last executing test programs:

29.333705611s ago: executing program 0 (id=1):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4, 0x0, 0x9}, 0x18)
setsockopt$inet_msfilter(r2, 0x0, 0x29, 0x0, 0x18)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c010000", @ANYRES16=r1, @ANYBLOB="cd3e00000000020000000100000014000500fc020000000000000000000000000001ce00010043ecf8a077157cd8bc73e1b93314cdcbb6b9bb84e5bcdb7f9af2eacc913a7640e8332d1daa67516c7f094b740c631f175dd5d0f0a8ebd26792040000006f64e62cd3404917f3be657330adc6bf2f2ab6286f917412935536f4406edcdc8a3779814659bebb63d2c301a5e2568cb3696d7ed256da47bd6246c86e86ac9cfbdae22622b43a13e9096385b4cb17bf6d8436e77f709e436462ad3ba28f73bf36e8e358673326e220d60a9d3d7e3c932faf89062b965db52beeff385e442adbb8d87480d48f4b3d4530e85283070014000600fc0000000000000000000000000000080800020003000000080004"], 0x11c}}, 0x8800)
pipe(&(0x7f0000000e00))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c40)={0x6, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000010180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000cfc2d321b702000008000000b703000000000000850000006400000095"], &(0x7f0000000b00)='GPL\x00', 0x5, 0xaf, &(0x7f00000006c0)=""/175}, 0x94)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000fca000)={0x9, {{0xa, 0x0, 0x800000, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, &(0x7f00000000c0)={0x1, {{0xa, 0x4e20, 0x5, @mcast2, 0x6}}}, 0x88)
r5 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_SETCONFIGURATION(r5, 0x80045505, &(0x7f0000000000)=0x1)

29.302011963s ago: executing program 0 (id=12):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x9}, 0x18)
r2 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r2, 0x29, 0x2a, &(0x7f0000fca000)={0x9, {{0xa, 0x0, 0x800000, @mcast1}}}, 0x88)
r3 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_SETCONFIGURATION(r3, 0x80045505, &(0x7f0000000000)=0x1)

29.286203674s ago: executing program 0 (id=13):
syz_clone3(&(0x7f0000000440)={0x2000, &(0x7f0000000040), &(0x7f0000000180)=<r0=>0x0, &(0x7f00000001c0)=<r1=>0x0, {0x39}, &(0x7f0000000280)=""/161, 0xa1, &(0x7f0000000340)=""/91, &(0x7f0000000400)=[0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0], 0x9}, 0x58)
ptrace$peek(0x3, r1, &(0x7f00000004c0))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x18, 0xb, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xb, &(0x7f0000000900)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x6}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48801}, 0x0)
r6 = add_key$fscrypt_v1(0x0, &(0x7f0000000080)={'fscrypt:', @desc2}, 0x0, 0x0, 0xffffffffffffffff)
r7 = add_key$fscrypt_v1(0x0, &(0x7f0000000200)={'fscrypt:', @auto=[0x37, 0x37, 0x65, 0x34, 0x39, 0x31, 0x34, 0x31, 0x66, 0x36, 0x5c, 0x33, 0x30, 0x34, 0x34, 0x61]}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r7, r6, r6, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
unshare(0x2c020400)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000500)=ANY=[@ANYRES32=r8, @ANYRES32=r9, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r8}, &(0x7f00000006c0), &(0x7f0000000700)=r3}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r8, &(0x7f00000007c0)}, 0x20)
syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x80, 0x2000000, 0x3a6}, &(0x7f00000001c0)=<r10=>0x0, &(0x7f0000000200))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
socket$vsock_stream(0x28, 0x1, 0x0)

29.147344563s ago: executing program 0 (id=15):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x11, 0xb, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000740)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x3b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r0, 0x0, 0x1}, 0x18)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = fcntl$getown(r1, 0x9)
ptrace$cont(0x3b, r2, 0xfffffffffffffff8, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x0, 0x18c, 0x203, 0x0, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x320, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x0, 0x0, 0x8, 0x2000000}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0xe}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x3}, {0x2, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x8}, {}, {0x16}, {0x0, 0xff}, {}, {0x7}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0x101}, {}, {0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x9}, {0xfffc, 0x0, 0x0, 0x10}, {}, {0xfffe}, {}, {}, {}, {0xfffe, 0xfb}, {}, {0x7a04}, {}, {}, {0x20, 0x6}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb8c, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {0x3}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0xfd}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0xb}, {0x4, 0x2}]}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x2, 'syz0\x00', {0x8001}}}}, {{@uncond, 0x0, 0xf8, 0x140, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xb}}, @inet=@rpfilter={{0x28}, {0xd}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz1\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)
r3 = socket(0xa, 0x3, 0x3a)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), r3)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000006c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_DISCONNECT(r4, &(0x7f00000007c0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000780)={&(0x7f0000000800)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="12002dbd7000fc00000008000300a8039f89f23131524ad94e80323edae88d292bfdfe5de945edafbcacf4ae1e24b0a8bbc56ac6bf498082231c459f3468318df2edf6f0cd9b1849c69cb20dbf717ba382fcd20fdef28572e3b4053f3b16a8a3777cc29153bf8c3e998b453261bb6e889208462e2c4ceeeb93ba9dde5455278b", @ANYRES32=r6, @ANYBLOB="0c00990007000000300000000600360021000000"], 0x30}, 0x1, 0x0, 0x0, 0x44010}, 0x0)
setsockopt$MRT6_DEL_MIF(r3, 0x29, 0xc8, 0x0, 0xc000000)
setsockopt$MRT6_ADD_MFC(r3, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x4e22, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa315]}}, 0x5c)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x44, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x528, 0x0, @perf_bp={0x0, 0x1}, 0x419, 0x40000000, 0x0, 0x8, 0x8001, 0x1ff, 0x1ff, 0x0, 0x0, 0x0, 0x400000000000007}, 0x0, 0x1, 0xffffffffffffffff, 0xb)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="00008000", @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb080003"], 0x2c}}, 0x4000)
sendfile(r10, r9, 0x0, 0x100000002)

29.055282489s ago: executing program 0 (id=19):
r0 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0)
syz_io_uring_setup(0x3140, &(0x7f0000000880)={0x0, 0xfffffffd, 0x10100, 0x6, 0x17d}, &(0x7f0000000180), &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f0000000480)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000008}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x589b}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = syz_open_dev$usbfs(&(0x7f0000000040), 0x0, 0x2)
read$usbfs(r4, &(0x7f0000000240)=""/183, 0xb7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f0000000380)={0xc, 0x8, 0xfa00, {0x0}}, 0x6b)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000540)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000500)={<r6=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000600)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0x3, @loopback, 0x1}, {0xa, 0x0, 0x5, @mcast2}, r6}}, 0x48)

28.255059891s ago: executing program 2 (id=24):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1004}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1, 0x0, 0x5}, 0x18)
r2 = syz_mount_image$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x208a022, 0x0, 0x1, 0x0, &(0x7f0000000000))
r3 = semget$private(0x0, 0x6, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000240)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r2, &(0x7f0000000440)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="000127bd7000ffdbdf251200000008000300", @ANYRES32=r5, @ANYBLOB="1400130027afe086ec0b48048c120284819b36350800a40003000000"], 0x38}}, 0xc081)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff2000/0x4000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r6 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x362, 0xc000, 0x7, 0x337})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x0, 0xffff}}}, 0x24}}, 0x0)
r7 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
sendmsg(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)='9', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x4000845)
io_uring_enter(r6, 0x2219, 0x7721, 0x16, 0x0, 0x0)
semtimedop(r3, &(0x7f00000003c0)=[{0x2, 0x4, 0x1800}], 0x1, 0x0)
semop(r3, &(0x7f00000000c0)=[{0x4, 0x0, 0x800}, {0x2}], 0x2)
semop(r3, &(0x7f0000001240)=[{0x0, 0x24}, {0x2, 0x0, 0x2000}], 0x2)
semtimedop(r3, &(0x7f0000000000)=[{0x3, 0x0, 0x800}, {0x4, 0x5}], 0x2, 0x0)
r8 = syz_init_net_socket$llc(0x1a, 0x802, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1241, 0x0)
bind$llc(r8, &(0x7f0000000580)={0x1a, 0x0, 0x1, 0x3, 0x3, 0x4a}, 0x10)
close(r8)

27.393112006s ago: executing program 2 (id=33):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_clone(0x6a00003a, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000140)=@keyring)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x4, &(0x7f0000000300)=ANY=[@ANYRES8], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r4=>0x0})
bind$can_raw(r3, &(0x7f0000000000)={0x1d, r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000180)={'vxcan1\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r7, {0x7, 0x6}, {0xffff}, {0x1}}}, 0x24}}, 0x0)

26.539222632s ago: executing program 2 (id=39):
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000480), r0)
sendmsg$NFC_CMD_DEP_LINK_UP(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000400000005000a00000000000800040000000000080001"], 0x2c}}, 0x0)
sendmsg$NL802154_CMD_NEW_INTERFACE(r0, 0x0, 0x4080)
socket$rds(0x15, 0x5, 0x0)
syz_io_uring_setup(0x2801, 0x0, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000b00)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r4}, 0x18)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

26.502516064s ago: executing program 2 (id=40):
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x4, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x6}, 0x18)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc018937e, 0x0)

26.465790557s ago: executing program 2 (id=41):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x11, 0xb, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x3b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x1}, 0x18)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = fcntl$getown(r1, 0x9)
ptrace$cont(0x3b, r2, 0xfffffffffffffff8, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x0, 0x18c, 0x203, 0x0, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x320, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x0, 0x0, 0x8, 0x2000000}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0xe}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x3}, {0x2, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x8}, {}, {0x16}, {0x0, 0xff}, {}, {0x7}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0x101}, {}, {0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x9}, {0xfffc, 0x0, 0x0, 0x10}, {}, {0xfffe}, {}, {}, {}, {0xfffe, 0xfb}, {}, {0x7a04}, {}, {}, {0x20, 0x6}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb8c, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {0x3}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0xfd}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0xb}, {0x4, 0x2}]}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x2, 'syz0\x00', {0x8001}}}}, {{@uncond, 0x0, 0xf8, 0x140, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xb}}, @inet=@rpfilter={{0x28}, {0xd}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz1\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)
r3 = socket(0xa, 0x3, 0x3a)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), r3)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000006c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_DISCONNECT(r4, &(0x7f00000007c0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000780)={&(0x7f0000000800)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="12002dbd7000fc00000008000300a8039f89f23131524ad94e80323edae88d292bfdfe5de945edafbcacf4ae1e24b0a8bbc56ac6bf498082231c459f3468318df2edf6f0cd9b1849c69cb20dbf717ba382fcd20fdef28572e3b4053f3b16a8a3777cc29153bf8c3e998b453261bb6e889208462e2c4ceeeb93ba9dde5455278b", @ANYRES32=r6, @ANYBLOB="0c00990007000000300000000600360021000000"], 0x30}, 0x1, 0x0, 0x0, 0x44010}, 0x0)
setsockopt$MRT6_DEL_MIF(r3, 0x29, 0xc8, 0x0, 0xc000000)
setsockopt$MRT6_ADD_MFC(r3, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x4e22, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa315]}}, 0x5c)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x44, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x528, 0x0, @perf_bp={0x0, 0x1}, 0x419, 0x40000000, 0x0, 0x8, 0x8001, 0x1ff, 0x1ff, 0x0, 0x0, 0x0, 0x400000000000007}, 0x0, 0x1, 0xffffffffffffffff, 0xb)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="00008000", @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb080003"], 0x2c}}, 0x4000)
sendfile(r10, r9, 0x0, 0x100000002)

26.336199755s ago: executing program 2 (id=43):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b000000070000000100010009000000"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
socket$xdp(0x2c, 0x3, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x20d00, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
acct(&(0x7f0000000040)='./file0\x00')

14.014354283s ago: executing program 32 (id=19):
r0 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0)
syz_io_uring_setup(0x3140, &(0x7f0000000880)={0x0, 0xfffffffd, 0x10100, 0x6, 0x17d}, &(0x7f0000000180), &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f0000000480)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000008}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x589b}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = syz_open_dev$usbfs(&(0x7f0000000040), 0x0, 0x2)
read$usbfs(r4, &(0x7f0000000240)=""/183, 0xb7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f0000000380)={0xc, 0x8, 0xfa00, {0x0}}, 0x6b)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000540)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000500)={<r6=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000600)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0x3, @loopback, 0x1}, {0xa, 0x0, 0x5, @mcast2}, r6}}, 0x48)

11.306875748s ago: executing program 33 (id=43):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b000000070000000100010009000000"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
socket$xdp(0x2c, 0x3, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x20d00, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
acct(&(0x7f0000000040)='./file0\x00')

4.77218878s ago: executing program 5 (id=332):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000200400001"], 0x48)

4.718975434s ago: executing program 5 (id=334):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1f, 0x2, &(0x7f0000000140)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1, 0x40}, @exit], &(0x7f00000000c0)='GPL\x00'}, 0x94)

4.62174565s ago: executing program 5 (id=335):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
read$hiddev(r0, &(0x7f00000000c0)=""/4092, 0xffc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, 0x0, &(0x7f0000001b80)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000480), r3)
sendmsg$NFC_CMD_DEP_LINK_UP(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000400000005000a00000000000800040000000000080001"], 0x2c}}, 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f00000010c0)=""/57}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x18)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x20000003, 0xe, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mbind(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000001800)=0x7, 0x6, 0x1)
set_mempolicy_home_node(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0)

4.620851171s ago: executing program 5 (id=337):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[], 0x50)
r0 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x3, 0x2, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x7}, 0x80, 0x10000, 0x0, 0x1, 0x6, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000600)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{}, {0x0, 0x0, 0x1, 0x1}}], 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x0)
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r2, 0x84, 0x1c, 0x0, &(0x7f0000000080))
r3 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r5}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r6, 0x8982, &(0x7f0000002800)={0x1, 'vlan0\x00'})

4.285428822s ago: executing program 5 (id=346):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) (fail_nth: 1)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
getsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, 0x0, &(0x7f00000005c0))

3.350367473s ago: executing program 5 (id=356):
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r2}, 0xc)
r3 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r3, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="28000000111402002bbd7000ffdbdf2508000300037e4b0008003e000000000008004a0001000000a7fd62e6d556b573879a0718eec8edd4aa67b926c05a3aab"], 0x28}}, 0x4000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
write$binfmt_misc(r5, &(0x7f0000000240), 0xfffffecc)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r6, 0x560a, &(0x7f00000006c0)={0x4, 0x0, 0x0, 0x0, 0x132, 0x3})
mremap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1000, 0xb, &(0x7f0000ffa000/0x1000)=nil)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r4, 0xc0189378, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r7=>r0, {r0}}, './file0\x00'})
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000240), r7)
chdir(&(0x7f0000000300)='./file0\x00')
r9 = socket(0x10, 0x3, 0x0)
sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001a80)="d8000000180081064e81f782db4cb904021d0800fe007c05e8fe50a10a000600014002020c600e41b0000900ac000a0501000000160012000a00ff120048035c3b61c1d67f6f94007134cf6efb8007a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000001008af26c8b7b55f4d2a6823a45", 0xd8}], 0x1}, 0x894)
sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffff53a2513743897e44000d0001007564703aa3"], 0x54}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)

2.218685236s ago: executing program 3 (id=375):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
socket$xdp(0x2c, 0x3, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x20d00, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
acct(0x0)

2.163584539s ago: executing program 3 (id=376):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50) (async)
unshare(0x22020600) (async, rerun: 64)
r1 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 64)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_OKEY={0x8}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x0) (async)
pwritev(r1, 0x0, 0x0, 0x4, 0x81b) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x58, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x1a, &(0x7f0000000640)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1004}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0xbe}, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x46f}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', r3, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0xdd) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async, rerun: 32)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x14000000) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r5=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0xb4}}, 0x0) (async)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2.041424547s ago: executing program 3 (id=380):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000200400001"], 0x48)

1.977037582s ago: executing program 3 (id=382):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe3}]}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='bic', 0x3)
sendmmsg$inet(r1, &(0x7f0000004a80)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000040)='O', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001040)="16ecaaaeb69ec105e9dd534f1bd77f8051db33a07055391264d230088248daa370b0bc75883a507be52e9744ca1479096e0a1d347324d779b5fe3167e722437570ee9c472c6399c49d1473a32016f512dee12a2f9dc3bd6060001c8139ae43a3cbd28d05c66712c9a0b2994264c8614da6c0251fdeb06bcb94139d6b3df7bd60ac9d53ac834c97388aa638bb50457e57f90b3e8e11975ebd2c81a2a13cb5dc9b7fae4411137ad278cf52dd8d32de5b07a396cd19a242b247d2ca16ce1a663064abfc1ba4", 0xc4}], 0x1}}], 0x2, 0x400c0)
sendto$inet(r1, &(0x7f0000000580)="17", 0xfffffffffffffe0c, 0x10048095, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
shmdt(0x0)

1.791046954s ago: executing program 6 (id=388):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x22)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000080)={0x0, 0x1, 0xdfe6, 0x2})
ioctl$PPPIOCSACTIVE(r1, 0x40107446, &(0x7f00000000c0)={0x7, &(0x7f0000000040)=[{0x1, 0x0, 0xb7, 0x401}, {0x7ff, 0x2, 0x96, 0x1}, {0x1ed3, 0xc6, 0x10, 0x6}, {0x3, 0x2f, 0x1, 0x5a1}, {0x101, 0x7, 0x4, 0xf}, {0x5, 0x3, 0xbd, 0x2}, {0xa, 0x2, 0x9, 0x10000}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000001000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000080), 0x0}, 0x20)
io_setup(0xbf3, &(0x7f0000000000))
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r2 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0xad6, 0x0, 0x1, 0x89}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x77, 0x29c780})
io_uring_enter(r2, 0x3518, 0xaddf, 0x2, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5}, 0x38)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5, 0x0, 0x3}, 0x18)

