582][T27013] iso9660: Corrupted directory entry in block 4 of inode 1792
[  426.000364][T27011] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  426.009769][T27022] sg_write: data in/out 512/1 bytes for SCSI command 0xb7-- guessing data in;
[  426.009769][T27022]    program syz.0.4749 not setting count and/or reply_len properly
[  426.035515][T27011] EXT4-fs (loop1): mount failed
[  426.321720][T27057] netlink: 'syz.2.4753': attribute type 13 has an invalid length.
[  426.361056][T27057] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  426.541260][T27062] loop0: detected capacity change from 0 to 512
[  426.599888][T27062] EXT4-fs: Ignoring removed mblk_io_submit option
[  426.618050][T27062] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  426.734311][T27062] EXT4-fs (loop0): 1 truncate cleaned up
[  426.802399][T27094] SELinux:  policydb magic number 0x3 does not match expected magic number 0xf97cff8c
[  426.845291][T27094] SELinux: failed to load policy
[  426.883209][T27062] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  427.310208][T27062] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11)
[  427.316902][T27062] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  427.327076][T27062] vhci_hcd vhci_hcd.0: Device attached
[  427.364217][T27121] vhci_hcd: connection closed
[  427.364562][  T165] vhci_hcd: stop threads
[  427.373806][  T165] vhci_hcd: release socket
[  427.378332][  T165] vhci_hcd: disconnect device
[  427.645875][T27170] loop1: detected capacity change from 0 to 164
[  427.654408][T27170] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13160 sclass=netlink_route_socket pid=27170 comm=syz.1.4762
[  427.669352][T27170] iso9660: Corrupted directory entry in block 4 of inode 1792
[  427.879186][T17415] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  427.924193][T27180] loop0: detected capacity change from 0 to 512
[  427.931038][T27180] ext4: Unknown parameter 'dont_appraise'
[  428.336939][T27192] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4770'.
[  428.458868][T27203] loop2: detected capacity change from 0 to 164
[  428.478795][T27204] loop0: detected capacity change from 0 to 512
[  428.485627][T27204] EXT4-fs: Ignoring removed nomblk_io_submit option
[  428.494087][T27204] EXT4-fs: Ignoring removed mblk_io_submit option
[  428.496961][T27203] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13160 sclass=netlink_route_socket pid=27203 comm=syz.2.4773
[  428.547333][T27204] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  428.555457][T27204] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[  428.558841][T27203] iso9660: Corrupted directory entry in block 4 of inode 1792
[  428.580676][T27204] EXT4-fs (loop0): 1 truncate cleaned up
[  428.590557][T27204] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  428.684001][T27204] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  428.909645][T27219] netlink: 'syz.2.4779': attribute type 13 has an invalid length.
[  428.926923][T27219] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  428.951254][T27221] loop5: detected capacity change from 0 to 512
[  428.970462][T27221] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  428.992814][T27221] ext4 filesystem being mounted at /453/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  429.007916][T27231] loop2: detected capacity change from 0 to 256
[  429.010237][T27221] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4780'.
[  429.014986][T27231] FAT-fs (loop2): bogus sectors per cluster 0
[  429.029592][T27231] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; no bootstrapping code
[  429.038853][T27231] FAT-fs (loop2): Can't find a valid FAT filesystem
[  429.061706][T15798] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  429.084094][T27233] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4785'.
[  429.154193][T27245] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4789'.
[  429.259992][T17415] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  429.875856][T27265] FAULT_INJECTION: forcing a failure.
[  429.875856][T27265] name failslab, interval 1, probability 0, space 0, times 0
[  429.888540][T27265] CPU: 0 UID: 0 PID: 27265 Comm: syz.2.4796 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  429.888576][T27265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  429.888594][T27265] Call Trace:
[  429.888603][T27265]  <TASK>
[  429.888613][T27265]  __dump_stack+0x1d/0x30
[  429.888688][T27265]  dump_stack_lvl+0xe8/0x140
[  429.888714][T27265]  dump_stack+0x15/0x1b
[  429.888737][T27265]  should_fail_ex+0x265/0x280
[  429.888776][T27265]  should_failslab+0x8c/0xb0
[  429.888884][T27265]  kmem_cache_alloc_node_noprof+0x57/0x320
[  429.888990][T27265]  ? __alloc_skb+0x101/0x320
[  429.889022][T27265]  __alloc_skb+0x101/0x320
[  429.889046][T27265]  netlink_alloc_large_skb+0xba/0xf0
[  429.889072][T27265]  netlink_sendmsg+0x3cf/0x6b0
[  429.889186][T27265]  ? __pfx_netlink_sendmsg+0x10/0x10
[  429.889220][T27265]  __sock_sendmsg+0x145/0x180
[  429.889260][T27265]  ____sys_sendmsg+0x31e/0x4e0
[  429.889323][T27265]  ___sys_sendmsg+0x17b/0x1d0
[  429.889373][T27265]  __x64_sys_sendmsg+0xd4/0x160
[  429.889413][T27265]  x64_sys_call+0x2999/0x2fb0
[  429.889459][T27265]  do_syscall_64+0xd2/0x200
[  429.889604][T27265]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  429.889639][T27265]  ? clear_bhb_loop+0x40/0x90
[  429.889735][T27265]  ? clear_bhb_loop+0x40/0x90
[  429.889764][T27265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  429.889792][T27265] RIP: 0033:0x7f5bc524e969
[  429.889818][T27265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  429.889840][T27265] RSP: 002b:00007f5bc38b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  429.889880][T27265] RAX: ffffffffffffffda RBX: 00007f5bc5475fa0 RCX: 00007f5bc524e969
[  429.889897][T27265] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[  429.889912][T27265] RBP: 00007f5bc38b7090 R08: 0000000000000000 R09: 0000000000000000
[  429.889927][T27265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  429.889944][T27265] R13: 0000000000000000 R14: 00007f5bc5475fa0 R15: 00007ffe28b46ec8
[  429.889970][T27265]  </TASK>
[  430.183084][T27273] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4800'.
[  430.183684][T27275] sg_write: data in/out 512/1 bytes for SCSI command 0xb7-- guessing data in;
[  430.183684][T27275]    program syz.1.4801 not setting count and/or reply_len properly
[  430.277836][T27279] netlink: 'syz.6.4804': attribute type 1 has an invalid length.
[  430.286105][T27279] netlink: 52 bytes leftover after parsing attributes in process `syz.6.4804'.
[  430.330280][T27289] loop6: detected capacity change from 0 to 512
[  430.349084][T27289] EXT4-fs warning (device loop6): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  430.364046][T27289] EXT4-fs (loop6): mount failed
[  430.531849][T27306] sg_write: data in/out 512/1 bytes for SCSI command 0xb7-- guessing data in;
[  430.531849][T27306]    program syz.0.4813 not setting count and/or reply_len properly
[  431.182517][T27311] loop5: detected capacity change from 0 to 512
[  431.191301][T27311] ext4: Unknown parameter 'dont_appraise'
[  431.213813][   T29] kauditd_printk_skb: 210 callbacks suppressed
[  431.213832][   T29] audit: type=1326 audit(1748469436.465:35528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27312 comm="syz.6.4815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  431.264800][   T29] audit: type=1326 audit(1748469436.495:35529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27312 comm="syz.6.4815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  431.288720][   T29] audit: type=1326 audit(1748469436.495:35530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27312 comm="syz.6.4815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  431.312500][   T29] audit: type=1326 audit(1748469436.495:35531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27312 comm="syz.6.4815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  431.336267][   T29] audit: type=1326 audit(1748469436.495:35532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27312 comm="syz.6.4815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  431.360085][   T29] audit: type=1326 audit(1748469436.495:35533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27312 comm="syz.6.4815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  431.383906][   T29] audit: type=1326 audit(1748469436.495:35534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27312 comm="syz.6.4815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  431.407531][   T29] audit: type=1326 audit(1748469436.495:35535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27312 comm="syz.6.4815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  431.431149][   T29] audit: type=1326 audit(1748469436.495:35536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27312 comm="syz.6.4815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  431.454706][   T29] audit: type=1326 audit(1748469436.495:35537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27312 comm="syz.6.4815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  431.499210][T27316] netlink: 96 bytes leftover after parsing attributes in process `syz.1.4818'.
[  431.525031][T27320] netlink: 'syz.6.4819': attribute type 1 has an invalid length.
[  431.533682][T27320] netlink: 52 bytes leftover after parsing attributes in process `syz.6.4819'.
[  431.574798][T27322] loop0: detected capacity change from 0 to 512
[  431.603222][T27322] EXT4-fs warning (device loop0): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  431.627841][T27334] sg_write: data in/out 512/1 bytes for SCSI command 0xb7-- guessing data in;
[  431.627841][T27334]    program syz.2.4824 not setting count and/or reply_len properly
[  431.652194][T27322] EXT4-fs (loop0): mount failed
[  431.696398][T27340] loop2: detected capacity change from 0 to 164
[  431.706864][T27340] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13160 sclass=netlink_route_socket pid=27340 comm=syz.2.4825
[  431.732725][T27339] loop0: detected capacity change from 0 to 512
[  431.771508][T27339] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  431.778148][T27345] iso9660: Corrupted directory entry in block 4 of inode 1792
[  431.794524][T27339] ext4 filesystem being mounted at /419/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  431.814598][T27339] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4826'.
[  431.872907][T27342] loop6: detected capacity change from 0 to 512
[  431.896696][T17415] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  431.912571][T27349] loop5: detected capacity change from 0 to 4096
[  431.921946][T27342] EXT4-fs: Ignoring removed mblk_io_submit option
[  431.921914][T27349] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  431.954710][T27342] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  431.975939][T15798] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  432.014264][T27342] EXT4-fs (loop6): 1 truncate cleaned up
[  432.055531][T27359] bridge0: port 1(macvlan2) entered blocking state
[  432.063155][T27359] bridge0: port 1(macvlan2) entered disabled state
[  432.070040][T27359] macvlan2: entered allmulticast mode
[  432.073026][T27342] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  432.075444][T27359] bridge0: entered allmulticast mode
[  432.097195][T27359] macvlan2: left allmulticast mode
[  432.103228][T27359] bridge0: left allmulticast mode
[  432.125843][T27342] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(11)
[  432.132545][T27342] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  432.145633][T27342] vhci_hcd vhci_hcd.0: Device attached
[  432.286149][T27362] vhci_hcd: connection closed
[  432.286441][T17035] vhci_hcd: stop threads
[  432.293354][T27369] sg_write: data in/out 512/1 bytes for SCSI command 0xb7-- guessing data in;
[  432.293354][T27369]    program syz.0.4836 not setting count and/or reply_len properly
[  432.295433][T17035] vhci_hcd: release socket
[  432.295451][T17035] vhci_hcd: disconnect device
[  432.319114][T27370] loop2: detected capacity change from 0 to 512
[  432.328333][   T37] vhci_hcd: vhci_device speed not set
[  432.372919][T27370] EXT4-fs warning (device loop2): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  432.398100][T27370] EXT4-fs (loop2): mount failed
[  432.414242][T27379] loop0: detected capacity change from 0 to 256
[  432.421272][T27379] FAT-fs (loop0): bogus sectors per cluster 0
[  432.428301][T27379] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; no bootstrapping code
[  432.437558][T27379] FAT-fs (loop0): Can't find a valid FAT filesystem
[  432.574639][T27387] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4842'.
