last executing test programs:

33.43467996s ago: executing program 2 (id=685):
syz_open_dev$tty1(0xc, 0x4, 0x4)
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='fdinfo/3\x00')
pread64(r0, &(0x7f00000002c0)=""/19, 0x13, 0x4)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
dup3(r1, r1, 0x80000)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}, @call={0x85, 0x0, 0x0, 0x8}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYBLOB="0000000000000f", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180))
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000000580)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200040010000800014004000000", 0x58}], 0x1)

33.400001332s ago: executing program 2 (id=688):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000840)=@newsa={0x13c, 0x10, 0x713, 0x0, 0x0, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, {@in=@local, 0x4d5, 0x33}, @in6=@private0, {0x3}, {}, {0x0, 0x7fffffff, 0x4}, 0x0, 0x0, 0xa}, [@algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}, 0x0, 0x80}}]}, 0x13c}}, 0x0)

33.381001303s ago: executing program 2 (id=689):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SCHED_CORE(0x4d, 0x1, 0x0, 0x0, 0x0)
socket(0x1e, 0x4, 0x0)
socket(0x1e, 0x2, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sched_setscheduler(0x0, 0x6, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x20000023896)
close(r2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000003c0)='kfree\x00', 0xffffffffffffffff, 0x0, 0x8000000001}, 0x18)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)

32.929146462s ago: executing program 2 (id=697):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x8, &(0x7f0000000080)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x7}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x67, 0x52e, &(0x7f0000000480)="$eJzs3U9vI2cZAPBnHHvZ7GabFDhAJUqhRdkVrJ00tI04lCIhOFUCyr2ExImiOHEUO+0mqtis+ABICAESJ7hwQeIDIKFKXDgipEpwBgECIdjCgQN00NjjNJv4X7tOnE1+P2ky78y8M8/zOprxvJ7RTACX1lMR8VJEvJOm6a2ImM7nF/IhDtpDVu/t+28sZ0MSafrKP5JI8nmdbSX5+Hq+2tWI+NqXI76ZnIzb2NvfWKrVqjv5dKW5uV1p7O3fXt9cWquuVbcWFuafX3xh8bnFuZG080ZEvPjFv3z/Oz/90ou//Mzrf3z1bze/laU1lS8/2o73qNhvYbvppdZncXSFnfcZ7DwqtlqYm+xWY+LEnHunnBMAAN1l5/gfjIhPRsStmI6J/qezAAAAwCMo/fxU/DeJSLu70mM+AAAA8AgptO6BTQrl/F6AqSgUyuX2PbwfjmuFWr3R/PRqfXdrpX2v7EyUCqvrtepcfq/wTJSSbHq+VX53+tlj0wsR8XhEfG96sjVdXq7XVsb94wcAAABcEteP9f//Pd3u/3fcHWdyAAAAwOjMjDsBAAAA4NQN2/+/dsp5AAAAAKfH9X8AAAC40L7y8svZkHbef73y2t7uRv212yvVxkZ5c3e5vFzf2S6v1etrrWf2bQ7aXq1e3/5sbO3eqTSrjWalsXc1Nuu7W81X1x94BTYAAABwhh7/+Ju/TyLi4HOTrSFzZbhVh6wGnFfFw1KSj7vs1n94rD3+8xklBZyJiXEnAIxNcdwJAGNTGncCwNglA5b3vHnnN/n4E6PNBwAAGL3Zj/a+/l/ou+ZB/8XAuWcnhsvL9X+4vFrX/4e9k7fgbeBwkZQGnQH07SA4HsBF8NDX/wdK0/eUEAAAMHJTrSEplIud6UKhXI640XotQClZXa9V5yLisYj43XTpA9n0fKtmMrDPAAAAAAAAAAAAAAAAAAAAAAAAAAC0pWkSKQAAAHChRRT+mvyq/Sz/2elnpo7/PnAl+c905K8Iff1Hr/zgzlKzuTOfzf/n4fzmD/P5z47jFwwAAAC4FAa8wP9BnX56px8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP09v03ljvDWcb9+xciYqZb/GJcbY2vRikirv0rieKR9ZKImBhB/Mnsz0e6xU+ytA5Ddos/OYL4B/f6xo+D/FPoFv/6COLDZfZmdvx5qdv+V4inWuPu+18x4oHp96v38S8Oj38TPfb/G0PGeOKtn1d6xr8X8UTxRPy7WYRO/KRH/KeHjP+Nr+/v91qW/jhituv3T9Kpkh0ho9Lc3K409vZvr28urVXXqlsLC/PPL76w+NziXGV1vVbN/3aN8d2P/eKdfu2/1iP+zID2P3Nia1e6xvjfW3fuf6hdLHWLf/PpLvF//ZO8xsn4hfy771N5OVs+2ykftMtHPfmz3z7Zr/0rPdo/6P9/s9dGj7n11W//aciqAMAZaOztbyzVatWdC1vIeulDVs7Ozs5FzgpDFCYefjt3R5pYmqZptk89xHaSGPenelgY95EJAAAYtXdP+sedCQAAAAAAAAAAAAAAAAAAAFxeZ/E4seMxDw5LySgeoQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBL/DwAA//9t9tlI")
r5 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r6 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
write$binfmt_register(r6, &(0x7f0000000440)={0x3a, 'syz2', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x32)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r5, 0x7, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', 0xffffffffffffffff, &(0x7f0000000080)='./file0\x00')
ioctl$EVIOCGPROP(0xffffffffffffffff, 0x80404509, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r7, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)

32.765387339s ago: executing program 2 (id=700):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000b00)='kmem_cache_free\x00', r1, 0x0, 0x1034}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000340)={0x1, &(0x7f0000000400)=[{0x200000000006, 0x8, 0x5, 0x36}]})
timerfd_gettime(0xffffffffffffffff, &(0x7f0000000980))
unshare(0x2040400)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$RTC_ALM_SET(r2, 0x40247007, 0x0)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r3 = inotify_init1(0x800)
inotify_add_watch(r3, &(0x7f0000000540)='./file0\x00', 0xc4000ce7)
r4 = perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6, 0x0, 0x7fff}, 0x18)
lsetxattr$security_selinux(&(0x7f0000000400)='./file0\x00', &(0x7f0000000000), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000012c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000800)=ANY=[@ANYRES32=r7, @ANYRES32=r7, @ANYBLOB='/\x00'/12, @ANYRES32, @ANYBLOB="0884301bca986639f7fb9eb3c49926c7d07fe3d97a98ff2551e8a4555d64fa7ce0325ddea52b0b32d323e1eb30612f4ed5e83c2a7c7f41e134a81c94904c378289a077863cc57f8c746e34d9d58cacc6bb5ed1e58971fa14909efd18586847bd983cd90107d630d16025c18e51a1da2c99bc8a2649379ac272a66a51d8274a95baa5642bc2d97e24b88dcd8d0e09a9fb58", @ANYRES64=0x0], 0x20)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={@fallback=r7, 0x2f, 0x0, 0x0, &(0x7f0000000140)=[0x0], 0x1, 0x0, &(0x7f0000000200)=[0x0], 0x0, 0x0}, 0x24)
setxattr$trusted_overlay_origin(&(0x7f00000002c0)='./bus\x00', &(0x7f0000000380), &(0x7f00000003c0), 0x2, 0x2)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x0, 0x40)
getdents(r8, &(0x7f0000000080)=""/43, 0x2b)
getdents(r8, 0x0, 0xbb)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)

32.534336499s ago: executing program 2 (id=704):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mm_page_free\x00', r0, 0x0, 0xfff}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x39}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r6, r5, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r6}, &(0x7f0000000000), &(0x7f0000000080)=r2}, 0x20)
recvmsg$unix(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x0)
sendmsg$inet(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)

32.534162149s ago: executing program 32 (id=704):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mm_page_free\x00', r0, 0x0, 0xfff}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x39}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r6, r5, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r6}, &(0x7f0000000000), &(0x7f0000000080)=r2}, 0x20)
recvmsg$unix(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x0)
sendmsg$inet(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)

3.125837085s ago: executing program 1 (id=1249):
socket$inet6_mptcp(0xa, 0x1, 0x106)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=@ipv4_delroute={0x44, 0x19, 0x901, 0x70bd29, 0x25dfdbfb, {0x2, 0x18, 0x10, 0x0, 0x0, 0x0, 0xff, 0x1}, [@RTA_DST={0x8, 0x1, @dev}, @RTA_GATEWAY={0x8, 0x5, @private=0xa010102}, @RTA_ENCAP={0x18, 0x16, 0x0, 0x1, @LWTUNNEL_IP6_SRC={0x14, 0x3, @private0}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x4000)
getsockopt$netlink(r0, 0x10e, 0x3, &(0x7f0000000340)=""/4096, &(0x7f0000000000)=0x1000)
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$PTP_PIN_GETFUNC2(r1, 0xc0603d0f, 0x0)

3.072701807s ago: executing program 1 (id=1251):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b40)=ANY=[@ANYRESOCT=r0, @ANYRESDEC=r0, @ANYRES8=<r2=>r0, @ANYBLOB="de9c86cc6f0e95e45e6fbacb07867e938434cadc9a99e46cb8470661d2616a3be761988d0c3924809a435306b1550e0d2d9256b8bf7f087a4b49a0081f6c72d9757d1fc83fb4efcd4e21efaae05d86236212547b3af8f78066df2cca3cf35ff381976f84", @ANYRESOCT=r0], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x20, 0x7, &(0x7f0000000240)=ANY=[@ANYRES32=r0, @ANYRES32=<r4=>r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r6 = socket(0x2000000000000021, 0x2, 0x10000000000002)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000a80)='kfree\x00', r7}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000400000008000000ad00000000000000", @ANYRES64=r5, @ANYRES8, @ANYRES32=0x0, @ANYRES64=r3, @ANYBLOB="5c3124e193246dee397fb698fd0ebade5df041cbfbd141abc25a2f7a19dbffd0c5003724200f159cbdd595415c4d90c0612866f9df3977aa85c32f407b0feb2fbeb7491c2933faf2d1bfc07a8b60d432f63746ce71a3f90f9b4adffda7d19bf684c7a2f5e1a6eab29a387ff96cf9260077965f7978db81e67eedc49ab29f01eb045d5c1e6cbc4f7bc933aa2625219634803e55b5fa30d3c47e499fd4ddd995117d0d030071d6", @ANYRES16=r2], 0x50)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYRES32=r0, @ANYRES64=r4, @ANYRES16=r2, @ANYRES32=0x0, @ANYRES32, @ANYRES8=r0], 0x48)
connect$rxrpc(r6, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8, @multicast2}}, 0x24)
setsockopt$RXRPC_MIN_SECURITY_LEVEL(r6, 0x110, 0x4, &(0x7f0000000100)=0x1, 0x4)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@block_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@bsdgroups}, {@norecovery}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1a, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800110000000100000000000000fe0018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r9}, 0x18)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYRESOCT=r8, @ANYRES8=r9, @ANYRESHEX=0x0], 0x48)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r11}, &(0x7f0000000000), &(0x7f00000005c0)=r12}, 0x20)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000680)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r13}, 0x18)
r14 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x20, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000640)='GPL\x00', 0x7ff, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r10, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r14}, 0x18)
io_uring_setup(0x7bf2, &(0x7f00000000c0)={0x0, 0x45d6, 0x0, 0x4, 0x4, 0x0, r14})
write$binfmt_script(r10, &(0x7f0000000040), 0x208e24b)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x13, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001800", @ANYRES16=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000030000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)

2.711225633s ago: executing program 1 (id=1259):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x2002)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x55, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000200)='kfree\x00', r1, 0x0, 0x9}, 0x18)
syz_io_uring_setup(0x3685, &(0x7f00000000c0)={0x0, 0x79af, 0x200, 0x4, 0x216}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000380)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd_index=0x3, 0x6, 0x0, 0x0, 0x2, 0x1})
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000200), 0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0x60, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_usb_connect(0x2, 0x24, &(0x7f0000000740)=ANY=[], 0x0)
close_range(r4, 0xffffffffffffffff, 0x200000000000000)

2.149438617s ago: executing program 3 (id=1272):
sendmmsg(0xffffffffffffffff, &(0x7f0000000400)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x10}}], 0x2, 0xc88c4)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuset.memory_pressure_enabled\x00', 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f00000002c0), 0x4)
socket$inet(0x2, 0x2, 0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x40000000, 0x8, 0x1000000, 0x0, 0x0, 0x1)
socket(0x1d, 0x2, 0x6)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x4cc, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x5}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x80020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000020000000000ee090018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000011c0)={&(0x7f0000001180)='kfree\x00', r1, 0x0, 0x4}, 0x18)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000580)='maps\x00')
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)=ANY=[@ANYRESHEX], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0x4}, 0x18)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4804}, 0x8014)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0xf5ff, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a4c0000000e0a010100000000000000000a0000060900020073797a31000000000900010073797a3100000000200003801c0000800c00018006000100d103"], 0x74}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
exit(0x0)
r5 = syz_io_uring_setup(0x239, &(0x7f0000000200)={0x0, 0xebc8, 0x20000, 0xfffffffe}, &(0x7f00000003c0)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r5, 0x2def, 0x0, 0x0, 0x0, 0x0)
listen(0xffffffffffffffff, 0x10001)

1.984293824s ago: executing program 1 (id=1273):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0700000004000000800000000400000028"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000001980), 0x200)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0x5452, &(0x7f0000000a00)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000e40)="d8000000180081064a81f782da02b904021d080400007c09e8fe55a10a0015c0050014a603600e1208000f0000000401a00016009a001f4004000000036010fab94dcf5c0461c1d6900094007134cf6ee080000190d0a2ac922353a606487ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00320db70103000040fad95667dc06dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x48084)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x1954, 0x0, 0x4}, &(0x7f0000000300)=<r4=>0x0, &(0x7f0000000580)=<r5=>0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket(0x400000000010, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sys_enter\x00', r6}, 0x10)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x49, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r3, 0x6e2, 0x3900, 0x3, 0x0, 0x0)
clock_nanosleep(0x2, 0x1000000, &(0x7f0000000040)={0x77359400}, 0x0)

1.289611184s ago: executing program 3 (id=1285):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
set_robust_list(&(0x7f0000000240)={0x0, 0x8}, 0x18)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={0x0}, 0x1, 0xfffc}, 0x4000800)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900840000000001000000940001000000fc13c40000000f0000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000000101010200000000000000000a000000240002800c000280040001003a00000014000180080001cd4bde2a0192000000000000000c0019"], 0x44}, 0x1, 0x0, 0x0, 0x200448c1}, 0x40)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x0, 0x200000000000006}, 0x18)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x810004, &(0x7f0000000ac0)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x04\xc3\x00\x00\x00\x00\x00\x00\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000c2aed319b26f637a5f798bd51f67906be41100e423cb6c74342711ce15bc1224c9dc0fcdfc0500cfea1ff9e5b570489a29b32b9cc69a67c01f4fc819288d7a4be60bd18c52b540cf8ed09a8a29557707b84fc837bac1ae05e5496319987ffc18fdf2fa16e7980a3ea0a32399c9488fddcffe93d3c6d95caeef270af582a2e4deee380a62d84f3f5e1d72aa6b9a4e00"/178, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x54}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0a000000010000000c00000009"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000780), 0x433d, r5}, 0x38)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000800)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000380)=ANY=[@ANYBLOB="020101090800000000170006ffffff00030006001000000002000000e0000009f9ff0f0005000000030005007217440502000000e0000001"], 0x40}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c000000020601010000000000000000000005050005000a000000050001000700000005000400030000000900020073797a310000000011000300686173683a6e65742c6e65740000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
sendmsg$IPSET_CMD_TEST(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB], 0x64}}, 0x4800)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x4000000000000, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x4001, 0x3, 0x210, 0x0, 0x0, 0x148, 0xd8, 0x148, 0x178, 0x240, 0x240, 0x178, 0x240, 0x7fffffe, 0x0, {[{{@ip={@rand_addr=0xfffffffe, @dev={0xac, 0x14, 0x14, 0x44}, 0x0, 0x0, 'ip6gretap0\x00', 'netpci0\x00', {}, {}, 0x88}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x10, 0xe80, 0x0, 0x0, '\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0xfffffffc}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x270)

1.251094025s ago: executing program 0 (id=1286):
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4"], &(0x7f0000000100)='GPL\x00'}, 0x94)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000000f0070000000900010073797a300000000080000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d3c00128014000180090001006c617374000000000400028010000180090001006c61737400000000140001800c000100636f756e746572000400028008000340000001"], 0xc8}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="020900000700000000000000000000000500", @ANYRES64], 0x38}}, 0x20000004)

1.230680896s ago: executing program 0 (id=1287):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000013c0)=@newtfilter={0x88c, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xb, 0xd}, {}, {0x7, 0xffe0}}, [@filter_kind_options=@f_basic={{0xa}, {0x854, 0x2, [@TCA_BASIC_POLICE={0x850, 0x4, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x7ff}, @TCA_POLICE_TBF={0x3c, 0x1, {0x6, 0x10000000, 0x92, 0x5, 0x9bc, {0x2, 0x2, 0x4, 0x9, 0xff, 0x3}, {0x2, 0x1, 0x8, 0x9, 0x80, 0x8e}, 0x1, 0x4, 0x6}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x800, 0x2, 0x5, 0x4, 0x0, 0xfffffc00, 0xb80, 0x7, 0xee13, 0x4, 0x6, 0x3, 0x5, 0x2, 0xc0f9, 0x9e60, 0x10001, 0x4, 0x5, 0x1, 0x9, 0x9a, 0x7, 0x6, 0x2, 0x0, 0xfffffffc, 0x8, 0x8, 0x9, 0x0, 0x619d, 0x37, 0x39, 0x2, 0x3ff, 0x800, 0x559, 0x4, 0x101, 0x7, 0xfffffffe, 0x2, 0x9, 0xffff, 0x2, 0x3, 0x0, 0x800, 0x8, 0x0, 0x9, 0xfffffffb, 0x9, 0x2, 0xa55b, 0x0, 0x400, 0x1, 0x3, 0x25, 0x7, 0x1, 0x1, 0xd, 0x10001, 0x5, 0xfffffffe, 0x72a2c416, 0xfffffff7, 0x9, 0x3d, 0x4, 0x3, 0x4, 0x1, 0x7, 0x4, 0x92, 0x401, 0x3, 0xfffffff7, 0x0, 0x1, 0xd6f, 0x8, 0x80000001, 0x401, 0x2, 0x8, 0x3, 0xd9, 0x0, 0xfffffffd, 0x4, 0x7f4, 0x2, 0xfffffbf8, 0x0, 0x9, 0x4, 0x6, 0x4, 0xfffffff7, 0x0, 0xfb, 0x9, 0x6, 0x400, 0xfc000000, 0x400, 0x7, 0x7, 0x6f1, 0x1, 0x5, 0x7, 0x7fffffff, 0x401, 0xffffffff, 0x4, 0x10, 0xfffffff7, 0x6, 0x964, 0x5, 0x8, 0x101, 0x6, 0xff, 0x1, 0x2, 0x4a, 0x10001, 0xffff, 0x1, 0x14, 0x200, 0xfff, 0x100, 0xc, 0x9, 0x9, 0x0, 0x0, 0x1, 0x8000000, 0x6, 0x0, 0x9a7c, 0x3fc, 0x3, 0x3, 0x0, 0x6, 0x9, 0x3, 0x43, 0x80000000, 0x3, 0xffffffff, 0x1, 0x9, 0x8, 0x5, 0xefd2, 0x795, 0x5, 0x1ff, 0x5, 0x3, 0xffffffff, 0x5, 0x2, 0xc, 0x1e, 0x1, 0x1, 0x8001, 0x200, 0x8001, 0x7, 0x800, 0x5, 0x80000001, 0x0, 0x7fff, 0x8, 0x1d23, 0x7fff, 0x90, 0x5, 0xffffffff, 0xd, 0x3, 0x0, 0x5, 0x10, 0x9, 0x6, 0x9, 0x80000001, 0x2, 0x0, 0x0, 0x7010, 0xfffffe01, 0x2, 0x6, 0xc4e, 0xb, 0x5a, 0xe74, 0x9, 0x1, 0x3, 0x97df, 0x0, 0x2, 0x7, 0x1c, 0x9, 0x1, 0x8, 0x24, 0xfffffff8, 0x10000, 0xffff, 0x6, 0x8d5b, 0x7, 0x2, 0xfffffffd, 0x2, 0x8, 0x5, 0xc9, 0x0, 0x1, 0x4, 0x8, 0xc74, 0x800, 0x1, 0x8, 0x5, 0x6, 0x2, 0xfffffffa, 0x2b, 0x5, 0x8, 0x9, 0x1, 0x3, 0x9a]}, @TCA_POLICE_RATE={0x404, 0x2, [0x6, 0x3, 0xc396, 0x2, 0x2, 0x9, 0x2, 0xfffffff9, 0x8, 0x100, 0xff, 0x9, 0x4, 0x9, 0x0, 0xf, 0x5, 0x4, 0x4a96, 0x4, 0xffffffff, 0x5, 0x1000, 0x2, 0x2, 0x1, 0x6, 0x7, 0x9, 0x68a2, 0x6, 0x7, 0x3, 0x4, 0x7, 0x7ff, 0x2, 0x4, 0xfffffff9, 0x6, 0x7, 0x1, 0x5, 0xffffff7f, 0x6e, 0x0, 0x5, 0x0, 0x3, 0x9674, 0x9, 0x401, 0x7, 0x5, 0x5, 0x101, 0x5, 0x6, 0xa8e, 0xfe, 0xa9, 0x60, 0x80000001, 0x5, 0x1, 0x401, 0x800, 0x5, 0x6, 0x6, 0x9, 0xfffffffd, 0x2, 0xc32, 0x6, 0xfffffff8, 0x9, 0x1, 0x3, 0x77a, 0x7, 0x7, 0x31, 0x9, 0x4, 0x6, 0x5, 0xa58, 0x8, 0xffff, 0x8000, 0x9, 0x6, 0x2, 0x1, 0x0, 0x1, 0x2, 0x0, 0xa, 0xe1f, 0x7, 0xfffffffd, 0x1, 0xc4, 0x2, 0x80000001, 0x28, 0xe, 0xff, 0x4cd2, 0xfffffffa, 0x6e, 0xff, 0x0, 0x2, 0x57c6, 0x8, 0x80000001, 0x7, 0x7, 0x2, 0x3ff, 0x6, 0x5, 0x81a, 0x3, 0x5, 0x3, 0x8, 0xac54, 0x9, 0x9, 0x91, 0x9, 0x8, 0x800, 0x2, 0x3, 0x7, 0x4, 0x10, 0xfffffffb, 0x7ff, 0xfffffff8, 0x7, 0x1, 0x8, 0x1, 0x6, 0x4000000, 0x2026ee35, 0x0, 0x7fffffff, 0xfffffffc, 0x1, 0x4, 0x6, 0xf, 0x9, 0x1, 0xc, 0x4, 0xc166, 0x6, 0x101, 0xfffff466, 0x0, 0x0, 0x8, 0x8, 0x6, 0x27, 0xe5f, 0x8, 0xe0, 0x4, 0xfffffffd, 0x1, 0x247800, 0x0, 0xa6f7, 0x2, 0x5, 0xf, 0x0, 0x9, 0x9, 0x9, 0x2, 0x2, 0xb91, 0x401, 0x73a7, 0x0, 0xa9fd, 0x4, 0x0, 0x10001, 0x0, 0xff, 0xfffffff3, 0x2, 0xb8ec, 0x8, 0x1, 0x8, 0xb, 0x7fff, 0x0, 0xa2a, 0xe, 0x80000001, 0x10000, 0x17c3, 0x1, 0x1, 0x80000000, 0x8, 0x7e54, 0x2, 0xe6, 0x9, 0x5b, 0x9, 0x2, 0x3, 0x1, 0xd25, 0x3, 0xa, 0x8, 0x0, 0xdd55, 0x6, 0x1, 0x400, 0x4, 0x8, 0xe8, 0x8bef, 0x4, 0x400, 0x2, 0x2, 0x1, 0x6, 0x3fb9, 0x7, 0x5, 0x4, 0x0, 0x62e0, 0x9, 0x3, 0x4]}]}]}}, @TCA_RATE={0x6, 0x5, {0x1, 0x2}}]}, 0x88c}, 0x1, 0x0, 0x0, 0x20041090}, 0xd0)