1.68755049s ago: executing program 1 (id=391):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000018110000000000000000de376c6fb133806da7fe95da9e90b954aee4604c445b68e01e39f7c7a74819c21c900ed2edeb898a8fc514f3b5df9ef732e5d016797c", @ANYRES8=r0, @ANYRESHEX], &(0x7f00000001c0)='GPL\x00', 0x4ba6, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000900)=ANY=[@ANYRESOCT], &(0x7f0000000300)='GPL\x00', 0x20000001, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="0e00000004000000040000000c", @ANYBLOB="82e9aa996d4263cb7ade0ada98ce20380caab2c26d6b6b3757074cd94f90d6eb81f6343c3efebcde9a593fbe4ba90c723eb3f055b0da96d75225a618707e6d49ef1c9c29bdb2bd3448d61443c5dbb0753573242279a7fc1560b1aacfe017738128b51b37fceee87c2ee1c0875a14bac1827b54f268bdf15d9ffaffcc2062b7f6061a33d801d3a70529bacab6b1145dba649bae2d4c89161330c7dbfb40be93fb3bff8ac1a51e1c691fc5c16d117d16b3ff160d7ef5318451944b94958be7cf9d3bb79ccfffdaddea0e98f63b893785ae2614326ffe26380c55fa2f938ce63dd77d4975a7d1084502e88a3214f9b100d556eb4d18be9af6ecc34902"], 0x48)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES16=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
lseek(0xffffffffffffffff, 0x7ffffffffffffffd, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$PPPIOCGL2TPSTATS(r5, 0x8004745a, &(0x7f0000005280))
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'veth1_vlan\x00', <r7=>0x0})
bind$packet(r6, &(0x7f0000000040)={0x11, 0x1, r7, 0x1, 0x9}, 0x14)
r8 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x1, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0x7, 0xa}, {0x8, 0xffe0}, {0x8}}}, 0x22}, 0x1, 0x0, 0x0, 0x4000000}, 0x20048054)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, r2, 0x0, 0x7, &(0x7f0000000080)='cgroup\x00'}, 0x30)
r9 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0)
write$binfmt_register(r9, &(0x7f0000000180)={0x3a, 'syz0', 0x3a, 'E', 0x3a, 0xffffffffffffffff, 0x3a, '@', 0x3a, '', 0x3a, './file0', 0x3a, [0x43, 0x50]}, 0x2a)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRESOCT, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x61980, 0x0, '\x00', r7, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='mr_dereg\x00', 0xffffffffffffffff, 0x0, 0x4000000000000080}, 0x18)
sendmsg$NFT_BATCH(r10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000d40)=ANY=[@ANYBLOB="140000001000010000000000000000030000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000020900010073797a30000000000900030073797a3200000000240b0000060a010400000000000000000100000008000b4000000000fc0a048028000180080001006c6f67001c0002800e00024073797a6b616c6c65720000000800054000000008d00a01800e000100696d6d656469617465000000bc0a0280640002804c0002800900020073797a3200000000090002f272797a310000000008000180fffffffc0900020073797a31000000000800034000009c920900020073797a300000000008000180ffffffff14000280080003400000000808000180fffffffb0800014000000002080001400000000b500002804b000100fa62d7ba9ceeacf9aa4f832b78f35731f355d63e192a72aef5e68a05d1b806151b6bd1e2d74abafd383790ad363fdc1b7766748630b48f9beefdb33c86d5835a470b5ffd20d7e9006c0102805c00028008000180fffffffe0900020073797a30000000000900020073797a320000000008000180ffffffff0900020073797a320000000008000180fffffffd0900020073797a310000000008000180fffffffc0800034000000e5628000280080003400000000608000340000000070900020073797a320000000008000180fffffffe540002800900020073797a320000000008000180fffffffe0800034000000000080003400000000008000340000000090900020073797a310000000008000180fffffffe08000340fffffffd8e000100818ce881ff18470752e86442e8b77ddcfc7a4c87f05cd36147be26c85cc854cc117db1906007a5a8c298f4724c8c743d46ec7f3ba478d9dfb10bbe9e4fdfc2188d62db9bb1364fed383fe0b0c3fbbab83959470cb0ffb14765c32f10b54d99531d04caaf264214997543a1c63637d9a3a20b7ce9312e545626eb375c88462c198f35cf8a11616de4fa0c000098020280eb00010099c8e680eb4d0e7f78e1fb62226ae541d997c8cb51c5ebd0bb7e2730b61310dcd7525807288a7ad8c00f6aa230a1d1b876ddb0e188384e7c79cd8af94a02451a04d8f116bde38077da45650d82bdd1767b03e3f35bc4a5769e659d8cdb6d9d9d717c78b50f6b3ac899b07a9eaf2c989654de7d6609299bad01ca1f3fa8b6229a6c69627a07f627880e902231b20368f3ae64fd12fc37afeb95f14a4dc3d0bc5f6e2a7a1cf757df9b48c4ffa703ee1376654019ad6d2add9052c5d2f2e0ba3318f931b2c5f2dcce5cbca6093c64d23b64e2f2061da3dd5983644280de22d592b63b5d7f6b571beb005400010041bbc64da6bacaad1bebec23352accccbca40d6ba87943f82df945bf4ccc5250a0c2b2cb13793380f424b280bfb960885af6df4afa26efa8fcd7a1243389ef3fcf1d709f775a9cd1dfb2b84fd03e5d70f800010001950b7c0ec30534e476b721ba6e82d03078fe63b683918ecbbb9c339c8cdd63689339ac43acd5973f4aac8720a98d18e13b98e11e291f3f3621ed29c717639f84bdd28810da6ae30538775f15e00133741e9de3f96f69ab363752fa962b3c71041ba1e463a91d782a968d9febb667b66e71a6827c53b3be014b785f61c4fd46fef00658f64cdd465edb61ba4c5f00849b2935c485da99a38489ecc29837433ac5446c3922d73153fd8fb2368a5ce4201760ca6778f570b7fcb38be633a02d57c5884b6bcbaf3bc28ca7686edb5d59e1b823a8f0f5ff788625995d51c16413783c6290a9714bd4dcbd2a388139f3e46f69916f335c0002800900020073797a3000000000080003400000000908000180000000000900020073797a3000000000080003400000000808000180fffffffd08aced400000000408000340fffffff908000180fffffffb0800034000bd535e04d0f9c655000003a80002801c000280080003400000020008000340fffffff508000340000000001400028008000340000000050800034000000007720001001c2cce526d2ee30fb33f426450278cb35ac06b1cef15fefc26b5c17a8c9251bed316fccb5588f2e071fc355537fcf458cf14217f16ce4c12a4b559f3e807c94c6cc4f418baebc6024b74b9dbc5ef66dbbe91812ea247db80670c101ed494f105ad9c09b4eaf8d5c133b46a311c1a00001c0302802000028008000180fffffffc0900020073797a320000000008000340000000035c00028008000180fffffffc08000180fffffffc08000180fffffffb0900020073797a300000000008000340000000060900020073797a30000000000900020073797a31000000000900020073797a310000000008000180fffffffbf6000100330e5af714359ac9da33381a13071148dbe4293800e6be0290efbb549850cda132ca27a55553fd77c3067504c4596086f4001f53d49e8111395ebccb983c6b04735a58ab2617dfc62123b09c8dc5a47154667414dc28e8369829764b2e3cc23303a882890bad6d3a70d9e15701ec8c4c15a46d38c9ed6bc8658f8a45a02083f563324a27c649bab7cbcb485c289bd8df0a040128df6891ab48095977e0463f8e3ed7ba6df976ee30768954dfeb3f08c942b2c9384aa0b78baf92ecf5e4d73788afb1bc5a8f7c4b454897cd8bcac7f19cdd949fac66756da3b9311e13362eee317df853f6bc7e4638eb145a1484d3780e09b50000c8000100d5c1e4159bf770e02e6e1ebe911d7513709588175328d2e11f2ebf3f6967c49bedcb2a5459a45272bb8084e3bb55ea7a80166d97ec16457ed7d2a834d9aafdb2a54110ddc7975eaeda4f897ec7d533c27df0ce5ff92cfedadc67fff850ee5d07822d72b27af229d17ad2f8d802ae40d98f373e348a04b4f0270c71f82319de3a0331f165204896e0e448cf7ea0f8eb32a312fda6716f72f0234742fe6708ad0adf587ea21d94b8c8f5080028dda1e21d3d9ac82d8edd12941631b72b692ecc262d6ae12393000100c56deda494a09379df59bad8f0f17376b307ce49571034af728b1c4bf694e3b91406b976944238ab36ccaf44e3d92952ba87aa27af6353a82868c9508577a1b6a349fce75b3e4952b04b9527f496b5555e6db110dec07430b01446635eff12f136dbcb54fd4dc90b02e1bc6488ed74efd9eeb1b6de6e2a234f6c323df5c28a0352d03b34ee4f64ab614078125aa3cc0048000280080003400000000c08000340000000010900020073797a310000000008000180fffffffd0800034000008000080003400000dc5b08000180fffffffc08000180fffffffb2c0202804b000100cece2d8ff50c68c1060c2e691ddc50c6d87b46b4e5f6695010163d98bac2d9d7693cff0ec1e2107f58d3c305c78e5a596df92f1dbe80793dce5424be9e7951890023db7d0b9b2700e5000100f46e4b21dd4b92221713eece21b0e3bfb3fe995725eca78713a8d11ac82a6aefeeeab4720bd136479523ccafa34771afedeafc62275842bb7adb37ff3c93b19d9d5139f8b67ee81e380faa9506e6c849f97545de99344338d340b1bf747ec7f9b12eb2f8c31049c1fc37e8f28812ea0aadd0caa7e32f6bb4b2b7a4473e5fa876c87bf285a503660ea12a0cfff6863a87c64ea83c31e737e278edcad77cb964828c7049d335e25156fd4d1c2faada6a8363794fe487155fbfd7c2e1b8504d4a744357734f51fca0426ffe929280df27411f8a90a067b285e970fa1e403722ae91dd000000f400010073e22ba6603d1c92836887468b100c2dc430efeb2ef19c66bd0582fe94df7b5a20292fdfbd2009980dbf9651685f7713bfb0f42583e452670f29e2cabf848fcdcb7a2067f0b257efd7dc927e540584b08f026e14be231afa797e36410d8ad6cbced8c5d2cce2f5a8b75713e57b3161b5b4ce78d483bf59a04f90bc1c5a4371abed0124c621ecb51b6166ad39f14216c09456232b7ea8dd7058bbbeae8b1c13df7ffa1515a359309683421d783f4fb00547cb06b3f974e65f28397c2c16675436a414b6e28d61800c35bdc05f9837e14491ce0fa7c0fbf6f61dd8f7eceac62373ed913de212a188ad5fa12d0eab8a0b440900010073797a30", @ANYRES32=r1, @ANYRES16=r2], 0xb98}, 0x1, 0x0, 0x0, 0x20000000}, 0x40800)
socket$nl_generic(0x10, 0x3, 0x10)

1.687083981s ago: executing program 1 (id=392):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000200400001"], 0x48)

1.648543113s ago: executing program 1 (id=393):
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0xb, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x38}}}, 0x1c)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r4 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000530404"], 0x14}, 0x1, 0x0, 0x0, 0xc044}, 0x2080)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r5=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}, 0x1, 0x0, 0x0, 0x8080}, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x40005)
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(0xffffffffffffffff, 0x111, 0x4, 0x1, 0x4)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty, 0xfffffffe}}, 0x80000, 0x0, 0x0, 0x0, 0xb3550aa4ba878396, 0x0, 0x4}, 0x9c)
pipe(&(0x7f0000005880)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x9000)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000000e40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db09da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec686949fa05f50bd052e7f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c834810000000000000000", @ANYRES16=r3, @ANYRESHEX], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0)
fdatasync(r7)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xd, &(0x7f0000000200)=ANY=[], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x6c, '\x00', 0x0, @fallback=0x18, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000200)='rxrpc_propose_ack\x00', r8, 0x0, 0x80000000}, 0x18)
fsetxattr$security_selinux(r6, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0)

1.454320536s ago: executing program 6 (id=396):
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0xb, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x38}}}, 0x1c)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000530404"], 0x14}, 0x1, 0x0, 0x0, 0xc044}, 0x2080)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r4}}, 0x24}, 0x1, 0x0, 0x0, 0x8080}, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x40005)
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(0xffffffffffffffff, 0x111, 0x4, 0x1, 0x4)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty, 0xfffffffe}}, 0x80000, 0x0, 0x0, 0x0, 0xb3550aa4ba878396, 0x0, 0x4}, 0x9c) (fail_nth: 1)
pipe(&(0x7f0000005880)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x9000)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000000e40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db09da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec686949fa05f50bd052e7f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c834810000000000000000", @ANYRES32=0x0, @ANYRESHEX], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
fdatasync(r6)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xd, &(0x7f0000000200)=ANY=[], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x6c, '\x00', 0x0, @fallback=0x18, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000200)='rxrpc_propose_ack\x00', r7, 0x0, 0x80000000}, 0x18)
fsetxattr$security_selinux(r5, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0)

1.155613505s ago: executing program 3 (id=397):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='kfree\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10) (async)
sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd2d, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x0, 0x3000000}, {0x1, 0xffffffff, 0x0, 0x4000000, 0x7, 0x80000}, {0x8000, 0x9, 0x0, 0xfffffffc, 0x5}, {}, {0x0, 0x0, 0x800000, 0x0, 0x6}, {0x0, 0xc3}, {0x0, 0x5}, {0x5}, {}, {0x0, 0x10}, {0x0, 0x4, 0x0, 0x8000000, 0x0, 0x200000}, {}, {0x2, 0x0, 0x0, 0x0, 0x6, 0x6}, {}, {}, {0x0, 0x4, 0x0, 0x1, 0xfffffffe, 0xfff}, {0x0, 0x0, 0x0, 0x8000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x20}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {0x20000, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x5}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x60569add}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff, 0x9}, {0x0, 0x0, 0x0, 0x0, 0xfffff800}, {0x0, 0x0, 0x0, 0x0, 0x9}, {}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x9, 0x0, 0xffffffff, 0x0, 0x2}, {}, {0x80}, {0x80, 0x0, 0x0, 0x0, 0x400}, {0x0, 0x0, 0x0, 0x5, 0x5}, {}, {0x0, 0x0, 0x8}, {0x0, 0x2, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x0, 0x8510}, {0xffff}, {}, {0x0, 0x0, 0x80000}, {0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0xfffefffd}, {0x0, 0x80000, 0x0, 0x1, 0x3, 0x2}, {}, {0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, {0x0, 0x7}, {}, {0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x9}, {0x0, 0xfffffffc, 0x200}, {0xffffffff}, {}, {0x4}, {0x0, 0x0, 0x0, 0x66dea0ac}, {0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x3}, {0x0, 0x0, 0x0, 0x4, 0x9}, {}, {0x0, 0x0, 0x0, 0x0, 0x1, 0x7}, {0x0, 0xb}, {0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x100}, {}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x80000000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x56}, {0x0, 0x0, 0x0, 0xec33, 0x0, 0x4}, {}, {0xb, 0x0, 0x0, 0x0, 0x0, 0xfe1}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x80000}, {0x6}, {0x7f}, {}, {0x0, 0x8, 0x0, 0x0, 0xfffffffe}, {0x0, 0x2, 0x0, 0x2, 0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0xe9b, 0x58a}, {0x2}, {0x2, 0x9, 0x20000000}, {0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0xe600, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x7, 0x1}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0xc9, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x3}, {0x80000000, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0xfffffff9}, {}, {0xfffffffb, 0x0, 0x0, 0x0, 0x8000}, {0x6, 0x0, 0x0, 0x0, 0x1, 0xfffffffe}, {0x2d}, {0x0, 0x0, 0x8000}, {0x0, 0x8000}, {0x0, 0xffffffff, 0x10000}, {0x0, 0x80000000, 0x0, 0x7fff800, 0x4}, {0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0xd}], [{}, {}, {0x4, 0x1}, {0x1, 0x1}, {}, {0x3}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {0x5, 0x1}, {}, {0x4}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {}, {0x5}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {0x4}, {}, {}, {}, {0x5}, {0x0, 0x1}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {0x1}, {}, {0x2, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {}, {0x4}, {0x3}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}, 0x1, 0x0, 0x0, 0x50}, 0x0) (async)
r6 = socket$inet6(0xa, 0x2, 0x0)
r7 = socket$rds(0x15, 0x5, 0x0)
r8 = syz_open_dev$sg(&(0x7f00000003c0), 0x4a38, 0x201)
ioctl$SG_IO(r8, 0x2285, &(0x7f0000000480)={0x53, 0x4, 0x6, 0xb4, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000080)="190a9fd4662a", 0x0, 0x2, 0x10002, 0xfffffffd, 0x0}) (async)
setsockopt$RDS_GET_MR_FOR_DEST(r7, 0x114, 0x7, &(0x7f0000000340)={@generic={0x88f303904c695b34, "bcac4c60c6a5927b9af7454c7649e8bcecc721693603cc5098dee5b71d6b334034b91fcc2e3f101d81e951af1d6487b68285d7095ec6b74cee5a42c47c19bfb0a221d79fb94b158a3f864885ac2bc93b6407e5b7274b1ba67b3059da239420e0f70a6c6cf1d1a0dcb57c5963d22a172dcb4ce3e718ca09ec9a5fe6328189"}, {&(0x7f0000000180)=""/28, 0x1c}, &(0x7f0000000200), 0x32}, 0xa0) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'ip6gretap0\x00', <r9=>0x0})
setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000280)={@remote, r9}, 0x14)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x2000, {0x0, 0x0, 0x74, r9, {0xfffd, 0x10}, {0x1, 0xfff1}, {0xb, 0x3}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x14004804}, 0x8804)
r10 = getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
sendmmsg$unix(r11, &(0x7f0000001200)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001a80)="124c8381e43dddc7cc7de9daf7c7785c1736e5fb8f2782a7839300f9c2ed09eee023ccce7f98fba4d0be67112937368a43bf2809a22998bbb3ebc6d87839ac260f7cb743cf545b4ee83ec340360a4d3be5f9add34a3b5c290e27fdb9f366a54965801e88a93b033ac14820c746f00554947d3ab770256ef6095e73fb1eaed480006090bfe19befab3e9669076b846f05779dc0bd4610125b427f3f7db4f5d38838e4263b943f3d147898e68944462340c5d5f37f6a07fd77470a52c67c5c53ca7097dfbc6ac83afb1f344972f68f00f25dbc2a65859e9b3760734fb0c002c66bc6d0ea13ef85d126628fd8f00d7bc226390f2b64d8bffc9fa5d42211c248b49914ae85fd403715e3952d971e68b318569565156e9246509e27c048f32afd592a667c89cdd064de9f154ef779efe7aafd6cb3e8471403221b75d4f1ea4f25a8cc9d9955211e552e409c7f7606c4cf322ce391a55bc861863e7e9b9afdd36b04cf962bdd31f2d8841539af44aa6992feabc66be1f460c2e3a7aea5bd418f9e30f82d7c0624dbaa382e190fa558ecbcae9d3393577208f38e80dc0f2a9288354a22f929972ac23e63e2317491cddc08807ea9ade2094fe305fe6637b273fcbcfb0eb0d459a55a2885e1be15ff17e12e991a89c5d3314c80b27300cb707402d99775f73079e2b0311f074588589b1e10ff572dfe046faeb723bbe5d9e583044060347f004977d365e26af3c916dc55f3b9462da44197faab0faf7326dab2e12194306d66523684bca8dc7c014c4321102f5596cf37981ba454e891ee181d25cda380985792c9888098164daf589644c0ca81db78b4b1be9dca828fc2d861b4a6e7457867128999a62852bb677592c44cc71c067b276d58757f08a83aa907987381decf923a618d5b67b46515b7e778c52973b75585a94e7465eb19e0e71e9199e3bd19ebd627c7644176bea050609dd571301ca6fce1661f6771092e2d85348151e5ffc8368c45531dc74787fef8630111908bea8ccacac81f8f4032101ec5b5ae997b1a85b5cc3b2cf10a6ad2dcf872de0e13b7edc0f2c38d628784060d90f299383c543a98afeccb9c54cb622ac9288125097280b47fd0dd297545909239a9be29de0c60ab6035a72fe3bc99d042e113f1ec97cbd8d520f30850cbb20d46e77bf52680e2271eedcab67869df2699e7f3dd90c3bb6a8985203eeb70c11adff85ade2f6076f4e8d48060af27e14015cdfc7daa8dd6a5d0ea454f12035ba0901d762e998f48f7d137149556a0b498ee4370ed92b8da4e64b076dd885600060c2192c60d0c76a4fe7cb5026a90e6abedc3c5c74fbf479f884da2bf12599d23cba1a5075cfad7efbaea35a0204ed99718322c1750e0bc964e29facb6c04c88e9794fa3f0d920f687403f7389ee58afcdb7353e22cd28d8ea95bbb080134fc5a114395d737abe1b0fe55a5bfd61852e215107043e51e5e8a7bb4eb32d4073f5fe6c53632fa6218dbdc04b29b3e755d72c0d2c348efb23dac2c12a9a7fa54319ba9d9560b2166797c0af5273891a966d01d453fa9f32af091de42a8b08f5dece366f91b72ded93a8fd06cf01308014c160e983f878370f871a0f883f48689dac262a9fe6ae3fdc45a6178c6c1515f477cb0bf730dfed028649b2520a6846fbdd96591c30844248263cffdc6c48ce0ed44c7d6a26e3fc2be3541c9fe45c543f29b52d5083e2e6149e046b1a05e2787ec616f93bdab83836730643af2dedbc955710a9911fcaa8a424af1b6dd60e124eb4054c108b194923b5ddddaef111886031b96be316dce03fa54f2ead27aa851959a308373b27e338c48cf65c7afee049e866367f66f0b1baaa3dd997b32b9d2ffa361f856c21c872de3a4fc93f2ce4f9322286f6c3f6374680ae85804b411cc302a0e88e86ac20f266c3f9757afbd97b6f7c3b77d7bfd2ec39f7eaadefd7cf288b60ce81f25e55f8eb95fad956559989386bfcdc21d94e41b58a6472767b11f591ca3769beb01aed59a7b5581178d036c8e632cb4998ee1f7465166dc980f639556c0586f53cc008f0be8ef3bb2344dfbcc3d22b5d2ceb6b7a709c229ad6ca68407684f52b3cc04061aca8b01b36282277c7ee6c1573bcc7b386879cf497e8f6243b47b87a3b484d9a6fa689365b7e12af762e68715be0b3639da92dc5aa1ff32f0df5b85812d15a283a294aae5d34575613bd58ad0ac562247320406e8fec79cb6b9907f4750c8b1f9cdd865e836816097375b3763542bf0a1e69b3432d8594c6f967c519812f0021166a46005e90e27426da35f1f15a4bf25c2e5572ec71079cc0834fa639a5bb83e5369dcb304bc516e7c421a1988fd3a6abe1249d4dbb60b54588315b1cfd290486b50ef21bce2bb03f6fa81bc517b2adf8fa38d12c1f4d48ad3a3d5a8c47e72d688fa166cf6fb47fc50dccb4d2d", 0x6c1}], 0x1, 0x0, 0x0, 0x10}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r10, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r10, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000028000000000000000100000001"], 0xe0, 0x4000000}}], 0x2, 0x800)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) (async)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x8800, 0x0) (async, rerun: 32)
prctl$PR_SET_NAME(0xf, 0x0) (async, rerun: 32)
r12 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e0001007769726567756172640000000400028008000a00bc"], 0x40}}, 0x0) (async)
close_range(r2, 0xffffffffffffffff, 0x0)
dup2(r0, r6)

807.789188ms ago: executing program 6 (id=399):
r0 = socket$kcm(0x29, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000003c0), &(0x7f00000005c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000080)='\x00', 0x1}], 0x1, &(0x7f0000000040)=ANY=[], 0xd0}}], 0x1, 0x20040017)
close(r0) (fail_nth: 1)

732.182662ms ago: executing program 1 (id=401):
r0 = socket$kcm(0x29, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000003c0), &(0x7f00000005c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xe, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r4=>r2, @ANYRES64], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="3800000010000507000000000004000000000000", @ANYRES8=r7, @ANYBLOB="00000016010000001800120008000100736974000c0002000800030036", @ANYRESDEC=r4], 0x38}}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="c00000a87847d6136c37b829b107680016003904", @ANYRES32=r7, @ANYBLOB="830004002a60000020001280080001007369740014000280080014000500000008000300ac14140d"], 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x4040)
rseq(&(0x7f0000000380), 0x20, 0x1, 0x0)
r8 = socket$l2tp6(0xa, 0x2, 0x73)
setresuid(0xee00, 0xee00, 0x0)
sendmmsg$inet6(r8, &(0x7f00000006c0)=[{{&(0x7f0000000400)={0xa, 0x4e22, 0x8, @rand_addr=' \x01\x00', 0x3}, 0x1c, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="188bb0f1704843130783440027fe758ef36510000000000000000000f8ae000000ea00000000"], 0x18}}], 0x1, 0xff00)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x34}, 0x94)
socket$kcm(0x11, 0x2, 0x0)
sendmmsg$inet(r0, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000080)="04", 0x1}], 0x1, &(0x7f0000000940)=ANY=[@ANYRES8=0x0, @ANYRES8, @ANYRESOCT=r3, @ANYBLOB="7bb5dfb0bd74b2c91bbd27a5e0a9a0a7016a47329b15cf92ecadd19fc4d0f24d2c5ef04a9d1049c947dabefb023eb48dd39f9f089e1f104b049cdc405ec617c08efb3a24e69d27dedd38e5fc712b6805243cf086047ac3acca97d5c25a83c2c2092ea73d7f6631cf5b95010df1c3975ab293b84b4ba15fb53d", @ANYRESDEC=r2], 0xd0}}], 0x1, 0x20040017)
socketpair(0x18, 0x800, 0x0, &(0x7f0000000000)={<r9=>0xffffffffffffffff})
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000f5004000"/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000e80)={0x3, 0xc, &(0x7f00000007c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001400)={{r10}, 0x0, &(0x7f00000013c0)}, 0x20)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r11, 0x0, 0x3ff}, 0x18)
syz_emit_ethernet(0xfdef, &(0x7f00000002c0)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0086dd6002000800fe2c00fe8000000000000000000000000000bbff02000000000000000000000000000132"], 0x0)
getpeername$packet(r9, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
setsockopt$bt_BT_SECURITY(r9, 0x112, 0x4, &(0x7f0000000000)={0xf9, 0x1}, 0x2)
request_key(&(0x7f0000000040)='user\x00', &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000700)='\x01\x9cs\x9f\xf8Ss9\x1cX\b\xc6\f\'\xa8\xe3\xdf\xb59T\xe4\x96\xfc\x94\xea\xad\x1b\xbd<T\x8f\x9f\xdc\x8bCW\x81\xfb\xd4\x02\xfc\xe4\xbf\x1c\xae\xea5\xf8\x0e\x0f\xbf\xcf\xb4L\xe0\xe0M\xb2 \x8fX\xe5\x9cRRa)\xbf\x19\x1b\xc3#\x16\xbb\xf9d\x1f\xc2\xe0\xfdsx, \xc0\x8b\v\x13\x8a\xc4', 0xfffffffffffffffe)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)

338.867008ms ago: executing program 4 (id=403):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000200400001"], 0x48)

