last executing test programs:

4m0.688103026s ago: executing program 4 (id=28):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000104a5270b7357000000925e4a44", @ANYRES32, @ANYBLOB="0dfa130016000000240012000c00010000000000000000000c0002f6080000000118000008"], 0x44}}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={r0, 0x7, 0x104, 0xfffffffe})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x48}, 0x1, 0x0, 0x0, 0x20004810}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x60)

4m0.595405155s ago: executing program 4 (id=30):
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f00000006c0)=@req={0x28, &(0x7f0000000440)={'team0\x00', @ifru_settings={0x1, 0x7, @cisco=0x0}}})
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {0x0}, {&(0x7f0000000580)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/141, 0x8d}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000600)=""/191, 0xbf}, 0x5}], 0x1, 0x2000, &(0x7f0000003700)={0x77359400})

4m0.536706051s ago: executing program 4 (id=32):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000010000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x18)
epoll_create1(0x80000)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x6}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x5, &(0x7f0000000180)={0x0, 0x1, 0x86, 0x80000000})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r4, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYRES32=r5, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x5, &(0x7f0000000140)=<r7=>0x0)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
io_submit(r7, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, r6, &(0x7f0000000040)="0200ffff0000", 0x6}])
r8 = socket(0x27, 0x4, 0x0)
r9 = socket(0x200000000000011, 0x2, 0xd)
bind$packet(r9, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x2, 0x1, 0x0, 0x1, 0x4f}, @jmp={0x5, 0x0, 0x9, 0x0, 0x6, 0xfffffffffffffe88}], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
syz_genetlink_get_family_id$mptcp(0x0, r8)
socket(0x1e, 0x4, 0x0)

4m0.429429912s ago: executing program 4 (id=36):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)=ANY=[@ANYRES16], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x2fb2ab0d}, 0x18)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001700)=ANY=[@ANYBLOB="160000000000000061b1000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2, <r3=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000340)=r2, 0x4)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000040)={r3, 0x0, 0x0, 0x4}, 0x20)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0xab101a, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000040340000000000000800000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000357500007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r8}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r9}, 0x18)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x18, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x18)
r10 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0xf96d, 0x3010, 0x4, 0xe6}, &(0x7f0000000040)=<r11=>0x0, &(0x7f0000000080)=<r12=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r11, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r11, r12, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r4, 0x0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0xe8}, 0x0, 0x24040092, 0x1})
io_uring_enter(r10, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
umount2(&(0x7f0000000340)='./file0/file0\x00', 0x1)
r13 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00', 0xa02, 0xc1)
sendfile(r13, r13, 0x0, 0xf2)

4m0.128156882s ago: executing program 4 (id=43):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1f, 0xb, &(0x7f0000000a40)=ANY=[@ANYRES16=<r2=>r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x61, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='xen_mc_callback\x00', r1, 0x0, 0x1}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64fdec850000007d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="060000"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r4}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r5}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000240)=@ethtool_flash={0x33, 0x0, './file0\x00'}})
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00', <r8=>0x0})
r9 = openat$selinux_status(0xffffffffffffff9c, &(0x7f00000007c0), 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=r3, @ANYBLOB="ed738a5100"/20, @ANYRES32=r8, @ANYRES32=r9, @ANYBLOB="01000000040000000300"/28], 0x50)
openat$rtc(0xffffffffffffff9c, &(0x7f00000006c0), 0x20000, 0x0)
ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000700)={0x37, 0x17, 0xf, 0xc, 0x7, 0x7, 0x5, 0x10a, 0x1})
sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a40)=@newtaction={0x90, 0x30, 0xb, 0x0, 0x0, {}, [{0x7c, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0x80006}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}, @m_pedit={0x30, 0x2, 0x0, 0x0, {{0xa}, {0x4, 0x20}, {0x4}, {0xc}, {0xc}}}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x4004044}, 0x0)
r10 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r10, &(0x7f0000000000)={0x500, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="020200090f000000000000000000000005000600000000000a0000000000000000000000000000000000000000000000000000000000000002000100000004d20000020300000020050005002f8000000a00000000000000ff0100000000000000000000000000010000000000000000010018"], 0x78}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=ANY=[@ANYBLOB="4400000010000b042bbd70000005000000000000", @ANYBLOB="f7bed89a4a361b2e1bfed4ae06447151bc750080fb8a1d13a806f62bfee6b2e3", @ANYRESHEX=r9], 0x44}}, 0x0)
openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ptrace(0x10, r0)

3m57.907923905s ago: executing program 4 (id=77):
bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000480)='kfree\x00', r0, 0x0, 0x2}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="8b33000000000000000005000000080003"], 0x1c}}, 0x0) (fail_nth: 1)

3m57.893703056s ago: executing program 32 (id=77):
bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000480)='kfree\x00', r0, 0x0, 0x2}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="8b33000000000000000005000000080003"], 0x1c}}, 0x0) (fail_nth: 1)

3.080105791s ago: executing program 1 (id=4219):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7f, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000001640)=@mangle={'mangle\x00', 0x44, 0x6, 0x408, 0x2a8, 0x98, 0x2a8, 0x130, 0x1f0, 0x370, 0x370, 0x370, 0x370, 0x370, 0x6, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x11, 0x0, 0x69}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@ttl={{0x28}, {0x2, 0xa}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@loopback, @empty, 0x0, 0x0, 'syzkaller0\x00', 'dvmrp1\x00', {}, {}, 0x6}, 0x0, 0x70, 0xb8}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x1, 0x3, {0x5}}}}, {{@ip={@broadcast, @dev={0xac, 0x14, 0x14, 0x18}, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x98, 0xc8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xc}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x468)

1.667962723s ago: executing program 3 (id=4244):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)

1.629374506s ago: executing program 3 (id=4245):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1da2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={r0, 0xffffffffffffffff, 0x2e, 0x4608, @void}, 0x10)

1.59363026s ago: executing program 3 (id=4246):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$rds(0x15, 0x5, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x3, &(0x7f0000000540)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe00}}, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d8729fb}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./file1\x00', 0x844, &(0x7f0000000bc0)=ANY=[], 0x5, 0x267, &(0x7f0000000740)="$eJzs3b9rVFkUAOAzmcmvbSYsCwvLLjuwLGw1JIHtsyy7bNigYhgkIsGJmUjIhICBgBZJrAQrG0vLdBFBCzv9HwQbG7ERS9NZSJ4kL0xmzEQTMfMk833NPbx7znv33vDeyxRz5/LPiwuzS8tzW1uvY2AgF4Wxq9tJkouh6Il8pNYDADhN3iVJvE1SWY8FAOgM738A6D6Hvf//60nb3rQ5l8XYAICT8eWf/+9OPXlZrY39eYTUpL8Rvpg+/hgBgK9rcuri/9tPfx8cj0d3IhZvrVRWKmmb9v81F/NRj1oMRzHeRyQNafzv+MQ/w6UdgxGVxbW9+rWVSr61fiSKMRRx4czB+pFSqrW+N75rrh+NYvzQ/vqjbev74o/fmurLUYxnV2Ip6jG78y9JU/3qSKn099mJj+r7d/NiI5/p3wcAAAAAAAAAAAAAAAAAAAAAgNOpXGoYard/T7l8WH9af/T9gfb357m9W1+InwpxM9vZAwAAAAAAAAAAAAAAAAAAwLdh+fqNhWq9XrvWCGbOz3/feuRzQa5NV37v/Mc5T9cEOwtzgpf4NSJOehYPN2vPN6YvTWa/mB0M2q/qg8wHNvOJnJ6I2A1+vDdWfbz66s3BnFhvupcL6X1bradtX/PDotThhxMAAAAAAAAAAAAAAAAAAHSZ/a8BH5aRdHZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJCB/d//P3bQ1ziyOZierNH1y0Bzctp5v+W6ufUMJgsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNf6EAAA//9rIKjm")
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000180)=<r8=>0x0)
kcmp$KCMP_EPOLL_TFD(r3, r8, 0x7, r2, &(0x7f00000001c0)={r5, r1, 0x800})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0xa4)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r10}, 0x18)
unshare(0x64000680)

1.006217479s ago: executing program 3 (id=4248):
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000140)={0x0, 0x0, <r1=>0x0}, &(0x7f00000001c0)=0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000004c0)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid={'dfltgid', 0x3d, r1}}]}})

952.059155ms ago: executing program 3 (id=4251):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x4, 0xf1, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r2}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x80049367, 0x0)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@version_u}]}})
ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f0000000180)=""/89)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$SIOCGIFHWADDR(r5, 0x8927, &(0x7f00000004c0)={'syzkaller1\x00'})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000003c0)='mm_page_alloc\x00', r6, 0x0, 0xffffffffffffffff}, 0x18)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)

899.25752ms ago: executing program 0 (id=4255):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file1\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
fstat(r0, &(0x7f00000000c0))
io_submit(0x0, 0x1, &(0x7f0000000000)=[&(0x7f0000000080)={0x0, 0x0, 0x10, 0x7, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}])
r1 = open(&(0x7f0000000140)='./file1\x00', 0x66842, 0x21)
ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000080)=ANY=[])
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'macsec0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x2000, {0x0, 0x0, 0x74, r2, {0xfffd, 0x2}, {0x10, 0xfff1}, {0xfff2, 0xffff}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x14004804}, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0)

802.335719ms ago: executing program 2 (id=4257):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xf7, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002d00)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x800)
recvmmsg(r0, &(0x7f0000000780)=[{{0x0, 0xa6ff, &(0x7f0000000340)=[{&(0x7f0000001180)=""/4096}, {&(0x7f0000000440)=""/128}], 0x0, &(0x7f00000004c0)=""/193}, 0x7f}, {{&(0x7f00000005c0)=@in, 0x0, &(0x7f0000000700)=[{&(0x7f0000000640)=""/35}, {&(0x7f0000000680)=""/127}], 0x0, &(0x7f0000000740)=""/23}, 0x3}], 0x400000000000054, 0x40012100, 0x0)

776.760622ms ago: executing program 0 (id=4258):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1f, 0xb, &(0x7f0000000a40)=ANY=[@ANYRES16=<r0=>0xffffffffffffffff], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x61, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x5, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="1808000000000000000000000000050000000000050000009500000000000000"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000240)=@ethtool_flash={0x33, 0x0, './file0\x00'}})
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00', <r5=>0x0})
r6 = openat$selinux_status(0xffffffffffffff9c, &(0x7f00000007c0), 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=r1, @ANYBLOB="ed738a5100"/20, @ANYRES32=r5, @ANYRES32=r6, @ANYBLOB="01000000040000000300"/28], 0x50)
openat$rtc(0xffffffffffffff9c, &(0x7f00000006c0), 0x20000, 0x0)
ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000700)={0x37, 0x17, 0xf, 0xc, 0x7, 0x7, 0x5, 0x10a, 0x1})
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x4004044}, 0x0)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000000)={0x500, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="020200090f000000000000000000000005000600000000000a0000000000000000000000000000000000000000000000000000000000000002000100000004d20000020300000020050005002f8000000a00000000000000ff0100000000000000000000000000010000000000000000010018"], 0x78}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=ANY=[@ANYBLOB="4400000010000b042bbd70000005000000000000", @ANYBLOB="f7bed89a4a361b2e1bfed4ae06447151bc750080fb8a1d13a806f62bfee6b2e3", @ANYRESHEX=r6], 0x44}}, 0x0)
openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ptrace(0x10, 0x0)

708.670699ms ago: executing program 3 (id=4260):
socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, 0x0, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000280)={'sit0\x00', &(0x7f0000000180)={'syztnl2\x00', <r0=>0x0, 0x40, 0x1, 0x2, 0x7fff, {{0x9, 0x4, 0x2, 0x0, 0x24, 0x67, 0x0, 0xec, 0x2f, 0x0, @empty, @empty, {[@generic={0x44, 0x10, "4ee655674fe72c09c1d7d3225bc4"}]}}}}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={&(0x7f0000000300), 0xa}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x1001, 0x0, 0x6}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r3, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)

646.830295ms ago: executing program 0 (id=4261):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)=ANY=[@ANYBLOB="240000003f000500000000000000df25047c0000040000000c0001"], 0x24}, 0x1, 0x0, 0x0, 0x48800}, 0x0)

627.600777ms ago: executing program 5 (id=4262):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000004c0)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}]}})

594.82805ms ago: executing program 0 (id=4263):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x2040400)
sendmsg$nl_generic(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)=ANY=[@ANYBLOB="240000003f000500000000000000df25047c0000040000000c0001"], 0x24}, 0x1, 0x0, 0x0, 0x48800}, 0x0)

573.010002ms ago: executing program 5 (id=4264):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff0000f139bd156013c4f3aa1d9e9156e7500000bfa20000000000000702b704000000000000850000000300000095000000000000008b0e13cefddf107615727d7c138b83f395bec49f4b1a0ffabd06724e52f737e48c7da07bffd8e4e4bd0dbeca2a24dc0d9275b43e448b4e07357696067983968e1ad3f610ce56af4f76d550fcc8f88c8a13e5dd8fdc63f38f06117ef1d9a044350bb06f0c653393fb594c4a8b6baa90d2399784d6585fab589a80e8ff0921d58ee3a81fd3cbc370473251791de7293adaa87221833c4fdcb8704318ddbb0cb9998ee03fef9921fe0c0e041019fdf2adab607a1bb19bc58ca57abf4c2391562e069b2874188b045f1876006c2688a71e2a1d9eab5353b401c6bd081ac515a841c70200523ef9e339156001175e936d86db6ab98f687622bbc193e5a4c86ab9cecddacec13c36eff8614eb810b44c9924d0cc"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b00000007000000010001000800000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000900000000000000000000000000000000000000000010"], 0x48)
r2 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xd3, 0x1, 0x0, 0x0, 0x0, 0xf, 0x9211, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={0x0, 0xc}, 0x14ce3, 0x100004, 0x0, 0x2, 0x6, 0xffffffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000000, 0x11, r2, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x8088e3ad132bc192, 0x4002011, r2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000005a0000008500000022000000180100002020702500000000002020200100000000000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="d37a6d95c19185020000010000000000000001410001001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20010014)
close(r4)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x1c, r10, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4008084}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_GET_SURVEY(r8, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0x1c, r10, 0x100, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r11}, @void}}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x4000040)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r7}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r12}, 0x18)

536.971316ms ago: executing program 0 (id=4265):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'team0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001f00)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x2000, {0x0, 0x0, 0x74, r1, {0xffe0, 0xd}, {0x0, 0x4}, {0x6, 0x3}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x1400c805}, 0x20044020)

490.99905ms ago: executing program 1 (id=4266):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="180000000016000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0x7ffc0002}]})
finit_module(0xffffffffffffffff, 0x0, 0x7)

464.953003ms ago: executing program 1 (id=4267):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ftruncate(0xffffffffffffffff, 0xc17a)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$UHID_CREATE2(r3, 0x0, 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r3, 0x0)
writev(r1, &(0x7f0000000100)=[{&(0x7f0000000080)="2e9b5b0007e03dd65193dfb6c575963f86", 0x11}, {&(0x7f0000000200)="b7c7040000000000000000d1dd0fccd5de05", 0x12}, {&(0x7f0000000580)="d2f253697e7edbd33bff104b5a800196b62feb20982a50e789da13166fd9ed1554dc012f072bff0f6f7201b1e39a2a06e791871a8693523d87de757d02cc8c06e955d1f53187e6d10108a4aa4abb5940f44521fdc744ae56cc4b8798df345c5ae763d20fc16dea5f27557ab33d933b7e02512bd3e1850b9c02b9ac809a6a233346110eedd778e41538f4fa6901edb005c45aa2c93d7752eb02bccc7cee0db3cb054e819944828c79cb4d9cc9e01f89c0796a0800013dc79413d33cdbf4cf17b0ac2f6c5c84730a7ae67b6c3b4f236fe27e07de4a80bf20d89d36389a8ef7ac9e355479f03b5bfdc8b1b318aa097f02be662d4eb2f309b443c003402ba1875b0638e359880f22930c09e3b6a33cfb47c5dab2cf5e27f6429643baec2a1508503bc5a9330e3a3533ee5161d75cb38efc904dc6897194089a7aad6606efeab062d0d4534d80132651f06219549c72bd971bc2471fee77557478b73981fec11727e39d51e6a9ff3edf20a58daab264cde0dccd5989cca1efd3f90bee13b23367b318233cf10f28a1bb36b1f891be57bd2863827403721f7de2479a81323a8a821c00fed5ef9c97f478bf1e14bb86e8fbc8fd0dd396a8d22c8dd73acb87d30446e7bb6d943f844c0971bc4b17ccd7950b5215fd284c12bb3596985be18b63bf4061f6524a9123fc52709a359a5b2227b32d7946c1a3f9ab1d667d44bd18bfaabf00f3886c0372c849a25baafa9ef6677050f68939b9b1a448ac9e4e593c366c372f588877651bb658a9ea4c520b3ce2abcb882d4e8c7233dc914a9246f281da9e5b292d809b4587083b5c44cc890c0c1800e6022398ffaceb60e4f50670d91d3067690e15b09e6d5328af78c884dc7fc3aede1288727ed34f2669fbb8a41a8c51e235b8cf8990f7a1fe436c0da0f74d5e6e9aaaaa5677a37bde42142675948ae3c312b8546934fa064ee34f3f2b7cf5e4c311461fd2b6e0454a440aa5ad9abb4555af60dfe25716bd8cb42db57ec5663fc5ea0c9967200a57a67476f8986642b83f99270c16248a9f4bce8d564a8d5170462550f414cf9b4f3e725702174a2fda7e33c7c75ae77c389732cae187f8de3480795d916c05b090ddb62fe6d592c67e21fc25f5963d25aec39219bb948b5adc1aad5f66c2e5dad631462184ec9a338f4a00dda73fc7ce31a442feabf1fc01dd5dc2567c338e4f3c4bfc5f85f82b94671e39c95baba82140f76ac7acaaacd564f5421cdd73d794afea6c6a65f29ae4cffe74884697adb4073e78cad21458a888e230fb42411d99911baba972fd8aa7af2e42eef82a6a9ef46b405c68c3e85221ff8559d843e18a6f7f061cd03ded941dc761622cc9d1f5c065efd2b55711679b212309e9ac8447eab697a34168b12c1a58e826fea890c2c58e576c08b6ef246b1cc10d2b7f35a26ce6e550bf91d5106e7144fa3f90abc3140e5d8712880046f8d88c075d702d", 0x414}], 0x3)