[  432.658065][T27395] bond0 (unregistering): Released all slaves
[  432.800761][T18396] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  432.824839][T27407] tap0: tun_chr_ioctl cmd 1074025677
[  432.831350][T27407] tap0: linktype set to 805
[  432.858258][T27409] sg_write: data in/out 512/1 bytes for SCSI command 0xb7-- guessing data in;
[  432.858258][T27409]    program syz.2.4849 not setting count and/or reply_len properly
[  433.389112][T27418] __nla_validate_parse: 1 callbacks suppressed
[  433.389133][T27418] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4853'.
[  433.488142][T27421] loop0: detected capacity change from 0 to 512
[  433.494867][T27421] ext4: Unknown parameter 'dont_appraise'
[  433.590222][T27425] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4855'.
[  433.787920][T27434] FAULT_INJECTION: forcing a failure.
[  433.787920][T27434] name failslab, interval 1, probability 0, space 0, times 0
[  433.800776][T27434] CPU: 0 UID: 0 PID: 27434 Comm: syz.2.4858 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  433.800817][T27434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  433.800909][T27434] Call Trace:
[  433.800915][T27434]  <TASK>
[  433.800965][T27434]  __dump_stack+0x1d/0x30
[  433.800993][T27434]  dump_stack_lvl+0xe8/0x140
[  433.801016][T27434]  dump_stack+0x15/0x1b
[  433.801032][T27434]  should_fail_ex+0x265/0x280
[  433.801060][T27434]  ? flow_change+0x1bf/0xc80
[  433.801128][T27434]  should_failslab+0x8c/0xb0
[  433.801147][T27434]  __kmalloc_cache_noprof+0x4c/0x320
[  433.801201][T27434]  flow_change+0x1bf/0xc80
[  433.801231][T27434]  ? flow_init+0x31/0x80
[  433.801262][T27434]  ? __pfx_flow_change+0x10/0x10
[  433.801285][T27434]  tc_new_tfilter+0xde1/0x10a0
[  433.801387][T27434]  ? ns_capable+0x7d/0xb0
[  433.801414][T27434]  ? __pfx_tc_new_tfilter+0x10/0x10
[  433.801441][T27434]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  433.801541][T27434]  ? avc_has_perm_noaudit+0x1b1/0x200
[  433.801570][T27434]  netlink_rcv_skb+0x120/0x220
[  433.801595][T27434]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  433.801643][T27434]  rtnetlink_rcv+0x1c/0x30
[  433.801696][T27434]  netlink_unicast+0x59e/0x670
[  433.801724][T27434]  netlink_sendmsg+0x58b/0x6b0
[  433.801847][T27434]  ? __pfx_netlink_sendmsg+0x10/0x10
[  433.801881][T27434]  __sock_sendmsg+0x145/0x180
[  433.801924][T27434]  ____sys_sendmsg+0x31e/0x4e0
[  433.801953][T27434]  ___sys_sendmsg+0x17b/0x1d0
[  433.802003][T27434]  __x64_sys_sendmsg+0xd4/0x160
[  433.802043][T27434]  x64_sys_call+0x2999/0x2fb0
[  433.802079][T27434]  do_syscall_64+0xd2/0x200
[  433.802167][T27434]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  433.802198][T27434]  ? clear_bhb_loop+0x40/0x90
[  433.802219][T27434]  ? clear_bhb_loop+0x40/0x90
[  433.802311][T27434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  433.802357][T27434] RIP: 0033:0x7f5bc524e969
[  433.802385][T27434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  433.802408][T27434] RSP: 002b:00007f5bc38b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  433.802431][T27434] RAX: ffffffffffffffda RBX: 00007f5bc5475fa0 RCX: 00007f5bc524e969
[  433.802443][T27434] RDX: 0000000020000800 RSI: 0000200000006040 RDI: 0000000000000004
[  433.802506][T27434] RBP: 00007f5bc38b7090 R08: 0000000000000000 R09: 0000000000000000
[  433.802519][T27434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  433.802531][T27434] R13: 0000000000000000 R14: 00007f5bc5475fa0 R15: 00007ffe28b46ec8
[  433.802553][T27434]  </TASK>
[  434.082456][T27436] loop0: detected capacity change from 0 to 512
[  434.119617][T27436] EXT4-fs: Ignoring removed mblk_io_submit option
[  434.145927][T27436] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  434.214586][T27436] EXT4-fs (loop0): 1 truncate cleaned up
[  434.227803][T27436] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  434.257982][T27436] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11)
[  434.264602][T27436] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  434.272860][T27436] vhci_hcd vhci_hcd.0: Device attached
[  434.347099][T27440] vhci_hcd: connection closed
[  434.347217][T17001] vhci_hcd: stop threads
[  434.356228][T17001] vhci_hcd: release socket
[  434.360688][T17001] vhci_hcd: disconnect device
[  434.871706][T17415] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  434.890891][T27450] loop0: detected capacity change from 0 to 256
[  434.898600][T27450] FAT-fs (loop0): bogus sectors per cluster 0
[  434.904822][T27450] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; no bootstrapping code
[  434.914027][T27450] FAT-fs (loop0): Can't find a valid FAT filesystem
[  435.461030][T27469] loop1: detected capacity change from 0 to 512
[  435.465401][T27467] loop5: detected capacity change from 0 to 4096
[  435.468511][T27469] ext4: Unknown parameter 'dont_appraise'
[  435.481119][T27467] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  435.511888][T15798] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  435.572503][T27476] netlink: 256 bytes leftover after parsing attributes in process `syz.5.4871'.
[  435.731172][T27482] loop1: detected capacity change from 0 to 512
[  435.757850][T27482] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  435.772673][T27482] ext4 filesystem being mounted at /316/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  435.814060][T27482] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4872'.
[  435.861718][T27493] loop5: detected capacity change from 0 to 512
[  435.868396][T27493] EXT4-fs: Ignoring removed nomblk_io_submit option
[  435.875088][T27493] EXT4-fs: Ignoring removed mblk_io_submit option
[  435.882796][T18517] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  435.884050][T27493] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  435.900527][T27493] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2
[  435.911254][T27493] EXT4-fs (loop5): 1 truncate cleaned up
[  435.927614][T27493] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  435.988871][T27501] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4879'.
[  436.016294][T27493] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  436.095824][T27510] loop6: detected capacity change from 0 to 512
[  436.113904][T27510] ext4: Unknown parameter 'dont_appraise'
[  436.127756][T27514] loop2: detected capacity change from 0 to 256
[  436.135044][T27514] FAT-fs (loop2): bogus sectors per cluster 0
[  436.141918][T27514] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; no bootstrapping code
[  436.151195][T27514] FAT-fs (loop2): Can't find a valid FAT filesystem
[  436.562848][   T29] kauditd_printk_skb: 217 callbacks suppressed
[  436.562918][   T29] audit: type=1326 audit(1748469441.815:35753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27529 comm="syz.6.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  436.563268][T27530] FAULT_INJECTION: forcing a failure.
[  436.563268][T27530] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  436.582162][   T29] audit: type=1326 audit(1748469441.815:35754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27529 comm="syz.6.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc6dc66d2d0 code=0x7ffc0000
[  436.594326][T27530] CPU: 1 UID: 0 PID: 27530 Comm: syz.6.4888 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  436.594366][T27530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  436.594384][T27530] Call Trace:
[  436.594393][T27530]  <TASK>
[  436.594404][T27530]  __dump_stack+0x1d/0x30
[  436.594435][T27530]  dump_stack_lvl+0xe8/0x140
[  436.594501][T27530]  dump_stack+0x15/0x1b
[  436.594519][T27530]  should_fail_ex+0x265/0x280
[  436.594716][T27530]  should_fail+0xb/0x20
[  436.594752][T27530]  should_fail_usercopy+0x1a/0x20
[  436.594828][T27530]  strncpy_from_user+0x25/0x230
[  436.594970][T27530]  ? kmem_cache_alloc_noprof+0x186/0x310
[  436.595005][T27530]  ? getname_flags+0x80/0x3b0
[  436.595036][T27530]  getname_flags+0xae/0x3b0
[  436.595140][T27530]  __x64_sys_mknodat+0x4f/0x70
[  436.595253][T27530]  x64_sys_call+0x2355/0x2fb0
[  436.595341][T27530]  do_syscall_64+0xd2/0x200
[  436.595383][T27530]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  436.595421][T27530]  ? clear_bhb_loop+0x40/0x90
[  436.595451][T27530]  ? clear_bhb_loop+0x40/0x90
[  436.595488][T27530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  436.595571][T27530] RIP: 0033:0x7fc6dc66e969
[  436.595593][T27530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  436.595618][T27530] RSP: 002b:00007fc6dacd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000103
[  436.595645][T27530] RAX: ffffffffffffffda RBX: 00007fc6dc895fa0 RCX: 00007fc6dc66e969
[  436.595662][T27530] RDX: 0000000000001000 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  436.595745][T27530] RBP: 00007fc6dacd7090 R08: 0000000000000000 R09: 0000000000000000
[  436.595757][T27530] R10: 000000000000070d R11: 0000000000000246 R12: 0000000000000001
[  436.595769][T27530] R13: 0000000000000000 R14: 00007fc6dc895fa0 R15: 00007fff1a17cc28
[  436.595789][T27530]  </TASK>
[  436.817007][   T29] audit: type=1326 audit(1748469441.815:35755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27529 comm="syz.6.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc6dc66d41f code=0x7ffc0000
[  436.840542][   T29] audit: type=1326 audit(1748469441.815:35756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27529 comm="syz.6.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  436.854916][T27533] loop6: detected capacity change from 0 to 512
[  436.864384][   T29] audit: type=1326 audit(1748469441.865:35757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27529 comm="syz.6.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fc6dc66d37c code=0x7ffc0000
[  436.864457][   T29] audit: type=1326 audit(1748469441.865:35758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27529 comm="syz.6.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc6dc66d41f code=0x7ffc0000
[  436.864553][   T29] audit: type=1326 audit(1748469441.865:35759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27529 comm="syz.6.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc6dc66d5ca code=0x7ffc0000
[  436.864587][   T29] audit: type=1326 audit(1748469441.865:35760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27529 comm="syz.6.4888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  437.018371][T27533] ext4 filesystem being mounted at /330/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  437.058394][T27544] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  437.065894][T27541] loop2: detected capacity change from 0 to 2048
[  437.088350][T27532] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4889'.