333.820618ms ago: executing program 1 (id=404):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vxcan0\x00', <r3=>0x0}) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040)={0x0, <r5=>0x0}, &(0x7f00000000c0)=0xc)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000100)={0x28, 0x18, 0x1, 0x0, 0x0, {0x2}, [@typed={0x8, 0x800, 0x0, 0x0, @ipv4=@multicast2}, @nested={0xc, 0x8, 0x0, 0x1, [@typed={0x8, 0xc, 0x0, 0x0, @uid=r5}]}]}, 0x28}}, 0x0)
sendmsg$nl_xfrm(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000300)=@getae={0x360, 0x1f, 0x300, 0x70bd2a, 0x25dfdbfe, {{@in6=@empty, 0x4d2, 0x2, 0x6c}, @in=@loopback, 0x6, 0x34ff}, [@migrate={0xe8, 0x11, [{@in6=@rand_addr=' \x01\x00', @in=@broadcast, @in=@dev={0xac, 0x14, 0x14, 0x10}, @in6=@mcast2, 0x2b, 0x2, 0x0, 0x3505, 0x2, 0x17242615957d7f6}, {@in6=@empty, @in=@local, @in=@empty, @in=@private=0xa010100, 0x0, 0x4, 0x0, 0x3504, 0xa, 0xa}, {@in=@local, @in=@empty, @in=@local, @in6=@dev={0xfe, 0x80, '\x00', 0x14}, 0x3c, 0x1, 0x0, 0x34ff, 0xa, 0xa}]}, @sa={0xe4, 0x6, {{@in=@loopback, @in6=@remote, 0x4e22, 0x0, 0x4e22, 0x8, 0xa, 0x80, 0x80, 0x3c, r3, r5}, {@in6=@local, 0x4d4, 0x33}, @in6=@mcast1, {0xa89b, 0x0, 0x8, 0x47e, 0x3ad, 0x100, 0x400, 0x9}, {0x1, 0x9, 0x0, 0x6}, {0x10001, 0x5, 0x6}, 0x70bd29, 0x0, 0x2, 0x0, 0x8}}, @replay_thresh={0x8, 0xb, 0x55c66ad3}, @tmpl={0x104, 0x5, [{{@in6=@empty, 0x4d4, 0x6c}, 0x14, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x3501, 0x2, 0x2, 0x0, 0x166, 0xffffffff, 0x5}, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4d3, 0x33}, 0x2, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x3502, 0x0, 0x2, 0x7, 0x8001, 0xa2, 0x3}, {{@in6=@loopback, 0x4d2, 0x3c}, 0xa, @in=@dev={0xac, 0x14, 0x14, 0x28}, 0x0, 0x3, 0x0, 0x10, 0x401, 0x3, 0x7}, {{@in=@rand_addr=0x64010100, 0x4d6, 0x6c}, 0x2, @in=@rand_addr=0x64010102, 0x34ff, 0x2, 0x3, 0x5, 0x6, 0xd3b, 0x1}]}, @replay_esn_val={0x24, 0x17, {0x2, 0x70bd2b, 0x70bd28, 0x70bd2d, 0x70bd2c, 0x5, [0x6bd0, 0x4]}}, @etimer_thresh={0x8, 0xc, 0x5}, @replay_thresh={0x8, 0xb, 0x1}, @srcaddr={0x14, 0xd, @in=@multicast1}]}, 0x360}, 0x1, 0x0, 0x0, 0x24000000}, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) (async)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x44, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x528, 0x0, @perf_bp={0x0, 0x1}, 0x419, 0x40000000, 0x0, 0x8, 0x103fb, 0x1ff, 0x1ff, 0x0, 0x0, 0x0, 0x400000000000007}, 0x0, 0x1, 0xffffffffffffffff, 0xb) (async)
mremap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000900)=ANY=[@ANYBLOB="2c0000003f00070dfeffffff00000000017c0000040077000c0003"], 0x2c}, 0x1, 0x0, 0x0, 0x4048011}, 0x4044000)

284.467031ms ago: executing program 3 (id=405):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000400)=0x800010, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x3a, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000142020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000e02800850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0a00000004000000040000000500000002"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x63, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r5}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000003c0)={r3, &(0x7f0000000640)="0b7769922519ae2281ffcfe207484f24057048c8172c5d2ab039d47b9de1a07d2be1c6bd85a2b6fa2ee1dca440e2a0c88a6bb2b2ab810fbb9ea6703aa3c22e7a4c11269398a57d97e488d8ef07833a0f277f0556a6ecb726707e592d114fab3b85727422f1321041967f8ff7a69d6d3a5ed7e94dd6250026f4aa244bfa932da936ef0fc5343f3a22f74a241197417bb58301b3342e15a9d68f24030bd0d293e829eff80a11679ef5be974f32ac72bd4ae502681337208a4cf3757ac46c45681df5cd3ab3cd1482fa2bdacaf0f7bf786cbefdb96a53c8527ac68f1de2886124c03ac830043c268e71d73ec20f2f9a412474c60b78de49274d7c64298268af84c00cb88043c1a862e6b49ed018573e8ff10d2faa8f0ce68dbce3e57a5706b77233f369ac7ea712bd3888123b6796c965f841bb3f5e14657b3521d79352eb9aaa87fde3f59462f14a35adfd825c9ed3d0bfa05c1258e2d9d5625a56e5c4e80749261f889bb5f1318c4276a00ac98c646efe7d31bda08963ac39e34d15221b7009af05bbaed594027665430f109056b7fb7443b54faf127b4fc97689250c523603543d8879b2b6409169cb0e7d76f97ba2e4194eb87c430753b7980cf48ec4c7a11af8e4241fa6bee7591718b71616326d8eb0b9e1f28be5a485b47dd8d9f0caeebfe0183a4470588b48b4c74527739b5e07ea98994289ca76d26e1b2b30d3ed431ec353879e2b337d9fdd2879a91462e2416b329934e3bcf47070419175d7fddc854686f4a68c5ebaa2b81df70e743b6120292ce17e539d145b1ffcc7b44afd8ec0f3533c1cd59c965f7fc7452182eb755ff350588ca58323a51eda1abd40195cdc3709ee387291fc56622a38ec0d382b4f976750b2e14f5c3d7c4a1ba8ab2ce19ae044ee4342405dda1ac0f15604bb38941ab86d5957a4bd140bb34ab352843147856949e855901333514f782d908c462bd442df209e6e6602e7253c8fc5a5b628578e70aaaf5448e93627049b2c3201fff2e231fa45a7e4db033b64b2aa44dba47dc07e1531c5079bd0d88e701b6b7f71c1944d68591a2e1a6db8d315f9078487f6e2a2aba928bf346abe4dd7a3903829202b67bebfb680701558ede5ef7d80d70fa6e6674965b7204a3a318834506a9b83fff0476edfd88132d6007f7099fb9ce959311da4e20feb9ae20cf74f8c220386ffcc1b66fcea13c4a94aadd007ac811774941a34076ad744eff272fccf0b690be199fb1fff4ddf3cdc813fa37f6b1eb943e6f8c59f87e54fb7b2b272102522551fa303a9bd757fb2ad13ddf1af433677104dd04ba1da6a128e10e8872343d2a397c22bc12af26d8a36146134dab365b36ff7d0522ab0dda3f2eec8f334a33459142ef90e5b8d2c374c4a1f0b35e106baa0b8c6fcbb0c28eb13cbba69a5b81e5acd709191808e7e25f5e5e1a71fc0bcfa3a4603a9eb83fa28ea2ecd909ceb9ed6af5fe6b2fcdf57415f4c129e44aa310d454b0d7ca60f9789cd6e04175c0b3091f198714cedeb6b9d2314225223104ab3bd4360a0f9288d4877fd731bcea0e634839cbae81bb57e07c512e0e593aae6570d9ef74fe39cc73b3d525e10b34917b4b1a878d62978da19d564ca6fd85551efff872659daa206fd33eaf67b05a0954b9ac13995d9fba7e2176cfcaf00d01876923c789f3f1df447f7cf96c8660e3687d09cf2536e47f9442d4c5002e3ff7bdc92d034bcbd815497c323229a5f294acd0422d91fae672d28bf9b99f5d4ce8478475771396c36a8ec28a34fdb44c9fcbf28fa106abad017dc35c71e3e9bed3d88a3b5c521a4b4e0cd9d22756eed4a94ffd95ae57110ee6b1f647af47247c4422c465a0e3afae6167f45fa7844a0439c133f3f90b4618112d2ed7f1949f30189f11007ca375389bb442c94308dd295d1de01269d7ace1495461c8df77a9f5697c9d72e46e2a74f203c559db5701dbccb11becc5dadcf54b21f292241db908b59bd9a18f1dd8e4ac3154a5d991ada74d850e047f606325bd5dcfeb35b8f77a289ee7cb8661ba5c59589ef0ebc89d204571742aea2758952e29d92a5a09d75e726ab1bead1fabd468be837a048200d4c0b5c758def34099dbd301902c6a1067ee28db3fce779a793b7e4da710daa1af724a31b4a012fafece956000694fe1f7a410c0cf845b24425e3a5ed1e4e42826d91d54ace76f013113f17e2ff574f2253fd04f7a9ac1022ed915e0e2d6d28167b1e575b40696ac8271d63c96506ae26a7fe3dcc053c4bc1896d269ea8e9bf01115c5661a1984bc6d2aeb0290e3b4f4d8f8f0c2504cf89fec93d8075ea1e93663d2c4728bee142c2fe907f89683cfa1b4eca105ccb4903bd67dd7f8e2d3a9ee7c11c4a560c65dfc8f9e8e72a6db0bc2b2428969441e8f02ec0a44dd971ce29305dd70c8b37a081d123cc5b9ccff35034b85b65b63afe8512518e1ff0f0b554e68c9cd85393c1fa72985f604d011020765e3c0be49ce7c9d6109bf01b0f7ecc429bc97c4fed92c1744f76ce51d7210e7a326db7df94ea404ca333e02596cefb0d550111a8fe4cb4f93e6a10f23e203142fd4923a67f8b347168a9023a0499b6786c200226d0c95b784f1650f9a82242f79af365afcc7ad5a07113460619404a7822662737dc70f61cd965a3edbde684ac3f99000b26c23d00a6a04cd39f7d2999e18e68670a76e0776ae9a2fa695d6558a86973a137f9dc29d87dd67a02addc3db8620950ec80aa85d039cbfea7762da070b22c522143b968843e157b5afa8251fc0329bc32bcb704c406c0dad1ec6e80c726af3bd11947d1f16022f8513f110dffca1a3113e8cddac470b74232cc46df404a37f145714f4536adaabde71cea954faf1c53daa21925abec99a4769ff56fcc8a4635b60837860ad865dd0e60f412d24ab065820974922e41c586c63343e334001cfc7af80afb8426a1b13a5f2d7e4d59bfb095b394d22e99c20501a69f355bfad3fe0e4971ef2f34f0c106523c391c3e0fb0b0fb29c18ac7134c9a185fc4b92f731f7d8eb51cff7f53c13c0068f13e15e4cf8216d64f3fbd824b2aef9f7c97e68612141b98ce08c9f7cf689273e076ffc4b40ba1c203473b473b80b0d3833cf52e0f8d384134f2f6d873e867783ffcc713ceeb6c0a8b16356723b6aa4812e009292e8cbbba8041447babf86552abac0f4f6d1c14dc466271e98a344b5a60d71026e67a16a534b743fee57cd1b408fc8aa043562539492e1ed7176ea4470fbde5435e3bcad1dac9f8c60b72a0cf5346d9157dd638da5b53657434d15e94ac6e3700ea63081cc5214e32b63c1a1ad07f0c54b0bd756ba25be474a3c15bd58cba593e5b975f8aa56d1fb4d283cde83bfed84ac190d0bec065fe86c7e314cd6fa7d31ea39bf048cdf56aedaa1b9625b5c5cbd8716b3187f386107191e16d42663b61bb635ab7873ff842f886e5e1680c9d9a0d56dc6f93e7e459c2a0f2aa8a0ed4dcae912ee04233178d42617cca29f6ea632c0b8084551a9a95e396596c14b8d9fdd33a90286cb02b620807a1e0442aa1497034a46d322569e33fe4085dbdfb1520b08667f93db5c439eceb37108913c2e1601367259c756e8342a65baa7125ba29ddc1870f8dbe8843993212f1f54313e6a2761af2cf95e089d397f8e0209779f514e6971e0acbbb755dc673e26b9476886914d331e2e036d890648382fa5a1ab6fd9a220dbaa24f05a25cbfacf0243bd7ac19feb184359107c32b72783cb4c5450d01cac856c899cadb9428d727a0ba5739a1ad1083770fbbf1b3dd5f795ab6e2c7526a762d0c1a28c1abf00fec90c0fa115116ee89b6d8bb47f92c8516c30771981ba04d5ec31cd41ac9f32ee4a64de38d5f8d58a2ccfa2bdadd79db8fe3255d83aa9935a0549aed562096c25e52cdbdcc56506777ac6eadae33f6405cdc10275b844f3d3b3bee61b3a7777b3e34fbdad4bc2729fc85f10c746c9c0a94c608f1f1ee4ca8598e6c47f62a0dd4e96eeccef7c82e919ba4f3ef6750dc5a03d64c3c142f31d57310da5c34cbfd4b8ccda6c86331fb73646c3da5ff9212ce4243a49d6fe42a79669a2334be0d35378af6e5bbf954bf5b57e9c0271d100006bbad097f35e8e3cf8b4e2e581236cc41cb838ddac2e339a423aa2d0efeacf3bc8496d8bb429da9c9d6a4c541722dcdf82ff8670b9385c7d61888f08ecb8306c59ca7e9fe56a9b1a194f6d58d8ecac614c0159b523229eb5f0ec3c1a29cfedec19e8b7a6b872850d5259837e7d5f6739f9154aefdcfeedb212827650b7e388dd92899b38921260dd8a670ee663394145e4cf9761d7e37f3e2251f94b102a551018a1211aa6b039c6a5c1313336df037c6017e2935fc7172a1c3f32450de5096228cc26bc00888f09b42c707fbf708302184a51fbd70b99c63fadcf419413d29bb46a1ed574fca2a392829a6299137a29be2052405b1d609c6efd41d66db19b7a75c451fc27d81644d1adf2d59593002f64ace94acf550dab2656cd702f00a16edd94578a2c15901446fdf1f8bd4728f5e51fa1e41cf15cf8ba90c7d56a6f5afc8524aae65a5b5928278688e93eb8a2ff6ead77e9617545b36d625fd98b9004203c9865aa953fcf24228a88d9c36c4d5056158e3b40d3539d34d3553289bb355ecf94737754f3a65082d434f27b66e487969e894c5db3815968e7f2b355f60192b21546a0f391f8552a541f3af7af5d436a8d7f69e09f85b3f36573fed10e6ccc7a926dcacdf96a712f65de17b707412f5745a80371659ef6847b174b52fed498dfd95cd7b41bff6d79fe83ea7c0b8b967ef417bc21377f326be19351a962d423761ebf615f3fd7f63555b1c1390e9eea1154813178aab13fff20dcf94aa368a05cd960aa9db26254dc33fc80ccded55a3ba7f0edcd3bdcd66b1ac841f1de641d1a2f6988e25f98f3525cd403b63db2c3abe3706a8b96511ea6b3990aca4eb90eba4f457b47ffb24e684057e10ce85420e8657601d8d8da015ec55b68c492a81599b39132551b6ff0f781376c55569ab85e46152cafa17107d911ed21aaabc34e42153e7ea6f8cd9a98d640cbaff2675da41bda69d39247f941567e38fad58b672c223437ec759ce81d76e3f14e383855d1b5723ab9bbbb7cf3a5b695fb3fd4e3b8e28e4a15d233296d83618a849444b958673b24bb235a21bf63399404c12ba437a01ebe7c5b0e1503ad14ca30bcdf443b68b20f387669f435679abfa64270b7b6380091c9f7b4655c6f908c69dda570fabed547b62778a1f2ab7590949f6a89c44a8d65da6fef6f59057d61557c08223d6c6fb49642fc07e0a43331c551b83897fdefa832a1eb32bca9893eadca6e1dab938a04c0459ad8a535c076e1be5721b53fffa22768fd110f40ce18bfed889d254ba7be23b2141a91bf6691dbb0531fdd093c6f87f8d9a89e61fb1bda5dab31ebca0e9fe3fcac2b0ce8bfdc5bb422a3e609c66f9992b67a73ca3041a54825e18cba5d750b4002d1bb62a96dac7396f7fa553cd73e500c4e41289821fcefc77b72423eebfd972bac115046b7808636f6de9f183eb6b3787485ceae214362149621b709ff4e021ef18a87abf5d89d8959d69923700892e7995a137f41c6f771c80d6e4b81f768ee48e073baf37b4e66755a47868953b584f2908695f1ac1025e98ddc06ae9d49a24b50fc6716c4399f7e40ecddcef47e39216d92657c30544bc98d293f5852f3d1da5389a2d3d2066acaf71c4e17b7329a771ca1b68d55c71892d9b61dccddf43f582bd782cfe7140aa2bc8ed49a1"}, 0x20)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000380)={0x1, &(0x7f00000001c0)=[{0x6, 0x7, 0x5, 0xffffffff}]})
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)=<r7=>0x0)
timer_settime(r7, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000000)
io_setup(0x3, &(0x7f0000000340))

283.849171ms ago: executing program 6 (id=406):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0003}]})
r4 = syz_io_uring_setup(0x88f, &(0x7f00000000c0)={0x0, 0xaec6, 0x80, 0x1, 0x2f0}, &(0x7f0000000380)=<r5=>0x0, &(0x7f0000000180)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_CLOSE={0x13, 0x4c, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x1}) (async)
io_uring_enter(r4, 0x47f6, 0x0, 0x4, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r0}, 0x8) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) (async, rerun: 64)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) (async, rerun: 64)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r8}, 0x10)
mount_setattr(0xffffffffffffffff, &(0x7f0000001d80)='.\x00', 0x0, &(0x7f0000000080)={0xb, 0x0, 0x40000}, 0x20) (async)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000f00)={r9, 0x2000000, 0xe, 0xe00, &(0x7f0000000300)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xa}, 0x50)
quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000400)=@sg0, 0x0, 0x0)

283.310271ms ago: executing program 4 (id=407):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="1801000000000800000000005e002200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x1e, 0x2, 0x1ff)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
recvmsg$unix(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_io_uring_setup(0x19d1, &(0x7f00000003c0)={0x0, 0x0, 0x10100, 0x8000000, 0x8000000}, &(0x7f00000006c0)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r2, 0x0, 0x0, 0x0, {0x5260}, 0x1})
io_uring_enter(r3, 0xa3d, 0x0, 0x0, 0x0, 0xff39)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x3, &(0x7f00000000c0)=[{0x5, 0x1, 0x2}, {0xb1}, {0x6, 0x0, 0xfd, 0x909f}]})
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80000)
vmsplice(r6, &(0x7f0000000140)=[{&(0x7f0000000100)='\x00', 0x20000101}], 0x1000000000000044, 0x0)
getdents64(r6, &(0x7f0000000280)=""/177, 0xb1)
r7 = syz_genetlink_get_family_id$team(&(0x7f0000000380), r1)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbf7, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x48801}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f00000005c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x58, r7, 0x2, 0x70bd2c, 0x25dfdbfc, {}, [{{0x8, 0x1, r9}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x20004000)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="340000000101010200000000000000000400000408001a400000000108000000030800084000000005000000"], 0x34}, 0x1, 0x0, 0x0, 0x4008000}, 0x4004000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000007000000050000000100000f220000000c0100000400000022000000005f00002e61"], &(0x7f00000000c0)=""/254, 0x37, 0xfe, 0xa}, 0x28)
read$eventfd(r0, &(0x7f0000000040), 0x8)

282.991601ms ago: executing program 1 (id=408):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
io_setup(0x5, &(0x7f0000000140)=<r1=>0x0)
r2 = eventfd2(0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000d100023233d3f00050000004100000076bc2e3f3181ab5b0d", @ANYRES32, @ANYBLOB="fcffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
request_key(0x0, 0x0, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000340)={r3, &(0x7f00000001c0), &(0x7f0000000300)=""/16}, 0x20)
io_submit(r1, 0x1, &(0x7f0000000280)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1, r2}])
fsync(r3)
ppoll(&(0x7f0000000040)=[{r2, 0x3273}, {r0}], 0x2, 0x0, 0x0, 0x0)
shutdown(r0, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x2000003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x65, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r5}, 0x38)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x200000000000026d, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r6, 0x0, 0x115}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000080)={0x2, 0x4953, 0x81, 0x2, 0x6, 0xfff})
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
open(0x0, 0x64842, 0x0)
r8 = creat(&(0x7f00000000c0)='./bus\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socket(0x21, 0x2, 0x10000000000002)
fallocate(r8, 0x0, 0x6, 0x2000402)
setsockopt$inet_sctp_SCTP_INITMSG(r4, 0x84, 0x2, &(0x7f0000000180)={0x7a2a, 0xd, 0x5a}, 0x8)
sendmsg$inet_sctp(r4, &(0x7f0000000700)={&(0x7f0000000100)=@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000540)='\x00', 0x1}], 0x1, 0x0, 0x0, 0x2804c044}, 0x0)

202.522057ms ago: executing program 4 (id=409):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1004}, {}, {}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r0, 0x0, 0x5}, 0x18)
r1 = syz_init_net_socket$llc(0x1a, 0x802, 0x0)
bind$llc(r1, &(0x7f0000000580)={0x1a, 0x0, 0x1, 0x3, 0x3, 0x4a}, 0x10)
close(r1)

202.035727ms ago: executing program 4 (id=410):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000003c0)='mm_page_alloc\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
r2 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xd3, 0x1, 0x0, 0x0, 0x0, 0xf, 0x9211, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={0x0, 0xc}, 0x14ce3, 0x100004, 0x0, 0x2, 0x6, 0x3}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000000, 0x11, r2, 0x0) (fail_nth: 1)

75.751184ms ago: executing program 6 (id=411):
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000480), r0)
sendmsg$NFC_CMD_DEP_LINK_UP(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000400000005000a00000000000800040000000000080001"], 0x2c}}, 0x0)
sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000040)={&(0x7f0000000040)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x4008005}, 0x4080)
socket$rds(0x15, 0x5, 0x0)
syz_io_uring_setup(0x2801, 0x0, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000b00)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r3}, 0x18)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

75.226605ms ago: executing program 4 (id=412):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0xc, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
write$nci(r1, 0x0, 0xfffffeea)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'ip6gre0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001240)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x4000000, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {0xffff, 0xffff}, {0x6, 0xfff3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x7, 0x0, 0x1fc, 0x0, 0xfffffc80, 0x0, 0x6, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x8, 0x0, 0x8, 0x1, 0xffffffff, 0x0, 0x0, 0x2, 0xffffffff, 0x2, 0xc00, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x80002, 0x0, 0x1000, 0xfffffffc, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x4000, 0x0, 0x0, 0xfffffffe, 0x5, 0x0, 0x0, 0x272, 0xb, 0x9, 0x10000001, 0x100, 0x0, 0x3, 0x0, 0x0, 0xe, 0x0, 0x2, 0xfffffffd, 0x0, 0x80007, 0x4, 0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xb9a, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x5e, 0x6, 0x8, 0x0, 0x0, 0x1, 0x3, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x4, 0x0, 0x0, 0xffffffff, 0xffff8000, 0x0, 0xffffffff, 0x1, 0x0, 0x800009, 0x0, 0x0, 0x8, 0x6, 0x9, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5, 0x0, 0x2000000, 0x100, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0xb6, 0x0, 0x1, 0x0, 0x7, 0x8, 0x0, 0xffffffff, 0xffff, 0x0, 0x0, 0xb3c, 0x0, 0x0, 0x4000, 0x0, 0x3, 0x0, 0x0, 0x8, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x9, 0x1, 0x7, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0xffffffff, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x2, 0x0, 0x0, 0x2, 0x13, 0x0, 0x0, 0xd79, 0x0, 0x0, 0x0, 0xaa, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x26c, 0x4, 0x7, 0x102, 0x0, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x6, 0x8, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe6]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xff, 0x2, 0x3, 0x0, 0x19, 0x40000000}, 0x0, 0x100007f, 0x2}}]}}]}, 0x45c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