1.195887838s ago: executing program 0 (id=1288):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb010018000000000000001000000010000000090000000600000000000011030000000800000000005f2e00302e00fed19851b867ea01b402384be200"], &(0x7f0000000200)=""/114, 0x31, 0x72, 0x0, 0x6, 0x10000}, 0x28)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095", @ANYRES32=r0, @ANYRES32=r0, @ANYRESDEC=r1, @ANYBLOB="e82b0b51e63bfea7144b0ef86f2846f0b6371d9e8787db5c65714895d4d232798bac14563a25956288b14a16ff3598a7eb6ec5c0ca3b781b6375a4767b51dac89c1cfc40047a37760abbc37ab8092ba65f185f8d53a66b600993e35f7813491a083050e359fe2856c390e380fb4e3da7c2cf4380ee6c5351ab540784c6e54f2af10de831b7dcc00814ba76a07a846aec42155e6b1e8bac03bce2b8abd3d60da4d06703b5b0111ccf9fcf67e21117aa49f7cdc7f227798a8f5dc2f489b16cd63cf2888310b4f158457e0550ac3f0f59d05c52069418b4a3c88cc682575a8f20f73493a496cdff66bf62affdb5810bd145ea7fd93009a8161dc72ea419a7"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1a, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r2, 0x0, 0x5}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r4}, &(0x7f0000000000), &(0x7f00000005c0)=r5}, 0x20)
ioctl$FS_IOC_ENABLE_VERITY(r1, 0x40806685, &(0x7f0000000500)={0x1, 0x3, 0x1000, 0x2f, &(0x7f00000004c0)="fba1248448607a66ae08e10d451107b96e8b8eff0d4b15cc06cb66ba919feee9a2b223a021acea5d5311539ef3bb93", 0xf2, 0x0, &(0x7f00000007c0)="8cc4221311f0b27e7a53bb0b6ddc58c0157af07bceeb770bf02b41dec45478f0d1e8bed6ac90dfc7599e49f2b03983a3a007e38c75cbc2be27eb639caa271996bb2b03e8462e57f9d91591eb1aba96218a6ef9de0f2757f6ea407f06ca0ae896a5eddc6bd2ba8a073cda03a20af084ffb5ba903f51c192d27ab5db28f73863270efd2d0e8afe793fd97a369694ea51df1dd2031395cf9ddbe95c72131f98126c7d81d149717bbcd9767d92f9396146293ca508c045ffa5f5fedf972c8f60e38e3584a876cecb7a0a16f86809b256a735cb330da033747d66f38692d805619bd548ee5ae5bea19ee3721e8f4d069e7132cdc7"})
recvmmsg(0xffffffffffffffff, &(0x7f0000000dc0)=[{{&(0x7f0000000340)=@x25={0x9, @remote}, 0x80, 0x0}, 0x2}, {{&(0x7f0000000700)=@xdp, 0x80, 0x0}, 0x8}], 0x2, 0x2, 0x0)
r6 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r6, &(0x7f0000000000)={0xa, 0x0, 0x1, @empty, 0x0, 0x3}, 0x20)
connect$l2tp6(r6, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20)
sendmmsg$inet6(r6, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1b, 0x0}}], 0x17fd147c801ae9af, 0xff00)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000002c0)={@initdev, @empty}, &(0x7f0000000300)=0xc)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r9=>0x0})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r9, {0x10, 0x4}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x4000010)
syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f00000001c0))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES64, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='kfree\x00', r11}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="24000000390009002cbd70000000000004000000040000000c0001800600060006"], 0x24}}, 0x0)

1.15206123s ago: executing program 0 (id=1289):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000040), 0x3, 0x5eb, &(0x7f0000000c00)="$eJzs3ctvFEcaAPCvxw9sjNYDWu0ue1gsrVYg7WJjAysU5QDXCFnkoVxyiYMNIRiwsKPEJBJGIpdIUS5RFCmnHEL+iwSFK6fklEMuOUVIKIk4RspEPdNtPHaPX9jTiP79pGG6q6Zd1djfVHVNVU8AlTWS/lOLOBgRc0nEcLK0nNcbWeZI63WPfnv/fPpIotF4+Zckkiwtf32SPQ9lBw9ExHffJnGgZ22584s3Lk/Nzs5cz/bHFq7Mjc0v3jh66crUxZmLM1cn/j9x6uSJk6fGj23rvG4WpJ29/dY7wx9Ovvbl578n41/9OJnE6Xghe+HK89gpIzHS/D9J1mYNndrpwkrSk/2dNBqNRp6W9JZbJzYv//31RcTfYzh64vEvbzg+eLHUygG7qpG03ruBKkrEP1RU3g/Ir+1XXwfXSumVAN3w8ExrAGBt/Pe2xgZjoDk2sPdREiuHdZKI2N7IXLt9EXH/3uTtC/cmb8cujcMBxZZuRcQ/iuI/acZ/PQai3oz/Wlv8p/2Cc9lzmv7SNstfPVQs/qF7WvE/sG78R4f4fz19vtmK4Te2WX798eabg23xP7jdUwIAAAAAAIDKunsmIv5X9Pl/bXn+TxTM/xmKiNM7UP7Iqv21n//XHuxAMUCBh2cini+c/1vLZ//We1YsYa1HX3Lh0uzMsYj4S0Qcib496f74OmUc/ejAZ53yRrL5f/kjLf9+Nhcwq8eD3j3tx0xPLUw9wSkDmYe3Iv5ZOP83WW7/k4L2P31nmNtkGQf+c+dcp7yN4x/YLY0vIg4Xtv+P71qRrH9/jrFmf2As7xWs9a/3Pv66U/nbjX+3mIAnl7b/e9eP/3qy8n4981sv4/hib6NT3nb7//3JK827CvVnae9OLSxcH4/oT872pKlt6RNbrzM8i/J4yOMljf8j/15//K+o/z8YEUurfnbya/ua4tzf/hj6qVN99P+hPGn8T2+p/d/6xsSd+jedyt9c+3+i2dYfyVKM/0HLp3mY9renF4Rjb1FWt+sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+CWkTsi6Q2urxdq42ORgxFxF9jb2322vzCfy9ce/vqdJrX/P7/Wv5Nv8Ot/ST//v/6iv2JVfvHI2J/RHzSM9jcHz1/bXa67JMHAAAAAAAAAAAAAAAAAACAp8RQh/X/qZ97yq4dsOt6y64AUJqC+P++jHoA3af9h+oS/1Bd4h+qS/xDdYl/qC7xD9Ul/qG6xD8AAAAAADxT9h+6+0MSEUvPDTYfqf4sr6/UmgG7rVZ2BYDSuMUPVJepP1BdrvGBZIP8gY4HbXTkeubOP8HBAAAAAAAAAAAAAFA5hw9a/w9VZf0/VJf1/1Bd+fr/QyXXA+g+1/hAbLCSv3D9/4ZHAQAAAAAAAAAAAAA7aX7xxuWp2dmZ6zZefTqq0c2NRqNxM/0reFrqs/MbSTZDvSuF5lPhu3+m/Zs5wXyt3+Z+cnnvSQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLs/AwAA//+JjCTl")
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0)
pipe2$9p(&(0x7f0000001900), 0x0)
dup(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000280), &(0x7f00000013c0)=0xc)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x840000000002, 0x3, 0x9)
bpf$MAP_CREATE(0x0, &(0x7f0000002080)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'bond0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x9}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0xd, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x40890)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="94000000", @ANYRES16=0x0, @ANYBLOB="010000000000000000000100000024000180060005004e230000060001000200000008000700", @ANYRES32=r6, @ANYBLOB="08000600010000001c00018008000700", @ANYRES32=r6, @ANYBLOB="0800060010000000050002002c0000000800040002000000380001800800060072732ac2cffca38f08629ea34706c1acdd23000000050002000c00000014000400fe8000000000000000000000000000bb080006001200000030e6e521384bc7beb452cef09b78301dc985f977ef2ec33c144fbecb614fd4fe6e77e008e656471984710c1075174ce44ad3b8b3e2d1ff3026f36df72450bd84abbe0330df506b425365637b"], 0x94}}, 0x0)
close(0xffffffffffffffff)
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x50)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2982, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r8, &(0x7f0000004200)='t', 0x1)
sendfile(r8, r7, 0x0, 0x3ffff)
sendfile(r8, r7, 0x0, 0x7ffff000)

1.129201181s ago: executing program 1 (id=1290):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
ppoll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x20}, {0xffffffffffffffff, 0x20}, {r0, 0x8}, {r1, 0x2001}, {r1, 0x4008}], 0x5, &(0x7f0000000080)={0x77359400}, &(0x7f0000000180)={[0x4]}, 0x8)

748.190748ms ago: executing program 5 (id=1294):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000040000000c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000001d40)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000380)='udp_fail_queue_rcv_skb\x00', r2, 0x0, 0x6}, 0x18)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x88ca, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
memfd_create(&(0x7f0000000100)='\vem\xda\x99R@m\xfc\xfe\x9b#*\xff', 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r4 = io_uring_setup(0x20, &(0x7f00000000c0)={0x0, 0x0, 0x3000, 0x80000000, 0xfefffffd})
io_uring_register$IORING_REGISTER_RESIZE_RINGS(r4, 0x21, &(0x7f0000000340)={0x0, 0xa468, 0x8, 0x2, 0xd5, 0x0, r4}, 0x1)

715.904809ms ago: executing program 4 (id=1295):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='kfree\x00', r1, 0x0, 0x200000004000000}, 0x18)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="58000000020601020000000a00000000000000000900020073797a31000000000500010007000000050005000a00000014000780080013400000000708001240fffffffa0c000300686173683a697000050004"], 0x58}}, 0x0)

662.777691ms ago: executing program 5 (id=1296):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
prctl$PR_SCHED_CORE(0x4d, 0x1, 0x0, 0x0, 0x0)
socket(0x1e, 0x4, 0x0)
socket(0x1e, 0x2, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sched_setscheduler(0x0, 0x6, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x20000023896)
close(r1)
r3 = gettid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000003c0)='kfree\x00', 0xffffffffffffffff, 0x0, 0x8000000001}, 0x18)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)

662.476761ms ago: executing program 4 (id=1297):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x8, &(0x7f0000000080)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x7}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x67, 0x52e, &(0x7f0000000480)="$eJzs3U9vI2cZAPBnHHvZ7GabFDhAJUqhRdkVrJ00tI04lCIhOFUCyr2ExImiOHEUO+0mqtis+ABICAESJ7hwQeIDIKFKXDgipEpwBgECIdjCgQN00NjjNJv4X7tOnE1+P2ky78y8M8/zOprxvJ7RTACX1lMR8VJEvJOm6a2ImM7nF/IhDtpDVu/t+28sZ0MSafrKP5JI8nmdbSX5+Hq+2tWI+NqXI76ZnIzb2NvfWKrVqjv5dKW5uV1p7O3fXt9cWquuVbcWFuafX3xh8bnFuZG080ZEvPjFv3z/Oz/90ou//Mzrf3z1bze/laU1lS8/2o73qNhvYbvppdZncXSFnfcZ7DwqtlqYm+xWY+LEnHunnBMAAN1l5/gfjIhPRsStmI6J/qezAAAAwCMo/fxU/DeJSLu70mM+AAAA8AgptO6BTQrl/F6AqSgUyuX2PbwfjmuFWr3R/PRqfXdrpX2v7EyUCqvrtepcfq/wTJSSbHq+VX53+tlj0wsR8XhEfG96sjVdXq7XVsb94wcAAABcEteP9f//Pd3u/3fcHWdyAAAAwOjMjDsBAAAA4NQN2/+/dsp5AAAAAKfH9X8AAAC40L7y8svZkHbef73y2t7uRv212yvVxkZ5c3e5vFzf2S6v1etrrWf2bQ7aXq1e3/5sbO3eqTSrjWalsXc1Nuu7W81X1x94BTYAAABwhh7/+Ju/TyLi4HOTrSFzZbhVh6wGnFfFw1KSj7vs1n94rD3+8xklBZyJiXEnAIxNcdwJAGNTGncCwNglA5b3vHnnN/n4E6PNBwAAGL3Zj/a+/l/ou+ZB/8XAuWcnhsvL9X+4vFrX/4e9k7fgbeBwkZQGnQH07SA4HsBF8NDX/wdK0/eUEAAAMHJTrSEplIud6UKhXI640XotQClZXa9V5yLisYj43XTpA9n0fKtmMrDPAAAAAAAAAAAAAAAAAAAAAAAAAAC0pWkSKQAAAHChRRT+mvyq/Sz/2elnpo7/PnAl+c905K8Iff1Hr/zgzlKzuTOfzf/n4fzmD/P5z47jFwwAAAC4FAa8wP9BnX56px8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP09v03ljvDWcb9+xciYqZb/GJcbY2vRikirv0rieKR9ZKImBhB/Mnsz0e6xU+ytA5Ddos/OYL4B/f6xo+D/FPoFv/6COLDZfZmdvx5qdv+V4inWuPu+18x4oHp96v38S8Oj38TPfb/G0PGeOKtn1d6xr8X8UTxRPy7WYRO/KRH/KeHjP+Nr+/v91qW/jhituv3T9Kpkh0ho9Lc3K409vZvr28urVXXqlsLC/PPL76w+NziXGV1vVbN/3aN8d2P/eKdfu2/1iP+zID2P3Nia1e6xvjfW3fuf6hdLHWLf/PpLvF//ZO8xsn4hfy771N5OVs+2ykftMtHPfmz3z7Zr/0rPdo/6P9/s9dGj7n11W//aciqAMAZaOztbyzVatWdC1vIeulDVs7Ozs5FzgpDFCYefjt3R5pYmqZptk89xHaSGPenelgY95EJAAAYtXdP+sedCQAAAAAAAAAAAAAAAAAAAFxeZ/E4seMxDw5LySgeoQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBL/DwAA//9t9tlI")
r5 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r6 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
write$binfmt_register(r6, &(0x7f0000000440)={0x3a, 'syz2', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x32)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r5, 0x7, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', 0xffffffffffffffff, &(0x7f0000000080)='./file0\x00')
ioctl$EVIOCGPROP(0xffffffffffffffff, 0x80404509, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r7, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)

438.706221ms ago: executing program 4 (id=1298):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x42280, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x305200, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d0000008500000050000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r4}, 0x18)
syz_io_uring_setup(0x10e, &(0x7f00000000c0)={0x0, 0xf07d, 0x400, 0x40000, 0x105}, &(0x7f0000000400)=<r5=>0x0, &(0x7f0000000240)=<r6=>0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x89fc, &(0x7f00000006c0)={'sit0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x4004, @fd_index=0x1, 0x8, &(0x7f0000002a40)=[{&(0x7f0000000280)=""/221, 0xdd}, {&(0x7f0000000840)=""/4096, 0x1000}, {&(0x7f0000002b00)=""/4099, 0x1000}, {&(0x7f0000000440)=""/107}, {&(0x7f0000000500)=""/193}, {&(0x7f00000003c0)=""/18}, {&(0x7f0000000700)=""/148}, {&(0x7f0000002840)=""/245}, {&(0x7f0000002940)=""/226}], 0x11b, 0x1d})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00'}, 0x10)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="100000002d000b02d25a806f8c6394f9101a04000a", 0x15}], 0x1}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b)
r9 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r9, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0eab070004000523"], 0xfe33)
write$cgroup_subtree(r8, &(0x7f0000000000)=ANY=[@ANYBLOB="563f000019"], 0xfe33)

402.759462ms ago: executing program 3 (id=1299):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb010018000000000000001000000010000000090000000600000000000011030000000800000000005f2e00302e00fed19851b867ea01b402384be200"], &(0x7f0000000200)=""/114, 0x31, 0x72, 0x0, 0x6, 0x10000}, 0x28)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095", @ANYRES32=r0, @ANYRES32=r0, @ANYRESDEC=r1, @ANYBLOB="e82b0b51e63bfea7144b0ef86f2846f0b6371d9e8787db5c65714895d4d232798bac14563a25956288b14a16ff3598a7eb6ec5c0ca3b781b6375a4767b51dac89c1cfc40047a37760abbc37ab8092ba65f185f8d53a66b600993e35f7813491a083050e359fe2856c390e380fb4e3da7c2cf4380ee6c5351ab540784c6e54f2af10de831b7dcc00814ba76a07a846aec42155e6b1e8bac03bce2b8abd3d60da4d06703b5b0111ccf9fcf67e21117aa49f7cdc7f227798a8f5dc2f489b16cd63cf2888310b4f158457e0550ac3f0f59d05c52069418b4a3c88cc682575a8f20f73493a496cdff66bf62affdb5810bd145ea7fd93009a8161dc72ea419a7"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1a, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r2, 0x0, 0x5}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r4}, &(0x7f0000000000), &(0x7f00000005c0)=r5}, 0x20)
ioctl$FS_IOC_ENABLE_VERITY(r1, 0x40806685, &(0x7f0000000500)={0x1, 0x3, 0x1000, 0x2f, &(0x7f00000004c0)="fba1248448607a66ae08e10d451107b96e8b8eff0d4b15cc06cb66ba919feee9a2b223a021acea5d5311539ef3bb93", 0xf2, 0x0, &(0x7f00000007c0)="8cc4221311f0b27e7a53bb0b6ddc58c0157af07bceeb770bf02b41dec45478f0d1e8bed6ac90dfc7599e49f2b03983a3a007e38c75cbc2be27eb639caa271996bb2b03e8462e57f9d91591eb1aba96218a6ef9de0f2757f6ea407f06ca0ae896a5eddc6bd2ba8a073cda03a20af084ffb5ba903f51c192d27ab5db28f73863270efd2d0e8afe793fd97a369694ea51df1dd2031395cf9ddbe95c72131f98126c7d81d149717bbcd9767d92f9396146293ca508c045ffa5f5fedf972c8f60e38e3584a876cecb7a0a16f86809b256a735cb330da033747d66f38692d805619bd548ee5ae5bea19ee3721e8f4d069e7132cdc7"})
recvmmsg(0xffffffffffffffff, &(0x7f0000000dc0)=[{{&(0x7f0000000340)=@x25={0x9, @remote}, 0x80, 0x0}, 0x2}, {{&(0x7f0000000700)=@xdp, 0x80, 0x0}, 0x8}], 0x2, 0x2, 0x0)
r6 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r6, &(0x7f0000000000)={0xa, 0x0, 0x1, @empty, 0x0, 0x3}, 0x20)
connect$l2tp6(r6, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20)
sendmmsg$inet6(r6, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1b, 0x0}}], 0x17fd147c801ae9af, 0xff00)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000002c0)={@initdev, @empty}, &(0x7f0000000300)=0xc)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r9=>0x0})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r9, {0x10, 0x4}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x4000010)
syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f00000001c0))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES64, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='kfree\x00', r11}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="24000000390009002cbd70000000000004000000040000000c0001800600060006"], 0x24}}, 0x0)