[  437.111356][T27541] EXT4-fs (loop2): failed to initialize system zone (-117)
[  437.120355][T27541] EXT4-fs (loop2): mount failed
[  437.133034][T27541] loop2: detected capacity change from 0 to 512
[  437.148461][T27554] FAULT_INJECTION: forcing a failure.
[  437.148461][T27554] name failslab, interval 1, probability 0, space 0, times 0
[  437.161292][T27554] CPU: 1 UID: 0 PID: 27554 Comm: syz.6.4896 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  437.161332][T27554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  437.161356][T27554] Call Trace:
[  437.161364][T27554]  <TASK>
[  437.161385][T27554]  __dump_stack+0x1d/0x30
[  437.161413][T27554]  dump_stack_lvl+0xe8/0x140
[  437.161445][T27554]  dump_stack+0x15/0x1b
[  437.161503][T27554]  should_fail_ex+0x265/0x280
[  437.161544][T27554]  should_failslab+0x8c/0xb0
[  437.161567][T27554]  kmem_cache_alloc_noprof+0x50/0x310
[  437.161663][T27554]  ? security_file_alloc+0x32/0x100
[  437.161768][T27554]  security_file_alloc+0x32/0x100
[  437.161854][T27554]  init_file+0x5c/0x1d0
[  437.161883][T27554]  alloc_empty_file+0x8b/0x200
[  437.161953][T27554]  dentry_open+0x2d/0x90
[  437.161974][T27554]  pidfs_alloc_file+0x132/0x200
[  437.162056][T27554]  pidfd_prepare+0xc9/0x130
[  437.162081][T27554]  __se_sys_pidfd_open+0x133/0x280
[  437.162185][T27554]  __x64_sys_pidfd_open+0x31/0x40
[  437.162215][T27554]  x64_sys_call+0x2a5f/0x2fb0
[  437.162242][T27554]  do_syscall_64+0xd2/0x200
[  437.162326][T27554]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  437.162359][T27554]  ? clear_bhb_loop+0x40/0x90
[  437.162379][T27554]  ? clear_bhb_loop+0x40/0x90
[  437.162399][T27554]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.162419][T27554] RIP: 0033:0x7fc6dc66e969
[  437.162510][T27554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  437.162526][T27554] RSP: 002b:00007fc6dacd7028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2
[  437.162544][T27554] RAX: ffffffffffffffda RBX: 00007fc6dc895fa0 RCX: 00007fc6dc66e969
[  437.162555][T27554] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000358
[  437.162566][T27554] RBP: 00007fc6dacd7090 R08: 0000000000000000 R09: 0000000000000000
[  437.162630][T27554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  437.162640][T27554] R13: 0000000000000000 R14: 00007fc6dc895fa0 R15: 00007fff1a17cc28
[  437.162659][T27554]  </TASK>
[  437.514702][T27567] bridge_slave_0: left allmulticast mode
[  437.520454][T27567] bridge_slave_0: left promiscuous mode
[  437.526186][T27567] bridge0: port 1(bridge_slave_0) entered disabled state
[  437.535697][T27567] bridge_slave_1: left allmulticast mode
[  437.541429][T27567] bridge_slave_1: left promiscuous mode
[  437.547214][T27567] bridge0: port 2(bridge_slave_1) entered disabled state
[  437.558020][T27567] bond0: (slave bond_slave_0): Releasing backup interface
[  437.566403][T27567] bond0: (slave bond_slave_1): Releasing backup interface
[  437.575113][T27567] team0: Port device team_slave_0 removed
[  437.581841][T27567] team0: Port device team_slave_1 removed
[  437.588070][T27567] batman_adv: batadv0: Removing interface: batadv_slave_0
[  437.596752][T27567] batman_adv: batadv0: Removing interface: batadv_slave_1
[  437.606832][ T3517] IPVS: starting estimator thread 0...
[  437.618659][T27568] loop2: detected capacity change from 0 to 512
[  437.625596][T27568] EXT4-fs: Ignoring removed nomblk_io_submit option
[  437.634192][T27568] EXT4-fs: Ignoring removed mblk_io_submit option
[  437.642995][T27568] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  437.652849][T27568] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  437.661757][T27568] EXT4-fs (loop2): 1 truncate cleaned up
[  437.669748][T27568] EXT4-fs mount: 3 callbacks suppressed
[  437.669767][T27568] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  437.696258][T27568] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  437.705128][T27569] IPVS: using max 2256 ests per chain, 112800 per kthread
[  437.950182][T27572] loop5: detected capacity change from 0 to 256
[  437.962996][T27572] FAT-fs (loop5): bogus sectors per cluster 0
[  437.969312][T27572] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; no bootstrapping code
[  437.978595][T27572] FAT-fs (loop5): Can't find a valid FAT filesystem
[  438.231194][   T29] audit: type=1326 audit(1748469443.485:35761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27560 comm="syz.6.4899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dc66e969 code=0x7fc00000
[  438.234349][T27577] loop0: detected capacity change from 0 to 164
[  438.265952][T27577] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13160 sclass=netlink_route_socket pid=27577 comm=syz.0.4902
[  438.281904][T27577] iso9660: Corrupted directory entry in block 4 of inode 1792
[  438.333636][T17500] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  438.949345][T27600] netlink: 'syz.5.4911': attribute type 1 has an invalid length.
[  438.958554][T27600] netlink: 52 bytes leftover after parsing attributes in process `syz.5.4911'.
[  439.030366][T27607] loop5: detected capacity change from 0 to 128
[  439.038752][T27607] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  439.053010][T27607] ext4 filesystem being mounted at /488/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  439.077841][   T29] audit: type=1400 audit(1748469444.335:35762): avc:  denied  { mounton } for  pid=27606 comm="syz.5.4914" path="/488/mnt/file0" dev="loop5" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  439.109450][T27607] 9pnet: Could not find request transport: f
[  439.171295][T27613] loop1: detected capacity change from 0 to 164
[  439.189867][T27613] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13160 sclass=netlink_route_socket pid=27613 comm=syz.1.4916
[  439.209793][T27613] iso9660: Corrupted directory entry in block 4 of inode 1792
[  439.236964][T27618] FAULT_INJECTION: forcing a failure.
[  439.236964][T27618] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  439.250095][T27618] CPU: 0 UID: 0 PID: 27618 Comm: syz.6.4918 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  439.250132][T27618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  439.250164][T27618] Call Trace:
[  439.250172][T27618]  <TASK>
[  439.250180][T27618]  __dump_stack+0x1d/0x30
[  439.250205][T27618]  dump_stack_lvl+0xe8/0x140
[  439.250232][T27618]  dump_stack+0x15/0x1b
[  439.250333][T27618]  should_fail_ex+0x265/0x280
[  439.250440][T27618]  should_fail+0xb/0x20
[  439.250466][T27618]  should_fail_usercopy+0x1a/0x20
[  439.250562][T27618]  strncpy_from_user+0x25/0x230
[  439.250584][T27618]  ? kmem_cache_alloc_noprof+0x186/0x310
[  439.250661][T27618]  ? getname_flags+0x80/0x3b0
[  439.250690][T27618]  getname_flags+0xae/0x3b0
[  439.250717][T27618]  do_sys_openat2+0x60/0x110
[  439.250814][T27618]  __x64_sys_openat+0xf2/0x120
[  439.250897][T27618]  x64_sys_call+0x1af/0x2fb0
[  439.250927][T27618]  do_syscall_64+0xd2/0x200
[  439.250967][T27618]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  439.251002][T27618]  ? clear_bhb_loop+0x40/0x90
[  439.251023][T27618]  ? clear_bhb_loop+0x40/0x90
[  439.251101][T27618]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.251130][T27618] RIP: 0033:0x7fc6dc66e969
[  439.251149][T27618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  439.251219][T27618] RSP: 002b:00007fc6dacd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  439.251239][T27618] RAX: ffffffffffffffda RBX: 00007fc6dc895fa0 RCX: 00007fc6dc66e969
[  439.251256][T27618] RDX: 0000000000000040 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  439.251274][T27618] RBP: 00007fc6dacd7090 R08: 0000000000000000 R09: 0000000000000000
[  439.251290][T27618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  439.251312][T27618] R13: 0000000000000001 R14: 00007fc6dc895fa0 R15: 00007fff1a17cc28
[  439.251361][T27618]  </TASK>
[  439.471127][T27607] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4914'.
[  439.518602][T27625] loop2: detected capacity change from 0 to 512
[  439.534311][T27625] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  439.551100][T27625] ext4 filesystem being mounted at /429/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  439.570889][T15798] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  439.644342][T27632] loop0: detected capacity change from 0 to 512
[  439.672550][T27632] EXT4-fs warning (device loop0): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  439.709461][T27632] EXT4-fs (loop0): mount failed
[  439.733471][T27640] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  439.755890][T27640] SELinux: failed to load policy
[  439.891073][T27644] sg_write: process 834 (syz.1.4925) changed security contexts after opening file descriptor, this is not allowed.
[  440.149780][T27649] netlink: 56 bytes leftover after parsing attributes in process `syz.5.4928'.
[  440.336170][T17500] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  440.609183][T27655] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4930'.
[  440.692374][T27658] loop6: detected capacity change from 0 to 512
[  440.701131][T27658] EXT4-fs: Ignoring removed bh option
[  440.706700][T27658] EXT4-fs: test_dummy_encryption option not supported
[  440.762715][T27663] FAULT_INJECTION: forcing a failure.