72.681405ms ago: executing program 6 (id=413):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
read$hiddev(r0, &(0x7f00000000c0)=""/4092, 0xffc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, 0x0, &(0x7f0000001b80)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000480), r3)
sendmsg$NFC_CMD_DEP_LINK_UP(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000400000005000a00000000000800040000000000080001"], 0x2c}}, 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f00000010c0)=""/57}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mbind(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000001800)=0x7, 0x6, 0x1)
set_mempolicy_home_node(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0)

0s ago: executing program 4 (id=414):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
read$hiddev(r0, &(0x7f00000000c0)=""/4092, 0xffc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, 0x0, &(0x7f0000001b80)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000480), r3)
sendmsg$NFC_CMD_DEP_LINK_UP(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000400000005000a00000000000800040000000000080001"], 0x2c}}, 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f00000010c0)=""/57}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mbind(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000001800)=0x7, 0x6, 0x1)
set_mempolicy_home_node(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0)

kernel console output (not intermixed with test programs):

d solve the problem.
[   23.963847][ T3319] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   23.975355][ T3313] team0: Port device team_slave_0 added
[   23.988620][ T3319] batman_adv: batadv0: Adding interface: batadv_slave_1
[   23.995684][ T3319] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   24.021622][ T3319] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   24.032940][ T3313] team0: Port device team_slave_1 added
[   24.082140][ T3319] hsr_slave_0: entered promiscuous mode
[   24.088093][ T3319] hsr_slave_1: entered promiscuous mode
[   24.093921][ T3319] debugfs: 'hsr0' already exists in 'hsr'
[   24.099662][ T3319] Cannot create hsr debugfs directory
[   24.111453][ T3313] batman_adv: batadv0: Adding interface: batadv_slave_0
[   24.118387][ T3313] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   24.144286][ T3313] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   24.156909][ T3314] hsr_slave_0: entered promiscuous mode
[   24.163096][ T3314] hsr_slave_1: entered promiscuous mode
[   24.168907][ T3314] debugfs: 'hsr0' already exists in 'hsr'
[   24.174636][ T3314] Cannot create hsr debugfs directory
[   24.195192][ T3313] batman_adv: batadv0: Adding interface: batadv_slave_1
[   24.202158][ T3313] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   24.228046][ T3313] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   24.323308][ T3313] hsr_slave_0: entered promiscuous mode
[   24.329231][ T3313] hsr_slave_1: entered promiscuous mode
[   24.335156][ T3313] debugfs: 'hsr0' already exists in 'hsr'
[   24.340896][ T3313] Cannot create hsr debugfs directory
[   24.375906][ T3312] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   24.390690][ T3312] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   24.403595][ T3312] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   24.413496][ T3312] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   24.456681][ T3311] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   24.474295][ T3311] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   24.486360][ T3311] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   24.496023][ T3311] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   24.510045][ T3319] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   24.522856][ T3319] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   24.535344][ T3319] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   24.544059][ T3319] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   24.567751][ T3314] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   24.590731][ T3314] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   24.605098][ T3314] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   24.617772][ T3314] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   24.632731][ T3312] 8021q: adding VLAN 0 to HW filter on device bond0
[   24.654999][ T3311] 8021q: adding VLAN 0 to HW filter on device bond0
[   24.662502][ T3313] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   24.671585][ T3313] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   24.680415][ T3313] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   24.694445][ T3312] 8021q: adding VLAN 0 to HW filter on device team0
[   24.702454][ T3313] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   24.718189][   T61] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.725305][   T61] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.739577][   T61] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.746622][   T61] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.756978][ T3311] 8021q: adding VLAN 0 to HW filter on device team0
[   24.773385][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.780506][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.801270][   T61] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.808327][   T61] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.820845][ T3319] 8021q: adding VLAN 0 to HW filter on device bond0
[   24.856050][ T3319] 8021q: adding VLAN 0 to HW filter on device team0
[   24.868301][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.875413][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.884097][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.891195][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.921631][ T3314] 8021q: adding VLAN 0 to HW filter on device bond0
[   24.935722][ T3314] 8021q: adding VLAN 0 to HW filter on device team0
[   24.956758][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.963933][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.976928][   T57] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.984013][   T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.000455][ T3313] 8021q: adding VLAN 0 to HW filter on device bond0
[   25.030208][ T3312] 8021q: adding VLAN 0 to HW filter on device batadv0
[   25.047251][ T3313] 8021q: adding VLAN 0 to HW filter on device team0
[   25.058177][ T3314] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   25.068635][ T3314] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   25.090352][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.097417][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   25.107366][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.114433][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.126529][ T3311] 8021q: adding VLAN 0 to HW filter on device batadv0
[   25.146225][ T3319] 8021q: adding VLAN 0 to HW filter on device batadv0
[   25.236851][ T3314] 8021q: adding VLAN 0 to HW filter on device batadv0
[   25.263987][ T3313] 8021q: adding VLAN 0 to HW filter on device batadv0
[   25.304395][ T3312] veth0_vlan: entered promiscuous mode
[   25.328895][ T3311] veth0_vlan: entered promiscuous mode
[   25.342327][ T3319] veth0_vlan: entered promiscuous mode
[   25.349843][ T3312] veth1_vlan: entered promiscuous mode
[   25.362325][ T3319] veth1_vlan: entered promiscuous mode
[   25.370194][ T3311] veth1_vlan: entered promiscuous mode
[   25.394159][ T3311] veth0_macvtap: entered promiscuous mode
[   25.402735][ T3312] veth0_macvtap: entered promiscuous mode
[   25.410227][ T3312] veth1_macvtap: entered promiscuous mode
[   25.431590][ T3311] veth1_macvtap: entered promiscuous mode
[   25.440115][ T3314] veth0_vlan: entered promiscuous mode
[   25.446393][ T3319] veth0_macvtap: entered promiscuous mode
[   25.453456][ T3319] veth1_macvtap: entered promiscuous mode
[   25.473230][ T3311] batman_adv: batadv0: Interface activated: batadv_slave_0
[   25.480664][ T3313] veth0_vlan: entered promiscuous mode
[   25.487570][ T3311] batman_adv: batadv0: Interface activated: batadv_slave_1
[   25.502276][ T3319] batman_adv: batadv0: Interface activated: batadv_slave_0
[   25.511390][ T3312] batman_adv: batadv0: Interface activated: batadv_slave_0
[   25.520794][ T3314] veth1_vlan: entered promiscuous mode
[   25.527251][ T3319] batman_adv: batadv0: Interface activated: batadv_slave_1
[   25.535075][ T3313] veth1_vlan: entered promiscuous mode
[   25.544201][ T3312] batman_adv: batadv0: Interface activated: batadv_slave_1
[   25.565074][   T52] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   25.579271][   T52] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   25.592537][   T52] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   25.608382][   T29] kauditd_printk_skb: 9 callbacks suppressed
[   25.608394][   T29] audit: type=1400 audit(1761639519.367:81): avc:  denied  { mounton } for  pid=3319 comm="syz-executor" path="/root/syzkaller.FC4gEN/syz-tmp" dev="sda1" ino=2041 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   25.616939][   T52] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   25.638774][   T29] audit: type=1400 audit(1761639519.367:82): avc:  denied  { mount } for  pid=3319 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   25.651741][ T3313] veth0_macvtap: entered promiscuous mode
[   25.669334][   T29] audit: type=1400 audit(1761639519.367:83): avc:  denied  { mounton } for  pid=3319 comm="syz-executor" path="/root/syzkaller.FC4gEN/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   25.700148][   T29] audit: type=1400 audit(1761639519.367:84): avc:  denied  { mount } for  pid=3319 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   25.722005][   T29] audit: type=1400 audit(1761639519.367:85): avc:  denied  { mounton } for  pid=3319 comm="syz-executor" path="/root/syzkaller.FC4gEN/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   25.748652][   T29] audit: type=1400 audit(1761639519.367:86): avc:  denied  { mounton } for  pid=3319 comm="syz-executor" path="/root/syzkaller.FC4gEN/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=4607 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[   25.775962][   T29] audit: type=1400 audit(1761639519.367:87): avc:  denied  { unmount } for  pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   25.800248][   T29] audit: type=1400 audit(1761639519.367:88): avc:  denied  { mounton } for  pid=3319 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   25.800916][ T3314] veth0_macvtap: entered promiscuous mode
[   25.822957][   T29] audit: type=1400 audit(1761639519.367:89): avc:  denied  { mount } for  pid=3319 comm="syz-executor" name="/" dev="gadgetfs" ino=4608 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[   25.852704][ T3319] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   25.866409][ T3313] veth1_macvtap: entered promiscuous mode
[   25.874109][   T52] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   25.882985][   T52] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   25.891898][   T52] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   25.914837][   T29] audit: type=1400 audit(1761639519.667:90): avc:  denied  { read write } for  pid=3319 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   25.941684][ T3314] veth1_macvtap: entered promiscuous mode
[   25.949289][   T52] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   25.962328][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_0
[   25.981448][   T52] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   25.993177][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_1
[   26.012680][ T3314] batman_adv: batadv0: Interface activated: batadv_slave_0
[   26.022122][   T52] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   26.050671][   T52] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   26.062707][ T3488] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=3488 comm=syz.4.6
[   26.063268][ T3314] batman_adv: batadv0: Interface activated: batadv_slave_1
[   26.083196][   T52] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   26.111470][ T3488] netlink: 52 bytes leftover after parsing attributes in process `syz.4.6'.
[   26.120274][ T3488] netlink: 52 bytes leftover after parsing attributes in process `syz.4.6'.
[   26.128993][ T3488] netlink: 52 bytes leftover after parsing attributes in process `syz.4.6'.
[   26.146695][ T3496] =======================================================
[   26.146695][ T3496] WARNING: The mand mount option has been deprecated and
[   26.146695][ T3496]          and is ignored by this kernel. Remove the mand
[   26.146695][ T3496]          option from the mount to silence this warning.
[   26.146695][ T3496] =======================================================
[   26.151505][   T57] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   26.201838][ T3488] netlink: 52 bytes leftover after parsing attributes in process `syz.4.6'.
[   26.210611][ T3488] netlink: 52 bytes leftover after parsing attributes in process `syz.4.6'.
[   26.219294][ T3488] netlink: 52 bytes leftover after parsing attributes in process `syz.4.6'.
[   26.238838][   T57] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   26.270346][   T57] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   26.279065][   T57] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   26.294517][ T3488] netlink: 52 bytes leftover after parsing attributes in process `syz.4.6'.
[   26.301513][ T3501] netlink: 660 bytes leftover after parsing attributes in process `syz.2.10'.
[   26.303351][ T3488] netlink: 52 bytes leftover after parsing attributes in process `syz.4.6'.
[   26.316165][   T57] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   26.320785][ T3488] netlink: 52 bytes leftover after parsing attributes in process `syz.4.6'.
[   26.450285][   T57] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   26.479775][   T57] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   26.488622][   T57] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   26.595532][ T3525] loop1: detected capacity change from 0 to 512
[   26.635552][ T3525] ------------[ cut here ]------------
[   26.641182][ T3525] EA inode 11 i_nlink=2
[   26.641400][ T3525] WARNING: CPU: 0 PID: 3525 at fs/ext4/xattr.c:1058 ext4_xattr_inode_update_ref+0x36a/0x380
[   26.655815][ T3525] Modules linked in:
[   26.659834][ T3525] CPU: 0 UID: 0 PID: 3525 Comm: syz.1.18 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   26.662973][ T3532] netlink: 'syz.2.16': attribute type 9 has an invalid length.
[   26.669477][ T3525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   26.669506][ T3525] RIP: 0010:ext4_xattr_inode_update_ref+0x36a/0x380
[   26.669530][ T3525] Code: 90 49 8d 7e 40 e8 76 fd b8 ff 4d 8b 6e 40 4c 89 e7 e8 8a f8 b8 ff 41 8b 56 48 48 c7 c7 a5 c8 55 86 4c 89 ee e8 87 fb 67 ff 90 <0f> 0b 90 90 e9 ff fe ff ff e8 08 c9 b5 03 0f 1f 84 00 00 00 00 00
[   26.713447][ T3525] RSP: 0018:ffffc9000332b5a0 EFLAGS: 00010246
[   26.719631][ T3525] RAX: e993ebb649ea2500 RBX: ffff88811b4a4600 RCX: 0000000000080000
[   26.727599][ T3525] RDX: ffffc90001f83000 RSI: 0000000000004baa RDI: 0000000000004bab
[   26.735585][ T3525] RBP: 0000000000000002 R08: 0001c9000332b427 R09: 0000000000000000
[   26.743649][ T3525] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff88811b4a45b0
[   26.751664][ T3525] R13: 000000000000000b R14: ffff88811b4a4568 R15: 0000000000000001
[   26.759670][ T3525] FS:  00007f03b52176c0(0000) GS:ffff8882aee13000(0000) knlGS:0000000000000000
[   26.768660][ T3525] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   26.772788][ T3533] loop3: detected capacity change from 0 to 1024
[   26.775267][ T3525] CR2: fffffffffffffffa CR3: 000000011ba2e000 CR4: 00000000003506f0
[   26.789627][ T3525] Call Trace:
[   26.792900][ T3525]  <TASK>
[   26.794531][ T3533] EXT4-fs: inline encryption not supported
[   26.795880][ T3525]  ext4_xattr_set_entry+0x77f/0x1020
[   26.806930][ T3525]  ext4_xattr_ibody_set+0x184/0x3c0
[   26.812170][ T3525]  ext4_expand_extra_isize_ea+0xcbb/0x11f0
[   26.818018][ T3525]  __ext4_expand_extra_isize+0x246/0x280
[   26.823686][ T3525]  __ext4_mark_inode_dirty+0x29d/0x3f0
[   26.829198][ T3525]  ext4_evict_inode+0x80e/0xd90
[   26.834126][ T3525]  ? __pfx_ext4_evict_inode+0x10/0x10
[   26.839546][ T3525]  evict+0x2e3/0x550
[   26.843521][ T3525]  ? __dquot_initialize+0x146/0x7c0
[   26.848733][ T3525]  iput+0x4ed/0x650
[   26.852577][ T3525]  ext4_process_orphan+0x1a9/0x1c0
[   26.857747][ T3525]  ext4_orphan_cleanup+0x6a8/0xa00
[   26.862887][ T3525]  ext4_fill_super+0x3483/0x3810
[   26.867888][ T3525]  ? snprintf+0x86/0xb0
[   26.872063][ T3525]  ? set_blocksize+0x1a8/0x310
[   26.876825][ T3525]  ? sb_set_blocksize+0xe3/0x100
[   26.881841][ T3525]  ? setup_bdev_super+0x30e/0x370
[   26.886931][ T3525]  ? __pfx_ext4_fill_super+0x10/0x10
[   26.892263][ T3525]  get_tree_bdev_flags+0x291/0x300
[   26.897388][ T3525]  ? __pfx_ext4_fill_super+0x10/0x10
[   26.902808][ T3525]  get_tree_bdev+0x1f/0x30
[   26.907285][ T3525]  ext4_get_tree+0x1c/0x30
[   26.911874][ T3525]  vfs_get_tree+0x57/0x1d0
[   26.916339][ T3525]  do_new_mount+0x24d/0x660
[   26.920940][ T3525]  path_mount+0x4a5/0xb70
[   26.925328][ T3525]  ? user_path_at+0x109/0x130
[   26.930041][ T3525]  __se_sys_mount+0x28c/0x2e0
[   26.934929][ T3525]  __x64_sys_mount+0x67/0x80
[   26.939554][ T3525]  x64_sys_call+0x2b51/0x3000
[   26.944281][ T3525]  do_syscall_64+0xd2/0x200
[   26.948787][ T3525]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   26.954952][ T3525]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   26.960721][ T3525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   26.966713][ T3525] RIP: 0033:0x7f03b67b076a
[   26.971157][ T3525] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   26.990820][ T3525] RSP: 002b:00007f03b5216e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   26.999226][ T3525] RAX: ffffffffffffffda RBX: 00007f03b5216ef0 RCX: 00007f03b67b076a
[   27.002256][   T61] Bluetooth: hci0: Frame reassembly failed (-84)
[   27.007233][ T3525] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f03b5216eb0
[   27.021534][ T3525] RBP: 0000200000000180 R08: 00007f03b5216ef0 R09: 0000000001a08700
[   27.029547][ T3525] R10: 0000000001a08700 R11: 0000000000000246 R12: 00002000000001c0
[   27.037523][ T3525] R13: 00007f03b5216eb0 R14: 0000000000000470 R15: 0000200000000700
[   27.045555][ T3525]  </TASK>
[   27.048649][ T3525] ---[ end trace 0000000000000000 ]---
[   27.054376][ T3517] loop4: detected capacity change from 0 to 32768
[   27.066311][ T3525] EXT4-fs (loop1): 1 orphan inode deleted
[   27.075599][ T3525] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   27.075930][ T3533] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   27.109845][ T3535] hsr_slave_1 (unregistering): left promiscuous mode
[   27.112807][ T3525] syz.1.18 (3525) used greatest stack depth: 10680 bytes left
[   27.153507][ T3303]  loop4: p1 p2 p3 < p5 p6 >
[   27.199872][ T3303] loop4: p2 size 16775168 extends beyond EOD, truncated
[   27.214648][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   27.224801][ T3303] loop4: p5 start 4294970168 is beyond EOD, truncated
[   27.254737][ T3517]  loop4: p1 p2 p3 < p5 p6 >
[   27.260284][ T3517] loop4: p2 size 16775168 extends beyond EOD, truncated
[   27.278344][ T3517] loop4: p5 start 4294970168 is beyond EOD, truncated
[   27.289245][ T3539] loop2: detected capacity change from 0 to 2048
[   27.379836][ T3539]  loop2: p2 p3 p7
[   27.454073][ T3302] udevd[3302]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory
[   27.457284][ T3545] udevd[3545]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[   27.470583][ T3303] udevd[3303]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[   27.571956][ T3558] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   27.597964][ T3558] loop1: detected capacity change from 0 to 512
[   27.619972][ T3558] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   27.633159][ T3558] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   27.651480][ T3558] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[   27.699404][ T3558] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   27.763086][ T3543] udevd[3543]: inotify_add_watch(7, /dev/loop4p6, 10) failed: No such file or directory
[   27.777989][ T3303] udevd[3303]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   27.805803][ T3558] EXT4-fs (loop1): 1 truncate cleaned up
[   27.823989][ T3558] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   27.878652][ T3561] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   27.910985][ T3555] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   27.945632][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   27.992617][ T3565] bridge0: entered promiscuous mode
[   27.997854][ T3565] macsec1: entered promiscuous mode
[   28.013766][ T3565] loop4: detected capacity change from 0 to 512
[   28.030995][ T3565] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.29: inode has both inline data and extents flags
[   28.051896][ T3565] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.29: couldn't read orphan inode 15 (err -117)
[   28.079713][ T3565] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   28.180244][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   28.260791][ T3575] vhci_hcd: invalid port number 255
[   28.331651][ T3580] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   28.565359][ T3585] netlink: 'syz.1.36': attribute type 2 has an invalid length.
[   28.603916][ T3585] loop1: detected capacity change from 0 to 8192
[   28.797697][ T3591] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   28.814312][ T3591] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   28.829619][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   28.892422][ T3591] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   28.963562][ T3591] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   29.061677][ T3591] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   29.115745][   T31] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   29.139374][   T31] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   29.153405][ T3596] loop4: detected capacity change from 0 to 512
[   29.178258][   T31] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   29.198023][   T31] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   29.235835][ T3596] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   29.259855][ T3596] ext4 filesystem being mounted at /7/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   29.300762][ T3596] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #4: comm syz.4.38: corrupted inode contents
[   29.340001][ T3596] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #4: comm syz.4.38: mark_inode_dirty error
[   29.377920][ T3596] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #4: comm syz.4.38: corrupted inode contents
[   29.405448][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   29.405530][ T3596] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #4: comm syz.4.38: mark_inode_dirty error
[   29.465418][ T3596] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.38: Failed to acquire dquot type 1
[   29.489712][ T3609] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #4: comm syz.4.38: corrupted inode contents
[   29.574089][ T3609] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #4: comm syz.4.38: mark_inode_dirty error
[   29.596920][ T3607] Set syz1 is full, maxelem 65536 reached