407.576889ms ago: executing program 2 (id=4268):
syz_open_dev$hidraw(&(0x7f0000000600), 0x9, 0x8000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r0 = gettid()
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
rt_sigqueueinfo(r0, 0x21, &(0x7f0000000000))

393.060481ms ago: executing program 5 (id=4269):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) (async)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
ioctl$BTRFS_IOC_BALANCE_CTL(r0, 0x40049421, 0x2) (async)
close_range(r1, 0xffffffffffffffff, 0x200000000000000)

383.222431ms ago: executing program 0 (id=4270):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000180000", @ANYRES32=0x0, @ANYBLOB], 0x0, 0x6, 0x0, 0x0, 0x40f00, 0xaf, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_open_procfs(0x0, 0x0)
getdents(r1, &(0x7f0000000dc0)=""/4106, 0x100a)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r2 = epoll_create1(0x80000)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f00000000c0)={0xe000001a})
finit_module(r3, 0x0, 0x3)
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, 0x0)

362.452073ms ago: executing program 5 (id=4271):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=@newlink={0x20, 0x10, 0x437, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x20c89}}, 0x20}, 0x1, 0x0, 0x0, 0x20008800}, 0x20000000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_local\x00', r2, 0x0, 0x80000001}, 0x18)
r3 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0x4000000)

361.544193ms ago: executing program 1 (id=4272):
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x6, [@var={0x4, 0x0, 0x0, 0xe, 0x3}, @ptr={0x0, 0x0, 0x0, 0xa}, @ptr={0x0, 0x0, 0x0, 0x2, 0x4}, @volatile={0x0, 0x0, 0x0, 0xb, 0x2}]}, {0x0, [0x0, 0x0, 0x0, 0x61]}}, 0x0, 0x52}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xbc0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r1}, 0x18)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x34, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x1}, 0x0, 0x40000000})
r2 = syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x59c4, 0x800, 0x1000, 0x5cc}, &(0x7f0000000300)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, r2})
io_uring_enter(r2, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)

347.909675ms ago: executing program 5 (id=4273):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r0 = perf_event_open(&(0x7f0000000500)={0x0, 0x80, 0x28, 0x1, 0x0, 0x7f, 0x0, 0x9, 0x640bd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x0, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x63a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0xffffffff, 0x0, 0x2007}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000440)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0b000000010000000004000009000000019e9cb03a57258b9cbf97387db37e44d1b1108111443c3421dc47c5663bb271187df95f070000002289301bb58ccdc9f131631164f9171b954216c2c762609eb8d72975fc244eb4c6fd4eb9d728f70aa6a2944fda17e298cc01b9fc9295287884dc88ae57280c2381d5f266b18d056ab702172a4699380456faf8680961839b4a9a353457d51e25e45aa7c003b1b6"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="050000000c0000004300000040000000c0000000", @ANYRES32=0x1, @ANYRES8=r2, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000ff7f000000006b3dfd998cafb641f3df977aec7f86136f0f97aff6f79084448248adbdf9b3bb47315d5432e418a2da1dc70c4406d0bb7c5e640f41e780b4ee1d248ed2d0c5e94766684a4fe97d85793c987498d281ceee607cb4dbcdfdd088ad0468b593c034ebfc98dd63addebf5c087e808612254a1cb7d87050b896fbbddc07a2d5754c8e76f2715a6c2b7ca7c3fc63a30ad822"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="160000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000680)=ANY=[], 0x0, 0x7, 0x0, 0x0, 0x0, 0x72}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r3}, 0x9)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0xff, 0x7ffc1ffd}]})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x800001}, 0x1c)
pivot_root(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00')
listen(r5, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000300)='swiotlb_bounced\x00', r6}, 0x18)
clock_nanosleep(0x2, 0x0, &(0x7f0000000180)={0x0, 0x3938700}, 0x0)
syz_read_part_table(0x4097, &(0x7f00000040c0)="$eJzsz7FN61AYBeDjxE5elCdFUFAioKF1FsgWWQchWIIOiTLDsANDUNBg5FwcZ4EIhL6v8Dn2//tKN/yo17FWSZ727a0+fOhNxpqcl5gnZ0murvPYtsm/eZJ1Gd0fdpu0627VH/A/Sf0y6aer+nu6TLa7094OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4TaqxPi9Lzkt8JJkeL3RHu4skd5uL2+H9oUmzuayGf/cms+H82bR/fnZFku3udDcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6gqi7ZLPLe582y/mJ/jm0YhIEwjF5iWwlLULMQS7B/Q3VIiIMJ6N7r/Ptz4bpqMT1dZuZvafd5zJ8xKv3X2uOatnoT/XvmVewZa773HQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBgBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwQAIAAAAg6P/rdgQKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEMBAAD//33UI0E=")
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
fadvise64(r6, 0x45, 0x80000001, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
mq_open(&(0x7f0000000000)='kfree\x00', 0x40, 0x11, &(0x7f0000000040)={0x0, 0x3, 0x0, 0xe83a})

205.129229ms ago: executing program 2 (id=4274):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)=ANY=[@ANYBLOB="240000003f000500000000000000df25047c0000040000000c0001"], 0x24}, 0x1, 0x0, 0x0, 0x48800}, 0x0)

165.779433ms ago: executing program 1 (id=4275):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b00000007000000010001000800000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000900000000000000000000000000000000000000000010"], 0x48)
r1 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xd3, 0x1, 0x0, 0x0, 0x0, 0xf, 0x9211, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={0x0, 0xc}, 0x14ce3, 0x100004, 0x0, 0x2, 0x6, 0xffffffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000000, 0x11, r1, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x8088e3ad132bc192, 0x4002011, r1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000005a0000008500000022000000180100002020702500000000002020200100000000000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="d37a6d95c19185020000010000000000000001410001001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20010014)
close(r3)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x1c, r7, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4008084}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0x1c, r7, 0x100, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r8}, @void}}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x4000040)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00'}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x18)

160.805504ms ago: executing program 2 (id=4276):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a03000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000180003801400020000007468305f746f5f68737200000000080002"], 0xe8}}, 0x0)

115.413268ms ago: executing program 2 (id=4277):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x4, 0xf1, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r2}, 0x10)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x80049367, &(0x7f0000000200))
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@version_u}]}})
ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f0000000180)=""/89)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$SIOCGIFHWADDR(r5, 0x8927, &(0x7f00000004c0)={'syzkaller1\x00'})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000003c0)='mm_page_alloc\x00', r6, 0x0, 0xffffffffffffffff}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)

114.445918ms ago: executing program 2 (id=4278):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@dev, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
sched_setaffinity(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = creat(&(0x7f0000000000)='./bus\x00', 0xd931d3864d39ddd8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$KDGKBDIACR(r3, 0x4bfa, &(0x7f0000002f80)=""/61)
r4 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r4, &(0x7f0000004200)='t', 0x1)
sendfile(r4, r2, 0x0, 0x3ffff)
sendfile(r4, r2, 0x0, 0x7ffff000)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="bbbbbbbbbbb900000010000086dd6100000000103afffe80000000000000000000000000000016dd1d23000000000186060000002d06365b4f61e10000001000000000"], 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x99ec}, 0x94)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000003c0)=@filter={'filter\x00', 0x42, 0x4, 0x298, 0xffffffff, 0x168, 0x98, 0x98, 0xffffffff, 0xffffffff, 0x200, 0x200, 0x200, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x3e020000, 0x70, 0x98, 0x0, {0x88000000}}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x4}}}, {{@uncond, 0x0, 0x70, 0xd0, 0x0, {0x122}}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, {0x0, [0x0, 0x0, 0x0, 0x1]}}}}, {{@ip={@rand_addr=0x64010101, @empty, 0xffffffff, 0xffffffff, 'batadv_slave_1\x00', 'veth1_to_batadv\x00', {0xff}, {}, 0x4, 0x2, 0x47}, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x6}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2f8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r6, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x0, 0x353a, 0x1}}, 0x20)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace000000000000"], 0x0)
bind$bt_hci(r5, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x4, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r8)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newtfilter={0x48, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {}, {0xd, 0xfff1}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x18, 0x2, [@TCA_CGROUP_EMATCHES={0x14, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0xc, 0x1, 0x0, 0x0, {{0x3, 0x9, 0x80}}}]}]}]}}]}, 0x48}}, 0x1)
socket$netlink(0x10, 0x3, 0x0)

31.950506ms ago: executing program 1 (id=4279):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xf7, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002d00)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x800)
recvmmsg(r0, &(0x7f0000000780)=[{{0x0, 0xa6ff, &(0x7f0000000340)=[{&(0x7f0000001180)=""/4096}, {&(0x7f0000000440)=""/128}], 0x0, &(0x7f00000004c0)=""/193}, 0x7f}, {{&(0x7f00000005c0)=@in, 0x0, &(0x7f0000000700)=[{&(0x7f0000000640)=""/35}, {&(0x7f0000000680)=""/127}], 0x0, &(0x7f0000000740)=""/23}, 0x3}], 0x400000000000054, 0x40012100, 0x0)

0s ago: executing program 5 (id=4280):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r6, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000380)={0x28, r7, 0x1, 0x0, 0x25dfdbff, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}]}, 0x28}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
ioctl$TCSETS(r8, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x83, "00000000000000000000ffff00"})
r9 = syz_open_pts(r8, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000040)=0x8000, 0x4)
close_range(r8, r9, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000005c40), 0x403f, 0x0)

kernel console output (not intermixed with test programs):