[  440.762715][T27663] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  440.775961][T27663] CPU: 1 UID: 0 PID: 27663 Comm: syz.6.4933 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  440.775996][T27663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  440.776009][T27663] Call Trace:
[  440.776062][T27663]  <TASK>
[  440.776070][T27663]  __dump_stack+0x1d/0x30
[  440.776097][T27663]  dump_stack_lvl+0xe8/0x140
[  440.776123][T27663]  dump_stack+0x15/0x1b
[  440.776140][T27663]  should_fail_ex+0x265/0x280
[  440.776175][T27663]  should_fail+0xb/0x20
[  440.776285][T27663]  should_fail_usercopy+0x1a/0x20
[  440.776321][T27663]  _copy_from_user+0x1c/0xb0
[  440.776345][T27663]  __sys_connect+0xd0/0x2b0
[  440.776424][T27663]  __x64_sys_connect+0x3f/0x50
[  440.776448][T27663]  x64_sys_call+0x1daa/0x2fb0
[  440.776470][T27663]  do_syscall_64+0xd2/0x200
[  440.776563][T27663]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  440.776598][T27663]  ? clear_bhb_loop+0x40/0x90
[  440.776660][T27663]  ? clear_bhb_loop+0x40/0x90
[  440.776681][T27663]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  440.776703][T27663] RIP: 0033:0x7fc6dc66e969
[  440.776726][T27663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  440.776744][T27663] RSP: 002b:00007fc6dacd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  440.776788][T27663] RAX: ffffffffffffffda RBX: 00007fc6dc895fa0 RCX: 00007fc6dc66e969
[  440.776805][T27663] RDX: 0000000000000010 RSI: 0000200000000180 RDI: 0000000000000006
[  440.776821][T27663] RBP: 00007fc6dacd7090 R08: 0000000000000000 R09: 0000000000000000
[  440.776833][T27663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  440.776845][T27663] R13: 0000000000000000 R14: 00007fc6dc895fa0 R15: 00007fff1a17cc28
[  440.776933][T27663]  </TASK>
[  441.131609][T27667] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4935'.
[  441.233258][T27695] netlink: 96 bytes leftover after parsing attributes in process `syz.6.4937'.
[  441.244068][T27697] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  441.254098][T27697] SELinux: failed to load policy
[  441.375048][T27714] tipc: Started in network mode
[  441.380043][T27714] tipc: Node identity 62a7a52acb63, cluster identity 4711
[  441.388084][T27714] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  441.485393][T27713] tipc: Resetting bearer <eth:syzkaller0>
[  441.509737][T27713] tipc: Disabling bearer <eth:syzkaller0>
[  441.605851][T27743] loop2: detected capacity change from 0 to 164
[  441.627337][T27743] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13160 sclass=netlink_route_socket pid=27743 comm=syz.2.4941
[  441.648046][T27743] iso9660: Corrupted directory entry in block 4 of inode 1792
[  441.899526][T27762] loop2: detected capacity change from 0 to 512
[  441.923557][T27762] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  441.947362][T27762] ext4 filesystem being mounted at /435/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  441.979467][T27762] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4943'.
[  442.019763][T17500] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  442.265040][T27799] loop6: detected capacity change from 0 to 512
[  442.273833][T27799] ext4: Unknown parameter 'dont_appraise'
[  442.440875][T27818] netlink: 'syz.2.4947': attribute type 13 has an invalid length.
[  442.453502][T27818] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  442.565835][T27822] netlink: 96 bytes leftover after parsing attributes in process `syz.6.4949'.
[  442.600410][T27824] loop2: detected capacity change from 0 to 2048
[  442.616217][   T29] kauditd_printk_skb: 106 callbacks suppressed
[  442.616237][   T29] audit: type=1326 audit(1748469447.865:35868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27827 comm="syz.6.4952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  442.647797][   T29] audit: type=1326 audit(1748469447.865:35869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27827 comm="syz.6.4952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  442.671542][   T29] audit: type=1326 audit(1748469447.865:35870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27827 comm="syz.6.4952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  442.695166][   T29] audit: type=1326 audit(1748469447.865:35871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27827 comm="syz.6.4952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  442.706844][T27824]  loop2: p1 < > p4
[  442.718776][   T29] audit: type=1326 audit(1748469447.865:35872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27827 comm="syz.6.4952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  442.718816][   T29] audit: type=1326 audit(1748469447.865:35873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27827 comm="syz.6.4952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  442.718847][   T29] audit: type=1326 audit(1748469447.875:35874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27827 comm="syz.6.4952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  442.718901][   T29] audit: type=1326 audit(1748469447.875:35875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27827 comm="syz.6.4952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  442.719004][   T29] audit: type=1326 audit(1748469447.875:35876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27827 comm="syz.6.4952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  442.719039][   T29] audit: type=1326 audit(1748469447.875:35877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27827 comm="syz.6.4952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc6dc66e969 code=0x7ffc0000
[  442.780534][T27828] loop6: detected capacity change from 0 to 512
[  442.798453][T27824] loop2: p4 size 8388608 extends beyond EOD, 
[  442.835168][T27828] EXT4-fs: Ignoring removed mblk_io_submit option
[  442.844458][T27824] truncated
[  442.923743][T27828] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  442.971645][T27834] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4954'.
[  442.986225][T27828] EXT4-fs (loop6): 1 truncate cleaned up
[  443.039731][T27838] netlink: 'syz.5.4956': attribute type 13 has an invalid length.
[  443.051257][T27838] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  443.115479][T27828] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  443.206517][T27848] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  443.237516][T27848] SELinux: failed to load policy
[  443.279966][T27853] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4962'.
[  443.395530][T27857] loop5: detected capacity change from 0 to 512
[  443.414709][T27828] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(11)
[  443.421369][T27828] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  443.449881][T27828] vhci_hcd vhci_hcd.0: Device attached
[  443.482803][T27862] vhci_hcd: connection closed
[  443.483206][T10955] vhci_hcd: stop threads
[  443.492983][T10955] vhci_hcd: release socket
[  443.497476][T10955] vhci_hcd: disconnect device
[  443.504425][T27857] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  443.531172][T27857] ext4 filesystem being mounted at /496/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  443.582384][T27881] loop2: detected capacity change from 0 to 4096
[  443.585074][T15798] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  443.618827][T27881] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  443.654035][T17500] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  443.835179][T27886] loop5: detected capacity change from 0 to 512
[  443.872503][T27886] EXT4-fs: Ignoring removed mblk_io_submit option
[  443.887430][T27886] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  443.965441][T27886] EXT4-fs (loop5): 1 truncate cleaned up
[  443.987110][T27886] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  444.044891][T18396] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  444.096166][T27918] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(11)
[  444.102821][T27918] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  444.103098][T27920] netlink: 'syz.6.4971': attribute type 13 has an invalid length.
[  444.111151][T27918] vhci_hcd vhci_hcd.0: Device attached
[  444.166173][T27920] veth0_macvtap: left allmulticast mode
[  444.178996][T27922] vhci_hcd: connection closed
[  444.182215][T17045] vhci_hcd: stop threads
[  444.191295][T17045] vhci_hcd: release socket
[  444.195834][T17045] vhci_hcd: disconnect device
[  444.205410][T27930] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  444.532356][T27970] tipc: Started in network mode
[  444.537316][T27970] tipc: Node identity 2eb90ad97021, cluster identity 4711
[  444.544625][T27970] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  444.578165][T27969] tipc: Resetting bearer <eth:syzkaller0>
[  444.591869][T27969] tipc: Disabling bearer <eth:syzkaller0>
[  444.699013][T15798] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  444.818257][T28014] loop6: detected capacity change from 0 to 512
[  444.831414][T28014] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  444.870493][T28014] ext4 filesystem being mounted at /355/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  444.897065][T28014] __nla_validate_parse: 1 callbacks suppressed
[  444.897082][T28014] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4979'.
[  444.944440][T18396] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  445.471757][T28039] FAULT_INJECTION: forcing a failure.
[  445.471757][T28039] name failslab, interval 1, probability 0, space 0, times 0
[  445.484551][T28039] CPU: 0 UID: 0 PID: 28039 Comm: syz.0.4988 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  445.484598][T28039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  445.484616][T28039] Call Trace:
[  445.484625][T28039]  <TASK>
[  445.484635][T28039]  __dump_stack+0x1d/0x30
[  445.484706][T28039]  dump_stack_lvl+0xe8/0x140
[  445.484732][T28039]  dump_stack+0x15/0x1b
[  445.484756][T28039]  should_fail_ex+0x265/0x280
[  445.484794][T28039]  should_failslab+0x8c/0xb0
[  445.484820][T28039]  kmem_cache_alloc_noprof+0x50/0x310
[  445.484874][T28039]  ? sctp_get_port_local+0x420/0xab0
[  445.484907][T28039]  sctp_get_port_local+0x420/0xab0
[  445.484946][T28039]  sctp_do_bind+0x398/0x4b0
[  445.484975][T28039]  sctp_connect_new_asoc+0x153/0x3a0
[  445.485003][T28039]  sctp_sendmsg+0xf10/0x18d0
[  445.485032][T28039]  ? selinux_socket_sendmsg+0x121/0x1b0
[  445.485075][T28039]  ? __pfx_sctp_sendmsg+0x10/0x10
[  445.485131][T28039]  inet_sendmsg+0xc5/0xd0
[  445.485159][T28039]  __sock_sendmsg+0x102/0x180
[  445.485280][T28039]  __sys_sendto+0x268/0x330
[  445.485346][T28039]  __x64_sys_sendto+0x76/0x90
[  445.485373][T28039]  x64_sys_call+0x2eb6/0x2fb0
[  445.485425][T28039]  do_syscall_64+0xd2/0x200
[  445.485466][T28039]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  445.485497][T28039]  ? clear_bhb_loop+0x40/0x90
[  445.485522][T28039]  ? clear_bhb_loop+0x40/0x90
[  445.485625][T28039]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  445.485656][T28039] RIP: 0033:0x7febb529e969
[  445.485675][T28039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  445.485697][T28039] RSP: 002b:00007febb3907038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  445.485744][T28039] RAX: ffffffffffffffda RBX: 00007febb54c5fa0 RCX: 00007febb529e969
[  445.485809][T28039] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000004
[  445.485821][T28039] RBP: 00007febb3907090 R08: 0000200000000100 R09: 000000000000001c
[  445.485837][T28039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  445.485853][T28039] R13: 0000000000000000 R14: 00007febb54c5fa0 R15: 00007fff6172a768
[  445.485876][T28039]  </TASK>
[  445.925306][T28046] loop0: detected capacity change from 0 to 512
[  445.946642][T28046] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  445.962215][T28046] ext4 filesystem being mounted at /448/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  445.991711][T28046] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4991'.
[  446.042171][T17415] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  446.270262][T28057] x_tables: duplicate underflow at hook 1
[  446.339468][T28060] loop2: detected capacity change from 0 to 512
[  446.356265][T28060] ext4: Unknown parameter 'dont_appraise'
[  446.423129][T28066] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4998'.
[  446.515444][T28072] netlink: 52 bytes leftover after parsing attributes in process `syz.0.5000'.
[  446.592747][T28076] netlink: 'syz.5.5002': attribute type 13 has an invalid length.
[  446.604452][T28076] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  446.617172][T28078] loop0: detected capacity change from 0 to 512
[  446.635666][T28078] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  446.664161][T28078] ext4 filesystem being mounted at /454/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  446.722764][T28078] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5003'.