[   29.615876][ T3609] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #4: comm syz.4.38: corrupted inode contents
[   29.682720][ T3609] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #4: comm syz.4.38: mark_inode_dirty error
[   29.698895][ T3615] binfmt_misc: register: failed to install interpreter file ./file0
[   29.728319][ T3609] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.38: Failed to acquire dquot type 1
[   29.780902][   T31] Bluetooth: hci0: Frame reassembly failed (-84)
[   29.787892][ T3617] syz.3.47 uses obsolete (PF_INET,SOCK_PACKET)
[   29.927587][ T3596] syz.4.38 (3596) used greatest stack depth: 9728 bytes left
[   29.953612][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   30.447176][ T3640] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=3640 comm=syz.1.55
[   30.644754][   T29] kauditd_printk_skb: 305 callbacks suppressed
[   30.644766][   T29] audit: type=1400 audit(1761639524.407:391): avc:  denied  { create } for  pid=3648 comm="syz.1.58" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   30.700393][   T29] audit: type=1400 audit(1761639524.407:392): avc:  denied  { write } for  pid=3648 comm="syz.1.58" name="file0" dev="tmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   30.722527][   T29] audit: type=1400 audit(1761639524.407:393): avc:  denied  { open } for  pid=3648 comm="syz.1.58" path="/23/file0" dev="tmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   30.744897][   T29] audit: type=1400 audit(1761639524.407:394): avc:  denied  { ioctl } for  pid=3648 comm="syz.1.58" path="/23/file0" dev="tmpfs" ino=140 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   30.809899][   T29] audit: type=1400 audit(1761639524.577:395): avc:  denied  { create } for  pid=3648 comm="syz.1.58" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   30.857252][ T3652] loop1: detected capacity change from 0 to 2048
[   30.921395][ T3652] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   31.019943][   T29] audit: type=1400 audit(1761639524.777:396): avc:  denied  { add_name } for  pid=3648 comm="syz.1.58" name=1F scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   31.039987][   T29] audit: type=1400 audit(1761639524.777:397): avc:  denied  { create } for  pid=3648 comm="syz.1.58" name=1F scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   31.139427][   T29] audit: type=1326 audit(1761639524.847:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3659 comm="syz.4.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f399834efc9 code=0x7ffc0000
[   31.163136][   T29] audit: type=1326 audit(1761639524.847:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3659 comm="syz.4.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f399834efc9 code=0x7ffc0000
[   31.186850][   T29] audit: type=1326 audit(1761639524.847:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3659 comm="syz.4.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f399834efc9 code=0x7ffc0000
[   31.286789][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   31.354960][ T3670] 9pnet_fd: p9_fd_create_tcp (3670): problem connecting socket to 127.0.0.1
[   31.367189][ T3669] bridge0: entered promiscuous mode
[   31.372673][ T3669] macsec1: entered promiscuous mode
[   31.384714][ T3669] loop1: detected capacity change from 0 to 512
[   31.398214][ T3669] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.64: inode has both inline data and extents flags
[   31.415126][ T3669] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.64: couldn't read orphan inode 15 (err -117)
[   31.429098][ T3669] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   31.470337][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   31.651524][ T3679] FAULT_INJECTION: forcing a failure.
[   31.651524][ T3679] name failslab, interval 1, probability 0, space 0, times 1
[   31.664260][ T3679] CPU: 0 UID: 0 PID: 3679 Comm: syz.1.68 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   31.664286][ T3679] Tainted: [W]=WARN
[   31.664291][ T3679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   31.664301][ T3679] Call Trace:
[   31.664307][ T3679]  <TASK>
[   31.664313][ T3679]  __dump_stack+0x1d/0x30
[   31.664334][ T3679]  dump_stack_lvl+0xe8/0x140
[   31.664355][ T3679]  dump_stack+0x15/0x1b
[   31.664446][ T3679]  should_fail_ex+0x265/0x280
[   31.664465][ T3679]  should_failslab+0x8c/0xb0
[   31.664493][ T3679]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   31.664623][ T3679]  ? __alloc_skb+0x101/0x320
[   31.664651][ T3679]  __alloc_skb+0x101/0x320
[   31.664675][ T3679]  ? audit_log_start+0x342/0x720
[   31.664697][ T3679]  audit_log_start+0x3a0/0x720
[   31.664731][ T3679]  ? kstrtouint+0x76/0xc0
[   31.664754][ T3679]  audit_seccomp+0x48/0x100
[   31.664796][ T3679]  ? __seccomp_filter+0x82d/0x1250
[   31.664880][ T3679]  __seccomp_filter+0x83e/0x1250
[   31.664904][ T3679]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   31.664933][ T3679]  ? vfs_write+0x7e8/0x960
[   31.665014][ T3679]  ? __rcu_read_unlock+0x4f/0x70
[   31.665036][ T3679]  ? __fget_files+0x184/0x1c0
[   31.665066][ T3679]  __secure_computing+0x82/0x150
[   31.665147][ T3679]  syscall_trace_enter+0xcf/0x1e0
[   31.665170][ T3679]  do_syscall_64+0xac/0x200
[   31.665184][ T3679]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   31.665205][ T3679]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   31.665283][ T3679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   31.665300][ T3679] RIP: 0033:0x7f03b67aefc9
[   31.665313][ T3679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   31.665350][ T3679] RSP: 002b:00007f03b5217038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[   31.665366][ T3679] RAX: ffffffffffffffda RBX: 00007f03b6a05fa0 RCX: 00007f03b67aefc9
[   31.665376][ T3679] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[   31.665386][ T3679] RBP: 00007f03b5217090 R08: 0000000000000000 R09: 0000000000000000
[   31.665396][ T3679] R10: 0000000000080800 R11: 0000000000000246 R12: 0000000000000001
[   31.665424][ T3679] R13: 00007f03b6a06038 R14: 00007f03b6a05fa0 R15: 00007ffcbaa67588
[   31.665441][ T3679]  </TASK>
[   31.829427][ T3534] Bluetooth: hci0: command 0x1003 tx timeout
[   31.843806][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   31.912410][    C0] hrtimer: interrupt took 27670 ns
[   31.992758][ T3685] __nla_validate_parse: 19 callbacks suppressed
[   31.992771][ T3685] netlink: 52 bytes leftover after parsing attributes in process `syz.1.71'.
[   32.007939][ T3685] netlink: 52 bytes leftover after parsing attributes in process `syz.1.71'.
[   32.016713][ T3685] netlink: 52 bytes leftover after parsing attributes in process `syz.1.71'.
[   32.073791][ T3685] netlink: 52 bytes leftover after parsing attributes in process `syz.1.71'.
[   32.082672][ T3685] netlink: 52 bytes leftover after parsing attributes in process `syz.1.71'.
[   32.091437][ T3685] netlink: 52 bytes leftover after parsing attributes in process `syz.1.71'.
[   32.121692][ T3683] FAULT_INJECTION: forcing a failure.
[   32.121692][ T3683] name failslab, interval 1, probability 0, space 0, times 0
[   32.134335][ T3683] CPU: 0 UID: 0 PID: 3683 Comm: syz.4.70 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   32.134362][ T3683] Tainted: [W]=WARN
[   32.134368][ T3683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   32.134428][ T3683] Call Trace:
[   32.134435][ T3683]  <TASK>
[   32.134442][ T3683]  __dump_stack+0x1d/0x30
[   32.134463][ T3683]  dump_stack_lvl+0xe8/0x140
[   32.134584][ T3683]  dump_stack+0x15/0x1b
[   32.134605][ T3683]  should_fail_ex+0x265/0x280
[   32.134665][ T3683]  ? resv_map_alloc+0x32/0x190
[   32.134690][ T3683]  should_failslab+0x8c/0xb0
[   32.134716][ T3683]  __kmalloc_cache_noprof+0x4c/0x4a0
[   32.134776][ T3683]  ? vfs_write+0x7e8/0x960
[   32.134795][ T3683]  resv_map_alloc+0x32/0x190
[   32.134818][ T3683]  hugetlbfs_get_inode+0x67/0x370
[   32.134846][ T3683]  hugetlb_file_setup+0x192/0x3d0
[   32.134872][ T3683]  ksys_mmap_pgoff+0x157/0x310
[   32.134903][ T3683]  x64_sys_call+0x14a3/0x3000
[   32.134924][ T3683]  do_syscall_64+0xd2/0x200
[   32.135006][ T3683]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   32.135086][ T3683]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   32.135114][ T3683]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   32.135135][ T3683] RIP: 0033:0x7f399834efc9
[   32.135150][ T3683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   32.135210][ T3683] RSP: 002b:00007f3996daf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   32.135226][ T3683] RAX: ffffffffffffffda RBX: 00007f39985a5fa0 RCX: 00007f399834efc9
[   32.135237][ T3683] RDX: 0000000000000002 RSI: 0000000000ff5000 RDI: 0000200000000000
[   32.135249][ T3683] RBP: 00007f3996daf090 R08: ffffffffffffffff R09: 0000000000000000
[   32.135261][ T3683] R10: 000000000004c831 R11: 0000000000000246 R12: 0000000000000001
[   32.135324][ T3683] R13: 00007f39985a6038 R14: 00007f39985a5fa0 R15: 00007fff7f662348
[   32.135338][ T3683]  </TASK>
[   32.356210][ T3685] netlink: 52 bytes leftover after parsing attributes in process `syz.1.71'.
[   32.365060][ T3685] netlink: 52 bytes leftover after parsing attributes in process `syz.1.71'.
[   32.373833][ T3685] netlink: 52 bytes leftover after parsing attributes in process `syz.1.71'.
[   32.489820][ T3692] netlink: 8 bytes leftover after parsing attributes in process `syz.1.72'.
[   32.576520][ T3702] loop1: detected capacity change from 0 to 512
[   32.615630][ T3703] loop3: detected capacity change from 0 to 512
[   32.670533][ T3703] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.751107][ T3721] FAULT_INJECTION: forcing a failure.
[   32.751107][ T3721] name failslab, interval 1, probability 0, space 0, times 0
[   32.763828][ T3721] CPU: 1 UID: 0 PID: 3721 Comm: syz.1.81 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   32.763854][ T3721] Tainted: [W]=WARN
[   32.763861][ T3721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   32.763888][ T3721] Call Trace:
[   32.763893][ T3721]  <TASK>
[   32.763898][ T3721]  __dump_stack+0x1d/0x30
[   32.763917][ T3721]  dump_stack_lvl+0xe8/0x140
[   32.763933][ T3721]  dump_stack+0x15/0x1b
[   32.763947][ T3721]  should_fail_ex+0x265/0x280
[   32.763987][ T3721]  should_failslab+0x8c/0xb0
[   32.764039][ T3721]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   32.764065][ T3721]  ? __alloc_skb+0x101/0x320
[   32.764088][ T3721]  ? __rtnl_unlock+0x95/0xb0
[   32.764141][ T3721]  __alloc_skb+0x101/0x320
[   32.764164][ T3721]  netlink_ack+0xfd/0x500
[   32.764191][ T3721]  netlink_rcv_skb+0x192/0x220
[   32.764218][ T3721]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   32.764299][ T3721]  rtnetlink_rcv+0x1c/0x30
[   32.764315][ T3721]  netlink_unicast+0x5c0/0x690
[   32.764339][ T3721]  netlink_sendmsg+0x58b/0x6b0
[   32.764357][ T3721]  ? __pfx_netlink_sendmsg+0x10/0x10
[   32.764413][ T3721]  __sock_sendmsg+0x145/0x180
[   32.764471][ T3721]  ____sys_sendmsg+0x31e/0x4e0
[   32.764501][ T3721]  ___sys_sendmsg+0x17b/0x1d0
[   32.764602][ T3721]  __x64_sys_sendmsg+0xd4/0x160
[   32.764649][ T3721]  x64_sys_call+0x191e/0x3000
[   32.764670][ T3721]  do_syscall_64+0xd2/0x200
[   32.764685][ T3721]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   32.764707][ T3721]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   32.764734][ T3721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   32.764768][ T3721] RIP: 0033:0x7f03b67aefc9
[   32.764783][ T3721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   32.764798][ T3721] RSP: 002b:00007f03b5217038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   32.764815][ T3721] RAX: ffffffffffffffda RBX: 00007f03b6a05fa0 RCX: 00007f03b67aefc9
[   32.764855][ T3721] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000003
[   32.764867][ T3721] RBP: 00007f03b5217090 R08: 0000000000000000 R09: 0000000000000000
[   32.764879][ T3721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   32.764891][ T3721] R13: 00007f03b6a06038 R14: 00007f03b6a05fa0 R15: 00007ffcbaa67588
[   32.764910][ T3721]  </TASK>
[   33.174495][ T3748] loop1: detected capacity change from 0 to 512
[   33.211796][ T3748] EXT4-fs (loop1): filesystem is read-only
[   33.236284][ T3748] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   33.251747][ T3748] EXT4-fs (loop1): filesystem is read-only
[   33.257618][ T3748] EXT4-fs (loop1): orphan cleanup on readonly fs
[   33.264480][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.279555][ T3748] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #16: comm syz.1.87: iget: bad i_size value: 648518346341360424
[   33.301528][ T3748] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.87: couldn't read orphan inode 16 (err -117)
[   33.372627][ T3748] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   33.414037][ T3748] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   33.485033][ T3748] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   33.572659][ T3748] bond0 (unregistering): Released all slaves
[   33.834574][ T3769] FAULT_INJECTION: forcing a failure.
[   33.834574][ T3769] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   33.847817][ T3769] CPU: 0 UID: 0 PID: 3769 Comm: syz.4.96 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   33.847847][ T3769] Tainted: [W]=WARN
[   33.847868][ T3769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   33.847880][ T3769] Call Trace:
[   33.847886][ T3769]  <TASK>
[   33.847894][ T3769]  __dump_stack+0x1d/0x30
[   33.847916][ T3769]  dump_stack_lvl+0xe8/0x140
[   33.847964][ T3769]  dump_stack+0x15/0x1b
[   33.847978][ T3769]  should_fail_ex+0x265/0x280
[   33.847995][ T3769]  should_fail+0xb/0x20
[   33.848011][ T3769]  should_fail_usercopy+0x1a/0x20
[   33.848029][ T3769]  _copy_to_user+0x20/0xa0
[   33.848049][ T3769]  rng_dev_read+0x3ef/0x740
[   33.848086][ T3769]  ? __pfx_rng_dev_read+0x10/0x10
[   33.848109][ T3769]  vfs_readv+0x3fb/0x690
[   33.848146][ T3769]  __x64_sys_preadv+0xfd/0x1c0
[   33.848245][ T3769]  x64_sys_call+0x282e/0x3000
[   33.848263][ T3769]  do_syscall_64+0xd2/0x200
[   33.848277][ T3769]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   33.848299][ T3769]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   33.848417][ T3769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   33.848435][ T3769] RIP: 0033:0x7f399834efc9
[   33.848447][ T3769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   33.848462][ T3769] RSP: 002b:00007f3996daf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[   33.848481][ T3769] RAX: ffffffffffffffda RBX: 00007f39985a5fa0 RCX: 00007f399834efc9
[   33.848496][ T3769] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000003
[   33.848508][ T3769] RBP: 00007f3996daf090 R08: 0000000000000000 R09: 0000000000000000
[   33.848521][ T3769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   33.848532][ T3769] R13: 00007f39985a6038 R14: 00007f39985a5fa0 R15: 00007fff7f662348
[   33.848550][ T3769]  </TASK>
[   34.299990][ T3776] loop3: detected capacity change from 0 to 512
[   34.371061][ T3776] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.99: Failed to acquire dquot type 1
[   34.393025][ T3776] EXT4-fs (loop3): 1 truncate cleaned up
[   34.402651][ T3776] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.445602][ T3776] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   34.456153][ T3788] veth0: entered promiscuous mode
[   34.527761][ T3788] infiniband syz0: set active
[   34.532516][ T3788] infiniband syz0: added bond_slave_0
[   34.555809][ T3788] RDS/IB: syz0: added
[   34.572551][ T3788] smc: adding ib device syz0 with port count 1
[   34.588935][ T3788] smc:    ib device syz0 port 1 has no pnetid
[   34.710158][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.125096][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.139907][ T3787] veth0: left promiscuous mode
[   35.204054][ T3801] netlink: 'syz.3.104': attribute type 46 has an invalid length.
[   35.218985][ T3806] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=3806 comm=syz.4.106
[   35.263635][ T3809] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=3809 comm=syz.3.107
[   35.307434][ T3814] Zero length message leads to an empty skb
[   35.404471][ T3823] dvmrp1: entered allmulticast mode
[   35.649997][   T29] kauditd_printk_skb: 600 callbacks suppressed
[   35.650009][   T29] audit: type=1326 audit(1761639529.417:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3813 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3998345e67 code=0x7ffc0000
[   35.679417][   T29] audit: type=1326 audit(1761639529.417:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3813 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f39982eb099 code=0x7ffc0000
[   35.702613][   T29] audit: type=1326 audit(1761639529.417:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3813 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f399834efc9 code=0x7ffc0000
[   35.756439][   T29] audit: type=1326 audit(1761639529.447:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3813 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3998345e67 code=0x7ffc0000
[   35.779684][   T29] audit: type=1326 audit(1761639529.447:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3813 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f39982eb099 code=0x7ffc0000
[   35.803026][   T29] audit: type=1326 audit(1761639529.447:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3813 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f399834efc9 code=0x7ffc0000
[   35.826320][   T29] audit: type=1326 audit(1761639529.447:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3813 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3998345e67 code=0x7ffc0000
[   35.849658][   T29] audit: type=1326 audit(1761639529.447:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3813 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f39982eb099 code=0x7ffc0000
[   35.872869][   T29] audit: type=1326 audit(1761639529.447:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3813 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f399834efc9 code=0x7ffc0000
[   35.896239][   T29] audit: type=1326 audit(1761639529.467:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3813 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3998345e67 code=0x7ffc0000
[   36.150401][ T3852] loop1: detected capacity change from 0 to 512
[   36.164139][ T3852] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.117: inode has both inline data and extents flags
[   36.209989][ T3852] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.117: couldn't read orphan inode 15 (err -117)
[   36.231395][ T3856] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=3856 comm=syz.3.118
[   36.264885][ T3852] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.389221][ T3865] syz0: rxe_newlink: already configured on bond_slave_0
[   36.728016][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.757242][ T3895] loop3: detected capacity change from 0 to 512
[   36.780093][ T3895] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   36.897792][ T3905] loop1: detected capacity change from 0 to 512
[   36.932135][ T3909] loop4: detected capacity change from 0 to 128
[   36.981190][ T3909] syz.4.135: attempt to access beyond end of device
[   36.981190][ T3909] loop4: rw=2049, sector=138, nr_sectors = 64 limit=128
[   36.999776][ T3909] syz.4.135: attempt to access beyond end of device
[   36.999776][ T3909] loop4: rw=2049, sector=218, nr_sectors = 8 limit=128
[   37.024144][ T3909] syz.4.135: attempt to access beyond end of device
[   37.024144][ T3909] loop4: rw=2049, sector=224, nr_sectors = 2 limit=128
[   37.037536][ T3909] Buffer I/O error on dev loop4, logical block 112, lost async page write
[   37.083443][ T3909] syz.4.135: attempt to access beyond end of device
[   37.083443][ T3909] loop4: rw=2049, sector=226, nr_sectors = 8 limit=128
[   37.117314][ T3909] syz.4.135: attempt to access beyond end of device
[   37.117314][ T3909] loop4: rw=2049, sector=232, nr_sectors = 2 limit=128
[   37.130641][ T3909] Buffer I/O error on dev loop4, logical block 116, lost async page write
[   37.150736][ T3919] FAULT_INJECTION: forcing a failure.
[   37.150736][ T3919] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   37.163818][ T3919] CPU: 1 UID: 0 PID: 3919 Comm: syz.3.131 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   37.163883][ T3919] Tainted: [W]=WARN
[   37.163888][ T3919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   37.163966][ T3919] Call Trace:
[   37.163972][ T3919]  <TASK>
[   37.163979][ T3919]  __dump_stack+0x1d/0x30
[   37.163997][ T3919]  dump_stack_lvl+0xe8/0x140
[   37.164013][ T3919]  dump_stack+0x15/0x1b
[   37.164029][ T3919]  should_fail_ex+0x265/0x280
[   37.164044][ T3919]  should_fail+0xb/0x20
[   37.164056][ T3919]  should_fail_usercopy+0x1a/0x20
[   37.164071][ T3919]  strncpy_from_user+0x25/0x230
[   37.164124][ T3919]  ? kmem_cache_alloc_noprof+0x242/0x480
[   37.164145][ T3919]  ? getname_flags+0x80/0x3b0
[   37.164168][ T3919]  getname_flags+0xae/0x3b0
[   37.164190][ T3919]  __x64_sys_mkdir+0x33/0x50
[   37.164237][ T3919]  x64_sys_call+0x2db9/0x3000
[   37.164254][ T3919]  do_syscall_64+0xd2/0x200
[   37.164268][ T3919]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   37.164289][ T3919]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   37.164355][ T3919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.164372][ T3919] RIP: 0033:0x7fb50d8befc9
[   37.164417][ T3919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   37.164433][ T3919] RSP: 002b:00007fb50c2e5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[   37.164453][ T3919] RAX: ffffffffffffffda RBX: 00007fb50db16180 RCX: 00007fb50d8befc9
[   37.164462][ T3919] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000200000000140
[   37.164471][ T3919] RBP: 00007fb50c2e5090 R08: 0000000000000000 R09: 0000000000000000
[   37.164479][ T3919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   37.164513][ T3919] R13: 00007fb50db16218 R14: 00007fb50db16180 R15: 00007ffcb2929178
[   37.164525][ T3919]  </TASK>
[   37.200832][ T3909] syz.4.135: attempt to access beyond end of device
[   37.200832][ T3909] loop4: rw=2049, sector=234, nr_sectors = 8 limit=128
[   37.385500][ T3909] syz.4.135: attempt to access beyond end of device
[   37.385500][ T3909] loop4: rw=2049, sector=240, nr_sectors = 2 limit=128
[   37.399617][ T3909] Buffer I/O error on dev loop4, logical block 120, lost async page write
[   37.435391][ T3909] syz.4.135: attempt to access beyond end of device
[   37.435391][ T3909] loop4: rw=2049, sector=242, nr_sectors = 8 limit=128
[   37.475514][ T3909] syz.4.135: attempt to access beyond end of device
[   37.475514][ T3909] loop4: rw=2049, sector=248, nr_sectors = 2 limit=128
[   37.488870][ T3909] Buffer I/O error on dev loop4, logical block 124, lost async page write
[   37.511102][ T3909] syz.4.135: attempt to access beyond end of device
[   37.511102][ T3909] loop4: rw=2049, sector=202, nr_sectors = 8 limit=128
[   37.529805][ T3909] Buffer I/O error on dev loop4, logical block 104, lost async page write
[   37.541013][ T3909] Buffer I/O error on dev loop4, logical block 108, lost async page write
[   37.793214][ T3927] loop1: detected capacity change from 0 to 512
[   37.815295][ T3927] msdos: Unknown parameter '-¡kŒ’•du›L
+ùÄGÚfÈÆâ}*mpm	$Ûô*'
[   37.995085][ T3939] loop3: detected capacity change from 0 to 512
[   38.023204][ T3939] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   38.034714][ T3939] EXT4-fs (loop3): orphan cleanup on readonly fs