279.391327ms ago: executing program 0 (id=1300):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0700000004000000000100000104000028000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000034fd8f684c8aec27f051d9236c4dec03d0cce3064d02e693f5d02bf6e798c644c642aeb2b63934b1c2b632061bfb229d2a16b8581abb1f541a51acce68baa4d0e22d72844317451520ee39a911298eca7ec2"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="00000000000000001b000000b7000000000000009500"/40], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000400)='sys_enter\x00', r1}, 0x18)
r2 = syz_open_dev$vcsn(&(0x7f00000005c0), 0x1, 0x400000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r4, 0x11b, 0x6, &(0x7f0000000000)=0x40000000, 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r6=>0x0})
getpeername$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000140)=0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000000940)=@base={0xb, 0x7, 0xc, 0x3, 0x1, 0xffffffffffffffff, 0x0, '\x00', r7}, 0x50)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r2, 0x89f8, &(0x7f0000000500)={'syztnl2\x00', &(0x7f00000004c0)={'syztnl1\x00', <r8=>0x0, 0x10, 0x8000, 0x7, 0x6, {{0x8, 0x4, 0x0, 0x24, 0x20, 0x65, 0x0, 0x5, 0x29, 0x0, @loopback, @dev={0xac, 0x14, 0x14, 0x11}, {[@ssrr={0x89, 0xb, 0x9e, [@empty, @loopback]}]}}}}})
sendmsg$ETHTOOL_MSG_DEBUG_GET(r2, &(0x7f0000000580)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000c00)=ANY=[@ANYBLOB="e4000000", @ANYRES16=0x0, @ANYBLOB="00002dbd7000fcdbdf25070000000c00018008000100", @ANYRES32=r6, @ANYBLOB="6c000180140002007465616d5f736c6176655f30000000000800030001000000140002006261746164765f736c6176655f3000001400020064756d6d7930000000000000000000000800030002000000140002006d61637365633000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="3c00018008000100", @ANYRES32, @ANYBLOB="b0b4aef36b8b04c5f2239e41a3315be76c4d1862134ce2da717030c2df359769c1ca2149fa19e4709a4aa7cdd71b6923e8649ac1e0e49a9f70dd917a43fa16", @ANYRES32, @ANYBLOB="080003000300000008000100", @ANYRES32=r8, @ANYBLOB="0800030001000000080003000100000008000100", @ANYRES32=0x0, @ANYBLOB="1c00018008000100", @ANYRES32=r6, @ANYBLOB="080003000300000008000100", @ANYRES32=0x0, @ANYBLOB], 0xe4}, 0x1, 0x0, 0x0, 0x40}, 0x4040084)
setsockopt$MRT_INIT(r5, 0x0, 0xc8, &(0x7f0000000080)=0x300, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
chroot(0x0)

270.571048ms ago: executing program 1 (id=1301):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x2002)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x55, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000200)='kfree\x00', r1, 0x0, 0x9}, 0x18)
syz_io_uring_setup(0x3685, &(0x7f00000000c0)={0x0, 0x79af, 0x200, 0x4, 0x216}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000380)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd_index=0x3, 0x6, 0x0, 0x0, 0x2, 0x1})
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000200), 0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0x60, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_usb_connect(0x2, 0x24, &(0x7f0000000740)=ANY=[], 0x0)
close_range(r4, 0xffffffffffffffff, 0x200000000000000)

270.064058ms ago: executing program 3 (id=1302):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={0x0, r0}, 0x18)
prctl$PR_SCHED_CORE(0x4d, 0x1, 0x0, 0x0, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))

241.457069ms ago: executing program 0 (id=1303):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000b00)='kmem_cache_free\x00', r1, 0x0, 0x1034}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000340)={0x1, &(0x7f0000000400)=[{0x200000000006, 0x8, 0x5, 0x36}]})
timerfd_gettime(0xffffffffffffffff, &(0x7f0000000980))
unshare(0x2040400)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$RTC_ALM_SET(r2, 0x40247007, 0x0)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r3 = inotify_init1(0x800)
inotify_add_watch(r3, &(0x7f0000000540)='./file0\x00', 0xc4000ce7)
r4 = perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, 0x0, &(0x7f00000001c0)=r4}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6, 0x0, 0x7fff}, 0x18)
lsetxattr$security_selinux(&(0x7f0000000400)='./file0\x00', &(0x7f0000000000), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000012c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000800)=ANY=[@ANYRES32=r7, @ANYRES32=r7, @ANYBLOB='/\x00'/12, @ANYRES32, @ANYBLOB="0884301bca986639f7fb9eb3c49926c7d07fe3d97a98ff2551e8a4555d64fa7ce0325ddea52b0b32d323e1eb30612f4ed5e83c2a7c7f41e134a81c94904c378289a077863cc57f8c746e34d9d58cacc6bb5ed1e58971fa14909efd18586847bd983cd90107d630d16025c18e51a1da2c99bc8a2649379ac272a66a51d8274a95baa5642bc2d97e24b88dcd8d0e09a9fb58", @ANYRES64=0x0], 0x20)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={@fallback=r7, 0x2f, 0x0, 0x0, &(0x7f0000000140)=[0x0], 0x1, 0x0, &(0x7f0000000200)=[0x0], 0x0, 0x0}, 0x24)
setxattr$trusted_overlay_origin(&(0x7f00000002c0)='./bus\x00', &(0x7f0000000380), &(0x7f00000003c0), 0x2, 0x2)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x0, 0x40)
getdents(r8, &(0x7f0000000080)=""/43, 0x2b)
getdents(r8, 0x0, 0xbb)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)

238.304019ms ago: executing program 3 (id=1304):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x61)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x18)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=ANY=[@ANYBLOB="1400000010000700000e0000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000002600000000c0a01080000000000000000010000000900020073797a32000000003400038030000080080003400000000224000b80200001800e000100636f6e6e6c696d69740000000c00028008000140000000000900010073797a30"], 0xe4}, 0x1, 0x0, 0x0, 0x4000010}, 0x4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000400)='./file0\x00', 0x800000, &(0x7f0000000040)=ANY=[@ANYBLOB="00fbfddc0bd5e8dee8d286b20b62086ce9b81b1660031b9dcba026117a79eba4a32d50e5c7b14c8e3f4d"], 0x1, 0x3ea, &(0x7f0000000c40)="$eJzs3M9OG0ccwPFZYleUSqhS1EAIh2nTAz3EWS/FyMppux6bSda7q5l1BKcqKhChQlo1qdRwabmkrdQ+RK59iL5R1L4B1f4xBWMw4U+Mou9HQjPe/c3Mb1bWjrxoVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOEELdetOyLUUW9Vnixombh7yvl+f58dKU4ZVwgn+xOTk2K2ODR78//TnxSdzBSfZsRkVkyK3Y9uffzgZmWi3/6UhN6J5y93v32yvb3xw8DxytDMqrLy737u3WR39Toq0jbWXb+jpLaxbDYa7v2VtpVtHSq7ZlPVlYFRfhobuRB8IevN5qJUtbW4F3Vafqj6B5fvea7bkA9rifKNjaP7D2s2WNFhqKNOHpOdzmKWsy/iI53KVPldKTe3tjcWRyWZBdXPEuSNCvJcz6vXPa/eWGouLbtuxXM9eeSAO0AcazL+Ly3G65Lv4MD57ZfrPwAAAAAAeH85+TP27Pd/NX8O74i2DpU77rQAAAAAAMAlyv/zP5MV1aw2Kxx+/wMAAAAA8L757fAeuw+H7bGzyab4+x9hTNXZS1Y/d3b8LNzfEZW83Y3BHtP2nDNddpIXjUr5KVDzzu0i6HY/+k1ZbI7a6+ccS6AceTCBYofd/s9DEhB/iLkiaG69KNf7Z4pRpto6VLUgDh/Uhe9PT6RqNf3x2dZPIp/+71F32hGbW9sbtW++217Pc9nLetnbKTdQHNtHcfLFEC8O9j0On3E1fxBTjjtVjOsenv9E0XziLcZ8Je4UMXeminLq6PwnszHrtZNmX2ZRv+DMX4n5ImZ+4W5W3F0YkoU3KgvvcBbnuhZnyGJxVBaLF8wCAMZlc8Qq5Bxf+M9xl7u81f30O/qnB2G/CCEqc0Pu6O6oO7p7wdXtr2PvQDhpjc3G/XNgVX2dNXh94rg29JzsEt54sfO9uPX85e69rZ0nTzeebjzzvMWG+6XrLnmimk+jLFh7AABDKPPGmUp/dYzRydf1ZrPupytKmjh4JI1udZTUUapMsOJHHSUTE6dxEIdZ5bFuKSttL0lik8p2bGQSW72av/lFlq9+sarrR6kObBIq3yoZxFHqB6lsaRvIpPdVqO2KMnljm6hAt3XgpzqOpI17JlA1Ka1ShwJ1S0WpbuusGsnE6K5v1uTjOOx1lWwpGxidpHHRYX8sHbVj0827rY37YgMAcE0cvMHu7JVq2fTMrcY8RQAAMIBVGgAAAAAAAAAAAAAAAAAAAACA6+8c+//GXHGEENcgDSpULrvywXm/2PtXkM+470wArtp/AQAA//9YmqqZ")
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000004700)={'team0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x10)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), r8)
sendmsg$NLBL_MGMT_C_ADDDEF(r9, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0)
bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000100)={0x60, r5, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r6}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000431}, 0x4040084)

226.93329ms ago: executing program 4 (id=1305):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000880)='ns\x00')

183.574231ms ago: executing program 5 (id=1306):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000840)=@newsa={0x13c, 0x10, 0x713, 0x0, 0x0, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, {@in=@local, 0x4d5, 0x33}, @in6=@private0, {0x3}, {}, {0x0, 0x7fffffff, 0x4}, 0x0, 0x0, 0xa}, [@algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}, 0x0, 0x80}}]}, 0x13c}}, 0x0)

161.464242ms ago: executing program 4 (id=1307):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="6a0ac4ff005219000000000000000000000000000000000028fee9831d5cec6c0c642290f44b08000000470fac7c31ea87787d930cc2b121a60073191643185323be111b603fd3d391c544f8c0c254402d44cc4a448a1ed3583fb359ec913cf8f5e700676fa58dbc5bb78dac73f188f86f3fd7657bdf75127f5972660c0ef9ed1435c340ee8ca000136ff415eff48986477fe12e405861b56efde05dd3fe408dc8e721bc1611f2b7150465aa9591180d30e0b246a2b93ccf136e8168765db23c1ea33eab89b71446f5e2805af764de2b8103bd85dbf3443ec90dc1288e530931f840bbc7148bc5837e5f14788f5b01c6ebd970c129cebb0d2af6a6303ec471e389cbab307660180bafcabc5b193aff88c5961c9ba2200b9a6d9c6ed4ef252f225f3bc2d06dd64f0b7fc6a3c2a8d674832365f3c86867b5f3a1909f85c6bfc9c2aeff603e0bcb82108020e62206f4fb550f1d56db6ae982c9c034b89869418d8d94ac0c9e7e081fc544593a7404d789f585c629b5d894567893e509e718d93730374066b6727256fd10c8519d62adc8c8403bef25d270682b6bac2a11cc697801e350085100e13fbb5bc45432de05756fcba0fa6d2a178c4d8b"], &(0x7f0000000480)='GPL\x00'}, 0x90)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
socket$inet_udp(0x2, 0x2, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) (fail_nth: 3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000000)=""/10, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000b40)={0xffffffffffffffff, &(0x7f0000000a80), 0x0}, 0x20)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000380)={{0x1, 0x1, 0x18, <r3=>r1, {0x4, 0x8000}}, './file0\x00'})
setns(r3, 0x2000000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000400)='kmem_cache_free\x00', r4}, 0x18)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r5, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r6, 0x4, 0x0, 0x2, 0x0, {0xa, 0x4e21, 0x8000, @empty}}}, 0x32)
writev(r5, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000300)='ext4_free_inode\x00', r0}, 0x18)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
getsockname(r7, 0x0, 0x0)

119.950065ms ago: executing program 5 (id=1308):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f02, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'bond0\x00', <r2=>0x0})
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="5c0100001000130720000000fcdbdf25e00000010000e2ff0000000000000000ff020000000000000000000000000001000400004e2100020000000021000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fc010000000000000000000000000000000004d632000000e000000200000000000000000000000000000000000000000000000000000000020000000000000009000000000000000d00000000000000000000000000000001000080000000004305000000000000040000000000000000000000000000800000000000000000fdffffffffffffff0000000000000000000000002cbd70000035100002000000500000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000060000000210466d38547aa140db9a200000000c538c7cb7a0c001c00", @ANYRES32=r2], 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x10)

83.196986ms ago: executing program 5 (id=1309):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000040)}], 0x1)

82.718986ms ago: executing program 5 (id=1310):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000040), 0x3, 0x5eb, &(0x7f0000000c00)="$eJzs3ctvFEcaAPCvxw9sjNYDWu0ue1gsrVYg7WJjAysU5QDXCFnkoVxyiYMNIRiwsKPEJBJGIpdIUS5RFCmnHEL+iwSFK6fklEMuOUVIKIk4RspEPdNtPHaPX9jTiP79pGG6q6Zd1djfVHVNVU8AlTWS/lOLOBgRc0nEcLK0nNcbWeZI63WPfnv/fPpIotF4+Zckkiwtf32SPQ9lBw9ExHffJnGgZ22584s3Lk/Nzs5cz/bHFq7Mjc0v3jh66crUxZmLM1cn/j9x6uSJk6fGj23rvG4WpJ29/dY7wx9Ovvbl578n41/9OJnE6Xghe+HK89gpIzHS/D9J1mYNndrpwkrSk/2dNBqNRp6W9JZbJzYv//31RcTfYzh64vEvbzg+eLHUygG7qpG03ruBKkrEP1RU3g/Ir+1XXwfXSumVAN3w8ExrAGBt/Pe2xgZjoDk2sPdREiuHdZKI2N7IXLt9EXH/3uTtC/cmb8cujcMBxZZuRcQ/iuI/acZ/PQai3oz/Wlv8p/2Cc9lzmv7SNstfPVQs/qF7WvE/sG78R4f4fz19vtmK4Te2WX798eabg23xP7jdUwIAAAAAAIDKunsmIv5X9Pl/bXn+TxTM/xmKiNM7UP7Iqv21n//XHuxAMUCBh2cini+c/1vLZ//We1YsYa1HX3Lh0uzMsYj4S0Qcib496f74OmUc/ejAZ53yRrL5f/kjLf9+Nhcwq8eD3j3tx0xPLUw9wSkDmYe3Iv5ZOP83WW7/k4L2P31nmNtkGQf+c+dcp7yN4x/YLY0vIg4Xtv+P71qRrH9/jrFmf2As7xWs9a/3Pv66U/nbjX+3mIAnl7b/e9eP/3qy8n4981sv4/hib6NT3nb7//3JK827CvVnae9OLSxcH4/oT872pKlt6RNbrzM8i/J4yOMljf8j/15//K+o/z8YEUurfnbya/ua4tzf/hj6qVN99P+hPGn8T2+p/d/6xsSd+jedyt9c+3+i2dYfyVKM/0HLp3mY9renF4Rjb1FWt+sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+CWkTsi6Q2urxdq42ORgxFxF9jb2322vzCfy9ce/vqdJrX/P7/Wv5Nv8Ot/ST//v/6iv2JVfvHI2J/RHzSM9jcHz1/bXa67JMHAAAAAAAAAAAAAAAAAACAp8RQh/X/qZ97yq4dsOt6y64AUJqC+P++jHoA3af9h+oS/1Bd4h+qS/xDdYl/qC7xD9Ul/qG6xD8AAAAAADxT9h+6+0MSEUvPDTYfqf4sr6/UmgG7rVZ2BYDSuMUPVJepP1BdrvGBZIP8gY4HbXTkeubOP8HBAAAAAAAAAAAAAFA5hw9a/w9VZf0/VJf1/1Bd+fr/QyXXA+g+1/hAbLCSv3D9/4ZHAQAAAAAAAAAAAAA7aX7xxuWp2dmZ6zZefTqq0c2NRqNxM/0reFrqs/MbSTZDvSuF5lPhu3+m/Zs5wXyt3+Z+cnnvSQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLs/AwAA//+JjCTl")
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0)
pipe2$9p(&(0x7f0000001900), 0x0)
dup(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000280), &(0x7f00000013c0)=0xc)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x840000000002, 0x3, 0x9)
bpf$MAP_CREATE(0x0, &(0x7f0000002080)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'bond0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x9}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0xd, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x40890)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="94000000", @ANYRES16=0x0, @ANYBLOB="010000000000000000000100000024000180060005004e230000060001000200000008000700", @ANYRES32=r6, @ANYBLOB="08000600010000001c00018008000700", @ANYRES32=r6, @ANYBLOB="0800060010000000050002002c0000000800040002000000380001800800060072732ac2cffca38f08629ea34706c1acdd23000000050002000c00000014000400fe8000000000000000000000000000bb080006001200000030e6e521384bc7beb452cef09b78301dc985f977ef2ec33c144fbecb614fd4fe6e77e008e656471984710c1075174ce44ad3b8b3e2d1ff3026f36df72450bd84abbe0330df506b425365637b"], 0x94}}, 0x0)
close(0xffffffffffffffff)
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x50)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2982, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r8, &(0x7f0000004200)='t', 0x1)
sendfile(r8, r7, 0x0, 0x3ffff)
sendfile(r8, r7, 0x0, 0x7ffff000)

14.620159ms ago: executing program 4 (id=1311):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SCHED_CORE(0x4d, 0x1, 0x0, 0x0, 0x0)
socket(0x1e, 0x4, 0x0)
socket(0x1e, 0x2, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sched_setscheduler(0x0, 0x6, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x20000023896)
close(r2)
r4 = gettid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000003c0)='kfree\x00', 0xffffffffffffffff, 0x0, 0x8000000001}, 0x18)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)

0s ago: executing program 3 (id=1312):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
ppoll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x20}, {0xffffffffffffffff, 0x20}, {r0, 0x8}, {r1, 0x2001}, {r1, 0x4008}], 0x5, &(0x7f0000000080)={0x77359400}, &(0x7f0000000180)={[0x4]}, 0x8)

kernel console output (not intermixed with test programs):