[  446.780843][T17415] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  446.811625][T28087] netlink: 52 bytes leftover after parsing attributes in process `syz.0.5005'.
[  447.044818][T28085] loop5: detected capacity change from 0 to 512
[  447.120367][T28085] EXT4-fs: Ignoring removed mblk_io_submit option
[  447.149915][T28085] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  447.244241][T28085] EXT4-fs (loop5): 1 truncate cleaned up
[  447.279598][T28085] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  447.373359][T28085] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(11)
[  447.379995][T28085] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  447.401449][T28085] vhci_hcd vhci_hcd.0: Device attached
[  447.418766][T28112] loop1: detected capacity change from 0 to 512
[  447.425606][T28112] EXT4-fs: Ignoring removed oldalloc option
[  447.438795][T28112] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm +}[@: Parent and EA inode have the same ino 15
[  447.456863][T28112] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm +}[@: Parent and EA inode have the same ino 15
[  447.471194][T28112] EXT4-fs (loop1): 1 orphan inode deleted
[  447.477573][T28112] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  447.504626][T18517] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  447.521191][T28109] vhci_hcd: connection closed
[  447.521427][T17047] vhci_hcd: stop threads
[  447.531281][T17047] vhci_hcd: release socket
[  447.532958][T28115] loop1: detected capacity change from 0 to 512
[  447.535751][T17047] vhci_hcd: disconnect device
[  447.558988][T28115] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  447.571612][T28115] ext4 filesystem being mounted at /330/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  447.586410][T28115] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5015'.
[  447.596116][   T37] vhci_hcd: vhci_device speed not set
[  447.615525][T18517] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  447.636283][T28119] loop1: detected capacity change from 0 to 512
[  447.643085][T28119] ext4: Unknown parameter 'dont_appraise'
[  447.793567][   T29] kauditd_printk_skb: 262 callbacks suppressed
[  447.793585][   T29] audit: type=1326 audit(1748469453.045:36138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28125 comm="syz.2.5018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  447.825301][   T29] audit: type=1326 audit(1748469453.055:36139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28125 comm="syz.2.5018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  447.849155][   T29] audit: type=1326 audit(1748469453.055:36140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28125 comm="syz.2.5018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  447.872715][   T29] audit: type=1326 audit(1748469453.055:36141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28125 comm="syz.2.5018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  447.896671][   T29] audit: type=1326 audit(1748469453.055:36142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28125 comm="syz.2.5018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  447.920382][   T29] audit: type=1326 audit(1748469453.055:36143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28125 comm="syz.2.5018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  447.944158][   T29] audit: type=1326 audit(1748469453.065:36144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28125 comm="syz.2.5018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  447.967672][   T29] audit: type=1326 audit(1748469453.065:36145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28125 comm="syz.2.5018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  447.991273][   T29] audit: type=1326 audit(1748469453.065:36146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28125 comm="syz.2.5018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  448.014869][   T29] audit: type=1326 audit(1748469453.065:36147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28125 comm="syz.2.5018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  448.044654][T28128] loop2: detected capacity change from 0 to 164
[  448.060510][T28128] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13160 sclass=netlink_route_socket pid=28128 comm=syz.2.5019
[  448.074868][T28128] iso9660: Corrupted directory entry in block 4 of inode 1792
[  448.162563][T28139] loop1: detected capacity change from 0 to 512
[  448.179413][T15798] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  448.209837][T28145] loop5: detected capacity change from 0 to 512
[  448.217747][T28144] netlink: 96 bytes leftover after parsing attributes in process `syz.2.5027'.
[  448.241277][T28145] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  448.256538][T28145] ext4 filesystem being mounted at /505/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  448.286633][T28151] netlink: 52 bytes leftover after parsing attributes in process `syz.1.5029'.
[  448.302193][T28145] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5026'.
[  448.310434][T28153] loop2: detected capacity change from 0 to 4096
[  448.322273][T28153] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  448.339887][T15798] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  448.364701][T17500] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  448.382134][T28157] FAULT_INJECTION: forcing a failure.
[  448.382134][T28157] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  448.395336][T28157] CPU: 0 UID: 0 PID: 28157 Comm: syz.1.5032 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  448.395428][T28157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  448.395441][T28157] Call Trace:
[  448.395448][T28157]  <TASK>
[  448.395457][T28157]  __dump_stack+0x1d/0x30
[  448.395486][T28157]  dump_stack_lvl+0xe8/0x140
[  448.395513][T28157]  dump_stack+0x15/0x1b
[  448.395574][T28157]  should_fail_ex+0x265/0x280
[  448.395612][T28157]  should_fail+0xb/0x20
[  448.395644][T28157]  should_fail_usercopy+0x1a/0x20
[  448.395702][T28157]  _copy_from_user+0x1c/0xb0
[  448.395721][T28157]  ___sys_sendmsg+0xc1/0x1d0
[  448.395769][T28157]  __x64_sys_sendmsg+0xd4/0x160
[  448.395814][T28157]  x64_sys_call+0x2999/0x2fb0
[  448.395841][T28157]  do_syscall_64+0xd2/0x200
[  448.395937][T28157]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  448.395965][T28157]  ? clear_bhb_loop+0x40/0x90
[  448.395987][T28157]  ? clear_bhb_loop+0x40/0x90
[  448.396092][T28157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.396120][T28157] RIP: 0033:0x7f44ed8be969
[  448.396139][T28157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  448.396163][T28157] RSP: 002b:00007f44ebf27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  448.396201][T28157] RAX: ffffffffffffffda RBX: 00007f44edae5fa0 RCX: 00007f44ed8be969
[  448.396218][T28157] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000004
[  448.396230][T28157] RBP: 00007f44ebf27090 R08: 0000000000000000 R09: 0000000000000000
[  448.396242][T28157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  448.396284][T28157] R13: 0000000000000000 R14: 00007f44edae5fa0 R15: 00007ffd3f5b8838
[  448.396308][T28157]  </TASK>
[  448.578178][T28157] loop1: detected capacity change from 0 to 1024
[  448.598708][T28163] loop2: detected capacity change from 0 to 1024
[  448.620465][T28157] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  448.634291][T28163] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  448.636584][T28157] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.5032: Allocating blocks 497-513 which overlap fs metadata
[  448.660548][T28171] loop5: detected capacity change from 0 to 1024
[  448.665943][T28163] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.5033: Allocating blocks 497-513 which overlap fs metadata
[  448.673196][T28157] EXT4-fs (loop1): pa ffff888106de5690: logic 16, phys. 145, len 23
[  448.683679][T28171] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  448.689903][T28157] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  448.707849][T28163] EXT4-fs (loop2): pa ffff8881058c2af0: logic 16, phys. 145, len 23
[  448.713268][T28157] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[  448.720506][T28163] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  448.721023][T28171] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  448.741111][T28163] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[  448.744099][T28157] EXT4-fs (loop1): This should not happen!! Data will be lost
[  448.744099][T28157] 
[  448.752331][T28163] EXT4-fs (loop2): This should not happen!! Data will be lost
[  448.752331][T28163] 
[  448.765267][T28157] EXT4-fs (loop1): Total free blocks count 0
[  448.774121][T28163] EXT4-fs (loop2): Total free blocks count 0
[  448.774144][T28163] EXT4-fs (loop2): Free/Dirty block details
[  448.784532][T28157] EXT4-fs (loop1): Free/Dirty block details
[  448.789815][T28163] EXT4-fs (loop2): free_blocks=16
[  448.795765][T28157] EXT4-fs (loop1): free_blocks=16
[  448.801666][T28163] EXT4-fs (loop2): dirty_blocks=0
[  448.801683][T28163] EXT4-fs (loop2): Block reservation details
[  448.801696][T28163] EXT4-fs (loop2): i_reserved_data_blocks=0
[  448.836298][T28157] EXT4-fs (loop1): dirty_blocks=0
[  448.842134][T28157] EXT4-fs (loop1): Block reservation details
[  448.848178][T28157] EXT4-fs (loop1): i_reserved_data_blocks=0
[  448.894311][T28163] pim6reg1: entered promiscuous mode
[  448.899697][T28163] pim6reg1: entered allmulticast mode
[  448.968713][T28186] pim6reg1: entered promiscuous mode
[  448.974104][T28186] pim6reg1: entered allmulticast mode
[  449.124265][T28196] loop2: detected capacity change from 0 to 4096
[  449.135657][T28196] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  449.167301][T17500] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  449.326170][T28208] loop2: detected capacity change from 0 to 164
[  449.335457][T28208] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13160 sclass=netlink_route_socket pid=28208 comm=syz.2.5048
[  449.351536][T28208] iso9660: Corrupted directory entry in block 4 of inode 1792
[  449.915350][T28229] FAULT_INJECTION: forcing a failure.
[  449.915350][T28229] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  449.928593][T28229] CPU: 0 UID: 0 PID: 28229 Comm: syz.6.5061 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  449.928669][T28229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  449.928728][T28229] Call Trace:
[  449.928736][T28229]  <TASK>
[  449.928746][T28229]  __dump_stack+0x1d/0x30
[  449.928775][T28229]  dump_stack_lvl+0xe8/0x140
[  449.928823][T28229]  dump_stack+0x15/0x1b
[  449.928846][T28229]  should_fail_ex+0x265/0x280
[  449.928882][T28229]  should_fail+0xb/0x20
[  449.928923][T28229]  should_fail_usercopy+0x1a/0x20
[  449.928989][T28229]  _copy_from_user+0x1c/0xb0
[  449.929013][T28229]  ___sys_sendmsg+0xc1/0x1d0
[  449.929128][T28229]  __x64_sys_sendmsg+0xd4/0x160
[  449.929169][T28229]  x64_sys_call+0x2999/0x2fb0
[  449.929195][T28229]  do_syscall_64+0xd2/0x200
[  449.929236][T28229]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  449.929271][T28229]  ? clear_bhb_loop+0x40/0x90
[  449.929299][T28229]  ? clear_bhb_loop+0x40/0x90
[  449.929407][T28229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  449.929433][T28229] RIP: 0033:0x7fc6dc66e969
[  449.929449][T28229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  449.929474][T28229] RSP: 002b:00007fc6dacd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  449.929502][T28229] RAX: ffffffffffffffda RBX: 00007fc6dc895fa0 RCX: 00007fc6dc66e969
[  449.929517][T28229] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000003
[  449.929529][T28229] RBP: 00007fc6dacd7090 R08: 0000000000000000 R09: 0000000000000000
[  449.929544][T28229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  449.929560][T28229] R13: 0000000000000000 R14: 00007fc6dc895fa0 R15: 00007fff1a17cc28
[  449.929585][T28229]  </TASK>
[  450.126528][T28234] loop5: detected capacity change from 0 to 1024
[  450.134767][T28234] EXT4-fs: Ignoring removed orlov option
[  450.168292][T28234] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  450.189508][T28244] __nla_validate_parse: 7 callbacks suppressed
[  450.189529][T28244] netlink: 52 bytes leftover after parsing attributes in process `syz.1.5065'.