gth.
[  232.272070][T19197] SELinux: failed to load policy
[  232.288085][T17442] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.312416][T19204] SELinux:  policydb magic number 0x2 does not match expected magic number 0xf97cff8c
[  232.322132][T19204] SELinux: failed to load policy
[  232.343072][T19206] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  232.351898][T19206] ref_ctr increment failed for inode: 0x22b offset: 0x4 ref_ctr_offset: 0x2 of mm: 0xffff88810005d080
[  232.426977][   T29] audit: type=1326 audit(1763400663.036:11003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19210 comm="syz.1.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  232.450631][   T29] audit: type=1326 audit(1763400663.036:11004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19210 comm="syz.1.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  232.474382][   T29] audit: type=1326 audit(1763400663.036:11005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19210 comm="syz.1.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  232.854192][T19232] loop3: detected capacity change from 0 to 512
[  232.869468][T19232] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.3642: inode has both inline data and extents flags
[  232.892007][T19232] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.3642: couldn't read orphan inode 15 (err -117)
[  232.911099][T19232] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.010168][T19223] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3639'.
[  233.110867][T19235] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  233.120712][T19235] SELinux: failed to load policy
[  233.149661][T19228] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  233.485294][T17844] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.519585][T19255] netlink: 'syz.3.3650': attribute type 1 has an invalid length.
[  233.550806][T19244] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  233.565875][T19259] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  233.574605][T19259] ref_ctr increment failed for inode: 0x1f6 offset: 0x4 ref_ctr_offset: 0x2 of mm: 0xffff88810005b3c0
[  233.611430][T19265] netlink: 'syz.2.3656': attribute type 1 has an invalid length.
[  233.646240][T19267] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  233.656155][T19267] SELinux: failed to load policy
[  233.658854][T19268] loop3: detected capacity change from 0 to 512
[  233.678121][T19268] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.3655: couldn't read orphan inode 26 (err -116)
[  233.694150][T19268] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.706793][T19268] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  233.739472][T19279] loop5: detected capacity change from 0 to 512
[  233.747385][T19279] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.3661: inode has both inline data and extents flags
[  233.760784][T19279] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.3661: couldn't read orphan inode 15 (err -117)
[  233.773105][T19279] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.900370][T17442] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.915008][T19286] FAULT_INJECTION: forcing a failure.
[  233.915008][T19286] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  233.928418][T19286] CPU: 1 UID: 0 PID: 19286 Comm: syz.5.3663 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  233.928477][T19286] Tainted: [W]=WARN
[  233.928481][T19286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  233.928488][T19286] Call Trace:
[  233.928493][T19286]  <TASK>
[  233.928498][T19286]  __dump_stack+0x1d/0x30
[  233.928512][T19286]  dump_stack_lvl+0xe8/0x140
[  233.928524][T19286]  dump_stack+0x15/0x1b
[  233.928540][T19286]  should_fail_ex+0x265/0x280
[  233.928592][T19286]  should_fail+0xb/0x20
[  233.928608][T19286]  should_fail_usercopy+0x1a/0x20
[  233.928620][T19286]  _copy_from_user+0x1c/0xb0
[  233.928709][T19286]  ___sys_sendmsg+0xc1/0x1d0
[  233.928726][T19286]  __x64_sys_sendmsg+0xd4/0x160
[  233.928739][T19286]  x64_sys_call+0x191e/0x3000
[  233.928752][T19286]  do_syscall_64+0xd2/0x200
[  233.928765][T19286]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  233.928861][T19286]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  233.928880][T19286]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.928900][T19286] RIP: 0033:0x7f903e10f6c9
[  233.928910][T19286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.928920][T19286] RSP: 002b:00007f903cb6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  233.928932][T19286] RAX: ffffffffffffffda RBX: 00007f903e365fa0 RCX: 00007f903e10f6c9
[  233.928940][T19286] RDX: 0000000000000844 RSI: 0000200000000040 RDI: 0000000000000003
[  233.928947][T19286] RBP: 00007f903cb6f090 R08: 0000000000000000 R09: 0000000000000000
[  233.929013][T19286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.929070][T19286] R13: 00007f903e366038 R14: 00007f903e365fa0 R15: 00007ffcb47da7a8
[  233.929080][T19286]  </TASK>
[  234.121232][T19290] netlink: 72 bytes leftover after parsing attributes in process `syz.0.3664'.
[  234.182068][T19296] netlink: 'syz.1.3667': attribute type 1 has an invalid length.
[  234.451123][T17844] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.014602][T19322] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[  235.057746][T19322] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3677'.
[  235.067448][T19316] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  235.109523][T19327] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  235.117751][T19327] tipc: Disabling bearer <eth:syzkaller0>
[  235.241688][T19341] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3685'.
[  235.250661][T19341] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3685'.
[  235.280594][T19344] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3686'.
[  235.289640][T19344] bridge_slave_1: left allmulticast mode
[  235.295328][T19344] bridge_slave_1: left promiscuous mode
[  235.301150][T19344] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.309415][T19344] bridge_slave_0: left allmulticast mode
[  235.315167][T19344] bridge_slave_0: left promiscuous mode
[  235.320880][T19344] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.380280][T19347] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  235.388511][T19347] tipc: Disabling bearer <eth:syzkaller0>
[  235.396572][T19349] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  235.404522][T19349] tipc: Disabling bearer <eth:syzkaller0>
[  235.434808][T19355] loop2: detected capacity change from 0 to 512
[  235.474772][T19355] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.3691: inode has both inline data and extents flags
[  235.494044][T19355] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3691: couldn't read orphan inode 15 (err -117)
[  235.506559][T19355] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.600297][T19369] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  235.618327][T19369] tipc: Disabling bearer <eth:syzkaller0>
[  235.640212][T19364] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  235.816613][T17666] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.011650][T19386] loop1: detected capacity change from 0 to 128
[  236.284046][T19407] FAULT_INJECTION: forcing a failure.
[  236.284046][T19407] name failslab, interval 1, probability 0, space 0, times 0
[  236.296760][T19407] CPU: 1 UID: 0 PID: 19407 Comm: syz.3.3707 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  236.296816][T19407] Tainted: [W]=WARN
[  236.296824][T19407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  236.296899][T19407] Call Trace:
[  236.296906][T19407]  <TASK>
[  236.296913][T19407]  __dump_stack+0x1d/0x30
[  236.296936][T19407]  dump_stack_lvl+0xe8/0x140
[  236.296958][T19407]  dump_stack+0x15/0x1b
[  236.296998][T19407]  should_fail_ex+0x265/0x280
[  236.297038][T19407]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  236.297058][T19407]  should_failslab+0x8c/0xb0
[  236.297119][T19407]  kmem_cache_alloc_lru_noprof+0x55/0x490
[  236.297147][T19407]  ? debugfs_alloc_inode+0x34/0x40
[  236.297241][T19407]  ? lookup_noperm+0xc9/0x180
[  236.297262][T19407]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  236.297291][T19407]  debugfs_alloc_inode+0x34/0x40
[  236.297391][T19407]  alloc_inode+0x40/0x170
[  236.297417][T19407]  new_inode+0x1d/0xe0
[  236.297441][T19407]  __debugfs_create_file+0x109/0x330
[  236.297459][T19407]  debugfs_create_file_full+0x3f/0x60
[  236.297477][T19407]  ? __pfx_ipvlan_link_setup+0x10/0x10
[  236.297526][T19407]  ref_tracker_dir_debugfs+0x100/0x1e0
[  236.297569][T19407]  alloc_netdev_mqs+0x1a7/0xa50
[  236.297592][T19407]  rtnl_create_link+0x239/0x710
[  236.297697][T19407]  rtnl_newlink_create+0x14c/0x620
[  236.297720][T19407]  ? security_capable+0x83/0x90
[  236.297764][T19407]  ? netlink_ns_capable+0x86/0xa0
[  236.297791][T19407]  rtnl_newlink+0xf29/0x12d0
[  236.297816][T19407]  ? __rcu_read_unlock+0x4f/0x70
[  236.297853][T19407]  ? xas_load+0x413/0x430
[  236.297933][T19407]  ? __memcg_slab_free_hook+0x135/0x230
[  236.297959][T19407]  ? __rcu_read_unlock+0x4f/0x70
[  236.297985][T19407]  ? avc_has_perm_noaudit+0x1b1/0x200
[  236.298063][T19407]  ? cred_has_capability+0x210/0x280
[  236.298097][T19407]  ? selinux_capable+0x31/0x40
[  236.298117][T19407]  ? security_capable+0x83/0x90
[  236.298156][T19407]  ? ns_capable+0x7d/0xb0
[  236.298180][T19407]  ? __pfx_rtnl_newlink+0x10/0x10
[  236.298201][T19407]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  236.298225][T19407]  netlink_rcv_skb+0x123/0x220
[  236.298256][T19407]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  236.298354][T19407]  rtnetlink_rcv+0x1c/0x30
[  236.298377][T19407]  netlink_unicast+0x5c0/0x690
[  236.298405][T19407]  netlink_sendmsg+0x58b/0x6b0
[  236.298467][T19407]  ? __pfx_netlink_sendmsg+0x10/0x10
[  236.298489][T19407]  __sock_sendmsg+0x145/0x180
[  236.298516][T19407]  ____sys_sendmsg+0x31e/0x4e0
[  236.298539][T19407]  ___sys_sendmsg+0x17b/0x1d0
[  236.298621][T19407]  __x64_sys_sendmsg+0xd4/0x160
[  236.298644][T19407]  x64_sys_call+0x191e/0x3000
[  236.298669][T19407]  do_syscall_64+0xd2/0x200
[  236.298691][T19407]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  236.298764][T19407]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  236.298795][T19407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.298882][T19407] RIP: 0033:0x7fba92b3f6c9
[  236.298895][T19407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.298953][T19407] RSP: 002b:00007fba9159f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  236.298973][T19407] RAX: ffffffffffffffda RBX: 00007fba92d95fa0 RCX: 00007fba92b3f6c9
[  236.298988][T19407] RDX: 0000000000004054 RSI: 00002000000002c0 RDI: 0000000000000003
[  236.299000][T19407] RBP: 00007fba9159f090 R08: 0000000000000000 R09: 0000000000000000
[  236.299011][T19407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  236.299024][T19407] R13: 00007fba92d96038 R14: 00007fba92d95fa0 R15: 00007fff37d12678
[  236.299043][T19407]  </TASK>
[  236.299063][T19407] debugfs: out of free dentries, can not create file 'netdev@ffff88812be57558'
[  236.632799][T19412] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  236.693036][   T29] kauditd_printk_skb: 318 callbacks suppressed
[  236.693050][   T29] audit: type=1326 audit(1763400667.306:11324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19400 comm="syz.1.3704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  236.722989][   T29] audit: type=1326 audit(1763400667.306:11325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19400 comm="syz.1.3704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  236.764642][   T29] audit: type=1326 audit(1763400667.306:11326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19418 comm="syz.0.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7472eef6c9 code=0x7ffc0000
[  236.788270][   T29] audit: type=1326 audit(1763400667.306:11327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19418 comm="syz.0.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7472eef6c9 code=0x7ffc0000
[  236.811951][   T29] audit: type=1326 audit(1763400667.306:11328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19418 comm="syz.0.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7472eef6c9 code=0x7ffc0000
[  236.835637][   T29] audit: type=1326 audit(1763400667.306:11329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19418 comm="syz.0.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f7472eef6c9 code=0x7ffc0000
[  236.859284][   T29] audit: type=1326 audit(1763400667.306:11330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19418 comm="syz.0.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7472eef6c9 code=0x7ffc0000
[  236.883155][   T29] audit: type=1326 audit(1763400667.306:11331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19418 comm="syz.0.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7472eef6c9 code=0x7ffc0000
[  236.965945][T19429] FAULT_INJECTION: forcing a failure.
[  236.965945][T19429] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  236.979152][T19429] CPU: 0 UID: 0 PID: 19429 Comm: syz.1.3716 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  236.979211][T19429] Tainted: [W]=WARN
[  236.979217][T19429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  236.979228][T19429] Call Trace:
[  236.979241][T19429]  <TASK>
[  236.979248][T19429]  __dump_stack+0x1d/0x30
[  236.979270][T19429]  dump_stack_lvl+0xe8/0x140
[  236.979288][T19429]  dump_stack+0x15/0x1b
[  236.979365][T19429]  should_fail_ex+0x265/0x280
[  236.979398][T19429]  should_fail+0xb/0x20
[  236.979486][T19429]  should_fail_usercopy+0x1a/0x20
[  236.979508][T19429]  _copy_from_user+0x1c/0xb0
[  236.979534][T19429]  perf_copy_attr+0x145/0x610
[  236.979558][T19429]  __se_sys_perf_event_open+0x67/0x11c0
[  236.979691][T19429]  ? vfs_write+0x7e8/0x960
[  236.979716][T19429]  ? __rcu_read_unlock+0x4f/0x70
[  236.979811][T19429]  __x64_sys_perf_event_open+0x67/0x80
[  236.979838][T19429]  x64_sys_call+0x7bd/0x3000
[  236.979860][T19429]  do_syscall_64+0xd2/0x200
[  236.979945][T19429]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  236.979969][T19429]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  236.980029][T19429]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.980050][T19429] RIP: 0033:0x7f4e972cf6c9
[  236.980065][T19429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.980084][T19429] RSP: 002b:00007f4e95d2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  236.980132][T19429] RAX: ffffffffffffffda RBX: 00007f4e97525fa0 RCX: 00007f4e972cf6c9
[  236.980146][T19429] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  236.980158][T19429] RBP: 00007f4e95d2f090 R08: 000000000000000d R09: 0000000000000000
[  236.980170][T19429] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  236.980183][T19429] R13: 00007f4e97526038 R14: 00007f4e97525fa0 R15: 00007ffe9a928ea8
[  236.980201][T19429]  </TASK>
[  237.002176][T19433] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3714'.
[  237.071057][T19424] loop2: detected capacity change from 0 to 128
[  237.094236][T19432] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  237.149886][   T29] audit: type=1326 audit(1763400667.756:11332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19438 comm="syz.1.3718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  237.152591][T19432] ref_ctr increment failed for inode: 0x1f0 offset: 0x4 ref_ctr_offset: 0x2 of mm: 0xffff88810005e780
[  237.174198][   T29] audit: type=1326 audit(1763400667.776:11333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19438 comm="syz.1.3718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  237.286006][T19443] loop2: detected capacity change from 0 to 512
[  237.294126][T19443] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.3720: corrupted in-inode xattr: invalid ea_ino
[  237.307800][T19443] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3720: couldn't read orphan inode 15 (err -117)
[  237.320330][T19443] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.378022][T19453] netlink: 'syz.5.3723': attribute type 21 has an invalid length.
[  237.400825][T19453] netlink: 156 bytes leftover after parsing attributes in process `syz.5.3723'.
[  237.409970][T19453] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3723'.
[  237.501213][T19466] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  237.509538][T19466] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  237.747952][T19477] loop1: detected capacity change from 0 to 1024
[  237.755118][T19477] EXT4-fs: Ignoring removed orlov option
[  237.771789][T19479] netlink: 'syz.0.3732': attribute type 1 has an invalid length.
[  237.895928][T19477] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.199069][T17666] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.726058][T19500] wg1 speed is unknown, defaulting to 1000
[  238.739318][T19500] ip6_vti0 speed is unknown, defaulting to 1000
[  238.833243][T19504] loop5: detected capacity change from 0 to 512
[  238.840164][T19504] EXT4-fs: Ignoring removed i_version option
[  238.846208][T19504] EXT4-fs: Ignoring removed bh option
[  238.957979][T19504] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.981999][T19504] ext4 filesystem being mounted at /110/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  239.025493][T19510] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[  239.041980][T19512] netlink: 'syz.2.3742': attribute type 1 has an invalid length.
[  239.064844][T19510] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3741'.
[  239.165559][T17794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.286738][T19523] loop1: detected capacity change from 0 to 512
[  239.320021][T19523] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.3743: inode has both inline data and extents flags
[  239.333615][T19523] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.3743: couldn't read orphan inode 15 (err -117)
[  239.352018][T17442] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.363690][T19523] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.405447][T19538] loop2: detected capacity change from 0 to 512
[  239.412339][T19538] EXT4-fs: Ignoring removed mblk_io_submit option
[  239.418817][T19538] EXT4-fs: Ignoring removed nomblk_io_submit option
[  239.430709][T19538] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  239.439200][T19538] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  239.441223][T19540] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  239.456900][T19540] ref_ctr increment failed for inode: 0x206 offset: 0x4 ref_ctr_offset: 0x2 of mm: 0xffff88810005d080
[  239.459765][T19543] netlink: 'syz.0.3754': attribute type 1 has an invalid length.
[  239.478278][T17794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.490282][T19544] loop5: detected capacity change from 0 to 512
[  239.501891][T19544] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.3749: couldn't read orphan inode 26 (err -116)
[  239.502071][T19538] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.3753: Allocating blocks 41-42 which overlap fs metadata
[  239.514404][T19544] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.540234][T19544] ext4 filesystem being mounted at /111/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  239.553769][T19552] netlink: 'syz.0.3756': attribute type 1 has an invalid length.
[  239.561332][T19551] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3755'.
[  239.570566][T19551] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3755'.
[  239.571122][T19538] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.3753: Allocating blocks 41-42 which overlap fs metadata