69.627337][ T5064] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   69.653509][ T5064] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   69.673626][ T5064] loop3: detected capacity change from 0 to 512
[   69.682715][ T5064] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   69.691563][ T5064] EXT4-fs (loop3): can't mount with both data=journal and delalloc
[   70.497939][   T12] Bluetooth: hci0: Frame reassembly failed (-84)
[   70.549048][ T5087] hub 2-0:1.0: USB hub found
[   70.553803][ T5087] hub 2-0:1.0: 8 ports detected
[   70.616951][ T5092] syzkaller0: entered promiscuous mode
[   70.622757][ T5092] syzkaller0: entered allmulticast mode
[   70.709196][ T5102] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   70.717790][ T5102] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   70.723919][ T5101] syzkaller0: entered promiscuous mode
[   70.731150][ T5101] syzkaller0: entered allmulticast mode
[   70.767515][ T5102] loop4: detected capacity change from 0 to 512
[   70.778340][ T5102] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   70.786921][ T5102] EXT4-fs (loop4): can't mount with both data=journal and delalloc
[   70.797144][ T5111] __nla_validate_parse: 2 callbacks suppressed
[   70.797231][ T5111] netlink: 4 bytes leftover after parsing attributes in process `syz.3.493'.
[   70.912803][ T5117] netlink: 'syz.3.497': attribute type 30 has an invalid length.
[   71.271392][ T5129] syzkaller1: entered promiscuous mode
[   71.277073][ T5129] syzkaller1: entered allmulticast mode
[   71.388952][ T5131] hub 2-0:1.0: USB hub found
[   71.394094][ T5131] hub 2-0:1.0: 8 ports detected
[   71.427395][ T5135] loop4: detected capacity change from 0 to 1024
[   71.437409][ T5135] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.468230][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.488949][ T5139] loop4: detected capacity change from 0 to 164
[   71.495752][ T5139] iso9660: Unknown parameter ''
[   71.559045][ T5143] netlink: 4 bytes leftover after parsing attributes in process `syz.4.507'.
[   71.614759][ T5149] 9pnet: Could not find request transport: f
[   71.805384][ T5161] netlink: 12 bytes leftover after parsing attributes in process `syz.3.511'.
[   71.808272][ T5162] syzkaller1: entered promiscuous mode
[   71.814308][ T5161] netlink: 12 bytes leftover after parsing attributes in process `syz.3.511'.
[   71.819784][ T5162] syzkaller1: entered allmulticast mode
[   71.868168][ T5164] hub 2-0:1.0: USB hub found
[   71.872916][ T5164] hub 2-0:1.0: 8 ports detected
[   71.976384][ T5179] loop1: detected capacity change from 0 to 164
[   71.982999][ T5179] iso9660: Unknown parameter ''
[   72.036197][ T5181] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   72.061706][ T5181] loop1: detected capacity change from 0 to 136
[   72.114677][ T5187] 9pnet: Could not find request transport: f
[   72.515281][ T4085] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   72.683864][ T5196] syzkaller0: entered promiscuous mode
[   72.689424][ T5196] syzkaller0: entered allmulticast mode
[   72.787779][ T5202] netlink: 4 bytes leftover after parsing attributes in process `syz.2.529'.
[   72.799854][ T5200] hub 2-0:1.0: USB hub found
[   72.804570][ T5200] hub 2-0:1.0: 8 ports detected
[   72.842194][ T5208] syzkaller1: entered promiscuous mode
[   72.847792][ T5208] syzkaller1: entered allmulticast mode
[   72.926680][ T5212] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   72.955056][ T5212] loop3: detected capacity change from 0 to 136
[   73.097055][ T5223] netlink: 4 bytes leftover after parsing attributes in process `syz.0.537'.
[   73.166562][ T5231] syzkaller0: entered promiscuous mode
[   73.172267][ T5231] syzkaller0: entered allmulticast mode
[   73.195941][ T5236] loop1: detected capacity change from 0 to 1024
[   73.213465][ T5236] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.347225][ T5247] netlink: 4 bytes leftover after parsing attributes in process `syz.2.544'.
[   73.370328][   T29] kauditd_printk_skb: 1443 callbacks suppressed
[   73.370374][   T29] audit: type=1326 audit(1763604244.646:5975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.3.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb767b2f749 code=0x7ffc0000
[   73.403573][ T5252] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   73.420317][   T29] audit: type=1326 audit(1763604244.646:5976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.3.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb767b2f749 code=0x7ffc0000
[   73.443831][   T29] audit: type=1326 audit(1763604244.646:5977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.3.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb767b2f749 code=0x7ffc0000
[   73.467304][   T29] audit: type=1326 audit(1763604244.676:5978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5214 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc883df749 code=0x7ffc0000
[   73.490690][   T29] audit: type=1326 audit(1763604244.676:5979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5214 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc883df749 code=0x7ffc0000
[   73.514132][   T29] audit: type=1326 audit(1763604244.696:5980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.3.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb767b2f749 code=0x7ffc0000
[   73.552414][   T29] audit: type=1326 audit(1763604244.786:5981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.3.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb767b2f749 code=0x7ffc0000
[   73.575953][   T29] audit: type=1326 audit(1763604244.806:5982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.3.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fb767b2f749 code=0x7ffc0000
[   73.599553][   T29] audit: type=1326 audit(1763604244.806:5983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.3.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb767b2f749 code=0x7ffc0000
[   73.623261][   T29] audit: type=1326 audit(1763604244.806:5984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.3.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb767b2f749 code=0x7ffc0000
[   73.815253][ T5283] warn_alloc: 3 callbacks suppressed
[   73.815271][ T5283] syz.0.558: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[   73.835042][ T5283] CPU: 1 UID: 0 PID: 5283 Comm: syz.0.558 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   73.835160][ T5283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   73.835176][ T5283] Call Trace:
[   73.835185][ T5283]  <TASK>
[   73.835195][ T5283]  __dump_stack+0x1d/0x30
[   73.835224][ T5283]  dump_stack_lvl+0xe8/0x140
[   73.835246][ T5283]  dump_stack+0x15/0x1b
[   73.835336][ T5283]  warn_alloc+0x12b/0x1a0
[   73.835368][ T5283]  ? __rcu_read_unlock+0x4f/0x70
[   73.835471][ T5283]  __vmalloc_node_range_noprof+0x9d/0xed0
[   73.835499][ T5283]  ? __futex_wait+0x1fa/0x260
[   73.835518][ T5283]  ? __pfx_futex_wake_mark+0x10/0x10
[   73.835578][ T5283]  ? __rcu_read_unlock+0x4f/0x70
[   73.835615][ T5283]  ? avc_has_perm_noaudit+0x1b1/0x200
[   73.835644][ T5283]  ? should_fail_ex+0x30/0x280
[   73.835693][ T5283]  ? xskq_create+0x36/0xe0
[   73.835748][ T5283]  vmalloc_user_noprof+0x7d/0xb0
[   73.835812][ T5283]  ? xskq_create+0x80/0xe0
[   73.835832][ T5283]  xskq_create+0x80/0xe0
[   73.835854][ T5283]  xsk_init_queue+0x95/0xf0
[   73.835881][ T5283]  xsk_setsockopt+0x3f5/0x640
[   73.835959][ T5283]  ? __pfx_xsk_setsockopt+0x10/0x10
[   73.835977][ T5283]  __sys_setsockopt+0x184/0x200
[   73.836008][ T5283]  __x64_sys_setsockopt+0x64/0x80
[   73.836037][ T5283]  x64_sys_call+0x20ec/0x3000
[   73.836098][ T5283]  do_syscall_64+0xd2/0x200
[   73.836118][ T5283]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   73.836152][ T5283]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   73.836183][ T5283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.836258][ T5283] RIP: 0033:0x7f3c1d50f749
[   73.836271][ T5283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.836287][ T5283] RSP: 002b:00007f3c1bf6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   73.836303][ T5283] RAX: ffffffffffffffda RBX: 00007f3c1d765fa0 RCX: 00007f3c1d50f749
[   73.836314][ T5283] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000008
[   73.836324][ T5283] RBP: 00007f3c1d593f91 R08: 0000000000000004 R09: 0000000000000000
[   73.836335][ T5283] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[   73.836397][ T5283] R13: 00007f3c1d766038 R14: 00007f3c1d765fa0 R15: 00007ffcdec41008
[   73.836415][ T5283]  </TASK>
[   74.060221][ T5283] Mem-Info:
[   74.063443][ T5283] active_anon:4272 inactive_anon:0 isolated_anon:0
[   74.063443][ T5283]  active_file:9408 inactive_file:2306 isolated_file:0
[   74.063443][ T5283]  unevictable:0 dirty:580 writeback:0
[   74.063443][ T5283]  slab_reclaimable:3240 slab_unreclaimable:15694
[   74.063443][ T5283]  mapped:29375 shmem:303 pagetables:1068
[   74.063443][ T5283]  sec_pagetables:0 bounce:0
[   74.063443][ T5283]  kernel_misc_reclaimable:0
[   74.063443][ T5283]  free:1860373 free_pcp:6348 free_cma:0
[   74.108372][ T5283] Node 0 active_anon:17088kB inactive_anon:0kB active_file:37632kB inactive_file:9224kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:117500kB dirty:2320kB writeback:0kB shmem:1212kB kernel_stack:3632kB pagetables:4272kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   74.135722][ T5283] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   74.165423][ T5283] lowmem_reserve[]: 0 2881 7859 7859
[   74.170774][ T5283] Node 0 DMA32 free:2946728kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2950256kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:0kB free_cma:0kB
[   74.202030][ T5283] lowmem_reserve[]: 0 0 4978 4978
[   74.207125][ T5283] Node 0 Normal free:4479404kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:17204kB inactive_anon:0kB active_file:37632kB inactive_file:9224kB unevictable:0kB writepending:2320kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:21832kB local_pcp:12060kB free_cma:0kB
[   74.240189][ T5283] lowmem_reserve[]: 0 0 0 0
[   74.244820][ T5283] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   74.257634][ T5283] Node 0 DMA32: 4*4kB (M) 3*8kB (M) 4*16kB (M) 2*32kB (M) 4*64kB (M) 2*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2946728kB
[   74.273813][ T5283] Node 0 Normal: 164*4kB (UME) 33*8kB (UM) 78*16kB (UME) 158*32kB (UME) 133*64kB (UME) 46*128kB (UME) 27*256kB (UM) 33*512kB (UM) 24*1024kB (UME) 13*2048kB (UME) 1070*4096kB (UME) = 4479352kB
[   74.293027][ T5283] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   74.302528][ T5283] 12012 total pagecache pages
[   74.307219][ T5283] 0 pages in swap cache
[   74.311365][ T5283] Free swap  = 124996kB
[   74.315542][ T5283] Total swap = 124996kB
[   74.319694][ T5283] 2097051 pages RAM
[   74.323502][ T5283] 0 pages HighMem/MovableOnly
[   74.328242][ T5283] 81087 pages reserved
[   74.346197][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.383320][ T5293] siw: device registration error -23
[   74.497937][ T5305] netlink: 4 bytes leftover after parsing attributes in process `syz.0.567'.
[   74.544054][ T5310] loop4: detected capacity change from 0 to 1024
[   74.553158][ T5310] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.585717][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.781546][ T5326] netlink: 4 bytes leftover after parsing attributes in process `syz.4.574'.
[   74.896953][ T5339] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   74.915301][ T5339] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   75.239868][ T5345] loop1: detected capacity change from 0 to 1024
[   75.289765][ T5345] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.322783][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.334791][ T5348] netlink: 4 bytes leftover after parsing attributes in process `syz.2.580'.
[   75.718064][ T5388] syzkaller1: entered promiscuous mode
[   75.723613][ T5388] syzkaller1: entered allmulticast mode
[   75.961295][ T5417] __nla_validate_parse: 1 callbacks suppressed
[   75.961313][ T5417] netlink: 4 bytes leftover after parsing attributes in process `syz.1.606'.
[   76.149466][ T5434] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   76.185395][ T5434] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   76.281861][ T5443] 9pnet: Could not find request transport: f
[   76.358458][ T5448] 9pnet: Could not find request transport: f
[   76.500599][ T5456] netlink: 'syz.3.620': attribute type 30 has an invalid length.
[   76.716710][ T5461] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   76.725360][ T5461] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   76.858839][ T5466] loop2: detected capacity change from 0 to 2048
[   76.876675][ T5466] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.888952][ T5466] ext4 filesystem being mounted at /115/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.901868][ T5466] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.623: bg 0: block 345: padding at end of block bitmap is not set
[   76.916251][ T5466] EXT4-fs (loop2): Remounting filesystem read-only
[   76.969360][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.268341][ T5480] siw: device registration error -23
[   77.303968][   T12] Bluetooth: hci0: Frame reassembly failed (-84)
[   78.353526][ T5532] netlink: 'syz.0.646': attribute type 30 has an invalid length.
[   78.403490][   T29] kauditd_printk_skb: 950 callbacks suppressed
[   78.403521][   T29] audit: type=1326 audit(1763604249.676:6935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5530 comm="syz.0.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1d50f749 code=0x7ffc0000
[   78.433271][   T29] audit: type=1326 audit(1763604249.676:6936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5530 comm="syz.0.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1d50f749 code=0x7ffc0000
[   78.456743][   T29] audit: type=1326 audit(1763604249.676:6937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5530 comm="syz.0.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1d50f749 code=0x7ffc0000
[   78.480302][   T29] audit: type=1326 audit(1763604249.676:6938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5530 comm="syz.0.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1d50f749 code=0x7ffc0000
[   78.503706][   T29] audit: type=1326 audit(1763604249.676:6939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5530 comm="syz.0.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1d50f749 code=0x7ffc0000
[   78.527219][   T29] audit: type=1326 audit(1763604249.676:6940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5530 comm="syz.0.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3c1d542005 code=0x7ffc0000
[   78.550521][   T29] audit: type=1326 audit(1763604249.686:6941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5530 comm="syz.0.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3c1d542005 code=0x7ffc0000
[   78.573968][   T29] audit: type=1326 audit(1763604249.686:6942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5530 comm="syz.0.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3c1d542005 code=0x7ffc0000
[   78.597281][   T29] audit: type=1326 audit(1763604249.686:6943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5530 comm="syz.0.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3c1d542005 code=0x7ffc0000
[   78.620692][   T29] audit: type=1326 audit(1763604249.686:6944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5530 comm="syz.0.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3c1d542005 code=0x7ffc0000
[   79.229522][ T5554] netlink: 'syz.4.654': attribute type 13 has an invalid length.
[   79.315211][ T4085] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   79.315454][ T4915] Bluetooth: hci0: command 0x1003 tx timeout
[   80.397166][ T4865] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   80.412367][ T4865] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   80.423765][ T4865] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   80.433190][ T4865] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   80.490605][ T5611] netlink: 'syz.4.667': attribute type 30 has an invalid length.
[   80.511199][ T5613] siw: device registration error -23
[   80.620357][ T5623] loop1: detected capacity change from 0 to 1024
[   80.632170][ T5623] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.664564][ T5630] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   80.673341][ T5630] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   81.294742][ T5642] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   81.301813][ T5642] syzkaller0: entered promiscuous mode
[   81.307626][ T5642] syzkaller0: entered allmulticast mode
[   81.321228][ T5642] netlink: 'syz.0.677': attribute type 1 has an invalid length.
[   81.329008][ T5642] netlink: 'syz.0.677': attribute type 4 has an invalid length.
[   81.336880][ T5642] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.677'.
[   81.346794][ T5642] netlink: 'syz.0.677': attribute type 1 has an invalid length.
[   81.354474][ T5642] netlink: 'syz.0.677': attribute type 4 has an invalid length.
[   81.362283][ T5642] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.677'.
[   81.373676][ T5641] tipc: Resetting bearer <eth:syzkaller0>
[   81.383035][ T5641] tipc: Disabling bearer <eth:syzkaller0>
[   81.400049][ T5650] syzkaller1: entered promiscuous mode
[   81.405751][ T5650] syzkaller1: entered allmulticast mode
[   81.461574][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.485961][ T5658] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   81.497667][ T5658] SET target dimension over the limit!
[   81.514338][ T5655] netlink: 4 bytes leftover after parsing attributes in process `syz.0.684'.
[   81.697140][ T5682] netlink: 4 bytes leftover after parsing attributes in process `syz.1.693'.
[   81.755440][ T5693] netlink: 12 bytes leftover after parsing attributes in process `syz.0.695'.
[   81.764511][ T5693] netlink: 12 bytes leftover after parsing attributes in process `syz.0.695'.
[   82.052457][ T5697] loop2: detected capacity change from 0 to 512
[   82.060866][ T5697] EXT4-fs (loop2): orphan cleanup on readonly fs
[   82.067641][ T5697] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.697: bad orphan inode 13
[   82.077923][ T5697] ext4_test_bit(bit=12, block=18) = 1
[   82.083337][ T5697] is_bad_inode(inode)=0
[   82.087582][ T5697] NEXT_ORPHAN(inode)=2130706432
[   82.092475][ T5697] max_ino=32
[   82.095731][ T5697] i_nlink=1
[   82.099524][ T5697] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   82.115482][ T5699] netlink: 4 bytes leftover after parsing attributes in process `syz.3.698'.
[   82.124403][ T5697] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[   82.146503][ T5697] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.697: bg 0: block 248: padding at end of block bitmap is not set
[   82.161209][ T5697] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.697: Failed to acquire dquot type 1
[   82.172790][ T5697] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   82.194383][ T5697] syz.2.697 (5697) used greatest stack depth: 9416 bytes left
[   82.204997][ T3319] EXT4-fs error (device loop2): ext4_lookup:1791: inode #2: comm syz-executor: deleted inode referenced: 12
[   82.217231][ T3319] EXT4-fs error (device loop2): ext4_lookup:1791: inode #2: comm syz-executor: deleted inode referenced: 12
[   82.410255][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.462722][ T5719] netlink: 4 bytes leftover after parsing attributes in process `syz.4.706'.
[   82.499459][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.538983][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.600126][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.627975][ T5722] lo speed is unknown, defaulting to 1000
[   82.652698][ T5739] netlink: 4 bytes leftover after parsing attributes in process `syz.0.710'.
[   82.719905][ T5751] 9pnet: Could not find request transport: f
[   82.747210][ T5753] netlink: 4 bytes leftover after parsing attributes in process `syz.0.716'.
[   82.865761][   T12] bond0 (unregistering): Released all slaves
[   82.926892][ T5768] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   82.935472][ T5768] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   82.973280][ T5768] loop3: detected capacity change from 0 to 512
[   83.008128][ T5768] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   83.016663][ T5768] EXT4-fs (loop3): can't mount with both data=journal and delalloc
[   83.028350][   T12] hsr_slave_0: left promiscuous mode
[   83.046834][   T12] hsr_slave_1: left promiscuous mode
[   83.056494][   T12] veth1_macvtap: left promiscuous mode
[   83.062487][   T12] veth0_macvtap: left promiscuous mode
[   83.068276][   T12] veth1_vlan: left promiscuous mode
[   83.073640][   T12] veth0_vlan: left promiscuous mode
[   83.162240][ T4871] smc: removing ib device syz!
[   83.203942][ T5777] syzkaller0: entered promiscuous mode
[   83.209699][ T5777] syzkaller0: entered allmulticast mode
[   83.224815][ T5601] lo speed is unknown, defaulting to 1000
[   83.228466][ T5722] chnl_net:caif_netlink_parms(): no params data found
[   83.230696][ T5601] infiniband syz0: ib_query_port failed (-19)
[   83.331477][ T5722] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.339011][ T5722] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.346687][ T5722] bridge_slave_0: entered allmulticast mode
[   83.354770][ T5722] bridge_slave_0: entered promiscuous mode
[   83.363090][ T5722] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.370443][ T5722] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.379081][ T5722] bridge_slave_1: entered allmulticast mode
[   83.386058][ T5722] bridge_slave_1: entered promiscuous mode
[   83.405015][ T5722] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.416046][ T5722] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.437431][ T5722] team0: Port device team_slave_0 added
[   83.444350][ T5722] team0: Port device team_slave_1 added
[   83.461321][ T5722] batman_adv: batadv0: Adding interface: batadv_slave_0
[   83.468325][ T5722] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   83.494364][ T5722] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   83.506909][ T5722] batman_adv: batadv0: Adding interface: batadv_slave_1
[   83.513860][ T5722] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   83.539841][ T5722] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   83.569163][ T5722] hsr_slave_0: entered promiscuous mode
[   83.575352][ T5722] hsr_slave_1: entered promiscuous mode
[   83.581300][ T5722] debugfs: 'hsr0' already exists in 'hsr'
[   83.587050][ T5722] Cannot create hsr debugfs directory
[   83.658142][   T29] kauditd_printk_skb: 1205 callbacks suppressed