[  450.203781][T28234] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  450.219370][T28241] batadv_slave_0: entered promiscuous mode
[  450.243870][T28241] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5064'.
[  450.246888][T15798] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  450.263610][T28241] batadv_slave_0 (unregistering): left promiscuous mode
[  450.285065][T28253] x_tables: duplicate underflow at hook 1
[  450.464778][T28269] FAULT_INJECTION: forcing a failure.
[  450.464778][T28269] name failslab, interval 1, probability 0, space 0, times 0
[  450.478309][T28269] CPU: 1 UID: 0 PID: 28269 Comm: syz.1.5073 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  450.478367][T28269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  450.478425][T28269] Call Trace:
[  450.478490][T28269]  <TASK>
[  450.478500][T28269]  __dump_stack+0x1d/0x30
[  450.478568][T28269]  dump_stack_lvl+0xe8/0x140
[  450.478595][T28269]  dump_stack+0x15/0x1b
[  450.478620][T28269]  should_fail_ex+0x265/0x280
[  450.478745][T28269]  should_failslab+0x8c/0xb0
[  450.478771][T28269]  kmem_cache_alloc_noprof+0x50/0x310
[  450.478801][T28269]  ? audit_log_start+0x365/0x6c0
[  450.478843][T28269]  audit_log_start+0x365/0x6c0
[  450.478983][T28269]  audit_seccomp+0x48/0x100
[  450.479022][T28269]  ? __seccomp_filter+0x68c/0x10d0
[  450.479054][T28269]  __seccomp_filter+0x69d/0x10d0
[  450.479106][T28269]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  450.479149][T28269]  ? vfs_write+0x75e/0x8e0
[  450.479185][T28269]  ? __rcu_read_unlock+0x4f/0x70
[  450.479208][T28269]  ? __fget_files+0x184/0x1c0
[  450.479254][T28269]  __secure_computing+0x82/0x150
[  450.479285][T28269]  syscall_trace_enter+0xcf/0x1e0
[  450.479326][T28269]  do_syscall_64+0xac/0x200
[  450.479366][T28269]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  450.479470][T28269]  ? clear_bhb_loop+0x40/0x90
[  450.479494][T28269]  ? clear_bhb_loop+0x40/0x90
[  450.479523][T28269]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  450.479551][T28269] RIP: 0033:0x7f44ed8be969
[  450.479570][T28269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  450.479646][T28269] RSP: 002b:00007f44ebf27038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  450.479738][T28269] RAX: ffffffffffffffda RBX: 00007f44edae5fa0 RCX: 00007f44ed8be969
[  450.479756][T28269] RDX: 0000200000000280 RSI: 0000200000000240 RDI: 00002000000001c0
[  450.479773][T28269] RBP: 00007f44ebf27090 R08: 0000000000000000 R09: 0000000000000000
[  450.479789][T28269] R10: 0000000000001001 R11: 0000000000000246 R12: 0000000000000001
[  450.479806][T28269] R13: 0000000000000000 R14: 00007f44edae5fa0 R15: 00007ffd3f5b8838
[  450.479830][T28269]  </TASK>
[  450.723313][T28275] loop0: detected capacity change from 0 to 512
[  450.743099][T28275] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  450.758608][T28279] netlink: 52 bytes leftover after parsing attributes in process `syz.5.5077'.
[  450.768444][T28275] ext4 filesystem being mounted at /469/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  450.783154][T28275] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  450.800180][T28285] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  450.810902][T28285] SELinux: failed to load policy
[  450.840434][T28291] loop0: detected capacity change from 0 to 256
[  450.847770][T28291] FAT-fs (loop0): bogus sectors per cluster 0
[  450.853900][T28291] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; no bootstrapping code
[  450.863099][T28291] FAT-fs (loop0): Can't find a valid FAT filesystem
[  450.939304][T28301] loop2: detected capacity change from 0 to 512
[  450.949696][T28302] loop1: detected capacity change from 0 to 512
[  450.950428][T28301] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  450.956844][T28302] EXT4-fs: Ignoring removed nomblk_io_submit option
[  450.968750][T28301] ext4 filesystem being mounted at /473/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  450.986841][T28302] EXT4-fs: Ignoring removed mblk_io_submit option
[  450.991616][T28301] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5085'.
[  450.995791][T28302] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  451.012433][T28302] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[  451.022210][T28302] EXT4-fs (loop1): 1 truncate cleaned up
[  451.031520][T28302] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  451.048329][T17500] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  451.066953][T28312] loop6: detected capacity change from 0 to 164
[  451.073978][T28302] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  451.085457][T28312] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13160 sclass=netlink_route_socket pid=28312 comm=syz.6.5088
[  451.140207][T28318] netlink: 312 bytes leftover after parsing attributes in process `syz.2.5090'.
[  451.290613][T28329] ucma_write: process 1212 (syz.2.5095) changed security contexts after opening file descriptor, this is not allowed.
[  451.426419][T28339] loop2: detected capacity change from 0 to 164
[  451.437984][T28339] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13160 sclass=netlink_route_socket pid=28339 comm=syz.2.5097
[  451.452103][T28339] iso9660: Corrupted directory entry in block 4 of inode 1792
[  451.594657][T28344] netlink: 96 bytes leftover after parsing attributes in process `syz.2.5100'.
[  451.636459][T28348] loop2: detected capacity change from 0 to 164
[  451.646183][T28348] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13160 sclass=netlink_route_socket pid=28348 comm=syz.2.5102
[  451.735409][T18517] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  451.788207][T28360] 9pnet_fd: Insufficient options for proto=fd
[  451.831221][T28364] Unsupported ieee802154 address type: 0
[  451.860090][T28364] loop2: detected capacity change from 0 to 512
[  451.879766][T28364] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  451.913086][T28364] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec028, mo2=0102]
[  451.921844][T28364] System zones: 1-12
[  451.926699][T28364] EXT4-fs (loop2): 1 truncate cleaned up
[  451.933030][T28364] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  451.949003][T28364] EXT4-fs warning (device loop2): ext4_group_extend:1862: can't shrink FS - resize aborted
[  451.977210][T28362] FAULT_INJECTION: forcing a failure.
[  451.977210][T28362] name failslab, interval 1, probability 0, space 0, times 0
[  451.990711][T28362] CPU: 1 UID: 0 PID: 28362 Comm: syz.5.5108 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  451.990816][T28362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  451.990831][T28362] Call Trace:
[  451.990839][T28362]  <TASK>
[  451.990849][T28362]  __dump_stack+0x1d/0x30
[  451.990879][T28362]  dump_stack_lvl+0xe8/0x140
[  451.990906][T28362]  dump_stack+0x15/0x1b
[  451.990991][T28362]  should_fail_ex+0x265/0x280
[  451.991031][T28362]  should_failslab+0x8c/0xb0
[  451.991056][T28362]  kmem_cache_alloc_noprof+0x50/0x310
[  451.991111][T28362]  ? audit_log_start+0x365/0x6c0
[  451.991147][T28362]  audit_log_start+0x365/0x6c0
[  451.991195][T28362]  audit_seccomp+0x48/0x100
[  451.991316][T28362]  ? __seccomp_filter+0x68c/0x10d0
[  451.991348][T28362]  __seccomp_filter+0x69d/0x10d0
[  451.991424][T28362]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  451.991465][T28362]  ? vfs_write+0x75e/0x8e0
[  451.991519][T28362]  ? __rcu_read_unlock+0x4f/0x70
[  451.991542][T28362]  ? __fget_files+0x184/0x1c0
[  451.991624][T28362]  __secure_computing+0x82/0x150
[  451.991651][T28362]  syscall_trace_enter+0xcf/0x1e0
[  451.991686][T28362]  do_syscall_64+0xac/0x200
[  451.991726][T28362]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  451.991786][T28362]  ? clear_bhb_loop+0x40/0x90
[  451.991807][T28362]  ? clear_bhb_loop+0x40/0x90
[  451.991908][T28362]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  451.991978][T28362] RIP: 0033:0x7fe80edde969
[  451.991998][T28362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  451.992016][T28362] RSP: 002b:00007fe80d447038 EFLAGS: 00000246 ORIG_RAX: 00000000000001cb
[  451.992050][T28362] RAX: ffffffffffffffda RBX: 00007fe80f005fa0 RCX: 00007fe80edde969
[  451.992063][T28362] RDX: 0000200000000080 RSI: 0000200000000380 RDI: 0000000000000067
[  451.992077][T28362] RBP: 00007fe80d447090 R08: 0000000000000000 R09: 0000000000000000
[  451.992094][T28362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  451.992110][T28362] R13: 0000000000000000 R14: 00007fe80f005fa0 R15: 00007ffe90e22368
[  451.992137][T28362]  </TASK>
[  452.242429][T28371] loop1: detected capacity change from 0 to 512
[  452.295945][T28379] loop6: detected capacity change from 0 to 256
[  452.304587][T28379] FAT-fs (loop6): bogus sectors per cluster 0
[  452.311491][T28379] FAT-fs (loop6): This doesn't look like a DOS 1.x volume; no bootstrapping code
[  452.320693][T28379] FAT-fs (loop6): Can't find a valid FAT filesystem
[  452.330193][T28371] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  452.342988][T28371] ext4 filesystem being mounted at /353/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  452.365254][T28371] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5111'.
[  452.401745][T18517] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  452.429833][T17500] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  452.475730][T28389] netlink: 96 bytes leftover after parsing attributes in process `syz.2.5116'.