[   38.059705][ T3939] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.144: corrupted inode contents
[   38.090522][ T3939] EXT4-fs (loop3): Remounting filesystem read-only
[   38.111199][ T3947] loop1: detected capacity change from 0 to 1024
[   38.117377][ T3939] EXT4-fs (loop3): 1 truncate cleaned up
[   38.123622][   T31] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   38.134140][   T31] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   38.148196][ T3947] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   38.159111][ T3947] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   38.194376][ T3947] JBD2: no valid journal superblock found
[   38.199170][   T31] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   38.200305][ T3947] EXT4-fs (loop1): Could not load journal inode
[   38.229880][ T3939] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   38.250190][ T3939] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.259596][ T3947] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   38.298222][ T3949] loop1: detected capacity change from 0 to 164
[   38.324403][ T3949] Unable to read rock-ridge attributes
[   38.417348][ T3957] Unable to read rock-ridge attributes
[   38.433516][ T3957] iso9660: Corrupted directory entry in block 4 of inode 1792
[   38.452430][ T3957] Unable to read rock-ridge attributes
[   38.458651][ T3959] loop3: detected capacity change from 0 to 128
[   38.490737][ T3421] Process accounting resumed
[   38.495389][ T3421] FAT-fs (loop3): error, corrupted file size (i_pos 548, 512)
[   38.502987][ T3421] FAT-fs (loop3): Filesystem has been set read-only
[   39.597853][ T3998] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=3998 comm=syz.3.166
[   39.611185][ T3998] __nla_validate_parse: 20 callbacks suppressed
[   39.611213][ T3998] netlink: 52 bytes leftover after parsing attributes in process `syz.3.166'.
[   39.626344][ T3998] netlink: 52 bytes leftover after parsing attributes in process `syz.3.166'.
[   39.635316][ T3998] netlink: 52 bytes leftover after parsing attributes in process `syz.3.166'.
[   39.739891][ T4000] FAULT_INJECTION: forcing a failure.
[   39.739891][ T4000] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   39.753066][ T4000] CPU: 1 UID: 0 PID: 4000 Comm: syz.1.167 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   39.753093][ T4000] Tainted: [W]=WARN
[   39.753100][ T4000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   39.753112][ T4000] Call Trace:
[   39.753119][ T4000]  <TASK>
[   39.753204][ T4000]  __dump_stack+0x1d/0x30
[   39.753226][ T4000]  dump_stack_lvl+0xe8/0x140
[   39.753268][ T4000]  dump_stack+0x15/0x1b
[   39.753282][ T4000]  should_fail_ex+0x265/0x280
[   39.753300][ T4000]  should_fail+0xb/0x20
[   39.753316][ T4000]  should_fail_usercopy+0x1a/0x20
[   39.753394][ T4000]  _copy_to_user+0x20/0xa0
[   39.753418][ T4000]  simple_read_from_buffer+0xb5/0x130
[   39.753440][ T4000]  proc_fail_nth_read+0x10e/0x150
[   39.753472][ T4000]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   39.753499][ T4000]  vfs_read+0x1a8/0x770
[   39.753571][ T4000]  ? rtnl_unlock+0xe/0x20
[   39.753604][ T4000]  ? __rcu_read_unlock+0x4f/0x70
[   39.753648][ T4000]  ? __fget_files+0x184/0x1c0
[   39.753671][ T4000]  ksys_read+0xda/0x1a0
[   39.753742][ T4000]  __x64_sys_read+0x40/0x50
[   39.753761][ T4000]  x64_sys_call+0x27c0/0x3000
[   39.753860][ T4000]  do_syscall_64+0xd2/0x200
[   39.753880][ T4000]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   39.753949][ T4000]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   39.753974][ T4000]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   39.753995][ T4000] RIP: 0033:0x7f03b67ad9dc
[   39.754011][ T4000] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   39.754025][ T4000] RSP: 002b:00007f03b5217030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   39.754140][ T4000] RAX: ffffffffffffffda RBX: 00007f03b6a05fa0 RCX: 00007f03b67ad9dc
[   39.754151][ T4000] RDX: 000000000000000f RSI: 00007f03b52170a0 RDI: 0000000000000004
[   39.754202][ T4000] RBP: 00007f03b5217090 R08: 0000000000000000 R09: 0000000000000000
[   39.754214][ T4000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   39.754227][ T4000] R13: 00007f03b6a06038 R14: 00007f03b6a05fa0 R15: 00007ffcbaa67588
[   39.754242][ T4000]  </TASK>
[   40.013793][ T3998] netlink: 52 bytes leftover after parsing attributes in process `syz.3.166'.
[   40.022705][ T3998] netlink: 52 bytes leftover after parsing attributes in process `syz.3.166'.
[   40.031572][ T3998] netlink: 52 bytes leftover after parsing attributes in process `syz.3.166'.
[   40.206608][ T3998] netlink: 52 bytes leftover after parsing attributes in process `syz.3.166'.
[   40.215598][ T3998] netlink: 52 bytes leftover after parsing attributes in process `syz.3.166'.
[   40.224503][ T3998] netlink: 52 bytes leftover after parsing attributes in process `syz.3.166'.
[   40.336870][ T4023] loop1: detected capacity change from 0 to 2048
[   40.460875][ T4023] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.476870][ T4040] loop4: detected capacity change from 0 to 2048
[   40.493902][ T4023] FAULT_INJECTION: forcing a failure.
[   40.493902][ T4023] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   40.506987][ T4023] CPU: 0 UID: 0 PID: 4023 Comm: syz.1.175 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   40.507017][ T4023] Tainted: [W]=WARN
[   40.507023][ T4023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   40.507035][ T4023] Call Trace:
[   40.507043][ T4023]  <TASK>
[   40.507050][ T4023]  __dump_stack+0x1d/0x30
[   40.507114][ T4023]  dump_stack_lvl+0xe8/0x140
[   40.507134][ T4023]  dump_stack+0x15/0x1b
[   40.507150][ T4023]  should_fail_ex+0x265/0x280
[   40.507165][ T4023]  should_fail+0xb/0x20
[   40.507183][ T4023]  should_fail_usercopy+0x1a/0x20
[   40.507277][ T4023]  _copy_to_user+0x20/0xa0
[   40.507297][ T4023]  generic_map_lookup_batch+0x542/0x7e0
[   40.507329][ T4023]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[   40.507350][ T4023]  bpf_map_do_batch+0x1bc/0x380
[   40.507370][ T4023]  ? security_bpf+0x2b/0x90
[   40.507432][ T4023]  __sys_bpf+0x497/0x7c0
[   40.507456][ T4023]  __x64_sys_bpf+0x41/0x50
[   40.507482][ T4023]  x64_sys_call+0x2aee/0x3000
[   40.507502][ T4023]  do_syscall_64+0xd2/0x200
[   40.507587][ T4023]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   40.507612][ T4023]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   40.507635][ T4023]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.507719][ T4023] RIP: 0033:0x7f03b67aefc9
[   40.507734][ T4023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   40.507750][ T4023] RSP: 002b:00007f03b5217038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   40.507766][ T4023] RAX: ffffffffffffffda RBX: 00007f03b6a05fa0 RCX: 00007f03b67aefc9
[   40.507807][ T4023] RDX: 0000000000000038 RSI: 0000200000000240 RDI: 0000000000000018
[   40.507819][ T4023] RBP: 00007f03b5217090 R08: 0000000000000000 R09: 0000000000000000
[   40.507844][ T4023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   40.507856][ T4023] R13: 00007f03b6a06038 R14: 00007f03b6a05fa0 R15: 00007ffcbaa67588
[   40.507874][ T4023]  </TASK>
[   40.764204][   T29] kauditd_printk_skb: 2708 callbacks suppressed
[   40.764218][   T29] audit: type=1326 audit(1761639534.527:3709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4044 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb50d8befc9 code=0x7ffc0000
[   40.850142][ T4040] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.869590][   T29] audit: type=1326 audit(1761639534.557:3710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4044 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7fb50d8befc9 code=0x7ffc0000
[   40.892924][   T29] audit: type=1326 audit(1761639534.557:3711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4044 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb50d8befc9 code=0x7ffc0000
[   40.893160][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.916198][   T29] audit: type=1326 audit(1761639534.557:3712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4044 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=450 compat=0 ip=0x7fb50d8befc9 code=0x7ffc0000
[   40.916219][   T29] audit: type=1326 audit(1761639534.557:3713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4044 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb50d8befc9 code=0x7ffc0000
[   40.971699][   T29] audit: type=1326 audit(1761639534.567:3714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4022 comm="syz.1.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b67aefc9 code=0x7ffc0000
[   40.995009][   T29] audit: type=1326 audit(1761639534.567:3715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4022 comm="syz.1.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b67aefc9 code=0x7ffc0000
[   41.109394][   T61] Bluetooth: hci0: Frame reassembly failed (-84)
[   41.122931][   T29] audit: type=1326 audit(1761639534.887:3716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4037 comm="syz.4.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f399834efc9 code=0x7ffc0000
[   41.163102][   T29] audit: type=1326 audit(1761639534.897:3717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4037 comm="syz.4.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f399834efc9 code=0x7ffc0000
[   41.186532][   T29] audit: type=1326 audit(1761639534.897:3718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4037 comm="syz.4.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f399834efc9 code=0x7ffc0000
[   41.211721][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.252704][ T4064] FAULT_INJECTION: forcing a failure.
[   41.252704][ T4064] name failslab, interval 1, probability 0, space 0, times 0
[   41.265419][ T4064] CPU: 0 UID: 0 PID: 4064 Comm: syz.4.190 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   41.265449][ T4064] Tainted: [W]=WARN
[   41.265455][ T4064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   41.265535][ T4064] Call Trace:
[   41.265541][ T4064]  <TASK>
[   41.265548][ T4064]  __dump_stack+0x1d/0x30
[   41.265566][ T4064]  dump_stack_lvl+0xe8/0x140
[   41.265582][ T4064]  dump_stack+0x15/0x1b
[   41.265665][ T4064]  should_fail_ex+0x265/0x280
[   41.265684][ T4064]  ? raw_open+0x5b/0x1d0
[   41.265753][ T4064]  should_failslab+0x8c/0xb0
[   41.265778][ T4064]  __kmalloc_cache_noprof+0x4c/0x4a0
[   41.265808][ T4064]  ? __pfx_raw_open+0x10/0x10
[   41.265908][ T4064]  raw_open+0x5b/0x1d0
[   41.265975][ T4064]  ? __pfx_raw_open+0x10/0x10
[   41.265999][ T4064]  misc_open+0x1df/0x220
[   41.266028][ T4064]  chrdev_open+0x2eb/0x3a0
[   41.266056][ T4064]  do_dentry_open+0x649/0xa20
[   41.266074][ T4064]  ? __pfx_chrdev_open+0x10/0x10
[   41.266127][ T4064]  vfs_open+0x37/0x1e0
[   41.266145][ T4064]  path_openat+0x1c5e/0x2170
[   41.266166][ T4064]  ? css_rstat_updated+0xb7/0x240
[   41.266193][ T4064]  do_filp_open+0x109/0x230
[   41.266259][ T4064]  do_sys_openat2+0xa6/0x110
[   41.266277][ T4064]  __x64_sys_openat+0xf2/0x120
[   41.266295][ T4064]  x64_sys_call+0x2eab/0x3000
[   41.266317][ T4064]  do_syscall_64+0xd2/0x200
[   41.266333][ T4064]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   41.266385][ T4064]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   41.266414][ T4064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.266470][ T4064] RIP: 0033:0x7f399834d810
[   41.266482][ T4064] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44
[   41.266498][ T4064] RSP: 002b:00007f3996dacef0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[   41.266515][ T4064] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f399834d810
[   41.266529][ T4064] RDX: 0000000000000002 RSI: 00007f39983d1c6c RDI: 00000000ffffff9c
[   41.266540][ T4064] RBP: 00007f39983d1c6c R08: 0000000000000000 R09: 0000000000000000
[   41.266551][ T4064] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[   41.266561][ T4064] R13: 0000000000000036 R14: 0000200000000000 R15: 00007fff7f662348
[   41.266576][ T4064]  </TASK>
[   41.794045][ T4080] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.833298][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.851114][ T4085] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   41.873402][ T4080] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.887442][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.933301][ T4080] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.973252][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.003504][ T4072] chnl_net:caif_netlink_parms(): no params data found
[   42.015216][ T4080] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.055122][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.103981][ T4072] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.111104][ T4072] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.118392][ T4072] bridge_slave_0: entered allmulticast mode
[   42.125360][ T4072] bridge_slave_0: entered promiscuous mode
[   42.162328][   T61] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   42.173705][   T61] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   42.182409][ T4072] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.189503][ T4072] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.205201][ T4072] bridge_slave_1: entered allmulticast mode
[   42.211713][ T4072] bridge_slave_1: entered promiscuous mode
[   42.238687][   T61] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   42.247118][   T12] bridge_slave_1: left allmulticast mode
[   42.252839][   T12] bridge_slave_1: left promiscuous mode
[   42.258487][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.290296][   T12] bridge_slave_0: left allmulticast mode
[   42.295951][   T12] bridge_slave_0: left promiscuous mode
[   42.301732][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.392393][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   42.403220][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   42.412758][   T12] bond0 (unregistering): Released all slaves
[   42.433285][   T61] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   42.444094][ T4102] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.470318][ T4104] tipc: Started in network mode
[   42.475211][ T4104] tipc: Node identity e26638cd95b5, cluster identity 4711
[   42.482443][ T4104] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   42.490576][ T4072] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   42.504905][ T4102] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.547454][ T4072] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   42.561901][   T12] hsr_slave_0: left promiscuous mode
[   42.567634][   T12] hsr_slave_1: left promiscuous mode
[   42.575416][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   42.582874][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[   42.590664][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   42.598028][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[   42.608585][   T12] veth1_macvtap: left promiscuous mode
[   42.614169][   T12] veth0_macvtap: left promiscuous mode
[   42.619933][   T12] veth1_vlan: left promiscuous mode
[   42.625163][   T12] veth0_vlan: left promiscuous mode
[   42.693135][   T12] team0 (unregistering): Port device team_slave_1 removed
[   42.705046][   T12] team0 (unregistering): Port device team_slave_0 removed
[   42.766734][ T4072] team0: Port device team_slave_0 added
[   42.796610][ T4072] team0: Port device team_slave_1 added
[   42.806105][ T4102] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.867382][ T4072] batman_adv: batadv0: Adding interface: batadv_slave_0
[   42.874392][ T4072] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   42.900320][ T4072] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   42.917928][ T4102] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.936485][ T4072] batman_adv: batadv0: Adding interface: batadv_slave_1
[   42.943488][ T4072] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   42.969409][ T4072] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   42.993904][ T4134] dvmrp0: entered allmulticast mode
[   43.022395][ T4072] hsr_slave_0: entered promiscuous mode
[   43.028425][ T4072] hsr_slave_1: entered promiscuous mode
[   43.035001][ T4072] debugfs: 'hsr0' already exists in 'hsr'
[   43.040790][ T4072] Cannot create hsr debugfs directory
[   43.061602][   T52] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   43.076560][   T52] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   43.102039][   T52] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   43.140000][   T52] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   43.150547][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   43.166407][ T4102] tipc: Disabling bearer <eth:syzkaller0>
[   43.249779][ T4149] FAULT_INJECTION: forcing a failure.
[   43.249779][ T4149] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   43.251944][ T4155] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4155 comm=syz.4.209
[   43.262953][ T4149] CPU: 0 UID: 0 PID: 4149 Comm: syz.1.207 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   43.262979][ T4149] Tainted: [W]=WARN
[   43.262984][ T4149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   43.262994][ T4149] Call Trace:
[   43.262999][ T4149]  <TASK>
[   43.263084][ T4149]  __dump_stack+0x1d/0x30
[   43.263106][ T4149]  dump_stack_lvl+0xe8/0x140
[   43.263125][ T4149]  dump_stack+0x15/0x1b
[   43.263141][ T4149]  should_fail_ex+0x265/0x280
[   43.263159][ T4149]  should_fail+0xb/0x20
[   43.263271][ T4149]  should_fail_usercopy+0x1a/0x20
[   43.263290][ T4149]  _copy_from_iter+0xd2/0xe80
[   43.263327][ T4149]  ? __build_skb_around+0x1ab/0x200
[   43.263353][ T4149]  ? __alloc_skb+0x223/0x320
[   43.263380][ T4149]  netlink_sendmsg+0x471/0x6b0
[   43.263470][ T4149]  ? __pfx_netlink_sendmsg+0x10/0x10
[   43.263487][ T4149]  __sock_sendmsg+0x145/0x180
[   43.263509][ T4149]  ____sys_sendmsg+0x31e/0x4e0
[   43.263539][ T4149]  ___sys_sendmsg+0x17b/0x1d0
[   43.263655][ T4149]  __x64_sys_sendmsg+0xd4/0x160
[   43.263686][ T4149]  x64_sys_call+0x191e/0x3000
[   43.263755][ T4149]  do_syscall_64+0xd2/0x200
[   43.263772][ T4149]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   43.263796][ T4149]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   43.263886][ T4149]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.263907][ T4149] RIP: 0033:0x7f03b67aefc9
[   43.263921][ T4149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.263937][ T4149] RSP: 002b:00007f03b5217038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   43.263955][ T4149] RAX: ffffffffffffffda RBX: 00007f03b6a05fa0 RCX: 00007f03b67aefc9
[   43.263966][ T4149] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000004
[   43.263994][ T4149] RBP: 00007f03b5217090 R08: 0000000000000000 R09: 0000000000000000
[   43.264006][ T4149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   43.264067][ T4149] R13: 00007f03b6a06038 R14: 00007f03b6a05fa0 R15: 00007ffcbaa67588
[   43.264083][ T4149]  </TASK>
[   43.276732][ T4072] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   43.388314][ T4155] netlink: 52 bytes leftover after parsing attributes in process `syz.4.209'.
[   43.507771][ T4072] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   43.518427][ T4072] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   43.537187][ T4072] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   43.564815][ T4170] xt_hashlimit: size too large, truncated to 1048576
[   43.672192][ T4072] 8021q: adding VLAN 0 to HW filter on device bond0
[   43.702266][ T4072] 8021q: adding VLAN 0 to HW filter on device team0
[   43.725342][   T61] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.732437][   T61] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.805532][   T57] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.812655][   T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.996323][ T4212] FAULT_INJECTION: forcing a failure.
[   43.996323][ T4212] name failslab, interval 1, probability 0, space 0, times 0
[   44.009032][ T4212] CPU: 1 UID: 0 PID: 4212 Comm: syz.1.219 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   44.009140][ T4212] Tainted: [W]=WARN
[   44.009199][ T4212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   44.009211][ T4212] Call Trace:
[   44.009216][ T4212]  <TASK>
[   44.009222][ T4212]  __dump_stack+0x1d/0x30
[   44.009249][ T4212]  dump_stack_lvl+0xe8/0x140
[   44.009313][ T4212]  dump_stack+0x15/0x1b
[   44.009329][ T4212]  should_fail_ex+0x265/0x280
[   44.009346][ T4212]  should_failslab+0x8c/0xb0
[   44.009370][ T4212]  __kmalloc_noprof+0xa5/0x570
[   44.009453][ T4212]  ? fib6_info_alloc+0x2e/0x90
[   44.009479][ T4212]  fib6_info_alloc+0x2e/0x90
[   44.009503][ T4212]  ip6_route_info_create+0xe7/0x390
[   44.009543][ T4212]  addrconf_f6i_alloc+0x158/0x280
[   44.009579][ T4212]  ipv6_add_addr+0x3b2/0x830
[   44.009599][ T4212]  inet6_addr_add+0x26e/0x6a0
[   44.009764][ T4212]  ? selinux_capable+0x31/0x40
[   44.009786][ T4212]  ? should_fail_ex+0xdb/0x280
[   44.009867][ T4212]  addrconf_add_ifaddr+0x1ab/0x270
[   44.009895][ T4212]  inet6_ioctl+0xb0/0x190
[   44.009920][ T4212]  ? ioctl_has_perm+0x257/0x2a0
[   44.009982][ T4212]  sock_do_ioctl+0x73/0x220
[   44.010004][ T4212]  sock_ioctl+0x41b/0x610
[   44.010027][ T4212]  ? __pfx_sock_ioctl+0x10/0x10
[   44.010046][ T4212]  __se_sys_ioctl+0xce/0x140
[   44.010142][ T4212]  __x64_sys_ioctl+0x43/0x50
[   44.010201][ T4212]  x64_sys_call+0x1816/0x3000
[   44.010223][ T4212]  do_syscall_64+0xd2/0x200
[   44.010248][ T4212]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   44.010273][ T4212]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   44.010352][ T4212]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.010372][ T4212] RIP: 0033:0x7f03b67aefc9
[   44.010388][ T4212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.010405][ T4212] RSP: 002b:00007f03b5217038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   44.010425][ T4212] RAX: ffffffffffffffda RBX: 00007f03b6a05fa0 RCX: 00007f03b67aefc9
[   44.010435][ T4212] RDX: 0000200000000000 RSI: 0000000000008916 RDI: 0000000000000003
[   44.010497][ T4212] RBP: 00007f03b5217090 R08: 0000000000000000 R09: 0000000000000000
[   44.010519][ T4212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   44.010531][ T4212] R13: 00007f03b6a06038 R14: 00007f03b6a05fa0 R15: 00007ffcbaa67588
[   44.010546][ T4212]  </TASK>
[   44.262528][ T4072] 8021q: adding VLAN 0 to HW filter on device batadv0
[   44.326271][ T4227] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   44.388801][ T4229] FAULT_INJECTION: forcing a failure.
[   44.388801][ T4229] name failslab, interval 1, probability 0, space 0, times 0
[   44.401514][ T4229] CPU: 1 UID: 0 PID: 4229 Comm: syz.4.224 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   44.401543][ T4229] Tainted: [W]=WARN
[   44.401549][ T4229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   44.401559][ T4229] Call Trace:
[   44.401565][ T4229]  <TASK>
[   44.401650][ T4229]  __dump_stack+0x1d/0x30
[   44.401671][ T4229]  dump_stack_lvl+0xe8/0x140
[   44.401687][ T4229]  dump_stack+0x15/0x1b
[   44.401702][ T4229]  should_fail_ex+0x265/0x280
[   44.401798][ T4229]  should_failslab+0x8c/0xb0
[   44.401823][ T4229]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[   44.401909][ T4229]  ? sidtab_sid2str_get+0xa0/0x130
[   44.401935][ T4229]  kmemdup_noprof+0x2b/0x70
[   44.401956][ T4229]  sidtab_sid2str_get+0xa0/0x130
[   44.401981][ T4229]  security_sid_to_context_core+0x1eb/0x2e0