[   83.658160][   T29] audit: type=1326 audit(1763604254.936:8148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5783 comm="syz.4.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc883df749 code=0x7ffc0000
[   83.662275][ T5798] 9pnet: Could not find request transport: f
[   83.664456][   T29] audit: type=1326 audit(1763604254.936:8149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5783 comm="syz.4.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc883df749 code=0x7ffc0000
[   83.724504][ T5722] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   83.735552][ T5722] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   83.744800][ T5722] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   83.759265][ T5722] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   83.813911][ T5722] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.828628][ T5722] 8021q: adding VLAN 0 to HW filter on device team0
[   83.852452][ T4871] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.859584][ T4871] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.892042][ T4871] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.899170][ T4871] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.908870][ T5819] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   83.918131][   T29] audit: type=1326 audit(1763604255.196:8150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5827 comm="syz.3.734" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb767b2f749 code=0x0
[   83.930262][ T5722] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   83.951311][ T5722] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   83.962361][ T5819] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   84.014109][ T5837] binfmt_misc: register: failed to install interpreter file ./file2
[   84.051577][ T5722] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.061944][ T5842] binfmt_misc: register: failed to install interpreter file ./file2
[   84.189684][ T5722] veth0_vlan: entered promiscuous mode
[   84.198018][ T5722] veth1_vlan: entered promiscuous mode
[   84.213421][ T5722] veth0_macvtap: entered promiscuous mode
[   84.221273][ T5722] veth1_macvtap: entered promiscuous mode
[   84.233001][ T5722] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.243984][ T5722] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.255745][   T31] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.264544][   T31] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.273812][   T31] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.282963][   T31] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.303003][   T29] audit: type=1400 audit(1763604255.576:8151): avc:  denied  { mounton } for  pid=5722 comm="syz-executor" path="/root/syzkaller.4Kigv6/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   84.338028][   T29] audit: type=1400 audit(1763604255.616:8152): avc:  denied  { add_name } for  pid=5722 comm="syz-executor" name="syz5" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crypt_device_t:s0"
[   84.364120][   T29] audit: type=1400 audit(1763604255.616:8153): avc:  denied  { create } for  pid=5722 comm="syz-executor" name="syz5" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   84.384532][   T29] audit: type=1400 audit(1763604255.616:8154): avc:  denied  { associate } for  pid=5722 comm="syz-executor" name="syz5" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   84.463892][ T5875] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   84.471408][ T5875] batman_adv: batadv0: Removing interface: batadv_slave_0
[   84.479260][ T5875] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   84.486700][ T5875] batman_adv: batadv0: Removing interface: batadv_slave_1
[   84.513457][   T29] audit: type=1326 audit(1763604255.786:8155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5876 comm="syz.1.746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167617f749 code=0x7ffc0000
[   84.537623][   T29] audit: type=1326 audit(1763604255.786:8156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5876 comm="syz.1.746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167617f749 code=0x7ffc0000
[   84.561112][   T29] audit: type=1326 audit(1763604255.796:8157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5876 comm="syz.1.746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f167617f749 code=0x7ffc0000
[   84.629153][ T5882] warn_alloc: 2 callbacks suppressed
[   84.629182][ T5882] syz.0.747: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[   84.649288][ T5882] CPU: 0 UID: 0 PID: 5882 Comm: syz.0.747 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   84.649343][ T5882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   84.649357][ T5882] Call Trace:
[   84.649364][ T5882]  <TASK>
[   84.649433][ T5882]  __dump_stack+0x1d/0x30
[   84.649456][ T5882]  dump_stack_lvl+0xe8/0x140
[   84.649546][ T5882]  dump_stack+0x15/0x1b
[   84.649562][ T5882]  warn_alloc+0x12b/0x1a0
[   84.649649][ T5882]  ? __rcu_read_unlock+0x4f/0x70
[   84.649674][ T5882]  __vmalloc_node_range_noprof+0x9d/0xed0
[   84.649703][ T5882]  ? __futex_wait+0x1fa/0x260
[   84.649723][ T5882]  ? __pfx_futex_wake_mark+0x10/0x10
[   84.649817][ T5882]  ? __rcu_read_unlock+0x4f/0x70
[   84.649874][ T5882]  ? avc_has_perm_noaudit+0x1b1/0x200
[   84.649921][ T5882]  vmalloc_user_noprof+0x7d/0xb0
[   84.649992][ T5882]  ? xskq_create+0x80/0xe0
[   84.650014][ T5882]  xskq_create+0x80/0xe0
[   84.650035][ T5882]  xsk_init_queue+0x95/0xf0
[   84.650055][ T5882]  xsk_setsockopt+0x3f5/0x640
[   84.650074][ T5882]  ? __pfx_xsk_setsockopt+0x10/0x10
[   84.650177][ T5882]  __sys_setsockopt+0x184/0x200
[   84.650209][ T5882]  __x64_sys_setsockopt+0x64/0x80
[   84.650260][ T5882]  x64_sys_call+0x20ec/0x3000
[   84.650280][ T5882]  do_syscall_64+0xd2/0x200
[   84.650298][ T5882]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   84.650323][ T5882]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   84.650380][ T5882]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.650399][ T5882] RIP: 0033:0x7f3c1d50f749
[   84.650413][ T5882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.650428][ T5882] RSP: 002b:00007f3c1bf6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   84.650445][ T5882] RAX: ffffffffffffffda RBX: 00007f3c1d765fa0 RCX: 00007f3c1d50f749
[   84.650521][ T5882] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000008
[   84.650604][ T5882] RBP: 00007f3c1d593f91 R08: 0000000000000004 R09: 0000000000000000
[   84.650614][ T5882] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[   84.650638][ T5882] R13: 00007f3c1d766038 R14: 00007f3c1d765fa0 R15: 00007ffcdec41008
[   84.650675][ T5882]  </TASK>
[   84.650838][ T5882] Mem-Info:
[   84.876226][ T5882] active_anon:4147 inactive_anon:0 isolated_anon:0
[   84.876226][ T5882]  active_file:9408 inactive_file:2289 isolated_file:0
[   84.876226][ T5882]  unevictable:0 dirty:599 writeback:0
[   84.876226][ T5882]  slab_reclaimable:3241 slab_unreclaimable:43149
[   84.876226][ T5882]  mapped:29378 shmem:239 pagetables:1102
[   84.876226][ T5882]  sec_pagetables:0 bounce:0
[   84.876226][ T5882]  kernel_misc_reclaimable:0
[   84.876226][ T5882]  free:1829711 free_pcp:10080 free_cma:0
[   84.921529][ T5882] Node 0 active_anon:16588kB inactive_anon:0kB active_file:37632kB inactive_file:9156kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:117512kB dirty:2396kB writeback:0kB shmem:956kB kernel_stack:3840kB pagetables:4408kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   84.949027][ T5882] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   84.979008][ T5882] lowmem_reserve[]: 0 2881 7859 7859
[   84.984474][ T5882] Node 0 DMA32 free:2946728kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2950256kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:3528kB free_cma:0kB
[   85.016035][ T5882] lowmem_reserve[]: 0 0 4978 4978
[   85.021319][ T5882] Node 0 Normal free:4356756kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:16588kB inactive_anon:0kB active_file:37632kB inactive_file:9156kB unevictable:0kB writepending:2396kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:36792kB local_pcp:24984kB free_cma:0kB
[   85.054521][ T5882] lowmem_reserve[]: 0 0 0 0
[   85.059249][ T5882] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   85.072188][ T5882] Node 0 DMA32: 4*4kB (M) 3*8kB (M) 4*16kB (M) 2*32kB (M) 4*64kB (M) 2*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2946728kB
[   85.088498][ T5882] Node 0 Normal: 285*4kB (UM) 31*8kB (UME) 10*16kB (UM) 3*32kB (UME) 7*64kB (UM) 31*128kB (UME) 29*256kB (ME) 17*512kB (UM) 29*1024kB (UME) 18*2048kB (UME) 1042*4096kB (M) = 4356780kB
[   85.107134][ T5882] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   85.116666][ T5882] 11931 total pagecache pages
[   85.121525][ T5882] 0 pages in swap cache
[   85.125879][ T5882] Free swap  = 124996kB
[   85.130194][ T5882] Total swap = 124996kB
[   85.134495][ T5882] 2097051 pages RAM
[   85.138491][ T5882] 0 pages HighMem/MovableOnly
[   85.143318][ T5882] 81087 pages reserved
[   85.205844][ T5892] loop4: detected capacity change from 0 to 512
[   85.214383][ T5892] EXT4-fs (loop4): orphan cleanup on readonly fs
[   85.221859][ T5892] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.751: bad orphan inode 13
[   85.232797][ T5892] ext4_test_bit(bit=12, block=18) = 1
[   85.238458][ T5892] is_bad_inode(inode)=0
[   85.242858][ T5892] NEXT_ORPHAN(inode)=2130706432
[   85.248004][ T5892] max_ino=32
[   85.251423][ T5892] i_nlink=1
[   85.256352][ T5896] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   85.264952][ T5896] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   85.267928][ T5892] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   85.293225][ T5892] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[   85.305637][ T5892] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   85.328840][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.413765][ T5910] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   85.604154][ T5926] netlink: 'syz.1.762': attribute type 30 has an invalid length.
[   85.864063][ T5929] syzkaller0: entered promiscuous mode
[   85.869746][ T5929] syzkaller0: entered allmulticast mode
[   85.975316][ T5934] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=45 sclass=netlink_audit_socket pid=5934 comm=syz.0.765
[   85.999708][ T5936] loop4: detected capacity change from 0 to 512
[   86.039235][ T5936] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.052158][ T5936] ext4 filesystem being mounted at /157/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.064547][ T5936] netlink: 'syz.4.766': attribute type 2 has an invalid length.
[   86.073480][ T5934] bond1 (unregistering): Released all slaves
[   86.081995][ T5936] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[   86.088663][ T5936] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   86.096231][ T5936] vhci_hcd vhci_hcd.0: Device attached
[   86.103919][ T5940] vhci_hcd: connection closed
[   86.104379][   T37] vhci_hcd: stop threads
[   86.113359][   T37] vhci_hcd: release socket
[   86.118115][   T37] vhci_hcd: disconnect device
[   86.480911][ T5957] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   86.489388][ T5957] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   86.508218][ T5957] loop1: detected capacity change from 0 to 512
[   86.515796][ T5957] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   86.524262][ T5957] EXT4-fs (loop1): can't mount with both data=journal and delalloc
[   86.549776][ T5962] tmpfs: Bad value for 'mpol'
[   86.614917][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.692663][ T5972] syzkaller1: entered promiscuous mode
[   86.698246][ T5972] syzkaller1: entered allmulticast mode
[   86.867666][ T5983] SELinux:  Context system_u:object_r:system_cron_spool_t:s0 is not valid (left unmapped).
[   86.919503][ T4865] Bluetooth: hci0: Frame reassembly failed (-84)
[   86.973964][ T5998] syzkaller1: entered promiscuous mode
[   86.979640][ T5998] syzkaller1: entered allmulticast mode
[   87.078778][ T6006] FAULT_INJECTION: forcing a failure.
[   87.078778][ T6006] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   87.092069][ T6006] CPU: 0 UID: 0 PID: 6006 Comm: syz.0.794 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   87.092106][ T6006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   87.092149][ T6006] Call Trace:
[   87.092158][ T6006]  <TASK>
[   87.092167][ T6006]  __dump_stack+0x1d/0x30
[   87.092188][ T6006]  dump_stack_lvl+0xe8/0x140
[   87.092208][ T6006]  dump_stack+0x15/0x1b
[   87.092245][ T6006]  should_fail_ex+0x265/0x280
[   87.092311][ T6006]  should_fail+0xb/0x20
[   87.092331][ T6006]  should_fail_usercopy+0x1a/0x20
[   87.092359][ T6006]  strncpy_from_user+0x25/0x230
[   87.092457][ T6006]  ? __fget_files+0x184/0x1c0
[   87.092493][ T6006]  __se_sys_add_key+0x86/0x350
[   87.092540][ T6006]  __x64_sys_add_key+0x67/0x80
[   87.092580][ T6006]  x64_sys_call+0x28c8/0x3000
[   87.092667][ T6006]  do_syscall_64+0xd2/0x200
[   87.092703][ T6006]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   87.092803][ T6006]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   87.092847][ T6006]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.092874][ T6006] RIP: 0033:0x7f3c1d50f749
[   87.092889][ T6006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.092932][ T6006] RSP: 002b:00007f3c1bf6f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[   87.092956][ T6006] RAX: ffffffffffffffda RBX: 00007f3c1d765fa0 RCX: 00007f3c1d50f749
[   87.092970][ T6006] RDX: 0000200000000bc0 RSI: 0000000000000000 RDI: 0000200000000040
[   87.092985][ T6006] RBP: 00007f3c1bf6f090 R08: 000000002bbdb89c R09: 0000000000000000
[   87.093001][ T6006] R10: 000000000000012d R11: 0000000000000246 R12: 0000000000000001
[   87.093016][ T6006] R13: 00007f3c1d766038 R14: 00007f3c1d765fa0 R15: 00007ffcdec41008
[   87.093040][ T6006]  </TASK>
[   87.192525][ T6020] loop1: detected capacity change from 0 to 128
[   87.283939][ T6020] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   87.298337][ T6020] ext4 filesystem being mounted at /178/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   87.376815][ T3312] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   87.485466][ T6039] syzkaller0: entered promiscuous mode
[   87.491057][ T6039] syzkaller0: entered allmulticast mode
[   87.527575][ T6043] hub 2-0:1.0: USB hub found
[   87.532236][ T6043] hub 2-0:1.0: 8 ports detected
[   87.642668][ T6056] FAULT_INJECTION: forcing a failure.
[   87.642668][ T6056] name failslab, interval 1, probability 0, space 0, times 0
[   87.655424][ T6056] CPU: 0 UID: 0 PID: 6056 Comm: syz.1.812 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   87.655457][ T6056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   87.655474][ T6056] Call Trace:
[   87.655481][ T6056]  <TASK>
[   87.655488][ T6056]  __dump_stack+0x1d/0x30
[   87.655508][ T6056]  dump_stack_lvl+0xe8/0x140
[   87.655526][ T6056]  dump_stack+0x15/0x1b
[   87.655567][ T6056]  should_fail_ex+0x265/0x280
[   87.655597][ T6056]  should_failslab+0x8c/0xb0
[   87.655621][ T6056]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   87.655691][ T6056]  ? __alloc_skb+0x101/0x320
[   87.655738][ T6056]  ? avc_has_perm+0xf7/0x180
[   87.655762][ T6056]  __alloc_skb+0x101/0x320
[   87.655788][ T6056]  sock_wmalloc+0x7e/0xc0
[   87.655804][ T6056]  pppol2tp_sendmsg+0xfb/0x440
[   87.655854][ T6056]  ? __pfx_pppol2tp_sendmsg+0x10/0x10
[   87.655988][ T6056]  __sock_sendmsg+0x145/0x180
[   87.656016][ T6056]  sock_write_iter+0x1a7/0x1f0
[   87.656042][ T6056]  do_iter_readv_writev+0x4a1/0x540
[   87.656075][ T6056]  vfs_writev+0x2df/0x8b0
[   87.656172][ T6056]  do_writev+0xe7/0x210
[   87.656201][ T6056]  __x64_sys_writev+0x45/0x50
[   87.656226][ T6056]  x64_sys_call+0x1e9a/0x3000
[   87.656298][ T6056]  do_syscall_64+0xd2/0x200
[   87.656316][ T6056]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   87.656369][ T6056]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   87.656399][ T6056]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.656482][ T6056] RIP: 0033:0x7f167617f749
[   87.656496][ T6056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.656511][ T6056] RSP: 002b:00007f1674be7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   87.656527][ T6056] RAX: ffffffffffffffda RBX: 00007f16763d5fa0 RCX: 00007f167617f749
[   87.656538][ T6056] RDX: 0000000000000001 RSI: 0000200000000180 RDI: 0000000000000006
[   87.656587][ T6056] RBP: 00007f1674be7090 R08: 0000000000000000 R09: 0000000000000000
[   87.656598][ T6056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   87.656608][ T6056] R13: 00007f16763d6038 R14: 00007f16763d5fa0 R15: 00007fff004fbfd8
[   87.656625][ T6056]  </TASK>
[   88.039200][ T6076] syzkaller0: entered promiscuous mode
[   88.044868][ T6076] syzkaller0: entered allmulticast mode
[   88.281842][ T6083] netlink: 'syz.0.821': attribute type 30 has an invalid length.
[   88.394331][ T6080] Set syz1 is full, maxelem 65536 reached
[   88.421445][ T6085] lo speed is unknown, defaulting to 1000
[   88.427397][ T6085] lo speed is unknown, defaulting to 1000
[   88.433411][ T6085] lo speed is unknown, defaulting to 1000
[   88.440581][ T6085] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   88.450624][ T6085] lo speed is unknown, defaulting to 1000
[   88.456761][ T6085] lo speed is unknown, defaulting to 1000
[   88.462893][ T6085] lo speed is unknown, defaulting to 1000
[   88.469107][ T6085] lo speed is unknown, defaulting to 1000
[   88.475275][ T6085] lo speed is unknown, defaulting to 1000
[   88.665364][   T29] kauditd_printk_skb: 1581 callbacks suppressed
[   88.665382][   T29] audit: type=1326 audit(1763604259.946:9739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6081 comm="syz.0.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3c1d542005 code=0x7ffc0000
[   88.695051][   T29] audit: type=1326 audit(1763604259.946:9740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6081 comm="syz.0.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3c1d542005 code=0x7ffc0000
[   88.718463][   T29] audit: type=1326 audit(1763604259.946:9741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6081 comm="syz.0.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3c1d542005 code=0x7ffc0000
[   88.741838][   T29] audit: type=1326 audit(1763604259.946:9742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6081 comm="syz.0.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3c1d542005 code=0x7ffc0000
[   88.765642][   T29] audit: type=1326 audit(1763604259.946:9743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6081 comm="syz.0.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3c1d542005 code=0x7ffc0000
[   88.789079][   T29] audit: type=1326 audit(1763604259.946:9744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6081 comm="syz.0.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3c1d542005 code=0x7ffc0000
[   88.812928][   T29] audit: type=1326 audit(1763604259.946:9745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6081 comm="syz.0.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3c1d542005 code=0x7ffc0000
[   88.836732][   T29] audit: type=1326 audit(1763604259.946:9746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6081 comm="syz.0.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3c1d542005 code=0x7ffc0000
[   88.860356][   T29] audit: type=1326 audit(1763604259.946:9747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6081 comm="syz.0.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3c1d542005 code=0x7ffc0000
[   88.883748][   T29] audit: type=1326 audit(1763604259.946:9748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6081 comm="syz.0.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3c1d542005 code=0x7ffc0000
[   88.979096][ T6093] __nla_validate_parse: 12 callbacks suppressed
[   88.979110][ T6093] netlink: 4 bytes leftover after parsing attributes in process `syz.1.825'.
[   88.995314][ T4915] Bluetooth: hci0: command 0x1003 tx timeout
[   88.995454][ T4085] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   89.028054][ T6098] loop1: detected capacity change from 0 to 1024
[   89.037408][ T6098] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.283897][ T6110] 9pnet: Could not find request transport: f
[   89.372579][ T6119] loop5: detected capacity change from 0 to 512
[   89.396824][ T6119] EXT4-fs (loop5): orphan cleanup on readonly fs
[   89.404006][ T6119] EXT4-fs error (device loop5): ext4_orphan_get:1418: comm syz.5.833: bad orphan inode 13
[   89.432872][ T6122] syz.0.832 (6122) used greatest stack depth: 8824 bytes left
[   89.452600][ T6119] ext4_test_bit(bit=12, block=18) = 1
[   89.458160][ T6119] is_bad_inode(inode)=0
[   89.462331][ T6119] NEXT_ORPHAN(inode)=2130706432
[   89.467429][ T6119] max_ino=32
[   89.470713][ T6119] i_nlink=1
[   89.478353][ T6119] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   89.527622][ T6119] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[   89.571089][ T6119] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   89.613930][ T6130] syzkaller0: entered promiscuous mode
[   89.619526][ T6130] syzkaller0: entered allmulticast mode
[   89.626858][ T5722] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.664025][ T6134] syzkaller1: entered promiscuous mode
[   89.669670][ T6134] syzkaller1: entered allmulticast mode
[   89.728878][ T6141] siw: device registration error -23
[   89.771698][ T6146] FAULT_INJECTION: forcing a failure.
[   89.771698][ T6146] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   89.784835][ T6146] CPU: 1 UID: 0 PID: 6146 Comm: syz.5.841 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   89.784867][ T6146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   89.784894][ T6146] Call Trace:
[   89.784902][ T6146]  <TASK>
[   89.784911][ T6146]  __dump_stack+0x1d/0x30
[   89.784984][ T6146]  dump_stack_lvl+0xe8/0x140
[   89.785008][ T6146]  dump_stack+0x15/0x1b
[   89.785024][ T6146]  should_fail_ex+0x265/0x280
[   89.785060][ T6146]  should_fail+0xb/0x20
[   89.785155][ T6146]  should_fail_usercopy+0x1a/0x20
[   89.785179][ T6146]  _copy_to_user+0x20/0xa0
[   89.785263][ T6146]  simple_read_from_buffer+0xb5/0x130
[   89.785295][ T6146]  proc_fail_nth_read+0x10e/0x150
[   89.785397][ T6146]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   89.785435][ T6146]  vfs_read+0x1a8/0x770
[   89.785457][ T6146]  ? __rcu_read_unlock+0x4f/0x70
[   89.785521][ T6146]  ? __fget_files+0x184/0x1c0
[   89.785624][ T6146]  ksys_read+0xda/0x1a0
[   89.785656][ T6146]  __x64_sys_read+0x40/0x50
[   89.785686][ T6146]  x64_sys_call+0x27c0/0x3000
[   89.785790][ T6146]  do_syscall_64+0xd2/0x200