[  452.539561][T28396] loop2: detected capacity change from 0 to 164
[  452.576896][T28396] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13160 sclass=netlink_route_socket pid=28396 comm=syz.2.5119
[  452.694425][T28409] loop0: detected capacity change from 0 to 256
[  452.730776][T28409] FAT-fs (loop0): Directory bread(block 64) failed
[  452.740302][T28409] FAT-fs (loop0): Directory bread(block 65) failed
[  452.746978][T28409] FAT-fs (loop0): Directory bread(block 66) failed
[  452.754970][T28409] FAT-fs (loop0): Directory bread(block 67) failed
[  452.761953][T28409] FAT-fs (loop0): Directory bread(block 68) failed
[  452.770365][T28409] FAT-fs (loop0): Directory bread(block 69) failed
[  452.777022][T28409] FAT-fs (loop0): Directory bread(block 70) failed
[  452.783975][T28409] FAT-fs (loop0): Directory bread(block 71) failed
[  452.792970][T28409] FAT-fs (loop0): Directory bread(block 72) failed
[  452.802468][   T29] kauditd_printk_skb: 239 callbacks suppressed
[  452.802485][   T29] audit: type=1326 audit(1748469458.055:36383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28410 comm="syz.2.5126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  452.803058][T28409] FAT-fs (loop0): Directory bread(block 73) failed
[  452.812555][   T29] audit: type=1326 audit(1748469458.065:36384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28410 comm="syz.2.5126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  452.867942][   T29] audit: type=1326 audit(1748469458.125:36385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28410 comm="syz.2.5126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  452.892931][   T29] audit: type=1326 audit(1748469458.155:36386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28410 comm="syz.2.5126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  452.918728][   T29] audit: type=1326 audit(1748469458.175:36387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28410 comm="syz.2.5126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  452.944643][   T29] audit: type=1326 audit(1748469458.205:36388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28410 comm="syz.2.5126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  452.969483][   T29] audit: type=1326 audit(1748469458.225:36389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28410 comm="syz.2.5126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  452.996171][   T29] audit: type=1326 audit(1748469458.255:36390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28410 comm="syz.2.5126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  453.022175][   T29] audit: type=1326 audit(1748469458.275:36391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28410 comm="syz.2.5126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  453.047687][   T29] audit: type=1326 audit(1748469458.305:36392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28410 comm="syz.2.5126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f5bc524e969 code=0x7ffc0000
[  453.048245][T28415] netlink: 96 bytes leftover after parsing attributes in process `syz.0.5127'.
[  453.168903][T28420] FAULT_INJECTION: forcing a failure.
[  453.168903][T28420] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  453.182146][T28420] CPU: 0 UID: 0 PID: 28420 Comm: syz.6.5129 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  453.182183][T28420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  453.182198][T28420] Call Trace:
[  453.182216][T28420]  <TASK>
[  453.182225][T28420]  __dump_stack+0x1d/0x30
[  453.182249][T28420]  dump_stack_lvl+0xe8/0x140
[  453.182353][T28420]  dump_stack+0x15/0x1b
[  453.182371][T28420]  should_fail_ex+0x265/0x280
[  453.182409][T28420]  should_fail+0xb/0x20
[  453.182438][T28420]  should_fail_usercopy+0x1a/0x20
[  453.182548][T28420]  _copy_from_user+0x1c/0xb0
[  453.182574][T28420]  ___sys_sendmsg+0xc1/0x1d0
[  453.182650][T28420]  __x64_sys_sendmsg+0xd4/0x160
[  453.182744][T28420]  x64_sys_call+0x2999/0x2fb0
[  453.182778][T28420]  do_syscall_64+0xd2/0x200
[  453.182884][T28420]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  453.182917][T28420]  ? clear_bhb_loop+0x40/0x90
[  453.182993][T28420]  ? clear_bhb_loop+0x40/0x90
[  453.183019][T28420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  453.183168][T28420] RIP: 0033:0x7fc6dc66e969
[  453.183253][T28420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  453.183273][T28420] RSP: 002b:00007fc6dacd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  453.183294][T28420] RAX: ffffffffffffffda RBX: 00007fc6dc895fa0 RCX: 00007fc6dc66e969
[  453.183311][T28420] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  453.183328][T28420] RBP: 00007fc6dacd7090 R08: 0000000000000000 R09: 0000000000000000
[  453.183344][T28420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  453.183435][T28420] R13: 0000000000000000 R14: 00007fc6dc895fa0 R15: 00007fff1a17cc28
[  453.183461][T28420]  </TASK>
[  453.473681][T28430] FAULT_INJECTION: forcing a failure.
[  453.473681][T28430] name failslab, interval 1, probability 0, space 0, times 0
[  453.486574][T28430] CPU: 1 UID: 0 PID: 28430 Comm: syz.0.5133 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  453.486603][T28430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  453.486629][T28430] Call Trace:
[  453.486705][T28430]  <TASK>
[  453.486716][T28430]  __dump_stack+0x1d/0x30
[  453.486745][T28430]  dump_stack_lvl+0xe8/0x140
[  453.486769][T28430]  dump_stack+0x15/0x1b
[  453.486793][T28430]  should_fail_ex+0x265/0x280
[  453.486873][T28430]  ? resv_map_alloc+0x32/0x190
[  453.486968][T28430]  should_failslab+0x8c/0xb0
[  453.486992][T28430]  __kmalloc_cache_noprof+0x4c/0x320
[  453.487026][T28430]  ? vfs_write+0x75e/0x8e0
[  453.487064][T28430]  resv_map_alloc+0x32/0x190
[  453.487098][T28430]  hugetlbfs_get_inode+0x67/0x370
[  453.487133][T28430]  hugetlb_file_setup+0x192/0x3d0
[  453.487169][T28430]  ksys_mmap_pgoff+0x157/0x310
[  453.487284][T28430]  x64_sys_call+0x1602/0x2fb0
[  453.487309][T28430]  do_syscall_64+0xd2/0x200
[  453.487343][T28430]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  453.487380][T28430]  ? clear_bhb_loop+0x40/0x90
[  453.487408][T28430]  ? clear_bhb_loop+0x40/0x90
[  453.487485][T28430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  453.487509][T28430] RIP: 0033:0x7febb529e969
[  453.487536][T28430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  453.487554][T28430] RSP: 002b:00007febb3907038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  453.487576][T28430] RAX: ffffffffffffffda RBX: 00007febb54c5fa0 RCX: 00007febb529e969
[  453.487593][T28430] RDX: 0000000003000002 RSI: 0000000000c00000 RDI: 0000200000400000
[  453.487661][T28430] RBP: 00007febb3907090 R08: ffffffffffffffff R09: 0000000000000000
[  453.487719][T28430] R10: 000000000005d031 R11: 0000000000000246 R12: 0000000000000001
[  453.487731][T28430] R13: 0000000000000000 R14: 00007febb54c5fa0 R15: 00007fff6172a768
[  453.487756][T28430]  </TASK>
[  453.759738][T28437] FAULT_INJECTION: forcing a failure.
[  453.759738][T28437] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  453.773094][T28437] CPU: 1 UID: 0 PID: 28437 Comm: syz.5.5136 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  453.773123][T28437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  453.773140][T28437] Call Trace:
[  453.773149][T28437]  <TASK>
[  453.773159][T28437]  __dump_stack+0x1d/0x30
[  453.773262][T28437]  dump_stack_lvl+0xe8/0x140
[  453.773290][T28437]  dump_stack+0x15/0x1b
[  453.773314][T28437]  should_fail_ex+0x265/0x280
[  453.773396][T28437]  should_fail+0xb/0x20
[  453.773480][T28437]  should_fail_usercopy+0x1a/0x20
[  453.773528][T28437]  _copy_from_user+0x1c/0xb0
[  453.773552][T28437]  __x64_sys_setrlimit+0x5e/0xc0
[  453.773630][T28437]  x64_sys_call+0x2249/0x2fb0
[  453.773661][T28437]  do_syscall_64+0xd2/0x200
[  453.773701][T28437]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  453.773738][T28437]  ? clear_bhb_loop+0x40/0x90
[  453.773800][T28437]  ? clear_bhb_loop+0x40/0x90
[  453.773831][T28437]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  453.773856][T28437] RIP: 0033:0x7fe80edde969
[  453.773872][T28437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  453.773934][T28437] RSP: 002b:00007fe80d447038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a0
[  453.773985][T28437] RAX: ffffffffffffffda RBX: 00007fe80f005fa0 RCX: 00007fe80edde969
[  453.774000][T28437] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0040000000000008
[  453.774018][T28437] RBP: 00007fe80d447090 R08: 0000000000000000 R09: 0000000000000000
[  453.774034][T28437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  453.774050][T28437] R13: 0000000000000000 R14: 00007fe80f005fa0 R15: 00007ffe90e22368
[  453.774076][T28437]  </TASK>
[  453.950935][T28442] netlink: 'syz.1.5135': attribute type 2 has an invalid length.
[  453.959532][T28442] netlink: 51 bytes leftover after parsing attributes in process `syz.1.5135'.
[  454.135513][T28447] loop5: detected capacity change from 0 to 256
[  454.142726][T28447] FAT-fs (loop5): bogus sectors per cluster 0
[  454.148942][T28447] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; no bootstrapping code
[  454.158238][T28447] FAT-fs (loop5): Can't find a valid FAT filesystem
[  454.284645][T28457] FAULT_INJECTION: forcing a failure.
[  454.284645][T28457] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  454.298663][T28457] CPU: 1 UID: 0 PID: 28457 Comm: syz.1.5143 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  454.298761][T28457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  454.298778][T28457] Call Trace:
[  454.298786][T28457]  <TASK>
[  454.298796][T28457]  __dump_stack+0x1d/0x30
[  454.298826][T28457]  dump_stack_lvl+0xe8/0x140
[  454.298850][T28457]  dump_stack+0x15/0x1b
[  454.298916][T28457]  should_fail_ex+0x265/0x280
[  454.298946][T28457]  should_fail+0xb/0x20
[  454.298977][T28457]  should_fail_usercopy+0x1a/0x20
[  454.299041][T28457]  _copy_from_user+0x1c/0xb0
[  454.299099][T28457]  ___sys_sendmsg+0xc1/0x1d0
[  454.299202][T28457]  __x64_sys_sendmsg+0xd4/0x160
[  454.299244][T28457]  x64_sys_call+0x2999/0x2fb0
[  454.299275][T28457]  do_syscall_64+0xd2/0x200
[  454.299312][T28457]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  454.299343][T28457]  ? clear_bhb_loop+0x40/0x90
[  454.299365][T28457]  ? clear_bhb_loop+0x40/0x90
[  454.299482][T28457]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  454.299510][T28457] RIP: 0033:0x7f44ed8be969
[  454.299525][T28457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  454.299663][T28457] RSP: 002b:00007f44ebf27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  454.299682][T28457] RAX: ffffffffffffffda RBX: 00007f44edae5fa0 RCX: 00007f44ed8be969
[  454.299695][T28457] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000003
[  454.299749][T28457] RBP: 00007f44ebf27090 R08: 0000000000000000 R09: 0000000000000000
[  454.299768][T28457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  454.299780][T28457] R13: 0000000000000000 R14: 00007f44edae5fa0 R15: 00007ffd3f5b8838
[  454.299800][T28457]  </TASK>
[  454.487108][T28459] FAULT_INJECTION: forcing a failure.