[  239.603946][T19538] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.3753: Failed to acquire dquot type 1
[  239.615963][T19538] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  239.631266][T19538] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.3753: corrupted inode contents
[  239.643902][T19538] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #12: comm syz.2.3753: mark_inode_dirty error
[  239.655565][T19538] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.3753: corrupted inode contents
[  239.671118][T19538] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm syz.2.3753: mark_inode_dirty error
[  239.687020][T19556] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  239.694362][T19538] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.3753: corrupted inode contents
[  239.707608][T19556] tipc: Disabling bearer <eth:syzkaller0>
[  239.724633][T19562] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  239.728758][T19538] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem
[  239.744441][T19538] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.3753: corrupted inode contents
[  239.757207][T19538] EXT4-fs error (device loop2): ext4_truncate:4637: inode #12: comm syz.2.3753: mark_inode_dirty error
[  239.768687][T19538] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem
[  239.788303][T19538] EXT4-fs (loop2): 1 truncate cleaned up
[  239.794795][T19538] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.839060][T19570] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  239.851204][T19572] FAULT_INJECTION: forcing a failure.
[  239.851204][T19572] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.851465][T19570] tipc: Disabling bearer <eth:syzkaller0>
[  239.864444][T19572] CPU: 0 UID: 0 PID: 19572 Comm: syz.0.3765 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  239.864541][T19572] Tainted: [W]=WARN
[  239.864547][T19572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  239.864559][T19572] Call Trace:
[  239.864565][T19572]  <TASK>
[  239.864573][T19572]  __dump_stack+0x1d/0x30
[  239.864596][T19572]  dump_stack_lvl+0xe8/0x140
[  239.864617][T19572]  dump_stack+0x15/0x1b
[  239.864714][T19572]  should_fail_ex+0x265/0x280
[  239.864746][T19572]  should_fail+0xb/0x20
[  239.864776][T19572]  should_fail_usercopy+0x1a/0x20
[  239.864859][T19572]  _copy_from_user+0x1c/0xb0
[  239.864885][T19572]  perf_copy_attr+0x145/0x610
[  239.864910][T19572]  __se_sys_perf_event_open+0x67/0x11c0
[  239.864981][T19572]  ? vfs_write+0x7e8/0x960
[  239.865006][T19572]  ? __rcu_read_unlock+0x4f/0x70
[  239.865038][T19572]  __x64_sys_perf_event_open+0x67/0x80
[  239.865066][T19572]  x64_sys_call+0x7bd/0x3000
[  239.865114][T19572]  do_syscall_64+0xd2/0x200
[  239.865136][T19572]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  239.865164][T19572]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  239.865204][T19572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.865226][T19572] RIP: 0033:0x7f7472eef6c9
[  239.865242][T19572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.865261][T19572] RSP: 002b:00007f747194f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  239.865351][T19572] RAX: ffffffffffffffda RBX: 00007f7473145fa0 RCX: 00007f7472eef6c9
[  239.865364][T19572] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  239.865378][T19572] RBP: 00007f747194f090 R08: 000000000000000d R09: 0000000000000000
[  239.865391][T19572] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  239.865405][T19572] R13: 00007f7473146038 R14: 00007f7473145fa0 R15: 00007ffcb4481b08
[  239.865423][T19572]  </TASK>
[  240.025702][T19574] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3766'.
[  240.071278][T19538] netlink: 'syz.2.3753': attribute type 30 has an invalid length.
[  240.107483][T19582] netlink: 'syz.1.3768': attribute type 1 has an invalid length.
[  240.126357][T19580] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  240.135137][T19580] tipc: Disabling bearer <eth:syzkaller0>
[  240.151699][T19584] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  240.160419][T19584] ref_ctr increment failed for inode: 0x291 offset: 0x4 ref_ctr_offset: 0x2 of mm: 0xffff88812eba7300
[  240.194381][T17666] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.273378][T17442] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.275808][T19596] loop1: detected capacity change from 0 to 512
[  240.290260][T19597] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  240.310720][T19596] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.3774: inode has both inline data and extents flags
[  240.328181][T19596] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.3774: couldn't read orphan inode 15 (err -117)
[  240.346868][T19596] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  240.547847][T19622] __nla_validate_parse: 2 callbacks suppressed
[  240.547861][T19622] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3782'.
[  240.623816][T19630] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  240.632604][T19630] ref_ctr increment failed for inode: 0x2e4 offset: 0x4 ref_ctr_offset: 0x2 of mm: 0xffff88812eba61c0
[  240.648670][T17794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.670864][T19632] loop1: detected capacity change from 0 to 1024
[  240.677463][T19632] EXT4-fs: Ignoring removed orlov option
[  240.685004][T19632] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  240.812656][T19638] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  241.059929][T19650] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  241.069659][T19650] tipc: Disabling bearer <eth:syzkaller0>
[  241.318852][T19659] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  241.337086][T19659] tipc: Disabling bearer <eth:syzkaller0>
[  241.456902][T19662] netlink: 256 bytes leftover after parsing attributes in process `syz.3.3796'.
[  241.526256][T19667] xt_connbytes: Forcing CT accounting to be enabled
[  241.554273][T19667] set match dimension is over the limit!
[  241.608340][T19666] wg1 speed is unknown, defaulting to 1000
[  241.619230][T19666] ip6_vti0 speed is unknown, defaulting to 1000
[  241.756467][T19677] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[  241.767788][T17794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.782003][   T29] kauditd_printk_skb: 280 callbacks suppressed
[  241.782013][   T29] audit: type=1326 audit(1763400672.396:11610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19674 comm="syz.2.3799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f112688f6c9 code=0x7ffc0000
[  241.811914][   T29] audit: type=1326 audit(1763400672.396:11611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19674 comm="syz.2.3799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f112688f6c9 code=0x7ffc0000
[  241.835545][   T29] audit: type=1326 audit(1763400672.396:11612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19674 comm="syz.2.3799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f112688f6c9 code=0x7ffc0000
[  241.859224][   T29] audit: type=1326 audit(1763400672.396:11613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19674 comm="syz.2.3799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f112688f6c9 code=0x7ffc0000
[  241.883538][   T29] audit: type=1326 audit(1763400672.396:11614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19674 comm="syz.2.3799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f112688f6c9 code=0x7ffc0000
[  241.887653][T19683] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3800'.
[  241.907175][   T29] audit: type=1326 audit(1763400672.396:11615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19674 comm="syz.2.3799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f112688f6c9 code=0x7ffc0000
[  241.939801][   T29] audit: type=1326 audit(1763400672.396:11616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19674 comm="syz.2.3799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f112688f6c9 code=0x7ffc0000
[  242.006228][   T29] audit: type=1326 audit(1763400672.606:11617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19689 comm="syz.2.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f112688f6c9 code=0x7ffc0000
[  242.029982][   T29] audit: type=1326 audit(1763400672.606:11618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19689 comm="syz.2.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f112688f6c9 code=0x7ffc0000
[  242.053647][   T29] audit: type=1326 audit(1763400672.606:11619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19689 comm="syz.2.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f112688f6c9 code=0x7ffc0000
[  242.145137][T19699] netlink: 104 bytes leftover after parsing attributes in process `syz.3.3807'.
[  242.217157][T19708] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  242.227139][T19706] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  242.510892][T19722] wg1 speed is unknown, defaulting to 1000
[  242.517095][T19722] ip6_vti0 speed is unknown, defaulting to 1000
[  242.792794][T19730] loop5: detected capacity change from 0 to 512
[  242.849815][T19730] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.3817: inode has both inline data and extents flags
[  242.863825][T19726] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[  242.876503][T19730] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.3817: couldn't read orphan inode 15 (err -117)
[  242.913901][T19726] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3816'.
[  242.924855][T19730] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  243.195525][T19739] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3819'.
[  243.204508][T19739] netlink: 'syz.0.3819': attribute type 30 has an invalid length.
[  243.235795][ T5490] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  243.248674][ T5490] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  243.269314][ T5490] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  243.286640][ T5490] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  243.288722][T19741] loop2: detected capacity change from 0 to 256
[  243.331308][T19741] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3820'.
[  243.396029][T19748] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  243.406116][T19748] tipc: Disabling bearer <eth:syzkaller0>
[  243.420565][T17442] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.488372][T19754] FAULT_INJECTION: forcing a failure.
[  243.488372][T19754] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  243.501599][T19754] CPU: 1 UID: 0 PID: 19754 Comm: syz.2.3825 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  243.501632][T19754] Tainted: [W]=WARN
[  243.501640][T19754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  243.501654][T19754] Call Trace:
[  243.501661][T19754]  <TASK>
[  243.501670][T19754]  __dump_stack+0x1d/0x30
[  243.501692][T19754]  dump_stack_lvl+0xe8/0x140
[  243.501744][T19754]  dump_stack+0x15/0x1b
[  243.501760][T19754]  should_fail_ex+0x265/0x280
[  243.501790][T19754]  should_fail+0xb/0x20
[  243.501893][T19754]  should_fail_usercopy+0x1a/0x20
[  243.501911][T19754]  strncpy_from_user+0x25/0x230
[  243.501953][T19754]  ? kmem_cache_alloc_noprof+0x242/0x480
[  243.501983][T19754]  ? getname_flags+0x80/0x3b0
[  243.502015][T19754]  getname_flags+0xae/0x3b0
[  243.502083][T19754]  io_openat_prep+0x129/0x2b0
[  243.502110][T19754]  io_submit_sqes+0x5ef/0x1060
[  243.502218][T19754]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  243.502253][T19754]  ? 0xffffffff81000000
[  243.502267][T19754]  ? __rcu_read_unlock+0x4f/0x70
[  243.502295][T19754]  ? get_pid_task+0x96/0xd0
[  243.502392][T19754]  ? proc_fail_nth_write+0x13b/0x160
[  243.502418][T19754]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  243.502493][T19754]  ? vfs_write+0x7e8/0x960
[  243.502516][T19754]  ? __rcu_read_unlock+0x4f/0x70
[  243.502543][T19754]  ? __fget_files+0x184/0x1c0
[  243.502644][T19754]  ? trace_reschedule_exit+0xd/0xc0
[  243.502691][T19754]  ? sysvec_reschedule_ipi+0x4f/0x70
[  243.502721][T19754]  ? trace_reschedule_exit+0xd/0xc0
[  243.502743][T19754]  __x64_sys_io_uring_enter+0x78/0x90
[  243.502811][T19754]  x64_sys_call+0x2df0/0x3000
[  243.502831][T19754]  do_syscall_64+0xd2/0x200
[  243.502850][T19754]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  243.502879][T19754]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  243.502962][T19754]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.502985][T19754] RIP: 0033:0x7f112688f6c9
[  243.503001][T19754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  243.503117][T19754] RSP: 002b:00007f11252ef038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  243.503138][T19754] RAX: ffffffffffffffda RBX: 00007f1126ae5fa0 RCX: 00007f112688f6c9
[  243.503151][T19754] RDX: 0000000000000000 RSI: 00000000000047bc RDI: 0000000000000003
[  243.503165][T19754] RBP: 00007f11252ef090 R08: 0000000000000000 R09: 0000000000000000
[  243.503179][T19754] R10: 0000000000000021 R11: 0000000000000246 R12: 0000000000000001
[  243.503207][T19754] R13: 00007f1126ae6038 R14: 00007f1126ae5fa0 R15: 00007fffcc2d9b68
[  243.503226][T19754]  </TASK>
[  243.779725][T19760] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  243.788050][T19760] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  243.801808][T19762] netlink: 'syz.2.3828': attribute type 1 has an invalid length.
[  243.811989][T19764] FAULT_INJECTION: forcing a failure.
[  243.811989][T19764] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  243.825632][T19764] CPU: 0 UID: 0 PID: 19764 Comm: syz.3.3829 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  243.825663][T19764] Tainted: [W]=WARN
[  243.825669][T19764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  243.825681][T19764] Call Trace:
[  243.825686][T19764]  <TASK>
[  243.825693][T19764]  __dump_stack+0x1d/0x30
[  243.825713][T19764]  dump_stack_lvl+0xe8/0x140
[  243.825734][T19764]  dump_stack+0x15/0x1b
[  243.825750][T19764]  should_fail_ex+0x265/0x280
[  243.825850][T19764]  should_fail+0xb/0x20
[  243.825937][T19764]  should_fail_usercopy+0x1a/0x20
[  243.825954][T19764]  _copy_from_user+0x1c/0xb0
[  243.825974][T19764]  __x64_sys_epoll_ctl+0x92/0x100
[  243.826000][T19764]  x64_sys_call+0x706/0x3000
[  243.826019][T19764]  do_syscall_64+0xd2/0x200
[  243.826073][T19764]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  243.826155][T19764]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  243.826181][T19764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.826249][T19764] RIP: 0033:0x7fba92b3f6c9
[  243.826262][T19764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  243.826277][T19764] RSP: 002b:00007fba9159f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  243.826294][T19764] RAX: ffffffffffffffda RBX: 00007fba92d95fa0 RCX: 00007fba92b3f6c9
[  243.826312][T19764] RDX: 0000000000000004 RSI: 0000000000000003 RDI: 0000000000000003
[  243.826322][T19764] RBP: 00007fba9159f090 R08: 0000000000000000 R09: 0000000000000000
[  243.826333][T19764] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000001
[  243.826356][T19764] R13: 00007fba92d96038 R14: 00007fba92d95fa0 R15: 00007fff37d12678
[  243.826371][T19764]  </TASK>
[  243.830571][T19765] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3827'.
[  243.856065][T19767] netlink: 104 bytes leftover after parsing attributes in process `syz.3.3831'.
[  244.022160][T19771] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  244.065650][T19779] loop3: detected capacity change from 0 to 512
[  244.073809][T19779] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.3834: inode has both inline data and extents flags
[  244.087477][T19779] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.3834: couldn't read orphan inode 15 (err -117)
[  244.100628][T19779] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  244.258565][T17844] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.310736][T19784] netlink: 'syz.2.3836': attribute type 1 has an invalid length.
[  244.318520][T19784] netlink: 'syz.2.3836': attribute type 4 has an invalid length.
[  244.326350][T19784] netlink: 9462 bytes leftover after parsing attributes in process `syz.2.3836'.
[  244.336092][T19784] netlink: 'syz.2.3836': attribute type 1 has an invalid length.
[  244.343893][T19784] netlink: 'syz.2.3836': attribute type 4 has an invalid length.
[  244.414828][T19794] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  244.423119][T19794] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  244.471820][T19800] FAULT_INJECTION: forcing a failure.
[  244.471820][T19800] name failslab, interval 1, probability 0, space 0, times 0
[  244.484576][T19800] CPU: 0 UID: 0 PID: 19800 Comm: syz.2.3842 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  244.484609][T19800] Tainted: [W]=WARN
[  244.484615][T19800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  244.484623][T19800] Call Trace:
[  244.484627][T19800]  <TASK>
[  244.484712][T19800]  __dump_stack+0x1d/0x30
[  244.484726][T19800]  dump_stack_lvl+0xe8/0x140
[  244.484738][T19800]  dump_stack+0x15/0x1b
[  244.484748][T19800]  should_fail_ex+0x265/0x280
[  244.484767][T19800]  should_failslab+0x8c/0xb0
[  244.484892][T19800]  __kmalloc_noprof+0xa5/0x570
[  244.484919][T19800]  ? scsi_ioctl_reset+0xdc/0x490
[  244.484940][T19800]  scsi_ioctl_reset+0xdc/0x490
[  244.485001][T19800]  scsi_ioctl+0x5fd/0x14d0
[  244.485072][T19800]  ? ioctl_has_perm+0x257/0x2a0
[  244.485090][T19800]  ? do_vfs_ioctl+0x866/0xe10
[  244.485108][T19800]  sg_ioctl+0x12fb/0x1360
[  244.485125][T19800]  ? __pfx_sg_ioctl+0x10/0x10
[  244.485139][T19800]  __se_sys_ioctl+0xce/0x140
[  244.485150][T19800]  __x64_sys_ioctl+0x43/0x50
[  244.485166][T19800]  x64_sys_call+0x1816/0x3000
[  244.485178][T19800]  do_syscall_64+0xd2/0x200
[  244.485192][T19800]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  244.485208][T19800]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  244.485227][T19800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.485240][T19800] RIP: 0033:0x7f112688f6c9
[  244.485249][T19800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.485259][T19800] RSP: 002b:00007f11252ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  244.485271][T19800] RAX: ffffffffffffffda RBX: 00007f1126ae5fa0 RCX: 00007f112688f6c9
[  244.485278][T19800] RDX: 0000200000000080 RSI: 0000000000002284 RDI: 0000000000000003
[  244.485333][T19800] RBP: 00007f11252ef090 R08: 0000000000000000 R09: 0000000000000000
[  244.485340][T19800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.485377][T19800] R13: 00007f1126ae6038 R14: 00007f1126ae5fa0 R15: 00007fffcc2d9b68
[  244.485388][T19800]  </TASK>
[  244.704026][T19804] loop2: detected capacity change from 0 to 512
[  244.723209][T19804] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.3843: inode has both inline data and extents flags
[  244.758807][T19804] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3843: couldn't read orphan inode 15 (err -117)
[  244.772117][T19804] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  244.835554][T19812] loop3: detected capacity change from 0 to 1024
[  244.865375][T19812] EXT4-fs: Ignoring removed orlov option
[  244.886438][T19812] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  244.944125][T19821] sd 0:0:1:0: device reset
[  244.973328][T19827] netdevsim netdevsim5: Direct firmware load for ./file0 failed with error -2
[  245.053051][T19833] FAULT_INJECTION: forcing a failure.
[  245.053051][T19833] name failslab, interval 1, probability 0, space 0, times 0
[  245.065724][T19833] CPU: 1 UID: 0 PID: 19833 Comm: syz.1.3852 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  245.065758][T19833] Tainted: [W]=WARN