[   89.785810][ T6146]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   89.785838][ T6146]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   89.785986][ T6146]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.786022][ T6146] RIP: 0033:0x7fc55b32e15c
[   89.786038][ T6146] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   89.786057][ T6146] RSP: 002b:00007fc559d8f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   89.786079][ T6146] RAX: ffffffffffffffda RBX: 00007fc55b585fa0 RCX: 00007fc55b32e15c
[   89.786091][ T6146] RDX: 000000000000000f RSI: 00007fc559d8f0a0 RDI: 0000000000000004
[   89.786102][ T6146] RBP: 00007fc559d8f090 R08: 0000000000000000 R09: 0000000000000000
[   89.786121][ T6146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   89.786132][ T6146] R13: 00007fc55b586038 R14: 00007fc55b585fa0 R15: 00007ffed8635a68
[   89.786149][ T6146]  </TASK>
[   90.089892][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.161802][ T6164] loop5: detected capacity change from 0 to 512
[   90.835666][ T6169] syzkaller1: entered promiscuous mode
[   90.841193][ T6169] syzkaller1: entered allmulticast mode
[   90.882038][ T6164] EXT4-fs (loop5): orphan cleanup on readonly fs
[   90.888910][ T6164] EXT4-fs error (device loop5): ext4_orphan_get:1418: comm syz.5.848: bad orphan inode 13
[   90.898858][ T6171] syzkaller0: entered promiscuous mode
[   90.904403][ T6171] syzkaller0: entered allmulticast mode
[   90.921999][ T6164] ext4_test_bit(bit=12, block=18) = 1
[   90.927567][ T6164] is_bad_inode(inode)=0
[   90.931811][ T6164] NEXT_ORPHAN(inode)=2130706432
[   90.936785][ T6164] max_ino=32
[   90.940094][ T6164] i_nlink=1
[   90.943658][ T6164] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   90.961759][ T6173] syzkaller1: entered promiscuous mode
[   90.967453][ T6173] syzkaller1: entered allmulticast mode
[   90.967531][ T6164] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[   90.995864][ T6164] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   91.037460][ T6184] siw: device registration error -23
[   91.074183][ T5722] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.217665][ T6192] SELinux: security_context_str_to_sid (�e)�&��2n�SS��,.�Q�&U�$��]�I��:�������Q��ZL���S��CxlU��]mՕD�xk�z�����t���=�5
�C5��7flؠ���W~��yWj�N]�A`uz-�Ĵ�,V����0n0��F�Y�s���>k�rW�����h=4�Q3>�W�	��4ɠ�3�:T~���1:���~(�͊����aGΉt�ԑk�����<�{�_�_�Q�|(4�) failed with errno=-22
[   91.270782][ T6192] netlink: 56 bytes leftover after parsing attributes in process `syz.5.858'.
[   91.272148][ T6192] No such timeout policy "syz1"
[   91.352586][ T6201] 9pnet: Could not find request transport: f
[   92.051360][ T6216] syzkaller1: entered promiscuous mode
[   92.057163][ T6216] syzkaller1: entered allmulticast mode
[   92.194816][ T6221] syzkaller1: entered promiscuous mode
[   92.200484][ T6221] syzkaller1: entered allmulticast mode
[   92.258369][ T6228] netlink: 76 bytes leftover after parsing attributes in process `syz.4.871'.
[   92.324737][ T6233] siw: device registration error -23
[   92.353192][ T6237] loop1: detected capacity change from 0 to 512
[   92.373401][ T6237] EXT4-fs (loop1): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.389764][ T6237] netlink: 4 bytes leftover after parsing attributes in process `syz.1.875'.
[   92.393719][ T6235] syzkaller0: entered promiscuous mode
[   92.404280][ T6235] syzkaller0: entered allmulticast mode
[   92.496499][ T3312] EXT4-fs (loop1): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[   92.510538][ T6249] netlink: 'syz.0.878': attribute type 30 has an invalid length.
[   92.526815][ T6251] syzkaller1: entered promiscuous mode
[   92.532442][ T6251] syzkaller1: entered allmulticast mode
[   92.730036][ T6264] syzkaller1: entered promiscuous mode
[   92.735671][ T6264] syzkaller1: entered allmulticast mode
[   92.842403][ T6269] loop5: detected capacity change from 0 to 1024
[   92.852544][ T6269] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.963208][ T6278] loop1: detected capacity change from 0 to 512
[   92.972054][ T6278] EXT4-fs (loop1): orphan cleanup on readonly fs
[   92.978984][ T6278] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.889: bad orphan inode 13
[   92.989735][ T6278] ext4_test_bit(bit=12, block=18) = 1
[   92.995252][ T6278] is_bad_inode(inode)=0
[   92.999546][ T6278] NEXT_ORPHAN(inode)=2130706432
[   93.004457][ T6278] max_ino=32
[   93.007734][ T6278] i_nlink=1
[   93.011618][ T6278] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   93.028027][ T6278] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   93.055604][ T6278] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   93.081767][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.146329][ T6285] syzkaller0: entered promiscuous mode
[   93.151873][ T6285] syzkaller0: entered allmulticast mode
[   93.188050][ T6289] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   93.197843][ T6289] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   93.225557][ T6295] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   93.234149][ T6295] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   93.321285][ T6302] syzkaller1: entered promiscuous mode
[   93.326856][ T6302] syzkaller1: entered allmulticast mode
[   93.459051][ T6312] netlink: 12 bytes leftover after parsing attributes in process `syz.1.899'.
[   93.468119][ T6312] netlink: 12 bytes leftover after parsing attributes in process `syz.1.899'.
[   93.560477][ T6321] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   93.567627][ T6321] syzkaller0: entered promiscuous mode
[   93.573137][ T6321] syzkaller0: entered allmulticast mode
[   93.584704][ T6321] netlink: 'syz.0.904': attribute type 1 has an invalid length.
[   93.592440][ T6321] netlink: 'syz.0.904': attribute type 4 has an invalid length.
[   93.600152][ T6321] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.904'.
[   93.609607][ T6321] netlink: 'syz.0.904': attribute type 1 has an invalid length.
[   93.617303][ T6321] netlink: 'syz.0.904': attribute type 4 has an invalid length.
[   93.624953][ T6321] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.904'.
[   93.634715][ T6320] tipc: Resetting bearer <eth:syzkaller0>
[   93.651798][ T6320] tipc: Disabling bearer <eth:syzkaller0>
[   93.681631][ T5722] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.717641][ T6323] 9pnet: Could not find request transport: f
[   93.740950][ T6326] syzkaller0: entered promiscuous mode
[   93.746556][ T6326] syzkaller0: entered allmulticast mode
[   93.805829][ T6334] syzkaller1: entered promiscuous mode
[   93.811364][ T6334] syzkaller1: entered allmulticast mode
[   93.823779][ T6339] netlink: 4 bytes leftover after parsing attributes in process `syz.5.912'.
[   93.842940][ T6339] team0 (unregistering): Port device team_slave_0 removed
[   93.852408][ T6339] team0 (unregistering): Port device team_slave_1 removed
[   93.929239][ T6345] 9pnet: Could not find request transport: f
[   93.940376][ T6350] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   93.953577][ T6350] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   94.012730][ T6361] lo speed is unknown, defaulting to 1000
[   94.117896][ T6365] syz_tun: entered allmulticast mode
[   94.131182][ T6365] netlink: 4 bytes leftover after parsing attributes in process `syz.5.922'.
[   94.216580][ T6373] netlink: 256 bytes leftover after parsing attributes in process `syz.3.921'.
[   94.317889][ T6380] loop5: detected capacity change from 0 to 512
[   94.319266][ T6381] syzkaller1: entered promiscuous mode
[   94.329728][ T6381] syzkaller1: entered allmulticast mode
[   94.336912][ T6380] EXT4-fs (loop5): orphan cleanup on readonly fs
[   94.344557][ T6380] EXT4-fs error (device loop5): ext4_orphan_get:1418: comm syz.5.927: bad orphan inode 13
[   94.354881][ T6380] ext4_test_bit(bit=12, block=18) = 1
[   94.360387][ T6380] is_bad_inode(inode)=0
[   94.364574][ T6380] NEXT_ORPHAN(inode)=2130706432
[   94.371929][ T6380] max_ino=32
[   94.375198][ T6380] i_nlink=1
[   94.382622][ T6380] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   94.412524][ T6380] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[   94.492732][ T6380] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   94.563043][ T5722] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.627629][ T6405] netlink: 4 bytes leftover after parsing attributes in process `syz.0.930'.
[   94.691434][ T6408] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   94.712535][ T6408] syzkaller0: entered promiscuous mode
[   94.718143][ T6408] syzkaller0: entered allmulticast mode
[   94.775598][ T6408] netlink: 'syz.0.936': attribute type 1 has an invalid length.
[   94.783312][ T6408] netlink: 'syz.0.936': attribute type 4 has an invalid length.
[   94.791011][ T6408] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.936'.
[   94.850205][ T6408] netlink: 'syz.0.936': attribute type 1 has an invalid length.
[   94.857953][ T6408] netlink: 'syz.0.936': attribute type 4 has an invalid length.
[   94.865789][ T6408] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.936'.
[   94.906208][ T6407] tipc: Resetting bearer <eth:syzkaller0>
[   94.932551][ T6407] tipc: Disabling bearer <eth:syzkaller0>
[   94.967859][ T6416] syzkaller1: entered promiscuous mode
[   94.973402][ T6416] syzkaller1: entered allmulticast mode
[   94.994982][ T6420] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   95.003957][ T6420] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   95.073662][ T6430] warn_alloc: 3 callbacks suppressed
[   95.073690][ T6430] syz.0.944: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[   95.094348][ T6430] CPU: 0 UID: 0 PID: 6430 Comm: syz.0.944 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   95.094431][ T6430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   95.094443][ T6430] Call Trace:
[   95.094450][ T6430]  <TASK>
[   95.094457][ T6430]  __dump_stack+0x1d/0x30
[   95.094538][ T6430]  dump_stack_lvl+0xe8/0x140
[   95.094611][ T6430]  dump_stack+0x15/0x1b
[   95.094634][ T6430]  warn_alloc+0x12b/0x1a0
[   95.094686][ T6430]  ? __rcu_read_unlock+0x4f/0x70
[   95.094714][ T6430]  __vmalloc_node_range_noprof+0x9d/0xed0
[   95.094746][ T6430]  ? __futex_wait+0x1fa/0x260
[   95.094772][ T6430]  ? __pfx_futex_wake_mark+0x10/0x10
[   95.094836][ T6430]  ? __rcu_read_unlock+0x4f/0x70
[   95.094868][ T6430]  ? avc_has_perm_noaudit+0x1b1/0x200
[   95.094910][ T6430]  ? should_fail_ex+0x30/0x280
[   95.094943][ T6430]  ? xskq_create+0x36/0xe0
[   95.094967][ T6430]  vmalloc_user_noprof+0x7d/0xb0
[   95.095067][ T6430]  ? xskq_create+0x80/0xe0
[   95.095089][ T6430]  xskq_create+0x80/0xe0
[   95.095119][ T6430]  xsk_init_queue+0x95/0xf0
[   95.095153][ T6430]  xsk_setsockopt+0x3f5/0x640
[   95.095180][ T6430]  ? __pfx_xsk_setsockopt+0x10/0x10
[   95.095221][ T6430]  __sys_setsockopt+0x184/0x200
[   95.095261][ T6430]  __x64_sys_setsockopt+0x64/0x80
[   95.095294][ T6430]  x64_sys_call+0x20ec/0x3000
[   95.095325][ T6430]  do_syscall_64+0xd2/0x200
[   95.095350][ T6430]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   95.095377][ T6430]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   95.095483][ T6430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.095511][ T6430] RIP: 0033:0x7f3c1d50f749
[   95.095527][ T6430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.095544][ T6430] RSP: 002b:00007f3c1bf6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   95.095579][ T6430] RAX: ffffffffffffffda RBX: 00007f3c1d765fa0 RCX: 00007f3c1d50f749
[   95.095593][ T6430] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000008
[   95.095609][ T6430] RBP: 00007f3c1d593f91 R08: 0000000000000004 R09: 0000000000000000
[   95.095625][ T6430] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[   95.095641][ T6430] R13: 00007f3c1d766038 R14: 00007f3c1d765fa0 R15: 00007ffcdec41008
[   95.095659][ T6430]  </TASK>
[   95.319803][ T6430] Mem-Info:
[   95.322931][ T6430] active_anon:23975 inactive_anon:1 isolated_anon:0
[   95.322931][ T6430]  active_file:19167 inactive_file:2455 isolated_file:0
[   95.322931][ T6430]  unevictable:0 dirty:227 writeback:0
[   95.322931][ T6430]  slab_reclaimable:3289 slab_unreclaimable:44167
[   95.322931][ T6430]  mapped:32269 shmem:20015 pagetables:1092
[   95.322931][ T6430]  sec_pagetables:0 bounce:0
[   95.322931][ T6430]  kernel_misc_reclaimable:0
[   95.322931][ T6430]  free:1778986 free_pcp:13949 free_cma:0
[   95.368697][ T6430] Node 0 active_anon:95900kB inactive_anon:4kB active_file:76668kB inactive_file:9820kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:129076kB dirty:908kB writeback:0kB shmem:80060kB kernel_stack:3904kB pagetables:4368kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   95.396135][ T6430] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   95.425868][ T6430] lowmem_reserve[]: 0 2881 7859 7859
[   95.431272][ T6430] Node 0 DMA32 free:2946728kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2950256kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:3528kB free_cma:0kB
[   95.462857][ T6430] lowmem_reserve[]: 0 0 4978 4978
[   95.468230][ T6430] Node 0 Normal free:4153856kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:95784kB inactive_anon:4kB active_file:76668kB inactive_file:9820kB unevictable:0kB writepending:908kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:52336kB local_pcp:18400kB free_cma:0kB
[   95.501326][ T6430] lowmem_reserve[]: 0 0 0 0
[   95.505912][ T6430] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   95.518725][ T6430] Node 0 DMA32: 4*4kB (M) 3*8kB (M) 4*16kB (M) 2*32kB (M) 4*64kB (M) 2*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2946728kB
[   95.534933][ T6430] Node 0 Normal: 2*4kB (UM) 1*8kB (M) 1*16kB (E) 1*32kB (E) 1*64kB (U) 5*128kB (E) 7*256kB (ME) 0*512kB 2*1024kB (UE) 4*2048kB (UME) 1011*4096kB (M) = 4153856kB
[   95.551559][ T6430] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   95.561036][ T6430] 41633 total pagecache pages
[   95.565918][ T6430] 1 pages in swap cache
[   95.570110][ T6430] Free swap  = 124992kB
[   95.574438][ T6430] Total swap = 124996kB
[   95.578641][ T6430] 2097051 pages RAM
[   95.582472][ T6430] 0 pages HighMem/MovableOnly
[   95.582828][ T6438] netlink: 4 bytes leftover after parsing attributes in process `syz.4.946'.
[   95.587188][ T6430] 81087 pages reserved
[   95.659837][ T6448] siw: device registration error -23
[   95.817924][ T6464] syzkaller1: entered promiscuous mode
[   95.823517][ T6464] syzkaller1: entered allmulticast mode
[   95.866730][ T6466] netlink: 4 bytes leftover after parsing attributes in process `syz.1.958'.
[   95.926641][ T6475] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   95.942761][   T29] kauditd_printk_skb: 1010 callbacks suppressed
[   95.942777][   T29] audit: type=1400 audit(1763604267.216:10759): avc:  denied  { ioctl } for  pid=6479 comm="syz.1.961" path="socket:[30670]" dev="sockfs" ino=30670 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   95.958356][ T6475] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   96.041760][ T6486] netlink: 'syz.5.963': attribute type 30 has an invalid length.
[   96.049671][   T29] audit: type=1326 audit(1763604267.316:10760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6482 comm="syz.5.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc55b32f749 code=0x7ffc0000
[   96.073135][   T29] audit: type=1326 audit(1763604267.316:10761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6482 comm="syz.5.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc55b32f749 code=0x7ffc0000
[   96.096741][   T29] audit: type=1326 audit(1763604267.316:10762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6482 comm="syz.5.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc55b32f749 code=0x7ffc0000
[   96.120326][   T29] audit: type=1326 audit(1763604267.316:10763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6482 comm="syz.5.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc55b32f749 code=0x7ffc0000
[   96.143908][   T29] audit: type=1326 audit(1763604267.316:10764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6482 comm="syz.5.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7fc55b32f749 code=0x7ffc0000
[   96.167442][   T29] audit: type=1326 audit(1763604267.316:10765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6482 comm="syz.5.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc55b32f749 code=0x7ffc0000
[   96.190904][   T29] audit: type=1326 audit(1763604267.316:10766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6482 comm="syz.5.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc55b32f749 code=0x7ffc0000
[   96.214508][   T29] audit: type=1326 audit(1763604267.316:10767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6482 comm="syz.5.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc55b32f749 code=0x7ffc0000
[   96.238655][   T29] audit: type=1326 audit(1763604267.316:10768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6482 comm="syz.5.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc55b32f749 code=0x7ffc0000
[   96.284300][   T31] Bluetooth: hci0: Frame reassembly failed (-84)
[   96.561512][ T6499] syzkaller1: entered promiscuous mode
[   96.567215][ T6499] syzkaller1: entered allmulticast mode
[   96.654732][ T6503] netlink: 4 bytes leftover after parsing attributes in process `syz.4.971'.
[   96.673946][ T6507] syzkaller1: entered promiscuous mode
[   96.679513][ T6507] syzkaller1: entered allmulticast mode
[   96.730033][ T6511] lo speed is unknown, defaulting to 1000
[   96.761366][ T6511] netlink: 4 bytes leftover after parsing attributes in process `syz.4.974'.
[   96.770748][ T6511] netlink: 12 bytes leftover after parsing attributes in process `syz.4.974'.
[   96.855873][ T6515] SELinux: security_context_str_to_sid (KV��W�!~�OS����䂻Y�����<K3�aG����c)	���e�2�I�tw�'Os���bR�-!D<��Us�K�Jh`Y�%Mm�5�B|Y�v��e%c0P��, Hr���J��r�т��m�Q\_aR�W6��خ 8��U���ث��??��*j���Y�d8d��L�����A.��ԍƀѽ�qy��!�y"��n��zMM���k}����3�Ao�S_I��lF�3����o�������Ϲ�) failed with errno=-22
[   96.888675][ T6515] No such timeout policy "syz1"
[   96.894373][ T6516] SELinux:  Context ׸��X7��d�Q��YI{C��pU���hٻ��r: is not valid (left unmapped).
[   96.928488][ T6518] siw: device registration error -23
[   96.936447][ T6520] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   96.944964][ T6520] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   97.673799][ T6539] syzkaller1: entered promiscuous mode
[   97.679478][ T6539] syzkaller1: entered allmulticast mode
[   97.731576][ T6547] tipc: Started in network mode
[   97.736658][ T6547] tipc: Node identity 3e22ea447e2b, cluster identity 4711
[   97.743884][ T6547] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   97.751554][ T6547] syzkaller0: entered promiscuous mode
[   97.757205][ T6547] syzkaller0: entered allmulticast mode
[   97.770458][ T6547] netlink: 'syz.3.988': attribute type 1 has an invalid length.
[   97.778249][ T6547] netlink: 'syz.3.988': attribute type 4 has an invalid length.
[   97.790549][ T6547] netlink: 'syz.3.988': attribute type 1 has an invalid length.
[   97.798348][ T6547] netlink: 'syz.3.988': attribute type 4 has an invalid length.
[   97.820805][ T6546] tipc: Resetting bearer <eth:syzkaller0>
[   97.828411][ T6553] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   97.841483][ T6546] tipc: Disabling bearer <eth:syzkaller0>
[   97.847366][ T6553] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   97.935978][ T6570] 9pnet: Could not find request transport: f
[   97.991560][ T6585] syzkaller1: entered promiscuous mode
[   97.997293][ T6585] syzkaller1: entered allmulticast mode
[   98.051740][ T6594] syzkaller1: entered promiscuous mode
[   98.057431][ T6594] syzkaller1: entered allmulticast mode
[   98.318637][ T6607] 9pnet: Could not find request transport: f
[   98.355194][ T4915] Bluetooth: hci0: command 0x1003 tx timeout
[   98.355248][ T4085] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   98.485733][ T6628] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   98.494355][ T6628] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   98.536137][ T6632] netlink: 'syz.5.1020': attribute type 30 has an invalid length.
[   98.922715][ T6636] syzkaller0: entered promiscuous mode
[   98.928395][ T6636] syzkaller0: entered allmulticast mode
[   98.934264][ T6638] 9pnet: Could not find request transport: f
[   98.981164][ T6643] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   98.989862][ T6643] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   99.184309][ T4865] Bluetooth: hci0: Frame reassembly failed (-84)
[   99.353264][ T6664] loop5: detected capacity change from 0 to 1024
[   99.362444][ T6664] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.562639][ T6674] tipc: Started in network mode
[   99.567683][ T6674] tipc: Node identity b600bce4cc02, cluster identity 4711
[   99.574948][ T6674] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   99.582201][ T6674] syzkaller0: entered promiscuous mode
[   99.587879][ T6674] syzkaller0: entered allmulticast mode
[   99.610737][ T6674] netlink: 'syz.1.1037': attribute type 1 has an invalid length.
[   99.618597][ T6674] netlink: 'syz.1.1037': attribute type 4 has an invalid length.
[   99.626436][ T6674] __nla_validate_parse: 7 callbacks suppressed
[   99.626453][ T6674] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.1037'.
[   99.641436][ T6676] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   99.643338][ T6674] netlink: 'syz.1.1037': attribute type 1 has an invalid length.
[   99.650416][ T6676] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   99.658197][ T6674] netlink: 'syz.1.1037': attribute type 4 has an invalid length.
[   99.673648][ T6674] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.1037'.
[   99.685555][ T6673] tipc: Resetting bearer <eth:syzkaller0>
[   99.692973][ T6673] tipc: Disabling bearer <eth:syzkaller0>
[   99.774866][ T6683] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   99.798052][ T6683] loop1: detected capacity change from 0 to 136
[  100.080667][ T6698] syzkaller1: entered promiscuous mode
[  100.086346][ T6698] syzkaller1: entered allmulticast mode
[  100.201145][ T5722] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.202026][ T6705] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  100.219794][ T6705] syzkaller0: entered promiscuous mode
[  100.225802][ T6705] syzkaller0: entered allmulticast mode
[  100.258808][ T6710] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  100.279495][ T6705] netlink: 'syz.3.1049': attribute type 1 has an invalid length.
[  100.287578][ T6705] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.1049'.
[  100.301825][ T6705] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.1049'.
[  100.316522][ T6704] tipc: Resetting bearer <eth:syzkaller0>
[  100.338063][ T6704] tipc: Disabling bearer <eth:syzkaller0>