[  454.487108][T28459] name failslab, interval 1, probability 0, space 0, times 0
[  454.500526][T28459] CPU: 1 UID: 0 PID: 28459 Comm: syz.6.5145 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  454.500562][T28459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  454.500575][T28459] Call Trace:
[  454.500582][T28459]  <TASK>
[  454.500590][T28459]  __dump_stack+0x1d/0x30
[  454.500613][T28459]  dump_stack_lvl+0xe8/0x140
[  454.500636][T28459]  dump_stack+0x15/0x1b
[  454.500659][T28459]  should_fail_ex+0x265/0x280
[  454.500698][T28459]  should_failslab+0x8c/0xb0
[  454.500723][T28459]  kmem_cache_alloc_noprof+0x50/0x310
[  454.500754][T28459]  ? vm_area_dup+0x32/0x230
[  454.500780][T28459]  vm_area_dup+0x32/0x230
[  454.500802][T28459]  __split_vma+0xe9/0x610
[  454.500828][T28459]  ? should_fail_ex+0x30/0x280
[  454.500864][T28459]  vms_gather_munmap_vmas+0x172/0x7a0
[  454.500888][T28459]  ? mas_find+0x515/0x610
[  454.500919][T28459]  mmap_region+0x44f/0x1470
[  454.500944][T28459]  ? mntput_no_expire+0x6f/0x3d0
[  454.500997][T28459]  do_mmap+0x9d0/0xc10
[  454.501042][T28459]  __se_sys_remap_file_pages+0x55e/0x600
[  454.501092][T28459]  ? fput+0x8f/0xc0
[  454.501121][T28459]  __x64_sys_remap_file_pages+0x67/0x80
[  454.501164][T28459]  x64_sys_call+0x2c64/0x2fb0
[  454.501188][T28459]  do_syscall_64+0xd2/0x200
[  454.501219][T28459]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  454.501253][T28459]  ? clear_bhb_loop+0x40/0x90
[  454.501280][T28459]  ? clear_bhb_loop+0x40/0x90
[  454.501306][T28459]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  454.501332][T28459] RIP: 0033:0x7fc6dc66e969
[  454.501347][T28459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  454.501365][T28459] RSP: 002b:00007fc6dacd7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d8
[  454.501388][T28459] RAX: ffffffffffffffda RBX: 00007fc6dc895fa0 RCX: 00007fc6dc66e969
[  454.501405][T28459] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000200000800000
[  454.501421][T28459] RBP: 00007fc6dacd7090 R08: 0000000000000000 R09: 0000000000000000
[  454.501437][T28459] R10: 0000000000000600 R11: 0000000000000246 R12: 0000000000000001
[  454.501452][T28459] R13: 0000000000000000 R14: 00007fc6dc895fa0 R15: 00007fff1a17cc28
[  454.501479][T28459]  </TASK>
[  454.508964][T28465] loop0: detected capacity change from 0 to 512
[  454.830123][T28465] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  454.848336][T28465] ext4 filesystem being mounted at /482/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  454.863696][T28465] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12 sclass=netlink_route_socket pid=28465 comm=syz.0.5144
[  454.879806][T28465] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12 sclass=netlink_route_socket pid=28465 comm=syz.0.5144
[  454.985812][T17415] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  455.100939][T28525] loop5: detected capacity change from 0 to 1024
[  455.129179][T28525] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  455.151296][T28525] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.5159: Allocating blocks 497-513 which overlap fs metadata
[  455.170767][T28524] EXT4-fs (loop5): pa ffff8881058c2a80: logic 128, phys. 273, len 15
[  455.178948][T28524] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  455.229436][T15798] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  455.885660][T28617] loop1: detected capacity change from 0 to 256
[  455.895607][T28617] FAT-fs (loop1): bogus sectors per cluster 0
[  455.902499][T28617] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; no bootstrapping code
[  455.912245][T28617] FAT-fs (loop1): Can't find a valid FAT filesystem
[  455.967939][T28625] loop2: detected capacity change from 0 to 512
[  455.989679][T28625] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  456.004416][T28625] ext4 filesystem being mounted at /495/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  456.029406][T28625] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12 sclass=netlink_route_socket pid=28625 comm=syz.2.5166
[  456.030174][T28637] FAULT_INJECTION: forcing a failure.
[  456.030174][T28637] name failslab, interval 1, probability 0, space 0, times 0
[  456.054697][T28637] CPU: 0 UID: 0 PID: 28637 Comm: syz.0.5168 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  456.054735][T28637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  456.054825][T28637] Call Trace:
[  456.054833][T28637]  <TASK>
[  456.054842][T28637]  __dump_stack+0x1d/0x30
[  456.054873][T28637]  dump_stack_lvl+0xe8/0x140
[  456.054901][T28637]  dump_stack+0x15/0x1b
[  456.054926][T28637]  should_fail_ex+0x265/0x280
[  456.054984][T28637]  should_failslab+0x8c/0xb0
[  456.055081][T28637]  kmem_cache_alloc_node_noprof+0x57/0x320
[  456.055116][T28637]  ? __alloc_skb+0x101/0x320
[  456.055219][T28637]  __alloc_skb+0x101/0x320
[  456.055276][T28637]  ? audit_log_start+0x365/0x6c0
[  456.055401][T28637]  audit_log_start+0x380/0x6c0
[  456.055450][T28637]  audit_seccomp+0x48/0x100
[  456.055488][T28637]  ? __seccomp_filter+0x68c/0x10d0
[  456.055525][T28637]  __seccomp_filter+0x69d/0x10d0
[  456.055559][T28637]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  456.055713][T28637]  ? vfs_write+0x75e/0x8e0
[  456.055871][T28637]  ? __rcu_read_unlock+0x4f/0x70
[  456.055967][T28637]  ? __fget_files+0x184/0x1c0
[  456.056011][T28637]  __secure_computing+0x82/0x150
[  456.056043][T28637]  syscall_trace_enter+0xcf/0x1e0
[  456.056085][T28637]  do_syscall_64+0xac/0x200
[  456.056178][T28637]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  456.056226][T28637]  ? clear_bhb_loop+0x40/0x90
[  456.056254][T28637]  ? clear_bhb_loop+0x40/0x90
[  456.056340][T28637]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  456.056438][T28637] RIP: 0033:0x7febb529e969
[  456.056458][T28637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  456.056489][T28637] RSP: 002b:00007febb3907038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
[  456.056573][T28625] ==================================================================
[  456.056507][T28637] RAX: ffffffffffffffda RBX: 00007febb54c5fa0 RCX: 00007febb529e969
[  456.056601][T28637] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 00002000007d8000
[  456.056616][T28637] RBP: 00007febb3907090 R08: 0000000000000000 R09: 0000000000000000
[  456.056633][T28637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  456.056650][T28637] R13: 0000000000000000 R14: 00007febb54c5fa0 R15: 00007fff6172a768
[  456.056677][T28637]  </TASK>
[  456.284889][T28625] BUG: KCSAN: data-race in data_alloc / prb_reserve
[  456.291517][T28625] 
[  456.293842][T28625] write to 0xffffffff868842f0 of 8 bytes by task 28637 on cpu 0:
[  456.301560][T28625]  data_alloc+0x27d/0x2b0
[  456.305909][T28625]  prb_reserve+0x808/0xaf0
[  456.310344][T28625]  vprintk_store+0x56d/0x860
[  456.314948][T28625]  vprintk_emit+0x178/0x650
[  456.319460][T28625]  vprintk_default+0x26/0x30
[  456.324058][T28625]  vprintk+0x1d/0x30
[  456.327968][T28625]  _printk+0x79/0xa0
[  456.331879][T28625]  show_opcodes+0xfe/0x120
[  456.336306][T28625]  show_iret_regs+0x12/0x40
[  456.340826][T28625]  __show_regs+0x2a/0x440
[  456.345165][T28625]  show_trace_log_lvl+0x423/0x560
[  456.350200][T28625]  __dump_stack+0x1d/0x30
[  456.354540][T28625]  dump_stack_lvl+0xe8/0x140
[  456.359139][T28625]  dump_stack+0x15/0x1b
[  456.363304][T28625]  should_fail_ex+0x265/0x280
[  456.367998][T28625]  should_failslab+0x8c/0xb0
[  456.372592][T28625]  kmem_cache_alloc_node_noprof+0x57/0x320
[  456.378415][T28625]  __alloc_skb+0x101/0x320
[  456.382843][T28625]  audit_log_start+0x380/0x6c0
[  456.387625][T28625]  audit_seccomp+0x48/0x100
[  456.392141][T28625]  __seccomp_filter+0x69d/0x10d0
[  456.397087][T28625]  __secure_computing+0x82/0x150
[  456.402035][T28625]  syscall_trace_enter+0xcf/0x1e0
[  456.407073][T28625]  do_syscall_64+0xac/0x200
[  456.411597][T28625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  456.417503][T28625] 
[  456.419830][T28625] read to 0xffffffff868842f0 of 8 bytes by task 28625 on cpu 1:
[  456.427463][T28625]  prb_reserve+0x221/0xaf0
[  456.431899][T28625]  vprintk_store+0x56d/0x860
[  456.436495][T28625]  vprintk_emit+0x178/0x650
[  456.441006][T28625]  vprintk_default+0x26/0x30
[  456.445605][T28625]  vprintk+0x1d/0x30
[  456.449524][T28625]  _printk+0x79/0xa0
[  456.453436][T28625]  selinux_netlink_send+0x583/0x5f0
[  456.458737][T28625]  security_netlink_send+0x40/0x80
[  456.463865][T28625]  netlink_sendmsg+0x498/0x6b0
[  456.468641][T28625]  __sock_sendmsg+0x145/0x180
[  456.473361][T28625]  ____sys_sendmsg+0x345/0x4e0
[  456.478146][T28625]  ___sys_sendmsg+0x17b/0x1d0
[  456.482839][T28625]  __sys_sendmmsg+0x178/0x300
[  456.487530][T28625]  __x64_sys_sendmmsg+0x57/0x70
[  456.492398][T28625]  x64_sys_call+0x2f2f/0x2fb0
[  456.497093][T28625]  do_syscall_64+0xd2/0x200
[  456.501622][T28625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  456.507528][T28625] 
[  456.509852][T28625] value changed: 0x0000000000019610 -> 0x00000000000c15d0
[  456.516962][T28625] 
[  456.519286][T28625] Reported by Kernel Concurrency Sanitizer on:
[  456.525438][T28625] CPU: 1 UID: 0 PID: 28625 Comm: syz.2.5166 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  456.537596][T28625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  456.547660][T28625] ==================================================================
[  456.056442][T28625] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12 sclass=netlink_route_socket pid=28625 comm=syz.2.5166
[  456.563427][T28641] __nla_validate_parse: 3 callbacks suppressed
[  456.563449][T28641] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5166'.
[  456.624359][T17500] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.