[  245.065766][T19833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  245.065778][T19833] Call Trace:
[  245.065785][T19833]  <TASK>
[  245.065793][T19833]  __dump_stack+0x1d/0x30
[  245.065868][T19833]  dump_stack_lvl+0xe8/0x140
[  245.065888][T19833]  dump_stack+0x15/0x1b
[  245.065924][T19833]  should_fail_ex+0x265/0x280
[  245.065989][T19833]  should_failslab+0x8c/0xb0
[  245.066093][T19833]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  245.066120][T19833]  ? __alloc_skb+0x101/0x320
[  245.066195][T19833]  __alloc_skb+0x101/0x320
[  245.066224][T19833]  netlink_dump+0x10d/0x8a0
[  245.066255][T19833]  ? skb_free_head+0xb8/0x150
[  245.066341][T19833]  netlink_recvmsg+0x420/0x550
[  245.066393][T19833]  ? __pfx_netlink_recvmsg+0x10/0x10
[  245.066414][T19833]  sock_recvmsg+0x139/0x170
[  245.066437][T19833]  ____sys_recvmsg+0xf5/0x280
[  245.066466][T19833]  ___sys_recvmsg+0x11f/0x370
[  245.066494][T19833]  do_recvmmsg+0x1ef/0x540
[  245.066517][T19833]  ? fput+0x8f/0xc0
[  245.066535][T19833]  __x64_sys_recvmmsg+0xe5/0x170
[  245.066627][T19833]  x64_sys_call+0x27aa/0x3000
[  245.066648][T19833]  do_syscall_64+0xd2/0x200
[  245.066672][T19833]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  245.066701][T19833]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  245.066735][T19833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.066773][T19833] RIP: 0033:0x7f4e972cf6c9
[  245.066867][T19833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.066960][T19833] RSP: 002b:00007f4e95d2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  245.067036][T19833] RAX: ffffffffffffffda RBX: 00007f4e97525fa0 RCX: 00007f4e972cf6c9
[  245.067047][T19833] RDX: 0400000000000054 RSI: 0000200000000780 RDI: 0000000000000003
[  245.067061][T19833] RBP: 00007f4e95d2f090 R08: 0000000000000000 R09: 0000000000000000
[  245.067072][T19833] R10: 0000000040012100 R11: 0000000000000246 R12: 0000000000000001
[  245.067124][T19833] R13: 00007f4e97526038 R14: 00007f4e97525fa0 R15: 00007ffe9a928ea8
[  245.067143][T19833]  </TASK>
[  245.308750][T19837] loop5: detected capacity change from 0 to 512
[  245.318582][T19837] EXT4-fs (loop5): 1 orphan inode deleted
[  245.396720][T19844] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  245.414370][T19844] tipc: Disabling bearer <eth:syzkaller0>
[  245.426775][T19853] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  245.512047][T19842] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  245.602351][T19867] syzkaller1: entered promiscuous mode
[  245.607983][T19867] syzkaller1: entered allmulticast mode
[  245.695545][T19869] wg1 speed is unknown, defaulting to 1000
[  245.701908][T19869] ip6_vti0 speed is unknown, defaulting to 1000
[  245.757862][T19872] netlink: 'syz.5.3867': attribute type 12 has an invalid length.
[  245.766650][T19872] FAULT_INJECTION: forcing a failure.
[  245.766650][T19872] name failslab, interval 1, probability 0, space 0, times 0
[  245.779336][T19872] CPU: 0 UID: 0 PID: 19872 Comm: syz.5.3867 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  245.779378][T19872] Tainted: [W]=WARN
[  245.779437][T19872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  245.779501][T19872] Call Trace:
[  245.779508][T19872]  <TASK>
[  245.779515][T19872]  __dump_stack+0x1d/0x30
[  245.779540][T19872]  dump_stack_lvl+0xe8/0x140
[  245.779765][T19872]  dump_stack+0x15/0x1b
[  245.779785][T19872]  should_fail_ex+0x265/0x280
[  245.779819][T19872]  should_failslab+0x8c/0xb0
[  245.779850][T19872]  __kmalloc_noprof+0xa5/0x570
[  245.779921][T19872]  ? alloc_pipe_info+0x1c9/0x350
[  245.779951][T19872]  alloc_pipe_info+0x1c9/0x350
[  245.779979][T19872]  splice_direct_to_actor+0x592/0x680
[  245.780006][T19872]  ? kstrtouint_from_user+0x9f/0xf0
[  245.780104][T19872]  ? __pfx_direct_splice_actor+0x10/0x10
[  245.780129][T19872]  ? __rcu_read_unlock+0x4f/0x70
[  245.780155][T19872]  ? get_pid_task+0x96/0xd0
[  245.780201][T19872]  ? avc_policy_seqno+0x15/0x30
[  245.780221][T19872]  ? selinux_file_permission+0x1e4/0x320
[  245.780273][T19872]  do_splice_direct+0xda/0x150
[  245.780296][T19872]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  245.780326][T19872]  do_sendfile+0x380/0x650
[  245.780376][T19872]  __x64_sys_sendfile64+0x105/0x150
[  245.780404][T19872]  x64_sys_call+0x2bb4/0x3000
[  245.780507][T19872]  do_syscall_64+0xd2/0x200
[  245.780528][T19872]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  245.780619][T19872]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  245.780653][T19872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.780677][T19872] RIP: 0033:0x7f903e10f6c9
[  245.780693][T19872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.780771][T19872] RSP: 002b:00007f903cb6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  245.780790][T19872] RAX: ffffffffffffffda RBX: 00007f903e365fa0 RCX: 00007f903e10f6c9
[  245.780802][T19872] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[  245.780813][T19872] RBP: 00007f903cb6f090 R08: 0000000000000000 R09: 0000000000000000
[  245.780826][T19872] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  245.780838][T19872] R13: 00007f903e366038 R14: 00007f903e365fa0 R15: 00007ffcb47da7a8
[  245.780901][T19872]  </TASK>
[  245.783092][T19874] FAULT_INJECTION: forcing a failure.
[  245.783092][T19874] name failslab, interval 1, probability 0, space 0, times 0
[  246.020399][T19874] CPU: 1 UID: 0 PID: 19874 Comm: syz.2.3868 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  246.020419][T19874] Tainted: [W]=WARN
[  246.020423][T19874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  246.020450][T19874] Call Trace:
[  246.020455][T19874]  <TASK>
[  246.020460][T19874]  __dump_stack+0x1d/0x30
[  246.020475][T19874]  dump_stack_lvl+0xe8/0x140
[  246.020527][T19874]  dump_stack+0x15/0x1b
[  246.020568][T19874]  should_fail_ex+0x265/0x280
[  246.020588][T19874]  should_failslab+0x8c/0xb0
[  246.020605][T19874]  __kmalloc_noprof+0xa5/0x570
[  246.020691][T19874]  ? sock_kmalloc+0x85/0xc0
[  246.020704][T19874]  sock_kmalloc+0x85/0xc0
[  246.020723][T19874]  ____sys_sendmsg+0xf8/0x4e0
[  246.020746][T19874]  __sys_sendmsg_sock+0x28/0x40
[  246.020774][T19874]  io_sendmsg+0x163/0x490
[  246.020848][T19874]  __io_issue_sqe+0xfe/0x2e0
[  246.020864][T19874]  ? io_assign_file+0xc9/0x200
[  246.020881][T19874]  io_issue_sqe+0x56/0xa80
[  246.020904][T19874]  ? io_sendmsg_prep+0x380/0x3c0
[  246.020917][T19874]  io_submit_sqes+0x675/0x1060
[  246.020938][T19874]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  246.020955][T19874]  ? 0xffffffff81000000
[  246.021048][T19874]  ? __rcu_read_unlock+0x4f/0x70
[  246.021131][T19874]  ? get_pid_task+0x96/0xd0
[  246.021144][T19874]  ? proc_fail_nth_write+0x13b/0x160
[  246.021162][T19874]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  246.021188][T19874]  ? vfs_write+0x7e8/0x960
[  246.021202][T19874]  ? __rcu_read_unlock+0x4f/0x70
[  246.021263][T19874]  ? __fget_files+0x184/0x1c0
[  246.021316][T19874]  ? fput+0x8f/0xc0
[  246.021410][T19874]  __x64_sys_io_uring_enter+0x78/0x90
[  246.021429][T19874]  x64_sys_call+0x2df0/0x3000
[  246.021442][T19874]  do_syscall_64+0xd2/0x200
[  246.021520][T19874]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  246.021575][T19874]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  246.021670][T19874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.021687][T19874] RIP: 0033:0x7f112688f6c9
[  246.021695][T19874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.021706][T19874] RSP: 002b:00007f11252ef038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  246.021718][T19874] RAX: ffffffffffffffda RBX: 00007f1126ae5fa0 RCX: 00007f112688f6c9
[  246.021726][T19874] RDX: 000000000000ddd3 RSI: 0000000000003516 RDI: 0000000000000006
[  246.021774][T19874] RBP: 00007f11252ef090 R08: 0000000000000000 R09: 0000000000000000
[  246.021781][T19874] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  246.021789][T19874] R13: 00007f1126ae6038 R14: 00007f1126ae5fa0 R15: 00007fffcc2d9b68
[  246.021808][T19874]  </TASK>
[  246.425049][T19880] loop5: detected capacity change from 0 to 1024
[  246.435759][T19880] EXT4-fs: Ignoring removed orlov option
[  246.478147][T19885] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  246.529929][T19892] loop1: detected capacity change from 0 to 512
[  246.557694][T19894] netlink: 'syz.3.3877': attribute type 1 has an invalid length.
[  246.602074][T19892] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.3876: inode has both inline data and extents flags
[  246.615748][T19892] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.3876: couldn't read orphan inode 15 (err -117)
[  246.628392][T19903] FAULT_INJECTION: forcing a failure.
[  246.628392][T19903] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  246.641741][T19903] CPU: 0 UID: 0 PID: 19903 Comm: syz.2.3880 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  246.641774][T19903] Tainted: [W]=WARN
[  246.641787][T19903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  246.641809][T19903] Call Trace:
[  246.641815][T19903]  <TASK>
[  246.641823][T19903]  __dump_stack+0x1d/0x30
[  246.641844][T19903]  dump_stack_lvl+0xe8/0x140
[  246.641942][T19903]  dump_stack+0x15/0x1b
[  246.641959][T19903]  should_fail_ex+0x265/0x280
[  246.641988][T19903]  should_fail+0xb/0x20
[  246.642014][T19903]  should_fail_usercopy+0x1a/0x20
[  246.642070][T19903]  _copy_from_user+0x1c/0xb0
[  246.642094][T19903]  ___sys_sendmsg+0xc1/0x1d0
[  246.642122][T19903]  __sys_sendmmsg+0x178/0x300
[  246.642157][T19903]  __x64_sys_sendmmsg+0x57/0x70
[  246.642176][T19903]  x64_sys_call+0x1c4a/0x3000
[  246.642247][T19903]  do_syscall_64+0xd2/0x200
[  246.642267][T19903]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  246.642291][T19903]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  246.642325][T19903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.642389][T19903] RIP: 0033:0x7f112688f6c9
[  246.642401][T19903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.642417][T19903] RSP: 002b:00007f11252ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  246.642433][T19903] RAX: ffffffffffffffda RBX: 00007f1126ae5fa0 RCX: 00007f112688f6c9
[  246.642444][T19903] RDX: 0000000000000002 RSI: 0000200000000900 RDI: 0000000000000003
[  246.642455][T19903] RBP: 00007f11252ef090 R08: 0000000000000000 R09: 0000000000000000
[  246.642466][T19903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.642527][T19903] R13: 00007f1126ae6038 R14: 00007f1126ae5fa0 R15: 00007fffcc2d9b68
[  246.642542][T19903]  </TASK>
[  247.191533][T19918] __nla_validate_parse: 3 callbacks suppressed
[  247.191629][T19918] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3886'.
[  247.246504][   T29] kauditd_printk_skb: 248 callbacks suppressed
[  247.246517][   T29] audit: type=1326 audit(1763400677.856:11868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19907 comm="syz.3.3882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba92b3f6c9 code=0x7ffc0000
[  247.277068][   T29] audit: type=1326 audit(1763400677.856:11869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19907 comm="syz.3.3882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba92b3f6c9 code=0x7ffc0000
[  247.278471][T19918] tipc: Disabling bearer <eth:macvlan1>
[  247.300735][   T29] audit: type=1326 audit(1763400677.886:11870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19907 comm="syz.3.3882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba92b3f6c9 code=0x7ffc0000
[  247.330350][   T29] audit: type=1326 audit(1763400677.886:11871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19907 comm="syz.3.3882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba92b3f6c9 code=0x7ffc0000
[  247.354163][   T29] audit: type=1326 audit(1763400677.916:11872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19907 comm="syz.3.3882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fba92b3f6c9 code=0x7ffc0000
[  247.377683][   T29] audit: type=1326 audit(1763400677.916:11873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19907 comm="syz.3.3882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba92b3f6c9 code=0x7ffc0000
[  247.401325][   T29] audit: type=1326 audit(1763400677.916:11874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19907 comm="syz.3.3882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba92b3f6c9 code=0x7ffc0000
[  247.424973][   T29] audit: type=1326 audit(1763400677.946:11875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19907 comm="syz.3.3882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba92b3f6c9 code=0x7ffc0000
[  247.448643][   T29] audit: type=1326 audit(1763400677.946:11876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19907 comm="syz.3.3882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba92b3f6c9 code=0x7ffc0000
[  247.472197][   T29] audit: type=1326 audit(1763400677.946:11877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19907 comm="syz.3.3882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fba92b3f6c9 code=0x7ffc0000
[  247.506020][T19922] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3887'.
[  247.515026][T19922] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3887'.
[  247.546285][T19927] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  247.554667][T19927] tipc: Disabling bearer <eth:syzkaller0>
[  247.595230][T19932] netlink: 'syz.5.3891': attribute type 1 has an invalid length.
[  247.685310][T19938] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  247.694039][T19938] ref_ctr increment failed for inode: 0x2cd offset: 0x4 ref_ctr_offset: 0x2 of mm: 0xffff88810005d080
[  247.726251][T19949] FAULT_INJECTION: forcing a failure.
[  247.726251][T19949] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  247.739322][T19949] CPU: 1 UID: 0 PID: 19949 Comm: syz.2.3899 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  247.739356][T19949] Tainted: [W]=WARN
[  247.739362][T19949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  247.739429][T19949] Call Trace:
[  247.739435][T19949]  <TASK>
[  247.739443][T19949]  __dump_stack+0x1d/0x30
[  247.739466][T19949]  dump_stack_lvl+0xe8/0x140
[  247.739485][T19949]  dump_stack+0x15/0x1b
[  247.739504][T19949]  should_fail_ex+0x265/0x280
[  247.739563][T19949]  should_fail+0xb/0x20
[  247.739592][T19949]  should_fail_usercopy+0x1a/0x20
[  247.739664][T19949]  _copy_from_user+0x1c/0xb0
[  247.739685][T19949]  ___sys_sendmsg+0xc1/0x1d0
[  247.739710][T19949]  __x64_sys_sendmsg+0xd4/0x160
[  247.739728][T19949]  x64_sys_call+0x191e/0x3000
[  247.739746][T19949]  do_syscall_64+0xd2/0x200
[  247.739788][T19949]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  247.739880][T19949]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  247.739951][T19949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.739969][T19949] RIP: 0033:0x7f112688f6c9
[  247.740038][T19949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.740052][T19949] RSP: 002b:00007f11252ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  247.740069][T19949] RAX: ffffffffffffffda RBX: 00007f1126ae5fa0 RCX: 00007f112688f6c9
[  247.740084][T19949] RDX: 0000000024040050 RSI: 00002000000000c0 RDI: 0000000000000003
[  247.740157][T19949] RBP: 00007f11252ef090 R08: 0000000000000000 R09: 0000000000000000
[  247.740168][T19949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  247.740178][T19949] R13: 00007f1126ae6038 R14: 00007f1126ae5fa0 R15: 00007fffcc2d9b68
[  247.740193][T19949]  </TASK>
[  247.925578][T19954] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  247.955419][T19945] tipc: Disabling bearer <eth:syzkaller0>
[  248.033218][T19969] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  248.069718][T19966] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3906'.
[  248.097969][T19973] netlink: 256 bytes leftover after parsing attributes in process `syz.1.3908'.
[  248.126428][T19970] wg1 speed is unknown, defaulting to 1000
[  248.162063][T19970] ip6_vti0 speed is unknown, defaulting to 1000
[  248.377500][T19998] netlink: 'syz.2.3917': attribute type 1 has an invalid length.
[  248.731409][T20014] netlink: 256 bytes leftover after parsing attributes in process `syz.5.3922'.
[  248.917620][T20026] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  248.968972][T20029] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  249.101718][T20038] FAULT_INJECTION: forcing a failure.
[  249.101718][T20038] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  249.115197][T20038] CPU: 1 UID: 0 PID: 20038 Comm: syz.2.3931 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  249.115282][T20038] Tainted: [W]=WARN
[  249.115349][T20038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  249.115362][T20038] Call Trace:
[  249.115369][T20038]  <TASK>
[  249.115378][T20038]  __dump_stack+0x1d/0x30
[  249.115406][T20038]  dump_stack_lvl+0xe8/0x140
[  249.115426][T20038]  dump_stack+0x15/0x1b
[  249.115445][T20038]  should_fail_ex+0x265/0x280
[  249.115479][T20038]  should_fail+0xb/0x20
[  249.115506][T20038]  should_fail_usercopy+0x1a/0x20
[  249.115548][T20038]  _copy_from_user+0x1c/0xb0
[  249.115573][T20038]  __x64_sys_epoll_ctl+0x92/0x100
[  249.115601][T20038]  x64_sys_call+0x706/0x3000
[  249.115654][T20038]  do_syscall_64+0xd2/0x200
[  249.115711][T20038]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  249.115737][T20038]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  249.115795][T20038]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.115817][T20038] RIP: 0033:0x7f112688f6c9
[  249.115880][T20038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.115897][T20038] RSP: 002b:00007f11252ef038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  249.115920][T20038] RAX: ffffffffffffffda RBX: 00007f1126ae5fa0 RCX: 00007f112688f6c9
[  249.115933][T20038] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000007
[  249.115945][T20038] RBP: 00007f11252ef090 R08: 0000000000000000 R09: 0000000000000000
[  249.116033][T20038] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  249.116045][T20038] R13: 00007f1126ae6038 R14: 00007f1126ae5fa0 R15: 00007fffcc2d9b68
[  249.116061][T20038]  </TASK>
[  249.440374][T20048] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  249.448674][T20048] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  249.488989][T20053] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  249.497363][T20053] tipc: Disabling bearer <eth:syzkaller0>
[  249.598604][T20044] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  249.704741][T20070] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  249.754089][T20073] program syz.3.3944 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  249.806149][T20082] netlink: 'syz.5.3949': attribute type 1 has an invalid length.
[  250.053940][T20098] 9pnet_fd: Insufficient options for proto=fd
[  250.156698][T20099] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3953'.
[  250.165693][T20099] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3953'.
[  250.654107][T20106] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  250.718040][T20114] 9pnet_fd: Insufficient options for proto=fd
[  250.890863][T20116] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  251.031032][T20146] loop5: detected capacity change from 0 to 128
[  251.052674][T20151] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  251.100088][T20155] netlink: 'syz.5.3974': attribute type 1 has an invalid length.
[  251.128618][T20157] loop5: detected capacity change from 0 to 1024
[  251.135692][T20157] EXT4-fs: Ignoring removed nobh option
[  251.162150][T20157] EXT4-fs mount: 8 callbacks suppressed