[  100.437002][ T6730] tipc: Started in network mode
[  100.442132][ T6730] tipc: Node identity 469a81032fea, cluster identity 4711
[  100.449553][ T6730] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  100.457422][ T6730] syzkaller0: entered promiscuous mode
[  100.463058][ T6730] syzkaller0: entered allmulticast mode
[  100.474078][ T6730] netlink: 9462 bytes leftover after parsing attributes in process `syz.5.1059'.
[  100.487444][ T6730] netlink: 9462 bytes leftover after parsing attributes in process `syz.5.1059'.
[  100.497328][ T6732] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1058'.
[  100.506547][ T6729] tipc: Resetting bearer <eth:syzkaller0>
[  100.514654][ T6732] random: crng reseeded on system resumption
[  100.514755][ T6729] tipc: Disabling bearer <eth:syzkaller0>
[  100.576172][ T6734] loop5: detected capacity change from 0 to 1024
[  100.585027][ T6734] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.647750][ T6737] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  100.656489][ T6737] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  100.946074][   T29] kauditd_printk_skb: 1509 callbacks suppressed
[  100.946115][   T29] audit: type=1326 audit(1763604272.226:12278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6727 comm="syz.3.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb767b62005 code=0x7ffc0000
[  100.976061][   T29] audit: type=1326 audit(1763604272.226:12279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6727 comm="syz.3.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb767b62005 code=0x7ffc0000
[  100.999587][   T29] audit: type=1326 audit(1763604272.226:12280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6727 comm="syz.3.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb767b62005 code=0x7ffc0000
[  101.023096][   T29] audit: type=1326 audit(1763604272.226:12281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6727 comm="syz.3.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb767b62005 code=0x7ffc0000
[  101.046678][   T29] audit: type=1326 audit(1763604272.226:12282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6727 comm="syz.3.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb767b62005 code=0x7ffc0000
[  101.070619][   T29] audit: type=1326 audit(1763604272.226:12283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6727 comm="syz.3.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb767b62005 code=0x7ffc0000
[  101.094216][   T29] audit: type=1326 audit(1763604272.226:12284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6727 comm="syz.3.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb767b62005 code=0x7ffc0000
[  101.117733][   T29] audit: type=1326 audit(1763604272.226:12285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6727 comm="syz.3.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb767b62005 code=0x7ffc0000
[  101.141215][   T29] audit: type=1326 audit(1763604272.226:12286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6727 comm="syz.3.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb767b62005 code=0x7ffc0000
[  101.164941][   T29] audit: type=1326 audit(1763604272.226:12287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6727 comm="syz.3.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb767b62005 code=0x7ffc0000
[  101.213514][ T6744] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  101.222732][ T6744] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  101.235202][ T4915] Bluetooth: hci0: command 0x1003 tx timeout
[  101.236009][ T4085] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  101.256875][ T6744] loop1: detected capacity change from 0 to 512
[  101.265070][ T6744] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  101.273917][ T6744] EXT4-fs (loop1): can't mount with both data=journal and delalloc
[  101.393459][ T6756] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  101.410702][ T5603] lo speed is unknown, defaulting to 1000
[  101.431311][ T5722] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.431349][ T6756] loop3: detected capacity change from 0 to 136
[  101.530315][ T6766] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1070'.
[  101.564095][ T6771] syzkaller1: entered promiscuous mode
[  101.569721][ T6771] syzkaller1: entered allmulticast mode
[  101.613279][ T6774] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  101.621822][ T6774] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  101.688140][ T6780] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1068'.
[  101.816059][ T6788] syzkaller0: entered promiscuous mode
[  101.821647][ T6788] syzkaller0: entered allmulticast mode
[  101.882370][ T6790] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1077'.
[  101.946049][ T6799] Set syz1 is full, maxelem 6117 reached
[  101.982901][ T6801] loop1: detected capacity change from 0 to 136
[  102.002835][ T6800] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  102.091046][ T6809] loop1: detected capacity change from 0 to 1024
[  102.120186][ T6809] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.127131][ T6811] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  102.140265][ T6811] syzkaller0: entered promiscuous mode
[  102.145844][ T6811] syzkaller0: entered allmulticast mode
[  102.290588][ T6810] tipc: Resetting bearer <eth:syzkaller0>
[  102.305771][ T6810] tipc: Disabling bearer <eth:syzkaller0>
[  102.409292][   T37] Bluetooth: hci0: Frame reassembly failed (-84)
[  102.436552][ T6822] loop5: detected capacity change from 0 to 1024
[  102.445830][ T6822] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.545560][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.636032][ T6827] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  102.645381][ T6827] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  102.752177][ T5722] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.021379][ T6847] validate_nla: 11 callbacks suppressed
[  103.021395][ T6847] netlink: 'syz.3.1097': attribute type 21 has an invalid length.
[  103.042559][ T6848] syzkaller1: entered promiscuous mode
[  103.048144][ T6848] syzkaller1: entered allmulticast mode
[  103.155481][ T6851] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  103.162390][ T6851] syzkaller0: entered promiscuous mode
[  103.167908][ T6851] syzkaller0: entered allmulticast mode
[  103.183228][ T6851] netlink: 'syz.5.1098': attribute type 1 has an invalid length.
[  103.191104][ T6851] netlink: 'syz.5.1098': attribute type 4 has an invalid length.
[  103.203968][ T6851] netlink: 'syz.5.1098': attribute type 1 has an invalid length.
[  103.211788][ T6851] netlink: 'syz.5.1098': attribute type 4 has an invalid length.
[  103.230262][ T6850] tipc: Resetting bearer <eth:syzkaller0>
[  103.238778][ T6850] tipc: Disabling bearer <eth:syzkaller0>
[  103.620189][ T6871] 9pnet: Could not find request transport: f
[  103.655003][ T6874] 8021q: VLANs not supported on sit0
[  103.881219][ T6883] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  103.889945][ T6883] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  104.315481][ T6891] FAULT_INJECTION: forcing a failure.
[  104.315481][ T6891] name failslab, interval 1, probability 0, space 0, times 0
[  104.328295][ T6891] CPU: 0 UID: 0 PID: 6891 Comm: syz.0.1112 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  104.328319][ T6891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  104.328330][ T6891] Call Trace:
[  104.328414][ T6891]  <TASK>
[  104.328420][ T6891]  __dump_stack+0x1d/0x30
[  104.328439][ T6891]  dump_stack_lvl+0xe8/0x140
[  104.328463][ T6891]  dump_stack+0x15/0x1b
[  104.328479][ T6891]  should_fail_ex+0x265/0x280
[  104.328509][ T6891]  ? bcm_tx_setup+0x232/0xde0
[  104.328648][ T6891]  should_failslab+0x8c/0xb0
[  104.328672][ T6891]  __kmalloc_cache_noprof+0x4c/0x4a0
[  104.328701][ T6891]  bcm_tx_setup+0x232/0xde0
[  104.328786][ T6891]  bcm_sendmsg+0x34e/0x480
[  104.328890][ T6891]  ? __pfx_bcm_sendmsg+0x10/0x10
[  104.328915][ T6891]  __sock_sendmsg+0x145/0x180
[  104.328937][ T6891]  ____sys_sendmsg+0x31e/0x4e0
[  104.328975][ T6891]  ___sys_sendmsg+0x17b/0x1d0
[  104.329003][ T6891]  __x64_sys_sendmsg+0xd4/0x160
[  104.329023][ T6891]  x64_sys_call+0x191e/0x3000
[  104.329083][ T6891]  do_syscall_64+0xd2/0x200
[  104.329147][ T6891]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  104.329177][ T6891]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  104.329337][ T6891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.329355][ T6891] RIP: 0033:0x7f3c1d50f749
[  104.329424][ T6891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.329440][ T6891] RSP: 002b:00007f3c1bf6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  104.329462][ T6891] RAX: ffffffffffffffda RBX: 00007f3c1d765fa0 RCX: 00007f3c1d50f749
[  104.329473][ T6891] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000003
[  104.329484][ T6891] RBP: 00007f3c1bf6f090 R08: 0000000000000000 R09: 0000000000000000
[  104.329495][ T6891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.329506][ T6891] R13: 00007f3c1d766038 R14: 00007f3c1d765fa0 R15: 00007ffcdec41008
[  104.329524][ T6891]  </TASK>
[  104.531275][ T4085] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  104.535445][ T4915] Bluetooth: hci0: command 0x1003 tx timeout
[  104.603300][ T6900] siw: device registration error -23
[  104.630305][ T6902] 9pnet: Could not find request transport: f
[  104.632986][ T6905] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  104.680778][ T6910] loop3: detected capacity change from 0 to 512
[  104.695933][ T6910] EXT4-fs (loop3): orphan cleanup on readonly fs
[  104.702640][ T6910] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.1119: bad orphan inode 13
[  104.712928][ T6910] ext4_test_bit(bit=12, block=18) = 1
[  104.718521][ T6910] is_bad_inode(inode)=0
[  104.722683][ T6910] NEXT_ORPHAN(inode)=2130706432
[  104.727574][ T6910] max_ino=32
[  104.730786][ T6910] i_nlink=1
[  104.734947][ T6910] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  104.772741][ T6910] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  104.792065][ T6910] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  104.815578][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.871250][ T6925] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  104.886670][ T6925] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  104.895206][ T6930] lo speed is unknown, defaulting to 1000
[  104.917983][ T6925] loop3: detected capacity change from 0 to 512
[  104.925792][ T6925] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  104.934271][ T6925] EXT4-fs (loop3): can't mount with both data=journal and delalloc
[  104.961553][ T6936] __nla_validate_parse: 11 callbacks suppressed
[  104.961570][ T6936] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1125'.
[  104.977085][ T6936] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1125'.
[  105.067803][ T6941] FAULT_INJECTION: forcing a failure.
[  105.067803][ T6941] name failslab, interval 1, probability 0, space 0, times 0
[  105.080546][ T6941] CPU: 1 UID: 0 PID: 6941 Comm: syz.4.1128 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  105.080586][ T6941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  105.080597][ T6941] Call Trace:
[  105.080602][ T6941]  <TASK>
[  105.080608][ T6941]  __dump_stack+0x1d/0x30
[  105.080628][ T6941]  dump_stack_lvl+0xe8/0x140
[  105.080652][ T6941]  dump_stack+0x15/0x1b
[  105.080674][ T6941]  should_fail_ex+0x265/0x280
[  105.080710][ T6941]  should_failslab+0x8c/0xb0
[  105.080735][ T6941]  kmem_cache_alloc_noprof+0x50/0x480
[  105.080759][ T6941]  ? vm_area_dup+0x33/0x2c0
[  105.080785][ T6941]  vm_area_dup+0x33/0x2c0
[  105.080810][ T6941]  __split_vma+0xe9/0x650
[  105.080836][ T6941]  vma_modify+0x3f2/0xc80
[  105.080855][ T6941]  ? path_openat+0x1bf8/0x2170
[  105.080874][ T6941]  vma_modify_flags+0x101/0x130
[  105.080898][ T6941]  mlock_fixup+0x11d/0x210
[  105.080925][ T6941]  apply_vma_lock_flags+0x184/0x240
[  105.080955][ T6941]  do_mlock+0x3b8/0x520
[  105.080982][ T6941]  ? __bpf_trace_sys_enter+0x10/0x30
[  105.081005][ T6941]  ? trace_sys_enter+0xd0/0xf0
[  105.081028][ T6941]  __x64_sys_mlock2+0x71/0x90
[  105.081052][ T6941]  x64_sys_call+0x197c/0x3000
[  105.081070][ T6941]  do_syscall_64+0xd2/0x200
[  105.081088][ T6941]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  105.081110][ T6941]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  105.081140][ T6941]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.081158][ T6941] RIP: 0033:0x7fcc883df749
[  105.081171][ T6941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.081186][ T6941] RSP: 002b:00007fcc86e47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000145
[  105.081202][ T6941] RAX: ffffffffffffffda RBX: 00007fcc88635fa0 RCX: 00007fcc883df749
[  105.081213][ T6941] RDX: 0000000000000000 RSI: 0000000000009000 RDI: 0000200000ff5000
[  105.081223][ T6941] RBP: 00007fcc86e47090 R08: 0000000000000000 R09: 0000000000000000
[  105.081232][ T6941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  105.081242][ T6941] R13: 00007fcc88636038 R14: 00007fcc88635fa0 R15: 00007ffcffd78a78
[  105.081258][ T6941]  </TASK>
[  105.306262][ T6943] siw: device registration error -23
[  105.442103][ T6947] 9pnet: Could not find request transport: f
[  105.522216][ T6951] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1131'.
[  105.531271][ T6951] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1131'.
[  105.631683][ T6954] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  105.655330][ T6954] loop3: detected capacity change from 0 to 136
[  105.819322][   T37] Bluetooth: hci0: Frame reassembly failed (-84)
[  106.143877][ T6981] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1142'.
[  106.180597][ T6989] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  106.189479][ T6989] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  106.225624][ T6993] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1144'.
[  106.234623][ T6993] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1144'.
[  106.315079][ T6996] netlink: 128 bytes leftover after parsing attributes in process `syz.5.1146'.
[  106.324286][ T6996] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1146'.
[  106.372125][ T7000] loop5: detected capacity change from 0 to 1764
[  106.380113][   T29] kauditd_printk_skb: 288 callbacks suppressed
[  106.380133][   T29] audit: type=1400 audit(1763604277.656:12576): avc:  denied  { cpu } for  pid=6999 comm="syz.5.1148" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  106.405717][   T29] audit: type=1400 audit(1763604277.666:12577): avc:  denied  { read write } for  pid=6999 comm="syz.5.1148" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  106.429421][   T29] audit: type=1400 audit(1763604277.666:12578): avc:  denied  { open } for  pid=6999 comm="syz.5.1148" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  106.561286][ T7006] loop1: detected capacity change from 0 to 512
[  106.572126][ T7006] EXT4-fs (loop1): orphan cleanup on readonly fs
[  106.579119][ T7006] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.1151: bad orphan inode 13
[  106.589544][ T7006] ext4_test_bit(bit=12, block=18) = 1
[  106.595007][ T7006] is_bad_inode(inode)=0
[  106.599266][ T7006] NEXT_ORPHAN(inode)=2130706432
[  106.604238][ T7006] max_ino=32
[  106.607571][ T7006] i_nlink=1
[  106.613975][ T7006] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  106.646095][ T7006] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  106.675570][ T7006] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  106.696615][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.781285][ T7018] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1154'.
[  106.909011][   T29] audit: type=1326 audit(1763604278.186:12579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7033 comm="syz.4.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc883df749 code=0x7ffc0000
[  106.945315][ T7031] 9pnet: Could not find request transport: f
[  106.962110][   T29] audit: type=1326 audit(1763604278.186:12580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7033 comm="syz.4.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc883df749 code=0x7ffc0000
[  106.985899][   T29] audit: type=1326 audit(1763604278.186:12581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7033 comm="syz.4.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcc883df749 code=0x7ffc0000
[  107.009732][   T29] audit: type=1326 audit(1763604278.206:12582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7033 comm="syz.4.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc883df749 code=0x7ffc0000
[  107.033540][   T29] audit: type=1326 audit(1763604278.226:12583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7033 comm="syz.4.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc883df749 code=0x7ffc0000
[  107.057472][   T29] audit: type=1326 audit(1763604278.226:12584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7033 comm="syz.4.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fcc883df749 code=0x7ffc0000
[  107.081211][   T29] audit: type=1326 audit(1763604278.226:12585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7033 comm="syz.4.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc883df749 code=0x7ffc0000
[  107.152735][ T7039] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  107.161646][ T7039] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  107.185940][ T7046] loop1: detected capacity change from 0 to 512
[  107.193856][ T7046] EXT4-fs (loop1): orphan cleanup on readonly fs
[  107.200567][ T7046] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.1164: bad orphan inode 13
[  107.211074][ T7046] ext4_test_bit(bit=12, block=18) = 1
[  107.216573][ T7046] is_bad_inode(inode)=0
[  107.220742][ T7046] NEXT_ORPHAN(inode)=2130706432
[  107.225734][ T7046] max_ino=32
[  107.228936][ T7046] i_nlink=1
[  107.232407][ T7046] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  107.246731][ T7046] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  107.265598][ T7046] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  107.286671][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.401096][ T7062] syzkaller1: entered promiscuous mode
[  107.406985][ T7062] syzkaller1: entered allmulticast mode
[  107.537769][ T7068] warn_alloc: 4 callbacks suppressed
[  107.537783][ T7068] syz.4.1173: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  107.557810][ T7068] CPU: 0 UID: 0 PID: 7068 Comm: syz.4.1173 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  107.557841][ T7068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  107.557855][ T7068] Call Trace:
[  107.557862][ T7068]  <TASK>
[  107.557913][ T7068]  __dump_stack+0x1d/0x30
[  107.557980][ T7068]  dump_stack_lvl+0xe8/0x140
[  107.558007][ T7068]  dump_stack+0x15/0x1b
[  107.558030][ T7068]  warn_alloc+0x12b/0x1a0
[  107.558208][ T7068]  ? __rcu_read_unlock+0x4f/0x70
[  107.558241][ T7068]  ? __cgroup_account_cputime+0x81/0xa0
[  107.558265][ T7068]  __vmalloc_node_range_noprof+0x9d/0xed0
[  107.558301][ T7068]  ? update_curr+0xfd/0x1b0
[  107.558364][ T7068]  ? tracing_record_taskinfo_sched_switch+0x71/0x260
[  107.558404][ T7068]  ? probe_sched_wakeup+0x85/0xa0
[  107.558485][ T7068]  ? __rcu_read_unlock+0x4f/0x70
[  107.558511][ T7068]  ? avc_has_perm_noaudit+0x1b1/0x200
[  107.558532][ T7068]  ? should_fail_ex+0x30/0x280
[  107.558567][ T7068]  ? xskq_create+0x36/0xe0
[  107.558655][ T7068]  vmalloc_user_noprof+0x7d/0xb0
[  107.558689][ T7068]  ? xskq_create+0x80/0xe0
[  107.558712][ T7068]  xskq_create+0x80/0xe0
[  107.558748][ T7068]  xsk_init_queue+0x95/0xf0
[  107.558772][ T7068]  xsk_setsockopt+0x3f5/0x640
[  107.558870][ T7068]  ? __pfx_xsk_setsockopt+0x10/0x10
[  107.558892][ T7068]  __sys_setsockopt+0x184/0x200
[  107.558960][ T7068]  __x64_sys_setsockopt+0x64/0x80
[  107.559002][ T7068]  x64_sys_call+0x20ec/0x3000
[  107.559031][ T7068]  do_syscall_64+0xd2/0x200
[  107.559058][ T7068]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  107.559100][ T7068]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  107.559144][ T7068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.559172][ T7068] RIP: 0033:0x7fcc883df749
[  107.559197][ T7068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.559271][ T7068] RSP: 002b:00007fcc86e47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  107.559292][ T7068] RAX: ffffffffffffffda RBX: 00007fcc88635fa0 RCX: 00007fcc883df749
[  107.559306][ T7068] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000006
[  107.559320][ T7068] RBP: 00007fcc88463f91 R08: 0000000000000004 R09: 0000000000000000
[  107.559384][ T7068] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  107.559398][ T7068] R13: 00007fcc88636038 R14: 00007fcc88635fa0 R15: 00007ffcffd78a78
[  107.559450][ T7068]  </TASK>
[  107.559501][ T7068] Mem-Info:
[  107.799752][ T7068] active_anon:23407 inactive_anon:2 isolated_anon:0
[  107.799752][ T7068]  active_file:19167 inactive_file:2450 isolated_file:0
[  107.799752][ T7068]  unevictable:0 dirty:281 writeback:0
[  107.799752][ T7068]  slab_reclaimable:3289 slab_unreclaimable:44087
[  107.799752][ T7068]  mapped:31429 shmem:17139 pagetables:1124
[  107.799752][ T7068]  sec_pagetables:0 bounce:0
[  107.799752][ T7068]  kernel_misc_reclaimable:0
[  107.799752][ T7068]  free:1787157 free_pcp:6319 free_cma:0
[  107.844930][ T7068] Node 0 active_anon:93628kB inactive_anon:8kB active_file:76668kB inactive_file:9800kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:125716kB dirty:1124kB writeback:0kB shmem:68556kB kernel_stack:3984kB pagetables:4496kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  107.873086][ T7068] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  107.902836][ T7068] lowmem_reserve[]: 0 2881 7859 7859
[  107.905302][ T4915] Bluetooth: hci0: command 0x1003 tx timeout
[  107.908502][ T7068] Node 0 DMA32 free:2946728kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2950256kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:3528kB free_cma:0kB
[  107.945991][ T7068] lowmem_reserve[]: 0 0 4978 4978
[  107.951456][ T7068] Node 0 Normal free:4186540kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:93744kB inactive_anon:8kB active_file:76668kB inactive_file:9800kB unevictable:0kB writepending:1124kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:21360kB local_pcp:12464kB free_cma:0kB
[  107.984611][ T7068] lowmem_reserve[]: 0
[  107.984620][ T4085] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  107.994992][ T7068]  0 0 0
[  107.997989][ T7068] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  108.000147][ T7081] binfmt_misc: register: failed to install interpreter file ./file2