[   44.402081][ T4229]  security_sid_to_context+0x27/0x40
[   44.402104][ T4229]  selinux_lsmprop_to_secctx+0x67/0xf0
[   44.402188][ T4229]  security_lsmprop_to_secctx+0x1a3/0x1c0
[   44.402215][ T4229]  audit_log_subj_ctx+0xa4/0x3e0
[   44.402232][ T4229]  ? skb_put+0xa9/0xf0
[   44.402256][ T4229]  audit_log_task_context+0x48/0x70
[   44.402316][ T4229]  audit_log_task+0xf4/0x250
[   44.402343][ T4229]  ? kstrtouint+0x76/0xc0
[   44.402368][ T4229]  audit_seccomp+0x61/0x100
[   44.402429][ T4229]  ? __seccomp_filter+0x82d/0x1250
[   44.402455][ T4229]  __seccomp_filter+0x83e/0x1250
[   44.402561][ T4229]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   44.402585][ T4229]  ? vfs_write+0x7e8/0x960
[   44.402688][ T4229]  __secure_computing+0x82/0x150
[   44.402710][ T4229]  syscall_trace_enter+0xcf/0x1e0
[   44.402733][ T4229]  do_syscall_64+0xac/0x200
[   44.402750][ T4229]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   44.402836][ T4229]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   44.402870][ T4229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.402889][ T4229] RIP: 0033:0x7f399834efc9
[   44.402902][ T4229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.402920][ T4229] RSP: 002b:00007f3996daf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[   44.402978][ T4229] RAX: ffffffffffffffda RBX: 00007f39985a5fa0 RCX: 00007f399834efc9
[   44.402989][ T4229] RDX: 0000000000000001 RSI: 0000200000000140 RDI: 0000000000000000
[   44.403000][ T4229] RBP: 00007f3996daf090 R08: 0000000000000009 R09: 0000000000000000
[   44.403010][ T4229] R10: 0000200000001140 R11: 0000000000000246 R12: 0000000000000001
[   44.403020][ T4229] R13: 00007f39985a6038 R14: 00007f39985a5fa0 R15: 00007fff7f662348
[   44.403036][ T4229]  </TASK>
[   44.552698][ T4072] veth0_vlan: entered promiscuous mode
[   44.674329][ T4072] veth1_vlan: entered promiscuous mode
[   44.720378][ T4072] veth0_macvtap: entered promiscuous mode
[   44.739222][ T4266] hub 9-0:1.0: USB hub found
[   44.747614][ T4072] veth1_macvtap: entered promiscuous mode
[   44.755428][ T4266] hub 9-0:1.0: 8 ports detected
[   44.781318][ T4072] batman_adv: batadv0: Interface activated: batadv_slave_0
[   44.812230][ T4072] batman_adv: batadv0: Interface activated: batadv_slave_1
[   44.841664][   T57] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   44.864914][   T52] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   44.890427][   T52] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   44.907884][   T52] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   44.917623][   T52] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   44.931298][   T57] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.004422][   T57] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.053361][ T4284] veth0: entered promiscuous mode
[   45.066729][ T4284] __nla_validate_parse: 8 callbacks suppressed
[   45.066743][ T4284] netlink: 4 bytes leftover after parsing attributes in process `syz.3.233'.
[   45.087781][ T4284] veth0 (unregistering): left promiscuous mode
[   45.097800][ T4242] chnl_net:caif_netlink_parms(): no params data found
[   45.125059][   T57] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.220204][ T4242] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.224048][ T4306] Invalid ELF header magic: != ELF
[   45.227262][ T4242] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.248963][ T4242] bridge_slave_0: entered allmulticast mode
[   45.256092][ T4242] bridge_slave_0: entered promiscuous mode
[   45.264409][ T4242] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.271561][ T4242] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.278986][ T4242] bridge_slave_1: entered allmulticast mode
[   45.285539][ T4242] bridge_slave_1: entered promiscuous mode
[   45.423645][ T4242] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.448876][ T4242] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.116625][   T29] kauditd_printk_skb: 241 callbacks suppressed
[   46.116639][   T29] audit: type=1326 audit(1761639539.877:3959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4344 comm="syz.4.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f399834efc9 code=0x7ffc0000
[   46.203877][   T29] audit: type=1326 audit(1761639539.907:3960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4344 comm="syz.4.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f399834efc9 code=0x7ffc0000
[   46.227232][   T29] audit: type=1326 audit(1761639539.907:3961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4344 comm="syz.4.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f399834efc9 code=0x7ffc0000
[   46.270144][ T4366] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64
[   46.277886][ T4366] audit: out of memory in audit_log_start
[   46.318395][   T29] audit: type=1326 audit(1761639540.037:3962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4364 comm="syz.4.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f399834efc9 code=0x7ffc0000
[   46.341821][   T29] audit: type=1326 audit(1761639540.037:3963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4364 comm="syz.4.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f399834efc9 code=0x7ffc0000
[   46.365198][   T29] audit: type=1326 audit(1761639540.037:3964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4364 comm="syz.4.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f399834efc9 code=0x7ffc0000
[   46.388632][   T29] audit: type=1326 audit(1761639540.037:3965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4364 comm="syz.4.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f399834efc9 code=0x7ffc0000
[   46.411986][   T29] audit: type=1326 audit(1761639540.037:3966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4364 comm="syz.4.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f399834d810 code=0x7ffc0000
[   46.499697][ T4367] : renamed from veth0_to_bond (while UP)
[   46.535205][   T57] bridge_slave_1: left allmulticast mode
[   46.540973][   T57] bridge_slave_1: left promiscuous mode
[   46.546664][   T57] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.564225][   T57] bridge_slave_0: left allmulticast mode
[   46.569928][   T57] bridge_slave_0: left promiscuous mode
[   46.575610][   T57] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.660734][ T4386] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4386 comm=syz.4.258
[   46.674426][ T4386] netlink: 52 bytes leftover after parsing attributes in process `syz.4.258'.
[   46.683409][ T4386] netlink: 52 bytes leftover after parsing attributes in process `syz.4.258'.
[   46.692318][ T4386] netlink: 52 bytes leftover after parsing attributes in process `syz.4.258'.
[   46.703585][   T57] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   46.712241][ T4386] netlink: 52 bytes leftover after parsing attributes in process `syz.4.258'.
[   46.721224][ T4386] netlink: 52 bytes leftover after parsing attributes in process `syz.4.258'.
[   46.730157][ T4386] netlink: 52 bytes leftover after parsing attributes in process `syz.4.258'.
[   46.739896][   T57] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   46.749797][   T57] bond0 (unregistering): Released all slaves
[   46.754237][ T4386] netlink: 52 bytes leftover after parsing attributes in process `syz.4.258'.
[   46.764660][ T4386] netlink: 52 bytes leftover after parsing attributes in process `syz.4.258'.
[   46.773541][ T4386] netlink: 52 bytes leftover after parsing attributes in process `syz.4.258'.
[   46.787557][ T4242] team0: Port device team_slave_0 added
[   46.794541][ T4242] team0: Port device team_slave_1 added
[   46.832157][   T52] Bluetooth: hci0: Frame reassembly failed (-90)
[   46.866879][ T4242] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.873919][ T4242] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   46.899998][ T4242] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.912423][ T4242] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.919421][ T4242] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   46.945420][ T4242] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.981625][ T4403] loop5: detected capacity change from 0 to 164
[   46.996787][   T57] hsr_slave_0: left promiscuous mode
[   47.008309][   T57] hsr_slave_1: left promiscuous mode
[   47.020656][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   47.028065][   T57] batman_adv: batadv0: Removing interface: batadv_slave_0
[   47.045551][ T4404] loop4: detected capacity change from 0 to 1024
[   47.076956][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   47.081129][ T4404] ext3: Unknown parameter 'dont_appraise'
[   47.084405][   T57] batman_adv: batadv0: Removing interface: batadv_slave_1
[   47.129830][   T57] veth1_macvtap: left promiscuous mode
[   47.129851][   T57] veth0_macvtap: left promiscuous mode
[   47.129887][   T57] veth1_vlan: left promiscuous mode
[   47.129996][   T57] veth0_vlan: left promiscuous mode
[   47.170751][ T4407] netlink: 'syz.5.268': attribute type 6 has an invalid length.
[   47.221758][ T4408] netlink: 'syz.5.268': attribute type 6 has an invalid length.
[   47.236604][   T57] team0 (unregistering): Port device team_slave_1 removed
[   47.253363][   T57] team0 (unregistering): Port device team_slave_0 removed
[   47.292297][ T4409] tipc: Started in network mode
[   47.292383][ T4409] tipc: Node identity ac14140f, cluster identity 4711
[   47.292450][ T4409] tipc: New replicast peer: 255.255.255.83
[   47.292545][ T4409] tipc: Enabled bearer <udp:£ >, priority 10
[   47.339971][ T4242] hsr_slave_0: entered promiscuous mode
[   47.340549][ T4242] hsr_slave_1: entered promiscuous mode
[   47.340816][ T4242] debugfs: 'hsr0' already exists in 'hsr'
[   47.340829][ T4242] Cannot create hsr debugfs directory
[   47.472101][ T4242] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   47.475890][ T4242] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   47.484973][ T4242] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   47.487250][ T4242] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   47.581846][ T4242] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.590575][ T4242] 8021q: adding VLAN 0 to HW filter on device team0
[   47.612742][   T57] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.612776][   T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.614055][   T57] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.614132][   T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.636922][ T4242] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   47.636995][ T4242] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   47.704971][ T4242] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.878639][ T4242] veth0_vlan: entered promiscuous mode
[   47.882481][ T4242] veth1_vlan: entered promiscuous mode
[   47.920775][ T4242] veth0_macvtap: entered promiscuous mode
[   47.932458][ T4242] veth1_macvtap: entered promiscuous mode
[   47.943080][ T4242] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.963702][ T4242] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.979517][   T31] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.005235][   T31] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.048028][   T31] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.072155][ T4483] FAULT_INJECTION: forcing a failure.
[   48.072155][ T4483] name failslab, interval 1, probability 0, space 0, times 0
[   48.084817][ T4483] CPU: 0 UID: 0 PID: 4483 Comm: syz.5.271 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   48.084911][ T4483] Tainted: [W]=WARN
[   48.084952][ T4483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   48.084961][ T4483] Call Trace:
[   48.084966][ T4483]  <TASK>
[   48.084972][ T4483]  __dump_stack+0x1d/0x30
[   48.084992][ T4483]  dump_stack_lvl+0xe8/0x140
[   48.085010][ T4483]  dump_stack+0x15/0x1b
[   48.085025][ T4483]  should_fail_ex+0x265/0x280
[   48.085022][   T31] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.085044][ T4483]  should_failslab+0x8c/0xb0
[   48.085082][ T4483]  __kmalloc_noprof+0xa5/0x570
[   48.085196][ T4483]  ? parse_usbdevfs_streams+0x11c/0x610
[   48.085248][ T4483]  parse_usbdevfs_streams+0x11c/0x610
[   48.085278][ T4483]  ? ioctl_has_perm+0x257/0x2a0
[   48.085307][ T4483]  proc_alloc_streams+0x6b/0x110
[   48.085368][ T4483]  usbdev_ioctl+0xc68/0x1700
[   48.085391][ T4483]  ? __pfx_usbdev_ioctl+0x10/0x10
[   48.085413][ T4483]  __se_sys_ioctl+0xce/0x140
[   48.085448][ T4483]  __x64_sys_ioctl+0x43/0x50
[   48.085464][ T4483]  x64_sys_call+0x1816/0x3000
[   48.085529][ T4483]  do_syscall_64+0xd2/0x200
[   48.085547][ T4483]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   48.085572][ T4483]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   48.085599][ T4483]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.085687][ T4483] RIP: 0033:0x7f2364b3efc9
[   48.085701][ T4483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.085716][ T4483] RSP: 002b:00007f23635a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   48.085734][ T4483] RAX: ffffffffffffffda RBX: 00007f2364d95fa0 RCX: 00007f2364b3efc9
[   48.085746][ T4483] RDX: 0000200000000040 RSI: 000000008008551c RDI: 0000000000000005
[   48.085758][ T4483] RBP: 00007f23635a7090 R08: 0000000000000000 R09: 0000000000000000
[   48.085796][ T4483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.085807][ T4483] R13: 00007f2364d96038 R14: 00007f2364d95fa0 R15: 00007ffd765a7148
[   48.085824][ T4483]  </TASK>
[   48.171352][ T4492] loop6: detected capacity change from 0 to 164
[   48.268030][ T4490] usb usb8: usbfs: process 4490 (syz.5.274) did not claim interface 0 before use
[   48.312127][ T2967] tipc: Node number set to 2886997007
[   48.383404][ T4503] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4503 comm=syz.5.276
[   48.490330][ T4522] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   48.678197][ T4542] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4542 comm=syz.4.290
[   48.909436][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[   48.939341][ T3534] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   49.504297][ T4565] loop4: detected capacity change from 0 to 1024
[   49.511330][ T4565] EXT4-fs (loop4): filesystem is read-only
[   49.518580][ T4565] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[   49.528348][ T4565] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   49.538869][ T4565] EXT4-fs error (device loop4): ext4_get_journal_inode:5808: comm syz.4.296: inode #1: comm syz.4.296: iget: illegal inode #
[   49.555255][ T4565] EXT4-fs (loop4): no journal found
[   49.560506][ T4565] EXT4-fs (loop4): can't get journal size
[   49.567149][ T4563] loop1: detected capacity change from 0 to 2048
[   49.586616][ T4565] EXT4-fs (loop4): failed to initialize system zone (-22)
[   49.600906][ T4565] EXT4-fs (loop4): mount failed
[   49.633354][ T3543] Alternate GPT is invalid, using primary GPT.
[   49.639730][ T3543]  loop1: p1 p2 p3
[   49.643506][ T3543] loop1: partition table partially beyond EOD, truncated
[   49.682223][ T4563] Alternate GPT is invalid, using primary GPT.
[   49.688163][ T4585] FAULT_INJECTION: forcing a failure.
[   49.688163][ T4585] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   49.688503][ T4563]  loop1: p1 p2 p3
[   49.701509][ T4585] CPU: 1 UID: 0 PID: 4585 Comm: syz.5.303 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   49.701539][ T4585] Tainted: [W]=WARN
[   49.701544][ T4585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   49.701563][ T4585] Call Trace:
[   49.701568][ T4585]  <TASK>
[   49.701575][ T4585]  __dump_stack+0x1d/0x30
[   49.701597][ T4585]  dump_stack_lvl+0xe8/0x140
[   49.701616][ T4585]  dump_stack+0x15/0x1b
[   49.701678][ T4585]  should_fail_ex+0x265/0x280
[   49.701697][ T4585]  should_fail+0xb/0x20
[   49.701712][ T4585]  should_fail_usercopy+0x1a/0x20
[   49.701731][ T4585]  _copy_from_user+0x1c/0xb0
[   49.701789][ T4585]  __sys_bpf+0x183/0x7c0
[   49.701819][ T4585]  __x64_sys_bpf+0x41/0x50
[   49.701846][ T4585]  x64_sys_call+0x2aee/0x3000
[   49.701939][ T4585]  do_syscall_64+0xd2/0x200
[   49.701956][ T4585]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   49.702033][ T4585]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   49.702060][ T4585]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.702080][ T4585] RIP: 0033:0x7f2364b3efc9
[   49.702094][ T4585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.702121][ T4585] RSP: 002b:00007f23635a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   49.702139][ T4585] RAX: ffffffffffffffda RBX: 00007f2364d95fa0 RCX: 00007f2364b3efc9
[   49.702151][ T4585] RDX: 0000000000000020 RSI: 0000200000000ec0 RDI: 0000000000000002
[   49.702163][ T4585] RBP: 00007f23635a7090 R08: 0000000000000000 R09: 0000000000000000
[   49.702174][ T4585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.702185][ T4585] R13: 00007f2364d96038 R14: 00007f2364d95fa0 R15: 00007ffd765a7148
[   49.702203][ T4585]  </TASK>
[   49.873088][ T4594] netlink: 'syz.3.306': attribute type 6 has an invalid length.
[   49.876612][ T4563] loop1: partition table partially beyond EOD, truncated
[   49.909601][ T4594] netlink: 'syz.3.306': attribute type 6 has an invalid length.
[   50.046752][ T3547] udevd[3547]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   50.046987][ T3302] udevd[3302]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   50.068022][ T3303] udevd[3303]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   50.121834][ T3543] udevd[3543]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   50.160479][ T3545] udevd[3545]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   50.190112][ T3303] udevd[3303]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   50.364723][ T4603] tipc: Started in network mode
[   50.369637][ T4603] tipc: Node identity 4, cluster identity 4711
[   50.375840][ T4603] tipc: Node number set to 4
[   50.418687][ T4630] loop4: detected capacity change from 0 to 1024
[   50.425978][ T4630] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   50.473423][ T4630] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.318: Invalid block bitmap block 0 in block_group 0
[   50.488134][ T4630] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.318: Failed to acquire dquot type 0
[   50.499957][ T4630] EXT4-fs error (device loop4): ext4_free_blocks:6706: comm syz.4.318: Freeing blocks not in datazone - block = 0, count = 4096
[   50.516657][ T4630] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.318: Invalid inode bitmap blk 0 in block_group 0
[   50.529507][   T61] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:5: Failed to release dquot type 0
[   50.541322][ T4630] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[   50.542090][ T4630] EXT4-fs (loop4): 1 orphan inode deleted
[   50.548911][ T4630] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.581432][ T4630] syz.4.318 (4630) used greatest stack depth: 9232 bytes left
[   50.583074][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.623958][ T4642] netlink: 'syz.6.319': attribute type 6 has an invalid length.
[   50.624206][ T4642] netlink: 'syz.6.319': attribute type 6 has an invalid length.
[   50.658948][ T4645] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4645 comm=syz.1.322
[   50.677893][ T4645] loop1: detected capacity change from 0 to 512
[   50.705939][ T4645] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.322: error while reading EA inode 32 err=-116
[   50.712635][ T4645] EXT4-fs (loop1): Remounting filesystem read-only
[   50.770342][ T4645] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   50.770389][ T4645] EXT4-fs (loop1): 1 orphan inode deleted
[   50.770851][ T4645] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.799241][ T4645] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.843008][ T4659] macvtap0: refused to change device tx_queue_len
[   50.849899][ T4639] netlink: 'syz.1.322': attribute type 4 has an invalid length.
[   50.886022][ T4662] FAULT_INJECTION: forcing a failure.
[   50.886022][ T4662] name failslab, interval 1, probability 0, space 0, times 0
[   50.886047][ T4662] CPU: 0 UID: 0 PID: 4662 Comm: syz.5.331 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   50.886097][ T4662] Tainted: [W]=WARN
[   50.886158][ T4662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   50.886169][ T4662] Call Trace:
[   50.886176][ T4662]  <TASK>
[   50.886183][ T4662]  __dump_stack+0x1d/0x30
[   50.886200][ T4662]  dump_stack_lvl+0xe8/0x140
[   50.886216][ T4662]  dump_stack+0x15/0x1b
[   50.886274][ T4662]  should_fail_ex+0x265/0x280
[   50.886290][ T4662]  should_failslab+0x8c/0xb0
[   50.886315][ T4662]  kmem_cache_alloc_noprof+0x50/0x480
[   50.886387][ T4662]  ? getname_flags+0x80/0x3b0
[   50.886416][ T4662]  getname_flags+0x80/0x3b0
[   50.886516][ T4662]  __se_sys_acct+0x6a/0x530
[   50.886534][ T4662]  ? __secure_computing+0x82/0x150
[   50.886561][ T4662]  __x64_sys_acct+0x1f/0x30
[   50.886587][ T4662]  x64_sys_call+0x2f3a/0x3000
[   50.886622][ T4662]  do_syscall_64+0xd2/0x200
[   50.886637][ T4662]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   50.886727][ T4662]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   50.886763][ T4662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.886783][ T4662] RIP: 0033:0x7f2364b3efc9
[   50.886797][ T4662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.886813][ T4662] RSP: 002b:00007f23635a7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3
[   50.886895][ T4662] RAX: ffffffffffffffda RBX: 00007f2364d95fa0 RCX: 00007f2364b3efc9
[   50.886906][ T4662] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000140
[   50.886919][ T4662] RBP: 00007f23635a7090 R08: 0000000000000000 R09: 0000000000000000
[   50.886931][ T4662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   50.886943][ T4662] R13: 00007f2364d96038 R14: 00007f2364d95fa0 R15: 00007ffd765a7148
[   50.887010][ T4662]  </TASK>
[   50.938293][ T4667] netlink: 'syz.1.333': attribute type 5 has an invalid length.
[   51.174592][   T29] kauditd_printk_skb: 433 callbacks suppressed
[   51.174606][   T29] audit: type=1107 audit(1761639544.937:4397): pid=4688 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[   51.258126][ T4691] __nla_validate_parse: 23 callbacks suppressed
[   51.258141][ T4691] netlink: 32 bytes leftover after parsing attributes in process `syz.3.342'.
[   51.308072][   T29] audit: type=1400 audit(1761639545.067:4398): avc:  denied  { execute } for  pid=4680 comm="syz.1.340" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=9765 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[   51.366978][   T29] audit: type=1400 audit(1761639545.127:4399): avc:  denied  { read } for  pid=4694 comm="syz.6.345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   51.402986][ T4697] FAULT_INJECTION: forcing a failure.
[   51.402986][ T4697] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   51.416190][ T4697] CPU: 0 UID: 0 PID: 4697 Comm: syz.5.346 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   51.416224][ T4697] Tainted: [W]=WARN
[   51.416229][ T4697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   51.416313][ T4697] Call Trace:
[   51.416318][ T4697]  <TASK>
[   51.416326][ T4697]  __dump_stack+0x1d/0x30
[   51.416349][ T4697]  dump_stack_lvl+0xe8/0x140
[   51.416368][ T4697]  dump_stack+0x15/0x1b
[   51.416382][ T4697]  should_fail_ex+0x265/0x280
[   51.416403][ T4697]  should_fail+0xb/0x20
[   51.416455][ T4697]  should_fail_usercopy+0x1a/0x20
[   51.416476][ T4697]  _copy_from_user+0x1c/0xb0
[   51.416499][ T4697]  ___sys_recvmsg+0xaa/0x370