[  251.162220][T20157] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  251.200599][T20157] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 15: block 369:freeing already freed block (bit 23); block bitmap corrupt.
[  251.236185][T17442] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.318587][T20186] netlink: 96 bytes leftover after parsing attributes in process `syz.2.3986'.
[  251.342926][T20189] FAULT_INJECTION: forcing a failure.
[  251.342926][T20189] name failslab, interval 1, probability 0, space 0, times 0
[  251.355591][T20189] CPU: 1 UID: 0 PID: 20189 Comm: syz.2.3987 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  251.355612][T20189] Tainted: [W]=WARN
[  251.355616][T20189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  251.355623][T20189] Call Trace:
[  251.355628][T20189]  <TASK>
[  251.355633][T20189]  __dump_stack+0x1d/0x30
[  251.355687][T20189]  dump_stack_lvl+0xe8/0x140
[  251.355771][T20189]  dump_stack+0x15/0x1b
[  251.355782][T20189]  should_fail_ex+0x265/0x280
[  251.355800][T20189]  should_failslab+0x8c/0xb0
[  251.355853][T20189]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  251.355870][T20189]  ? __alloc_skb+0x101/0x320
[  251.355888][T20189]  __alloc_skb+0x101/0x320
[  251.355938][T20189]  netlink_alloc_large_skb+0xbf/0xf0
[  251.355956][T20189]  netlink_sendmsg+0x3cf/0x6b0
[  251.355968][T20189]  ? __pfx_netlink_sendmsg+0x10/0x10
[  251.355980][T20189]  __sock_sendmsg+0x145/0x180
[  251.355994][T20189]  __sys_sendto+0x268/0x330
[  251.356158][T20189]  __x64_sys_sendto+0x76/0x90
[  251.356177][T20189]  x64_sys_call+0x2d14/0x3000
[  251.356189][T20189]  do_syscall_64+0xd2/0x200
[  251.356201][T20189]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  251.356262][T20189]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  251.356322][T20189]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.356359][T20189] RIP: 0033:0x7f112688f6c9
[  251.356376][T20189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.356387][T20189] RSP: 002b:00007f11252ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  251.356398][T20189] RAX: ffffffffffffffda RBX: 00007f1126ae5fa0 RCX: 00007f112688f6c9
[  251.356405][T20189] RDX: 0000000000000090 RSI: 00002000000000c0 RDI: 0000000000000005
[  251.356467][T20189] RBP: 00007f11252ef090 R08: 0000000000000000 R09: 0000000000000000
[  251.356479][T20189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  251.356492][T20189] R13: 00007f1126ae6038 R14: 00007f1126ae5fa0 R15: 00007fffcc2d9b68
[  251.356514][T20189]  </TASK>
[  251.572320][T20192] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3988'.
[  251.581365][T20192] xt_time: unknown flags 0xf4
[  251.587960][T20192] loop2: detected capacity change from 0 to 512
[  251.624584][T20197] FAULT_INJECTION: forcing a failure.
[  251.624584][T20197] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  251.637803][T20197] CPU: 1 UID: 0 PID: 20197 Comm: syz.2.3989 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  251.637906][T20197] Tainted: [W]=WARN
[  251.637912][T20197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  251.637919][T20197] Call Trace:
[  251.637923][T20197]  <TASK>
[  251.637929][T20197]  __dump_stack+0x1d/0x30
[  251.637944][T20197]  dump_stack_lvl+0xe8/0x140
[  251.637956][T20197]  dump_stack+0x15/0x1b
[  251.638042][T20197]  should_fail_ex+0x265/0x280
[  251.638066][T20197]  should_fail+0xb/0x20
[  251.638089][T20197]  should_fail_usercopy+0x1a/0x20
[  251.638109][T20197]  strncpy_from_user+0x25/0x230
[  251.638149][T20197]  strncpy_from_bpfptr+0x43/0x50
[  251.638166][T20197]  bpf_prog_load+0x883/0x1100
[  251.638182][T20197]  ? security_bpf+0x2b/0x90
[  251.638235][T20197]  __sys_bpf+0x469/0x7c0
[  251.638254][T20197]  __x64_sys_bpf+0x41/0x50
[  251.638271][T20197]  x64_sys_call+0x2aee/0x3000
[  251.638284][T20197]  do_syscall_64+0xd2/0x200
[  251.638314][T20197]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  251.638333][T20197]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.638346][T20197] RIP: 0033:0x7f112688f6c9
[  251.638355][T20197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.638398][T20197] RSP: 002b:00007f11252ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  251.638488][T20197] RAX: ffffffffffffffda RBX: 00007f1126ae5fa0 RCX: 00007f112688f6c9
[  251.638495][T20197] RDX: 0000000000000094 RSI: 0000200000000500 RDI: 0000000000000005
[  251.638502][T20197] RBP: 00007f11252ef090 R08: 0000000000000000 R09: 0000000000000000
[  251.638509][T20197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  251.638516][T20197] R13: 00007f1126ae6038 R14: 00007f1126ae5fa0 R15: 00007fffcc2d9b68
[  251.638528][T20197]  </TASK>
[  252.448454][T20228] loop1: detected capacity change from 0 to 164
[  252.463096][T20228] Unable to read rock-ridge attributes
[  252.475501][T20228] Unable to read rock-ridge attributes
[  252.475870][T20208] syz.3.3992 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  252.488331][T20228] rock: directory entry would overflow storage
[  252.495071][T20208] CPU: 1 UID: 0 PID: 20208 Comm: syz.3.3992 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  252.495101][T20208] Tainted: [W]=WARN
[  252.495109][T20208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  252.495119][T20208] Call Trace:
[  252.495126][T20208]  <TASK>
[  252.495134][T20208]  __dump_stack+0x1d/0x30
[  252.495158][T20208]  dump_stack_lvl+0xe8/0x140
[  252.495187][T20208]  dump_stack+0x15/0x1b
[  252.495206][T20208]  dump_header+0x81/0x220
[  252.495224][T20208]  oom_kill_process+0x342/0x400
[  252.495260][T20208]  out_of_memory+0x979/0xb80
[  252.495298][T20208]  try_charge_memcg+0x610/0xa10
[  252.495334][T20208]  obj_cgroup_charge_pages+0xa6/0x150
[  252.495355][T20208]  __memcg_kmem_charge_page+0x9f/0x170
[  252.495378][T20208]  __alloc_frozen_pages_noprof+0x188/0x360
[  252.495414][T20208]  alloc_pages_mpol+0xb3/0x260
[  252.495469][T20208]  alloc_pages_noprof+0x90/0x130
[  252.495536][T20208]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  252.495576][T20208]  __kvmalloc_node_noprof+0x483/0x670
[  252.495618][T20208]  ? ip_set_alloc+0x24/0x30
[  252.495705][T20208]  ? ip_set_alloc+0x24/0x30
[  252.495733][T20208]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  252.495762][T20208]  ip_set_alloc+0x24/0x30
[  252.495830][T20208]  hash_netiface_create+0x282/0x740
[  252.495869][T20208]  ? __pfx_hash_netiface_create+0x10/0x10
[  252.495938][T20208]  ip_set_create+0x3cc/0x970
[  252.495965][T20208]  ? __nla_parse+0x40/0x60
[  252.495987][T20208]  nfnetlink_rcv_msg+0x4c6/0x590
[  252.496140][T20208]  netlink_rcv_skb+0x123/0x220
[  252.496182][T20208]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  252.496214][T20208]  nfnetlink_rcv+0x167/0x16c0
[  252.496313][T20208]  ? kmem_cache_free+0xe4/0x3d0
[  252.496552][T20208]  ? __kfree_skb+0x109/0x150
[  252.496616][T20208]  ? nlmon_xmit+0x4f/0x60
[  252.496687][T20208]  ? consume_skb+0x49/0x150
[  252.496714][T20208]  ? nlmon_xmit+0x4f/0x60
[  252.496737][T20208]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  252.496769][T20208]  ? __dev_queue_xmit+0x1200/0x2000
[  252.496865][T20208]  ? __dev_queue_xmit+0x182/0x2000
[  252.496885][T20208]  ? ref_tracker_free+0x37d/0x3e0
[  252.496932][T20208]  ? __netlink_deliver_tap+0x4dc/0x500
[  252.496966][T20208]  netlink_unicast+0x5c0/0x690
[  252.497039][T20208]  netlink_sendmsg+0x58b/0x6b0
[  252.497059][T20208]  ? __pfx_netlink_sendmsg+0x10/0x10
[  252.497079][T20208]  __sock_sendmsg+0x145/0x180
[  252.497127][T20208]  ____sys_sendmsg+0x31e/0x4e0
[  252.497187][T20208]  ___sys_sendmsg+0x17b/0x1d0
[  252.497216][T20208]  __x64_sys_sendmsg+0xd4/0x160
[  252.497239][T20208]  x64_sys_call+0x191e/0x3000
[  252.497260][T20208]  do_syscall_64+0xd2/0x200
[  252.497289][T20208]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  252.497371][T20208]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  252.497482][T20208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.497503][T20208] RIP: 0033:0x7fba92b3f6c9
[  252.497518][T20208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  252.497598][T20208] RSP: 002b:00007fba9155d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  252.497616][T20208] RAX: ffffffffffffffda RBX: 00007fba92d96180 RCX: 00007fba92b3f6c9
[  252.497629][T20208] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[  252.497642][T20208] RBP: 00007fba92bc1f91 R08: 0000000000000000 R09: 0000000000000000
[  252.497655][T20208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  252.497666][T20208] R13: 00007fba92d96218 R14: 00007fba92d96180 R15: 00007fff37d12678
[  252.497745][T20208]  </TASK>
[  252.497752][T20208] memory: usage 307200kB, limit 307200kB, failcnt 859
[  252.501273][T20228] rock: sig=0x4f50, size=4, remaining=3
[  252.512644][T20208] memory+swap: usage 307332kB, limit 9007199254740988kB, failcnt 0
[  252.512663][T20208] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[  252.516452][T20228] iso9660: Corrupted directory entry in block 4 of inode 1792
[  252.526592][T20208] Memory cgroup stats for /syz3:
[  252.531330][T20208] cache 0
[  252.568564][T20229] Unable to read rock-ridge attributes
[  252.569827][T20208] rss 0
[  252.569836][T20208] shmem 0
[  252.569843][T20208] mapped_file 0
[  252.902581][T20208] dirty 0
[  252.905567][T20208] writeback 4096
[  252.909114][T20208] workingset_refault_anon 296
[  252.913794][T20208] workingset_refault_file 2372
[  252.918537][T20208] swap 135168
[  252.921891][T20208] swapcached 8192
[  252.925494][T20208] pgpgin 289820
[  252.928924][T20208] pgpgout 289818
[  252.932512][T20208] pgfault 423885
[  252.936029][T20208] pgmajfault 501
[  252.939547][T20208] inactive_anon 8192
[  252.943475][T20208] active_anon 0
[  252.946925][T20208] inactive_file 0
[  252.950553][T20208] active_file 0
[  252.954036][T20208] unevictable 0
[  252.957464][T20208] hierarchical_memory_limit 314572800
[  252.962897][T20208] hierarchical_memsw_limit 9223372036854771712
[  252.969043][T20208] total_cache 0
[  252.972500][T20208] total_rss 0
[  252.975839][T20208] total_shmem 0
[  252.979269][T20208] total_mapped_file 0
[  252.983244][T20208] total_dirty 0
[  252.986680][T20208] total_writeback 4096
[  252.990761][T20208] total_workingset_refault_anon 296
[  252.995942][T20208] total_workingset_refault_file 2372
[  253.001306][T20208] total_swap 135168
[  253.005091][T20208] total_swapcached 8192
[  253.009221][T20208] total_pgpgin 289820
[  253.013230][T20208] total_pgpgout 289818
[  253.017276][T20208] total_pgfault 423885
[  253.021381][T20208] total_pgmajfault 501
[  253.025418][T20208] total_inactive_anon 8192
[  253.029802][T20208] total_active_anon 0
[  253.033873][T20208] total_inactive_file 0
[  253.037998][T20208] total_active_file 0
[  253.041979][T20208] total_unevictable 0
[  253.045930][T20208] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.3992,pid=20204,uid=0
[  253.060640][T20208] Memory cgroup out of memory: Killed process 20204 (syz.3.3992) total-vm:225416kB, anon-rss:1136kB, file-rss:21668kB, shmem-rss:0kB, UID:0 pgtables:112kB oom_score_adj:1000
[  253.091747][T20231] netlink: 256 bytes leftover after parsing attributes in process `syz.1.4000'.
[  253.127760][   T29] kauditd_printk_skb: 398 callbacks suppressed
[  253.127775][   T29] audit: type=1326 audit(1763400683.736:12276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20234 comm="syz.1.4001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  253.193282][   T29] audit: type=1326 audit(1763400683.736:12277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20234 comm="syz.1.4001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  253.216893][   T29] audit: type=1326 audit(1763400683.736:12278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20234 comm="syz.1.4001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  253.240520][   T29] audit: type=1326 audit(1763400683.736:12279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20234 comm="syz.1.4001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  253.264036][   T29] audit: type=1326 audit(1763400683.736:12280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20234 comm="syz.1.4001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  253.287646][   T29] audit: type=1326 audit(1763400683.736:12281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20234 comm="syz.1.4001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  253.311204][   T29] audit: type=1326 audit(1763400683.736:12282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20234 comm="syz.1.4001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  253.334882][   T29] audit: type=1326 audit(1763400683.736:12283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20234 comm="syz.1.4001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  253.358353][   T29] audit: type=1326 audit(1763400683.736:12284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20234 comm="syz.1.4001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  253.382042][   T29] audit: type=1326 audit(1763400683.736:12285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20234 comm="syz.1.4001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  253.384025][T20240] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4003'.
[  253.428527][T20243] netlink: 'syz.2.4004': attribute type 1 has an invalid length.
[  253.666530][T20264] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  253.674387][T20264] tipc: Disabling bearer <eth:syzkaller0>
[  253.694335][T20268] FAULT_INJECTION: forcing a failure.
[  253.694335][T20268] name failslab, interval 1, probability 0, space 0, times 0
[  253.707191][T20268] CPU: 0 UID: 0 PID: 20268 Comm: syz.2.4014 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  253.707221][T20268] Tainted: [W]=WARN
[  253.707225][T20268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  253.707232][T20268] Call Trace:
[  253.707236][T20268]  <TASK>
[  253.707241][T20268]  __dump_stack+0x1d/0x30
[  253.707266][T20268]  dump_stack_lvl+0xe8/0x140
[  253.707278][T20268]  dump_stack+0x15/0x1b
[  253.707288][T20268]  should_fail_ex+0x265/0x280
[  253.707356][T20268]  ? __se_sys_mount+0xef/0x2e0
[  253.707370][T20268]  should_failslab+0x8c/0xb0
[  253.707386][T20268]  __kmalloc_cache_noprof+0x4c/0x4a0
[  253.707412][T20268]  ? memdup_user+0x99/0xd0
[  253.707487][T20268]  __se_sys_mount+0xef/0x2e0
[  253.707500][T20268]  ? fput+0x8f/0xc0
[  253.707510][T20268]  ? ksys_write+0x192/0x1a0
[  253.707524][T20268]  __x64_sys_mount+0x67/0x80
[  253.707567][T20268]  x64_sys_call+0x2b51/0x3000
[  253.707580][T20268]  do_syscall_64+0xd2/0x200
[  253.707592][T20268]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  253.707612][T20268]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  253.707699][T20268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.707869][T20268] RIP: 0033:0x7f112688f6c9
[  253.707879][T20268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.707965][T20268] RSP: 002b:00007f11252ef038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  253.707977][T20268] RAX: ffffffffffffffda RBX: 00007f1126ae5fa0 RCX: 00007f112688f6c9
[  253.707984][T20268] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 0000000000000000
[  253.707991][T20268] RBP: 00007f11252ef090 R08: 00002000000004c0 R09: 0000000000000000
[  253.707998][T20268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  253.708005][T20268] R13: 00007f1126ae6038 R14: 00007f1126ae5fa0 R15: 00007fffcc2d9b68
[  253.708065][T20268]  </TASK>
[  253.936740][T20277] netlink: 'syz.5.4017': attribute type 1 has an invalid length.
[  254.229232][T20297] loop3: detected capacity change from 0 to 512
[  254.261435][T20297] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.4025: inode has both inline data and extents flags
[  254.307744][T20297] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.4025: couldn't read orphan inode 15 (err -117)
[  254.335686][T20297] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  254.475719][T20308] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  254.483680][T20308] tipc: Disabling bearer <eth:syzkaller0>
[  254.491212][T20310] netlink: 'syz.1.4030': attribute type 1 has an invalid length.
[  254.662107][T20329] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4034'.
[  254.799996][T17844] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.928212][T20348] SELinux:  Context system_u:object_r:netutils_exec_t:s0 is not valid (left unmapped).
[  254.964738][T20339] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4039'.
[  255.017735][T20359] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  255.025780][T20359] tipc: Disabling bearer <eth:syzkaller0>
[  255.033052][T20361] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  255.041070][T20361] tipc: Disabling bearer <eth:syzkaller0>
[  255.110193][T20366] FAULT_INJECTION: forcing a failure.
[  255.110193][T20366] name failslab, interval 1, probability 0, space 0, times 0
[  255.122860][T20366] CPU: 1 UID: 0 PID: 20366 Comm: syz.1.4048 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  255.122971][T20366] Tainted: [W]=WARN
[  255.122978][T20366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  255.122993][T20366] Call Trace:
[  255.123000][T20366]  <TASK>
[  255.123008][T20366]  __dump_stack+0x1d/0x30
[  255.123029][T20366]  dump_stack_lvl+0xe8/0x140
[  255.123055][T20366]  dump_stack+0x15/0x1b
[  255.123071][T20366]  should_fail_ex+0x265/0x280
[  255.123112][T20366]  ? tcf_action_init_1+0x11e/0x4a0
[  255.123133][T20366]  should_failslab+0x8c/0xb0
[  255.123158][T20366]  __kmalloc_cache_noprof+0x4c/0x4a0
[  255.123301][T20366]  tcf_action_init_1+0x11e/0x4a0
[  255.123330][T20366]  tcf_action_init+0x267/0x6d0
[  255.123397][T20366]  tc_ctl_action+0x291/0x830
[  255.123479][T20366]  ? __pfx_tc_ctl_action+0x10/0x10
[  255.123501][T20366]  rtnetlink_rcv_msg+0x65a/0x6d0
[  255.123562][T20366]  ? avc_has_perm_noaudit+0x1b1/0x200
[  255.123581][T20366]  netlink_rcv_skb+0x123/0x220
[  255.123671][T20366]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  255.123696][T20366]  rtnetlink_rcv+0x1c/0x30
[  255.123786][T20366]  netlink_unicast+0x5c0/0x690
[  255.123859][T20366]  netlink_sendmsg+0x58b/0x6b0
[  255.123896][T20366]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.123922][T20366]  __sock_sendmsg+0x145/0x180
[  255.123947][T20366]  ____sys_sendmsg+0x31e/0x4e0
[  255.123970][T20366]  ___sys_sendmsg+0x17b/0x1d0
[  255.124002][T20366]  __x64_sys_sendmsg+0xd4/0x160
[  255.124022][T20366]  x64_sys_call+0x191e/0x3000
[  255.124086][T20366]  do_syscall_64+0xd2/0x200
[  255.124106][T20366]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  255.124130][T20366]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  255.124191][T20366]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.124307][T20366] RIP: 0033:0x7f4e972cf6c9
[  255.124323][T20366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.124343][T20366] RSP: 002b:00007f4e95d2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  255.124364][T20366] RAX: ffffffffffffffda RBX: 00007f4e97525fa0 RCX: 00007f4e972cf6c9
[  255.124378][T20366] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  255.124392][T20366] RBP: 00007f4e95d2f090 R08: 0000000000000000 R09: 0000000000000000
[  255.124423][T20366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  255.124436][T20366] R13: 00007f4e97526038 R14: 00007f4e97525fa0 R15: 00007ffe9a928ea8
[  255.124456][T20366]  </TASK>
[  255.591891][T20388] netlink: 'syz.2.4058': attribute type 11 has an invalid length.
[  255.627987][T20387] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4057'.
[  255.664809][T20397] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4058'.
[  255.674715][T20388] wg1 speed is unknown, defaulting to 1000