[  108.010739][ T7068] Node 0 DMA32: 4*4kB (M) 3*8kB (M) 4*16kB (M) 2*32kB (M) 4*64kB (M) 2*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2946728kB
[  108.034957][ T7068] Node 0 Normal: 49*4kB (UM) 127*8kB (UM) 35*16kB (UME) 5*32kB (UE) 48*64kB (UM) 47*128kB (UME) 35*256kB (UME) 12*512kB (UM) 7*1024kB (UME) 6*2048kB (UME) 1011*4096kB (M) = 4186636kB
[  108.053351][ T7068] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  108.062760][ T7068] 38789 total pagecache pages
[  108.067552][ T7068] 3 pages in swap cache
[  108.071713][ T7068] Free swap  = 124852kB
[  108.075940][ T7068] Total swap = 124996kB
[  108.080121][ T7068] 2097051 pages RAM
[  108.083994][ T7068] 0 pages HighMem/MovableOnly
[  108.088765][ T7068] 81087 pages reserved
[  108.239153][ T7065] loop1: detected capacity change from 0 to 2048
[  108.263503][ T7065] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  108.504334][ T7107] loop4: detected capacity change from 0 to 2048
[  108.633716][ T7107] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.687217][ T7065] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  108.724270][ T7065] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  108.736914][ T7065] EXT4-fs (loop1): This should not happen!! Data will be lost
[  108.736914][ T7065] 
[  108.746665][ T7065] EXT4-fs (loop1): Total free blocks count 0
[  108.752696][ T7065] EXT4-fs (loop1): Free/Dirty block details
[  108.758674][ T7065] EXT4-fs (loop1): free_blocks=2415919104
[  108.764413][ T7065] EXT4-fs (loop1): dirty_blocks=7488
[  108.769772][ T7065] EXT4-fs (loop1): Block reservation details
[  108.775860][ T7065] EXT4-fs (loop1): i_reserved_data_blocks=468
[  108.886284][ T7118] loop5: detected capacity change from 0 to 512
[  108.935613][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.952784][ T7118] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  109.010191][   T37] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[  109.047859][ T7118] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.1186: Invalid block bitmap block 0 in block_group 0
[  109.062488][ T7118] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  109.071570][ T7118] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #11: comm syz.5.1186: attempt to clear invalid blocks 983261 len 1
[  109.085166][ T7118] EXT4-fs error (device loop5): __ext4_get_inode_loc:4832: comm syz.5.1186: Invalid inode table block 0 in block_group 0
[  109.107472][ T7118] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  109.122696][ T7118] EXT4-fs error (device loop5) in ext4_orphan_del:301: Corrupt filesystem
[  109.131452][ T7118] EXT4-fs error (device loop5): __ext4_get_inode_loc:4832: comm syz.5.1186: Invalid inode table block 0 in block_group 0
[  109.144450][ T7118] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  109.154202][ T7118] EXT4-fs error (device loop5): ext4_truncate:4637: inode #11: comm syz.5.1186: mark_inode_dirty error
[  109.175424][ T7118] EXT4-fs error (device loop5) in ext4_process_orphan:343: Corrupt filesystem
[  109.195451][ T7118] EXT4-fs error (device loop5): __ext4_get_inode_loc:4832: comm syz.5.1186: Invalid inode table block 0 in block_group 0
[  109.212979][ T7123] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  109.219278][ T7118] EXT4-fs (loop5): 1 truncate cleaned up
[  109.221380][ T7123] syzkaller0: entered promiscuous mode
[  109.225884][ T7118] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.231139][ T7123] syzkaller0: entered allmulticast mode
[  109.245811][ T7118] EXT4-fs error (device loop5): __ext4_get_inode_loc:4832: comm syz.5.1186: Invalid inode table block 0 in block_group 0
[  109.262244][ T7118] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  109.277690][ T7123] netlink: 'syz.4.1187': attribute type 1 has an invalid length.
[  109.285791][ T7123] netlink: 'syz.4.1187': attribute type 4 has an invalid length.
[  109.295852][ T7123] netlink: 'syz.4.1187': attribute type 1 has an invalid length.
[  109.303870][ T7123] netlink: 'syz.4.1187': attribute type 4 has an invalid length.
[  109.318479][ T7122] tipc: Resetting bearer <eth:syzkaller0>
[  109.333992][ T7122] tipc: Disabling bearer <eth:syzkaller0>
[  109.342039][ T5722] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.351514][ T7129] loop1: detected capacity change from 0 to 512
[  109.365627][ T7129] EXT4-fs (loop1): orphan cleanup on readonly fs
[  109.373791][ T7129] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.1188: bad orphan inode 13
[  109.384370][ T7129] ext4_test_bit(bit=12, block=18) = 1
[  109.390112][ T7129] is_bad_inode(inode)=0
[  109.394551][ T7129] NEXT_ORPHAN(inode)=2130706432
[  109.399638][ T7129] max_ino=32
[  109.403156][ T7129] i_nlink=1
[  109.408198][ T7129] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  109.428869][ T4879] Bluetooth: hci0: Frame reassembly failed (-84)
[  109.436605][ T7129] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  109.456494][ T7129] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  109.478932][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.523519][ T7145] syzkaller0: entered promiscuous mode
[  109.529102][ T7145] syzkaller0: entered allmulticast mode
[  109.682648][ T7157] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  109.691372][ T7157] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  109.709779][ T7157] loop1: detected capacity change from 0 to 512
[  109.719276][ T7157] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  109.727888][ T7157] EXT4-fs (loop1): can't mount with both data=journal and delalloc
[  109.783367][ T7170] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  109.791893][ T7170] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  110.178687][ T7175] __nla_validate_parse: 9 callbacks suppressed
[  110.178701][ T7175] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1206'.
[  110.261422][ T7183] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  110.268619][ T7183] syzkaller0: entered promiscuous mode
[  110.274166][ T7183] syzkaller0: entered allmulticast mode
[  110.283793][ T7183] netlink: 'syz.1.1208': attribute type 1 has an invalid length.
[  110.291607][ T7183] netlink: 'syz.1.1208': attribute type 4 has an invalid length.
[  110.299714][ T7183] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.1208'.
[  110.319487][ T7183] netlink: 'syz.1.1208': attribute type 1 has an invalid length.
[  110.327316][ T7183] netlink: 'syz.1.1208': attribute type 4 has an invalid length.
[  110.335075][ T7183] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.1208'.
[  110.354858][ T7182] tipc: Resetting bearer <eth:syzkaller0>
[  110.368062][ T7189] siw: device registration error -23
[  110.374286][ T7182] tipc: Disabling bearer <eth:syzkaller0>
[  110.391052][ T7191] 9pnet: Could not find request transport: f
[  110.532483][ T7209] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1219'.
[  110.558921][ T7216] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  110.567409][ T7216] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  110.729506][ T7239] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  110.738240][ T7239] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  110.904336][ T7245] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1231'.
[  111.171043][ T7265] syzkaller1: entered promiscuous mode
[  111.176641][ T7265] syzkaller1: entered allmulticast mode
[  111.236644][ T7269] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  111.245392][ T7269] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  111.279919][ T7274] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1242'.
[  111.310783][ T7281] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  111.319494][ T7281] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  111.454144][ T7287] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1245'.
[  111.463227][ T7287] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1245'.
[  111.475201][ T4915] Bluetooth: hci0: command 0x1003 tx timeout
[  111.475266][ T4085] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  111.874415][   T29] kauditd_printk_skb: 92 callbacks suppressed
[  111.874433][   T29] audit: type=1400 audit(1763604283.146:12678): avc:  denied  { connect } for  pid=7299 comm="syz.1.1251" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  111.911623][ T7302] syzkaller1: entered promiscuous mode
[  111.917333][ T7302] syzkaller1: entered allmulticast mode
[  111.920586][   T29] audit: type=1400 audit(1763604283.176:12679): avc:  denied  { setopt } for  pid=7299 comm="syz.1.1251" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  111.945046][ T7300] loop1: detected capacity change from 0 to 1024
[  111.951913][ T7300] EXT4-fs: Ignoring removed orlov option
[  111.955583][ T7306] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  111.966274][ T7306] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  111.977169][ T7300] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.990361][   T29] audit: type=1326 audit(1763604283.266:12680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7299 comm="syz.1.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167617f749 code=0x7ffc0000
[  112.014407][   T29] audit: type=1326 audit(1763604283.266:12681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7299 comm="syz.1.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167617f749 code=0x7ffc0000
[  112.038168][   T29] audit: type=1326 audit(1763604283.276:12682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7299 comm="syz.1.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f167617f749 code=0x7ffc0000
[  112.061898][   T29] audit: type=1326 audit(1763604283.276:12683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7299 comm="syz.1.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167617f749 code=0x7ffc0000
[  112.085636][   T29] audit: type=1326 audit(1763604283.276:12684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7299 comm="syz.1.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f167617f749 code=0x7ffc0000
[  112.109336][   T29] audit: type=1326 audit(1763604283.276:12685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7299 comm="syz.1.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167617f749 code=0x7ffc0000
[  112.133107][   T29] audit: type=1326 audit(1763604283.276:12686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7299 comm="syz.1.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f167617f749 code=0x7ffc0000
[  112.156654][   T29] audit: type=1326 audit(1763604283.276:12687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7299 comm="syz.1.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167617f749 code=0x7ffc0000
[  112.251276][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.278387][ T7326] SELinux: security_context_str_to_sid (|jȴ=|����B�d�o����܄?��� �T��T�o�$����d�e���
۬�7, �`����օ��8���t%��ȫ����n�Ǔ����m�q�\������v.�]����ӷP#��d)8�zl�Q�^�w�*6	��u��I^��?�?�m�v+>-��I��"����/v�u��W��O'!�s7;{����
g�g\R�@G����U@��) failed with errno=-22
[  112.332928][ T7330] netlink: 56 bytes leftover after parsing attributes in process `syz.5.1257'.
[  112.356410][ T7326] No such timeout policy "syz1"
[  112.368941][ T7331] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  112.400118][ T7331] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  112.504406][ T7341] syzkaller1: entered promiscuous mode
[  112.509968][ T7341] syzkaller1: entered allmulticast mode
[  112.598804][ T7343] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  112.607194][ T7343] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  112.680879][ T7345] syzkaller0: entered promiscuous mode
[  112.686661][ T7345] syzkaller0: entered allmulticast mode
[  112.857462][ T7356] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1272'.
[  112.893888][ T7347] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  112.900595][ T7347] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  112.908105][ T7347] vhci_hcd vhci_hcd.0: Device attached
[  112.915322][ T7347] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(9)
[  112.921933][ T7347] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  112.929500][ T7347] vhci_hcd vhci_hcd.0: Device attached
[  112.940201][ T7347] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  112.948786][ T7347] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  112.957729][ T7347] vhci_hcd vhci_hcd.0: pdev(0) rhport(4) sockfd(15)
[  112.964345][ T7347] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  112.972064][ T7347] vhci_hcd vhci_hcd.0: Device attached
[  112.986950][ T7347] netlink: 'syz.0.1268': attribute type 5 has an invalid length.
[  112.995897][ T7347] vhci_hcd vhci_hcd.0: pdev(0) rhport(5) sockfd(20)
[  112.996836][ T7365] netlink: 'syz.1.1273': attribute type 21 has an invalid length.
[  113.002581][ T7347] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  113.018112][ T7347] vhci_hcd vhci_hcd.0: Device attached
[  113.035670][ T7357] vhci_hcd: connection closed
[  113.035856][ T4879] vhci_hcd: stop threads
[  113.044869][ T4879] vhci_hcd: release socket
[  113.044886][ T4879] vhci_hcd: disconnect device
[  113.065457][ T7366] vhci_hcd: connection closed
[  113.065710][ T4879] vhci_hcd: stop threads
[  113.074714][ T4879] vhci_hcd: release socket
[  113.079198][ T4879] vhci_hcd: disconnect device
[  113.084417][ T7362] vhci_hcd: connection closed
[  113.084557][ T7359] vhci_hcd: connection closed
[  113.089777][ T4879] vhci_hcd: stop threads
[  113.098957][ T4879] vhci_hcd: release socket
[  113.103397][ T4879] vhci_hcd: disconnect device
[  113.108345][ T5596] vhci_hcd: vhci_device speed not set
[  113.113934][ T4879] vhci_hcd: stop threads
[  113.118529][ T4879] vhci_hcd: release socket
[  113.123141][ T4879] vhci_hcd: disconnect device
[  113.132001][ T7372] loop5: detected capacity change from 0 to 512
[  113.140115][ T7372] EXT4-fs (loop5): orphan cleanup on readonly fs
[  113.146929][ T7372] EXT4-fs error (device loop5): ext4_orphan_get:1418: comm syz.5.1275: bad orphan inode 13
[  113.157191][ T7372] ext4_test_bit(bit=12, block=18) = 1
[  113.162639][ T7372] is_bad_inode(inode)=0
[  113.166870][ T7372] NEXT_ORPHAN(inode)=2130706432
[  113.171733][ T7372] max_ino=32
[  113.175009][ T7372] i_nlink=1
[  113.178946][ T7372] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  113.192929][ T7372] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  113.206081][ T7372] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  113.225409][ T5722] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.247682][ T7376] loop5: detected capacity change from 0 to 512
[  113.255668][ T7376] EXT4-fs (loop5): orphan cleanup on readonly fs
[  113.262740][ T7376] EXT4-fs error (device loop5): ext4_orphan_get:1418: comm syz.5.1276: bad orphan inode 13
[  113.273576][ T7376] ext4_test_bit(bit=12, block=18) = 1
[  113.279034][ T7376] is_bad_inode(inode)=0
[  113.283213][ T7376] NEXT_ORPHAN(inode)=2130706432
[  113.288087][ T7376] max_ino=32
[  113.291284][ T7376] i_nlink=1
[  113.294961][ T7376] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  113.310574][ T7376] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  113.325629][ T7376] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  113.345223][ T5722] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.413065][ T7380] bridge_slave_0: left allmulticast mode
[  113.418806][ T7380] bridge_slave_0: left promiscuous mode
[  113.424484][ T7380] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.433603][ T7380] bridge_slave_1: left allmulticast mode
[  113.439353][ T7380] bridge_slave_1: left promiscuous mode
[  113.445081][ T7380] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.455095][ T7380] bond0: (slave bond_slave_0): Releasing backup interface
[  113.465549][ T7380] bond0: (slave bond_slave_1): Releasing backup interface
[  113.465582][ T7381] loop5: detected capacity change from 0 to 136
[  113.486702][ T7380] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  113.530334][ T7385] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  113.539135][ T7385] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  113.647405][ T7398] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  113.656368][ T7398] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  113.679125][ T7398] loop4: detected capacity change from 0 to 512
[  113.687982][ T7398] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  113.696531][ T7398] EXT4-fs (loop4): can't mount with both data=journal and delalloc
[  113.744694][ T7409] SELinux: security_context_str_to_sid (���k4���q�,��A�f=�Dd����A&���s��Q�O�	F
/��y�X���-��My���p2D�
(h��5!�Fԏ���ymyK�D�F��!=����+,��/���0'n[������R�C���eK9Љ3e,u�g�^:���Z��ǩ�EIzy��!�$b�ˆ#,m]��_���w�\�����*�k65#I���L!v�i����) failed with errno=-22
[  113.804193][ T7409] No such timeout policy "syz1"
[  114.315664][ T7438] loop4: detected capacity change from 0 to 512
[  114.335096][ T7438] EXT4-fs (loop4): orphan cleanup on readonly fs
[  114.350205][ T7438] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.1297: bad orphan inode 13
[  114.365513][ T7438] ext4_test_bit(bit=12, block=18) = 1
[  114.371196][ T7438] is_bad_inode(inode)=0
[  114.375596][ T7438] NEXT_ORPHAN(inode)=2130706432
[  114.380640][ T7438] max_ino=32
[  114.384076][ T7438] i_nlink=1
[  114.418550][ T7438] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  114.459779][ T7438] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  114.485800][ T7438] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  114.494725][ T7442] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 248: padding at end of block bitmap is not set
[  114.544647][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.577047][ T7445] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  114.584099][ T7445] syzkaller0: entered promiscuous mode
[  114.589800][ T7445] syzkaller0: entered allmulticast mode
[  114.601202][ T7444] tipc: Resetting bearer <eth:syzkaller0>
[  114.631691][ T7444] tipc: Disabling bearer <eth:syzkaller0>
[  114.720661][ T7457] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  114.756415][ T7464] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  114.763040][ T7457] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  114.785299][ T7464] loop3: detected capacity change from 0 to 136
[  114.811315][ T7473] FAULT_INJECTION: forcing a failure.
[  114.811315][ T7473] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  114.824477][ T7473] CPU: 0 UID: 0 PID: 7473 Comm: syz.4.1307 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  114.824504][ T7473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  114.824574][ T7473] Call Trace:
[  114.824582][ T7473]  <TASK>
[  114.824591][ T7473]  __dump_stack+0x1d/0x30
[  114.824618][ T7473]  dump_stack_lvl+0xe8/0x140
[  114.824662][ T7473]  dump_stack+0x15/0x1b
[  114.824678][ T7473]  should_fail_ex+0x265/0x280
[  114.824716][ T7473]  should_fail+0xb/0x20
[  114.824804][ T7473]  should_fail_usercopy+0x1a/0x20
[  114.824824][ T7473]  _copy_from_user+0x1c/0xb0
[  114.824849][ T7473]  kstrtouint_from_user+0x69/0xf0
[  114.824871][ T7473]  ? 0xffffffff81000000
[  114.825035][ T7473]  ? selinux_file_permission+0x1e4/0x320
[  114.825077][ T7473]  proc_fail_nth_write+0x50/0x160
[  114.825137][ T7473]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  114.825175][ T7473]  vfs_write+0x269/0x960
[  114.825204][ T7473]  ? vfs_read+0x4e6/0x770
[  114.825260][ T7473]  ? __rcu_read_unlock+0x4f/0x70
[  114.825288][ T7473]  ? __fget_files+0x184/0x1c0
[  114.825318][ T7473]  ksys_write+0xda/0x1a0
[  114.825377][ T7473]  __x64_sys_write+0x40/0x50
[  114.825409][ T7473]  x64_sys_call+0x2802/0x3000
[  114.825435][ T7473]  do_syscall_64+0xd2/0x200
[  114.825479][ T7473]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  114.825509][ T7473]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  114.825589][ T7473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.825616][ T7473] RIP: 0033:0x7fcc883de1ff
[  114.825634][ T7473] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  114.825655][ T7473] RSP: 002b:00007fcc86e47030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  114.825673][ T7473] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fcc883de1ff
[  114.825685][ T7473] RDX: 0000000000000001 RSI: 00007fcc86e470a0 RDI: 0000000000000005
[  114.825749][ T7473] RBP: 00007fcc86e47090 R08: 0000000000000000 R09: 000000000000001c
[  114.825765][ T7473] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  114.825781][ T7473] R13: 00007fcc88636038 R14: 00007fcc88635fa0 R15: 00007ffcffd78a78
[  114.825805][ T7473]  </TASK>
[  114.880935][ T7480] loop5: detected capacity change from 0 to 1024
[  115.049854][ T7480] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.233338][ T7488] ==================================================================
[  115.241451][ T7488] BUG: KCSAN: data-race in filemap_read / filemap_read
[  115.248338][ T7488] 
[  115.250679][ T7488] read to 0xffff888117c1db28 of 8 bytes by task 7489 on cpu 1:
[  115.258243][ T7488]  filemap_read+0x6f/0xa00
[  115.262699][ T7488]  generic_file_read_iter+0x79/0x330
[  115.268026][ T7488]  ext4_file_read_iter+0x1cc/0x290
[  115.273258][ T7488]  copy_splice_read+0x442/0x660
[  115.278133][ T7488]  splice_direct_to_actor+0x290/0x680
[  115.283547][ T7488]  do_splice_direct+0xda/0x150
[  115.288344][ T7488]  do_sendfile+0x380/0x650
[  115.292796][ T7488]  __x64_sys_sendfile64+0x105/0x150
[  115.298051][ T7488]  x64_sys_call+0x2bb4/0x3000
[  115.302751][ T7488]  do_syscall_64+0xd2/0x200
[  115.307282][ T7488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.313184][ T7488] 
[  115.315508][ T7488] write to 0xffff888117c1db28 of 8 bytes by task 7488 on cpu 0:
[  115.323132][ T7488]  filemap_read+0x974/0xa00
[  115.327645][ T7488]  generic_file_read_iter+0x79/0x330
[  115.332944][ T7488]  ext4_file_read_iter+0x1cc/0x290
[  115.338059][ T7488]  copy_splice_read+0x442/0x660
[  115.342911][ T7488]  splice_direct_to_actor+0x290/0x680
[  115.348288][ T7488]  do_splice_direct+0xda/0x150
[  115.353056][ T7488]  do_sendfile+0x380/0x650
[  115.357511][ T7488]  __x64_sys_sendfile64+0x105/0x150
[  115.362718][ T7488]  x64_sys_call+0x2bb4/0x3000
[  115.367399][ T7488]  do_syscall_64+0xd2/0x200
[  115.371919][ T7488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.377850][ T7488] 
[  115.380169][ T7488] value changed: 0x000000000000023f -> 0x0000000000000240
[  115.387282][ T7488] 
[  115.389613][ T7488] Reported by Kernel Concurrency Sanitizer on:
[  115.395771][ T7488] CPU: 0 UID: 0 PID: 7488 Comm: syz.5.1310 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  115.405487][ T7488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  115.415546][ T7488] ==================================================================
[  115.721056][ T5722] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.