[   51.416518][ T4697]  ? 0xffffffff81000000
[   51.416530][ T4697]  ? __rcu_read_unlock+0x4f/0x70
[   51.416603][ T4697]  __x64_sys_recvmsg+0xd1/0x160
[   51.416625][ T4697]  x64_sys_call+0x2b46/0x3000
[   51.416654][ T4697]  do_syscall_64+0xd2/0x200
[   51.416670][ T4697]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   51.416699][ T4697]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   51.416805][ T4697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.416826][ T4697] RIP: 0033:0x7f2364b3efc9
[   51.416840][ T4697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.416857][ T4697] RSP: 002b:00007f23635a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[   51.416927][ T4697] RAX: ffffffffffffffda RBX: 00007f2364d95fa0 RCX: 00007f2364b3efc9
[   51.416938][ T4697] RDX: 0000000000001f00 RSI: 0000200000000500 RDI: 0000000000000003
[   51.416948][ T4697] RBP: 00007f23635a7090 R08: 0000000000000000 R09: 0000000000000000
[   51.416958][ T4697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.416968][ T4697] R13: 00007f2364d96038 R14: 00007f2364d95fa0 R15: 00007ffd765a7148
[   51.417042][ T4697]  </TASK>
[   51.709481][   T29] audit: type=1400 audit(1761639545.367:4400): avc:  denied  { getopt } for  pid=4694 comm="syz.6.345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   51.807961][   T29] audit: type=1326 audit(1761639545.567:4401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4708 comm="syz.1.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b67aefc9 code=0x7ffc0000
[   51.831382][   T29] audit: type=1326 audit(1761639545.567:4402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4708 comm="syz.1.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f03b67aefc9 code=0x7ffc0000
[   51.854712][   T29] audit: type=1326 audit(1761639545.567:4403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4708 comm="syz.1.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b67aefc9 code=0x7ffc0000
[   51.878035][   T29] audit: type=1326 audit(1761639545.567:4404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4708 comm="syz.1.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=450 compat=0 ip=0x7f03b67aefc9 code=0x7ffc0000
[   51.901379][   T29] audit: type=1326 audit(1761639545.567:4405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4708 comm="syz.1.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03b67aefc9 code=0x7ffc0000
[   52.005846][   T29] audit: type=1326 audit(1761639545.767:4406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4721 comm="syz.3.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb50d8befc9 code=0x7ffc0000
[   52.077116][ T4726] can: request_module (can-proto-0) failed.
[   52.209442][ T4730] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4730 comm=syz.1.354
[   52.237918][ T4730] netlink: 52 bytes leftover after parsing attributes in process `syz.1.354'.
[   52.246856][ T4730] netlink: 52 bytes leftover after parsing attributes in process `syz.1.354'.
[   52.255755][ T4730] netlink: 52 bytes leftover after parsing attributes in process `syz.1.354'.
[   52.288742][ T4730] netlink: 52 bytes leftover after parsing attributes in process `syz.1.354'.
[   52.297660][ T4730] netlink: 52 bytes leftover after parsing attributes in process `syz.1.354'.
[   52.306580][ T4730] netlink: 52 bytes leftover after parsing attributes in process `syz.1.354'.
[   52.349806][ T4742] netlink: 4 bytes leftover after parsing attributes in process `syz.3.360'.
[   52.356499][ T4746] netlink: 24 bytes leftover after parsing attributes in process `syz.6.359'.
[   52.380316][ T4748] netlink: 'syz.5.356': attribute type 6 has an invalid length.
[   52.380578][ T4748] tipc: Enabling of bearer <udp:£ > rejected, already enabled
[   52.457102][ T4730] netlink: 52 bytes leftover after parsing attributes in process `syz.1.354'.
[   53.233014][ T4768] loop1: detected capacity change from 0 to 512
[   53.233555][ T4768] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[   53.271905][ T4768] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.365: bg 0: block 104: invalid block bitmap
[   53.298261][ T4774] loop6: detected capacity change from 0 to 512
[   53.300064][ T4768] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem
[   53.300187][ T4768] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.365: invalid indirect mapped block 1 (level 1)
[   53.300434][ T4768] EXT4-fs (loop1): 1 truncate cleaned up
[   53.312980][ T4768] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.365285][ T4774] EXT4-fs (loop6): revision level too high, forcing read-only mode
[   53.365437][ T4774] EXT4-fs (loop6): orphan cleanup on readonly fs
[   53.373497][ T4774] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.368: corrupted inode contents
[   53.373892][ T4774] EXT4-fs (loop6): Remounting filesystem read-only
[   53.374028][ T4774] EXT4-fs (loop6): 1 truncate cleaned up
[   53.374451][ T1060] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   53.374472][ T1060] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   53.374498][ T1060] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[   53.375241][ T4774] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   53.388560][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.435326][ T4242] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.460538][ T4789] loop6: detected capacity change from 0 to 1024
[   53.461056][ T4789] EXT4-fs: Ignoring removed orlov option
[   53.461100][ T4789] EXT4-fs: Ignoring removed nomblk_io_submit option
[   53.483973][ T4789] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.485602][ T4789] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   53.490991][ T4795] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4795 comm=syz.1.374
[   53.660449][ T4242] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.668085][ T4810] FAULT_INJECTION: forcing a failure.
[   53.668085][ T4810] name failslab, interval 1, probability 0, space 0, times 0
[   53.683198][ T4810] CPU: 0 UID: 0 PID: 4810 Comm: syz.4.381 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   53.683225][ T4810] Tainted: [W]=WARN
[   53.683230][ T4810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   53.683240][ T4810] Call Trace:
[   53.683246][ T4810]  <TASK>
[   53.683253][ T4810]  __dump_stack+0x1d/0x30
[   53.683275][ T4810]  dump_stack_lvl+0xe8/0x140
[   53.683314][ T4810]  dump_stack+0x15/0x1b
[   53.683331][ T4810]  should_fail_ex+0x265/0x280
[   53.683348][ T4810]  should_failslab+0x8c/0xb0
[   53.683370][ T4810]  kmem_cache_alloc_noprof+0x50/0x480
[   53.683458][ T4810]  ? audit_log_start+0x342/0x720
[   53.683476][ T4810]  audit_log_start+0x342/0x720
[   53.683495][ T4810]  ? kstrtouint+0x76/0xc0
[   53.683524][ T4810]  audit_seccomp+0x48/0x100
[   53.683626][ T4810]  ? __seccomp_filter+0x82d/0x1250
[   53.683651][ T4810]  __seccomp_filter+0x83e/0x1250
[   53.683750][ T4810]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   53.683774][ T4810]  ? vfs_write+0x7e8/0x960
[   53.683853][ T4810]  __secure_computing+0x82/0x150
[   53.683874][ T4810]  syscall_trace_enter+0xcf/0x1e0
[   53.683947][ T4810]  do_syscall_64+0xac/0x200
[   53.684032][ T4810]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   53.684090][ T4810]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   53.684115][ T4810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.684135][ T4810] RIP: 0033:0x7f399834efc9
[   53.684151][ T4810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.684198][ T4810] RSP: 002b:00007f3996daf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bb
[   53.684214][ T4810] RAX: ffffffffffffffda RBX: 00007f39985a5fa0 RCX: 00007f399834efc9
[   53.684224][ T4810] RDX: 00000000000003ff RSI: 000000004ca841af RDI: ffffffffffffffff
[   53.684236][ T4810] RBP: 00007f3996daf090 R08: 0000000000000000 R09: 0000000000000000
[   53.684248][ T4810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.684260][ T4810] R13: 00007f39985a6038 R14: 00007f39985a5fa0 R15: 00007fff7f662348
[   53.684276][ T4810]  </TASK>
[   53.735328][ T4814] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   53.817049][ T4831] loop4: detected capacity change from 0 to 128
[   53.837383][ T4831] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   53.837549][ T4831] ext4 filesystem being mounted at /105/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   53.851595][ T4829] FAULT_INJECTION: forcing a failure.
[   53.851595][ T4829] name failslab, interval 1, probability 0, space 0, times 0
[   53.851675][ T4829] CPU: 0 UID: 0 PID: 4829 Comm: syz.6.385 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   53.851699][ T4829] Tainted: [W]=WARN
[   53.851704][ T4829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   53.851715][ T4829] Call Trace:
[   53.851793][ T4829]  <TASK>
[   53.851801][ T4829]  __dump_stack+0x1d/0x30
[   53.851877][ T4829]  dump_stack_lvl+0xe8/0x140
[   53.851896][ T4829]  dump_stack+0x15/0x1b
[   53.851912][ T4829]  should_fail_ex+0x265/0x280
[   53.851931][ T4829]  should_failslab+0x8c/0xb0
[   53.852019][ T4829]  kmem_cache_alloc_noprof+0x50/0x480
[   53.852042][ T4829]  ? audit_log_start+0x342/0x720
[   53.852063][ T4829]  audit_log_start+0x342/0x720
[   53.852087][ T4829]  ? kstrtouint+0x76/0xc0
[   53.852115][ T4829]  audit_seccomp+0x48/0x100
[   53.852153][ T4829]  ? __seccomp_filter+0x82d/0x1250
[   53.852179][ T4829]  __seccomp_filter+0x83e/0x1250
[   53.852269][ T4829]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   53.852292][ T4829]  ? vfs_write+0x7e8/0x960
[   53.852316][ T4829]  __secure_computing+0x82/0x150
[   53.852380][ T4829]  syscall_trace_enter+0xcf/0x1e0
[   53.852408][ T4829]  do_syscall_64+0xac/0x200
[   53.852426][ T4829]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   53.852450][ T4829]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   53.852523][ T4829]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.852562][ T4829] RIP: 0033:0x7fe70ea6efc9
[   53.852619][ T4829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.852634][ T4829] RSP: 002b:00007fe70d4d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000043
[   53.852650][ T4829] RAX: ffffffffffffffda RBX: 00007fe70ecc5fa0 RCX: 00007fe70ea6efc9
[   53.852661][ T4829] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   53.852670][ T4829] RBP: 00007fe70d4d7090 R08: 0000000000000000 R09: 0000000000000000
[   53.852760][ T4829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.852770][ T4829] R13: 00007fe70ecc6038 R14: 00007fe70ecc5fa0 R15: 00007fffc661fc68
[   53.852809][ T4829]  </TASK>
[   53.865070][ T4837] FAULT_INJECTION: forcing a failure.
[   53.865070][ T4837] name failslab, interval 1, probability 0, space 0, times 0
[   53.865124][ T4837] CPU: 0 UID: 0 PID: 4837 Comm: syz.1.387 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   53.865152][ T4837] Tainted: [W]=WARN
[   53.865158][ T4837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   53.865169][ T4837] Call Trace:
[   53.865176][ T4837]  <TASK>
[   53.865223][ T4837]  __dump_stack+0x1d/0x30
[   53.865241][ T4837]  dump_stack_lvl+0xe8/0x140
[   53.865258][ T4837]  dump_stack+0x15/0x1b
[   53.865271][ T4837]  should_fail_ex+0x265/0x280
[   53.865287][ T4837]  ? alloc_pipe_info+0xae/0x350
[   53.865340][ T4837]  should_failslab+0x8c/0xb0
[   53.865367][ T4837]  __kmalloc_cache_noprof+0x4c/0x4a0
[   53.865463][ T4837]  alloc_pipe_info+0xae/0x350
[   53.865487][ T4837]  splice_direct_to_actor+0x592/0x680
[   53.865517][ T4837]  ? kstrtouint_from_user+0x9f/0xf0
[   53.865666][ T4837]  ? __pfx_direct_splice_actor+0x10/0x10
[   53.865748][ T4837]  ? __rcu_read_unlock+0x4f/0x70
[   53.865827][ T4837]  ? get_pid_task+0x96/0xd0
[   53.865848][ T4837]  ? avc_policy_seqno+0x15/0x30
[   53.865941][ T4837]  ? selinux_file_permission+0x1e4/0x320
[   53.865968][ T4837]  do_splice_direct+0xda/0x150
[   53.865989][ T4837]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   53.866014][ T4837]  do_sendfile+0x380/0x650
[   53.866091][ T4837]  __x64_sys_sendfile64+0x105/0x150
[   53.866119][ T4837]  x64_sys_call+0x2bb4/0x3000
[   53.866139][ T4837]  do_syscall_64+0xd2/0x200
[   53.866163][ T4837]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   53.866184][ T4837]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   53.866256][ T4837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.866299][ T4837] RIP: 0033:0x7f03b67aefc9
[   53.866313][ T4837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.866335][ T4837] RSP: 002b:00007f03b5217038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   53.866394][ T4837] RAX: ffffffffffffffda RBX: 00007f03b6a05fa0 RCX: 00007f03b67aefc9
[   53.866406][ T4837] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004
[   53.866417][ T4837] RBP: 00007f03b5217090 R08: 0000000000000000 R09: 0000000000000000
[   53.866427][ T4837] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[   53.866437][ T4837] R13: 00007f03b6a06038 R14: 00007f03b6a05fa0 R15: 00007ffcbaa67588
[   53.866452][ T4837]  </TASK>
[   53.885351][ T3312] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   53.972314][ T4847] sd 0:0:1:0: device reset
[   53.979597][ T4847] loop4: detected capacity change from 0 to 512
[   53.979986][ T4847] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   53.982584][ T4847] EXT4-fs error (device loop4): ext4_init_orphan_info:618: comm syz.4.390: orphan file block 0: bad magic
[   53.982720][ T4847] EXT4-fs (loop4): Remounting filesystem read-only
[   53.982928][ T4847] EXT4-fs (loop4): mount failed
[   54.227553][ T4863] loop1: detected capacity change from 0 to 128
[   54.292186][ T4862] loop4: detected capacity change from 0 to 128
[   54.317152][ T4867] bio_check_eod: 3 callbacks suppressed
[   54.317168][ T4867] syz.1.393: attempt to access beyond end of device
[   54.317168][ T4867] loop1: rw=2049, sector=145, nr_sectors = 8 limit=128
[   54.317312][ T4867] syz.1.393: attempt to access beyond end of device
[   54.317312][ T4867] loop1: rw=2049, sector=161, nr_sectors = 16 limit=128
[   54.317375][ T4867] syz.1.393: attempt to access beyond end of device
[   54.317375][ T4867] loop1: rw=2049, sector=185, nr_sectors = 8 limit=128
[   54.317506][ T4867] syz.1.393: attempt to access beyond end of device
[   54.317506][ T4867] loop1: rw=2049, sector=201, nr_sectors = 8 limit=128
[   54.317596][ T4867] syz.1.393: attempt to access beyond end of device
[   54.317596][ T4867] loop1: rw=2049, sector=217, nr_sectors = 8 limit=128
[   54.317710][ T4867] syz.1.393: attempt to access beyond end of device
[   54.317710][ T4867] loop1: rw=2049, sector=233, nr_sectors = 8 limit=128
[   54.317769][ T4867] syz.1.393: attempt to access beyond end of device
[   54.317769][ T4867] loop1: rw=2049, sector=249, nr_sectors = 8 limit=128
[   54.317820][ T4867] syz.1.393: attempt to access beyond end of device
[   54.317820][ T4867] loop1: rw=2049, sector=265, nr_sectors = 8 limit=128
[   54.317949][ T4867] syz.1.393: attempt to access beyond end of device
[   54.317949][ T4867] loop1: rw=2049, sector=281, nr_sectors = 8 limit=128
[   54.318001][ T4867] syz.1.393: attempt to access beyond end of device
[   54.318001][ T4867] loop1: rw=2049, sector=297, nr_sectors = 8 limit=128
[   54.358791][ T4868] loop6: detected capacity change from 0 to 128
[   54.853794][ T4881] FAULT_INJECTION: forcing a failure.
[   54.853794][ T4881] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   55.269195][ T4881] CPU: 0 UID: 0 PID: 4881 Comm: syz.6.399 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   55.269223][ T4881] Tainted: [W]=WARN
[   55.269228][ T4881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   55.269306][ T4881] Call Trace:
[   55.269314][ T4881]  <TASK>
[   55.269322][ T4881]  __dump_stack+0x1d/0x30
[   55.269344][ T4881]  dump_stack_lvl+0xe8/0x140
[   55.269363][ T4881]  dump_stack+0x15/0x1b
[   55.269412][ T4881]  should_fail_ex+0x265/0x280
[   55.269429][ T4881]  should_fail+0xb/0x20
[   55.269445][ T4881]  should_fail_usercopy+0x1a/0x20
[   55.269464][ T4881]  copy_to_user_nofault+0x7f/0x120
[   55.269530][ T4881]  bpf_probe_write_user+0x83/0xc0
[   55.269553][ T4881]  bpf_prog_f26ae291ee3ebee3+0x41/0x49
[   55.269570][ T4881]  bpf_trace_run3+0x10f/0x1d0
[   55.269681][ T4881]  ? skb_free_head+0x87/0x150
[   55.269701][ T4881]  ? skb_free_head+0x87/0x150
[   55.269717][ T4881]  __traceiter_kmem_cache_free+0x38/0x60
[   55.269812][ T4881]  ? skb_free_head+0x87/0x150
[   55.269827][ T4881]  kmem_cache_free+0x329/0x3d0
[   55.269852][ T4881]  ? kstrtoull+0x111/0x140
[   55.269886][ T4881]  skb_free_head+0x87/0x150
[   55.269903][ T4881]  skb_release_data+0x33b/0x370
[   55.269931][ T4881]  ? kcm_release+0x19d/0x380
[   55.269956][ T4881]  __kfree_skb+0x44/0x150
[   55.270048][ T4881]  sk_skb_reason_drop+0xbd/0x270
[   55.270140][ T4881]  kcm_release+0x19d/0x380
[   55.270167][ T4881]  sock_close+0x6b/0x150
[   55.270193][ T4881]  ? __pfx_sock_close+0x10/0x10
[   55.270292][ T4881]  __fput+0x29b/0x650
[   55.270311][ T4881]  fput_close_sync+0x6e/0x120
[   55.270329][ T4881]  __x64_sys_close+0x56/0xf0
[   55.270349][ T4881]  x64_sys_call+0x273c/0x3000
[   55.270368][ T4881]  do_syscall_64+0xd2/0x200
[   55.270417][ T4881]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   55.270485][ T4881]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   55.270570][ T4881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.270589][ T4881] RIP: 0033:0x7fe70ea6efc9
[   55.270604][ T4881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.270713][ T4881] RSP: 002b:00007fe70d4d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[   55.270736][ T4881] RAX: ffffffffffffffda RBX: 00007fe70ecc5fa0 RCX: 00007fe70ea6efc9
[   55.270748][ T4881] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[   55.270759][ T4881] RBP: 00007fe70d4d7090 R08: 0000000000000000 R09: 0000000000000000
[   55.270770][ T4881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.270781][ T4881] R13: 00007fe70ecc6038 R14: 00007fe70ecc5fa0 R15: 00007fffc661fc68
[   55.270799][ T4881]  </TASK>
[   55.521588][ T4929] FAULT_INJECTION: forcing a failure.
[   55.521588][ T4929] name failslab, interval 1, probability 0, space 0, times 0
[   55.521614][ T4929] CPU: 1 UID: 0 PID: 4929 Comm: syz.4.410 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   55.521640][ T4929] Tainted: [W]=WARN
[   55.521647][ T4929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   55.521658][ T4929] Call Trace:
[   55.521664][ T4929]  <TASK>
[   55.521671][ T4929]  __dump_stack+0x1d/0x30
[   55.521691][ T4929]  dump_stack_lvl+0xe8/0x140
[   55.521710][ T4929]  dump_stack+0x15/0x1b
[   55.521727][ T4929]  should_fail_ex+0x265/0x280
[   55.521744][ T4929]  should_failslab+0x8c/0xb0
[   55.521769][ T4929]  kmem_cache_alloc_noprof+0x50/0x480
[   55.521794][ T4929]  ? vm_area_dup+0x33/0x2c0
[   55.521821][ T4929]  vm_area_dup+0x33/0x2c0
[   55.521847][ T4929]  __split_vma+0xe9/0x650
[   55.521867][ T4929]  ? obj_cgroup_charge_account+0x122/0x1a0
[   55.521886][ T4929]  vms_gather_munmap_vmas+0x17a/0x7b0
[   55.521910][ T4929]  ? mas_find+0x608/0x700
[   55.521927][ T4929]  mmap_region+0x52b/0x1620
[   55.521948][ T4929]  ? __rcu_read_unlock+0x4f/0x70
[   55.521971][ T4929]  ? mntput_no_expire+0x6f/0x440
[   55.522008][ T4929]  do_mmap+0x9b3/0xbe0
[   55.522028][ T4929]  vm_mmap_pgoff+0x17a/0x2e0
[   55.522054][ T4929]  ksys_mmap_pgoff+0x268/0x310
[   55.522069][ T4929]  x64_sys_call+0x14a3/0x3000
[   55.522089][ T4929]  do_syscall_64+0xd2/0x200
[   55.522106][ T4929]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   55.522130][ T4929]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   55.522157][ T4929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.522174][ T4929] RIP: 0033:0x7f399834efc9
[   55.522186][ T4929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.522198][ T4929] RSP: 002b:00007f3996daf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   55.522216][ T4929] RAX: ffffffffffffffda RBX: 00007f39985a5fa0 RCX: 00007f399834efc9
[   55.522228][ T4929] RDX: 0000000001000000 RSI: 0000000000001000 RDI: 0000200000ffe000
[   55.522240][ T4929] RBP: 00007f3996daf090 R08: 0000000000000006 R09: 0000000000000000
[   55.522251][ T4929] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001
[   55.522262][ T4929] R13: 00007f39985a6038 R14: 00007f39985a5fa0 R15: 00007fff7f662348
[   55.522279][ T4929]  </TASK>
[   55.652103][ T4936] sch_tbf: burst 6 is lower than device ip6gre0 mtu (1448) !
[   55.766567][ T4919] ==================================================================
[   55.766595][ T4919] BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping
[   55.766628][ T4919] 
[   55.766633][ T4919] write to 0xffffea0004d27b18 of 8 bytes by task 4923 on cpu 1:
[   55.766646][ T4919]  __filemap_remove_folio+0x1a5/0x2a0
[   55.766665][ T4919]  filemap_remove_folio+0x6d/0x1d0
[   55.766684][ T4919]  truncate_inode_folio+0x42/0x50
[   55.766701][ T4919]  shmem_undo_range+0x244/0xa80
[   55.766723][ T4919]  shmem_fallocate+0x799/0x840
[   55.766740][ T4919]  vfs_fallocate+0x3b6/0x400
[   55.766760][ T4919]  __x64_sys_fallocate+0x7a/0xd0
[   55.766780][ T4919]  x64_sys_call+0x2518/0x3000
[   55.766797][ T4919]  do_syscall_64+0xd2/0x200
[   55.766811][ T4919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.766828][ T4919] 
[   55.766832][ T4919] read to 0xffffea0004d27b18 of 8 bytes by task 4919 on cpu 0:
[   55.766845][ T4919]  folio_mapping+0xa1/0xe0
[   55.766869][ T4919]  move_folios_to_lru+0x128/0x6c0
[   55.766889][ T4919]  evict_folios+0x31d0/0x3590
[   55.766907][ T4919]  try_to_shrink_lruvec+0x5b5/0x950
[   55.766928][ T4919]  shrink_lruvec+0x22e/0x1b50
[   55.766943][ T4919]  shrink_node+0x686/0x2120
[   55.766962][ T4919]  do_try_to_free_pages+0x3f6/0xcd0
[   55.766978][ T4919]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[   55.766997][ T4919]  try_charge_memcg+0x383/0xa10
[   55.767015][ T4919]  obj_cgroup_charge_pages+0xa6/0x150
[   55.767029][ T4919]  __memcg_kmem_charge_page+0x9f/0x170
[   55.767044][ T4919]  __alloc_frozen_pages_noprof+0x188/0x360
[   55.767068][ T4919]  alloc_pages_mpol+0xb3/0x260
[   55.767083][ T4919]  alloc_pages_noprof+0x90/0x130
[   55.767098][ T4919]  __vmalloc_node_range_noprof+0x7a5/0xed0
[   55.767122][ T4919]  __kvmalloc_node_noprof+0x483/0x670
[   55.767150][ T4919]  ip_set_alloc+0x24/0x30
[   55.767171][ T4919]  hash_netiface_create+0x282/0x740
[   55.767193][ T4919]  ip_set_create+0x3cc/0x970
[   55.767206][ T4919]  nfnetlink_rcv_msg+0x4c6/0x590
[   55.767226][ T4919]  netlink_rcv_skb+0x123/0x220
[   55.767249][ T4919]  nfnetlink_rcv+0x167/0x16c0
[   55.767268][ T4919]  netlink_unicast+0x5c0/0x690
[   55.767287][ T4919]  netlink_sendmsg+0x58b/0x6b0
[   55.767301][ T4919]  __sock_sendmsg+0x145/0x180
[   55.767318][ T4919]  ____sys_sendmsg+0x31e/0x4e0
[   55.767339][ T4919]  ___sys_sendmsg+0x17b/0x1d0
[   55.767361][ T4919]  __x64_sys_sendmsg+0xd4/0x160
[   55.767382][ T4919]  x64_sys_call+0x191e/0x3000
[   55.767400][ T4919]  do_syscall_64+0xd2/0x200
[   55.767413][ T4919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.767429][ T4919] 
[   55.767432][ T4919] value changed: 0xffff88811d04aaa0 -> 0x0000000000000000
[   55.767441][ T4919] 
[   55.767444][ T4919] Reported by Kernel Concurrency Sanitizer on:
[   55.767456][ T4919] CPU: 0 UID: 0 PID: 4919 Comm: syz.1.408 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   55.767480][ T4919] Tainted: [W]=WARN
[   55.767486][ T4919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   55.767496][ T4919] ==================================================================
[   56.650093][ T4919] syz.1.408 (4919) used greatest stack depth: 5936 bytes left