[  255.680923][T20388] ip6_vti0 speed is unknown, defaulting to 1000
[  255.740750][T20400] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  255.747551][T20402] loop5: detected capacity change from 0 to 1024
[  255.755376][T20402] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  255.767721][T20400] tipc: Disabling bearer <eth:syzkaller0>
[  255.776776][T20402] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #3: block 1: comm syz.5.4062: lblock 1 mapped to illegal pblock 1 (length 1)
[  255.791176][T20402] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.4062: Failed to acquire dquot type 0
[  255.802899][T20402] EXT4-fs error (device loop5): ext4_free_blocks:6706: comm syz.5.4062: Freeing blocks not in datazone - block = 0, count = 4096
[  255.817443][T20402] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.4062: Invalid inode bitmap blk 0 in block_group 0
[  255.830430][ T5494] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:58: lblock 1 mapped to illegal pblock 1 (length 1)
[  255.851194][T20402] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  255.865018][T20402] EXT4-fs (loop5): 1 orphan inode deleted
[  255.873632][T20402] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  255.904159][ T5494] EXT4-fs error (device loop5): ext4_release_dquot:6981: comm kworker/u8:58: Failed to release dquot type 0
[  255.943520][T20411] program syz.5.4062 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  255.954175][T20412] netlink: 'syz.1.4065': attribute type 1 has an invalid length.
[  256.583359][T17442] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.607528][T20446] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4077'.
[  256.692481][T20449] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4076'.
[  256.930523][T20461] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4080'.
[  257.472818][T20459] netlink: 'syz.5.4079': attribute type 1 has an invalid length.
[  257.500768][T20490] loop3: detected capacity change from 0 to 512
[  257.507598][T20490] EXT4-fs: Ignoring removed oldalloc option
[  257.513593][T20490] EXT4-fs: Ignoring removed nobh option
[  257.524464][T20490] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.4087: inode has both inline data and extents flags
[  257.539719][T20490] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.4087: couldn't read orphan inode 15 (err -117)
[  257.551958][T20496] loop2: detected capacity change from 0 to 256
[  257.552436][T20490] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.574545][T20490] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #2: block 13: comm syz.3.4087: lblock 0 mapped to illegal pblock 13 (length 1)
[  257.585861][T20496] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  257.609329][T17844] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.778513][T20524] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  257.786503][T20524] tipc: Disabling bearer <eth:syzkaller0>
[  257.992991][T20537] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  258.001317][T20537] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  258.141785][T20540] FAULT_INJECTION: forcing a failure.
[  258.141785][T20540] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  258.156465][T20540] CPU: 0 UID: 0 PID: 20540 Comm: syz.1.4106 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  258.156498][T20540] Tainted: [W]=WARN
[  258.156505][T20540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  258.156517][T20540] Call Trace:
[  258.156524][T20540]  <TASK>
[  258.156531][T20540]  __dump_stack+0x1d/0x30
[  258.156615][T20540]  dump_stack_lvl+0xe8/0x140
[  258.156632][T20540]  dump_stack+0x15/0x1b
[  258.156651][T20540]  should_fail_ex+0x265/0x280
[  258.156685][T20540]  should_fail+0xb/0x20
[  258.156732][T20540]  should_fail_usercopy+0x1a/0x20
[  258.156750][T20540]  _copy_to_user+0x20/0xa0
[  258.156772][T20540]  simple_read_from_buffer+0xb5/0x130
[  258.156806][T20540]  proc_fail_nth_read+0x10e/0x150
[  258.156866][T20540]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  258.156895][T20540]  vfs_read+0x1a8/0x770
[  258.156988][T20540]  ? __rcu_read_unlock+0x4f/0x70
[  258.157014][T20540]  ? __fget_files+0x184/0x1c0
[  258.157042][T20540]  ksys_read+0xda/0x1a0
[  258.157126][T20540]  __x64_sys_read+0x40/0x50
[  258.157151][T20540]  x64_sys_call+0x27c0/0x3000
[  258.157238][T20540]  do_syscall_64+0xd2/0x200
[  258.157263][T20540]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  258.157339][T20540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.157361][T20540] RIP: 0033:0x7f4e972ce0dc
[  258.157377][T20540] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  258.157395][T20540] RSP: 002b:00007f4e95d2f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  258.157428][T20540] RAX: ffffffffffffffda RBX: 00007f4e97525fa0 RCX: 00007f4e972ce0dc
[  258.157442][T20540] RDX: 000000000000000f RSI: 00007f4e95d2f0a0 RDI: 0000000000000009
[  258.157453][T20540] RBP: 00007f4e95d2f090 R08: 0000000000000000 R09: 0000000000000000
[  258.157464][T20540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  258.157511][T20540] R13: 00007f4e97526038 R14: 00007f4e97525fa0 R15: 00007ffe9a928ea8
[  258.157530][T20540]  </TASK>
[  258.407310][   T29] kauditd_printk_skb: 260 callbacks suppressed
[  258.407325][   T29] audit: type=1326 audit(1763400689.016:12543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20543 comm="syz.1.4107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  258.415272][T20545] loop1: detected capacity change from 0 to 2048
[  258.437082][   T29] audit: type=1326 audit(1763400689.016:12544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20543 comm="syz.1.4107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  258.437109][   T29] audit: type=1326 audit(1763400689.016:12545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20543 comm="syz.1.4107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  258.437169][   T29] audit: type=1326 audit(1763400689.016:12546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20543 comm="syz.1.4107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  258.446297][T20542] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4105'.
[  258.467161][   T29] audit: type=1326 audit(1763400689.016:12547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20543 comm="syz.1.4107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  258.490687][T20542] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4105'.
[  258.514223][   T29] audit: type=1326 audit(1763400689.016:12548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20543 comm="syz.1.4107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  258.514250][   T29] audit: type=1326 audit(1763400689.016:12549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20543 comm="syz.1.4107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  258.514297][   T29] audit: type=1326 audit(1763400689.016:12550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20543 comm="syz.1.4107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f4e972cf6c9 code=0x7ffc0000
[  258.514322][   T29] audit: type=1326 audit(1763400689.016:12551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20543 comm="syz.1.4107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4e972cf703 code=0x7ffc0000
[  258.561923][   T29] audit: type=1326 audit(1763400689.016:12552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20543 comm="syz.1.4107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f4e972ce17f code=0x7ffc0000
[  258.680477][T20546] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4105'.
[  258.689526][T20546] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4105'.
[  258.839610][T20545] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.035829][T20568] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4115'.
[  259.044828][T20568] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4115'.
[  259.052110][T20560] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4112'.
[  259.071196][T20568] FAULT_INJECTION: forcing a failure.
[  259.071196][T20568] name failslab, interval 1, probability 0, space 0, times 0
[  259.084031][T20568] CPU: 0 UID: 0 PID: 20568 Comm: syz.3.4115 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  259.084109][T20568] Tainted: [W]=WARN
[  259.084116][T20568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  259.084129][T20568] Call Trace:
[  259.084136][T20568]  <TASK>
[  259.084170][T20568]  __dump_stack+0x1d/0x30
[  259.084194][T20568]  dump_stack_lvl+0xe8/0x140
[  259.084216][T20568]  dump_stack+0x15/0x1b
[  259.084235][T20568]  should_fail_ex+0x265/0x280
[  259.084345][T20568]  should_failslab+0x8c/0xb0
[  259.084394][T20568]  kmem_cache_alloc_noprof+0x50/0x480
[  259.084488][T20568]  ? skb_clone+0x151/0x1f0
[  259.084510][T20568]  skb_clone+0x151/0x1f0
[  259.084526][T20568]  __netlink_deliver_tap+0x2c9/0x500
[  259.084643][T20568]  netlink_unicast+0x66b/0x690
[  259.084669][T20568]  netlink_sendmsg+0x58b/0x6b0
[  259.084689][T20568]  ? __pfx_netlink_sendmsg+0x10/0x10
[  259.084706][T20568]  __sock_sendmsg+0x145/0x180
[  259.084742][T20568]  ____sys_sendmsg+0x345/0x4e0
[  259.084765][T20568]  ___sys_sendmsg+0x17b/0x1d0
[  259.084808][T20568]  __sys_sendmmsg+0x178/0x300
[  259.084834][T20568]  __x64_sys_sendmmsg+0x57/0x70
[  259.084855][T20568]  x64_sys_call+0x1c4a/0x3000
[  259.084886][T20568]  do_syscall_64+0xd2/0x200
[  259.084906][T20568]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  259.084973][T20568]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  259.085000][T20568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.085019][T20568] RIP: 0033:0x7fba92b3f6c9
[  259.085106][T20568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.085123][T20568] RSP: 002b:00007fba9159f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  259.085144][T20568] RAX: ffffffffffffffda RBX: 00007fba92d95fa0 RCX: 00007fba92b3f6c9
[  259.085158][T20568] RDX: 04000000000001f2 RSI: 0000200000000000 RDI: 0000000000000008
[  259.085172][T20568] RBP: 00007fba9159f090 R08: 0000000000000000 R09: 0000000000000000
[  259.085185][T20568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.085198][T20568] R13: 00007fba92d96038 R14: 00007fba92d95fa0 R15: 00007fff37d12678
[  259.085269][T20568]  </TASK>
[  259.124106][T20571] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  259.130804][T20568] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4115'.
[  259.318522][T20568] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4115'.
[  259.364542][T20573] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  259.372812][T20573] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  259.390485][T17794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.439142][T20576] loop5: detected capacity change from 0 to 2048
[  259.452357][T20576] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.659791][T20588] loop3: detected capacity change from 0 to 512
[  259.802489][T20588] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.4122: corrupted in-inode xattr: invalid ea_ino
[  259.896127][T20588] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.4122: couldn't read orphan inode 15 (err -117)
[  259.917683][T20595] FAULT_INJECTION: forcing a failure.
[  259.917683][T20595] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  259.930915][T20595] CPU: 1 UID: 0 PID: 20595 Comm: syz.1.4125 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  259.930952][T20595] Tainted: [W]=WARN
[  259.930960][T20595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  259.930973][T20595] Call Trace:
[  259.930980][T20595]  <TASK>
[  259.931034][T20595]  __dump_stack+0x1d/0x30
[  259.931058][T20595]  dump_stack_lvl+0xe8/0x140
[  259.931138][T20595]  dump_stack+0x15/0x1b
[  259.931158][T20595]  should_fail_ex+0x265/0x280
[  259.931219][T20595]  should_fail+0xb/0x20
[  259.931244][T20595]  should_fail_usercopy+0x1a/0x20
[  259.931262][T20595]  _copy_from_user+0x1c/0xb0
[  259.931283][T20595]  kstrtouint_from_user+0x69/0xf0
[  259.931360][T20595]  ? 0xffffffff81000000
[  259.931371][T20595]  ? selinux_file_permission+0x1e4/0x320
[  259.931442][T20595]  proc_fail_nth_write+0x50/0x160
[  259.931475][T20595]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  259.931575][T20595]  vfs_write+0x269/0x960
[  259.931595][T20595]  ? vfs_read+0x4e6/0x770
[  259.931614][T20595]  ? __rcu_read_unlock+0x4f/0x70
[  259.931735][T20595]  ? __fget_files+0x184/0x1c0
[  259.931843][T20595]  ksys_write+0xda/0x1a0
[  259.931927][T20595]  __x64_sys_write+0x40/0x50
[  259.931949][T20595]  x64_sys_call+0x2802/0x3000
[  259.931973][T20595]  do_syscall_64+0xd2/0x200
[  259.931991][T20595]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  259.932067][T20595]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  259.932137][T20595]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.932156][T20595] RIP: 0033:0x7f4e972ce17f
[  259.932169][T20595] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  259.932184][T20595] RSP: 002b:00007f4e95d2f030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  259.932205][T20595] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4e972ce17f
[  259.932285][T20595] RDX: 0000000000000001 RSI: 00007f4e95d2f0a0 RDI: 0000000000000005
[  259.932296][T20595] RBP: 00007f4e95d2f090 R08: 0000000000000000 R09: 0000000000000000
[  259.932310][T20595] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  259.932324][T20595] R13: 00007f4e97526038 R14: 00007f4e97525fa0 R15: 00007ffe9a928ea8
[  259.932391][T20595]  </TASK>
[  259.933211][T15569] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  259.970616][T20588] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.990974][T15569] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  260.187994][T17442] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.199286][T20599] FAULT_INJECTION: forcing a failure.
[  260.199286][T20599] name failslab, interval 1, probability 0, space 0, times 0
[  260.212182][T20599] CPU: 0 UID: 0 PID: 20599 Comm: syz.1.4127 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  260.212211][T20599] Tainted: [W]=WARN
[  260.212217][T20599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  260.212228][T20599] Call Trace:
[  260.212233][T20599]  <TASK>
[  260.212292][T20599]  __dump_stack+0x1d/0x30
[  260.212387][T20599]  dump_stack_lvl+0xe8/0x140
[  260.212424][T20599]  dump_stack+0x15/0x1b
[  260.212493][T20599]  should_fail_ex+0x265/0x280
[  260.212527][T20599]  ? tcf_action_init_1+0x11e/0x4a0
[  260.212554][T20599]  should_failslab+0x8c/0xb0
[  260.212626][T20599]  __kmalloc_cache_noprof+0x4c/0x4a0
[  260.212660][T20599]  tcf_action_init_1+0x11e/0x4a0
[  260.212762][T20599]  tcf_action_init+0x267/0x6d0
[  260.212801][T20599]  tc_ctl_action+0x291/0x830
[  260.212839][T20599]  ? __pfx_tc_ctl_action+0x10/0x10
[  260.212864][T20599]  rtnetlink_rcv_msg+0x65a/0x6d0
[  260.212964][T20599]  ? avc_has_perm_noaudit+0x1b1/0x200
[  260.212988][T20599]  netlink_rcv_skb+0x123/0x220
[  260.213050][T20599]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  260.213116][T20599]  rtnetlink_rcv+0x1c/0x30
[  260.213134][T20599]  netlink_unicast+0x5c0/0x690
[  260.213161][T20599]  netlink_sendmsg+0x58b/0x6b0
[  260.213229][T20599]  ? __pfx_netlink_sendmsg+0x10/0x10
[  260.213246][T20599]  __sock_sendmsg+0x145/0x180
[  260.213268][T20599]  ____sys_sendmsg+0x31e/0x4e0
[  260.213294][T20599]  ___sys_sendmsg+0x17b/0x1d0
[  260.213327][T20599]  __x64_sys_sendmsg+0xd4/0x160
[  260.213377][T20599]  x64_sys_call+0x191e/0x3000
[  260.213401][T20599]  do_syscall_64+0xd2/0x200
[  260.213469][T20599]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  260.213493][T20599]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  260.213524][T20599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.213547][T20599] RIP: 0033:0x7f4e972cf6c9
[  260.213571][T20599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.213590][T20599] RSP: 002b:00007f4e95d2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  260.213607][T20599] RAX: ffffffffffffffda RBX: 00007f4e97525fa0 RCX: 00007f4e972cf6c9
[  260.213619][T20599] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  260.213630][T20599] RBP: 00007f4e95d2f090 R08: 0000000000000000 R09: 0000000000000000
[  260.213642][T20599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  260.213683][T20599] R13: 00007f4e97526038 R14: 00007f4e97525fa0 R15: 00007ffe9a928ea8
[  260.213707][T20599]  </TASK>
[  260.490021][T17844] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.540405][T20608] netlink: 'syz.1.4131': attribute type 1 has an invalid length.
[  260.592824][T20604] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4128'.
[  260.816248][T20622] loop3: detected capacity change from 0 to 512
[  260.850408][T20622] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.4136: inode has both inline data and extents flags
[  260.870133][T20622] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.4136: couldn't read orphan inode 15 (err -117)
[  260.887022][T20617] loop5: detected capacity change from 0 to 32768
[  260.891022][T20622] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  260.930514][T20617]  loop5: p1 p2 p3 < > p4 < p5 p6 >
[  260.935787][T20617] loop5: p1 start 460800 is beyond EOD, truncated
[  260.942222][T20617] loop5: p2 size 83886080 extends beyond EOD, truncated
[  260.962428][T20617] loop5: p5 start 460800 is beyond EOD, truncated
[  260.968932][T20617] loop5: p6 size 83886080 extends beyond EOD, truncated
[  261.074961][T20626] netlink: 'syz.0.4138': attribute type 1 has an invalid length.
[  261.215628][T20638] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[  261.267119][T20645] loop1: detected capacity change from 0 to 512
[  261.304608][T20647] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  261.312893][T20647] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  261.321963][T20645] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.4142: couldn't read orphan inode 26 (err -116)
[  261.354620][T17844] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.365937][T20645] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.378081][T20651] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  261.407266][T20645] ext4 filesystem being mounted at /183/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  261.426868][T20656] 9pnet_fd: Insufficient options for proto=fd
[  261.621519][T20668] FAULT_INJECTION: forcing a failure.
[  261.621519][T20668] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  261.634618][T20668] CPU: 0 UID: 0 PID: 20668 Comm: syz.5.4151 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  261.634802][T20668] Tainted: [W]=WARN
[  261.634809][T20668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  261.634823][T20668] Call Trace:
[  261.634830][T20668]  <TASK>
[  261.634837][T20668]  __dump_stack+0x1d/0x30
[  261.634932][T20668]  dump_stack_lvl+0xe8/0x140
[  261.634952][T20668]  dump_stack+0x15/0x1b
[  261.634968][T20668]  should_fail_ex+0x265/0x280
[  261.634996][T20668]  should_fail+0xb/0x20
[  261.635076][T20668]  should_fail_usercopy+0x1a/0x20
[  261.635095][T20668]  _copy_from_user+0x1c/0xb0
[  261.635137][T20668]  perf_copy_attr+0x145/0x610
[  261.635162][T20668]  __se_sys_perf_event_open+0x67/0x11c0
[  261.635190][T20668]  ? vfs_write+0x7e8/0x960
[  261.635218][T20668]  ? __rcu_read_unlock+0x4f/0x70
[  261.635282][T20668]  __x64_sys_perf_event_open+0x67/0x80
[  261.635344][T20668]  x64_sys_call+0x7bd/0x3000
[  261.635368][T20668]  do_syscall_64+0xd2/0x200
[  261.635390][T20668]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  261.635413][T20668]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  261.635548][T20668]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.635568][T20668] RIP: 0033:0x7f903e10f6c9
[  261.635581][T20668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.635672][T20668] RSP: 002b:00007f903cb6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  261.635694][T20668] RAX: ffffffffffffffda RBX: 00007f903e365fa0 RCX: 00007f903e10f6c9
[  261.635747][T20668] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  261.635815][T20668] RBP: 00007f903cb6f090 R08: 000000000000000d R09: 0000000000000000
[  261.635826][T20668] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  261.635837][T20668] R13: 00007f903e366038 R14: 00007f903e365fa0 R15: 00007ffcb47da7a8
[  261.635907][T20668]  </TASK>
[  261.859207][T20675] loop2: detected capacity change from 0 to 256
[  261.867644][T20675] FAT-fs (loop2): Directory bread(block 1285) failed
[  261.881088][T20679] 9pnet_fd: Insufficient options for proto=fd
[  261.922702][T20683] loop2: detected capacity change from 0 to 512
[  261.943401][T20683] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4157: bg 0: block 248: padding at end of block bitmap is not set
[  261.960166][T20683] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.4157: Failed to acquire dquot type 1
[  261.974406][T20683] EXT4-fs (loop2): 1 truncate cleaned up
[  261.980803][T20683] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.993631][T20683] ext4 filesystem being mounted at /226/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  262.056125][T17794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.281185][T20683] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.373039][T20706] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  262.924167][T20725] loop2: detected capacity change from 0 to 512
[  263.038616][T20734] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[  263.086777][T20740] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  263.095029][T20740] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  263.480427][T20752] loop2: detected capacity change from 0 to 512
[  263.504263][T20752] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.4178: inode has both inline data and extents flags
[  263.521719][T20752] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.4178: couldn't read orphan inode 15 (err -117)
[  263.558529][T20752] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.750442][T20758] 9pnet_fd: Insufficient options for proto=fd
[  264.667681][T20762] FAULT_INJECTION: forcing a failure.
[  264.667681][T20762] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.680870][T20762] CPU: 1 UID: 0 PID: 20762 Comm: syz.3.4182 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  264.680906][T20762] Tainted: [W]=WARN
[  264.680930][T20762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  264.680942][T20762] Call Trace:
[  264.680948][T20762]  <TASK>
[  264.680954][T20762]  __dump_stack+0x1d/0x30
[  264.681046][T20762]  dump_stack_lvl+0xe8/0x140
[  264.681080][T20762]  dump_stack+0x15/0x1b
[  264.681096][T20762]  should_fail_ex+0x265/0x280
[  264.681125][T20762]  should_fail+0xb/0x20
[  264.681157][T20762]  should_fail_usercopy+0x1a/0x20
[  264.681177][T20762]  _copy_from_user+0x1c/0xb0
[  264.681198][T20762]  ___sys_sendmsg+0xc1/0x1d0
[  264.681256][T20762]  __x64_sys_sendmsg+0xd4/0x160
[  264.681280][T20762]  x64_sys_call+0x191e/0x3000
[  264.681384][T20762]  do_syscall_64+0xd2/0x200
[  264.681407][T20762]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  264.681438][T20762]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  264.681472][T20762]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.681549][T20762] RIP: 0033:0x7fba92b3f6c9
[  264.681566][T20762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.681598][T20762] RSP: 002b:00007fba9159f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  264.681619][T20762] RAX: ffffffffffffffda RBX: 00007fba92d95fa0 RCX: 00007fba92b3f6c9
[  264.681631][T20762] RDX: 0000000000000000 RSI: 0000200000001200 RDI: 0000000000000003
[  264.681642][T20762] RBP: 00007fba9159f090 R08: 0000000000000000 R09: 0000000000000000
[  264.681654][T20762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.681666][T20762] R13: 00007fba92d96038 R14: 00007fba92d95fa0 R15: 00007fff37d12678
[  264.681686][T20762]  </TASK>
[  264.921923][T20764] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING
[  265.060145][   T29] kauditd_printk_skb: 354 callbacks suppressed
[  265.060160][   T29] audit: type=1400 audit(1763400695.666:12905): avc:  denied  { create } for  pid=20763 comm="syz.0.4181" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  265.086517][T17666] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.113568][   T29] audit: type=1400 audit(1763400695.716:12906): avc:  denied  { mount } for  pid=20765 comm="syz.0.4184" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  265.159732][   T29] audit: type=1400 audit(1763400695.766:12907): avc:  denied  { read } for  pid=20770 comm="syz.2.4183" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  265.182667][T20771] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  265.195736][   T29] audit: type=1400 audit(1763400695.806:12908): avc:  denied  { firmware_load } for  pid=20770 comm="syz.2.4183" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  265.435551][T20778] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  265.549534][   T29] audit: type=1400 audit(1763400696.156:12909): avc:  denied  { open } for  pid=20783 comm="syz.0.4190" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  265.569065][   T29] audit: type=1400 audit(1763400696.156:12910): avc:  denied  { perfmon } for  pid=20783 comm="syz.0.4190" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  265.590136][   T29] audit: type=1400 audit(1763400696.156:12911): avc:  denied  { kernel } for  pid=20783 comm="syz.0.4190" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  265.669780][   T29] audit: type=1400 audit(1763400696.206:12912): avc:  denied  { prog_load } for  pid=20787 comm="syz.3.4192" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  265.689072][   T29] audit: type=1400 audit(1763400696.206:12913): avc:  denied  { bpf } for  pid=20787 comm="syz.3.4192" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  265.709834][   T29] audit: type=1400 audit(1763400696.206:12914): avc:  denied  { prog_run } for  pid=20787 comm="syz.3.4192" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  265.874355][T20797] __nla_validate_parse: 6 callbacks suppressed
[  265.874370][T20797] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4194'.
[  265.897698][T20795] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  265.907195][T20795] tipc: Disabling bearer <eth:syzkaller0>
[  265.980719][T20802] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  265.999738][T20803] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  266.021850][T20803] tipc: Disabling bearer <eth:syzkaller0>
[  266.081008][T20811] netlink: 'syz.3.4199': attribute type 1 has an invalid length.
[  266.170421][T20813] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  266.188358][T20813] tipc: Disabling bearer <eth:syzkaller0>
[  266.209067][T20821] netdevsim netdevsim5: Direct firmware load for ./file0 failed with error -2
[  266.287506][T20829] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4204'.
[  266.351092][T20831] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[  266.359287][T20831] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[  266.814314][T20856] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4218'.
[  266.827340][T20865] FAULT_INJECTION: forcing a failure.
[  266.827340][T20865] name failslab, interval 1, probability 0, space 0, times 0
[  266.839974][T20865] CPU: 1 UID: 0 PID: 20865 Comm: syz.2.4220 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  266.840005][T20865] Tainted: [W]=WARN
[  266.840011][T20865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  266.840021][T20865] Call Trace:
[  266.840028][T20865]  <TASK>
[  266.840034][T20865]  __dump_stack+0x1d/0x30
[  266.840057][T20865]  dump_stack_lvl+0xe8/0x140
[  266.840157][T20865]  dump_stack+0x15/0x1b
[  266.840173][T20865]  should_fail_ex+0x265/0x280
[  266.840206][T20865]  should_failslab+0x8c/0xb0
[  266.840233][T20865]  kmem_cache_alloc_noprof+0x50/0x480
[  266.840346][T20865]  ? radix_tree_node_alloc+0x8a/0x1f0
[  266.840380][T20865]  radix_tree_node_alloc+0x8a/0x1f0
[  266.840432][T20865]  idr_get_free+0x1fa/0x550
[  266.840461][T20865]  idr_alloc_u32+0xca/0x180
[  266.840522][T20865]  tcf_idr_check_alloc+0x193/0x240
[  266.840547][T20865]  tcf_police_init+0x1ca/0xc70
[  266.840600][T20865]  tcf_action_init_1+0x36a/0x4a0
[  266.840632][T20865]  tcf_action_init+0x267/0x6d0
[  266.840671][T20865]  tc_ctl_action+0x291/0x830
[  266.840712][T20865]  ? __pfx_tc_ctl_action+0x10/0x10
[  266.840739][T20865]  rtnetlink_rcv_msg+0x65a/0x6d0
[  266.840831][T20865]  netlink_rcv_skb+0x123/0x220
[  266.840864][T20865]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  266.840891][T20865]  rtnetlink_rcv+0x1c/0x30
[  266.840976][T20865]  netlink_unicast+0x5c0/0x690
[  266.841124][T20865]  netlink_sendmsg+0x58b/0x6b0
[  266.841147][T20865]  ? __pfx_netlink_sendmsg+0x10/0x10
[  266.841169][T20865]  __sock_sendmsg+0x145/0x180
[  266.841195][T20865]  ____sys_sendmsg+0x31e/0x4e0
[  266.841215][T20865]  ___sys_sendmsg+0x17b/0x1d0
[  266.841313][T20865]  __x64_sys_sendmsg+0xd4/0x160
[  266.841333][T20865]  x64_sys_call+0x191e/0x3000
[  266.841353][T20865]  do_syscall_64+0xd2/0x200
[  266.841382][T20865]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  266.841411][T20865]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  266.841438][T20865]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.841456][T20865] RIP: 0033:0x7f112688f6c9
[  266.841474][T20865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.841490][T20865] RSP: 002b:00007f11252ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  266.841510][T20865] RAX: ffffffffffffffda RBX: 00007f1126ae5fa0 RCX: 00007f112688f6c9
[  266.841521][T20865] RDX: 0000000000000000 RSI: 00002000000037c0 RDI: 0000000000000006
[  266.841532][T20865] RBP: 00007f11252ef090 R08: 0000000000000000 R09: 0000000000000000
[  266.841545][T20865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  266.841562][T20865] R13: 00007f1126ae6038 R14: 00007f1126ae5fa0 R15: 00007fffcc2d9b68
[  266.841584][T20865]  </TASK>
[  267.162356][T20870] loop2: detected capacity change from 0 to 1024
[  267.169157][T20870] EXT4-fs: Ignoring removed bh option
[  267.174767][T20870] EXT4-fs: inline encryption not supported
[  267.179983][T20871] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  267.192530][T20870] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  267.208677][T20870] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  267.235137][T20870] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 2: comm syz.2.4221: lblock 2 mapped to illegal pblock 2 (length 1)
[  267.256488][T20880] netlink: 'syz.5.4224': attribute type 1 has an invalid length.
[  267.274324][T20870] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 48: comm syz.2.4221: lblock 0 mapped to illegal pblock 48 (length 1)
[  267.315007][T20870] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.4221: Failed to acquire dquot type 0
[  267.348016][T20870] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  267.377211][T20882] 9pnet_fd: Insufficient options for proto=fd
[  267.392146][T20870] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.4221: mark_inode_dirty error
[  267.418156][T20870] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  267.453931][T20870] EXT4-fs (loop2): 1 orphan inode deleted
[  267.471945][ T5485] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:49: lblock 1 mapped to illegal pblock 1 (length 1)
[  267.474442][T20870] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.490539][ T5485] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:49: Failed to release dquot type 0
[  267.569782][T20870] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  267.588248][T17666] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.830141][T20905] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4234'.
[  267.839561][T20905] veth1_macvtap: left promiscuous mode
[  267.893847][T20908] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  268.352402][T20933] loop3: detected capacity change from 0 to 256
[  268.375396][T20933] FAT-fs (loop3): Directory bread(block 64) failed
[  268.381962][T20933] FAT-fs (loop3): Directory bread(block 65) failed
[  268.381980][T20936] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  268.388480][T20933] FAT-fs (loop3): Directory bread(block 66) failed
[  268.388499][T20933] FAT-fs (loop3): Directory bread(block 67) failed
[  268.388519][T20933] FAT-fs (loop3): Directory bread(block 68) failed
[  268.388535][T20933] FAT-fs (loop3): Directory bread(block 69) failed
[  268.388554][T20933] FAT-fs (loop3): Directory bread(block 70) failed
[  268.427790][T20933] FAT-fs (loop3): Directory bread(block 71) failed
[  268.434371][T20933] FAT-fs (loop3): Directory bread(block 72) failed
[  268.435978][T20936] tipc: Disabling bearer <eth:syzkaller0>
[  268.440989][T20933] FAT-fs (loop3): Directory bread(block 73) failed
[  268.462063][T20933] bio_check_eod: 33608 callbacks suppressed
[  268.462078][T20933] syz.3.4246: attempt to access beyond end of device
[  268.462078][T20933] loop3: rw=524288, sector=1736, nr_sectors = 32 limit=256
[  268.482251][T20933] syz.3.4246: attempt to access beyond end of device
[  268.482251][T20933] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256
[  268.696002][T20933] wg1 speed is unknown, defaulting to 1000
[  268.702263][T20933] ip6_vti0 speed is unknown, defaulting to 1000
[  268.827012][T20940] 9pnet_fd: Insufficient options for proto=fd
[  268.851321][T20942] netlink: 'syz.2.4249': attribute type 1 has an invalid length.
[  268.959105][T20953] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4255'.
[  268.973156][T20953] veth1_macvtap: left promiscuous mode
[  269.051916][T20959] loop2: detected capacity change from 0 to 512
[  269.074442][T20959] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.4257: inode has both inline data and extents flags
[  269.093560][T20965] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[  269.105578][T20959] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.4257: couldn't read orphan inode 15 (err -117)
[  269.137554][T20959] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  269.169507][T20965] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4258'.
[  269.218688][T20971] netlink: 'syz.0.4261': attribute type 1 has an invalid length.
[  269.232870][T20973] 9pnet_fd: Insufficient options for proto=fd
[  269.274576][T20975] netlink: 'syz.0.4263': attribute type 1 has an invalid length.
[  269.301747][T20978] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  269.313059][T20978] tipc: Disabling bearer <eth:syzkaller0>
[  269.314238][T20980] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4265'.
[  269.355654][T20980] team0 (unregistering): Port device team_slave_0 removed
[  269.366603][T20980] team0 (unregistering): Port device team_slave_1 removed
[  269.436820][T17666] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.647931][T21006] netlink: 'syz.2.4274': attribute type 1 has an invalid length.
[  269.697513][T21008] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  269.706534][T21008] tipc: Disabling bearer <eth:syzkaller0>
[  269.738133][T21014] loop2: detected capacity change from 0 to 1024
[  269.744810][T21003] loop5: detected capacity change from 0 to 32768
[  269.745146][T21014] EXT4-fs: Ignoring removed orlov option
[  269.758867][T21014] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  269.790552][T21003]  loop5: p1 p2 p3 < > p4 < p5 p6 >
[  269.795850][T21003] loop5: p1 start 460800 is beyond EOD, truncated
[  269.802320][T21003] loop5: p2 size 83886080 extends beyond EOD, truncated
[  269.812920][T21003] loop5: p5 start 460800 is beyond EOD, truncated
[  269.819434][T21003] loop5: p6 size 83886080 extends beyond EOD, truncated
[  269.828180][T21017] loop1: detected capacity change from 0 to 512
[  269.859589][T21018] ==================================================================
[  269.867690][T21018] BUG: KCSAN: data-race in vfs_fsync_range / writeback_single_inode
[  269.875698][T21018] 
[  269.878013][T21018] write to 0xffff88810ce15bb0 of 4 bytes by task 21014 on cpu 1:
[  269.885719][T21018]  writeback_single_inode+0x150/0x3f0
[  269.891094][T21018]  sync_inode_metadata+0x5b/0x90
[  269.896031][T21018]  generic_buffers_fsync_noflush+0xd9/0x120
[  269.902014][T21018]  ext4_sync_file+0x1ab/0x690
[  269.906694][T21018]  vfs_fsync_range+0x10d/0x130
[  269.911456][T21018]  ext4_buffered_write_iter+0x34f/0x3c0
[  269.916990][T21018]  ext4_file_write_iter+0x387/0xf60
[  269.922186][T21018]  iter_file_splice_write+0x666/0xa60
[  269.927563][T21018]  direct_splice_actor+0x156/0x2a0
[  269.932676][T21018]  splice_direct_to_actor+0x312/0x680
[  269.938048][T21018]  do_splice_direct+0xda/0x150
[  269.942809][T21018]  do_sendfile+0x380/0x650
[  269.947227][T21018]  __x64_sys_sendfile64+0x105/0x150
[  269.952422][T21018]  x64_sys_call+0x2bb4/0x3000
[  269.957094][T21018]  do_syscall_64+0xd2/0x200
[  269.961582][T21018]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.967465][T21018] 
[  269.972143][T21018] read to 0xffff88810ce15bb0 of 4 bytes by task 21018 on cpu 0:
[  269.979775][T21018]  vfs_fsync_range+0x9b/0x130
[  269.984453][T21018]  ext4_buffered_write_iter+0x34f/0x3c0
[  269.989987][T21018]  ext4_file_write_iter+0x387/0xf60
[  269.995169][T21018]  iter_file_splice_write+0x666/0xa60
[  270.000529][T21018]  direct_splice_actor+0x156/0x2a0
[  270.005626][T21018]  splice_direct_to_actor+0x312/0x680
[  270.010990][T21018]  do_splice_direct+0xda/0x150
[  270.015824][T21018]  do_sendfile+0x380/0x650
[  270.020234][T21018]  __x64_sys_sendfile64+0x105/0x150
[  270.025437][T21018]  x64_sys_call+0x2bb4/0x3000
[  270.030102][T21018]  do_syscall_64+0xd2/0x200
[  270.034601][T21018]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.040481][T21018] 
[  270.042783][T21018] value changed: 0x00000070 -> 0x00000002
[  270.048478][T21018] 
[  270.050782][T21018] Reported by Kernel Concurrency Sanitizer on:
[  270.056918][T21018] CPU: 0 UID: 0 PID: 21018 Comm: syz.2.4278 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  270.068361][T21018] Tainted: [W]=WARN
[  270.072143][T21018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  270.082179][T21018] ==================================================================
[  270.102631][T21017] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.4279: inode has both inline data and extents flags
[  270.123490][T21017] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.4279: couldn't read orphan inode 15 (err -117)
[  270.272922][T21023] random: crng reseeded on system resumption
[  270.280333][   T29] kauditd_printk_skb: 327 callbacks suppressed
[  270.280349][   T29] audit: type=1400 audit(1763400700.886:13239): avc:  denied  { setopt } for  pid=21022 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  270.306707][   T29] audit: type=1400 audit(1763400700.886:13240): avc:  denied  { read write } for  pid=21022 comm="+}[@" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  270.330546][   T29] audit: type=1400 audit(1763400700.886:13241): avc:  denied  { ioctl open } for  pid=21022 comm="+}[@" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  270.896406][T21017] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  271.075163][T17666] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.094473][T17794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.